Mike wrote: > I tried using this iptables sample, and did not see duplicate packets > on '--to-ports' port > > Has some verified this is working for them? > > I listened on both ports with tcpdump command.
Mike, I can confirm that it's working. Admittedly, I never looked at the packets with tcpdump because this *just worked* for me. Calls that were sent to both ports (5060 and 5062) made it to Asterisk which was only listening on port 5060. What's your experience with actual calls? As the original poster, I understand if you want third-party verification. I *thought* this was a slamdunk but I'm not an iptables guru so I'd like it, too. What does the output of "iptables-save" and "lsmod" look like? Here's mine, trimmed for relevancy: [EMAIL PROTECTED] ~]# iptables-save # Generated by iptables-save v1.3.5 on Thu Nov 20 12:03:21 2008 *nat :PREROUTING ACCEPT [5579:1727747] :POSTROUTING ACCEPT [1943:176116] :OUTPUT ACCEPT [1943:176116] -A PREROUTING -i eth2 -p udp -m udp --dport 5062 -j REDIRECT --to-ports 5060 COMMIT # Completed on Thu Nov 20 12:03:21 2008 [EMAIL PROTECTED] ~]# lsmod Module Size Used by ip_conntrack_netbios_ns 36033 0 ipt_REDIRECT 35009 1 xt_tcpudp 36417 1 iptable_nat 40773 1 ip_nat 53101 2 ipt_REDIRECT,iptable_nat ip_conntrack 91237 3 ip_conntrack_netbios_ns,iptable_nat,ip_nat nfnetlink 40457 2 ip_nat,ip_conntrack ip_tables 55329 1 iptable_nat x_tables 50377 4 ipt_REDIRECT,xt_tcpudp,iptable_nat,ip_tables Regards, Matthew Roth InterMedia Marketing Solutions Software Engineer and Systems Developer _______________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
