[asterisk-users] Iptables rule help
Tim C. Lewis
tclewis at oreilly.com
Fri Dec 15 13:08:09 MST 2006
well that should map incoming packets to 5091 to 5060, but may not rewrite
[new] outbound packets from 5060 to 5091, which your isp may be blocking.
an iptables SNAT or MASQUERADE might help you there. i'm not positive on
if this would be needed or not.
more importantly, however, if your isp is blocking all outgoing traffic to
5060, it won't get to your softphone anyway, unless you also configure
that end to also not use 5060. and if you're reconfiguring ports on the
softphone end anyway, why not just put 5091 in there, 5091 in sip.conf's
bindport, and not mess with iptables at all?
another option might be that your isp is blocking rtp as well.
can you see what the asterisk console is doing when you attempt such
calls? and/or tcpdump?
-tcl.
On Sat, 16 Dec 2006, Mail list wrote:
> Hello my isp has blocked outgoing and incoming connection for port 5060 . I
> have ssh access to server so i want to send all traffic from port 5091 to
> port 5060 of asterisk .so i tried
>
> iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5091 -j DNAT --to
> 127.0.0.1:5060
>
> Now my softphone is able to register with asterisk but it isnt able to make
> any calls .
>
> bindport = 5091 in my sip.conf under extensions is not working .. asterisk
> doesnt listen to port 5091 .. but if i put in general section of
> sip.confthen it works but then asterisk wont listen on 5060 . How can
> i use iptables
> in this situation ?
>
More information about the asterisk-users
mailing list