I’m trying to set up QoS on our network. I have QoS set up on our switches and routers and see that the phones themselves are correctly setting TOS. However, because asterisk doesn’t run as root, the settings in sip.conf have no affect.
I read somewhere that this could be accomplished using iptables and found the following entries which I added to /etc/rc.local.
/sbin/iptables -A OUTPUT -t mangle -p udp -m udp --sport 4569 -j DSCP --set-dscp-class ef
/sbin/iptables -A OUTPUT -t mangle -p udp -m udp --sport 10000:20000 -j DSCP --set-dscp-class ef
/sbin/iptables -A OUTPUT -t mangle -p udp -m udp --sport 5060 -j DSCP --set-dscp-class ef
However, running iptables -L, there are no entries in the OUTPUT chain (I rebooted). Any ideas?
Why don’t you just create the iptables rule list and save it so it loads up every time you boot the machine? That way you do not need to run any iptables commands in rc.local.
Thanks for the reply. Even if I just enter the command at the linux prompt, running iptables -L still doesn’t show the entry. Somehow, the entry isn’t taking. Please see below. What am I doing wrong?