PasTim wrote: > I got it working, but quite a lot of effort and googling was needed. > I'm not sure this is really the thread for the details of this. I could > PM you if you wish. Briefly: > - sudo install ipset xtables-addons-source iptables-persistent > netfilter-persistent > - sudo module-assistant auto-install xtables-addons > - create a service for ipset so as to be able to makes the settings > persistent - see > https://selivan.github.io/2018/07/27/ipset-save-with-ufw-and-iptables-persistent-and.html > , and enable the service > - add firewall rules (I use gufw) for ports 49152:49158 tcp for my > network (nnn.nnn.nnn.0/24) (a range - I need several for my different > upnp services) - these are needed to play music (not to detect players) > - sudo ipset create upnp hash:ip,port timeout 3 > - sudo ipset save > /etc/iptables/ipset (but I had to list the rule and > edit it manually) > > Then, on my ubuntu 18.04 system (but others may be different) > - sudo iptables -I OUTPUT 4 -d 239.255.255.250/32 -p udp -m udp --dport > 1900 -j SET --add-set upnp src,src --exist > - sudo iptables -I INPUT 4 -p udp -m set --match-set upnp dst,dst -j > ACCEPT > > I used rule 4, this is between ufw rules on OUTPUT and INPUT that seemed > appropriate (using sudo iptables -L OUTPUT and so on). Using -A did not > work for me. > Once all working save iptables to be persistent over reboots: > - sudo netfilter-persistent save > > I thinks that's it, but I may have missed something. Whether the > firewall still works properly for everything else I still need to > double-check.
PasTim ... You are the man! The key was moving the OUTPUT rule to position #4. No question; there is an interaction/conflict between the rules ufw had originally created, and these new rules for temporarily allowing UPnP SSDP Notify messages to get back in during device discovery. *Living Room:* SB Touch + DIY PSU > CI Audio VDA.2 DAC + VAC.1 PSU > VRX.1 cables > Emotiva XSP-1 Gen 2 preamp + XPA-DR2 amp > Blue Jeans cables > B&W 804 speakers *Laptop:* System76 Galago + Ubuntu 16.04 + Squeezelite + Material Skin > ifi USB iSilencer > Audirect Beam DAC > Senn IE 80 earbuds *Bedroom:* Android Phone + SB Player + Squeeze Ctrl > Bluetooth > Bose SoundLink Revolve *Server:* Puget Systems Serenity + Ubuntu 18.04 + LMS 7.9.2 *Music:* Personal FLAC, Radio Paradise FLAC, Qobuz, Spotify ------------------------------------------------------------------------ Ron F.'s Profile: http://forums.slimdevices.com/member.php?userid=5616 View this thread: http://forums.slimdevices.com/showthread.php?t=103728 _______________________________________________ plugins mailing list plugins@lists.slimdevices.com http://lists.slimdevices.com/mailman/listinfo/plugins
