[asterisk-users] odd issue with IP tables

Curt Shaffer cshaffer at gmail.com
Sat Nov 18 18:41:11 MST 2006 

-A INPUT
# Accept traffic with the ACK flag set
-A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
# Allow incoming data that is part of a connection we established
-A INPUT -m state --state ESTABLISHED -j ACCEPT
# Allow data that is related to existing connections
-A INPUT -m state --state RELATED -j ACCEPT
-A INPUT -p tcp -m tcp --dport ssh -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p udp -m udp --dport 5060:5061 -j ACCEPT
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -p udp -m udp --dport 4569 -j ACCEPT

And to respond to Alex, The box is only doing Asterisk. 2.8Ghz proc with 1GB
of RAM. The iptables is on the server itself.

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Ron McLeod
Sent: Saturday, November 18, 2006 7:36 PM
To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
Subject: RE: [asterisk-users] odd issue with IP tables

Post your IP tables configuration here if it isn't too big.

Ron


> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-
> bounces at lists.digium.com] On Behalf Of Curt Shaffer
> Sent: Saturday, November 18, 2006 5:05 PM
> To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
> Subject: [asterisk-users] odd issue with IP tables
> 
> I put iptables on my asterisk box and an odd thing occurs. I allow 5060
> and
> 10000-20000. As soon as I start iptables and make a call it literally
> takes
> 60-90 seconds before the call even starts to ring. As soon as I shut
> iptables off, the call goes through immediately again. Its quite odd. The
> call does eventually go through and talks fine but it takes sooo long to
> connect. Anyone have some suggestions?
> 
> Thanks
> 
> Curt
> 
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users


_______________________________________________
--Bandwidth and Colocation provided by Easynews.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list