Dear Group! I want to improve the firewall rules for SIP and I already compiled the linux kernel with additional SIP netfilter settings Now I found this on the internet: modprobe ip_conntrack_sip ip_nat_sip Set IPtables filter rules iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p udp --dport 5060 -j ACCEPT Set IPtables NAT rules iptables -A FORWARD -o eth0 -p udp --dport 5060 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source ip.add.dr.ess ---------- But I do not understand it. where is eth0 connected to in this example ? and what would be the source ip adress ? what will happen if i amn connected to 2 sip gateways ? -- Ist Ihr Browser Vista-kompatibel? Jetzt die neuesten Browser-Versionen downloaden: http://www.gmx.net/de/go/browser
Hallo, I'd like to correctly set up my firewall in my system for udp and asterisk I have got a server, which has got one static ip adress to the internet. Asterisks is running on this server. It registers at sipgate.at and mujtelefon.com The Server also does nat to the my intranet, where my pc and my hardware sip phone sits. The Hardware sip phone registers to asterisk on my server from its intranet ip adress. Everything works fine. The question is just: How to code good stateful firewall rules with iptables and netfilter_sip ? What would be apropriate to my system ? rds -- GMX FreeMail: 1 GB Postfach, 5 E-Mail-Adressen, 10 Free SMS. Alle Infos und kostenlose Anmeldung: http://www.gmx.net/de/go/freemail