Icecast - Feb 2012 - Fw: Icecast doesn't bind to my external network interface?

-----Originalmeddelande----- 
Fr?n: "Per Gunnarsson" <per at 80-244-81-186.customer.t3.se> 
Till: per.gunnarsson at lappstockholm.se 
Datum: 2012-02-19 17:45 
?mne: Icecast doesn't bind to my external network interface? 

I can listen to my stream with 

 mplayer -cache 1024 http://localhost:8000/ices.mp3

but not 

mplayer -cache 1024 http://80.244.81.186:8000/ices.mp3 

This is my icecast.xml with passwords modified


<icecast>
 ? ?<limits>
 ? ? ? ?<clients>100</clients>
 ? ? ? ?<sources>2</sources>
 ? ? ? ?<threadpool>5</threadpool>
 ? ? ? ?<queue-size>524288</queue-size>
 ? ? ? ?<client-timeout>30</client-timeout>
 ? ? ? ?<header-timeout>15</header-timeout>
 ? ? ? ?<source-timeout>10</source-timeout>
 ? ? ? ?<!-- If enabled, this will provide a burst of data when a client 
 ? ? ? ? ? ? first connects, thereby significantly reducing the startup 
 ? ? ? ? ? ? time for listeners that do substantial buffering. However,
 ? ? ? ? ? ? it also significantly increases latency between the source
 ? ? ? ? ? ? client and listening client. ?For low-latency setups, you
 ? ? ? ? ? ? might want to disable this. -->
 ? ? ? ?<burst-on-connect>1</burst-on-connect>
 ? ? ? ?<!-- same as burst-on-connect, but this allows for being more
 ? ? ? ? ? ? specific on how much to burst. Most people won't need to
 ? ? ? ? ? ? change from the default 64k. Applies to all mountpoints ?-->
 ? ? ? ?<burst-size>65535</burst-size>
 ? ?</limits>

 ? ?<authentication>
 ? ? ? ?<!-- Sources log in with username 'source' -->
 ? ? ? ?<source-password>hackme</source-password>
 ? ? ? ?<!-- Relays log in username 'relay' -->
 ? ? ? ?<relay-password>hackme</relay-password>

 ? ? ? ?<!-- Admin logs in with the username given below -->
 ? ? ? ?<admin-user>hackme</admin-user>
 ? ? ? ?<admin-password>hackme</admin-password>
 ? ?</authentication>

 ? ?<!-- set the mountpoint for a shoutcast source to use, the default if not
 ? ? ? ? specified is /stream but you can change it here if an alternative is
 ? ? ? ? wanted or an extension is required
 ? ?<shoutcast-mount>/live.nsv</shoutcast-mount>
 ? ?-->

 ? ?<!-- Uncomment this if you want directory listings -->
 ? ?<!--
 ? ?<directory>
 ? ? ? ?<yp-url-timeout>15</yp-url-timeout>
 ? ? ? ?<yp-url>http://dir.xiph.org/cgi-bin/yp-cgi</yp-url>
 ? ?</directory>
 ? ? -->

 ? ?<!-- This is the hostname other people will use to connect to your
server.
 ? ?It affects mainly the urls generated by Icecast for playlists and yp
 ? ?listings. -->
 ? ?<hostname>80-244-81-186.customer.t3.se</hostname>

 ? ?<!-- You may have multiple <listener> elements -->
 ? ?<listen-socket>
 ? ? ? ?<port>8000</port>
 ? ? ? ?<!-- <bind-address>80.244.81.186</bind-address> -->
 ? ? ? ?<!-- <shoutcast-mount>/stream</shoutcast-mount> -->
 ? ?</listen-socket>
 ? ?<!--
 ? ?<listen-socket>
 ? ? ? ?<port>8001</port>
 ? ?</listen-socket>
 ? ?-->

 ? ?<!--<master-server>127.0.0.1</master-server>-->
 ? ?<!--<master-server-port>8001</master-server-port>-->
 ?
?<!--<master-update-interval>120</master-update-interval>-->
 ? ?<!--<master-password>hackme</master-password>-->

 ? ?<!-- setting this makes all relays on-demand unless overridden, this is
 ? ? ? ? useful for master relays which do not have <relay> definitions
here.
 ? ? ? ? The default is 0 -->
 ? ?<!--<relays-on-demand>1</relays-on-demand>-->

 ? ?<!--
 ? ?<relay>
 ? ? ? ?<server>127.0.0.1</server>
 ? ? ? ?<port>8001</port>
 ? ? ? ?<mount>/example.ogg</mount>
 ? ? ? ?<local-mount>/different.ogg</local-mount>
 ? ? ? ?<on-demand>0</on-demand>

 ? ? ? ?<relay-shoutcast-metadata>0</relay-shoutcast-metadata>
 ? ?</relay>
 ? ?-->

 ? ?<!-- Only define a <mount> section if you want to use advanced
options,
 ? ? ? ? like alternative usernames or passwords
 ? ?<mount>
 ? ? ? ?<mount-name>/complex-example.ogg</mount-name>

 ? ? ? ?<username>othersource</username>
 ? ? ? ?<password>hackmemore</password>

 ? ? ? ?<max-listeners>1</max-listeners>
 ? ? ? ?<dump-file>/tmp/dump-example1.ogg</dump-file>
 ? ? ? ?<burst-size>65536</burst-size>
 ? ? ? ?<fallback-mount>/example2.ogg</fallback-mount>
 ? ? ? ?<fallback-override>1</fallback-override>
 ? ? ? ?<fallback-when-full>1</fallback-when-full>
 ? ? ? ?<intro>/example_intro.ogg</intro>
 ? ? ? ?<hidden>1</hidden>
 ? ? ? ?<no-yp>1</no-yp>
 ? ? ? ?<authentication type="htpasswd">
 ? ? ? ? ? ? ? ?<option name="filename"
value="myauth"/>
 ? ? ? ? ? ? ? ?<option name="allow_duplicate_users"
value="0"/>
 ? ? ? ?</authentication>
 ? ? ? ?<on-connect>/home/icecast/bin/stream-start</on-connect>
 ? ? ? ?<on-disconnect>/home/icecast/bin/stream-stop</on-disconnect>
 ? ?</mount>

 ? ?<mount>
 ? ? ? ?<mount-name>/auth_example.ogg</mount-name>
 ? ? ? ?<authentication type="url">
 ? ? ? ? ? ?<option name="mount_add" ? ? ?
value="http://myauthserver.net/notify_mount.php"/>
 ? ? ? ? ? ?<option name="mount_remove" ?
?value="http://myauthserver.net/notify_mount.php"/>
 ? ? ? ? ? ?<option name="listener_add" ?
?value="http://myauthserver.net/notify_listener.php"/>
 ? ? ? ? ? ?<option name="listener_remove"
value="http://myauthserver.net/notify_listener.php"/>
 ? ? ? ?</authentication>
 ? ?</mount>

 ? ?-->

 ? ?<fileserve>1</fileserve>

 ? ?<paths>
??????????<!-- basedir is only used if chroot is enabled -->
 ? ? ? ?<basedir>/var/icecast</basedir>

 ? ? ? ?<!-- Note that if <chroot> is turned on below, these paths must
both
 ? ? ? ? ? ? be relative to the new root, not the original root -->
 ? ? ? ?<logdir>/log</logdir>
 ? ? ? ?<webroot>/web</webroot>
 ? ? ? ?<adminroot>/admin</adminroot>
 ? ? ? ?<!-- <pidfile>/var/run/icecast.pid</pidfile> -->

 ? ? ? ?<!-- Aliases: treat requests for 'source' path as being for
'dest' path
 ? ? ? ? ? ? May be made specific to a port or bound address using the
"port"
 ? ? ? ? ? ? and "bind-address" attributes.
 ? ? ? ? ?-->
 ? ? ? ?<!--
 ? ? ? ?<alias source="/foo" dest="/bar"/>
 ? ? ? ? ?-->
 ? ? ? ?<!-- Aliases: can also be used for simple redirections as well,
 ? ? ? ? ? ? this example will redirect all requests for http://server:port/ to
 ? ? ? ? ? ? the status page
 ? ? ? ? ?-->
 ? ? ? ?<alias source="/" dest="/status.xsl"/>
 ? ?</paths>

 ? ?<logging>
 ? ? ? ?<accesslog>access.log</accesslog>
 ? ? ? ?<errorlog>error.log</errorlog>
 ? ? ? ?<!-- <playlistlog>playlist.log</playlistlog> -->
 ? ? ??????<loglevel>3</loglevel> <!-- 4 Debug, 3 Info, 2 Warn, 1
Error -->
 ? ? ??????<logsize>10000</logsize> <!-- Max size of a logfile
-->
 ? ? ? ?<!-- If logarchive is enabled (1), then when logsize is reached
 ? ? ? ? ? ? the logfile will be moved to [error|access|playlist].log.DATESTAMP,
 ? ? ? ? ? ? otherwise it will be moved to [error|access|playlist].log.old.
 ? ? ? ? ? ? Default is non-archive mode (i.e. overwrite)
 ? ? ? ?-->
 ? ? ? ?<!-- <logarchive>1</logarchive> -->
 ? ?</logging>

 ? ?<security>
 ? ? ? ?<chroot>1</chroot> ?
 ? ? ? ?<changeowner>
 ? ? ? ? ? ?<user>_icecast</user>
 ? ? ? ? ? ?<group>_icecast</group>
 ? ? ? ?</changeowner>
 ? ?</security>
</icecast>


This is my pf.conf (I am on OpenBSD)

#?????$OpenBSD: pf.conf,v 1.50 2011/04/28 00:19:42 mikeb Exp $
#
# See pf.conf(5) for syntax and examples.
# Remember to set net.inet.ip.forwarding=1 and/or net.inet6.ip6.forwarding=1
# in /etc/sysctl.conf if packets are to be forwarded between interfaces.

set skip on lo

# filter rules and anchor for ftp-proxy(8)
#anchor "ftp-proxy/*"
#pass in quick inet proto tcp to port ftp divert-to 127.0.0.1 port 8021

# anchor for relayd(8)
#anchor "relayd/*"

pass??????????# to establish keep-state

# rules for spamd(8)
#table <spamd-white> persist
#table <nospamd> persist file "/etc/mail/nospamd"
#pass in on egress proto tcp from any to any port smtp \
# ? ?rdr-to 127.0.0.1 port spamd
#pass in on egress proto tcp from <nospamd> to any port smtp
#pass in log on egress proto tcp from <spamd-white> to any port smtp
#pass out log on egress proto tcp to any port smtp


#block in quick from urpf-failed to any?????# use with care

# By default, do not permit remote connections to X11
block in on ! lo0 proto tcp to port 6000:6010

# pass in on nfe0 port 8000

Where did I go wrong?

Regards,

Per Gunnarsson

On Sun, Feb 19, 2012 at 05:50:42PM +0100, per.gunnarsson at lappstockholm.se
wrote:
> 
> I can listen to my stream with 
> 
>  mplayer -cache 1024 http://localhost:8000/ices.mp3
> 
> but not 
> 
> mplayer -cache 1024 http://80.244.81.186:8000/ices.mp3 
> 
> This is my icecast.xml with passwords modified
> 
>  ? ?<listen-socket>
>  ? ? ? ?<port>8000</port>
>  ? ? ? ?<!-- <bind-address>80.244.81.186</bind-address>
-->
>  ? ? ? ?<!-- <shoutcast-mount>/stream</shoutcast-mount>
-->
>  ? ?</listen-socket>
> 
[...]
> Where did I go wrong?
> 
I think icecast binds to localhost only by default. Put
<bind-address>::</bind-address> or
<bind-address>0.0.0.0</bind-address> into
your configuration.

-- Petr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
Url :
http://lists.xiph.org/pipermail/icecast/attachments/20120219/1f652059/attachment.pgp

On Sun, 19 Feb 2012, Petr Pisar wrote:
> I think icecast binds to localhost only by default. Put
> <bind-address>::</bind-address> or
<bind-address>0.0.0.0</bind-address> into
> your configuration.
Not correct.  Icecast should bind to all available IPv4 interfaces by 
default.

In my experience, you do need to put:

<bind-address>::</bind-address>

to get it to bind to any IPv6 interfaces as well.

Geoff.