Ahh ok so that's the FROM port... got it... makes sence.. and yes that rule seems to be working.. thanks
On Apr 6, 2005 10:18 AM, CuPoTKa <[EMAIL PROTECTED]> wrote: > > > Matt wrote: > > I'll elaborate slightly more... the wiki says: > > > > # SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well > > iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT > > # IAX2- the IAX protocol > > iptables -A INPUT -p udp -m udp --dport 4569 -j ACCEPT > > # IAX - most have switched to IAX v2, or ought to > > iptables -A INPUT -p udp -m udp --dport 5036 -j ACCEPT > > # RTP - the media stream > > iptables -A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT > > # MGCP - if you use media gateway control protocol in your configuration > > iptables -A INPUT -p udp -m udp --dport 2727 -j ACCEPT > > > > > > However.. I've seen phones connect on what appears to be ports OTHER > > then 5060.. example: > > 301/301 (Unspecified) D 255.255.255.255 0 > > Unmonitored > > 300/300 (Unspecified) D 255.255.255.255 0 > > Unmonitored > > 204/204 65.173.xx.xx D 255.255.255.255 5060 > > Unmonitored > > 203/203 (Unspecified) D 255.255.255.255 0 > > Unmonitored > > 202/202 63.174.xx.xx D 255.255.255.255 5060 > > Unmonitored > > 201/201 65.173.xx.xx D 255.255.255.255 18515 > > Unmonitored > > 200/200 (Unspecified) D 255.255.255.255 0 > > Unmonitored > > > > > > So like extension 201 which is on 18515... is that going to still work? > > They connect from port 18515 (or any port) to asterisk port 5060, so > this rule > iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT > is still OK > _______________________________________________ Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
