Cleve,
first little description:
When ppp goes down stop firewall, drop any UDP packet with destination port
5060 and 4569, reduced time for ip_conntrack_udp_timeout and
ip_conntrack_udp_timeout_stream.
When interface ppp goes up check if not first time interface goes up sleep 10
seconds and restart firewall
cat /etc/ppp/ip-down
#!/bin/sh
/etc/init.d/iptables stop
/usr/sbin/iptables -A INPUT -p udp --dport 4569 -j DROP
/usr/sbin/iptables -A INPUT -p udp --dport 5060 -j DROP
/bin/echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout
/bin/echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream
############end######
cat /etc/ppp/ip-up
#!/bin/sh
if [ -e /tmp/etc/arno-iptables-firewall ]; then
sleep 10
/etc/init.d/iptables restart
fi
##############end#########
Regards
Dominko
--- On Wed, 1/6/10, Cleve Jansen <[email protected]> wrote:
> From: Cleve Jansen <[email protected]>
> Subject: Re: [Astlinux-users] peer unreachable when changing ip address
> To: "'AstLinux Users Mailing List'" <[email protected]>
> Date: Wednesday, January 6, 2010, 12:51 AM
> Hi Dominko,
>
> I interested in the scripts you have for the following
> could you please send
> it.
>
> [/etc/ppp/ip-up and /etc/ppp/ip-down]
>
> Regards
>
> Cleve
>
>
> -----Original Message-----
> From: Dominko Vrljic [mailto:[email protected]]
>
> Sent: Wednesday, 6 January 2010 10:59 AM
> To: AstLinux Users Mailing List
> Subject: [Astlinux-users] peer unreachable when changing ip
> address
>
> Hi all,
> I have couple astlinux installations connected to Internet
> over ADSL.
> Pfsense router is used as Internet gateway.
> Peers configured in astlinux from time to time become
> unreachable both sip
> and iax. I have made investigations and found problem in
> pfsense.
> After ADSL change ip address (happens at lest one per 24
> hours) pfsense do
> wrong NAT translation using old ip address.
> Same problem I discovered in astlinux when it used as NAT
> gateway.
> There are lot of discussion about this problem:
> http://www.trixbox.org/forums/trixbox-forums/trunks/iax2-trunk-not-reconnect
> ing-after-adsl-drop-out
> http://forum.pfsense.org/index.php/topic,6531.0.html
>
> Does anyone in this list has similar problem with changing
> ip address?
> I wrote two little script /etc/ppp/ip-up and
> /etc/ppp/ip-down that solve
> this problem in case of PPPoE wan connection.
> If anyone is interested I will send it.
>
> Regards,
> Dominko
>
>
>
>
>
>
>
>
>
>
>
>
> ----------------------------------------------------------------------------
> --
> This SF.Net email is sponsored by the Verizon Developer
> Community
> Take advantage of Verizon's best-in-class app development
> support
> A streamlined, 14 day to market process makes app
> distribution fast and easy
> Join now and get one step closer to millions of Verizon
> customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via
> PayPal to
> [email protected].
>
>
> ------------------------------------------------------------------------------
> This SF.Net email is sponsored by the Verizon Developer
> Community
> Take advantage of Verizon's best-in-class app development
> support
> A streamlined, 14 day to market process makes app
> distribution fast and easy
> Join now and get one step closer to millions of Verizon
> customers
> http://p.sf.net/sfu/verizon-dev2dev
> _______________________________________________
> Astlinux-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>
> Donations to support AstLinux are graciously accepted via
> PayPal to [email protected].
>
------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________
Astlinux-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/astlinux-users
Donations to support AstLinux are graciously accepted via PayPal to
[email protected].
