[asterisk-users] Re: Asterisk to listen for sip traffic on 80 and 5060

kjcsb kjcsb at orcon.net.nz
Sat Nov 18 16:56:07 MST 2006



>I have Asterisk listening for sip traffic on port 5060. I want to allow 
>users to use either port 80 or 5060 if they want. Hopefully this will avoid 
>some firewall issues.
>
> Is this a sensible/crazy thing to do? I have done a bunch of searching and 
> believe iptables can help but haven't been able to find an example to 
> forward something from 80 to 5060 inbound and outbound where iptables is 
> running on the same machine as Asterisk. Is iptables the best way to do it 
> (without other hardware) or is there an alternative? If anyone has used 
> iptables to do this would you be willing to share the setup?
>
> Would something like ths work for inbound?:
> iptables -t nat -A PREROUTING -p udp --dport 80 --sport 1024:65535 -j 
> DNAT --to 127.0.0.1:5060
>
> iptables -A FORWARD -p udp -d 1270.0.1 \
>    --dport 5060 -m state --state NEW -j ACCEPT
>
> iptables -A FORWARD -t filter -m state \
>         --state NEW,ESTABLISHED,RELATED -j ACCEPT
>
> What about outbound?
>
> Alternatively is there a better option?
>
> Any suggestions appreciated.
>
> Regards
>
> Cameron



More information about the asterisk-users mailing list