Hi All!
I need some help in setting up iptables to let sip traffic pass in my machine using ser.
There is some doc about it?
Somebody can give me advice?
Thanks
Miklos
iPFONE Telefonia IP Rua Caio Graco 735 São Paulo SP iPBX +55 11 3801-3702 UK +44 870 - 3403539 FWD 64662 sip:ipfone@sipserver.com.br www.ipfone.com.br info@ipfone.com.br
Hi,
On Tuesday 06 January 2004 15:01, listas iPfone wrote:
I need some help in setting up iptables to let sip traffic pass in my machine using ser.
There is some doc about it?
AFAIK not, because there is not much to document: SIP uses by default port 5060 and UDP and TCP as transport protocol.
Somebody can give me advice?
iptables -A WHATEVER_IS_YOUR_CHAIN -p tcp --dport 5060 -j ACCEPT iptables -A WHATEVER_IS_YOUR_CHAIN -p udp --dport 5060 -j ACCEPT
Naturally you can add '--sport 5060' if you want to force only SIP-to-SIP communication. Note: all SIP compliant devices should support other ports then 5060, so there is no way to guarantee that the SIP devices behind your packet filter do not use e.g. port 80 for their communication.
And as there is yet no SIP conntrack helper module, there is currently no way to let pass the media of the phone calls in a 'secure' way.
Greets Nils
-
listas iPfone -
Nils Ohlmeier