[asterisk-users] iptables for SIP talk to other port
Mike
mike352 at microdel.org
Sun Oct 16 17:55:53 CDT 2016
I'm by no means an iptables guru...
Not sure if it's necessary to enable forwarding via:
echo "1" > /proc/sys/net/ipv4/ip_forward
Also have you tried without the "POSTROUTING" rule?
I seem to recall that "iptables" is smart enough to correctly route
packets back out without that rule.
On Sat, 15 Oct 2016, Jerry Geis wrote:
> I have a host 192.168.1.3 that wants to run SIP on 5068 (long story).My host is 192.168.10.201.
> My host needs to stay on 5060 because of all the other devices I have connected.
>
> I tried putting port=5068 in my SIP extension definition but that did not work.
>
> So I thought about using iptables to accomplish this:
>
> iptables -t nat -A PREROUTING -p tcp --dport 5068 -j REDIRECT --to-port 5060
> iptables -t nat -A POSTROUTING -p tcp --dport 5060 -d 192.168.1.3 -j REDIRECT --to-port 5068
>
>
> Do I not have the right format of the command?
> Anything incoming destined for 5068 redirect to 5060...
> Anything going out to 192.168.1.3 and port 5060 redirect to 5068.
>
> Seems like that should have worked?
>
> Thoughts? sip show peers still says unreachable.
>
> Thanks,
>
> Jerry
>
>
More information about the asterisk-users
mailing list