Menu
What's new
By:
Filters Better Search

Opening port to external properly

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

M

Marko Polo

Senior Member
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code: 
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code: 
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
 
Marko Polo said:
Well, I splitted my issue from another thread, as was suggested. I applied the suggested by @ColinTaylor rule to my iptables

Code: 
iptables -I INPUT -i eth0 -p udp -m udp --dport 5060 -j ACCEPT

and it was added below the mentioned DROP/LOGDROP rule. And I still cannot access Asterisk from outside. Now my iptables looks like this:
Code: 
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     udp  --  anywhere             anywhere             udp dpt:51413
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:51413
DROP       icmp --  anywhere             anywhere             icmp echo-request
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere             state INVALID
PTCSRVWAN  all  --  anywhere             anywhere
PTCSRVLAN  all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     all  --  anywhere             anywhere             state NEW
ACCEPT     udp  --  anywhere             anywhere             udp spt:bootps dpt:bootpc
SSHBFP     tcp  --  anywhere             anywhere             tcp dpt:29 state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:8082
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
INPUT_ICMP  icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
ACCEPT     udp  --  anywhere             anywhere             udp dpt:5060

And here is my firewall-start script:
Code: 
#!/bin/sh
iptables -I INPUT -p tcp --destination-port 51413 -j ACCEPT
iptables -I INPUT -p udp --destination-port 51413 -j ACCEPT

# SIP on UDP port 5060. Other SIP servers may need TCP port 5060 as well
iptables -A INPUT -p udp -m udp --dport 5060 -j ACCEPT
~

What am I doing wrong?
Click to expand...
Your firewall-start is still calling iptables -A...
 
You must log in or register to reply here.

Similar threads

F
Understanding IPTABLES - asus ROG ax6000
Replies
17
Views
850
ColinTaylor
C
PaulA
Port isolation on RT-AX88U-Pro (router) w/ Merlin w/ Tagged internet ISP
Replies
2
Views
1K
dacotmeister
D
H
Port Forwarding Over WireGuard Connection?
2
Replies
22
Views
3K
houmi
houmi
N
Skynet SkyNet/Firewall blocking all ping requests, including outbound
Replies
6
Views
903
nearlyheadlessarvie
N
A
Policy-based port routing to bypass NordVPN client
Replies
10
Views
2K
Don->
D
Similar threads
Thread starter Title Forum Replies Date
ollimoe RT-BE88U and Dynamic WAN Port MAC? Asuswrt-Merlin 0
C Can port forwarding do failover to an alternative server? Asuswrt-Merlin 2
Yota How to enable port randomization in Asuswrt-Merlin? Asuswrt-Merlin 4
R RT-AX86U Pro LAN Port on Guest Network Asuswrt-Merlin 9
Y Ethernet port status on Tools Sysinfo page Asuswrt-Merlin 7
A DSL-AX82U HTTP/HTTPS Port Forwarding Asuswrt-Merlin 7
L 2.5 port on gt-axe11000 is subpar. Asuswrt-Merlin 13
C Port / device isolation AX88U Asuswrt-Merlin 2
waldo43 Solved Port Forwarding Issue Asuswrt-Merlin 6
K Rt-ax86u use 2.5Gb port in Ap mode Asuswrt-Merlin 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 675 (members: 20, guests: 655)
Top