[Techtalk] IPtables help (VoIP related)
Elwing
elwing at elwing.org
Thu Sep 23 16:14:58 EST 2004
OK, the oracle (Google) hasn't turned up anything, or I'm not searching
for the right terms.
I've got a VoIP phone/router behind a Linux IPTables NAT/firewall. Once
I learned about tftp connection tracking and forwarded port 5060-5065 to
the VoIP phone I can make outgoing calls with no problem. Both sides
can hear each other - not issues at all.
Now, my problem is that I can't get incoming phone calls.
My network:
internal network <--> firewall/NAT <--> Internet
VoIP phone <--|
the VoIP phone has a static internal IP address of 192.168.0.4
the packets going between the hosts on port 5060 have the string SIP/2.0
inside them (thanks tcpdump!)
Running TCPdump on the outside interface, it appears to be sending
packets on port 5060 to 216.181.30.7 (bsc.bw.iprimus.net), and those are
getting out, and a reply is being forwarded by the firewall back to the
VoIP box.
When I call the phone, the VoIP phone *always* makes a outgoing UDP
connection to 216.181.30.7 with source port 13457, but the destination
port is kind of a crap shoot - in my playing around, it's been as low as
37867 all the way up to 64213.
Is there anyway using IPtables to open up those ports to the VoIP box
once the packet's gone through? I'm not sure that this would help as I
get no apparent connections incoming from the SIP server.
The "short' version of a call (as seen from the outside interface) is:
ender:/etc/init.d# tcpdump -i eth1 net 216.181
tcpdump: listening on eth1
###### Initiate phone call to VoIP phone number #######
14:58:08.393818 216.181.30.7.5060 > elwing.org.5060: udp 686 [tos 0x20]
14:58:08.492640 elwing.org.5060 > 216.181.30.7.5060: udp 336
14:58:08.590688 elwing.org.5060 > 216.181.30.7.5060: udp 396
14:58:10.426327 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:13.426148 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:16.426244 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:19.426320 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:22.426431 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:25.426502 elwing.org.13457 > 216.181.30.7.38205: udp 32 [tos 0xb8]
14:58:26.398368 216.181.30.7.5060 > elwing.org.5060: udp 363 [tos 0x20]
14:58:26.463934 elwing.org.5060 > 216.181.30.7.5060: udp 347
14:58:26.472311 elwing.org.5060 > 216.181.30.7.5060: udp 362
14:58:26.568151 216.181.30.7.5060 > elwing.org.5060: udp 354 [tos 0x20]
##### Get voicemail and hang up ########
14:58:48.391524 elwing.org.5060 > 216.181.30.7.5060: udp 393
14:58:48.488937 216.181.30.7.5060 > elwing.org.5060: udp 372 [tos 0x20]
I'll make a "long" version available on my web server ("full" packet
information - 1024 bytes) for anyone who wants to take a look at
http://www.elwing.org/~elwing/dump.txt
If you need more information, please respond and I'll try to get you
anything to help me out!
Thanks for any suggestions!
Elwing
More information about the Techtalk
mailing list