On my CentOS 6.4 box (2.6.32-358.14.1.el6.x86_64) I found that
nf_conntrack_sip and nf_nat_sip caused problems with sip traffic (silently
dropping traffic) and I run without them. I was getting random non
connection issues (failed registration) before I removed those modules. My
regular custom traffic shaping was not effected.
CentOS tends to ship with older, sometimes incomplete modules so YMMV.
On Wed, Aug 21, 2013 at 11:15 AM, Alberto Di Fede
<[email protected]>wrote:
> sure they are from sip conntrack module.
> i would like to understand why it happens and if it is a configuration
> issue.
> i think that removing the modules will hurt the traffic shaping.
>
> any idea on how to debug?
>
>
>
> On Tue, Aug 20, 2013 at 11:08 PM, Pablo Sebastian Greco <
> [email protected]> wrote:
>
>> Those messages are not from the firewall itself, they are from
>> nf_conntrack_sip. Have you tried unloading nf_conntrack_sip and nf_nat_sip ?
>>
>> Pablo.
>>
>> El 20/08/13 14:34, johnny bowen escribió:
>>
>> Btw.. it only happens on one or two phones also, but I can't remember
>> which ones.
>>
>>
>>
>> On Tue, Aug 20, 2013 at 10:33 AM, johnny bowen <[email protected]> wrote:
>>
>>> I get that too. I've never solved the problem I just stopped rsyslog
>>> from logging to my console. So if I ever come across a fix I'll post it
>>>
>>>
>>> On Tue, Aug 20, 2013 at 9:20 AM, Alberto Di Fede <
>>> [email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> i see this on the console and in the firewall logs while i try to
>>>> make sip calls using my sip server (although this appears to happen only
>>>> from a the Counterpath Bria softphone)
>>>>
>>>> Message from syslogd@server at Aug 20 17:24:39 ...
>>>> kernel:nf_ct_sip: dropping packetIN= OUT=ppp0 SRC=<my public ip
>>>> address> DST=<SIP provider public ip address> LEN=860 TOS=0x00 PREC=0x00
>>>> TTL=64 ID=52154 PROTO=UDP SPT=5060 DPT=5060 LEN=840 UID=493 GID=490
>>>>
>>>> Message from syslogd@server at Aug 20 17:24:39 ...
>>>> kernel:nf_ct_sip: dropping packetIN= OUT=ppp0 SRC=<my public ip
>>>> address> DST=<SIP provider public ip address> LEN=860 TOS=0x00 PREC=0x00
>>>> TTL=64 ID=52155 PROTO=UDP SPT=5060 DPT=5060 LEN=840 UID=493 GID=490
>>>>
>>>> Message from syslogd@server at Aug 20 17:24:40 ...
>>>> kernel:nf_ct_sip: dropping packetIN= OUT=ppp0 SRC=<my public ip
>>>> address> DST=<SIP provider public ip address> LEN=860 TOS=0x00 PREC=0x00
>>>> TTL=64 ID=52156 PROTO=UDP SPT=5060 DPT=5060 LEN=840 UID=493 GID=490
>>>>
>>>> Message from syslogd@server at Aug 20 17:24:41 ...
>>>> kernel:nf_ct_sip: dropping packetIN= OUT=ppp0 SRC=<my public ip
>>>> address> DST=<SIP provider public ip address> LEN=860 TOS=0x00 PREC=0x00
>>>> TTL=64 ID=52159 PROTO=UDP SPT=5060 DPT=5060 LEN=840 UID=493 GID=490
>>>>
>>>> Message from syslogd@server at Aug 20 17:24:45 ...
>>>> kernel:nf_ct_sip: dropping packetIN= OUT=ppp0 SRC=<my public ip
>>>> address> DST=<SIP provider public ip address> LEN=860 TOS=0x00 PREC=0x00
>>>> TTL=64 ID=52161 PROTO=UDP SPT=5060 DPT=5060 LEN=840 UID=493 GID=490
>>>>
>>>> after a few drops obviously the SIP call is dropped.
>>>>
>>>> i searched online for solutions, but apparently there seems to be no
>>>> technical issue for my kernel/netfilter/shorewall version, most probably is
>>>> related to my configuration.
>>>>
>>>> is there anything standing out for you?
>>>>
>>>> thank you
>>>>
>>>>
>>>> Alberto
>>>>
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Introducing Performance Central, a new site from SourceForge and
>>>> AppDynamics. Performance Central is your source for news, insights,
>>>> analysis and resources for efficient Application Performance Management.
>>>> Visit us today!
>>>>
>>>> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>>>> _______________________________________________
>>>> Shorewall-users mailing list
>>>> [email protected]
>>>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>>>
>>>>
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> Introducing Performance Central, a new site from SourceForge and
>> AppDynamics. Performance Central is your source for news, insights,
>> analysis and resources for efficient Application Performance Management.
>> Visit us
>> today!http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>>
>>
>>
>> _______________________________________________
>> Shorewall-users mailing
>> [email protected]https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> Introducing Performance Central, a new site from SourceForge and
>> AppDynamics. Performance Central is your source for news, insights,
>> analysis and resources for efficient Application Performance Management.
>> Visit us today!
>>
>> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
>> _______________________________________________
>> Shorewall-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>>
>>
>
>
> ------------------------------------------------------------------------------
> Introducing Performance Central, a new site from SourceForge and
> AppDynamics. Performance Central is your source for news, insights,
> analysis and resources for efficient Application Performance Management.
> Visit us today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Introducing Performance Central, a new site from SourceForge and
AppDynamics. Performance Central is your source for news, insights,
analysis and resources for efficient Application Performance Management.
Visit us today!
http://pubads.g.doubleclick.net/gampad/clk?id=48897511&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
