firewalld equivalent of iptabled --sport?
Reindl Harald
h.reindl at thelounge.net
Thu Sep 19 14:52:33 UTC 2013
the question was *sport* not dport
sport == source port (remote client)
dport == target port (your machine running iptables)
Am 19.09.2013 16:46, schrieb Shelby, James:
> I believe the syntax is: firewall-cmd --permanent --add-port 5002/udp
>
> ________________________________________
> From: users-bounces at lists.fedoraproject.org [users-bounces at lists.fedoraproject.org] On Behalf Of Richard Shaw [hobbes1069 at gmail.com]
> Sent: Thursday, September 19, 2013 7:40 AM
> To: Community support for Fedora users
> Subject: firewalld equivalent of iptabled --sport?
>
> I have a HDHomeRun (network based TV tuner) on my home network. In order to get it to work I had to add the following to my iptables config:
>
> -A INPUT -m state --state NEW -m udp -p udp --sport 5002 -j ACCEPT
> -A INPUT -m state --state NEW -m udp -p udp --sport 5004 -j ACCEPT
> -A INPUT -m state --state NEW -m udp -p udp --sport 65001 -j ACCEPT
>
> Which from my limited knowledge of how iptables work, is the opposite of what you usually do for most services (--dport) because in this case the the return port is random.
>
> I have not been able to find any setting in firewall-config or in the documentation that mentions source ports, only destination ports.
>
> If this is not possible it would appear to be a fairly large flaw in firewalld in general
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20130919/fb9fdc3a/attachment.sig>
More information about the users
mailing list