[Freeswitch-users] iptables dropping SIP packets..?

Avi Marcus avi at avimarcus.net
Fri Nov 18 12:12:48 MSK 2011


maybe.. the yealink does have some long packets.
I tried just to see...
# modprobe -r nf_ct_sip
FATAL: Module nf_ct_sip not found.

It's not it's own but part of nf_conntrack_sip? That doesn't sound as
safe to remove..
(p.s. I have no idea what I'm mucking with.)

-Avi


On Thu, Nov 17, 2011 at 3:32 PM, Thomas Mueller <thomas at chaschperli.ch> wrote:
>
>
> On 17.11.2011 14:06, Avi Marcus wrote:
>
> Service: sip (udp/5060) (nf_ct_sip: dropping packet) - 9 packets
> I see this every few days - it's via an IP with a Yealink T20p phone. I've
> tried looking this up in the past.. but I don't understand what rules would
> be dropping this, and what is being dropped.
> Any clues on how to investigate?
>
> Maybe this is related to this bugreport?
>
> nf_ct_sip dropping SIP messages larger then MTU
> http://bugzilla.netfilter.org/show_bug.cgi?id=760
>
> There is some possibility that you don't need the nf_ct_sip - just unload it
> (modprobe -r) and if it works, do blacklist the module in (for exmple in
> /etc/modprobe.d/00-my-local.conf )
>
> - Thomas
>
>



Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list