On 3/30/19 1:55 AM, Brian J. Murrell wrote: > I'm noticing a lack of macro support for SIP over TCP. Is that > intentional (i.e. because there is something inherent about SIP over > TCP not working) or just oversight? > > In my case, my primary interest is IPv6, so just conntracking, but > there will be times I suppose when I want it over IPv4 also (when I am > on the old crufty IPv4 Internet :-)), so conntracking and NAT in that > case. >
Brian, The lack of macro support for a particular application scenario generally means that no one with the ability to test that scenario has stepped up to produce such a macro. If you want to test, then: a) Modify /etc/shorewall[6]/conntrack to specify both udp and tcp in the PROTO column of the SIP entry. b) Modify macro.SIP to similarly specify both udp and tcp in the PROTO column. If it works satisfactorily, let us know and we will modify the release versions accordingly. Thanks, -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
