I have Suse 10.1 and I have simply added in the yast2 firewall the custom rule to open all udp-ports between 1024 and 65535. To be more precise in the yast2 firewall menu chose the "allowed services" submenu and there you click on the "Advanced" button which opens an extra window and here I put in the udp box: 1024:65535 and in the tcp box 8080 (for the freeplayer if you are you using this on this PC).
However, my Suse 10.1 PC is also behind a NAT-router (another Linux-PC) and is therefore quite well protected such that opening all udp-ports is not really a problem.
A better and safer solution would be to open every port for the IP number 212.27.38.253 but in yast2 this is indeed not obvious. Maybe you can define this IP to be in the demilitarized zone or something like this or simply as dimstar suggested.
If you want to do it directly by iptables (and not yast2) this is quite easy with the rules:
Code: Select all
-I INPUT -s 212.27.38.253 -i eth0 -p udp -j ACCEPT
(this one for the TV on the PC) and:
Code: Select all
-I INPUT -s 212.27.38.253 -i eth0 -p tcp -m tcp --dport 8080 -j ACCEPT
(this one for the Freeplayer). Here I assume that eth0 is appropriate network device which can also be eth1, ... or something different if you have a wireless connection.
You can add these rules by hand as root simply by the command:
/usr/sbin/iptables ...
where "..." is one of the exact above rules. The only problem is that this is not very proper because it is actually yast2 that is responsible for the firewall (one would mix different tools for firewall configuration which may create conflicts and unpredictable behavior). However it will work, until the next reboot of the machine or the next call of yast2 with a firewall update (which will probably clean your own rules).
The very best solution would be to patch the kernel with the rtsp-conntrack module and to recompile it. Then the appropriate udp-port will be automatically opened (without any particular rule and simply by charging the rtsp-conntrack modules) but this is more important if you want to use your Linux PC as NAT-routeur that transmits the IP-TV of Free to another PC behind the router (without rtsp-conntrack thing becomes quite complicated with rtsp and NAT). If you are interested here are the rtsp-patches for the latest kernels:
http://mike.it-loops.com/rtsp/
If you use one of these patchs you will need to compile your own Linux kernel, something like 2.6.22.x or 2.6.23.x (Suse 10.1 is normally 2.6.16... but I would recommend to change to a newer version if you really want to compile your own kernel). I am actually using 2.6.22.6 with Suse 10.1 and without any important problem (the "Suse-Amor-module" no longer works with a stock-kernel but I don't care about that).