leginonbot
commented
6 months ago Original Redmine Comment Author Name: William Rice (@wjrice) Original Date: 2019-05-23T15:31:23Z
Attached is a perl script which makes setting up many ports easier. The script as set up will forward port 3306 (mysql) from the microscope to the databse server, port 55555 from the leginon host to the microscope, and all ports between 49153 and 51000 between the microscope PC and the leginon host in both directions.
Author Name: William Rice (@wjrice) Original Redmine Issue: 7491, https://emg.nysbc.org/redmine/issues/7491 Original Date: 2019-04-29 Original Assignee: William Rice
Similar to issue described in http://emg.nysbc.org/redmine/projects/leginon/wiki/An_example_of_working_port-forwarding_configuration
the microscope PC is on a separate mini-network from the main network. The Gatan PC and the Support PC are on this network. Microscope PC: 192.168.0.1 Gatan PC: 192.168.0.3
Support PC is isolated from the rest of the internal network: it talks only to the microscope PC and outside. Idea is that RAPID introduces a vulnerability to the internal network.
First tried setting up a third PC under windows (called PF for port forwarder) and configured according to wiki above. PC runs Windows 7. Found that the first half of the leginon ports, 49153-49157, could not be forwarded properly because they were used by windows (see attached). Result was that leginon client could be started, leginon could be run from the microscope PC, but the leginon linux pc could not connect to the microscope pc and use it as a client. Test2.py also failed to get a response.
I can see three possible solutions: 1 - figure out Windows networking to free up ports 2 - change ports in leginon 3 - avoid windows for port forwarding.
Chose solution 3. Booted the port forwarder PC in linux (live Mint USB) and used iptables to do the forwarding. Script is attached. Note for script: port forwarder IP is 10.163.4.52 (wide network) and 192.168.0.5 (small microscope network) microscope IP is 192.168.0.1 leginon pc is 10.163.4.65 Script is essentially what was described by Morgan Beeby at Imperial College London, but using command line instead of a GUI.
leginon pc uses IP address of port forwarder for the microscope IP (hosts file) (10.163.4.52) microscope PC uses internal IP address of port forwarder as leginon IP (192.168.0.5) Gatan PC is on both networks
Seems this might be a good solution, as only a very small computer with 2 ethernet ports is needed for forwarding