(→iptables) |
(→Ports used by BrandMeister) |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
== Ports used by BrandMeister == | == Ports used by BrandMeister == | ||
* TCP/80 | * TCP/80 | ||
| + | * TCP/8080 | ||
** Webserver with status pages and HTTP API | ** Webserver with status pages and HTTP API | ||
* UDP/30001 | * UDP/30001 | ||
| Line 25: | Line 26: | ||
* UDP/54004 | * UDP/54004 | ||
** Radioactivity | ** Radioactivity | ||
| − | |||
| − | |||
* UDP/54000 | * UDP/54000 | ||
* TCP/54000 | * TCP/54000 | ||
** [[FastForward network protocol]] | ** [[FastForward network protocol]] | ||
| − | |||
| − | |||
* UDP/55001 | * UDP/55001 | ||
** IPSC for external networks connection (such as SmartPTT) | ** IPSC for external networks connection (such as SmartPTT) | ||
| Line 58: | Line 55: | ||
iptables -A INPUT -i lo -j ACCEPT | iptables -A INPUT -i lo -j ACCEPT | ||
ip6tables -A INPUT -i lo -j ACCEPT | ip6tables -A INPUT -i lo -j ACCEPT | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
iptables -t raw -F; iptables -t raw -X | iptables -t raw -F; iptables -t raw -X | ||
| Line 71: | Line 61: | ||
iptables -t raw -A OUTPUT -j CT --notrack | iptables -t raw -A OUTPUT -j CT --notrack | ||
ip6tables -t raw -A OUTPUT -j CT --notrack | ip6tables -t raw -A OUTPUT -j CT --notrack | ||
| + | |||
| + | iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" | ||
| + | ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" | ||
| + | iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap" | ||
| + | ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap" | ||
</pre> | </pre> | ||
This instruction is intended for administrators of BrandMeister DMR Servers
I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.
- iptables -P INPUT ACCEPT
- ip6tables -P INPUT ACCEPT
- iptables -P OUTPUT ACCEPT
- ip6tables -P OUTPUT ACCEPT
- iptables -F; iptables -X
- ip6tables -F; ip6tables -X
- iptables -A INPUT -i lo -j ACCEPT
- ip6tables -A INPUT -i lo -j ACCEPT
- iptables -t raw -F; iptables -t raw -X
- ip6tables -t raw -F; ip6tables -t raw -X
- iptables -t raw -A OUTPUT -j CT --notrack
- ip6tables -t raw -A OUTPUT -j CT --notrack
- iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt"
- ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt"
- iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
- ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
This instruction is intended for administrators of BrandMeister DMR Servers
I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.
- iptables -P INPUT ACCEPT
- ip6tables -P INPUT ACCEPT
- iptables -P OUTPUT ACCEPT
- ip6tables -P OUTPUT ACCEPT
- iptables -F; iptables -X
- ip6tables -F; ip6tables -X
- iptables -A INPUT -i lo -j ACCEPT
- ip6tables -A INPUT -i lo -j ACCEPT
- iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP MQTT"
- ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP MQTT"
- iptables -A INPUT ! -i lo -p tcp --dport 3301 -j DROP -m comment --comment "DROP TNT"
- ip6tables -A INPUT ! -i lo -p tcp --dport 3301 -j DROP -m comment --comment "DROP TNT"
- iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"
- ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP"
- iptables -t raw -F; iptables -t raw -X
- ip6tables -t raw -F; ip6tables -t raw -X
- iptables -t raw -A OUTPUT -j CT --notrack
- ip6tables -t raw -A OUTPUT -j CT --notrack
BrandMeister