Sure I'm missing something. I'm using Shorewall 4.0.6 on a Debian Etch server with kernel 2.6.24. The server is running asterisk 1.6 with few IP Phones registered to the asterisk, on the internal Interface eth0. The server has indeed a public interface eth1 used by asterisk to connect to external SIP providers. Now, I simply can't prevent an external IP Phone from registering on my asterisk on interface eth1. I tried to stop the UDP traffic with this rule (rules file):
DROP net:XX.XX.XX.XX fw udp 1024:65535 Where XX.XX.XX.XX is the public ip addres of the IP Phone. How could it be? The interface file looks like: net eth1 detect tcpflags,nosmurfs loc eth0 detect tcpflags,nosmurfs The policy file looks like: $FW all ACCEPT net $FW DROP info net loc DROP info net all DROP info all all REJECT info I really don't know where to look for. Can anyone point me in the right direction? Thanks! ------------------------------------------------------------------------------ Forrester Wave Report - Recovery time is now measured in hours and minutes not days. Key insights are discussed in the 2010 Forrester Wave Report as part of an in-depth evaluation of disaster recovery service providers. Forrester found the best-in-class provider in terms of services and vision. Read this report now! http://p.sf.net/sfu/ibm-webcastpromo _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
