similar to: Iptables rule help

I am using a month old svn version of asterisk 1.2 . I have set bindport=5091 for a sip peer ( type = friend) and nat=yes .. in sip show peer it shows port 5091 for peer but asterisk isnt listening on port 5091 at all . I tried both port=5091 as well as binport=5091 but asterisk does not listen on port 5091 . What am i doing wrong ? -------------- next part -------------- An HTML attachment was

Hi, I am running a ASTERISK BOX behind a firewall. It is at DMZ . Now I want to connect to my ASTERISK BOX from Internet. So I want to DNAT. How can I do it? Pls assume that ip address that connects to Internet on firewall is 1.2.3.4and is attached to eth0. And ASTERISK BOX is 192.168.101.23 Then, What is the rule (PREROUTING) for it? What is the port to DNAT? I think udp 5060. So I have

Hi all, I've a CentOS box which as two NIC; this box is also a router for LAN subnet: ------------------------------------ | eth0 (external) 172.0.0.1 | | eth1 (internal) 192.168.1.1 | ------------------------------------ | LAN clients (192.168.1.2+) I want to allow http acces only for two LAN boxes; an only http access, which means that others protocols as smtp, pop3,

I am having a one way audio issue with xlite clients behind NAT. They can connect to the server and make calls but no audio is heard on the other end. my sip conf [general] context=default bindport=5060 bindaddr=0.0.0.0 srvlookup=yes canreinvite=no[tomfmason] type=friend secret=secret callerid="Thomas Johnson" <XXXX> host=dynamic nat=yes canreinvite=no disallow=all allow=gsm

Hi. I have two internet connections, the ADSL2+ is very very cheap (but fast 10mb) and I want to use the SHDSL (2mb) only for mail,ssh,http OUT and the ADSL2+ only for surfing. I all works fine if people specify the proxy in the browser, but in case like flash it of no use. Further if I can make the 80/443 traffic go through the proxy only, its an added bonus. If this can be done, fine. Bue I

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall ( i.e - its ip address - 1.2.3.4/29) to the internet ip

Hi, I have an DNAT ISSUE with PREROUTING. This is my setup. I have 2 firewalls running iptables. Pls asume 1.2.3.4/29 is the internet interace of FIRST firewall. 2.3.4.5/29 is the internet interface of SECOND firewall. it has DMZ zone. in that DMZ zone, mail server runnig @ 192.168.100.3 Now I want to DNAT port 25 of FISRT firewall (i.e - its ip address - 1.2.3.4/29) to the internet ip

Is there a way to add a rule to the nat table (CentOS 5.7) that would alter the port number of tcp packets destined for the server itself? I have ip_forwarding enabled, but the packets don't seem to hit the prerouting chain. I have the following redirect rule in the prerouting table. I also tried DNAT, but if the packets don't hit PREROUTING, it won't work either. iptables -t nat

On Tue, 2016-06-21 at 15:46 +0100, Always Learning wrote: > On Tue, 2016-06-21 at 16:24 +0200, Alexander Farber wrote: > > > *nat > > :INPUT ACCEPT > > :OUTPUT ACCEPT > > :PREROUTING ACCEPT > > :POSTROUTING ACCEPT > > -A PREROUTING -p tcp --dst 144.76.184.154 --dport 8080 -j REDIRECT > > --to-port 80 > >

https://bugzilla.netfilter.org/show_bug.cgi?id=1408 Bug ID: 1408 Summary: The Check option of iptables does not work as expected Product: nftables Version: unspecified Hardware: arm OS: Ubuntu Status: NEW Severity: minor Priority: P5 Component: iptables over nftable Assignee:

Hi all, I'm a bit confused reading the RHEL System-Administrator-Guide regarding this: (1) iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 10.1.2.253:80 (2) iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.1.2.253:80 The first is for port forwarding, the second is said to be used for DMZ. But I tried both and the result is the same.

I have a server whit 2 interfaces of network, where eth0 is the interfaces connetc to internet and eth1 to the internal network. This server hace a Squid only, but i setting the iptables for protection to the server. Iptables run from script and in this script i setting the redirection for the other server in my internal network to port 80 and 443. I follow the diferent how to and many manual, but

Hi i have a debian box working as a router.. it works quite well, now i want to give more than 1 ip.. is it possible to do it? some of them must be an open ip.. i mean.. all ports opened is it possible? how should i do it? Here is my nat.sh script just in case someone wants it.. (comments r in spanish.. and not right) Thanks in advance, #!/bin/sh echo "AthoS LaN Generando

Hi all, All of a sudden all my IAX DIDs have gone down. I couldn't find any reason other than that the ISP is blocking port 4569. DIDs register fine from my home server, but not from office server, which is not behind any NAT. SIP registers fine. I am trying to change IAX port but it apparantly IAX works only on 4569. Changing it in iax.conf doesn't do anything. Changing it is

Dear all, I would like to forward a port to an internet server, but failed. can you help me? Server: eth0: 192.168.1.250, Port: 8080 TCP, CentOS 5.6 Remote server: IP: a.b.c.d Port: 8181 Forward path: client1(192.168.1.10) -> 192.168.1.250:8080 (forward) -> a.b.c.d Port: 8181 ----------------------------------------- In Fedora, I successfully to config the firewall using

Wondering if anyone is willing to give me a little assistance with some firewall rules. I think what I'm looking for is fairly simple, and I've been trying to use webmin's firewall module without success. I have a web server that I'd like to open up port 80 and forward a specific port for a select number of allowed ips. That's it. Everything else is dropped. allow: port 80

I have a simple requirement/test I'm trying to perform, but having difficulty. I have a system with 2 interfaces, BoxA: eth0? 172.26.50.102 eth1? 192.101.77.62 My goal is to have a tcp port built on BoxA such that hosts on the 192.101.77.0/24 network can reach a port on a different box on the 172.26.0.0/16 network. The target system is 172.26.10.120?? tcp/22 The port I wish to build is

https://bugzilla.netfilter.org/show_bug.cgi?id=887 Summary: iptables.xslt wrong "match" -m handling Product: iptables Version: 1.4.x Platform: All OS/Version: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: unknown AssignedTo: netfilter-buglog at lists.netfilter.org

Hi Here is a short description of my network: ppp0 (adsl) ppp1 (adsl) | | | | --------------------- | Router | | Firewall | | MASQUERAD | | DNAT | | | | eth0 | --------------------- | | | ---------------------- |

Hi. I have strange troubles with DNATing UDP packets. The situation: 1. We have local network 10.10.0.0/16 2. We have a "server network" 192.168.1.0/25 connected with local network by a router 10.10.100.1 (other ip 192.168.1.1). 3. Web server is located at 192.168.1.2 4. There are HW pingers in the net 10.10.0.0/16 whose do ping 10.10.100.1 every second. The ping is the UDP packet