[Asterisk-Users] Shorewall firewall rules
Remco Barende
asterisk at barendse.to
Sat Apr 2 02:10:28 MST 2005
I'm trying to get firewalling working but I am clueless as to which ports
I need to open, I keep opening more ports and it's not working :(
Basically I want SIP and IAX2 to work. IAX2 works fine, but SIP is giving
me a headache. It seems that the stateless firewall is not able to handle
SIP. I'm using shorewall as my firewall with these rules:
ACCEPT net fw udp 4569
ACCEPT fw net udp 4569,5060,10000:20000
My rtp.conf says this:
rtpstart=10000
rtpend=20000
Whenever I make a call I get these messages:
Apr 2 09:18:25 pbx kernel: Shorewall:fw2net:REJECT:IN= OUT=eth1
SRC=myip DST=80.118.132.66 LEN=200 TOS=0x00 PREC=0x00 TTL=64 ID=116 DF
PROTO=UDP SPT=17798 DPT=7356 LEN=180
Apr 2 09:18:26 raveon kernel: Shorewall:net2fw:REJECT:IN=eth1 OUT=
SRC=80.118.132.66 DST=myip LEN=200 TOS=0x00 PREC=0x00 TTL=53
ID=859 PROTO=UDP SPT=7356 DPT=17798 LEN=180
So it seems that the %&*$*&$^&!!!! server is still trying to out out via a
port lower than the range set in rtp.conf
What is port 7356 for and what should I open to get it to work? I looked
through the wiki but the low level iptables rules posted there do not make
any sense to me.
Thanks!
More information about the asterisk-users
mailing list