On 05/07/08 20:10, sean darcy wrote:
On my outside box I trying to route sip ( port 5060 ) and iax ( 4659 ) packets to an internal asterisk server. I use DNAT, which works fine for iax, but doesn't for SIP. I'm using identical DNAT statments.
No you are not.
$IPT -t nat -A PREROUTING -i external -p udp --dport 4569 -j DNAT --to 10.10.10.180:4569
(verses)
$IPT -t nat -A PREROUTING -s ext-box -p udp --dport 5060 -j DNAT --to 10.10.10.180:5060
Note that you have "-i external" on the first (IAX) rule and "-s ext-box" on the second (SIP) rule.
I don't know if you have taken this in to account or not, but remember that SIP is not really NAT friendly.
Grant. . . . -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
