Set Ant Media Server Firewall Rules
Use the following rules for Ant Media Server Firewall Configuration:
1
2
3
4
5
6
7
8
|
ufw allow ssh
ufw allow http
ufw allow https
ufw allow 1935/tcp
ufw allow 5080/tcp
ufw allow 5443/tcp
ufw allow 5000:65000/udp
enable ufw
|
After enabling, you will have following status
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
root@server:~# ufw status
Status: active
To Action From
— —— —-
22/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
1935/tcp ALLOW Anywhere
5080/tcp ALLOW Anywhere
5443/tcp ALLOW Anywhere
5000:65000/udp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
1935/tcp (v6) ALLOW Anywhere (v6)
5080/tcp (v6) ALLOW Anywhere (v6)
5443/tcp (v6) ALLOW Anywhere (v6)
5000:65000/udp (v6) ALLOW Anywhere (v6)
root@server:~#
|
Port forwarding
You can forward port 80 and 443 to Ant Media Server, so you don’t have to use ports.
You can use following iptables commands
1
2
|
sudo iptables –t nat –A PREROUTING –p tcp —dport 80 –j REDIRECT —to–port 5080
sudo iptables –t nat –A PREROUTING –p tcp —dport 443 –j REDIRECT —to–port 5443
|
To make it permanent, edit
1
|
vi /etc/ufw/before.rules
|
In the beginning of the file, find
1
|
*filter
|
Add above
1
2
3
4
5
|
*nat
:PREROUTING ACCEPT [0:0]
–A PREROUTING –p tcp —dport 80 –j REDIRECT —to–port 5080
–A PREROUTING –p tcp —dport 443 –j REDIRECT —to–port 5443
COMMIT
|
Restart ufw firewall