Hi!
I have a Asterisk server with a public ip-address (and 2 network cards).
I can connect a sip-client from the inside, but I am having problems conneting a sip-client from the outside. (This posting is unrelated to a similar posting I had earlier today, for another test-setup, in case you wondered.)
I have a feeling this is related to my attempt to set up a firewall. This is my IPtables setup-file (eth0 is external and eth1 internal):
*mangle
:PREROUTING ACCEPT [83145:120824770]
:INPUT ACCEPT [83145:120824770]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [46823:2584014]
:POSTROUTING ACCEPT [46823:2584014]
COMMIT
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1:60]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -f -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
-A INPUT -i eth0 -p tcp -m tcp --dport 4445 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 443 -m state --state NEW -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5060 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 10000:20000 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 5061 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 5061 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 4569 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -m state --state NEW -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-port-unreachable
COMMIT
*nat
:PREROUTING ACCEPT [164:6544]
:POSTROUTING ACCEPT [148:8939]
:OUTPUT ACCEPT [148:8939]
COMMIT
Anybody see a problem here?
Thanks in advance!
Frode