Re: [asterisk-users] Asterisk ports and CentOS firewall
Check this out: http://www.voip-info.org/wiki-Asterisk+firewall+rules dave cantera wrote: ed, this may be somewhat liberal but should do the trick... daveC -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5060 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5061 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5062 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 4569 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5038 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5036 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 1:2 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5004 -j ACCEPT # -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-crypt -j REJECT -A RH-Firewall-1-INPUT -p ipv6-auth -j REJECT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited Ed Nunez wrote: If I enable the firewall on my Server, which ports should I open for Asterisk to work properly. Is it enough to just open the SIP ports? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk ports and CentOS firewall
If I enable the firewall on my Server, which ports should I open for Asterisk to work properly. Is it enough to just open the SIP ports? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk ports and CentOS firewall
ed, this may be somewhat liberal but should do the trick... daveC -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 69 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5060 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5061 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5062 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 4569 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 5038 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5036 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 1:2 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 5004 -j ACCEPT # -A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p ipv6-crypt -j REJECT -A RH-Firewall-1-INPUT -p ipv6-auth -j REJECT -A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited Ed Nunez wrote: If I enable the firewall on my Server, which ports should I open for Asterisk to work properly. Is it enough to just open the SIP ports? ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users Internal Virus Database is out-of-date. Checked by AVG Free Edition. Version: 7.5.516 / Virus Database: 269.17.13/1209 - Release Date: 01/04/2008 12:05 PM -- My wife's sister is in California. I should buy her a Videophone2008! Truly, The Next Best Thing to Being There! -- WorldWideVideoPhones.com 856.380.0894 ___ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
