Firewall¶
Open ports¶
The following TCP ports have to be open on the machine Kollibre runs on:
- 443 — for main Kollibre UI that runs on HTTPS.
- 8020 — opened only to specific host IPs, for Nginx reverse proxy management UI (enter the management UI by visiting http://HOST-NAME:8020/_by_name/nginx-ui-microservice/)
The following UDP ports have to be open on the machine Kollibre runs on:
- 10000 — for video streaming.
Firewalld¶
Open the publicly available ports without any additional restrictions:
firewall-cmd --permanent --zone="public" --add-port="443/tcp"
firewall-cmd --permanent --zone="public" --add-port="10000/udp"
Open the special 8020 port exposed to CLIENT-IP:
firewall-cmd --permanent --zone="public" \
--add-rich-rule="rule family=\"ipv4\" source address=\"${CLIENT-IP}\" port protocol=\"tcp\" port=\"8020\" accept"
Remember to always reload the firewall after opening ports: