[asterisk-users] ASTERISK NOT LISTENING IN PORT 5060

Steven Ringwald asric at asric.com
Fri Sep 1 12:17:54 MST 2006

Bob Chiodini wrote:
> I think all anywhere should allow 5060.  Try running service iptables 
> stop (as root) to shutdown the firewall.  See if 5060 then answers.
> I'm not running a firewall on my asterisk box so I'm not sure what the 
> rule would need to be.  service iptables start will restore the firewall.
> Bob...
> Elpidio Ramos wrote:
>> Bob,
>> I get the same answer you get when using netstat -an
>> When I query the firewall rules I get this:
>> Chain RH-Firewall-1-INPUT (2 references)
>> target     prot opt source               destination        
>> ACCEPT     all  --  anywhere             anywhere           
>> ACCEPT     icmp --  anywhere             anywhere            icmp any
>> ACCEPT     ipv6-crypt--  anywhere             anywhere           
>> ACCEPT     ipv6-auth--  anywhere             anywhere           
>> ACCEPT     udp  --  anywhere            udp 
>> dpt:5353
>> ACCEPT     udp  --  anywhere             anywhere            udp dpt:ipp
>> ACCEPT     all  --  anywhere             anywhere            state 
>> ACCEPT     tcp  --  anywhere             anywhere            state 
>> NEW tcp dpt:ssh
>> ACCEPT     tcp  --  anywhere             anywhere            state 
>> NEW tcp dpt:http
>> REJECT     all  --  anywhere             anywhere            
>> reject-with icmp-host-prohibited
>> I assume this indicates port 5060 is restricted?
It ought to. The example above is 'REJECT' all -- anywhere. Change the 
REJECT to ACCEPT and restart, and everything should be golden (for 
testing). If this box has any slight chance of being hacked into over 
the net, though, I would look at the iptables docs and lock it down.


More information about the asterisk-users mailing list