-A INPUT # Accept traffic with the ACK flag set -A INPUT -p tcp -m tcp --tcp-flags ACK ACK -j ACCEPT # Allow incoming data that is part of a connection we established -A INPUT -m state --state ESTABLISHED -j ACCEPT # Allow data that is related to existing connections -A INPUT -m state --state RELATED -j ACCEPT -A INPUT -p tcp -m tcp --dport ssh -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p udp -m udp --dport 5060:5061 -j ACCEPT -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT -A INPUT -p udp -m udp --dport 4569 -j ACCEPT
And to respond to Alex, The box is only doing Asterisk. 2.8Ghz proc with 1GB of RAM. The iptables is on the server itself. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ron McLeod Sent: Saturday, November 18, 2006 7:36 PM To: 'Asterisk Users Mailing List - Non-Commercial Discussion' Subject: RE: [asterisk-users] odd issue with IP tables Post your IP tables configuration here if it isn't too big. Ron > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:asterisk-users- > [EMAIL PROTECTED] On Behalf Of Curt Shaffer > Sent: Saturday, November 18, 2006 5:05 PM > To: 'Asterisk Users Mailing List - Non-Commercial Discussion' > Subject: [asterisk-users] odd issue with IP tables > > I put iptables on my asterisk box and an odd thing occurs. I allow 5060 > and > 10000-20000. As soon as I start iptables and make a call it literally > takes > 60-90 seconds before the call even starts to ring. As soon as I shut > iptables off, the call goes through immediately again. Its quite odd. The > call does eventually go through and talks fine but it takes sooo long to > connect. Anyone have some suggestions? > > Thanks > > Curt > > _______________________________________________ > --Bandwidth and Colocation provided by Easynews.com -- > > asterisk-users mailing list > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users _______________________________________________ --Bandwidth and Colocation provided by Easynews.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
