[SR-Users] rtpengine and security
rfuchs at sipwise.com
Wed Apr 22 15:48:10 CEST 2015
On 21/04/15 10:40 PM, GG GG wrote:
> By port closed, I mean that ports are normally closed, but when
> rtpengine send the first rtp packets to the client, it opens a pinhole
> in the firewall, and the matching incoming packets from the client will
> make the connection established,related in iptables. I think symmetric
> nat permits that.
Yes, but rtpengine doesn't send any RTP or RTCP by itself. It only
forwards RTP and RTCP, and in order to forward it, it first must receive
it. If all ports are closed then nothing can ever be received and
nothing can ever be forwarded or sent.
More information about the sr-users