On 2011-08-23 09:26, "Яцко Эллад Геннадьевич (ngs)" wrote:
> Hello!
>
> I have some specific problem with Cisco CP7961G IP phone.
> It sends packets to external Softswitch using one UDP port
> which differs from 5060 (voipControlPort in its .XML), but
> it waits answers on 5060!
> And I can't do anything with it! I have tried Firmware from
> 8.0.x up to 8.5.x - all the same!
>
> One thing I think is make corresponding translation on IPTables.
> SNAT in direct path (from 79161 to Softswitch) and DNAT
> in backward direction (from outside Softswitch to 7961).
>
> BUT IT DOESN'T WORK! :-)
>
> $IPTABLES -t nat -A PREROUTING -p udp -s 80.251.x.x
> -d 80.251.y.y --dport 5060 -j DNAT --to-destination
> 172.16.128.200:5060
> $IPTABLES -t nat -A POSTROUTING -o eth0 -p udp -s 172.16.128.0/24 --sport
> 1024:65535 -d 80.251.x.x --dport 5060 -j SNAT --to-source 80.251.y.y:5060
SIP is difficult to correct with NAT. It includes connection data at layer
7. So the Softswitch may be ignoring packet headers and replying to that.
I don't think NAT is your solution here. Something else is wrong in the SIP
setup of this device.
Regards,
Tyler
--
"[...] the effectiveness of pat-downs does not matter very much, because
the obvious goal of the TSA is to make the pat-down embarrassing enough
for the average passenger that the vast majority of people will choose
high-tech humiliation over the low-tech ball check."
-- Jeffrey Goldberg, "For the First Time, the TSA Meets Resistance"
The Atlantic, 2010-10-29
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
