echolinux technical details

Some of the following will apply to EchoLink as well, since echolinux is designed to interwork with EchoLink.

Firewall requirements

There are 3 TCP/IP connections involved in echolinux:

VoIP (i.e. audio) data channel

The actual audio data is sent as UDP packets with a destination port number of 5198. If your firewall blocks these incoming packets, you're not going to hear anything!
Note that, when in QSO, there are going to be masses of incoming packets to your UDP port 5198. Your firewall may decide that these packets are an attempted Denial of Service attack, and (if it does decide this) may drop some or all of the packets. If this does happen, you'll either hear nothing after the first few seconds, or you'll hear very chopped audio. Your firewall logs ought to tell you if its dropping packets.

Control channel

A control channel is used for the purpose of initiating connections, and tx/rx switching. This channel sends UDP packets with a destination port number of 5199. If your firewall blocks these incoming packets, you're never going to receive incoming connection requests.

EchoLink Server channel

Although it's possible to run echolinux without talking to an EchoLink server, using the server does enhance the user's experience :-) The server holds information about who's currently online, whether they're currently in QSO, and (crucially) their IP address - which is needed to initiate a connection to them.
The traffic to the EchoLink server is sent as TCP packets with a destination port number of 5200. If your firewall blocks these incoming packets, you won't be able to see who's online. This traffic is only ever initiated by your end - so if you have an SPI firewall which allows any outbound traffic, you'll be OK.

Which program does what ?

The Unix philosophy is to have lots of small programs, each of which does one thing well. This reduces complexity, and complex programs are more likely to have defects and security holes.

echolinux

(By echolinux here, I mean the binary file named echolinux).
This program runs the control channel. It needs to be started whenever you want to be active on the echolinux system. It reads your config file, and then waits for something to happen. It listens on STDIN (which will be connected to your terminal keyboard unless you're running a GUI), and also for incoming data on the control channel (UDP port 5199). When a connection is established (either by you, or by someone else connecting to you), echolinux spawns an instance of echoaudio.

echoaudio

It's echoaudio which sends and receives the audio data on the VoIP data channel. It also communicates (via commands) with echolinux - for example to send audio level reports to echolinux, and for echolinux to tell echoaudio to die because the QSO has been ended.

The GUI - whichever one you use

The GUI is responsible for starting the initial instance of the echolinux binary, all the communication with the EchoLink Server, and communicating with the echolinux binary. The GUI sends data to STDIN on the echolinux binary, so you don't have to type the echolinux commands on your terminal keyboard. The GUI also receives data back from the echolinux binary - such as the audio level reports so it can provide a 'VU Meter'-like display.