[Freeswitch-users] Firewall mysteriously starts blocking calls to port 5060
Kevin Olbrich
ko at sv01.de
Sun May 5 09:31:01 UTC 2019
... the reason TCP also works "mostly" most likely will be the sip helper
which is loaded by default on shorewall.
It will automatically punch holes into your firewall to make the protocols
work (similiar to FTP, etc.).
I've also noticed problems with bad SIP packets (bots) that cause the sip
helper to stall which would lead to the problem you described.
Kevin
Am Sa., 4. Mai 2019 um 18:14 Uhr schrieb Chad Phillips <
chad at apartmentlines.com>:
> It wasn't a fail2ban issue...
>
> This particular provider says they only send SIP traffic over UDP, and I
> had only opened TCP traffic to port 5060 in my firewall.
>
> The part I don't understand is how I was able to receive any calls at all
> from them without UDP/5060 open -- it worked for hours with my new firewall
> config up. That's just weird...
>
> Also, can anybody explain why a provider would use UDP for SIP traffic?
> From my brief reading of the spec, it does seem to be a valid protocol to
> use, but UDP's fire and forget approach seems a poor choice for this task.
>
> On Fri, May 3, 2019 at 11:56 AM David Villasmil <
> david.villasmil.work at gmail.com> wrote:
>
>> Hello,
>>
>> I'd say this is a question for shorewall. But since you're here, is there
>> maybe some flood-prevention mechanism that would block it? Did you check
>> shorewall's log to try and find the reason it was blocked?
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work at gmail.com
>> phone: +34669448337
>>
>>
>> On Fri, May 3, 2019 at 6:07 PM Chad Phillips <chad at apartmentlines.com>
>> wrote:
>>
>>> Recently I reconfigured my firewall (via Shorewall) to block all inbound
>>> traffic to port 5060, except for whitelisted IP addresses from my inbound
>>> DID providers. After setup, we ran tests and everything worked fine for all
>>> incoming calls across all providers.
>>>
>>> Then a few hours later, calls from one of our providers started being
>>> blocked. All calls from our other providers continued coming through fine.
>>> Upon restarting our firewall service, the blocked calls from the single
>>> provider started coming through again.
>>>
>>> Between our successful tests and the start of the issue, there were zero
>>> changes made to the server.
>>>
>>> So why would my firewall suddenly start blocking inbound traffic from a
>>> whitelisted IP that it was previously letting through??
>>>
>>>
>>> _________________________________________________________________________
>>>
>>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>>> services.
>>> Build your next product on our scalable cloud platform.
>>>
>>> Join our online community to chat in real time
>>> https://signalwire.community
>>>
>>> Professional FreeSWITCH Services
>>> sales at freeswitch.com
>>> https://freeswitch.com
>>>
>>> Official FreeSWITCH Sites
>>> https://freeswitch.com/oss
>>> https://freeswitch.org/confluence
>>> https://cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> https://freeswitch.com
>>
>> _________________________________________________________________________
>>
>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>> services.
>> Build your next product on our scalable cloud platform.
>>
>> Join our online community to chat in real time
>> https://signalwire.community
>>
>> Professional FreeSWITCH Services
>> sales at freeswitch.com
>> https://freeswitch.com
>>
>> Official FreeSWITCH Sites
>> https://freeswitch.com/oss
>> https://freeswitch.org/confluence
>> https://cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> https://freeswitch.com
>
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20190505/fe56997e/attachment.html>
More information about the FreeSWITCH-users
mailing list