442 lines
14 KiB
Bash
442 lines
14 KiB
Bash
#!/usr/bin/env bash
|
|
|
|
# -------------
|
|
# --- Default Ports for Services out
|
|
# -------------
|
|
|
|
standard_checkmk_port=6556
|
|
standard_cpan_wait_port=1404
|
|
standard_cups_port=631
|
|
standard_dns_port=53
|
|
standard_ftp_port=21
|
|
standard_ftp_data_port=20
|
|
standard_git_port=9418
|
|
standard_hbci_port=3000
|
|
standard_http_port=80
|
|
standard_https_port=443
|
|
standard_ident_port=113
|
|
standard_ipp_port=631
|
|
standard_irc_port=6667
|
|
standard_jabber_port=5222
|
|
standard_mumble_port=64738
|
|
standard_munin_port=4949
|
|
standard_mysql_port=3306
|
|
standard_ntp_port=123
|
|
standard_pgp_keyserver_port=11371
|
|
standard_print_port=9100
|
|
standard_print_raw_port=515
|
|
standard_remote_console_port=5900
|
|
standard_silc_port=706
|
|
standard_smtp_port=25
|
|
standard_snmp_port=161
|
|
standard_snmp_trap_port=162
|
|
standard_ssh_port=22
|
|
standard_telnet_port=23
|
|
standard_tftp_udp_port=69
|
|
standard_timeserver_port=37
|
|
standard_vpn_port=1194
|
|
standard_wg_port=51820
|
|
standard_whois_port=43
|
|
standard_xymon_port=1984
|
|
|
|
|
|
# - Brother (brscan)
|
|
# -
|
|
standard_brother_brscan_port=54921
|
|
|
|
|
|
# - Epson Network Scan
|
|
# -
|
|
standard_epson_network_scan_port=1865
|
|
|
|
|
|
# - IPsec - Internet Security Association and
|
|
# - Key Management Protocol
|
|
standard_isakmp_port=500
|
|
standard_ipsec_nat_t=4500
|
|
|
|
|
|
# - Comma separated lists
|
|
# -
|
|
standard_http_ports="80,443"
|
|
standard_mailuser_ports="587,465,110,995,143,993"
|
|
|
|
|
|
# - UniFi - Ports Used
|
|
# -
|
|
# - see: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
|
|
# -
|
|
# - see: https://help.ui.com/hc/en-us/articles/218506997-UniFi-Ports-Used
|
|
# -
|
|
# - In version 4.5.2 and later, users can also define the port assigned to STUN services,
|
|
# - for scenarios where two or more separate UniFi instances are desired on the
|
|
# - same controller machine.
|
|
# -
|
|
# - unifi_stun_port=3478 # UDP port used for STUN
|
|
# - # Open Port from controller to Unifi APs
|
|
# -
|
|
# -
|
|
# - Ubiquity Networks uses port 10001/UDP for its AirControl
|
|
# - management discovery protocol
|
|
# -
|
|
# - unifi_aircontroll_port=10001
|
|
# -
|
|
# -
|
|
# - Since v3.2.9+ and v4.6.0+, two more ports are being reserved for device redirector.
|
|
# - There is no need to open firewall for these ports on controller. However, on
|
|
# - controller, avoid to use these ports:
|
|
# -
|
|
# - port 8881 for redirector port for wireless clients
|
|
# - port 8882 for redirector port for wired clients
|
|
# -
|
|
# -
|
|
# - For AP-EDU Broadcasts:
|
|
# -
|
|
# - UDP ports 5656-5699
|
|
# -
|
|
# -
|
|
# - Local IN Ports
|
|
# - ==============
|
|
# -
|
|
# - TCP
|
|
# - ===
|
|
# - TCP 8080 used for device and controller communication.
|
|
# - TCP 8443 used for controller GUI/API as seen in a web browser
|
|
# - TCP 8880 used for HTTP portal redirection.
|
|
# - TCP 8843 used for HTTPS portal redirection.
|
|
# - TCP 6789 used for UniFi mobile speed test.
|
|
# - TCP 27117 used for local-bound database communication.
|
|
# -
|
|
# - UDP
|
|
# - ====
|
|
# - UDP 3478 used for STUN.
|
|
# - UDP 5514 used for remote syslog capture.
|
|
# - UDP 5656-5699 used by AP-EDU broadcasting.
|
|
# - UDP 10001 used for device discovery
|
|
# - UDP 1900 used for "Make controller discoverable on L2 network" in controller settings.
|
|
# -
|
|
# -
|
|
# - OUT Ports Required for UniFi Remote Access
|
|
# - ==========================================
|
|
# -
|
|
# - TCP
|
|
# - ===
|
|
# - TCP 8883 used for Remote Access service.
|
|
# - TCP 443 used for Remote Access service.
|
|
# -
|
|
# - UDP
|
|
# - ===
|
|
# - UDP 3478 used for STUN.
|
|
# - UDP 443 used for Remote Access service.
|
|
# -
|
|
standard_unifi_tcp_ctrl_in_ports="8080,8443,8880,8843,6789,27117"
|
|
standard_unifi_udp_ctrl_in_ports="3478,5514,5656:5699,10001,1900"
|
|
|
|
standard_unifi_tcp_ctrl_out_ports="443,8883"
|
|
standard_unifi_udp_ctrl_out_ports="443,3478"
|
|
|
|
|
|
# Outbound Streaming Ports TCP
|
|
#
|
|
# - outbound port 1935/TCP : outbound streaming over RTMP to most
|
|
# streaming providers such as YouTube Live, Vimeo or Twitch
|
|
#
|
|
# - outbound port 1936/TCP : outbound streaming over RTMP to LinkedIn
|
|
# Live (port 1935 is also used for RTMP streaming to LinkedIn)
|
|
#
|
|
# - outbound port 6667/TCP : Twitch Live Chat
|
|
#
|
|
# - outbound port 10349 : outbound streaming vMix
|
|
#
|
|
# - outbound ports 2935/TCP and 2396/TCP : outbound streaming over
|
|
# RTMPS to LinkedIn Live
|
|
#
|
|
# outbound ports 19302:19309 TCP : Google Hangout / Google Meet TCP streaming.
|
|
#
|
|
# - outbound port 443/TCP (HTTPS) : used for authentication with the
|
|
# built-in providers such as YouTube Live, Facebook Live, Ustream,
|
|
# Livestream, and Twitch
|
|
#
|
|
# - outbound port 53/UDP (DNS) used for DNS lookups converting
|
|
# hostnames to IP addresses
|
|
#
|
|
# - outbound ports 3478/TCP 19305:19307/TCP WebRTC for browserbased Encoding
|
|
# (also used by Google Meet TCP streaming)
|
|
#
|
|
standard_outbound_streaming_tcp_ports="1935,1936,2935,2396,3478,6667,10349,19302:19309"
|
|
|
|
|
|
# Outbound Streaming Ports UDP
|
|
#
|
|
# - outbound port 2088 UDP broadcasting from Mevo or the Livestream mobile app (iOS and Android).
|
|
#
|
|
# - outbound port 10349 : outbound streaming vMix
|
|
#
|
|
# - outbound ports 19302:19309 UDP : Google Hangout / Google Meet UDP streaming.
|
|
#
|
|
standard_outbound_streaming_udp_ports="2088,10349,19302:19309"
|
|
|
|
|
|
# Echo360 Video Plattform
|
|
#
|
|
# - outbound port range 64936-65535 UDP to the hosted streaming servers using
|
|
# the Real-time Transport Protocol (RTP)
|
|
#
|
|
standard_echo360_udp_ports="64936:65535"
|
|
|
|
|
|
# - IP Camera
|
|
# -
|
|
# - TCP: 37777
|
|
# - UDP: 37778
|
|
# - RTSP: 554 (UDP + TCP)
|
|
# - HTTP: 80
|
|
# - HTTPS: 443
|
|
# -
|
|
standard_ip_camera_tcp_ports="80,443,554,8000,37777"
|
|
standard_ip_camera_udp_ports="554,37778"
|
|
|
|
|
|
|
|
# - BigBlueButton Video Conference Service
|
|
# -
|
|
standard_bigbluebutton_tcp_ports="$standard_http_ports,5060,5066,5090,7443"
|
|
standard_bigbluebutton_udp_ports="16384:32768"
|
|
|
|
# - Webex Meeting
|
|
# -
|
|
# - TCP 80/443: Outbound Client Zugriffsport und Webes Events (Audiostreaming)
|
|
# -
|
|
# - UDP 9000: Outbound (VoIP and RTP)
|
|
# -
|
|
# - ---
|
|
# -
|
|
# - TCP 5004: Fall-back ports for media connectivity when UDP port 9000
|
|
# - is not open in the firewall
|
|
# -
|
|
# - Comma separated list of ports
|
|
# -
|
|
standard_webex_tcp_ports="$standard_http_ports"
|
|
standard_webex_udp_ports="9000"
|
|
|
|
standard_webex_tcp_fall_back_ports="5004"
|
|
|
|
|
|
# - Skype for Business Online und Microsoft Teams
|
|
# -
|
|
# - see: https://docs.microsoft.com/de-de/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#skype-for-business-online-and-microsoft-teams
|
|
# -
|
|
# - TCP 80,443
|
|
# -
|
|
# - UDP 3478,3479,3480,3481 --> 13.107.64.0/18, 52.112.0.0/14, 52.120.0.0/14
|
|
# -
|
|
# - Example:
|
|
# -
|
|
# - standard_ms_skype_teams_tcp_ports="80,443"
|
|
# - standard_ms_skype_teams_udp4_ports="3478,3479,3480,3481"
|
|
# - standard_ms_skype_teams_udp4_hosts="
|
|
# - 13.107.64.0/18
|
|
# - 52.112.0.0/14
|
|
# - 52.120.0.0/14
|
|
# - "
|
|
# - standard_ms_skype_teams_udp6_ports="3478,3479,3480,3481"
|
|
# - standard_ms_skype_teams_udp6_hosts="
|
|
# - 2a01:30:0:13:5054:ff:fe9f:422f/64
|
|
# - 2a01:4f8:231:19a7::2/52
|
|
# - "
|
|
# -
|
|
standard_ms_skype_teams_tcp_ports="80,443,4443"
|
|
standard_ms_skype_teams_udp4_ports="3478,3479,3480,3481"
|
|
standard_ms_skype_teams_udp4_hosts="
|
|
13.107.64.0/18
|
|
52.112.0.0/14
|
|
52.120.0.0/14
|
|
"
|
|
standard_ms_skype_teams_udp6_ports=""
|
|
standard_ms_skype_teams_udp6_hosts=""
|
|
|
|
|
|
# - Zoom Meeting - Video Conference Service
|
|
# -
|
|
# - TCP 80,443 A ll Zoom Clients and *.zoom.us
|
|
# - Meeting Connector
|
|
# -
|
|
# - TCP 443,8801,8802 All Zoom Clients MeetingConnector.IP
|
|
# - MeetingConnector.IP2
|
|
# - MeetingConnector2.IP
|
|
# - MeetingConnector2.IP2
|
|
# -
|
|
# - UDP 3478,3479,8801, All Zoom Clients MeetingConnector.IP
|
|
# - 8802 MeetingConnector.IP2
|
|
# - MeetingConnector2.IP
|
|
# - MeetingConnector2.IP2
|
|
# -
|
|
standard_zoom_tcp_ports="80,443,8801,8802"
|
|
standard_zoom_udp_ports="3478,3479,8801,8802 "
|
|
|
|
# - Jitsi Video Conference Service
|
|
# -
|
|
standard_jitsi_tcp_ports="$standard_http_ports"
|
|
standard_jitsi_udp_ports="10000:20000"
|
|
|
|
# - TURN Server (Stun Server) (for Nextcloud 'talk' app)
|
|
# -
|
|
# - UDP/TCP 3478,5349 TURN listener port for UDP and TCP listeners (Default: 3478)
|
|
# - TURN listener port for TLS and DTLS listeners (Default: 5349)
|
|
# -
|
|
# - UDP 49152:65535 For establishing p2p connection (i.e. Nextcloud 'talk' app):
|
|
# -
|
|
# - Each client will send the data through UDP to the other endpoint:
|
|
# - if it's sending to a TURN server (to a relay candidate) it will send
|
|
# - to a port between 49152-65535 (if it's sending directly to the other
|
|
# - party it will send to any port in the 0-65535 range)
|
|
# -
|
|
# - --min-port Lower bound of the UDP port range for relay endpoints
|
|
# - allocation. Default value is 49152, according to RFC 5766.
|
|
# -
|
|
# - --max-port Upper bound of the UDP port range for relay endpoints
|
|
# - allocation. Default value is 65535, according to RFC 5766.
|
|
# -
|
|
standard_turn_service_ports="3478,3479,5349,5350"
|
|
standard_turn_service_udp_ports="49152:65535"
|
|
|
|
# - alfaview - Video Conferencing Systems
|
|
# -
|
|
# - Note
|
|
# - also tcp ports http/https needed to be open
|
|
# -
|
|
standard_alfaview_service_tcp_ports="5380:5390"
|
|
standard_alfaview_service_udp_ports="5380:5390"
|
|
|
|
# - Nextcloud talk App
|
|
# -
|
|
# - TCP/UDP 3478,3479,5349,5350
|
|
# -
|
|
# - UDP 49152:65535
|
|
# -
|
|
standard_nc_turn_ports="3478,3479,5349,5350"
|
|
standard_nc_turn_udp_ports="49152:65535"
|
|
|
|
|
|
# - Game Ports
|
|
# -
|
|
# - Playstation (PS), Xbox, FiFa21
|
|
# -
|
|
# - Xbox 360:
|
|
# - TCP: 53, 80, 3074
|
|
# - UDP: 53, 88, 3074
|
|
# -
|
|
# - Xbox One:
|
|
# - TCP: 53, 80, 3074
|
|
# - UDP: 53, 88, 500, 3074, 3544, 4500
|
|
# -
|
|
# - PS3:
|
|
# - TCP: 80, 443, 3478, 3479, 3480, 5223, 8080
|
|
# - UDP: 3074, 3478, 3479, 3658
|
|
# -
|
|
# - PS4:
|
|
# - TCP: 80, 443, 465, 983, 1935, 3478-3480, 5223, 10070-10080
|
|
# - UDP: 3074, 3478, 3479
|
|
# -
|
|
# - Fifa 21:
|
|
# - TCP: 1935, 3478-3480, 3659, 10000-10099, 42127
|
|
# - UDP: 3074, 3478-3479, 3659, 6000
|
|
# -
|
|
standard_game_xbox_one_tcp_ports="53,80,3074"
|
|
standard_game_xbox_one_udp_ports="53,88,500,3074,3544,4500"
|
|
|
|
standard_game_xbox_360_tcp_ports="53,80,3074"
|
|
standard_game_xbox_360_udp_ports="53,80,3074"
|
|
|
|
standard_game_ps3_tcp_ports="80,443,3478,3479,3480,5223,8080"
|
|
standard_game_ps3_udp_ports="3074,3478,3479,3658"
|
|
|
|
standard_game_ps4_tcp_ports="80,443,465,983,1935,3478,3479,3480,5223,10070:10080"
|
|
standard_game_ps4_udp_ports="3074,3478,3479"
|
|
|
|
standard_game_fifa21_tcp_ports="1935,3478,3479,3480,3659,10000:10069,10070:10080,10081:10099,42127"
|
|
standard_game_fifa21_udp_ports="3074,3478,3479,3659,6000"
|
|
|
|
# Game Ports (Steam)
|
|
#
|
|
# see also:
|
|
# https://www.speedguide.net/port.php?port=27015
|
|
# https://www.freeware.de/steam/tipp/steam-ports-richtig-in-der-firewall-freigeben/
|
|
# https://praxistipps.chip.de/steam-die-richtigen-ports-freigeben-so-gehts_45289
|
|
#
|
|
# Steam (Valve gaming platform) uses these ports:
|
|
# 27000-27015 udp (Steam client game client traffic)
|
|
# 27015-27030 tcp/udp (typically matchmaking and HLTV, also used to download Steam content)
|
|
# 27015-27050 tcp (download Steam content)
|
|
# 27031 udp, 27036 tcp/udp, and 27037 tcp (incoming for in-home streaming)
|
|
# 3478 udp, 4379 udp, 4380 udp (outbound - Steamworks P2P networking and voice chat)
|
|
# 4380 udp (Steam client)
|
|
#
|
|
standard_game_steam_tcp_ports="6010,6020,6030,6040,8888,27000:27013,27014,27015,27016:27030,27031,27032:27050,44333"
|
|
standard_game_steam_udp_ports="3478,4379,4380,12000,27000:27015,27016:27030,27031,27036,27037:27100"
|
|
|
|
# Local Ports (Steam)
|
|
#
|
|
standard_game_steam_udp_local_ports="27031:27036"
|
|
standard_game_steam_tcplocal_ports="27031:27036"
|
|
|
|
# Ports game 'Call of Duty'
|
|
#
|
|
# see also: https://support.activision.com/articles/ports-used-for-call-of-duty-games
|
|
#
|
|
# Game: Call of Duty:
|
|
# Vanguard
|
|
# Black Ops Cold War
|
|
# Warzone
|
|
# Black Ops 4
|
|
# WWII
|
|
# Infinite Warfare
|
|
# Modern Warfare Remastered
|
|
# Black Ops III
|
|
# Advanced Warfare
|
|
# Ghost (PlayStation 3/4 und Xbox 360, NICHT: PC, Xbos One)
|
|
# Black Ops II
|
|
#
|
|
# NICHT: Ghosts
|
|
#
|
|
# PC
|
|
# TCP: 3074, 27014, 27015, 27016-27030, 27031, 27032-27050
|
|
# UDP: 3074, 3075, 3076, 3077, 3078, 3079, 3478, 4379, 4380, 27000-27015, 27016-27030, 27031-27036
|
|
#
|
|
# PlayStation
|
|
# TCP: 80, 443, 1935, 3074, 3478, 3479, 3480, 5223
|
|
# UDP: 3074, 3075, 3076, 3077, 3078, 3079, 3478, 3479, 3658, 5223
|
|
#
|
|
# Xbox:
|
|
# TCP: 53, 80, 3074
|
|
# UDP: 53, 88, 500, 3074, 3075, 3076, 3077, 3078, 3079, 3544, 4500, 5223
|
|
#
|
|
standard_game_call_of_duty_pc_tcp_ports="3074,27014,27015,27016:27030,27031,27032:27050"
|
|
standard_game_call_of_duty_pc_udp_ports="3074,3075,3076,3077,3078,3079,3478,4379,4380,27000:27013,27014,27015,27016:27030,27031,27032:27035,27036"
|
|
|
|
standard_game_call_of_duty_ps_tcp_ports="80,443,1935,3074,3478,3479,3480,5223"
|
|
standard_game_call_of_duty_ps_udp_ports="3074,3075,3076,3077,3078,3079,3478,3479,3658,5223"
|
|
|
|
standard_game_call_of_duty_xbox_tcp_ports="53,80,3074"
|
|
standard_game_call_of_duty_xbox_udp_ports="53,88,500,3074,3075,3076,3077,3078,3079,3544,4500,5223"
|
|
|
|
# Local Ports (mostly dedicated to 'Call of Duty' game)
|
|
#
|
|
standard_game_call_of_duty_udp_local_ports="3074,41900,62976"
|
|
|
|
|
|
# Other ports not dedicated to a specific game
|
|
#
|
|
standard_game_universell_udp=""
|
|
standard_game_universell_tcp=""
|
|
|
|
|
|
# -------------
|
|
# --- Predefined Ports
|
|
# -------------
|
|
|
|
# - unpriviligierte Ports
|
|
# -
|
|
unprivports="1024:65535"
|
|
|