[asterisk-users] odd issue with IP tables

Ron McLeod ron.asterisk.users at mcleodnet.com
Sat Nov 18 19:05:32 MST 2006


Do your user agents use some services from the server such as DNS?

Ron


> -----Original Message-----
> From: Curt Shaffer [mailto:cshaffer at gmail.com]
> Sent: Saturday, November 18, 2006 5:41 PM
> To: ron.asterisk.users at mcleodnet.com; 'Asterisk Users Mailing List - Non-
> Commercial Discussion'
> Subject: RE: [asterisk-users] odd issue with IP tables
> 
> -A INPUT
> # Accept traffic with the ACK flag set
> -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT
> # Allow incoming data that is part of a connection we established
> -A INPUT -m state --state ESTABLISHED -j ACCEPT
> # Allow data that is related to existing connections
> -A INPUT -m state --state RELATED -j ACCEPT
> -A INPUT -p tcp -m tcp --dport ssh -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
> -A INPUT -p udp -m udp --dport 5060:5061 -j ACCEPT
> -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
> -A INPUT -p udp -m udp --dport 4569 -j ACCEPT
> 
> And to respond to Alex, The box is only doing Asterisk. 2.8Ghz proc with
> 1GB
> of RAM. The iptables is on the server itself.
> 
> -----Original Message-----
> From: asterisk-users-bounces at lists.digium.com
> [mailto:asterisk-users-bounces at lists.digium.com] On Behalf Of Ron McLeod
> Sent: Saturday, November 18, 2006 7:36 PM
> To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
> Subject: RE: [asterisk-users] odd issue with IP tables
> 
> Post your IP tables configuration here if it isn't too big.
> 
> Ron
> 
> 
> > -----Original Message-----
> > From: asterisk-users-bounces at lists.digium.com [mailto:asterisk-users-
> > bounces at lists.digium.com] On Behalf Of Curt Shaffer
> > Sent: Saturday, November 18, 2006 5:05 PM
> > To: 'Asterisk Users Mailing List - Non-Commercial Discussion'
> > Subject: [asterisk-users] odd issue with IP tables
> >
> > I put iptables on my asterisk box and an odd thing occurs. I allow 5060
> > and
> > 10000-20000. As soon as I start iptables and make a call it literally
> > takes
> > 60-90 seconds before the call even starts to ring. As soon as I shut
> > iptables off, the call goes through immediately again. Its quite odd.
> The
> > call does eventually go through and talks fine but it takes sooo long to
> > connect. Anyone have some suggestions?
> >
> > Thanks
> >
> > Curt
> >
> > _______________________________________________
> > --Bandwidth and Colocation provided by Easynews.com --
> >
> > asterisk-users mailing list
> > To UNSUBSCRIBE or update options visit:
> >    http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> 
> _______________________________________________
> --Bandwidth and Colocation provided by Easynews.com --
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-users




More information about the asterisk-users mailing list