Iptables Port Settings

[KitchM]

Is anyone familiar with the reasons for the various port settings needing to be opened in iptables? Here are the ones that are recommended:
udp 1194
udp 16384:32768

-----------------------------------------------
By the way, regarding incoming, port 22 is not needed if not remotely connecting, so it should not be left open. Also, ports 80 & 443 should not be necessary when using state of RELATED,ESTABLISHED, and the port tcp or udp 5060-5069 and 5080 depends on the service provider and should not be opened if not needed.

I believe that -p icmp --icmp-type echo-request is only used for pings and would break stealth mode.
----------------------------------------------

Thanks.

 

[ad5ou]

Firewall — FusionPBX Docs documentation

docs.fusionpbx.com

Iptables — FusionPBX Docs documentation

docs.fusionpbx.com

UDP port 1194 is for optionally running an Openvpn server
UDP ports 16384-32768 are for RTP

From first link above, there are several ports/protocols used by Fusionpbx and the default install scripts will activate iptables rules to allow access to the ports usually needed.

If the server is behind some other firewall or NAT router, the configuration of that firewall will depend on the type of access needed from outside said firewall. For remote extensions, SIP and RTP are needed. If remote users should have access to GUI or phone provisioning is used then 443 and possibly 80 would be needed.

 

[KitchM]

Thanks for that. Much appreciated.

(The second link had a cloudflare error.)