Menu
What's new
By:
Filters Better Search

Opening port to external properly

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

Marko Polo

Senior Member
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code: 
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code: 
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
 
Marko Polo said:
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code: 
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code: 
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
Click to expand...
Your firewall-start is still calling iptables -A...
 
You must log in or register to reply here.

Similar threads

H
Port Forwarding Over WireGuard Connection?
2
Replies
22
Views
2K
houmi
houmi
A
Policy-based port routing to bypass NordVPN client
Replies
10
Views
1K
Don->
D
H
Solved Beginners firewall question.
Replies
6
Views
796
Henk-J
H
GShlomi
Sharing my DualWan with port forwarding and DDNS experience
Replies
0
Views
146
GShlomi
GShlomi
NoBenefit
Does my iptables looks normal?
Replies
1
Views
646
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
PaulA Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP Asuswrt-Merlin 1
N Connecting an ax58u to a BT homehub 5, via a lan port, and not getting internet access. Asuswrt-Merlin 3
D Redirect port 443 to 8443 Asuswrt-Merlin 6
GShlomi Sharing my DualWan with port forwarding and DDNS experience Asuswrt-Merlin 0
C 3004.388.6_2 media bridge mode (RT-AX86U but maybe others also) - port status missing Asuswrt-Merlin 8
P Google TV on lan port drops connection Asuswrt-Merlin 5
GShlomi Two WANs but not dual-WAN, with port-forwarding Asuswrt-Merlin 7
S Finding Port Connections Asuswrt-Merlin 2
John Tetreault How to open ipv6 firewall to a port on the router? Asuswrt-Merlin 4
S Unable to use port forward on the 2.5 Gbps WAN port Asuswrt-Merlin 1

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 912 (members: 21, guests: 891)
Top