On Sun, Apr 12, 2015 at 7:48 PM, Mike Lander <land...@lanlinecomputers.com> wrote: > > > > > > > > What you need to do is: > > > > a) Edit /etc/shorewall/conntrack and comment out the H323 part: > > > > # ?if __CT_TARGET && __H323_HELPER > > # CT:helper:RAS all - udp 1719 > > # CT:helper:Q.931 all - tcp 1720 > > # ?endif > > > > 2) shorewall restart > > > > 3) rmmod nf_nat_h323 > > rmmod nf_conntrack_n323 > > > > 4) shorewall restart -c > > > > At this point, you should not have the h323 modules. > > > > -Tom > > -- > Did all the above. Plus upgraded to 4.6.8.1 > For anyone else with this issue, after the attempts to fix this the > nf_conntrack_h323 module keeps crashing the party. So I deleted the helpers > file I had copied into /etc/shorewall. Then the nf_nat_h323 showed up > again. So I put the commented out h323 offenders, helpers file back into > the shorewall directory folder. For now can issue rmmod nf_conntrack_n323 > each time I restart shorewall. Trouble is this module cause VoIP jitter and > eventually disconnects phone calls used by a pbx system where the firewall > lives and has to been removed. Soon I think I am getting a pbx that uses > sip and will be good to go.
If you do switch to SIP, I would recommend similarly getting rid of the sip helper modules, they break connectivity when traversing a gateway. Regards -- lee ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users