Re: [Shorewall-users] Shorewall VOIP Traffic Control Configuration

Fri, 19 Jan 2007 18:19:36 -0800 

David,

Like this ?

1 $FW 0.0.0.0/0 udp 4569
1 $FW 0.0.0.0/0 tcp 4569
1 $FW 0.0.0.0/0 udp 5060
1 $FW 0.0.0.0/0 tcp 5060
2 $FW 0.0.0.0/0 icmp echo-request
2 $FW 0.0.0.0/0 icmp echo-reply
3 $FW 0.0.0.0/0 tcp 20
3 $FW 0.0.0.0/0 tcp 21
3 $FW 0.0.0.0/0 tcp 22
4 $FW 0.0.0.0./0 all - - - !0

Jim

David Mohr wrote:
> Hi,
> I can only point out one gotcha that I also ran into:
>
> On 1/19/07, Jim Duda <[EMAIL PROTECTED]> wrote:
>   
>> I'm having troubles with my outbound VOIP connection.  I'm convinced
>> that I don't have QOS/traffic shaping configured properly in my
>> shorewall linux firewall, which serves as my Asterisk VOIP server and
>> Internet router/gateway.  I don't have a separate router box.  I've been
>>
>> ... [cut] ...
>>
>> /etc/shorewall/tcrules:
>> 1       0.0.0.0/0       0.0.0.0/0       udp     4569
>> 1       0.0.0.0/0       0.0.0.0/0       tcp     4569
>> 1       0.0.0.0/0       0.0.0.0/0       udp     5060
>> 1       0.0.0.0/0       0.0.0.0/0       tcp     5060
>> 2       0.0.0.0/0       0.0.0.0/0       icmp    echo-request
>> 2       0.0.0.0/0       0.0.0.0/0       icmp    echo-reply
>> 3       0.0.0.0/0       0.0.0.0/0       tcp     20
>> 3       0.0.0.0/0       0.0.0.0/0       tcp     21
>> 3       0.0.0.0/0       0.0.0.0/0       tcp     22
>> 4       0.0.0.0/0       0.0.0.0./0      all     -       -       -       !0
>>     
>
> Since the traffic originates on the firewall, you need to specify $FW
> as the source in tcrules, or it won't mark the traffic.
>
> Hope that helps!
>
> ~David
>
> -------------------------------------------------------------------------
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share your
> opinions on IT & business topics through brief surveys - and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>   
Lk

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to