Even since i switched off my selinux firewall and used an iptables script to enhance security, i can't play streaming audio (online radio) through my mplayer-plugin.
It could be a plugin problem, but my gut tells me something is blocking the audio stream.
I'm not sure what i need to open up to allow connections in (which port, if any), but i would appreciate it if you could take a look at this script:
Code:
#!/bin/bash
## Edit the line below to define your ethernet interface
## It is usually eth0
ETH=eth0
## Edit the line below to indicate where your iptables
## binary exists. It is usually /sbin/iptables.
IPT=/sbin/iptables
## Check to see if the ip_tables module has been loaded.
## If not, load the module.
##/sbin/lsmod 2>/dev/null |grep -q iptables
##if [ $? -ne 0 ]; then
## echo "Adding iptables module"
## /sbin/insmod iptables
## /sbin/modprobe ip_conntrack_ftp
##fi
## First, we set a number of network stack parameters to protect
## against various network-based attacks.
## Try to prevent SYN floods
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
## Disable response to ICMP broadcasts.
/bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
## Reject source-routed packets.
/bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route
## Disable ICMP redirect acceptance.
/bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_redirects
## Enable bad error message protection
/bin/echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
## Enable reverse path filtering.
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter
## Log spoofed packets, source-routed packets, redirect packets.
/bin/echo "1" > /proc/sys/net/ipv4/conf/all/log_martians
## Disable IP forwarding.
/bin/echo "0" > /proc/sys/net/ipv4/ip_forward
## Now we start using iptables...
## Flush chains, clear existing chains, zero counters
$IPT -F
$IPT -X
$IPT -Z
## Default policies
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP
## Drop all incoming fragments
$IPT -A INPUT -i $ETH -f -j DROP
## Drop outside packets with localhost address - anti-spoofing measure
$IPT -A INPUT -s 127.0.0.0/255.0.0.0 -i \! lo -j DROP
## Pass all locally-originating packets
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
## Accept ICMP ping (8) packets (this allows other people to ping your machine).
#$IPT -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
## Accept all traffic from a specific machine with IP x.x.x.x
## replace x.x.x.x with the desired IP
$IPT -A INPUT -i $ETH -s x.x.x.x -j ACCEPT
## Accept ssh traffic from a specific machine with IP x.x.x.x
## replace x.x.x.x with the desired IP
$IPT -A INPUT -p tcp --syn -i $ETH -s x.x.x.x --dport 22 -j ACCEPT
## Accept all inbound ssh traffic
#$IPT -A INPUT -p tcp --syn -i $ETH -s 0/0 --dport 22 -j ACCEPT
## Accept all inbound identd
#$IPT -A INPUT -p tcp --syn -i $ETH -s 0/0 --dport 113 -j ACCEPT
## or you can reject and send back a TCP RST packet instead
#$IPT -A INPUT -p tcp -i $ETH -s 0/0 --dport 113 -j REJECT --reject-with tcp-reset
## Allow all sendmail SMTP traffic
#$IPT -A INPUT -p tcp --syn -i $ETH -s 0/0 --dport 25 -j ACCEPT
## Allow all sendmail MSA traffic
#$IPT -A INPUT -p tcp --syn -i $ETH -s 0/0 --dport 587 -j ACCEPT
## Allow all web server access (port 80)
#$IPT -A INPUT -p tcp --syn -s 0/0 --dport 80 -j ACCEPT
## Allow all secure web server access (port 443)
#$IPT -A INPUT -p tcp --syn -s 0/0 --dport 443 -j ACCEPT
#$IPT -A INPUT -p tcp --syn -s 0/0 --dport 3306 -j ACCEPT
#$IPT -A INPUT -p icmp -s 0/0 -j ACCEPT
## Allow inbound established and related outside communication
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -i $ETH -j ACCEPT
## Drop outside initiated connections
#$IPT -A INPUT -m state --state NEW -i $ETH -j DROP
## Allow all outbound tcp, udp, icmp traffic with state
$IPT -A OUTPUT -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p udp -m state --state NEW,ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p icmp -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
Any help would be appreciated
