Question
I install asterisk on centos 6.5 32 bit.
That's great.
User register is no problem.
And calling is no problem, too.
but... i can't hear anything.
so, I stop the iptables service.
then..i can hear sound.
how to modify iptables?
my iptables is below.... and i use port 5060.
https://stackoverflow.com/questions/21749297
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT[0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5060 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5070 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5080 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5060 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5070 -j ACCEPT
-A INPUT -m state --state NEW -m udp -p udp --dport 5080 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
Solution
You also need allow rtp data(sound). If you not changed rtp.conf, value have be like this:
-A INPUT -p udp -m udp --dport 10000:20000 -j ACCEPT
Note, it is also highly recomended install fail2ban on all your sip ports. Otherwise very likly your server will be always down becuase of fraud bots.
