Zdravo,
ali mi zna kdo pomagati nastaviti IPTV na OPNsense? Na prejšnjem Edge Router ER-X je IPTV deloval brez problema.
OPNsense je virtualiziran na Proxmox-u. Imam virtualiziran tudi pfSense, ki ga prav tako nisem uspel usposobiti za IPTV.
Poskusil sem po tem "kuharskem receptu" (https://forum.opnsense.org/index.php?topic=17865.0), vendar brez uspeha.
Očitno je potrebno znati nastaviti IGMP Proxy in pravila na FW.
Hvala.
OPNsense IPTV multicast
Re: OPNsense IPTV multicast
Mam isto virtualiziran opnsense. Meni je uspel prit do tega da client (vlc) igmp join request poslje, t-2jev tv server (172.17.141.193) pa odgovori z udp streamom. Ni mi pa uspelo v startu spravit udp streama od igmp proxyja do racunalnika. Sem na opnsense forumu najdu en post na to temo.
Rabis nardit sledece:
1) nastavit igmp proxy upstream na 172.17.141.0/24, 10.1.1.0/24 in downstream na zeljeni subnet (js mam na LAN).
2) pod firewall/NAT/outbound nastavi takole:
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN t2_iptv_server * * * WAN address * NO route incoming iptv igmp packets
WAN LAN net * * * WAN address * NO route outgoing iptv igmp packets
3) Pod firewall/rules/WAN je tkole (pri obeh spodaj klikni na advanced in vklopi allow options ter pri spodnjem nastavi state type na none):
Protocol Source Port Destination Port Gateway Schedule Description
IPv4 IGMP * * * * * * allow IGMP multicast traffic
IPv4 UDP t2_iptv_server * t2_iptv_stream, WAN address * * * allow multicast udp streams
4) Pod firewall/rules/LAN je tkole:
Protocol Source Port Destination Port Gateway Schedule Description
IPv4 IGMP * * * * * * allow IGMP multicast traffic
IPv4 UDP LAN net * * * * * allow multicast udp streams
t2_iptv_server je alias za 172.17.141.0/24, 10.1.1.0/24, t-2_iptv_stream pa za 224.0.0.0/4
To je to. Loh pod firewall/log files/live view filtriras interface=WAN pa proto=igmp ce se kej dogaja ko przges stream. Ce ne dela poglej se pod firewall/diagnostic/states pa isci multicast ip iz m3u fajla.
Rabis nardit sledece:
1) nastavit igmp proxy upstream na 172.17.141.0/24, 10.1.1.0/24 in downstream na zeljeni subnet (js mam na LAN).
2) pod firewall/NAT/outbound nastavi takole:
Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN t2_iptv_server * * * WAN address * NO route incoming iptv igmp packets
WAN LAN net * * * WAN address * NO route outgoing iptv igmp packets
3) Pod firewall/rules/WAN je tkole (pri obeh spodaj klikni na advanced in vklopi allow options ter pri spodnjem nastavi state type na none):
Protocol Source Port Destination Port Gateway Schedule Description
IPv4 IGMP * * * * * * allow IGMP multicast traffic
IPv4 UDP t2_iptv_server * t2_iptv_stream, WAN address * * * allow multicast udp streams
4) Pod firewall/rules/LAN je tkole:
Protocol Source Port Destination Port Gateway Schedule Description
IPv4 IGMP * * * * * * allow IGMP multicast traffic
IPv4 UDP LAN net * * * * * allow multicast udp streams
t2_iptv_server je alias za 172.17.141.0/24, 10.1.1.0/24, t-2_iptv_stream pa za 224.0.0.0/4
To je to. Loh pod firewall/log files/live view filtriras interface=WAN pa proto=igmp ce se kej dogaja ko przges stream. Ce ne dela poglej se pod firewall/diagnostic/states pa isci multicast ip iz m3u fajla.
Re: OPNsense IPTV multicast
Po parih mescih sem se naucil da je fajn dat multicast video streame na locen IPTV vlan, cene skos ven mece.
1) igmp proxy:
2) WAN fw rules:
Pri obeh se vklopi allow options (na vrhu advanced features sekcije to najdes).
3. IPTV vlan rules:
Tukaj rabis spustit igmp requeste od koncne naprave do igmp proxyja.
Mas 2 opciji:
4. Aliasi:
- iptv_servers = 172.17.141.0/24, 172.17.145.0/24
- iptv_streams = 224.0.0.0/24, 239.0.0.0/8
Ce kdo tole poskusa na telekomu, bo rabil spremenit dst port pri drugem pravilu za WAN (uporabljajo 5002 in 5003), vec info na strani Uroš's IPTV tools.
Pa se nekaj glede proxmoxa:
Pred nekaj dnevi sem dobil idejo zbrisat vse (razen enega) vmesnike in vse laufat prek enga vtneta. To je zal zjebal multicast, ker je privzeto vklopljen igmp snooping pa sklopljen querier na host bridgu. Mal sem poskusal to nastavit v /etc/network/interfaces, ampak sem na koncu obupal in dodal nazaj posamezne vmesnike.
1) igmp proxy:
Koda: Izberi vse
| Name | Type | Values | Description |
| ---- | ---------- | --------------------------------------------- | ----------- |
| WAN | upstream | 239.0.0.0/8, 172.17.141.0/24, 172.17.145.0/24 | T-2 |
| IPTV | downstream | 192.168.35.0/24 | iptv vlan |
Koda: Izberi vse
| Protocol | Source | Port | Destination | Port | Gateway | Schedule | Description |
| --------- | ------------ | ---- | ------------------------- | ---- | ------- | -------- | ---------------------------------- |
| IPv4 IGMP | 10.1.1.21 | * | iptv_streams | * | * | * | allow IGMP announcements on WAN |
| IPv4 UDP | iptv_servers | * | iptv_streams, WAN address | 5000 | * | * | allow multicast udp streams on WAN |
3. IPTV vlan rules:
Tukaj rabis spustit igmp requeste od koncne naprave do igmp proxyja.
Mas 2 opciji:
- Kloniras obstojeci LAN IPv4 rule, mu spremenis interface ter dodas allow options.
- Ce imas dostop do interneta urejen prek floating rula, lahko naredis novo pravilo in spet pritisnes allow options:
Koda: Izberi vse
| Protocol | Source | Port | Destination | Port | Gateway | Schedule | Description |
| --------- | ------ | ---- | ------------ | ---- | ------- | -------- | --------------------------- |
| IPv4 IGMP | * | * | iptv_streams | * | * | * | allow IGMP requests on IPTV |
- iptv_servers = 172.17.141.0/24, 172.17.145.0/24
- iptv_streams = 224.0.0.0/24, 239.0.0.0/8
Ce kdo tole poskusa na telekomu, bo rabil spremenit dst port pri drugem pravilu za WAN (uporabljajo 5002 in 5003), vec info na strani Uroš's IPTV tools.
Pa se nekaj glede proxmoxa:
Pred nekaj dnevi sem dobil idejo zbrisat vse (razen enega) vmesnike in vse laufat prek enga vtneta. To je zal zjebal multicast, ker je privzeto vklopljen igmp snooping pa sklopljen querier na host bridgu. Mal sem poskusal to nastavit v /etc/network/interfaces, ampak sem na koncu obupal in dodal nazaj posamezne vmesnike.