Linux firewall settings for Apple Airplay (Shairport / Shairtunes / Shairplay)

VS. 

The following has taken me an eternity to figure out. I use Airplay from a Linux server to Apple and other airplay devices on my network. Configuring the firewall properly for this to work has not been simple - many guides are vague and lack the specifics needed.

My actual configuration centres around Logitech's squeezeboxserver now known as logitechmediaserver 'LMS' whereby I use the following plugins:

AirPlay bridge - this enables Airplay devices to be used as if they were squeezebox devices, i.e. I can play my LMS stored music / radio / spotify on any of my Airplay devices

ShairTunes2 - this enables Squeezebox devices to be Airplayed to, i.e. I can Airplay from my iPhone/iPad/Mac etc. to any of my LMS squeezebox devices. This is an incarnation of shairplay / shairport .

For along time I have had to disable my firewall to enable my LMS device to connect to my Airplay devices and for music to flow. Once the connection is established I had to then re-enable my firewall - which is not ideal and very cumbersome. Whilst the Airplay devices always showed up in LMS and LMS client the music would just not stream. 

Here's how to configure a linux firewall with UFW to enable Airplay:

Set up ipsec VPN with Strongswan on Ubuntu with PSK for roadwarrior use

This post shows how to setup an ipsec VPN connection in roadwarrior fashion. Roadwarrior mode is where you typically have a mobile device which has a dynamic address and you want to connect back to a VPN server. This post uses a simple pre shared key to establish the VPN connection using strongswan. This is much simpler than my past openswan approach which also relied on L2TP, Pluto etc. needing to be configured. Performance also seems to be better with VPN connections establishing much faster.

Ubuntu simple firewall setup ufw with GUI (gufw)

The Linux kernel in Ubuntu provides a packet filtering system called netfilter, and the traditional interface for manipulating netfilter are the iptables suite of commands. iptables provide a complete firewall solution that is both highly configurable and highly flexible.

Becoming proficient in iptables takes time, and getting started with netfilter firewalling using only iptables can be a daunting task. As a result, many frontends for iptables have been created over the years, the Uncomplicated Firewall (ufw) is a command line based frontend for iptables and is particularly well-suited for host-based firewalls; gufw adds a graphical user interface to ufw. Here's how to setup Ubuntu's firewall with ufw and gufw: