after investigating on this topic for more than 2 weeks I found no solution so far and I hope that someone here may push me into the right direction.
For a better understanding let me figure out the use case - although you may skip this section
We operate devices inside a closed private mobile network (10.x.x.x) with no connection to the internet. Each device implements a TCP client socket for connection to a centralized server socket (port 56893) receiving notifications, a TCP Server socket on port 56891 that allows different clients to connect to the devices on demand (for settings/state/etc) and a FTP client for automatic device firmware and modem software update using a private network internal FTP server.
Up to now we used SL8082 devices with an OpenAT Software package using GSM/Edge or UMTS transfer mode. Since we need to switch to LTE transfer mode, we will use WP76xx modems for our new design.
My current software package is built on LEGATO 19.11.5 and the following topics work out fine:
- connection to the TCP socket over LTE
- connection to the FTP server over LTE (using curl)
The TCP server socket (port 56891) is not accessible from any client via LTE (rmnet_data0) interface. I verified these points:
- IPTABLES has been disabled (using -F or -I INPUT -j ACCEPT)
- binding the socket to the private network adress (10.0.22.219) or binding to 0.0.0.0 makes no difference
- netstat shows my app as active TCP listener on the listen port 56891; either bound to 0.0.0.0 or the private network IP 10.0.22.219 depending on the bind address selected (see above)
- running the application in sandboxed or non-sandboxed mode makes no difference
- any other device inside the private network 10.x.x.x may ping the device using 10.0.22.219 successfully ! If trying to connect via telnet the client gets a “rejected” error
- any client running on the module itself may connect to the socket using any IP address (10.0.22.219, 127.0.0.1 or 192.168.2.2); therefore the TCP socket is fully functional
- any client running on the hosting windows machine may connect to the TCP server using 192.168.2.2; therefore the TCP socket is accessible via network by clients outside from the module
- I tested the clients with existing SL8082 Server Sockets successfully to exclude a client issue
- I tested the application with the radio rat forced to GSM to exclude a mobile network issue with LTE connections
After all these tests I’ve ot no more idea to find out, why this is not working. Something seems to block any inbound connection via the rmnet_data0 interface to my application code. The other interfaces (local and 192.168.2.2) indeed will not be blocked.
I heard about SMACK, but I found no explicit correlation to my TCP server socket problem. I think it is strange, that any inbound connection attempt via rmnet_data0 fails, whereas any outbound connection works fine.
I would be glad to read some ideas, comments or further steps for analyzing this problem.
Best regards, Heino
PS: after finishing this … may be the port range (> 32767) causes the problem ? I will test this soon …