Do I need to add a forwarded port for livereload when using a vagrant box?

Question

I'm trying to use the livereload browser extension with a vagrant box provisioned using puphpet.

I think port 35729 is blocked as I can't telnet to that port from the host OS (OSX). Guest OS is Ubuntu 14.04.

Would adding an IPTables rule suffice or do I need to add a new forwarded port and re-provision the box?

iptables -L

target     prot opt source               destination         
ACCEPT     icmp --  anywhere             anywhere             /* 000 accept all icmp */
ACCEPT     all  --  anywhere             anywhere             /* 001 accept all to lo interface */
ACCEPT     all  --  anywhere             anywhere             /* 002 accept related established rules */ state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             multiport ports 1025,socks /* 100 tcp/1025, 1080 */
ACCEPT     tcp  --  anywhere             anywhere             multiport ports ssh /* 100 tcp/22 */
ACCEPT     tcp  --  anywhere             anywhere             multiport ports https /* 100 tcp/443 */
ACCEPT     tcp  --  anywhere             anywhere             multiport ports http /* 100 tcp/80 */
DROP       all  --  anywhere             anywhere             /* 999 drop all */

I tried adding the following:

sudo iptables -A OUTPUT -p tcp -m tcp --dport 35729 -j ACCEPT
sudo iptables -A INPUT -p tcp -m tcp --sport 35729 -j ACCEPT

But this didn't resolve the problem. I also tried adding this to config.yml and running vagrant provision:

    forwarded_port:
        l1J8zgpT2xBX:
            host: '35729'
            guest: '35729'

Answer 1

Adding the ports under the forwarded_port should be enough, as I've written code into PuPHPet to add those to the OS firewall:

if has_key($vm_values, 'vm')
  and has_key($vm_values['vm'], 'network')
  and has_key($vm_values['vm']['network'], 'forwarded_port')
{
  create_resources( iptables_port, $vm_values['vm']['network']['forwarded_port'] )
}

define iptables_port (
  $host,
  $guest,
) {
  if ! defined(Firewall["100 tcp/${guest}"]) {
    firewall { "100 tcp/${guest}":
      port   => $guest,
      proto  => tcp,
      action => 'accept',
    }
  }
}

However, you must run $ vagrant reload, not $ vagrant provision. Reload affects the box itself - memory, cpus, ports shared, etc. Provision will affect whatever provisioning script you've set up (in this case Puppet).