311 lines
9.0 KiB
Bash
311 lines
9.0 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# -------------
|
|
# --- Default Ports for Services out
|
|
# -------------
|
|
|
|
standard_checkmk_port=6556
|
|
standard_cpan_wait_port=1404
|
|
standard_cups_port=631
|
|
standard_dns_port=53
|
|
standard_ftp_port=21
|
|
standard_ftp_data_port=20
|
|
standard_git_port=9418
|
|
standard_hbci_port=3000
|
|
standard_http_port=80
|
|
standard_https_port=443
|
|
standard_ident_port=113
|
|
standard_ipp_port=631
|
|
standard_irc_port=6667
|
|
standard_jabber_port=5222
|
|
standard_mumble_port=64738
|
|
standard_munin_port=4949
|
|
standard_mysql_port=3306
|
|
standard_ntp_port=123
|
|
standard_pgp_keyserver_port=11371
|
|
standard_print_port=9100
|
|
standard_print_raw_port=515
|
|
standard_remote_console_port=5900
|
|
standard_silc_port=706
|
|
standard_smtp_port=25
|
|
standard_snmp_port=161
|
|
standard_snmp_trap_port=162
|
|
standard_ssh_port=22
|
|
standard_telnet_port=23
|
|
standard_tftp_udp_port=69
|
|
standard_timeserver_port=37
|
|
standard_vpn_port=1194
|
|
standard_wg_port=51820
|
|
standard_whois_port=43
|
|
standard_xymon_port=1984
|
|
|
|
|
|
# - Brother (brscan)
|
|
# -
|
|
standard_brother_brscan_port=54921
|
|
|
|
|
|
# - Epson Network Scan
|
|
# -
|
|
standard_epson_network_scan_port=1865
|
|
|
|
|
|
# - IPsec - Internet Security Association and
|
|
# - Key Management Protocol
|
|
standard_isakmp_port=500
|
|
standard_ipsec_nat_t=4500
|
|
|
|
|
|
# - Comma separated lists
|
|
# -
|
|
standard_http_ports="80,443"
|
|
standard_mailuser_ports="587,465,110,995,143,993"
|
|
|
|
|
|
# - UniFi - Ports Used
|
|
# -
|
|
# - see: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
|
|
# -
|
|
# - see: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
|
|
# -
|
|
# - In version 4.5.2 and later, users can also define the port assigned to STUN services,
|
|
# - for scenarios where two or more separate UniFi instances are desired on the
|
|
# - same controller machine.
|
|
# -
|
|
# - unifi_stun_port=3478 # UDP port used for STUN
|
|
# - # Open Port from controller to Unifi APs
|
|
# -
|
|
# -
|
|
# - Ubiquity Networks uses port 10001/UDP for its AirControl
|
|
# - management discovery protocol
|
|
# -
|
|
# - unifi_aircontroll_port=10001
|
|
# -
|
|
# -
|
|
# - Since v3.2.9+ and v4.6.0+, two more ports are being reserved for device redirector.
|
|
# - There is no need to open firewall for these ports on controller. However, on
|
|
# - controller, avoid to use these ports:
|
|
# -
|
|
# - port 8881 for redirector port for wireless clients
|
|
# - port 8882 for redirector port for wired clients
|
|
# -
|
|
# -
|
|
# - For AP-EDU Broadcasts:
|
|
# -
|
|
# - UDP ports 5656-5699
|
|
# -
|
|
# -
|
|
# - Local IN Ports
|
|
# - ==============
|
|
# -
|
|
# - TCP
|
|
# - ===
|
|
# - TCP 8080 used for device and controller communication.
|
|
# - TCP 8443 used for controller GUI/API as seen in a web browser
|
|
# - TCP 8880 used for HTTP portal redirection.
|
|
# - TCP 8843 used for HTTPS portal redirection.
|
|
# - TCP 6789 used for UniFi mobile speed test.
|
|
# - TCP 27117 used for local-bound database communication.
|
|
# -
|
|
# - UDP
|
|
# - ====
|
|
# - UDP 3478 used for STUN.
|
|
# - UDP 5514 used for remote syslog capture.
|
|
# - UDP 5656-5699 used by AP-EDU broadcasting.
|
|
# - UDP 10001 used for device discovery
|
|
# - UDP 1900 used for "Make controller discoverable on L2 network" in controller settings.
|
|
# -
|
|
# -
|
|
# - OUT Ports Required for UniFi Remote Access
|
|
# - ==========================================
|
|
# -
|
|
# - TCP
|
|
# - ===
|
|
# - TCP 8883 used for Remote Access service.
|
|
# - TCP 443 used for Remote Access service.
|
|
# -
|
|
# - UDP
|
|
# - ===
|
|
# - UDP 3478 used for STUN.
|
|
# - UDP 443 used for Remote Access service.
|
|
# -
|
|
standard_unifi_tcp_ctrl_in_ports="8080,8443,8880,8843,6789,27117"
|
|
standard_unifi_udp_ctrl_in_ports="3478,5514,5656:5699,10001,1900"
|
|
|
|
standard_unifi_tcp_ctrl_out_ports="443,8883"
|
|
standard_unifi_udp_ctrl_out_ports="443,3478"
|
|
|
|
|
|
# Outbound Streaming Ports TCP
|
|
#
|
|
# - outbound port 1935/TCP : outbound streaming over RTMP to most
|
|
# streaming providers such as YouTube Live, Vimeo or Twitch
|
|
#
|
|
# - outbound port 1936/TCP : outbound streaming over RTMP to LinkedIn
|
|
# Live (port 1935 is also used for RTMP streaming to LinkedIn)
|
|
#
|
|
# - outbound port 6667/TCP : Twitch Live Chat
|
|
#
|
|
# - outbound port 10349 : outbound streaming vMix
|
|
#
|
|
# - outbound ports 2935/TCP and 2396/TCP : outbound streaming over
|
|
# RTMPS to LinkedIn Live
|
|
#
|
|
# outbound ports 19302:19309 TCP : Google Hangout / Google Meet TCP streaming.
|
|
#
|
|
# - outbound port 443/TCP (HTTPS) : used for authentication with the
|
|
# built-in providers such as YouTube Live, Facebook Live, Ustream,
|
|
# Livestream, and Twitch
|
|
#
|
|
# - outbound port 53/UDP (DNS) used for DNS lookups converting
|
|
# hostnames to IP addresses
|
|
#
|
|
# - outbound ports 3478/TCP 19305:19307/TCP WebRTC for browserbased Encoding
|
|
# (also used by Google Meet TCP streaming)
|
|
#
|
|
standard_outbound_streaming_tcp_ports="1935,1936,2935,2396,3478,6667,10349,19302:19309"
|
|
|
|
|
|
# Outbound Streaming Ports UDP
|
|
#
|
|
# - outbound port 2088 UDP broadcasting from Mevo or the Livestream mobile app (iOS and Android).
|
|
#
|
|
# - outbound port 10349 : outbound streaming vMix
|
|
#
|
|
# - outbound ports 19302:19309 UDP : Google Hangout / Google Meet UDP streaming.
|
|
#
|
|
standard_outbound_streaming_udp_ports="2088,10349,19302:19309"
|
|
|
|
|
|
# Echo360 Video Plattform
|
|
#
|
|
# - outbound port range 64936-65535 UDP to the hosted streaming servers using
|
|
# the Real-time Transport Protocol (RTP)
|
|
#
|
|
standard_echo360_udp_ports="64936:65535"
|
|
|
|
|
|
|
|
# - BigBlueButton Video Conference Service
|
|
# -
|
|
standard_bigbluebutton_tcp_ports="$standard_http_ports,5060,5066,5090,7443"
|
|
standard_bigbluebutton_udp_port_range="16384:32768"
|
|
|
|
# - Webex Meeting
|
|
# -
|
|
# - TCP 80/443: Outbound Client Zugriffsport und Webes Events (Audiostreaming)
|
|
# -
|
|
# - UDP 9000: Outbound (VoIP and RTP)
|
|
# -
|
|
# - ---
|
|
# -
|
|
# - TCP 5004: Fall-back ports for media connectivity when UDP port 9000
|
|
# - is not open in the firewall
|
|
# -
|
|
standard_webex_tcp_ports="$standard_http_ports"
|
|
standard_webex_udp_ports="9000"
|
|
|
|
standard_webex_tcp_fall_back_ports="5004"
|
|
|
|
|
|
# - Zoom Meeting - Video Conference Service
|
|
# -
|
|
# - TCP 80,443 A ll Zoom Clients and *.zoom.us
|
|
# - Meeting Connector
|
|
# -
|
|
# - TCP 443,8801,8802 All Zoom Clients MeetingConnector.IP
|
|
# - MeetingConnector.IP2
|
|
# - MeetingConnector2.IP
|
|
# - MeetingConnector2.IP2
|
|
# -
|
|
# - UDP 3478,3479,8801, All Zoom Clients MeetingConnector.IP
|
|
# - 8802 MeetingConnector.IP2
|
|
# - MeetingConnector2.IP
|
|
# - MeetingConnector2.IP2
|
|
# -
|
|
standard_zoom_tcp_ports="80,443,8801,8802"
|
|
standard_zoom_udp_port_range="3478,3479,8801,8802 "
|
|
|
|
# - Jitsi Video Conference Service
|
|
# -
|
|
standard_jitsi_tcp_ports="$standard_http_ports"
|
|
standard_jitsi_udp_port_range="10000:20000"
|
|
|
|
# - TURN Server (Stun Server) (for Nextcloud 'talk' app)
|
|
# -
|
|
# - UDP/TCP 3478,5349 TURN listener port for UDP and TCP listeners (Default: 3478)
|
|
# - TURN listener port for TLS and DTLS listeners (Default: 5349)
|
|
# -
|
|
# - UDP 49152:65535 For establishing p2p connection (i.e. Nextcloud 'talk' app):
|
|
# -
|
|
# - Each client will send the data through UDP to the other endpoint:
|
|
# - if it's sending to a TURN server (to a relay candidate) it will send
|
|
# - to a port between 49152-65535 (if it's sending directly to the other
|
|
# - party it will send to any port in the 0-65535 range)
|
|
# -
|
|
# - --min-port Lower bound of the UDP port range for relay endpoints
|
|
# - allocation. Default value is 49152, according to RFC 5766.
|
|
# -
|
|
# - --max-port Upper bound of the UDP port range for relay endpoints
|
|
# - allocation. Default value is 65535, according to RFC 5766.
|
|
# -
|
|
standard_turn_service_ports="3478,5349"
|
|
standard_turn_service_udp_ports="49152:65535"
|
|
|
|
# - alfaview - Video Conferencing Systems
|
|
# -
|
|
# - Note
|
|
# - also tcp ports http/https needed to be open
|
|
# -
|
|
standard_alfaview_service_tcp_ports="5380:5390"
|
|
standard_alfaview_service_udp_ports="5380:5390"
|
|
|
|
# - Nextcloud talk App
|
|
# -
|
|
# - TCP/UDP 3478,3479,5349,5350
|
|
# -
|
|
# - UDP 49152:65535
|
|
# -
|
|
standard_nc_turn_ports="3478,3479,5349,5350"
|
|
standard_nc_turn_udp_ports="49152:65535"
|
|
|
|
|
|
# -------------
|
|
# --- Predefined Ports
|
|
# -------------
|
|
|
|
# - unpriviligierte Ports
|
|
# -
|
|
unprivports="1024:65535"
|
|
|
|
|
|
# -------------
|
|
# --- Some IPv4-Address Configuration
|
|
# -------------
|
|
|
|
# - Loopback
|
|
loopback_ipv4="127.0.0.0/8"
|
|
|
|
# - Private Networks
|
|
priv_class_a="10.0.0.0/8"
|
|
priv_class_b="172.16.0.0/12"
|
|
priv_class_c="192.168.0.0/16"
|
|
|
|
# - Multicast Addresse
|
|
class_d_multicast="224.0.0.0/4"
|
|
|
|
# Reserved Addresse
|
|
class_e_reserved="240.0.0.0/5"
|
|
|
|
|
|
# -------------
|
|
# --- Some IPv6-Address Configuration
|
|
# -------------
|
|
|
|
# unique local address (ULA) - private address block
|
|
ula_block="fc00::/7"
|
|
|
|
# - Loopback
|
|
loopback_ipv6="::1/128"
|
|
|