ebr 16181 Posted July 11, 2023 Posted July 11, 2023 2 minutes ago, lukeoslavia said: You are allowing traffic on those ports from any IP address But only to a specific application... 1
Guest Posted July 11, 2023 Posted July 11, 2023 1 minute ago, ebr said: But only to a specific application... Hopefully in the future as he was mentioning, but not currently, or at least from what I have observed. Currently two rules with names: Port 8096 and Port 8920 are also made, they allow traffic on any ip on domain, private, and public networks. Its not restricted to one app, or even one ip address/nic.
softworkz 5066 Posted July 11, 2023 Posted July 11, 2023 Tried a fresh install in a Sandbox - all of us are right... Â Â It is creating both: Â Â and: Â Â
Guest Posted July 11, 2023 Posted July 11, 2023 1 minute ago, softworkz said: Tried a fresh install in a Sandbox - all of us are right... Â Â It is creating both: Â Â and: Â Â I should have taken a picture of this, but its what I was trying to explain, most likely in the worst way possible.
softworkz 5066 Posted July 11, 2023 Posted July 11, 2023 If I had to guess, I'd say the numeric port rules are for the case when Emby is run as a Windows service via nessus.exe and I suppose it seemed more appropriate to add rules for the ports instead of giving nessus.exe an 'Any' permission because nessus could also be used for other services. @Luke - How's my guess..?
plittlefield 56 Posted November 7, 2024 Posted November 7, 2024 I'm resurrecting this to ask if there is a way to set the network interface for Emby in Docker (binding to host network so same IP address as the host) to stop the Docker container from scanning all the (16!) network interfaces? Info NetworkManager: Detecting local network addresses Info NetworkManager: networkInterface: Ethernet eno1, Speed: 1000000000, Description: eno1 Info NetworkManager: GatewayAddresses: 192.168.0.1 Info NetworkManager: UnicastAddresses: 192.168.0.252,fe80::1a66:daff:fe36:3c29%2 Info NetworkManager: networkInterface: Ethernet docker0, Speed: -1, Description: docker0 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.17.0.1,fe80::42:b7ff:fe37:b0c2%6 Info NetworkManager: networkInterface: Ethernet br-8361f2cae812, Speed: -1, Description: br-8361f2cae812 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.21.0.1,fe80::42:8aff:fe29:ee5d%7 Info NetworkManager: networkInterface: Ethernet br-13a5bc0b0b56, Speed: -1, Description: br-13a5bc0b0b56 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.31.0.1,fe80::42:fdff:fe43:6c22%11 Info NetworkManager: networkInterface: Ethernet veth1cec658, Speed: 10000000000, Description: veth1cec658 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::7801:5bff:fe5d:5fc6%19 Info NetworkManager: networkInterface: Ethernet br-da6bb9f48a0a, Speed: -1, Description: br-da6bb9f48a0a Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.27.0.1,fe80::42:2aff:feab:f969%76 Info NetworkManager: networkInterface: Ethernet vethb489f05, Speed: 10000000000, Description: vethb489f05 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::e86b:15ff:fe35:9377%78 Info NetworkManager: networkInterface: Ethernet br-2e8a418fdbcc, Speed: -1, Description: br-2e8a418fdbcc Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.28.0.1,fe80::42:e7ff:feca:f8a3%79 Info NetworkManager: networkInterface: Ethernet veth60bc3a3, Speed: 10000000000, Description: veth60bc3a3 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::a8a9:d7ff:feae:2387%81 Info NetworkManager: networkInterface: Ethernet vetha629ce5, Speed: 10000000000, Description: vetha629ce5 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::2cc4:23ff:fe23:ef12%83 Info NetworkManager: networkInterface: Ethernet veth5fb5b09, Speed: 10000000000, Description: veth5fb5b09 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::d867:62ff:fe09:ca8b%85 Info NetworkManager: networkInterface: Ethernet br-7bf0af8bedda, Speed: -1, Description: br-7bf0af8bedda Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.29.0.1,fe80::42:99ff:fe28:94f2%86 Info NetworkManager: networkInterface: Ethernet veth6cf314c, Speed: 10000000000, Description: veth6cf314c Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::b8cc:b0ff:fece:f7f0%88 Info NetworkManager: networkInterface: Ethernet br-4441da58f574, Speed: -1, Description: br-4441da58f574 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 172.30.0.1,fe80::42:11ff:fe0c:a139%89 Info NetworkManager: networkInterface: Ethernet veth9754533, Speed: 10000000000, Description: veth9754533 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::605c:f0ff:feaf:68ad%91 Info NetworkManager: networkInterface: Ethernet br-18378e6e45ca, Speed: -1, Description: br-18378e6e45ca Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 192.168.16.1,fe80::42:41ff:fe54:efe2%102 Info NetworkManager: networkInterface: Ethernet veth84b8ecc, Speed: 10000000000, Description: veth84b8ecc Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::104b:96ff:fee7:a8cd%104 Info NetworkManager: networkInterface: Ethernet veth075be5d, Speed: 10000000000, Description: veth075be5d Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: fe80::b05f:deff:fe08:11a2%128 Info NetworkManager: networkInterface: Loopback lo, Speed: -1, Description: lo Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 127.0.0.1,::1 Info NetworkManager: networkInterface: Unknown tun0, Speed: -1, Description: tun0 Info NetworkManager: GatewayAddresses: Info NetworkManager: UnicastAddresses: 10.8.0.1,fe80::d26c:c26b:6873:af7e%3 Info NetworkManager: Detected local ip addresses: [{"IPAddress":"192.168.0.252","HasGateWayAddress":true,"PrefixLength":24,"IPv4Mask":"255.255.255.0"},{"IPAddress":"fe80::1a66:daff:fe36:3c29%2","HasGateWayAddress":true,"PrefixLength":64},{"IPAddress":"172.17.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.21.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.31.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.27.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.28.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.29.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"172.30.0.1","HasGateWayAddress":false,"PrefixLength":16,"IPv4Mask":"255.255.0.0"},{"IPAddress":"192.168.16.1","HasGateWayAddress":false,"PrefixLength":20,"IPv4Mask":"255.255.240.0"},{"IPAddress":"127.0.0.1","HasGateWayAddress":false,"PrefixLength":8,"IPv4Mask":"255.0.0.0"},{"IPAddress":"10.8.0.1","HasGateWayAddress":false,"PrefixLength":24,"IPv4Mask":"255.255.255.0"},{"IPAddress":"fe80::42:b7ff:fe37:b0c2%6","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:8aff:fe29:ee5d%7","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:fdff:fe43:6c22%11","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::7801:5bff:fe5d:5fc6%19","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:2aff:feab:f969%76","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::e86b:15ff:fe35:9377%78","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:e7ff:feca:f8a3%79","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::a8a9:d7ff:feae:2387%81","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::2cc4:23ff:fe23:ef12%83","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::d867:62ff:fe09:ca8b%85","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:99ff:fe28:94f2%86","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::b8cc:b0ff:fece:f7f0%88","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:11ff:fe0c:a139%89","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::605c:f0ff:feaf:68ad%91","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::42:41ff:fe54:efe2%102","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::104b:96ff:fee7:a8cd%104","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"fe80::b05f:deff:fe08:11a2%128","HasGateWayAddress":false,"PrefixLength":64},{"IPAddress":"::1","HasGateWayAddress":false,"PrefixLength":128},{"IPAddress":"fe80::d26c:c26b:6873:af7e%3","HasGateWayAddress":false,"PrefixLength":64}]  ... so I'm thinking we could add a environment variable to the Docker command via Compose ...  version: "2.3" services: emby: image: emby/embyserver container_name: embyserver network_mode: host environment: - TZ=Europe/London - UID=998 - GID=998 - NETWORK_INTERFACE=eno1 volumes: - /etc/localtime:/etc/localtime:ro - /var/lib/emby:/config - /home/paully/Emby:/home/paully/Emby - /mnt/ramdisk:/mnt/ramdisk restart: unless-stopped  Thanks, Paully Â
rbjtech 5284 Posted November 7, 2024 Posted November 7, 2024 (edited) Just set the IP in Emby - it will then just bind to that interface only.  Manage Emby Server > Server > Network 192.168.0.252 in your case. edit - ah sorry, just realised that you want to stop the detection - not just the binding. In that case - not sure you can without somehow isolating the NIC's from the OS when emby scans for them ... Edited November 7, 2024 by rbjtech edit - ah sorry, just realised that you want to stop the detection - not just the binding.
plittlefield 56 Posted November 7, 2024 Posted November 7, 2024 (edited) Yeah, it seems a bit odd that the start up process detects all the interfaces but I suppose it then confirms the setting here above with what it's found and locks it. It's not a deal breaker, I was just curious if the Emby team want to streamline the boot up process. Don't get me wrong, I am so chuffed that they offer an official Docker image, but there's always room for improvement ... ... as my wife keeps telling me Paully  Edited November 7, 2024 by plittlefield
Q-Droid 989 Posted November 7, 2024 Posted November 7, 2024 It doesn't. Emby binds on all local interfaces and what the "Local IP address" value does is define which one is advertised to apps. One thing you could try (I haven't) is specify the host IP you want to use in the Docker compose. I doubt this would stop the scanning though. https://docs.docker.com/engine/network/#published-ports For example: -p 192.168.1.100:8080:80 Map port 8080 on the Docker host IP 192.168.1.100 to TCP port 80 in the container.   1
rbjtech 5284 Posted November 7, 2024 Posted November 7, 2024 4 hours ago, Q-Droid said: It doesn't. Emby binds on all local interfaces and what the "Local IP address" value does is define which one is advertised to apps. One thing you could try (I haven't) is specify the host IP you want to use in the Docker compose. I doubt this would stop the scanning though. https://docs.docker.com/engine/network/#published-ports For example: -p 192.168.1.100:8080:80 Map port 8080 on the Docker host IP 192.168.1.100 to TCP port 80 in the container.   Ah ok - tks - mine is blocked on the f/w anyway which is probably why I haven't seen other vlan traffic from my emby-server.Â
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now