[Serusers] SER 2.0.0 and Iptables
Jan Andres
jan.andres at freenet-ag.de
Mon Jun 4 17:59:24 CEST 2007
Hi,
On Mon, Jun 04, 2007 at 09:58:21PM +0800, Liu Wenlong wrote:
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5060 -j
> ACCEPT
> -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 5060 -j
> ACCEPT
> COMMIT
You should add those additional rules above the REJECT rule, not below
it. Otherwise the REJECT rule will just reject (as the name says) any
packets that make it to that point and your rules for port 5060 will
never be processed.
Regards,
Jan
--
Jan Andres <jan.andres at freenet.ag>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20070604/e6c51cb8/attachment.pgp>
More information about the sr-users
mailing list