Creating UFW rule to allow application to use dynamic ports
There doesn't seem to be any way of telling the Chromecast extension to restrict the range of ephemeral ports it uses. It's possible to add a ufw
rule to permit all traffic to high port numbers, but obviously there's a security risk in that. If you trust your local network to the extent that you're prepared to do that, you could add a rule like
ufw allow proto udp from 10.0.0.0/24 to any port 32768:61000
That port range is typical but may vary; you might want to check the output of cat /proc/sys/net/ipv4/ip_local_port_range
to be sure.
Related videos on Youtube
MacMcIrish
Updated on September 18, 2022Comments
-
MacMcIrish over 1 year
I am currently trying to get a Google Chromecast device to work through my Ubuntu 13.04 based computer. Currently, the Google Chrome extension shows "no devices found" as long as my UFW firewall is enabled.
If I disable the firewall, I am able to see my Chromecast device without any issues.
I notice that every time I click on the Chromecast browser extension a new port is opened up by the Chrome application. It is a different port every time.
Is there a way to set a rule in UFW that would always allow the chrome application to access any port it wants? Is there a name for this type of behavior?
The port that chrome is using changes every time I try to find the Chromecast device. I imagine I won't be the only person having this issue.
-
NullVoxPopuli over 10 yearsThe Firewall application, gufw, allows us to add other applications to the firewall. but Chrome is not listed as an option, and I don't see a way to add it as an option. :-\
-
AlexMA over 10 yearsPerhaps some sort of UDP proxy would be useful in this scenario if security is of high concern (though it could potentially hurt performance).Chrome should really allow you to set the port number.
-
-
NullVoxPopuli over 10 yearsisn't there a way to just let all traffic through for anything that uses chrome?