On Fr, 2016-09-23 at 09:30 -0500, Lonnie Abelbeck wrote: > On Sep 23, 2016, at 9:02 AM, Armin Tüting <armin.tueting@tueting-onli > ne.com> wrote: > > > > > Hi Group, > > > > > > > > > I'm having the latest AstLinux 1.2.7 running. So far I'm > > > experiencing > > > no issue while connecting the phone via internal interface! > > > > > > I was no in need to connect my phones through the external > > > interface > > > with no luck! A simple ping from INT->EXT doesn't work! I've > > > disabled > > > the FW with no luck on success! Looking at 'route -n' indicated > > > all > > > metrics with 0 - changed it accordingly, but no luck either! > > > Maybe broken switch - ping to other devces worked! > > > > > > What I'm doing wrong? > > OK - I've done more investigation! By accident I've found out that > > the > > Arno FW is causing the issue! Disabling it - everything is > > working! > > > > What changes do the Arno FW apply that implies this behavior? > > By default the Firewall blocks all inbound traffic to the external > interface not associated with an outbound connection state. After further investigation the function 'setup_kernel_settings' seems to be the culprit of the issue. But, which sysctl is causing the trouble here :( Is there a setting enabled which influence the route back - aka always use the default gateway from IFEXT?
> If you want SIP, SSH etc. inbound, you need to add firewall rules. I'll already have firewall rules applied for several ports... Regards, Armin. ------------------------------------------------------------------------------ _______________________________________________ Astlinux-users mailing list Astlinux-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to pay...@krisk.org.
