[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Stumped, Act 2 (Re: Stumped)
I changed the asterisk variable to point to another server inside my
network (one IP address away) and then watched tcpdump output and the
packets are flowing (to the wrong address mind you). Now why would it
not work with the original address? The PF box has full IP connectivity
to the asterisk server.
The box *is* a suse 9.2 linux box and does act weird on the network -
for example I can't telnet in using putty, but I can from a windows
command prompt (same box). I really wish I didn't have to run linux :(
Oh well, looks like PF isn't the problem.
Thanks anyway ..
Tim Pushor wrote:
I know my ruleset is too loose, but I want to get it working first
before I start to tighten it down.
I tink a pass out log on $int_if proto udp from any to $asterisk port
5060Well, I do have this rule which should allow it:
pass out on $int_if proto udp from any to $asterisk port 9999
(check if it get blockt by the "block log all" if yes IMHO it block
also the packet to form the FW to the asterix (via the int_if).
And tink about the "from any to $asterisk" in my roule, posibil more
open as you like.
pass out on $int_if from any to $internal_nets
Also, I am watching the log. I have a log on my block all, and also on
the rule that should allow the SIP to pass. I see that rule triggered
in the log (as I pasted in my original email), but no block. I don't
think its the filter. (Also in the 'pass' rule log I see that the
destination address is 192.168.1.104, which is my redir'd address so
the redirs are working.
I am just wondering why I wouldn't see the traffic on my Internal