Configure IPtables to allow Plex Media Server
Source:
I could write quite a lengthy post about configuring and setting up the Plex Media Server (PMS), however I’ve decided that this post will be short and sweet. To get Plex working properly you will need to allow incoming packets on the the following ports on your server machine. I have also provided the Plex part of my IPtables configuration in case that would be useful for a reader.
| TCP | UDP |
| 32400 | 32400 |
| 32410 | |
| 32412 | |
| 32414 | |
| 1900 |
Here is the Plex part of my IPtables configuration file from CentOS6.5. It’s location on the server is: /etc/sysconfig/iptables
# Plex -A INPUT -m state --state NEW -m tcp -p tcp --dport 32400 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 32400 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 32410 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 32412 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 32414 -j ACCEPT # UPnP Disabled in router open for the sake of science -A INPUT -m state --state NEW -m udp -p udp --dport 1900 -j ACCEPT
This configuration is confirmed working on following devices both through the Plex app or via DLNA:
- Google Nexus 7 2013 (Android)
- Samsung smart TV
- Any machine with a browser
Hopefully that will save someone a few hours work trying to figure it out themselves. Happy new year! Jack. I’ve had a few requests for the entire IPtables script i use on my Plex server – So here it is:
# Generated by iptables-save v1.4.7 on Thu Jan 9 11:05:53 2014 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [0:0] -A INPUT -m state --state ESTABLISHED -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m tcp --sport 513:65535 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 32400 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32400 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32410 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32412 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 32414 -j ACCEPT -A INPUT -p udp -m state --state NEW -m udp --dport 1900 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A INPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A INPUT -i eth0 -p udp -m udp --sport 53 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -i eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A OUTPUT -p tcp -m tcp -m state --state ESTABLISHED -j ACCEPT -A OUTPUT -o lo -j ACCEPT -A OUTPUT -p tcp -m tcp --sport 22 --dport 513:65535 -m state --state NEW,ESTABLISHED -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 0 -j ACCEPT -A OUTPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 443 -j ACCEPT -A OUTPUT -o eth0 -p tcp -m tcp --dport 80 -j ACCEPT -A OUTPUT -j DROP -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT # Completed on Thu Jan 9 11:05:53 2014