Which Ports to open for the HA docker (running with --net=host)

Hi all,

I recently switched from using Hass.io on a Raspberry Pi 3 to the HA docker, run on Ubuntu 18.04. I run it with “–net=host” meaning it is exposed to the outside world. However, I also run UFW (Uncomplicated FireWall).

Hassio on the Pi showed me many things by default, my Sonos, Hue, Chromecast, even the status of my Samsung Printer’s laser cartridge. Very nice indeed. The Docker does this only when I disable the Firewall (sudo systemctl ufw stop). But I don’t want to do this, I prefer to open a select number of ports. I tried the upnp ports (udp 1900, 1901) and several other, I got the Chromecast working but the Sonos never worked, even after opening most ports listed on this page: https://support.sonos.com/s/article/688?language=nl_NL&utm_medium=firewall&utm_source=cr-care&utm_content=dutch-cr-care-firewall. Are there any suggestions, what are the ports to open to get the same functionality as I had on Hassio?

Thank you in advance.

I’m not really sure what you mean by that. It’s not “exposed to the outside world” until you open the ports to that machine on your router. until then it’s only exposed to the other machines on your inside LAN.

So, I have drilled it down to these ports:

8123/tcp ALLOW Anywhere
1900/udp ALLOW Anywhere
1901/udp ALLOW Anywhere
137/udp ALLOW Anywhere
136/udp ALLOW Anywhere
138/udp ALLOW Anywhere

Strangely, sometimes t works and sometimes it doesn’t I’m going crazy here… For now it seems to now work again. Help highly appreciated, I would really like a minimal amount of ports to be open.

I understand, I mean my lan with outside world, not just 127.0.0.1. I only use HA from my Lan (or with SSH tunnels when being outside).

I finally got it to work by adding the IP adresses of all speakers to my config yaml, as suggested here: https://community.home-assistant.io/t/sonos-media-players-no-longer-autodiscovered/96472/8, I can keep the firewall completely shut and it still works. Nice.