PasTim wrote: > I use gufw. If you look at the log it can produce you can see what gets > blocked. I found I had to allow a range of high-numbered (5 digit) > ports from my UPnP devices. Not ideal, but the best I could do.
Hi PasTim, Assuming that one's server is running LMS on a Linux-based server, and using netfilter/iptables for the firewall, then I found a couple of things that might be useful... By default Stateful Packet Inspection is not enabled; however it can be using conntrack, which enables netfilter connection tracking. This seems a bit outside my wheelhouse, and I will have to do some studying to understand how it works. Secondly, this article, specifically discussing UPnP SSDP, is more accessible with my limited understanding of netfilter: https://serverfault.com/questions/250797/stateful-matching-of-multicast-responses-in-iptables Thirdly, it is possible to track port scanning attempts using PSAD, and it can generate new firewall rules to block access from outside machines that might be attempting an intrusion, see: https://blog.rapid7.com/2017/06/24/how-to-install-and-use-psad-ids-on-ubuntu-linux/ In retrospect, my earlier request I made to Philippe was not reasonable, and I simply did not know enough to know it, so I apologize for that. SSDP Discovery works in a particular way ... and that is the way it is. *Living Room:* SB Touch + DIY PSU > CI Audio VDA.2 DAC + VAC.1 PSU > VRX.1 cables > Emotiva XSP-1 Gen 2 preamp + XPA-DR2 amp > Blue Jeans cables > B&W 804 speakers *Laptop:* System76 Galago + Ubuntu 16.04 + Squeezelite + Material Skin > ifi USB iSilencer > Audirect Beam DAC > Senn IE 80 earbuds *Bedroom:* Android Phone + SB Player + Squeeze Ctrl > Bluetooth > Bose SoundLink Revolve *Server:* Puget Systems Serenity + Ubuntu 18.04 + LMS 7.9.2 *Music:* Personal FLAC, Radio Paradise FLAC, Qobuz, Spotify ------------------------------------------------------------------------ Ron F.'s Profile: http://forums.slimdevices.com/member.php?userid=5616 View this thread: http://forums.slimdevices.com/showthread.php?t=103728 _______________________________________________ plugins mailing list plugins@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/plugins
