*** If you're not sure this is actually a bug, instead post about it at https://discuss.kde.org If you're reporting a crash, attach a backtrace with debug symbols; see https://community.kde.org/Guidelines_and_HOWTOs/Debugging/How_to_create_useful_crash_reports Please remove this comment after reading and before submitting - thanks! *** SUMMARY Hello, ever since upgrading to kdeconnect 25.08.0-2 on Arch Linux, I have been having a weird issue with my firewall. I have unblocked the correct ports 1714-1764 as documented on the wiki; that is, I have added the kdeconnect service to my home zone on both of my devices and made sure that the zone is active. Port 5353 is also unblocked for mdns. Looking at the traffic in wireshark, I am seeing kdeconnect send mdns packets from port 5353 to seemingly random ports. These packets get filtered and the devices fail to recognize each other. I can make it work by unblocking ports in the 40000-50000 range, but it seems to be a bit unreliable. Everything works perfectly if I turn off the firewall on at least one device. STEPS TO REPRODUCE 1. sudo firewall-cmd --permanent --zone=public --add-service=kdeconnect && sudo firewall-cmd --reload on both machines. 2. Restart both machines, launch KDEConnect. OBSERVED RESULT The devices fail to see each other. On one machine, run sudo systemctl stop firewalld. KDEConnect now works. Packets going to ports in the 40000-50000 range are blocked in wireshark. EXPECTED RESULT KDEConnect should work with the kdeconnect service added as per the wiki: https://userbase.kde.org/KDEConnect#Troubleshooting SOFTWARE/OS VERSIONS Linux/KDE Plasma: Arch Linux KDE Plasma Version: 6.4.4 KDE Frameworks Version: 6.17.0 Qt Version: 6.9.2 ADDITIONAL INFORMATION
Forgot to mention: KDEConnect between my phone and both devices works fine even with the firewall up. It's only computer <-> computer connections that have issues.
I believe my issue is similar to the one reported here. My laptop and PC are running Arch Linux with KDE Plasma 6.4.5. My laptop has kdeconnect 25.08.1-1 and firewalld 2.3.1-1 while PC only has kdeconnect 25.08.1-1 with no firewall. I have one zone "public" which should allow traffic to and from the kdeconnect service as seen below: public (default, active) target: default ingress-priority: 0 egress-priority: 0 icmp-block-inversion: no interfaces: wlan0 sources: services: dhcpv6-client kdeconnect ssh ports: protocols: forward: yes masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: I've learned through firewall-config that the kdeconnect service is allowed to use 1714-1764/tcp and 1714-1764/udp by default, and this matches what the Wiki says. With my laptop's firewall up, my laptop and PC cannot reach each other. Temporarily disabling firewalld seems to work until the next reboot. I have not tried sniffing my network with Wireshark yet, but adding ports 40000-50000/udp to the kdeconnect firewall config as mentioned in the bug report seems to solve this issue - I did this through firewall-config. This is my first time commenting in a KDE bug report, so apologies if this does not belong here 🙂 SOFTWARE/OS VERSIONS Linux/KDE Plasma: Arch Linux KDE Plasma Version: 6.4.5 KDE Frameworks Version: 6.18.0 Qt Version: 6.9.2
I encountered the same issue: mobile device -> PC works, PC <-> PC doesn't. After adding in firewalld under "Source Ports" 5353/udp, the ICMP error "administratively prohibited" disappears in Wireshark and KDE Connect works also for PC <-> PC. SOFTWARE/OS VERSIONS Operating System: Fedora Linux 42 KDE Plasma Version: 6.4.4 KDE Frameworks Version: 6.17.0 Qt Version: 6.9.1 kde-connect-25.08.0-1.fc42.x86_64 kdeconnectd-25.08.0-1.fc42.x86_64 kde-connect-libs-25.08.0-1.fc42.x86_64