Hello, Am Samstag, den 10.01.2009, 08:59 -0600 schrieb Bill Marquette: > On Sat, Jan 10, 2009 at 3:45 AM, Dominik Schips <[email protected]> wrote: > > Hello, > > > > I am using pfSense 1.2.2 and it is wonderfull. > > > > However I have one problem with SIP (port 5060) calls. > > My (german) provider does every 24 hours a reconnect of the ADSL line > > (PPPoE). Normally that is never a problem. I set the reconnect to 5:30 > > in the morning. > > > > I use siproxd to pass the SIP connections to a SIP phone. It works > > without problems. But after the 24 hour reconnect I still have the old > > public IP at the state for the port 5060. So I can not make a new call > > before I delete the second rule at the states diagnostic page. > > > > udp 217.10.x.x:5060 <- 192.168.1.100:5060 MULTIPLE:MULTIPLE > > udp 192.168.1.100:5060 -> 92.227.x.x:5060 -> 217.10.x.x:5060 > > MULTIPLE:MULTIPLE > > > > 217.10.x.x is the sip provider asterisk server. > > 92.227.x.x is my public IP (for the current 24 hours). > > 192.168.1.100 is my SIP phone at the LAN. > > > > After deletion the new rule (with new public IP) appears and SIP calls > > are possible again without problems. > > > > Does somebody has an idea or could explain me how to make a cronjob by > > ssh login to delete all states for port 5060 every 24 hours? > > You'll want to do: > pfctl -k 217.10.x.x
This information help me a lot to solve my problem. So I would share the solution with the rest of the pfSense users. > in your cron job. > http://forum.pfsense.org/index.php?topic=8485.msg47601 has some good > information on setting up cron jobs. I search a lot about to create a cron correct with pfSense (1.2.2) and finally get a solution with all this information if found. Because they didn't work correct for me. First login by ssh to your pfSense and edit /etc/crontab or use Diagnostics --> Edit File. Put the cronjobs you need at the end of the others. Then you can logout again. You have to do this because pfSense check the current /etc/crontab if you restore a backup file. I put this to /etc/crontab: */7 * * * * root /sbin/pfctl -k 192.168.1.100 -k 217.10.x.x */7 * * * * root /sbin/pfctl -k 217.10.x.x -k 192.168.1.100 Then go to Diagnostics --> Backup/Restore and get a actual backup file. Open this file on your desktop machine and put the same cron entry to the cron section at the end. This should look like this (in my case): <item> <minute>*/7</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/sbin/pfctl -k 192.168.1.100 -k 217.10.x.x</command> </item> <item> <minute>*/7</minute> <hour>*</hour> <mday>*</mday> <month>*</month> <wday>*</wday> <who>root</who> <command>/sbin/pfctl -k 217.10.x.x -k 192.168.1.100</command> </item> Save the file and restore it at Diagnostics --> Backup/Restore. You should get an information that the system is going to reboot now. If you get an array error or something like this, then you did something wrong with the crontab entries end the backup/restore procedure. > A scheduled rule might also solve your problem. I don't know how to make a scheduled rule as flexible as what I did now. If there is only a rule or something else which renew the rules after the 24 hour reconnect you can get trouble if a reconnect happen again. I tested a lot and if the DSL connection goes down betwen the 24 hour reconnect the states didn't get updated. My cron solution only deletes the SIP connection for port 5060 every 7 minutes. If you do a call and the rules are deleted this doesn't affect the call and the states are build up immediately again. Now my pfSense work correct with the Asterisk (Askozia) PBX. :) Thanks for helping. Regards Dominik --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
