On 9/2/2015 1:07 PM, ricky gutierrez wrote: > Hi list , I am presenting some problems with a server sip, what I have > behind a firewall shorewall, and when I call from remote extensions do > not have audio, I open the SIP and RTP ports, but I can not make it > work, if I remove the shorewall and add a route I work with iptables. > > shorewall make a DNAT to ip of my server VOIP , > > shorewall have a two network cards WAN - LAN > > LAN :192.168.100.4 > VOIP: 192.168.100.5 > > This log is an external call to an internal > > ep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 13:52:54 localhost kernel: Shorewall:loc-net:REJECT:IN=eth1 > OUT=eth0 MAC=00:0c:29:e6:a7:8e:00:0c:29:8e:1f:8e:08:00 > SRC=192.168.100.5 DST=172.16.8.179 LEN=204 TOS=0x18 PREC=0xA0 TTL=63 > ID=0 DF PROTO=UDP SPT=16008 DPT=11956 LEN=184 > Sep 2 > > I tried this guide but without success > > http://www.shorewall.net/4.2/FAQ.htm#faq77 > > verion of shorewall is shorewall-4.6.4.1-1.el7.noarch
Please forward the output of 'shorewall dump' collected as described at http://www.shorewall.org/support.htm#Guidelines. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Monitor Your Dynamic Infrastructure at Any Scale With Datadog! Get real-time metrics from all of your servers, apps and tools in one place. SourceForge users - Click here to start your Free Trial of Datadog now! http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
