What's new

Opening port to external properly

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Marko Polo

Senior Member
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code:
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code:
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
 
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code:
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code:
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
Your firewall-start is still calling iptables -A...
 

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top