[OpenSBC] iptables
Brought to you by:
joegenbaclor
Menu
▾
▴
[OpenSBC] iptables
|
From: Paul R. <pau...@ya...> - 2007-09-13 16:02:57
|
Can anyone tell me what the good iptables settings are to make OpenSBC work behind NAT (iptables) At the moment i have set it like this (see further). I can register .... but i don't hear a thing not from inside and not from outside the router. #PREROUTING # SIP (5060) NAT-STUN (3478) $IPT -t nat -A PREROUTING -p tcp -i $INET_IFACE -d $INET_IP --dport 5060 -j DNAT --to-destination $SIP_SRV_LAN_IP:5060 $IPT -t nat -A PREROUTING -p udp -i $INET_IFACE -d $INET_IP --dport 5060 -j DNAT --to-destination $SIP_SRV_LAN_IP:5060 $IPT -t nat -A PREROUTING -p udp -i $INET_IFACE -d $INET_IP --dport 30000:35000 -j DNAT --to-destination $SIP_SRV_LAN_IP $IPT -t nat -A PREROUTING -p udp -i $INET_IFACE -d $INET_IP --dport 3478 -j DNAT --to-destination $SIP_SRV_LAN_IP:3478 #FORWARD # VOIP $IPT -A FORWARD -p tcp -d $SIP_SRV_LAN_IP --dport 5060 -j ACCEPT $IPT -A FORWARD -p udp -d $SIP_SRV_LAN_IP --dport 5060 -j ACCEPT $IPT -A FORWARD -p udp -d $SIP_SRV_LAN_IP --dport 30000:35000 -j ACCEPT $IPT -A FORWARD -p tcp -s $SIP_SRV_LAN_IP --sport 5060 -j ACCEPT $IPT -A FORWARD -p udp -s $SIP_SRV_LAN_IP --sport 5060 -j ACCEPT $IPT -A FORWARD -p udp -s $SIP_SRV_LAN_IP --sport 30000:35000 -j ACCEPT #POSTROUTING # VOIP $IPT -t nat -A POSTROUTING -o $LAN_IFACE -j SNAT --to-source $INET_IP $IPT -t nat -A POSTROUTING -o $INET_IFACE -s $SIP_SRV_LAN_IP -j MASQUERADE |
