<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN">
<html><body>
<p>Greetings!</p>
<p>Recently I had to change the port Asterisk listens to (non-standard, to hide from bruteforce attacks), but at the same time I wanted to not break the system for all current users. So I needed some way to listen to two ports for some time.</p>
<p>I did some research in the Internet and found the only one solution - via iptables REDIRECT</p>
<p>For some reason it was not working for me, and I found many discussions saying that lots of people can't get it working either.</p>
<p>Despite the statistics for rule say that there are packets processed by the rule, they did not reach the Asterisk. Moreover, the statistic is kind of strange - only 8 packets per hour... is way too few for system with 100 active users, I guess.</p>
<p>AND here starts the strange thing. Despite statistics saying that so few packets are redirected to the new port, almost all peers went up - with the new port.</p>
<p>Then i get to tcpdump... And I see some weird stuff:</p>
<p>(A.A.A.A is client and B.B.B.B is asterisk)</p>
<p>14:41:38.506577 IP A.A.A.A.53082 > B.B.B.B.11111: UDP, length 512<br />14:41:38.506806 IP B.B.B.B > A.A.A.A: ICMP B.B.B.B udp port 11111 unreachable, length 548</p>
<p>Here ^^, some client trying to access the old port, and getting Port Unreachable reply. But here:</p>
<p>14:41:49.396724 IP A.A.A.A.65027 > B.B.B.B.11111: UDP, length 673<br />14:41:49.397742 IP B.B.B.B.11111 > A.A.A.A.65027: UDP, length 555<br />14:41:49.397819 IP B.B.B.B.11111 > A.A.A.A.65027: UDP, length 560</p>
<p>some other client accessing the very same port, and Asterisk accepts request! Despite having another port in sip.conf, and netstat showing that no process is listening to the 11111 port.</p>
<p>tcpdump'ing with port filter shows that Asterisk has lots of active conversations on both ports - the old one and the new one. </p>
<p>Would you kindly share some holy wisdom and explain me how can Asterisk listen to both ports simultaneously, despite all configs?</p>
<p>And, sorry for long post. Couldn't make it shorter.</p>
<div>
<pre><span class="sig"><span style="color: #999999;">-- </span><br /><span style="color: #999999;">With Best Regards</span><br /><span style="color: #999999;"><a title="mailto:mlischuk@itx.com.ua" href="mailto:mlischuk@itx.com.ua">Mikhail Lischuk</a></span><br /><span style="color: #999999;"><br /></span></span></pre>
</div>
</body></html>