--- On Thu, 12/3/09, Patrick McHardy <kaber@xxxxxxxxx> wrote:
> From: Patrick McHardy <kaber@xxxxxxxxx>
> Subject: Re: match SIP & RTP packets
> To: "Lorenzo Allegrucci" <lorenzo.allegrucci@xxxxxxxxxxxx>
> Cc: netfilter@xxxxxxxxxxxxxxx, netdev@xxxxxxxxxxxxxxx
> Date: Thursday, December 3, 2009, 11:11 AM
> Lorenzo Allegrucci wrote:
> >
> > Hi all, it's not clear to me whether nf_conntrack_sip
> does SIP and RTP
> > connection
> > tracking or just SIP.. can you clarify?
> > I need to match both SIP and RTP packets and I was
> wondering if the rule
> > below would satisfy my requirements:
> >
> > iptables -t mangle -A FORWARD -o eth0 -m helper
> --helper sip -j CLASSIFY
> > --set-class 1:1
>
> Almost, this will match on RTP packets and incoming
> signalling
> connections (-m helper matches on expected connections).
> What's
> missing is the original signalling connection on port
> 5060.
> --
So there is no way to identify it based on NEW connection state ?
(... Want to route new SIP calls to different locations .... )
Regards.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
