Posts by louis2

  • Which URL's are needed for LibreElec (Core)

    Hello,

    I looked at the DNS-log

    localhost.iot.lan The device it self (OK)

    pool.ntp.org NTP (OK)

    ipv4.connman.net ???? not really needed IMHO, but probably not a risk so I did allow

    update.libreelec.tv Logical (OK)

    releases.libreelec.tv Logical (OK)

    addons.libreelec.tv Logical (OK)

    mirrors.kodi.tv Do not understand for which kind of data ? (I did allow for now)

    wpad.iot.lan Do not understand for which reason? (I did allow for now)

    raw.githubusercontent.com Does feel groovy (I did block it for the moment)

    libreelect.tv

    46.101.13.226 Hardware IP Address located in England, United Kingdom shows

    Recent Domains/Hosts on this IP: libreelec.tv
    46.101.13.226


    Louis

  • Which URL's are needed for LibreElec (Core)

    Hello,

    Chewitt thanks for the answer !!

    I will try to tune my firewall.

    - allowing connman

    - I do not use add-ons, so no rules needed for that

    - your remark on "a Kodi URL is vague" which one :)

    - the role of mirrorbits is clear

    - not using the DHCP-server provided NTP-service, that it

    Problem is that I do understand your mail, but I can only partly map your explanation to the URL's / IP messages seen in the FW-log. Perhaps the DNS-log provides more info. Rather strange are the IP-adresses which could not be resolved by the DNS!

    To notice, I am using pfSense as Firewall, and the network is divided in VLAN's. LibreElec/Kodi is situated in my IOT-VLAN


    Louis

  • Which URL's are needed for LibreElec (Core)

    Hello,

    I would like to limit the outgoing traffic from my LibreELEC to what is needed. That to make sure the media player is not connecting to all kind of commercial services or worse. So I wonder if someone (the developers?) could publish a list of all URL's needed by the Libre Elec Core.

    With that list I could allow those sites in my Firewall and block the rest :)

    Note that LibreElec (without any plugins) is connecting to IP-sources not even known to the DNS !! :evil::evil:

    A very first(!) investigation in my firewall log showed me the IPV4 addresses below this mail. Probably there are more and perhaps there are relevant IPV6 addresses as well (did not notice them in the FW-log).

    Sincerely,


    Louis


    89.102.0.150 => mirror.karneval.cz (open source code mirroring service, it seems)

    94.8.197.22 => mirror.netcologne.de (open source code mirroring service, it seems)

    46.101.13.226 => CAN NOT RESOLVE!!?? (web01.libreelec.tv. Other domains hosted on this hardware 46.101.13.226 are libreelec.tv, 46.101.13.226. may be!)

    207.154.220.125 => CAN NOT RESOLVE!!??

    93.187.10.106 => mirror.wearetriple.com (seems to contain software librarys)

    89.16.176.16 => dharma.dh.bytemark.co.uk (seems to contain source code updates)

    151.101.0.133 CAN NOT RESOLVE!! ????

    134.209.250.70 CAN NOT RESOLVE!! ????

    212.227.81.55 ipv4.connman.net (seems to be related to a communication package used)

    129.250.35.251:123 y.ns.gin.ntt.net NTP (ntp service, that is OK, however normal practice is to use the DHCP server provided NTP)

    224.0.0.251:5353 => MDNS

    224.0.0.22 igmp.mcast.net => IGMP (I assume to find local media sources)

    If the DNS can not resolve the IP-address ........ I normally do not trust the IP-address at all !!!! :dodgy: