[Freeswitch-users] connexion attempts behing a firewall (wtf?)

Bzzz lazyvirus at gmx.com
Mon Mar 12 17:37:54 MSK 2012


On Mon, 12 Mar 2012 13:52:54 +0000
Peter Olsson <peter.olsson at visionutveckling.se> wrote:

Hi Peter,

> If you get USER_NOT_REGISTERED, that means that the user is not
> registered. Please do a "show registrations", and you will see who
> is registered to your server.

Thanks, that's exactly the command I was looking after! (but I
missed the final 's').

show registrations

reg_user,realm,token,url,expires,network_ip,network_port,network_proto,hostname
01,192.168.1.25,yeveyyihyxqvepr at anubis.defcon1,sofia/internal/sip:01 at 192.168.1.25:5000,1331565571,192.168.1.25,5000,udp,anubis
02,192.168.1.25,tufsyqgvkshuonx at osiris.defcon1,sofia/internal/sip:02 at 192.168.1.50:5100,1331565589,192.168.1.50,5100,udp,anubis

2 total.

So, it seems that my 2 softphone are correctly
registered, which is in accordance w/ what fusionpbx and the phones
says; I guess the strange string before machines' names is normal.
Raaaaaaaahhhhhhhh!

> Also - if you want to disable NAT for now (and don't let FS punch
> holes in your fw) you can also start FS using the "-nonat" switch.

Yeah, Patrick sent me a useful link about Auto_NAT.
As a matter of fact my PB is coming from the box itself: once some 
uPNP forwards have been set, I can't get rid about them, even
disabling uPNP don't work; I'm obliged to disable uPNP AND reboot
the box to do that, thanks to sagem:((
(after disabling, it tells that Nb of rules is 0, though)

So, this is my solution: keep ADSL box non-uPNP until FS conf is
cooked "aux petits oignons":)

But the most "interesting" thing is those forwards lead to someone
in Brazil trying to authenticate, but fail2ban failed to ban him
because there was no "auth failure" answer from FS - However, when I
tested it from my LAN, I was forbidden access after 3 unsuccessful
registration attempts.

I'm a bit lost at this point: both phone registered and still no
communication possible (forgot to say: I fall directly to the VM
message when trying that.)

Jean-Yves
-- 
Q:	What's meaner than a pit bull with AIDS?
A:	The guy that gave it to him.



Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list