On 12/22/2010 04:21 AM, [email protected] wrote: > Hi everybody, > I have a very old and home made Asterisk PBX. Recently I can see other > annoying server in the net are trying to register SIP accounts on the > asterisk bound to my eth1 interface which has a public IP, directly > connected to the router. I'm using shorewall 2.2.3 on a Debian Sarge (I > said it was very old!). Yes...I've almost ready a pretty new PBX with > Debian Lenny and Shorewall 4.0.15 but all I'd like to know is if the > current "attacks" on my sip ports are due to the old kernel/shorewall or > my configuration. > Here the (old) cfg: > > Policy (everything dropped): > fw all ACCEPT > net all DROP info > > Rules (only udp traffic from my sip provider): > ACCEPT net:[my authorized sip provider IP] fw udp 1024:65535 > > Interfaces: > net eth1 detect tcpflags > > I'm really curious because despite this configuration I'm receiving SIP > traffic from other unwanted IP.
Hard to say without specifics. Please show us: - The output of 'iptables -L -n -v' - The output of 'cat /proc/net/ip_conntrack' Please collect this output when you are seeing unwanted traffic. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Forrester recently released a report on the Return on Investment (ROI) of Google Apps. They found a 300% ROI, 38%-56% cost savings, and break-even within 7 months. Over 3 million businesses have gone Google with Google Apps: an online email calendar, and document program that's accessible from your browser. Read the Forrester report: http://p.sf.net/sfu/googleapps-sfnew
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
