On 12/27/2012 11:40 AM, Antonio wrote: > Il 27/12/2012 16:27, Basil Mohamed Gohar ha scritto: > > On 12/27/2012 10:09 AM, Antonio wrote: > >> Hello everyone. > >> > >> Currently I use the latest version of Ekiga on Fedora 18 > >> Spherical Cow. My internet connection implicates an outdoor > >> antenna equipped with a management software that includes a > >> firewall (as well as other services like NAT, UPnP, DDNS, ...); > >> this firewall has been configured to allow the SIP calls from and > >> to Ekiga according to these information > >> http://wiki.ekiga.org/index.php/Internet_ports_used_by_Ekiga. > >> > >> Even the firewall of Fedora is actived but it doesn't seem > >> affect Ekiga work although its ports are not open nor any SIP > >> services are permitted. > >> > >> The current enabled zone is 'home': > >> > >> home interfaces: wlan0 services: ipp-client mdns dhcpv6-client > >> ssh samba-client ports: forward-ports: icmp-blocks: > >> > >> In your opinion, is it a correct behavior when Ekiga works > >> although firewalld closes all ports ? > >> > >> Thanks. > >> > > Antonio, > > > If your SIP connection is using a STUN server, then it is > > possible. > > > Precisely (sorry I had not mentioned this). > But should not be all connections blocked between application (ekiga) > and antenna's NAT ? > Someone with more networking experience than me should probably reply, but I believe incoming connections (relative to your system, that is) are what is blocked. And I think the usage of a STUN server allows your system to effectively initiate only "outgoing" connections as far as your firewall is concerned, much as how so-called passive FTP works in the same way. Connections initiated from your end are much lower risk, if you intended them, and as such are usually allowed by firewalls. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
