主页 / unix / 问题 / 513696
Accepted
user640916
Asked: 2019-04-22 10:46:30 +0800 CST

无法获取 ufw 规则以允许 pc 和立体声之间的 dlna/upnp 流量

  • 772

我正在使用 pulseaudio-dlna+pavucontrol 将我的笔记本电脑 (192.168.2.159) 的声音输出定向到我的 yamaha 立体声音响 (192.168.2.160) 这仅在我禁用 ufw 时有效sudo ufw disable

我很难找到正确的规则来允许特定的流量。

sudo tail -f /var/log/ufw.log

显示块消息,例如:

Apr 21 20:40:50 foo kernel: [ 5349.911161] [UFW BLOCK] IN=wlo1 OUT= MAC=01:00:5e:7f:ff:ff:ff:ff:ff:65:c3:04:08:00 SRC=192.168.2.160 DST=239.255.255.250 LEN=204 TOS=0x00 PREC=0x00 TTL=1 ID=0 DF PROTO=UDP SPT=40760 DPT=51200 LEN=184

如您所见,我已经添加了各种规则,但没有达到预期的效果,当我找到正确的配置时,我想再次删除:

sudo ufw status verbose

Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW IN    192.168.2.0/24            
80/tcp                     ALLOW IN    192.168.2.0/24            
80/udp                     ALLOW IN    192.168.2.0/24            
1900/udp                   ALLOW IN    192.168.2.0/24            
1900/udp                   ALLOW IN    239.255.255.0/24          
1900/udp                   ALLOW IN    Anywhere                  
3689                       ALLOW IN    Anywhere                  
1901/udp                   ALLOW IN    192.168.0.0/24 1900/udp   
51200/udp                  ALLOW IN    192.168.0.0/24 40760/udp  
8080/udp                   ALLOW IN    192.168.0.0/24 40760/udp  
40760/udp                  ALLOW IN    192.168.0.0/24 51200/udp  
51200/udp                  ALLOW IN    239.255.255.0/24 40760/udp
8080/tcp                   ALLOW IN    192.168.2.0/24 3393/tcp   
40760/udp                  ALLOW IN    239.255.255.0/24 51200/udp
1900/udp (v6)              ALLOW IN    Anywhere (v6)             
3689 (v6)                  ALLOW IN    Anywhere (v6)             

40760/udp                  ALLOW OUT   239.255.255.0/24 51200/udp
51200/udp                  ALLOW OUT   239.255.255.0/24 40760/udp
ufw upnp

1 个回答

  1. Best Answer

    我能够找到正确的规则。该应用程序iftop可以方便地查看哪些端口和地址可以看到流量。

    ufw disable
# Now start playback and watch the traffic with:
iftop -i wlo1 -N -n -P

    这些规则使我可以进行 ufw 活动和立体声播放:

    ufw allow proto udp from 192.168.2.0/24 to any port 8080   
ufw allow proto udp from 192.168.0.0/24 port 1900 to any port 1901
ufw enable
    • 1

相关问题