You are not logged in.

#1 2024-11-29 14:44:27

barnd3
Member
Registered: 2023-02-07
Posts: 136

Firewall block "rtsp"

I watch the rtsp stream from my cable provider via the Fritzbox with VLC.
Everything was fine yesterday.
Today my firewall (ufw) is blocking the streams via rtsp, but it works via https.

The m3u file looks like this

rtsp://192.168.178.1:554/?avm=1&freq=450&bw=8&msys=dvbc&mtype=256qam&sr=6900&specinv=1&pids=0,16,17,18,20,100,110,120,121,122,125,130,131,950,951,952

I have already opened port 554, but without success.
Does anyone know which ports I need to open?

Offline

#2 2024-11-29 20:08:39

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Today my firewall (ufw) is blocking the streams via rtsp

Does disabling ufw allow you to play the stream?

Everything was fine yesterday.

And what happened since?
Updates? Reboots? …

rtsp by default and your explicit uri operates on 554

Offline

#3 2024-11-29 21:18:10

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

These are the last updates from yesterday and RTSP was still running......

upgraded alsa-utils (1.2.13-1 -> 1.2.13-2)
upgraded openal (1.24.0-1 -> 1.24.1-1)
upgraded lib32-openal (1.24.0-1 -> 1.24.1-1)
upgraded sqlite (3.46.1-1 -> 3.47.1-1)
upgraded libetonyek (0.1.11-1 -> 0.1.12-1)
upgraded pacman (7.0.0.r3.g7736133-1 -> 7.0.0.r6.gc685ae6-1)
upgraded plocate (1.1.22-3 -> 1.1.23-1)
upgraded rust (1:1.82.0-2 -> 1:1.83.0-1)
upgraded webkit2gtk (2.46.3-1 -> 2.46.4-1)
upgraded webkit2gtk-4.1 (2.46.3-1 -> 2.46.4-1)
upgraded xdg-desktop-portal-xapp (1.0.9-1 -> 1.1.0-1)

Yes, if I deactivate the firewall or set incoming to allowed, then the stream runs via rtsp.

Last edited by barnd3 (2024-11-29 21:18:36)

Offline

#4 2024-11-29 21:26:02

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Nothing there looks overly prone to break anything here (certainly wrt any firewall intervention)
Did you also reboot and thus go live with some previous kernel update?

pacman -Qs iptables
iptables -nvL

You can also use tcpdump or https://wiki.archlinux.org/title/Wireshark to monitor the connection to see what ports are actually used.

Offline

#5 2024-11-29 21:38:04

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

A different port is used each time.

22:33:26.433566 IP _gateway.commplex-main > I-NET.9484: UDP, length 1328
22:34:36.468218 IP _gateway.commplex-main > I-NET.9176: UDP, length 1328

very strange

Edit: I have now entered a port range of 9000:9500.
I don't know if that's good!?

Last edited by barnd3 (2024-11-29 21:41:36)

Offline

#6 2024-11-29 21:44:00

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Hold on, that's gonna be the local port?
You're controlling the wrong side of the traffic, the local port can be whatever.

Offline

#7 2024-11-29 21:54:29

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

I don't understand much about it...
The port range definitely works

Offline

#8 2024-11-29 22:03:53

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Disable the firewall, play the rtsc stream, run "ss -tulpen" and post the output.
Also post the output of "iptables -nvL" w/ ufw enabled.

Every connection has two ends, eg. when your browser is opening a webpage, that happens on the remote port 80.
But your browser also needs a local port for that connection and that's gonna be some unprivileged (>1024) port.
If you wanted to block http traffic, the insane approach would be to block every local port your browser could use.
You're blocking the remote port 80.

If opening the unprivileed ports 9000:9500 helps you (right now. "random") but opening 554 doesn't despite the uri explicitly setting it, that means you're somehow operating on the local ports. Which is insane.

Offline

#9 2024-11-29 22:09:44

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

ss -tulpen:

Netid    State     Recv-Q    Send-Q                             Local Address:Port        Peer Address:Port    Process                                                                                                                                                                                                                       
udp      UNCONN    0         0                                        0.0.0.0:32862            0.0.0.0:*                                                                                                                       uid:971 ino:8914 sk:1 cgroup:/system.slice/avahi-daemon.service <->                                           
udp      UNCONN    0         0                                        0.0.0.0:5353             0.0.0.0:*                                                                                                                       uid:971 ino:8912 sk:2 cgroup:/system.slice/avahi-daemon.service <->                                           
udp      UNCONN    0         0                                        0.0.0.0:9330             0.0.0.0:*        users:(("vlc",pid=30372,fd=20))                                                                                uid:1000 ino:113899 sk:3 cgroup:/user.slice/user-1000.slice/session-2.scope <->                               
udp      UNCONN    62720     0                                        0.0.0.0:9331             0.0.0.0:*        users:(("vlc",pid=30372,fd=21))                                                                                uid:1000 ino:113900 sk:4 cgroup:/user.slice/user-1000.slice/session-2.scope <->                               
udp      UNCONN    0         0            [fe80::9ac4:cb88:3fbb:e855]%enp11s0:546                 [::]:*                                                                                                                       ino:2787 sk:1001 cgroup:/system.slice/NetworkManager.service v6only:1 <->                                     
udp      UNCONN    0         0                                           [::]:33794               [::]:*                                                                                                                       uid:971 ino:8915 sk:1002 cgroup:/system.slice/avahi-daemon.service v6only:1 <->                               
udp      UNCONN    0         0                                           [::]:5353                [::]:*                                                                                                                       uid:971 ino:8913 sk:1003 cgroup:/system.slice/avahi-daemon.service v6only:1 <->                               
tcp      LISTEN    0         4096                                   127.0.0.1:631              0.0.0.0:*                                                                                                                       ino:9730 sk:2001 cgroup:/system.slice/system-cups.slice/cups.service <->                                      
tcp      LISTEN    0         4096                                       [::1]:631                 [::]:*                                                                                                                       ino:9729 sk:3001 cgroup:/system.slice/system-cups.slice/cups.service v6only:1 <->

iptables -nvL:

Chain INPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
1577K 2120M ufw-before-logging-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
1577K 2120M ufw-before-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
34624   46M ufw-after-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
34560   46M ufw-after-logging-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
34560   46M ufw-reject-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
34560   46M ufw-track-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ufw-before-logging-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-before-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-after-logging-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-reject-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ufw-track-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 9195 1010K ufw-before-logging-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 9195 1010K ufw-before-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 1415 93769 ufw-after-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 1415 93769 ufw-after-logging-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 1415 93769 ufw-reject-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
 1415 93769 ufw-track-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-after-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ufw-skip-to-policy-input  17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:137
    1   238 ufw-skip-to-policy-input  17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:138
    0     0 ufw-skip-to-policy-input  6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:139
    0     0 ufw-skip-to-policy-input  6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
    0     0 ufw-skip-to-policy-input  17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
    0     0 ufw-skip-to-policy-input  17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:68
    0     0 ufw-skip-to-policy-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST

Chain ufw-after-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-after-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-after-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ufw-user-forward  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    3   108 ACCEPT     0    --  lo     *       0.0.0.0/0            0.0.0.0/0           
   30  3061 ACCEPT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ufw-logging-deny  0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 3
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 11
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 12
    0     0 ACCEPT     1    --  *      *       0.0.0.0/0            0.0.0.0/0            icmptype 8
    0     0 ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:67 dpt:68
 5131 6898K ufw-not-local  0    --  *      *       0.0.0.0/0            0.0.0.0/0           
    0     0 ACCEPT     17   --  *      *       0.0.0.0/0            224.0.0.251          udp dpt:5353
    0     0 ACCEPT     17   --  *      *       0.0.0.0/0            239.255.255.250      udp dpt:1900
 5131 6898K ufw-user-input  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-before-logging-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-logging-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-before-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    3   108 ACCEPT     0    --  *      lo      0.0.0.0/0            0.0.0.0/0           
   32  3902 ACCEPT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    7   292 ufw-user-output  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-logging-allow (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW ALLOW] "

Chain ufw-logging-deny (2 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID limit: avg 3/min burst 10
    0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10 LOG flags 0 level 4 prefix "[UFW BLOCK] "

Chain ufw-not-local (1 references)
 pkts bytes target     prot opt in     out     source               destination         
 5129 6897K RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type LOCAL
    1    36 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type MULTICAST
    1   238 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            ADDRTYPE match dst-type BROADCAST
    0     0 ufw-logging-deny  0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 10
    0     0 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-reject-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-reject-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-skip-to-policy-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-input (7 references)
 pkts bytes target     prot opt in     out     source               destination         
    1   238 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-skip-to-policy-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-track-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-track-output (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    2   120 ACCEPT     6    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW
    5   172 ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate NEW

Chain ufw-user-forward (1 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-input (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    1    36 DROP       0    --  *      *       192.168.178.1        224.0.0.1           
    0     0 ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:5353
    0     0 ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:5004
 5129 6897K ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 9000:9500

Chain ufw-user-limit (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 3/min burst 5 LOG flags 0 level 4 prefix "[UFW LIMIT BLOCK] "
    0     0 REJECT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain ufw-user-limit-accept (0 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain ufw-user-logging-forward (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-input (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-logging-output (0 references)
 pkts bytes target     prot opt in     out     source               destination         

Chain ufw-user-output (1 references)
 pkts bytes target     prot opt in     out     source               destination

Offline

#10 2024-11-30 07:03:00

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

ss -tulpen:
-------------
vlc locally listens on 9330 for whatever, so that's (likely) not it?

ss -tupn | grep vlc
5129 6897K ACCEPT     17   --  *      *       0.0.0.0/0            0.0.0.0/0            multiport dports 9000:9500

You're accepting the destination port rule.

Sanity check #1: ufw and vlc are running on the same host?
Sanity check #2: can you play the stream w/ mpv w/o any further rules?

It this relies on cold inbound traffic, you'll have to check whether you can tell vlc to use a specific local port - otherwise you're chasing a moving target.

Offline

#11 2024-11-30 08:50:04

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

UFW and VLC are used on the same host.
MPV starts the stream without any further rules.

I can change the ports for rtp and rtsp in VLC, but that has no effect.
Port 5004 is used for the RTP stream output.
RTP/RTSP/SDB demuxer (Live555), client port -1 is specified, a change here has no effect.
No matter what I do, it is always sent via port 9000-9500.
No matter, I now have the streams running via HTTP, that works without port forwarding...

Offline

#12 2024-11-30 12:18:25

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

Nevertheless, thank you very much for your help

Last edited by barnd3 (2024-11-30 12:18:41)

Offline

#13 2024-11-30 17:56:55

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Can you configure VLC to run rtsp over tcp?

Offline

#14 2024-12-01 13:51:40

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

That's what doesn't work.
The whole thing works via http

Last edited by barnd3 (2024-12-01 13:51:58)

Offline

#15 2024-12-01 18:40:21

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

tcp != http (not even in the same group)

rtsp can run on tcp or udp, vlc runs it on udp and the idea is to move it to tcp because that might not require the backchannel

Offline

#16 2024-12-01 19:31:08

ewaller
Administrator
From: Pasadena, CA
Registered: 2009-07-13
Posts: 20,294

Re: Firewall block "rtsp"

VLC can be configured to force RTSP over TCP.  Go to settings, select advanced settings, search for rtsp, under demuxers find and check 'Use RTP over RTSP (TCP)'
I can speak from personal experience that VLC responds badly to the monolithic time stamp field rolling over before its terminal count, but I digress....


Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way

Offline

#17 2024-12-01 22:12:50

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

Then vlc now runs over udp...
or am I seeing this wrong?
Bildschirmfoto-2024-12-01-20-00-06.png
Everything would be fine then...

I didn't even notice 'Use RTP over RTSP (TCP)'..., my mistake

Offline

#18 2024-12-01 22:26:18

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Yes, you are - according to the previous "ss -tulpen"

udp      UNCONN    0         0                                        0.0.0.0:9330             0.0.0.0:*        users:(("vlc",pid=30372,fd=20))                                                                                uid:1000 ino:113899 sk:3 cgroup:/user.slice/user-1000.slice/session-2.scope <->                               
udp      UNCONN    62720     0                                        0.0.0.0:9331             0.0.0.0:*        users:(("vlc",pid=30372,fd=21))                                                                                uid:1000 ino:113900 sk:4 cgroup:/user.slice/user-1000.slice/session-2.scope <->                               

But that's not "fine" - you're supposed to switch to tcp and see whether you avoid the backchannel this way so you don't have to excempt it in the firewall.

Offline

#19 2024-12-01 23:45:58

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

with 'Use RTP over RTSP (TCP)', I get these errors

[00007666a4c0d190] live555 demux error: SETUP of'video/MP2T' failed 454 Unkown
[00007666a4c0d190] live555 demux error: RTSP PLAY failed 454 Unkown
[00007666a4c08ea0] cache_block stream error: cannot pre fill buffer
[00007666a4c0d190] mjpeg demux error: cannot peek

and the firewall blocks...

Offline

#20 2024-12-02 01:25:40

cryptearth
Member
Registered: 2024-02-03
Posts: 1,143

Re: Firewall block "rtsp"

out of curiosity: why you run a firewall at all if you are already behind a FritzBox? unless you open a port-forwarding or set your host as dmz there's nothin a host firewall could block that isn't already blocked by your FB - and, depending which ISP you use (there aren't many cable ISP in germany anyway) you're also behind a cg-nat

Offline

#21 2024-12-02 02:32:09

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

I agree with you... but I just feel better.

As for the error, it also appears when the firewall is off.

Offline

#22 2024-12-02 08:08:01

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

As for the error, it also appears when the firewall is off.

If the error is irrelevant, check whether vlc also wants to listen on local tcp ports (and get traffic there)

ss -tulpen

If rtsp on vlc doesn't work w/o the backchannel and you cannot configure the local rtsp ports in vlc (use mpv or) you'll have to run after them - does ufw not allow you to limit/free inbound traffic discriminating by segment and remote port (cause that'll remain 554), ie. allow everything that comes from 192.168.178.1:554?

Offline

#23 2024-12-02 10:24:16

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

sorry
No offense @seth, but the whole thing is overwhelming me.
The way it's running now (via udp) is more than satisfactory, so I'll leave it at that.
Thank you for your help!

Last edited by barnd3 (2024-12-02 11:34:35)

Offline

#24 2024-12-02 16:13:06

seth
Member
Registered: 2012-09-03
Posts: 60,363

Re: Firewall block "rtsp"

Does this work?

ufw allow in from 192.168.178.1 port 554 comment "rtsp backchannel"

Offline

#25 2024-12-02 16:38:57

barnd3
Member
Registered: 2023-02-07
Posts: 136

Re: Firewall block "rtsp"

No doesn't work
Bildschirmfoto-2024-12-02-17-32-14.png
Bildschirmfoto-2024-12-02-17-32-41.png
In VLC, ports 554 and 5004 are also entered, which are the standard ports, but ports 9000-9500 are still used.
That's a mystery to me...

Offline

Board footer

Powered by FluxBB