From c695a63372f5df4e3b5ce5c20c237bc6cb8bbe7e Mon Sep 17 00:00:00 2001
From: Christoph <ckubu@oopen.de>
Date: Sun, 17 May 2020 04:20:13 +0200
Subject: [PATCH] ip6t-firewall-server,ipt-firewall-server: add rtp port for
 jibri (jitsi client) service.

---
 ip6t-firewall-server | 6 ++++--
 ipt-firewall-server  | 4 +++-
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/ip6t-firewall-server b/ip6t-firewall-server
index 5d9c986..b0cf0d3 100755
--- a/ip6t-firewall-server
+++ b/ip6t-firewall-server
@@ -1864,13 +1864,15 @@ if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jibri_server_ip_arr[@
    else
       if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] ; then
          for _ip in ${jibri_server_ip_arr[@]} ; do
-            $ip6t -A OUTPUT -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ip6t -A OUTPUT -p tcp -s $_ip -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ip6t -A OUTPUT -p udp -s $_ip -d $jibri_remote_jitsi_server -m multiport --dports $standard_jitsi_udp_port_range  -m state --state NEW -j ACCEPT
          done
       fi
 
       if [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]] && $kernel_forward_between_interfaces ; then
          for _ip in ${forward_jibri_server_ip_arr[@]} ; do
-            $ip6t -A FORWARD -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ip6t -A FORWARD -p tcp -s $_ip -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ip6t -A FORWARD -p udp -s $_ip -d $jibri_remote_jitsi_server -m multiport --dports $standard_jitsi_udp_port_range  -m state --state NEW -j ACCEPT
          done
       fi
 
diff --git a/ipt-firewall-server b/ipt-firewall-server
index f5bd0b7..869a0f1 100755
--- a/ipt-firewall-server
+++ b/ipt-firewall-server
@@ -2110,13 +2110,15 @@ if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] || [[ ${#forward_jibri_server_ip_arr[@
    else
       if [[ ${#jibri_server_ip_arr[@]} -gt 0 ]] ; then
          for _ip in ${jibri_server_ip_arr[@]} ; do
-            $ipt -A OUTPUT -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ipt -A OUTPUT -p tcp -s $_ip -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ipt -A OUTPUT -p udp -s $_ip -d $jibri_remote_jitsi_server -m multiport --dports $standard_jitsi_udp_port_range  -m state --state NEW -j ACCEPT
          done
       fi
 
       if [[ ${#forward_jibri_server_ip_arr[@]} -gt 0 ]] && $kernel_activate_forwarding ; then
          for _ip in ${forward_jibri_server_ip_arr[@]} ; do
             $ipt -A FORWARD -p tcp -d $jibri_remote_jitsi_server --dport $jibri_remote_auth_port -m state --state NEW -j ACCEPT
+            $ipt -A FORWARD -p udp -s $_ip -d $jibri_remote_jitsi_server -m multiport --dports $standard_jitsi_udp_port_range  -m state --state NEW -j ACCEPT
          done
       fi