I am have a problem with some ports not opening when I set them in the rules file. When I open port 10000 tcp for webmin using the macro the outside can tell that 10000 is open when I try 5060 through 5090 udp the outside does not get any responce.
I have used http://www.canyouseeme.org/ to check witch ports are open. this can tell that port 10000(from macro.Webmin) is open but not port 5060:5090 (from macro.Phone). When I remove the macro.Webmin the 10000 port does not respond. For TCP ports nmap -sS (my outside ip) 2>&1 Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-09 11:35 CST Nmap scan report for (my outside ip).dhcp.mdsn.wi.charter.com (my outside ip) Host is up (0.0000080s latency). Not shown: 993 closed ports PORT STATE SERVICE 22/tcp open ssh 53/tcp open domain 80/tcp open http 139/tcp open netbios-ssn 445/tcp open microsoft-ds 3128/tcp open squid-http 10000/tcp open snet-sensor-mgmt Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds For UPD ports nmap -sU (my outside ip) 2>&1 Starting Nmap 5.21 ( http://nmap.org ) at 2012-03-09 11:37 CST Nmap scan report for (my outside ip).dhcp.mdsn.wi.charter.com (my outside ip) Host is up (0.000010s latency). Not shown: 991 closed ports PORT STATE SERVICE 53/udp open domain 67/udp open|filtered dhcps 68/udp open|filtered dhcpc 137/udp open netbios-ns 138/udp open|filtered netbios-dgm 500/udp open|filtered isakmp 3130/udp open|filtered squid-ipc 4500/udp open|filtered nat-t-ike 10000/udp open unknown Nmap done: 1 IP address (1 host up) scanned in 1.32 second Also, email and web pages work!! I have asked Charter if they can test ports on my ip and they say that they can not, so I am not shure if it is them or me. I have shut down apparmor to make shure that it is not causing any problems. My System: Shorewall version 4.5.0.2 Operating system Ubuntu Linux 11.10 Time on system Thu Mar 11 08:46:24 2012 Kernel and CPU Linux 3.0.0-16-server on x86_64 Processor information AMD Sempron(tm) 140 Processor, 1 cores # ip addr show 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 70:71:bc:22:d9:0a brd ff:ff:ff:ff:ff:ff inet 192.168.1.253/24 brd 192.168.1.255 scope global eth1 inet6 fe80::7271:bcff:fe22:d90a/64 scope link valid_lft forever preferred_lft forever 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 576 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 6c:fd:b9:49:61:e5 brd ff:ff:ff:ff:ff:ff inet 71.82.221.223/23 brd 255.255.255.255 scope global eth0 # ip route show default via 71.82.220.1 dev eth0 metric 100 71.82.220.0/23 dev eth0 proto kernel scope link src 71.82.221.223 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.253 /usr/share/shorewall/macro.Phone file below: # # Shorewall version 4 – Phone Macro # # /usr/share/shorewall/macro.Phone # # This macro handles ports for Telephone Service # # By Eric Teeter # ############################################################################### #ACTION SOURCE DEST PROTO DEST SOURCE RATE USER/ # PORT(S) PORT(S) LIMIT GROUP PARAM - - udp 5060:5090 #SIP Ports PARAM - - udp 4569 #IAX PARAM - - udp 5036 #IAX v2 PARAM - - udp 10000:20000 #RTP - the media stream PARAM - - udp 2721 #MGCP If you would like you can add the above macro to your next upgrade. If you need anything else, just ask. -- Eric Teeter
dump.gz
Description: GNU Zip compressed data
show.txt.gz
Description: GNU Zip compressed data
trace.gz
Description: GNU Zip compressed data
installed-software.gz
Description: GNU Zip compressed data
rules.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Try before you buy = See our experts in action! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-dev2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
