Hello,
Am Samstag, den 10.01.2009, 08:59 -0600 schrieb Bill Marquette:
> On Sat, Jan 10, 2009 at 3:45 AM, Dominik Schips wrote:
> > Hello,
> >
> > I am using pfSense 1.2.2 and it is wonderfull.
> >
> > However I have one problem with SIP (port 5060) calls.
> > My (german) provider does every 24 hours a reconnect of the ADSL line
> > (PPPoE). Normally that is never a problem. I set the reconnect to 5:30
> > in the morning.
> >
> > I use siproxd to pass the SIP connections to a SIP phone. It works
> > without problems. But after the 24 hour reconnect I still have the old
> > public IP at the state for the port 5060. So I can not make a new call
> > before I delete the second rule at the states diagnostic page.
> >
> > udp 217.10.x.x:5060 <- 192.168.1.100:5060 MULTIPLE:MULTIPLE
> > udp 192.168.1.100:5060 -> 92.227.x.x:5060 -> 217.10.x.x:5060
> > MULTIPLE:MULTIPLE
> >
> > 217.10.x.x is the sip provider asterisk server.
> > 92.227.x.x is my public IP (for the current 24 hours).
> > 192.168.1.100 is my SIP phone at the LAN.
> >
> > After deletion the new rule (with new public IP) appears and SIP calls
> > are possible again without problems.
> >
> > Does somebody has an idea or could explain me how to make a cronjob by
> > ssh login to delete all states for port 5060 every 24 hours?
>
> You'll want to do:
> pfctl -k 217.10.x.x
This information help me a lot to solve my problem.
So I would share the solution with the rest of the pfSense users.
> in your cron job.
> http://forum.pfsense.org/index.php?topic=8485.msg47601 has some good
> information on setting up cron jobs.
I search a lot about to create a cron correct with pfSense (1.2.2) and
finally get a solution with all this information if found. Because they
didn't work correct for me.
First login by ssh to your pfSense and edit /etc/crontab or use
Diagnostics --> Edit File. Put the cronjobs you need at the end of the
others. Then you can logout again.
You have to do this because pfSense check the current /etc/crontab if
you restore a backup file.
I put this to /etc/crontab:
*/7 * * * * root/sbin/pfctl -k
192.168.1.100 -k 217.10.x.x
*/7 * * * * root/sbin/pfctl -k
217.10.x.x -k 192.168.1.100
Then go to Diagnostics --> Backup/Restore and get a actual backup file.
Open this file on your desktop machine and put the same cron entry to
the cron section at the end.
This should look like this (in my case):
*/7
*
*
*
*
root
/sbin/pfctl -k 192.168.1.100 -k 217.10.x.x
*/7
*
*
*
*
root
/sbin/pfctl -k 217.10.x.x -k 192.168.1.100
Save the file and restore it at Diagnostics --> Backup/Restore.
You should get an information that the system is going to reboot now.
If you get an array error or something like this, then you did something
wrong with the crontab entries end the backup/restore procedure.
> A scheduled rule might also solve your problem.
I don't know how to make a scheduled rule as flexible as what I did now.
If there is only a rule or something else which renew the rules after
the 24 hour reconnect you can get trouble if a reconnect happen again.
I tested a lot and if the DSL connection goes down betwen the 24 hour
reconnect the states didn't get updated.
My cron solution only deletes the SIP connection for port 5060 every 7
minutes.
If you do a call and the rules are deleted this doesn't affect the call
and the states are build up immediately again.
Now my pfSense work correct with the Asterisk (Askozia) PBX. :)
Thanks for helping.
Regards
Dominik
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
