Server1: [root@sipx1 ~]# iptables -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 192.168.0.46 0.0.0.0/0 ACCEPT all -- 192.168.0.47 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:20 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:50000:50050 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:30000:31000 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5061 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5080 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5081 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:69 state NEW,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain syn-flood (0 references) target prot opt source destination Server2: [root@sipx2 ~]# iptables -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 192.168.0.46 0.0.0.0/0 ACCEPT all -- 192.168.0.47 0.0.0.0/0 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:53 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:30000:31000 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5061 state NEW,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 state NEW,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW,ESTABLISHED ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain syn-flood (0 references) target prot opt source destination -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of George Niculae Sent: Thursday, October 04, 2012 3:27 PM To: Discussion list for users of sipXecs software Subject: Re: [sipx-users] 4.6 Cluster On Thu, Oct 4, 2012 at 4:05 PM, darthzejdr <[email protected]> wrote: > So, we've discovered the problem(and a partial solution). It works as > it should only if we're both using udp. > > 200(Server2, TCP) -> 201(Server1, TCP) doesn't work 201(Server1, TCP) > -> 200(Server2, TCP) doesn't work > > 200(Server2, UDP) -> 201(Server1, TCP) works 201(Server1, TCP) -> > 200(Server2, UDP) doesn't work > > 200(Server2, TCP) -> 201(Server1, UDP) doesn't work 201(Server1, UDP) > -> 200(Server2, TCP) works > > 200(Server2, UDP) -> 201(Server1, UDP) works 201(Server1, UDP) -> > 200(Server2, UDP) works > We're looking at the logs, can you post output for iptables -L -n from both nodes meanwhile? George _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/ _______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
