My SIP provider is asking me to open all UDP ports, which is a huge security risk.
What rule can I use to allow all traffic two and from a particular IP? This might be easiest, as the provider only uses two IP addresses. This way I can block all traffic inbound except from those IPs. -----Original Message----- From: Simon Hobson [mailto:[email protected]] Sent: Tuesday, September 22, 2009 8:31 AM To: Shorewall Users Subject: Re: [Shorewall-users] Losing my mind after a long day Max DiOrio wrote: >You're right. I have done all that. My problem isn't with the trixbox >setup since it was working before. I just can't get the firewall rules >set up properly. > >I think I need to see someone elses config files that are similar to >mine to sort this out. All I have in my Shorewall config is : ACCEPT net $FW udp 4569,5060,10240:11263 10240:11263 is the port range configured in /etc/asterisk/rtp.conf. Policy is permit for FW->net, FW->Lan, and Lan->FW (I build them a bit more locked down these days). You might also want to permit TCP for 4569 (IAX2) and SIP (5060). -- Simon Hobson Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed author Gladys Hobson. Novels - poetry - short stories - ideal as Christmas stocking fillers. Some available as e-books. ------------------------------------------------------------------------ ------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
<<attachment: Max DiOrio.vcf>>
------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
