the question was *sport* not dport sport == source port (remote client) dport == target port (your machine running iptables) Am 19.09.2013 16:46, schrieb Shelby, James: > I believe the syntax is: firewall-cmd --permanent --add-port 5002/udp > > ________________________________________ > From: users-bounces@xxxxxxxxxxxxxxxxxxxxxxx [users-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Richard Shaw [hobbes1069@xxxxxxxxx] > Sent: Thursday, September 19, 2013 7:40 AM > To: Community support for Fedora users > Subject: firewalld equivalent of iptabled --sport? > > I have a HDHomeRun (network based TV tuner) on my home network. In order to get it to work I had to add the following to my iptables config: > > -A INPUT -m state --state NEW -m udp -p udp --sport 5002 -j ACCEPT > -A INPUT -m state --state NEW -m udp -p udp --sport 5004 -j ACCEPT > -A INPUT -m state --state NEW -m udp -p udp --sport 65001 -j ACCEPT > > Which from my limited knowledge of how iptables work, is the opposite of what you usually do for most services (--dport) because in this case the the return port is random. > > I have not been able to find any setting in firewall-config or in the documentation that mentions source ports, only destination ports. > > If this is not possible it would appear to be a fairly large flaw in firewalld in general
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
