[asterisk-users] ASTERISK NOT LISTENING IN PORT 5060
Steven Ringwald
asric at asric.com
Fri Sep 1 12:17:54 MST 2006
Bob Chiodini wrote:
> I think all anywhere should allow 5060. Try running service iptables
> stop (as root) to shutdown the firewall. See if 5060 then answers.
>
> I'm not running a firewall on my asterisk box so I'm not sure what the
> rule would need to be. service iptables start will restore the firewall.
>
> Bob...
>
> Elpidio Ramos wrote:
>> Bob,
>>
>> I get the same answer you get when using netstat -an
>>
>> When I query the firewall rules I get this:
>> Chain RH-Firewall-1-INPUT (2 references)
>> target prot opt source destination
>> ACCEPT all -- anywhere anywhere
>> ACCEPT icmp -- anywhere anywhere icmp any
>> ACCEPT ipv6-crypt-- anywhere anywhere
>> ACCEPT ipv6-auth-- anywhere anywhere
>> ACCEPT udp -- anywhere 224.0.0.251 udp
>> dpt:5353
>> ACCEPT udp -- anywhere anywhere udp dpt:ipp
>> ACCEPT all -- anywhere anywhere state
>> RELATED,ESTABLISHED
>> ACCEPT tcp -- anywhere anywhere state
>> NEW tcp dpt:ssh
>> ACCEPT tcp -- anywhere anywhere state
>> NEW tcp dpt:http
>> REJECT all -- anywhere anywhere
>> reject-with icmp-host-prohibited
>>
>> I assume this indicates port 5060 is restricted?
>>
It ought to. The example above is 'REJECT' all -- anywhere. Change the
REJECT to ACCEPT and restart, and everything should be golden (for
testing). If this box has any slight chance of being hacked into over
the net, though, I would look at the iptables docs and lock it down.
Steve
More information about the asterisk-users
mailing list