please help to verify the simple firewall rules is ok for the call testing of my VOIP telephony syst


Login or Register for Dates, Times and to Reply

 
Thread Tools Search this Thread
# 1  
please help to verify the simple firewall rules is ok for the call testing of my VOIP telephony syst

Dear Sir,

I want to test the VOIP Telephony system installed in a IP PBX server behind a NAT router. This NAT router connects to a modem (with NAT as well), and then the modem (with static public IP assigned by the ISP, e.g. 219.45.67.80) directly connects to the Internet. There are several IP phones connect to the IP PBX server. The NAT router is configured as DHCP, and as a gateway (e.g. 192.168.3.1) also for the LAN (the NAT router, the IP PBX server and the IP phones consist this LAN). The IP PBX server and the IP phones all connect to the ports of the NAT router, and are with static local IP addresses (e.g. 192.168.3.10, 192.168.3.11, 192.168.3.12, 192.168.3.13 etc). This is the setup of the VOIP telephony system.

I want to make inbound and outbound VOIP phone calls to test the VOIP telephony system. For security, I need to setup the firewall in the IP PBX server (192.168.3.10). But to make it simple as a start (and make it more and more complicated when the simple one works), I plan to just add very simple rules to accept all the incoming and outgoing traffics between Internet and the IP PBX server (192.168.3.10), and forward all the traffic from this IP PBX server (192.168.3.10) to the IP phones (192.168.3.11, 192.168.3.12, 192.168.3.13). The purpose to make the firewall in the IP PBX server as simple as possible is to avoid the possibility that the inappropriate configuration of the IP PBX server firewall lead to the VOIP phone calls failed (there are other reasons could make the VOIP phone calls failed also, e.g. the inappropriate configuration of IP PBX server and the inappropriate of IP phones ......), then I can narrow down the root cause to make the VOIP phone calls failed.

Below is the simple firewall I want to setup in the IP PBX server, i.e. accept and incoming and outgoing traffics, and forward all traffics to IP phones, without specifying any source and destination IP addresses and ports. It is much appreciated if you can help to verify whether this simple firewall rules are ok for my purpose.

#!/bin/sh

# Wipe the tables clean
iptables -F

# INPUT SIDE
iptables -A INPUT -j ACCEPT

# Output side
iptables -A OUTPUT -j ACCEPT

# FORWARD SIDE
iptables -A FORWARD -j ACCEPT
Login or Register for Dates, Times and to Reply

Previous Thread | Next Thread
Thread Tools Search this Thread
Search this Thread:
Advanced Search

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Consolidate several lines of a CSV file with firewall rules, in order to parse them easier?

Consolidate several lines of a CSV file with firewall rules Hi guys. I have a CSV file, which I created using an HTML export from a Check Point firewall policy. Each rule is represented as several lines, in some cases. That occurs when a rule has several address sources, destinations or... (4 Replies)
Discussion started by: starriol
4 Replies

2. UNIX for Beginners Questions & Answers

Simple rules of the UNIX.COM forums:

RULES OF THE UNIX AND LINUX FORUMS For the latest version of the community rules (the official community rules page), please visit here. No flames, shouting (all caps), sarcasm, bullying, profanity or arrogant posts. No negative comments about others or impolite remarks. Be patient. No... (1 Reply)
Discussion started by: Neo
1 Replies

3. UNIX for Dummies Questions & Answers

I have firewall rules to open ports, why telnet refuses connection?

Alright... this question comes from the fact that I'm trying to setup postfix to relay messages to Office 365 SMTP but its giving me connection refused... I read that if you have doubts if your port is open or not you should telnet to them so thats what I did. This is a Red Hat 6.3 box. My... (4 Replies)
Discussion started by: RedSpyder
4 Replies

4. Red Hat

Iptables/Firewall rules for multicast IP.

Hi Gurus, I need to add Multicast Port = xyz Multicast Address = 123.134.143 ( example) to my firewall rules. Can you please guide me with the lines I need to update my iptables files with. (0 Replies)
Discussion started by: rama krishna
0 Replies

5. UNIX for Dummies Questions & Answers

Create new simple System Call.

Hello to all! I am new with unix and i need your help to make something.. First of all i want to inform you that i am working under the Minix 3 OS. What i want to make is, a new system call in terms of the process manager. This system call should take an integer as a parameter (input) and... (1 Reply)
Discussion started by: kostis1904
1 Replies

6. Shell Programming and Scripting

Please verify the simple Shell code

Hi, i am trying to write script which will delete files(more than 90 days older) from different directories. Please check its ok if i implement it in SUN solaris10; One important thing i used here "exec" flag. I heard from someone- as i have lots of files "exec" flag may give error like too... (2 Replies)
Discussion started by: thepurple
2 Replies

7. UNIX for Advanced & Expert Users

Firewall - 2 Internet accesses - routing rules from source

Hello, I would like to modify my firewall configuration for being able to handle 2 internet connections in my Red zone. I would then like to configure some selecting routing rules depending on the internal source. Actual configuration: ===================== 1 router A (ISP)... (1 Reply)
Discussion started by: el70
1 Replies

8. Post Here to Contact Site Administrators and Moderators

Simple rules of the UNIX.COM forums:

(1) No flames, shouting (all caps), sarcasm, bullying or arrogant posts. (2) No negative comments about others or unpolite remarks. Be patient. (3) Refrain from idle chatter that does not contribute to the knowledge base. (4) Do not 'bump up' questions if they are not answered... (0 Replies)
Discussion started by: Neo
0 Replies
fwb_ipfw(1)							 Firewall Builder						       fwb_ipfw(1)

NAME
fwb_ipfw - Policy compiler for ipfw SYNOPSIS
fwb_ipfw [-vVx] [-d wdir] [-o output.fw] [-i] -f data_file.xml object_name DESCRIPTION
fwb_ipfw is a firewall policy compiler component of Firewall Builder (see fwbuilder(1)). This compiler generates code for ipfw - a firewall and traffic shaper in FreeBSD (see ipfw(8)). Compiler reads objects definitions and firewall description from the data file specified with "-f" option and generates firewall configuration and activation script. The generated file has a name that starts with the name of the firewall object, with an extension ".fw". It is a shell script that flushes current policy, then loads new filter and nat rules. The data file and the name of the firewall objects must be specified on the command line. Other command line parameters are optional. OPTIONS
-f FILE Specify the name of the data file to be processed. -o output.fw Specify output file name -d wdir Specify working directory. Compiler creates firewall activation script in this directory. If this parameter is missing, then all files will be placed in the current working directory. -v Be verbose: compiler prints diagnostic messages when it works. -V Print version number and quit. -i When this option is present, the last argument on the command line is supposed to be firewall object ID rather than its name -x Generate debugging information while working. This option is intended for debugging only and may produce lots of cryptic messages. NOTES
Support for ipfw was added in version 1.0.10 of Firewall Builder URL
Firewall Builder home page is located at the following URL: http://www.fwbuilder.org/ BUGS
Please report bugs using bug tracking system on SourceForge: http://sourceforge.net/tracker/?group_id=5314&atid=105314 SEE ALSO
fwbuilder(1), fwb_ipt(1), fwb_pf(1) fwb_ipf(1) FWB
fwb_ipfw(1)

Featured Tech Videos