Update quickstart.md #288
Update quickstart.md #288
Conversation
Added instructions for adding exceptions to the "nftables" firewall.
| If you are using `nftables`, you can add the following line to `/etc/nftables.conf` in the "input" chain, which is in the "inet filter" table: | ||
|
|
||
| ``` | ||
| tcp dport { 80, 443, 10000, 22, 3478, 5349 } ct state new accept |
There was a problem hiding this comment.
Port 5349 is no longer necessary, but 5222 is.
There was a problem hiding this comment.
TCP port 5349 is in the documentation. Shall I update the documentation too (changing port 5349 to 5222)?
There was a problem hiding this comment.
What is this about? 5349 is the default turns port.
https://github.com/jitsi/jitsi-meet/blob/8604b1f64d959b652d98d76c99c1140e1bb16e62/doc/debian/jitsi-meet-turn/turnserver.conf#L14
There was a problem hiding this comment.
Ops, my bad I read too quickly and mixed it up with the XMPP component port.
There was a problem hiding this comment.
We still need 5222 though right?
There was a problem hiding this comment.
From the outside no, it is used only from jvb, jibri and maybe jigasi(jiigasi can use bosh though and port 443), and normally that will be only the internal network for prosody.
There was a problem hiding this comment.
Generally speaking yeah but if one needs to scale to multiple JVBs they would so I think we better mention it early WDYT?
| Update the nftables firewall with: | ||
|
|
||
| ``` | ||
| sudo /etc/nftables.conf |
|
Ping? |
|
Ping |
|
Waiting on the requested changes to be made. |
Added instructions for adding exceptions to the "nftables" firewall.