<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.6000.16809" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=140325118-14042009><FONT face=Arial
color=#0000ff size=2>Your problem is that you put your line after the REJECT
line. Your line is never reached. Move it up one line, before the REJECT, and it
will work as expected.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=140325118-14042009><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=140325118-14042009><FONT face=Arial
color=#0000ff size=2>// T</FONT></SPAN></DIV><BR>
<BLOCKQUOTE
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B> asterisk-users-bounces@lists.digium.com
[mailto:asterisk-users-bounces@lists.digium.com] <B>On Behalf Of </B>jonas
kellens<BR><B>Sent:</B> den 14 april 2009 20:04<BR><B>To:</B> Asterisk Users
Mailing List - Non-Commercial Discussion<BR><B>Subject:</B> Re:
[asterisk-users] Asterisk-beginner : cannot make phonecalls using
Asterisk<BR></FONT><BR></DIV>
<DIV></DIV>There is something wrong with my IPtables !!!<BR><BR>When i do
:<BR><BR>service iptables stop<BR><BR>I see my phones register on the CLI
!!<BR><BR>I can place a call and the phone rings !! I see a whole lot of
SIP-requests on the CLI with SDP-message in body !! That's good
news...<BR><BR>What is wrong with my IPtables-rule I've added in
/etc/sysconfig/iptables ???<BR><BR><FONT size=2><FONT
color=#0000ff>[root@asterisk sysconfig]# cat iptables</FONT></FONT><BR><FONT
size=2><FONT color=#0000ff># Firewall configuration written by
system-config-securitylevel</FONT></FONT><BR><FONT size=2><FONT
color=#0000ff># Manual customization of this file is not
recommended.</FONT></FONT><BR><FONT size=2><FONT
color=#0000ff>*filter</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>:INPUT
ACCEPT [0:0]</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>:FORWARD ACCEPT
[0:0]</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>:OUTPUT ACCEPT
[0:0]</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>:RH-Firewall-1-INPUT -
[0:0]</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A INPUT -j
RH-Firewall-1-INPUT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
FORWARD -j RH-Firewall-1-INPUT</FONT></FONT><BR><FONT size=2><FONT
color=#0000ff>-A RH-Firewall-1-INPUT -i lo -j ACCEPT</FONT></FONT><BR><FONT
size=2><FONT color=#0000ff>-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j
ACCEPT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -p 50 -j ACCEPT</FONT></FONT><BR><FONT size=2><FONT
color=#0000ff>-A RH-Firewall-1-INPUT -p 51 -j ACCEPT</FONT></FONT><BR><FONT
size=2><FONT color=#0000ff>-A RH-Firewall-1-INPUT -p udp --dport 5353 -d
224.0.0.251 -j ACCEPT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT</FONT></FONT><BR><FONT
size=2><FONT color=#0000ff>-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j
ACCEPT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j
ACCEPT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -j REJECT --reject-with
icmp-host-prohibited</FONT></FONT><BR><FONT size=2><FONT color=#0000ff>-A
RH-Firewall-1-INPUT -p udp -m udp --dport 5060 -j
ACCEPT</FONT></FONT><BR><FONT size=2><FONT
color=#0000ff>COMMIT</FONT></FONT><BR><BR><BR>Greetingz,<BR>Jonas.
</BLOCKQUOTE></BODY></HTML>