Hi, On Oct 20, 2011, at 4:54 PM, JimDoesVoip wrote:
> Hi Saúl, > > I have this little voice in the back of my head telling me to switch to > debian. I'm too stubborn to give up sometimes, but feeling like we are > close a switch now; if we want fail2ban watching opensips and to coexisting > with media-relay... but back on topic. > Listen to it, you know she is right ;-) > We do have the modules loaded, and we do have the forwarding enabled in > /proc, so it makes sense that things are working; Unfortnately as the thread > says if we want to startup iptables (run /etc/init.d/iptables) to be able to > run something like fail2ban against it, it seems it is interfering > media-relay. What is strange is that conntrack -L shows entries (for SIP > signaling) when iptables service is running, but doesn't show anything when > it is off. > Probably we'd find the answer by looking at what that init file does... > Interestingly, if we setup a call with iptables running, we have no audio, > but then if we stop iptables audio comes through for the call. Could this > mean media-relay is setting things up, but they are blocked by iptables? > Jeff just pointed out that your default policy for FORWARD is reject, can you change it to accept? > > When we have a no audio call with iptables running; the media-relay > /var/log/messages output just notes the ports that are being setup and > closed. > > > Oct 20 10:49:42 bstnma-ospis1-b2 media-relay[19908]: > mediaproxy.mediacontrol.StreamListenerProtocol starting on 40072 > Oct 20 10:49:42 bstnma-ospis1-b2 media-relay[19908]: > mediaproxy.mediacontrol.StreamListenerProtocol starting on 40073 > Oct 20 10:49:42 bstnma-ospis1-b2 media-relay[19908]: > mediaproxy.mediacontrol.StreamListenerProtocol starting on 40074 > Oct 20 10:49:42 bstnma-ospis1-b2 media-relay[19908]: > mediaproxy.mediacontrol.StreamListenerProtocol starting on 40075 > > Oct 20 10:50:31 bstnma-ospis1-b2 media-relay[19908]: (Port 40072 Closed) > Oct 20 10:50:31 bstnma-ospis1-b2 media-relay[19908]: (Port 40073 Closed) > Oct 20 10:50:31 bstnma-ospis1-b2 media-relay[19908]: (Port 40074 Closed) > Oct 20 10:50:31 bstnma-ospis1-b2 media-relay[19908]: (Port 40075 Closed) > > > > Here is the error-ish looking output from mediarelay of /var/log/messages > for a call that has audio with the iptables process off > (/etc/init.d/iptables stop): > > > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: Traceback (most recent > call last): > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: File > "/usr/lib/python2.6/site-packages/twisted/internet/udp.py", line 126, in > doRead > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: > self.protocol.datagramReceived(data, addr) > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: File > "/root/ISO/mediaproxy1/mediaproxy/mediacontrol.py", line 130, in > datagramReceived > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: self.cb_func(host, > port, data) > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: File > "/root/ISO/mediaproxy1/mediaproxy/mediacontrol.py", line 246, in got_data > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: > self.substream.check_create_conntrack() > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: File > "/root/ISO/mediaproxy1/mediaproxy/mediacontrol.py", line 297, in > check_create_conntrack > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: > self.forwarding_rule = _conntrack.ForwardingRule(self.caller.remote, > self.caller.local, self.callee.remote, self.callee.local, > self.stream.session.mark) > Oct 20 10:03:52 bstnma-ospis1-b2 media-relay[19908]: Error: iptables who? > (do you need to insmod?) > > This is probably caused because the nat table is missing because stopping iptables unloaded it. MediaProxy checks for this, but only at start time. Regards, -- Saúl Ibarra Corretgé AG Projects _______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
