ASUS RT-N66U udpxy IPTV stream to WAN

[aurelijusb]

Hi Guys,

my ISP provides me IPTV and I can watch it using VLC player, for exampe IPTV stream from my ISP: udp://@239.255.1.19:5000
On RT-N66U I enabled Udpxy with port 4000. Now I can watch IPTV also with URL http://192.168.1.1:4000/udp/239.255.1.19:5000 . This URL also works when I connect from remote PC to VPN connection and I easily can watch TV. But... How I can make IPTV stream available from WAN without VPN connection? For example I want to use this URL: http://MY-EXTERNAL-IP:4000/udp/239.255.1.19:5000 ?

Thanks.

 

[aurelijusb]

Anyone?

 

[madpanter]

I am interested to how to make IPTV stream available from WAN. Have you made any progress?

 

[aurelijusb]

I am interested to how to make IPTV stream available from WAN. Have you made any progress?

Still nothing...

 

[TeHashX]

Dunno if will work but you can try this commands from putty terminal:

# iptables -I INPUT -p tcp --destination-port 4000 -j ACCEPT
# iptables -I INPUT -p udp --destination-port 4000 -j ACCEPT
# iptables -I INPUT -p tcp --destination-port 5000 -j ACCEPT
# iptables -I INPUT -p udp --destination-port 5000 -j ACCEPT

Also you may redirect port 5000 to 4000 or 4000 to 5000 to ip 192.168.1.1 in port forwarding page. See here an example at the bottom page of tutorial.

 

[ryzhov_al]

Dunno if will work but you can try this commands

That's not enough because udpxy is started with some command line keys to define upstream (wan) and downstream (lan) interfaces. After opening necessary ports we must restart udpxy without "-a" key.

aurelijusb, please note, that udpxy have no any authentication mechanisms, so every internet user will able to use udpxy on your router.

 

[madpanter]

If it helps to someone i have been asking same question on offical udpxy forum:

http://www.udpxy.com/forum/viewtopic.php?f=5&t=73

Saddly i still dont know how to set the things up

 

[aurelijusb]

I tried to forward UDP/TCP 4000 port to 192.168.1.1, also started udpxy without -a and also tried to use -a eth0. But still not working from WAN. Thats really strange. Could it be that ASUS unable to open any listening WAN port to itself?

 

[madpanter]

Tried same on wrt54gl and tomato and cant get it working

Sent from my DesireS using Tapatalk 2

 

[aurelijusb]

Here is my firewall rules, maybe someone will find where is the issue (now removed all forwards to 192.168.1.1, because its not working, so no reason to leave it here):

-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -j DROP
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -i lo -o lo -j ACCEPT
-A FORWARD -j DROP
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequen
ce --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP" --log-tcp-sequence --
log-tcp-options --log-ip-options
-A logdrop -j DROP

 

[aurelijusb]

any updates?

 

[madpanter]

It seams that this is mission imposibile.

Sent from my DesireS using Tapatalk 2

 

[madpanter]

somebody try this:

iptables -A INPUT -p tcp --dport 1234 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1234 -j ACCEPT

It is reported by user peterp from t-2 forum that it works

for peterp

 

[madpanter]

I can confirm that using this

iptables -A INPUT -p tcp --dport 1234 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 1234 -j ACCEPT

in firewall section of scripts on tomatoRAF for wrt54GL iptv will work on wan port.

It is necessary to have static ip or you will have to modify your play list every time ip changes

playlist fow vlc should be something like that:

#EXTM3U
#EXTINF:0,channel
http://WAN IP/udp/239.1.1.9:5000

 

[aurelijusb]

Looks like working fine now, also I need to run udpxy process with parameters "/usr/sbin/udpxy -m eth0 -p 4000" instead of "/usr/sbin/udpxy -m eth0 -p 4000 -a br0" so it will stream to all interfaces.
Now another question:
after rebooting router all these settings back to default and again I need to connect using telnet and again enter mentioned IPTABLES commands , also kill running udpxy process and run again without "-a" parameter like mentioned above.
Maybe somehow I can add some startup commands? Or maybe somewhere I can modigy iptables file and updxy config?

Thanks

 

[ryzhov_al]

Hi!

Maybe somehow I can add some startup commands? Or maybe somewhere I can modigy iptables file and updxy config?

You may plug a USB flash drive and use start scripts this way.

Regards, Alexander.

 

[aurelijusb]

I see on issue here:
Its working when firewall is Disabled under http://192.168.1.1/Advanced_BasicFirewall_Content.asp

When its enabled looks like 4000 port still closed (i added mentioned iptables rules).

I using Merlin firmware now, added mentioned iptables commands to /jffs/scripts/firewall-start

Looks like some default firewall rules blocks my added iptables rules.
Who can help me to bypass this issue? I not do want to Disable firewall on my router because of security reasons.
Thanks.

 

[aurelijusb]

fixed by adding iptables -I INPUT -p tcp --dport 4000 -j ACCEPT
working fine now!!!

 

[Cigaras]

So AurelijusB, how did you modified the udpxy config? Or someone please help.

 

[aurelijusb]

So AurelijusB, how did you modified the udpxy config? Or someone please help.

Hi,
I not modified integrated udpxy config, but added my own rules in startup scripts:

firewall-start:
iptables -A INPUT -p tcp --dport 4000 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 4000 -j ACCEPT
iptables -I INPUT -p tcp --dport 4000 -j ACCEPT

services-start:
#!/bin/sh

sleep 10
killall udpxy
/usr/sbin/udpxy -m eth0 -p 4000