~mdw / firewall / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
artist.m4: Punch a hole for Rygel service to local (-ish) devices.
[firewall] / artist.m4
diff --git a/artist.m4 b/artist.m4
index 8b066a7..b6a8111 100644 (file)
--- a/artist.m4
+++ b/artist.m4
@@ -46,6 +46,12 @@ run iptables -A inbound -j ACCEPT \
        -p tcp -m multiport --destination-ports \
                $port_netbios_ssn,$port_microsoft_ds
 
+## Open ports for Rygel.
+run iptables -A inbound -j ACCEPT -s 172.29.198.0/23 \
+       -d 239.255.255.250 -p udp --destination-port 1900
+run iptables -A INPUT -j ACCEPT -s 172.29.198.0/23 \
+       -p tcp --destination-port 9501
+
 ## Other interesting things.
 dnsresolver inbound
 
Firewall scripts for distorted.org.uk.