From 89cf8a455ab1fc92e94bc8fa61a8b5a9fd597285 Mon Sep 17 00:00:00 2001
From: Johannes Zellner <johannes@cloudron.io>
Date: Sat, 28 Mar 2020 23:33:44 +0100
Subject: [PATCH] Allow turn and stun service ports

---
 setup/start/cloudron-firewall.sh | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/setup/start/cloudron-firewall.sh b/setup/start/cloudron-firewall.sh
index f9ef850b3..0d41c939c 100755
--- a/setup/start/cloudron-firewall.sh
+++ b/setup/start/cloudron-firewall.sh
@@ -12,6 +12,11 @@ iptables -t filter -I CLOUDRON -m state --state RELATED,ESTABLISHED -j ACCEPT
 # ssh is allowed alternately on port 202
 iptables -A CLOUDRON -p tcp -m tcp -m multiport --dports 22,25,80,202,443,587,993,4190 -j ACCEPT
 
+# turn and stun service
+iptables -t filter -A CLOUDRON -p tcp -m multiport --dports 3478,3479 -j ACCEPT
+iptables -t filter -A CLOUDRON -p udp -m multiport --dports 3478,3479 -j ACCEPT
+iptables -t filter -A CLOUDRON -p udp -m multiport --dports 50000-51000 -j ACCEPT
+
 iptables -t filter -A CLOUDRON -p icmp --icmp-type echo-request -j ACCEPT
 iptables -t filter -A CLOUDRON -p icmp --icmp-type echo-reply -j ACCEPT
 iptables -t filter -A CLOUDRON -p udp --sport 53 -j ACCEPT