Displaying 20 results from an estimated 10000 matches similar to: "How do I configure shorewall to work with VoIP SIP?"
2008 May 23
5
Shorewall is eating my Asterisk egress traffic
I have four-interface Shorewall config set up. The "dmz" interface is
bridged with "net" so I can assign public IP''s to the servers in the DMZ. I
opted to do this rather than SNAT or ARP proxying because one of the servers
runs Asterisk and SIP and NAT don''t always work well together. Somehow, my
firewall config is causing a one-way audio problem in
2009 Aug 03
3
SIP AND NAT
I recently did a set up where I replaced a simple D-link home router
that was having trouble processing a T1's worth of bandwidth with a
linux machine running iptables. the kernel was 2.6.29-r5 and I chose
the SIP connection tracking modules from the menuconfig.
Router worked fine for normal traffic, but I was unable to get the SIP
phones to work. Using ngrep it was plain to see
2007 Oct 26
10
Port problem.
Hello,
We have a video conference server using tcp and udp 3001 prot in internal,
external user said that can''t connect to video server and held on 3001 fail,
the following is file configuration,
nat: 1.2.3.4 eth1:3 192.168.0.18
rule: video/ACCEPT net loc:192.168.0.18
marco.video:
PARAM - - tcp 3000
PARAM - -
2007 Aug 24
13
Shorewall 3.4.x - Error when (re) starting - segmentation fault
Shorewall 3.4.6 running on SuSE Linux 10.2
Compiling Rule Activation...
Shorewall configuration compiled to /var/lib/shorewall/.restart
Processing /etc/shorewall/params ...
Restarting Shorewall....
/sbin/shorewall: line 665: 6782 Segmentation fault
$SHOREWALL_SHELL ${VARDIR}/.restart $debugging restart
got this with V3.4.4, updated to 3.4.6 this morning, but that didn''t help.
2007 Aug 15
8
Shorewall and printing problems in the LAN ( loc ) zone
Guys,
Just a quick check. From what i have read in the
shorewall site, intrazone traffic is allowed
completely by shorewall i.e. there is no filtering or
packet size limiting ,etc,etc.
I ask this becos after getting shorewall up and
running well, someone has complained that they cannot
print pdf files larger than 100k at one go but that
they have to print one page at a time.
Some details;
2007 Aug 23
4
Monthly traffic limit
Hi Shorewall Users :)
I have found shorewall firewall and seems to be interesting.
I need to setup a configuration my my network users because i only have 50gb
of traffic per month.
I want to know if the shorewall can make a 48gb per month limit, but
everyday from 1:30 PM do 8:30 AM (happy hour ) the traffic doesnt count.
Can shorewall do that ?
--
Sem Mais
Rui Oliveira
351 - Portugal
2009 Jan 31
1
asterisk-users Digest, Vol 54, Issue 107
Sorry but what does the ACL mean and its relation to the bindaddr?
Regards
Bilal
>
> 30 jan 2009 kl. 16.59 skrev Mike:
>
> > hI,
> >
> > Trying to understand how to setup two PRIs in
> sip.conf. Using
> > Asterisk 1.4.23.
> >
> > I have a provider giving me two PRI (different rate
> centers) through
> > SIP. Both PRI comes in from
2007 Aug 20
6
have to restart shorewall after a dynamic IP change
Hi,
I''ve to restart shorewall when my dynamic IP was changed from my ISP.
Of course i can with a shell script do it automatically, but the
question is still there.. why ?
mess-mate
--
"I understand this is your first dead client," Sabian was saying. The
absurdity of the statement made me want to laugh but they don''t call me
Deadpan
2007 Oct 11
5
Web log viewer
Hi.
What system or software are you using to show the iptables log files
(for example the dropped packages tagged as LOG in the Shorewall
rules)?
Thank you very much!
Bye.
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files
2007 Aug 21
10
Bug in Multi-ISP support
In helping a user on IRC today, I was dismayed to find that a bug that
was supposedly fixed in Shorewall 3.4.4 was not fixed. Furthermore, I
found that the bug is present as far back as 3.2.6 (I didn''t look back
further since 3.2.6 was the release where the user (re-) discovered the
bug.
If HIGH_ROUTE_MARKS=No, then PREROUTING and OUTPUT marking rules are
behaving as if TC_EXPERT=Yes was
2007 Aug 21
10
Bug in Multi-ISP support
In helping a user on IRC today, I was dismayed to find that a bug that
was supposedly fixed in Shorewall 3.4.4 was not fixed. Furthermore, I
found that the bug is present as far back as 3.2.6 (I didn''t look back
further since 3.2.6 was the release where the user (re-) discovered the
bug.
If HIGH_ROUTE_MARKS=No, then PREROUTING and OUTPUT marking rules are
behaving as if TC_EXPERT=Yes was
2007 Aug 15
28
traffic shaping
I try use setup traffic shaping with Shorewall-4.0.2 and have fault.
When i start Shorewall with tc-files configured i get follow messages:
...
RTNETLINK answers: No such file or directory
We have an error talking to the kernel
ERROR: Command "tc filter add dev eth2 parent ffff: protocol ip prio
50 u32 match ip src 0.0.0.0/0 police rate 500kbit burst 10k drop flowid
:1" Failed
2007 Jul 22
4
[Patch] Support embedded systems better
Hi,
I am one of the developers of the FreeWRT project and I want to give
you some feedback. Shorewall runs quite fine on our supported devices,
but we need to patch Shorewall to get it
running as expected. The problem is the ip command and busybox 1.4.2.
Some words about busybox:
BusyBox is a multi-call binary that combines many common Unix
utilities into a single executable.
2007 Nov 07
5
shorewall compile as non-root user
Hello,
please excuse me if this has been discussed or even solved before, but
I could not find it in the archives.
I''m in the process of migrating several gateways to shorewall-lite,
keeping the configfiles on one central adminstrative machine,
basically following the guide at
http://www.shorewall.net/CompiledPrograms.html .
As I understand it, the local /etc/shorewall directory on the
2007 Jul 29
12
Shorewall 4.0.0 + Kernel 2.6.21.5-grsec
Hello,
My hoster updated its kernel packages... It contained some old problems
that should have been fixed. My servers have now a wonderful 2.6.21.5
kernel + grsec running.
Both are running Debian 4.0 (stable release).
mx:/etc/shorewall# iptables --version
iptables v1.3.6
mx:/etc/shorewall# uname -a
Linux mx.network-hosting.com 2.6.21.5-grsec-xxxx-grs-ipv4-32 #1 SMP Fri
Jul 27 17:18:23 CEST
2007 Nov 07
3
Blacklist questions ...
This mail goes mainly to Tom, as he sent some Laptop configurations files
to the list.
I checked the files you had sent to the list as answer to
[Shorewall-users] Shorewall on a laptop
Now - Is there a specific reason why you actually lock/blacklist the
following ports ?
- udp 1024:1033,1434
- tcp 57,1433,1434,2401,2745,3127,3306,3410,4899,5554,6101,8081,9898
These should IMHO be blocked by
2007 Aug 13
4
Problem with iprange in shorewall 4.0.2
Hi,
I have the following problem while activating this rule entry using shorewall-shell:
ACCEPT:notice:rul WAN:139.x.x.226 INT:139.x.x.153-139.x.x.156 udp 1024:65535 1024:65535
"-m iprange" in front of "--dst-range" is missing in the activation command.
The logging entry (above) is set correct.
Below is the debug output.
Thanks
Regards
Günter
+ case $level in
+
2007 Aug 30
28
Multi-Isp Masqerade ?
Mike Lander wrote:
> I am building a shorewall box that the last post has the SSH error and
> wanted
> some feedback from the list if possible. At first I thought the two ISP''s
> I
> building this
> for had two T-1''s with FQ ip''s as it. I have the box built for this ready
> to
> go.
> Now I find out that one of the T-1''s is
2007 Nov 09
3
Shorewall + Squid transparent + Apache
I remember to see something about that in shorewall.net some time ago,
but I could not find it today ...
The case :
Debian Etch, Shorewall 3.2.6, squid3 and Apache 2 .
The first 3 where already running fine for some time ...
Now I need to setup an Apache server to allow some web mannagement,
things like PHPsysinfo, phppgadmin, just for internal net, no web access .
but port 80 is redirected to
2007 Aug 06
3
how do I use shorewall to protect server from ARP spoofing attack ?
My firewall is using shorewall 3.0.x and CentOS
Recently, I found that firewall is attaching from ARP spoofing..
There are a lot of "out of socket memory" in messages log
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and