Leebra jellyfin
login register

Make clients autodiscover Jellyfin over your router

20 days ago by nibbler to c/jellyfin

save

share

report

https://jellyfin.org/... tells me "Additionally, in local networks, Jellyfin offers various Auto-Discovery services. These will not work outside your local subnet."

Of course I don't run jellyfin in my main network, who in his right mind would do such a crazy thing. But of course I want Autodiscovery, because typing in names/IPs sucks.

So this is what one needs to do on his firewall to make it work:


iptables -t mangle -A INPUT -s 10.0.2.0/24 -i family -d 255.255.255.255 -p udp --dport 7359 -j TEE --gateway 10.0.0.39 # copy received broadcast to the jellyfin network
iptables -A FORWARD -i jellyfin -o family -p udp --sport 7359 -j ACCEPT # allow the unicast response

with adjusted interface names and broadcast IPs. Thanks to https://odi.ch/weblog/posting.php?posting=731 for sharing - and the commenters there for improving.

Edit: My first version was like 7 policies, but things are simpler than I thought.... down to two.

frongt 4 points 20 days ago

Why do you have jellyfin behind an extra firewall?

save

path: 0 24105963, hotness: undefined, score: 4, children: 2
nibbler 5 points 19 days ago

High level of segmentation is always beneficial for security. Jellyfin has had quite some security issues in the past [0], so it's not just a theoretic concern. Also it has a bunch of open ports for those additional services you want to run. Watch-Wise does not even have authentication. Sure, I could setup another reverse proxy, but I prefer to run it via my main reverse proxy that owns 443/tcp on my wan interface.

My family network is for family-member client devices only (mobiles, tablets, laptops and PC). It is client-isolated at least in the WLAN part. TVs and sound system are in another dedicated iot lan/wlan (vlan).

Also I thought over-engineered stuff is part of the self-hosting fun :D

[0] https://github.com/jellyfin/jellyfin/security

save

path: 0 24105963 24111160, hotness: undefined, score: 5, children: 0
yaroto98 0 points 20 days ago

save

path: 0 24105963 24108493, hotness: undefined, score: 0, children: 0
eodur 2 points 19 days ago

That would be so helpful. I'll have to try adapting this to my network.

save

path: 0 24120211, hotness: undefined, score: 2, children: 0
jellyfin
jellyfin

@lemmy.ml

login for more options
9052
449
307

Current stable release: 10.11.11

Community Standards

Website

Forum

GitHub

Documentation

Feature Requests

Matrix (General Information & Help)

Matrix (Announcements)

Matrix (General Development)

Matrix (Off-Topic) - Come get to know the team and blow off steam!

Matrix Space - List of all the available rooms on Matrix.

Discord - Bridged to our Matrix rooms

go to feed...