diff --git a/conf/default_ports.conf b/conf/default_ports.conf index 2216e12..905ed9c 100644 --- a/conf/default_ports.conf +++ b/conf/default_ports.conf @@ -64,6 +64,14 @@ standard_jitsi_udp_port_range="10000:20000" standard_turn_service_ports="3478:3479,5349:5350" standard_turn_service_udp_ports="49152:65535" +# - alfaview - Video Conferencing Systems +# - +# - Note +# - also tcp ports http/https needed to be open +# - +standard_alfaview_service_tcp_ports="5380:5390" +standard_alfaview_service_udp_ports="5380:5390" + # ------------- # --- Predefined Ports # ------------- diff --git a/conf/main_ipv4.conf.sample b/conf/main_ipv4.conf.sample index 9bd6464..c497f5f 100644 --- a/conf/main_ipv4.conf.sample +++ b/conf/main_ipv4.conf.sample @@ -842,6 +842,16 @@ jitsi_tcp_ports="$standard_jitsi_tcp_ports" jitsi_udp_port_range="$standard_jitsi_udp_port_range" +# ====== +# - alfaview - Video Conferencing Systems +# ====== + +# - alfaview Service Ports +# - +alfaview_tcp_ports="$standard_alfaview_service_tcp_ports" +alfaview_udp_ports="$standard_alfaview_service_udp_ports" + + # ====== # - TURN Server (Stun Server) (for Nextcloud 'talk' app) # ====== @@ -1320,6 +1330,7 @@ allow_remote_console_request_out=true allow_mumble_request_out=true allow_bigbluebutton_video_conference_out=true allow_jitsi_video_conference_out=true +allow_alfaview_video_conference_out=true allow_nc_talk_out=true allow_samba_requests_out=true diff --git a/conf/main_ipv6.conf.sample b/conf/main_ipv6.conf.sample index 1c32ab2..dfee9de 100644 --- a/conf/main_ipv6.conf.sample +++ b/conf/main_ipv6.conf.sample @@ -816,6 +816,16 @@ jitsi_tcp_ports="$standard_jitsi_tcp_ports" jitsi_udp_port_range="$standard_jitsi_udp_port_range" +# ====== +# - alfaview - Video Conferencing Systems +# ====== + +# - alfaview Service Ports +# - +alfaview_tcp_ports="$standard_alfaview_service_tcp_ports" +alfaview_udp_ports="$standard_alfaview_service_udp_ports" + + # ====== # - TURN Server (Stun Server) (for Nextcloud 'talk' app) # ====== diff --git a/ip6t-firewall-gateway b/ip6t-firewall-gateway index 76fc170..7da929d 100755 --- a/ip6t-firewall-gateway +++ b/ip6t-firewall-gateway @@ -2864,7 +2864,7 @@ fi echononl "\t\tBigBlueButton Video Conference Service out only" -if $allow_jitsi_video_conference_out ; then +if $allow_bigbluebutton_video_conference_out ; then for _dev in ${ext_if_arr[@]} ; do if [[ "$bigbluebutton_tcp_ports" != "$standard_http_ports" ]] ; then @@ -2916,6 +2916,42 @@ else fi +# --- +# - alfaview - Video Conferencing Systems +# --- + +echononl "\t\talfaview - Video Conferencing Systems Service out only" + +if $allow_alfaview_video_conference_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + + # alfaview is a browser application + # + if ! $allow_http_request_out ; then + $ip6t -A OUTPUT -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ip6t -A FORWARD -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + fi + fi + + $ip6t -A OUTPUT -o $_dev -p tcp -m multiport --dports $alfaview_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ip6t -A FORWARD -o $_dev -p tcp -m multiport --dports $alfaview_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + fi + + $ip6t -A OUTPUT -o $_dev -p udp -m multiport --dports $alfaview_udp_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ip6t -A FORWARD -o $_dev -p udp -m multiport --dports $alfaview_udp_ports -m conntrack --ctstate NEW -j ACCEPT + fi + + done + echo_done +else + echo_skipped +fi + + + # --- # - TURN Server (Stun Server) (for Nextcloud 'talk' app) # --- diff --git a/ipt-firewall-gateway b/ipt-firewall-gateway index 6128e8f..a7121f9 100755 --- a/ipt-firewall-gateway +++ b/ipt-firewall-gateway @@ -3626,6 +3626,41 @@ else fi +# --- +# - alfaview - Video Conferencing Systems +# --- + +echononl "\t\talfaview - Video Conferencing Systems Service out only" + +if $allow_alfaview_video_conference_out && ! $permit_local_net_to_inet ; then + for _dev in ${ext_if_arr[@]} ; do + + # alfaview is a browser application + # + if ! $allow_http_request_out ; then + $ipt -A OUTPUT -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -o $_dev -p tcp -m multiport --dports $standard_http_ports -m conntrack --ctstate NEW -j ACCEPT + fi + fi + + $ipt -A OUTPUT -o $_dev -p tcp -m multiport --dports $alfaview_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -o $_dev -p tcp -m multiport --dports $alfaview_tcp_ports -m conntrack --ctstate NEW -j ACCEPT + fi + + $ipt -A OUTPUT -o $_dev -p udp -m multiport --dports $alfaview_udp_ports -m conntrack --ctstate NEW -j ACCEPT + if $kernel_activate_forwarding ; then + $ipt -A FORWARD -o $_dev -p udp -m multiport --dports $alfaview_udp_ports -m conntrack --ctstate NEW -j ACCEPT + fi + + done + echo_done +else + echo_skipped +fi + + # --- # - TURN Server (Stun Server) (for Nextcloud 'talk' app) # ---