Waoo TV med Ubiquiti EdgeRouter Lite

Waoo TV, Fibia, EdgeRouter Lite

Ubiquiti EdgeRouter Lite

Denne router har 3 porte – jeg bruger en til netværk og en til TV.

ethernet eth0 {
    address dhcp
    description Internet
    duplex auto
    firewall {
        in {
            name WAN_IN
        }
        local {
            name WAN_LOCAL
        }
    }
    speed auto
}
ethernet eth1 {
    address 192.168.x.z/24
    description Local
    duplex auto
    speed auto
}
ethernet eth2 {
    address 192.168.y.z/24
    description "IPTV"
    duplex auto
    speed auto
}
loopback lo {
}
igmp-proxy {
    interface eth0 {
        alt-subnet 0.0.0.0/0
        role upstream
        threshold 1
    }
    interface eth2 {
        alt-subnet 0.0.0.0/0
        role downstream
        threshold 1
    }
}
all-ping enable
broadcast-ping disable
group {
    network-group waoo-multicast-1 {
        description "Waoo multicast networks"
        network 233.138.48.0/24
        network 88.83.72.0/24
        network 212.178.160.0/19
        network 5.103.114.0/24
    }
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
name WAN_IN {
    default-action drop
    description "WAN to internal"
    rule 10 {
        action accept
        description "Allow Waoo IPTV multicast UDP"
        log disable
        protocol udp
        source {
            group {
                network-group waoo-multicast-1
            }
        }
    }
    rule 30 {
        action accept
        description "Allow established/related"
        state {
            established enable
            related enable
        }
    }
    rule 40 {
        action drop
        description "Drop invalid state"
        state {
            invalid enable
        }
    }
}
name WAN_LOCAL {
     default-action drop
    description "WAN to router"
    rule 20 {
        action accept
        description "Allow IGMP"
        log disable
        protocol igmp
    }
    rule 30 {
        action accept
        description "Allow established/related"
        state {
            established enable
            related enable
        }
    }
    rule 40 {
        action drop
        description "Drop invalid state"
        state {
            invalid enable
        }
    }
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable

Brug show ip multicast mfc for at finde fra hvilke netværk der skal tillades UDP trafik. Kig efter adresser i kolonnen Origin som ikke er lokale og ikke din WAN.

$ show ip multicast mfc
Group           Origin           In          Out                Pkts         Bytes  Wrong
233.138.48.139  5.103.114.2      eth0        eth2                150        4.69KB      0
233.138.48.207  88.83.72.22      eth0        eth2              45199       57.93MB      0
233.138.48.139  88.83.72.21      eth0        eth2             218469      280.02MB      0

Når det virker ser det ca sådan ud

$ show ip multicast interfaces
Intf             BytesIn        PktsIn      BytesOut       PktsOut            Local
eth0            412.39MB        321902         0.00b             0     my.public.ip
eth1               0.00b             0         0.00b             0      my.local.ip
eth2               0.00b             0      412.39MB        321739      my.local.tv

Og nu fungerer det hele tilfredsstillende