Technical Helpweb

Dialogic® PowerMedia™ Extended Media Server (PowerMedia XMS) - more articles

PowerMedia XMS 3.0 firewall configuration on CentOS 7 / RHEL 7

Introduction:

During installation of the RPM version of Dialogic® PowerMedia™ XMS 3.0 on CentOS 7 or RHEL 7, the installer prints this message

INFO1: Open Firewall ports required: tcp: 22, 80, 81, 443-444, 1080, 2855, 5060, 5070, 10000-10010, 10443, 15001 udp: 161, 5060, 5070, 49152-53152, 56000-56999, 57344-60152
WARN1: Ensure firewall ports are open before running XMS

This article describes how to make the required firewall port settings for a typical operating system installation.

Background: 

In CentOS 7 and RHEL 7, the default firewall has changed from iptables to firewalld. Although they use the same kernel-level implementation (netfilter), the configuration for firewalld is different, and is carried out by running commands instead of editing a configuration file.  

Procedure:

First check what zone you will be using:

[root@localhost ~]# firewall-cmd --get-active-zones
public
  interfaces: ens32

The rest of this article assumes that you are using the "public" zone, which should be the default for a new operating system installation.

Next tell firewalld what ports to open by running the following 17 commands (cut and paste is suggested). Note the "--permanent" option which causes these settings to survive a reboot, but adds the requirement to restart the service to apply the changes.

firewall-cmd --permanent --zone=public --add-port=22/tcp
firewall-cmd --permanent --zone=public --add-port=80/tcp
firewall-cmd --permanent --zone=public --add-port=81/tcp
firewall-cmd --permanent --zone=public --add-port=443-444/tcp
firewall-cmd --permanent --zone=public --add-port=1080/tcp
firewall-cmd --permanent --zone=public --add-port=2855/tcp
firewall-cmd --permanent --zone=public --add-port=5060/tcp
firewall-cmd --permanent --zone=public --add-port=5070/tcp
firewall-cmd --permanent --zone=public --add-port=10000-10010/tcp
firewall-cmd --permanent --zone=public --add-port=10443/tcp
firewall-cmd --permanent --zone=public --add-port=15001/tcp
firewall-cmd --permanent --zone=public --add-port=161/udp
firewall-cmd --permanent --zone=public --add-port=5060/udp
firewall-cmd --permanent --zone=public --add-port=5070/udp
firewall-cmd --permanent --zone=public --add-port=49152-53152/udp
firewall-cmd --permanent --zone=public --add-port=56000-56999/udp
firewall-cmd --permanent --zone=public --add-port=57344-60152/udp

Then restart the firewalld service to apply (no output is expected):

[root@localhost ~]# systemctl restart firewalld

Check that service restart was OK:

[root@localhost ~]# systemctl status
 firewalld firewalld.service - firewalld - dynamic firewall daemon
  Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
  Active: active (running) since Fri 2015-10-09 04:18:12 EDT; 1h 0min ago
 Main PID: 610 (firewalld)
 CGroup: /system.slice/firewalld.service
   610 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid

 Oct 09 04:18:12 localhost.localdomain systemd[1]: Started firewalld - dynamic firewall daemon.  

Then check that the settings are applied:

[root@localhost ~]# firewall-cmd --zone=public --list-ports
 443/tcp 1080/tcp 80/tcp 57344-60152/udp 2855/tcp 81/tcp 443-444/tcp 49152-53152/udp 15001/tcp 5060/tcp 56000-56999/udp 5070/tcp 161/udp 5070/udp 5060/udp 10443/tcp 10000-10010/tcp 22/tcp

Now the ports are unblocked, and the same settings should be applied whenever the system is restarted.

Product List:

PowerMedia XMS 3.0  

Glossary of Acronyms :

RHEL - Red Hat Enterprise Linux  

Related Documentation:

Dialogic® PowerMedia™ XMS Installation and Configuration Guide

Legal Note:

This document discusses one or more open source products, systems and/or releases. Dialogic is not responsible for your decision to use open source in connection with Dialogic products (including without limitation those referred to herein), nor is Dialogic responsible for any present or future effects such usage might have, including without limitation effects on your products, your business, or your intellectual property rights.