(→iptables) |
(→Ports used by BrandMeister) |
||
| (4 intermediate revisions by the same user not shown) | |||
| Line 4: | Line 4: | ||
== Ports used by BrandMeister == | == Ports used by BrandMeister == | ||
* TCP/80 | * TCP/80 | ||
| + | * TCP/8080 | ||
** Webserver with status pages and HTTP API | ** Webserver with status pages and HTTP API | ||
* UDP/30001 | * UDP/30001 | ||
| Line 25: | Line 26: | ||
* UDP/54004 | * UDP/54004 | ||
** Radioactivity | ** Radioactivity | ||
| − | |||
| − | |||
* UDP/54000 | * UDP/54000 | ||
* TCP/54000 | * TCP/54000 | ||
** [[FastForward network protocol]] | ** [[FastForward network protocol]] | ||
| − | |||
| − | |||
* UDP/55001 | * UDP/55001 | ||
** IPSC for external networks connection (such as SmartPTT) | ** IPSC for external networks connection (such as SmartPTT) | ||
| Line 58: | Line 55: | ||
iptables -A INPUT -i lo -j ACCEPT | iptables -A INPUT -i lo -j ACCEPT | ||
ip6tables -A INPUT -i lo -j ACCEPT | ip6tables -A INPUT -i lo -j ACCEPT | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
iptables -t raw -F; iptables -t raw -X | iptables -t raw -F; iptables -t raw -X | ||
| Line 71: | Line 61: | ||
iptables -t raw -A OUTPUT -j CT --notrack | iptables -t raw -A OUTPUT -j CT --notrack | ||
ip6tables -t raw -A OUTPUT -j CT --notrack | ip6tables -t raw -A OUTPUT -j CT --notrack | ||
| + | |||
| + | iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" | ||
| + | ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" | ||
| + | iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap" | ||
| + | ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap" | ||
</pre> | </pre> | ||
This instruction is intended for administrators of BrandMeister DMR Servers
I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.
iptables -P INPUT ACCEPT ip6tables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT ip6tables -P OUTPUT ACCEPT iptables -F; iptables -X ip6tables -F; ip6tables -X iptables -A INPUT -i lo -j ACCEPT ip6tables -A INPUT -i lo -j ACCEPT iptables -t raw -F; iptables -t raw -X ip6tables -t raw -F; ip6tables -t raw -X iptables -t raw -A OUTPUT -j CT --notrack ip6tables -t raw -A OUTPUT -j CT --notrack iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP mqtt" iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap" ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP sap"
This instruction is intended for administrators of BrandMeister DMR Servers
I am using the following set of ports for incoming connections. For your convenience, there is a set of iptables rules provided below.
iptables -P INPUT ACCEPT ip6tables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT ip6tables -P OUTPUT ACCEPT iptables -F; iptables -X ip6tables -F; ip6tables -X iptables -A INPUT -i lo -j ACCEPT ip6tables -A INPUT -i lo -j ACCEPT iptables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP MQTT" ip6tables -A INPUT ! -i lo -p tcp --dport 1883 -j DROP -m comment --comment "DROP MQTT" iptables -A INPUT ! -i lo -p tcp --dport 3301 -j DROP -m comment --comment "DROP TNT" ip6tables -A INPUT ! -i lo -p tcp --dport 3301 -j DROP -m comment --comment "DROP TNT" iptables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP" ip6tables -A INPUT ! -i lo -p udp --dport 54005 -j DROP -m comment --comment "DROP SAP" iptables -t raw -F; iptables -t raw -X ip6tables -t raw -F; ip6tables -t raw -X iptables -t raw -A OUTPUT -j CT --notrack ip6tables -t raw -A OUTPUT -j CT --notrack
BrandMeister