Tue, 27 May 2014 13:59:07 +0400
Швецов Михаил <mv...@ya.ru> wrote:
> Does pf have specific rules for voip, may be example of working
> pf_rule with voip?
>
> Because for «standart rules» i have problems with voip.
>
> set skip on lo
>
> match out on pppoe0 from { em1:network } nat-to (pppoe0)
>
> block
>
> pass out
>
> pass in on { em1 }
>
> - after hanging up, the line near 3 minutes still busy (may be keep
> state set to no state in rules)
>
> - badly hear person on the phone (quiet)
>
VoIP in NAT environments isn't this simple.
You have two different protocols: SIP for signaling und RTP for media.
Media information between the endpoints is specified in SIP-SDP-packets
(session description protocol).
SDP-packets contain the original IPs of the VoIP-endpoints, and these
IPs won't be NATed!
Do you make use of an sip-proxy or an external STUN-server at least?
--
Andre Ruppert
Network Administrator
