Hi Michael
Thanks for the config. It now works. I was missing the bridge. However,
using BRIDGE0 did not work for me. It gave me two bridges, one with eth1 and
eth2 and the second only with ap0. Using BRIDGE1 instead worked.
Thanks
Michael
Michael Keuter wrote:
I have nearly the same as
Hi
Yesterday I tried to add a custom firewall action to arno's firewall on my
astlinux box. This was in order to enable an external SIP phone to connect
to asterisk.
As I know the external IP and MAC I added a rule to pass EXT-local port
5060 from the specified IP address and restarted the
Did you edit your /etc/arno-iptables-firewall/plugins/sip-voip.conf file?
On 7/11/10 1:46 AM, Michael wrote:
Hi
Yesterday I tried to add a custom firewall action to arno's firewall on my
astlinux box. This was in order to enable an external SIP phone to connect
to asterisk.
As I know the
Hi Philip
Thanks for the answer.
I guess, I was not very clear in my description. Sorry for that.
The LaserJet is connected via Ethernet to my local LAN. In order to access
it, you can either use its IP address or its given LAN name.
The HP printer driver uses the LAN name for connecting to
Hi
Yesterday I tried to add a custom firewall action to arno's firewall on my
astlinux box. This was in order to enable an external SIP phone to connect
to asterisk.
As I know the external IP and MAC I added a rule to pass EXT-local port
5060 from the specified IP address and restarted the
Yeah, I did restart the firewall :-)
Well, the interesting thing is that I seem to see two different bugs (may be
connected, I don't know).
1.) The rules don't seem to work.
2.) The rules can't be deleted on the gui.
How does it work with you? When you add any custom rule and then in the next
Btw. totally disabling the firewall clears all entries in iptables, thus
resulting in no more traffic allowed at all.
I as a simple user would have expected that disabling a firewall ALLOWS all
traffic.
Michael wrote:
Hi
Yesterday I tried to add a custom firewall action to arno's firewall
Yeah, I did restart the firewall :-)
Well, the interesting thing is that I seem to see two different bugs (may be
connected, I don't know).
1.) The rules don't seem to work.
2.) The rules can't be deleted on the gui.
How does it work with you? When you add any custom rule and then in the next
Btw. totally disabling the firewall clears all entries in iptables, thus
resulting in no more traffic allowed at all.
I as a simple user would have expected that disabling a firewall ALLOWS all
traffic.
Normally it is so. All traffic is allowed. Maybe there sth. wrong
with your configuration.
O.K. Forget bug no 2. That was a stupid user error. I pressed save settings
after I marked the rules for deletion. I oversaw the Delete checked
button.
Concerning the functioning of the rules, I added one simple rule Log Local
out, leaving all default options. Clicking Save settings, Confirm
(Side note, previous versions of the Arno firewall script defaulted to
'all ports' if none were specified, now if no ports are specified, no
logging occurs.)
O.K. that's good to know. Still, it seems that something is borked here:
If you add the rule:
Log Local Out | TCP | Destination:
(Side note, previous versions of the Arno firewall script defaulted to
'all ports' if none were specified, now if no ports are specified, no
logging occurs.)
O.K. that's good to know. Still, it seems that something is borked here:
If you add the rule:
Log Local Out | TCP |
On Jul 11, 2010, at 11:38 AM, Michael wrote:
If you add the rule:
Log Local Out | TCP | Destination: 0/0 | Port: 1 - 65535
Then a LOG rule is generated for all ports to all destinations for TCP
going Out from the AstLinux box.
I've done that (see attached picture).
Still I get no log
Lonnie Abelbeck wrote:
I tested this, and it works for me. Remember that 'Log Local Out' only
applies to packets outbound directly from the local AstLinux box (OUTPUT
Chain), *not* forwarded packets, (FORWARD Chain). For example packets
from a web browser on a LAN NAT'ed subnet will not
On Jul 11, 2010, at 12:19 PM, Michael wrote:
Lonnie Abelbeck wrote:
I tested this, and it works for me. Remember that 'Log Local Out' only
applies to packets outbound directly from the local AstLinux box (OUTPUT
Chain), *not* forwarded packets, (FORWARD Chain). For example packets
from
Lonnie Abelbeck wrote:
The firewall Tab options:
__ Log Denied TCP attempts to privileged and unprivileged ports
__ Log Denied UDP attempts to privileged and unprivileged ports
__ Log Denied non-TCP/UDP/ICMP attempts
(restart firewall after an change)
can be quite useful to
On 7/11/10 7:26 AM, Lonnie Abelbeck wrote:
On Jul 11, 2010, at 6:13 AM, Michael wrote:
Concerning the functioning of the rules, I added one simple rule Log Local
out, leaving all default options. Clicking Save settings, Confirm and
restart firewall.
The firewall gui is working
On Jul 11, 2010, at 1:04 PM, Philip Prindeville wrote:
Pass EXT-Local | UDP | Source: 0/0 | Port: 1-2
(The port range here should exactly match your /etc/asterisk/rtp.conf
rtpstart-rtpend port range. Alternatively you can enable the 'sip-voip'
plugin, but personally I keep the
Not exactly the printer will take its configured name, and
multicast that out as the available service... but the name still needs
to be resolvable if the SRV record maps back to a name for the
right-hand side.
I'd use Tcpdump to log the advertisements... Then I'd use ping to make
sure
On 7/11/10 12:13 PM, Lonnie Abelbeck wrote:
On Jul 11, 2010, at 1:04 PM, Philip Prindeville wrote:
Pass EXT-Local | UDP | Source: 0/0 | Port: 1-2
(The port range here should exactly match your /etc/asterisk/rtp.conf
rtpstart-rtpend port range. Alternatively you can enable the
BTW, I'd also try:
tcpdump -i ethN -c10 -s 1500 -n -l -vv udp port 5353
and post the results.
On 7/11/10 12:16 PM, Philip Prindeville wrote:
Not exactly the printer will take its configured name, and
multicast that out as the available service... but the name still needs
to be
21 matches
Mail list logo
