diff --git a/manjaro.sh b/manjaro.sh
index 647916f..9c23edc 100755
--- a/manjaro.sh
+++ b/manjaro.sh
@@ -60,8 +60,8 @@ sudo systemctl enable --now coolercontrold.service
 sudo systemctl edit coolercontrold.service  # set log level to WARN
 
 # video streaming
-yay plex-media-server
-sudo systemctl enable --now plexmediaserver.service
+yay vlc protobuf
+yay castnow
 
 # div applications
 yay i3status \
diff --git a/ufw.sh b/ufw.sh
index 2156c74..ff08837 100755
--- a/ufw.sh
+++ b/ufw.sh
@@ -1,7 +1,7 @@
 #!/bin/sh
 set -e
 
-ZEROTIER_HJARL="172.30.0.0/255.255.0.0"
+ZEROTIER_HJARL="172.30.0.0/16"
 
 ufw disable
 ufw reset
@@ -18,18 +18,19 @@ ufw allow in 10000:10100/tcp comment "generic"
 ufw allow in 2376,2377,7946/tcp comment "Docker tcp"
 ufw allow in 4789,7946/udp comment "Docker udp"
 
-# multicast
+# media streaming
+ufw allow in from 192.168.0.0/16 to any port 8010 proto tcp comment "chromecast"
+ufw allow in from 192.168.0.0/16 to any port 4101 proto tcp comment "castnow subs"
+ufw allow in from 192.168.0.0/16 to any port 4103 proto tcp comment "castnow transcode"
 ufw allow in proto igmp to 224.0.0.0/8 comment "multicast"
+# ufw allow in from 192.168.0.0/16 to any port 32768:60999 proto udp comment "ephemeral ports"
 
 # zerotier
 ufw allow in 9993/udp comment "zerotier"
 ufw allow in from $ZEROTIER_HJARL comment "zerotier hjarl network"
 
 # plex
-ufw allow in 1900/udp comment "upnp service discovery"
-ufw allow in 32400/tcp comment "plex"
-ufw allow in 32410,32412:32414/udp comment "plex GDM network discovery"
-ufw allow in 32469/tcp comment "plex DLNA server"
+ufw allow in 1900,7349/udp comment "upnp service discovery"
 ufw allow in from 192.168.0.0/16 to any port 32768:61000 proto udp comment "ephemeral ports"
 
 # steam link