summaryrefslogtreecommitdiffstats
path: root/core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
diff options
context:
space:
mode:
Diffstat (limited to 'core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs')
-rwxr-xr-xcore/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs11
1 files changed, 8 insertions, 3 deletions
diff --git a/core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs b/core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
index bfb9a391..8debd2cc 100755
--- a/core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
+++ b/core/modules/pvs2/data/opt/openslx/iptables/rules.d/10-pvs
@@ -1,13 +1,18 @@
#!/bin/ash
# Allow PVS ports
-# Control connection - server and client perspective
+# Control connection: server incoming, client outgoing
iptables -I ipt-helper-INPUT 1 -i br0 -p tcp --dport 5194 -j ACCEPT
iptables -I ipt-helper-OUTPUT 1 -o br0 -p tcp --dport 5194 -j ACCEPT
-# UDP discovery - server and client perspective
+# UDP discovery
+# pvsmgr: allow incoming discovery (broadcast)
iptables -I ipt-helper-INPUT 1 -i br0 -p udp --dport 3492 -j ACCEPT
-iptables -I ipt-helper-OUTPUT 1 -o br0 -p udp --dport 3492 -j ACCEPT
+# pvsmgr: allow outgoing discovery reply (unicast)
iptables -I ipt-helper-OUTPUT 1 -o br0 -p udp --sport 3492 -j ACCEPT
+# pvsclient: allow outgoing discovery (broadcast)
+iptables -I ipt-helper-OUTPUT 1 -o br0 -p udp --dport 3492 -j ACCEPT
+# pvsclient: allow incoming discovery reply (unicast)
+iptables -I ipt-helper-INPUT 1 -i br0 -p udp --sport 3492 -j ACCEPT
# VNC connection - incoming and outgoing - small range as we use -autoport
iptables -I ipt-helper-INPUT 1 -i br0 -p tcp --dport 54112:54122 -j ACCEPT
iptables -I ipt-helper-OUTPUT 1 -o br0 -p tcp --dport 54112:54122 -j ACCEPT
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-06-08 21:08:48 +0200