Actually, it should magically work without doing anything. You do not
even need distinct destination ports: Linux implements symmetric NAT,
where the public IP/Port will be dynamically allocated depending on the
internal IP:port and the external IP:port. As long as the internal IP is
different, you do not need to ensure different internal ports.
If it does not magically work (with STUN disabled), then there are still
bugs...
I have never tried it myself.
Damien
Le jeudi 22 janvier 2015 à 14:53 +, ael a écrit :
> What is the status of ekiga and the nf_conntrack-sip netfilter module?
>
> I saw this bug:
> https://bugzilla.netfilter.org/show_bug.cgi?id=522
> from several years ago which suggested that it may work with ekiga now.
>
> I am setting up a router with openWRT which does not seem to have the
> conntrack_sip module compiled by default, which makes me a little
> suspicious.
>
> I have several sip devices behind the firewall and need to open the
> firewall dynamically for sip traffic. And I distinguish the different
> clients by using distinct destination ports in the 506* range. If the
> nf_conntrack_sip and nf_nat_sip modules work, then presumably they are
> all I need. I find netfilter documentation to be dated and inadequate:
> it is unclear to me where to find information: as far as I can see, I
> have to read the kernel source and the configuration files to get
> up to date information.
>
> From
> # modinfo nf_conntrack_sip
> ...
> parm: ports:port numbers of SIP servers (array of ushort)
> ...
>
> it looks as if I need to load with the port range. I am not even sure
> whether this is for servers or clients behind the firewall (or both).
>
> Has anyone any experience or suggestions?
>
> ael
> ___
> ekiga-list mailing list
> ekiga-list@gnome.org
> https://mail.gnome.org/mailman/listinfo/ekiga-list
--
Damien SANDRAS
Ekiga Project
http://www.ekiga.org
___
ekiga-list mailing list
ekiga-list@gnome.org
https://mail.gnome.org/mailman/listinfo/ekiga-list
