Page 1 of 1
Firewall settings to allow tos software update?
Posted: 17 Oct 2024, 07:50
by rfbjr
Is there a sample of the values needed to pinhole the firewall so update software checking will work? Assuming I have locked down everything but the local network.
Re: Firewall settings to allow tos software update?
Posted: 17 Oct 2024, 21:29
by rfbjr
Yes I have the firewall set to allow local network 192.168.1.* but doing that stops the "Check for updates now" from working.
I'm just looking what IP/Port should I add/allow for that to work.
Re: Firewall settings to allow tos software update?
Posted: 17 Oct 2024, 22:51
by TMzethar
Sorry, there is no way to realize your idea at the moment, will keep trying to find a way for you. Perhaps you can be informed of updates by checking the forum update notes from time to time.
viewforum.php?f=28
Re: Firewall settings to allow tos software update?
Posted: 05 Jun 2025, 21:19
by bartmans99
Ping: is this still not possible? To create a pinhole for TOS updates?
Re: Firewall settings to allow tos software update?
Posted: 05 Jun 2025, 21:40
by TMzethar
I will relay your ideas to the project team.
You want something preset, similar to an official firewall whitelist, right?
Re: Firewall settings to allow tos software update?
Posted: 05 Jun 2025, 21:50
by rfbjr
The point/idea is if you want to lock down your NAS and allow only authorized IP's through, when you presently do that, you no longer get software updates. Granted the updates don't happen every day, but also there isn't an email notification when a new release is available. Work around would be if there was an email saying "xxx has been released" we could disable the firewall, do the update then when it's complete, "raise the shields" again to quote Star Trek.

Without the firewall rule for updates and no email notification, we have to relay on the forum postings.
Thank you as you were.

Re: Firewall settings to allow tos software update?
Posted: 06 Jun 2025, 03:15
by bartmans99
I am no firewall expert. So consulted Chatgpt. It advised to add allow rule for the local network. And the last rule would a Deny on subnet 0.0.0.0/0.
This works in so far that I now get the update check and can install apps. But being not an expert, can't be sure if this is safe (enough).