On 2/28/2016 09:30, Bob von Knobloch wrote: > I've tried, without success, to find out what ports/protocols (shorewall > rules) I need to add to LEAF for Telekom's VOIP. Hello, for shorewall (v4.5.20) try: /etc/shorewall/shorewall.conf DISABLE_IPV6=Yes #default LOAD_HELPERS_ONLY=No #default DONT_LOAD=nf_conntrack_sip HELPERS=none
/etc/shorewall/params: NetIF=eth0 or ppp0 #Your fix ip or leave it empty; ExtIp=xxx.xxx.xxx.xxx /etc/shorewall/masq: #192.168.yyy.zzz is the fixed ip of your pbx server #Important if you have more than one fixed IP $NetIF 192.168.yyy.zzz $ExtIp /etc/shorewall/rules (pbx server in dmz): DNAT net dmz:192.168.yyy.zzz tcp 80,443 - $ExtIp DNAT net dmz:192.168.yyy.zzz udp 3478,3479,5060,5070,5080,30000:31000,40000:41000 - $ExtIp DNAT loc dmz:192.168.yyy.zzz udp 3478,3479,5060,5070,5080,30000:31000,40000:41000 - $ExtIp DNAT dmz dmz:192.168.yyy.zzz udp 3478,3479,5060,5070,5080,30000:31000,40000:41000 - $ExtIp rules file Based on: UDP (out): Ports 5060, 30000-31000, 40000-41000, 3478, 3479 UDP (in): Ports 5070, 5080, 30000-31000, 40000-41000 TCP (out): Port 80, 443 ------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
