What type of hardware are you using: Old laptop or computer What YunoHost version are you running: 12.0.7 How are you able to access your server: SSH
Describe your issue
Airconnect is a linux program that provides airplay functionality to older Sonos speakers (and other devices), and is at GitHub - philippe44/AirConnect: Use AirPlay to stream to UPnP/Sonos & Chromecast devices
When playing music, the app uses dynamic ports and since upnp does not work on yunohost, I am struggling to get it to work with the firewall on. No problems getting everything to work when I turn the firewall off.
My yunohost server (192.168.1.44) is in my home (Router is 192.168.1.1) and is not exposed to the internet because I use cloudflare tunnels for anything I need to access via the internet. The devices I want to listen to music on are at 192.168.1.66 and 192.168.1.88.
Questions:
What is the exact command I need to type to allow specific static and dynamic ports to open on my yunohost server (which is at 192.168.1.44)? Or is it not possible because some ports will change dynamically and so my only choice is firewall on or firewall off?
Is it safe to issue this command if my yunohost server is not exposed to the internet (I am using cloudflare tunnels)
Assuming no yunohost, just Debian, would {$ sudo ufw allow from 192.168.1.66} and {$ sudo ufw allow from 192.168.1.88} achieve the same and if so, what is the yunohost equivalent command?
Assuming no yunohost, just Debian, would {$ sudo ufw allow “APP NAME HERE”} achieve the same and if so, what is the yunohost equivalent command?
I’m still confused and would be grateful for your continued help.
Can you share the exact command I need to type to allow specific static and dynamic ports to open on my yunohost server (which is at 192.168.1.44)? Or is it not possible because some ports will change dynamically and so my only choice is firewall on or firewall off?
Assuming no yunohost, just Debian, would {$ sudo ufw allow from 192.168.1.66} and {$ sudo ufw allow from 192.168.1.88} achieve the same and if so, what is the yunohost equivalent command?
Assuming no yunohost, just Debian, would {$ sudo ufw allow “APP NAME HERE”} achieve the same and if so, what is the yunohost equivalent command?
ChatGPT tells me that firewalld allows me to use the name of the service (in this case airupnp-linux-x86_64) instead of specific ports and is appropriate since the service involves dynamically assigned ports.
Can someone help me? If I install firewalld from the command line will it break or negatively impact the yunohost settings or yunohost firewall?
I normally don’t recommend to disable the firewall. If your server is behind a router and you trust all the devices in your lan (you don’t share your lan with others) you can disable the firewall and ensure that the router has a good firewall and it is running. If you have doubts, don’t do it.
You can try : yunohost firewall upnp enable and see if it helps
You can ask the dev what port range should be open (I remember I have read that in one issue of the repo). Once you have that, run
Replace protocol with the correct protocol (tcp, udp), table Name with the correct one (INPUT, OUTPUT, FORWARD) and portRange1:PortRange2 with the correct port range.
Test if it works then save the changes : service iptables save