[asterisk-users] SJphone behind NAT/Firewall without sound

Amit Nagpal anagpal at velankani.com
Fri Apr 4 01:55:08 CDT 2008 

Is the Asterisk server yours? I am trying to figure out if Asterisk is in
your control and if it could be a problem at Asterisk, rather than your
SJPhone or your script, because I don't see any glaring problems in the
script.

Regards,
Amit.

-----Original Message-----
From: asterisk-users-bounces at lists.digium.com
[mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of kazabe
Sent: Friday, April 04, 2008 9:00 AM
To: asterisk-users at lists.digium.com
Subject: [asterisk-users] SJphone behind NAT/Firewall without sound

Hi.

I need connect some LAN stations with SJphone to an Asterisk Server
published on Internet.

My Lan Clients access to Internet using a small linux firewall/proxy
server.  I use the next firewall script.  That is a simple script with
default policy ACCEPT, and NAT to share Internet.    I can connect to
the asterisk server, authtenticate the users in the server, and dial
to any extension,  but we can ear any sound.    I need some additional
rules in my script?

Thanks in advance

#!/bin/bash
IPTABLES=/sbin/iptables
EXT="eth0"
INT="eth1"
case "$1" in
	start)
		echo "1" > /proc/sys/net/ipv4/ip_forward
		$IPTABLES -F INPUT
		$IPTABLES -F OUTPUT
		$IPTABLES -F FORWARD
		$IPTABLES -F
		$IPTABLES -t nat -F
		$IPTABLES -t nat -A POSTROUTING -s 192.168.12.0/24 -d
0.0.0.0/0 -o
$EXT -j MASQUERADE
		$IPTABLES -t nat -A PREROUTING -p TCP -s 192.168.12.0/24
--dport 80
-d -j REDIRECT --to-port 3128
		$IPTABLES -A INPUT -i $EXT -p ICMP -j ACCEPT
		$IPTABLES -A INPUT -i $EXT -p TCP --dport 22 -m state
--state NEW -j ACCEPT
		$IPTABLES -A INPUT -i $EXT -p TCP --dport 443 -m state
--state NEW -j ACCEPT
		$IPTABLES -A INPUT -i $EXT -p TCP --dport 80 -m state
--state NEW -j ACCEPT
		$IPTABLES -A INPUT -p TCP -m state --state RELATED -j ACCEPT
		$IPTABLES -A INPUT -i $EXT -m state --state NEW,INVALID -j
DROP
		$IPTABLES -A FORWARD -i $EXT -m state --state NEW,INVALID -j
DROP
		;;
	stop)
		$IPTABLES -F INPUT
		$IPTABLES -F OUTPUT
		$IPTABLES -F FORWARD
		$IPTABLES -F
		$IPTABLES -t nat -F
			;;
	restart)
			$0 stop
			sleep 2
			$0 start
		;;
	status)
		$IPTABLES -L
		$IPTABLES --table nat --list --exact --verbose --numeric
--line-numbers
		;;
	*)
		echo "Usage: $0 {start|stop|restart|status}"
		exit 1
esac
exit 0

-- 
"Imagination is more important than knowlege"
A.E.

_______________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-users

More information about the asterisk-users mailing list