[OpenSIPS-Users] media-relay not relaying when iptables running

JimDoesVoip jobrien at counterpath.com
Thu Oct 20 17:44:52 CEST 2011


Hi Jeff,
  Thanks.  I looked at this earlier as well.  I swapped the REJECT line out
for a blanked ACCEPT with forwards and it didn't seem to have an effect.  I
keep wondering if there is something in raw that needs to be put in place
based upon the messages from iptables as it exists.  I took another look
based on your note and I think I found something meaningful.

  iptables (at least on centos) appears to load different tables
independently when you use the --list option.  So I started a call with only
the raw table loaded.  no audio.  I then stopped iptables and had audio.  I
then loaded filter and nat tables and each time still had audio.  Then as
the call was going I loaded the raw table, and the call still had audio.  I
stopped the call and started a new one: no audio.  Unloaded the raw table;
audio.  

# iptables -t raw --list   
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
# /etc/init.d/iptables stop
iptables: Flushing firewall rules:                         [  OK  ]
iptables: Setting chains to policy ACCEPT: raw             [  OK  ]
iptables: Unloading modules:                               [  OK  ]
# 


So it feels likely that the raw part of my iptables config is blocking
things.  Perhaps, even though it says it is defaulting to ACCEPT, it is
blocking packets from getting to conntrack rules setup by media-relay?

Thanks,

Jim




Jeff Pyle wrote:
> 
> Jim,
> 
> One difference between my iptables setup and yours on my relay is I allow
> the FORWARD to go, default policy ACCEPT.  Perhaps this is relevant.
> 
> 
> - Jeff
> 
> 
> 


--
View this message in context: http://opensips-open-sip-server.1449251.n2.nabble.com/media-relay-not-relaying-when-iptables-running-tp6911797p6913422.html
Sent from the OpenSIPS - Users mailing list archive at Nabble.com.



More information about the Users mailing list