Category: Linux

To enable firewal for Ant Media Server on Ubnuntu server, use following rules

ufw allow ssh
ufw allow http
ufw allow https
ufw allow 1935/tcp
ufw allow 5080/tcp
ufw allow 5443/tcp
ufw allow 5000:65000/udp
enable ufw

After enabling, you will have following status

root@server:~# ufw status
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere                  
80/tcp                     ALLOW       Anywhere                  
443/tcp                    ALLOW       Anywhere                  
1935/tcp                   ALLOW       Anywhere                  
5080/tcp                   ALLOW       Anywhere                  
5443/tcp                   ALLOW       Anywhere                  
5000:65000/udp             ALLOW       Anywhere                  
22/tcp (v6)                ALLOW       Anywhere (v6)             
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)             
1935/tcp (v6)              ALLOW       Anywhere (v6)             
5080/tcp (v6)              ALLOW       Anywhere (v6)             
5443/tcp (v6)              ALLOW       Anywhere (v6)             
5000:65000/udp (v6)        ALLOW       Anywhere (v6)             

root@server:~# 

Port forwarding

You can forward port 80 and 443 to Ant Media Server, so you don’t have to use ports.

You can use following iptables commands

sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 5080
sudo iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 5443

To make it permanent, edit

vi /etc/ufw/before.rules

In the beginning of the file, find

*filter

Add above

*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 5080
-A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 5443
COMMIT

Restart ufw firewall

ufw disable
ufw enable

See Ant Media Server