Running FreePBX 13.0.105 with Asterisk 13.7.0
We have our box setup with a public IP as we were having issues using other than 5060 TCP bind ports (we’re using TCP for SIP) behind our Cisco ASA 5510’s.
That being said, we have and Sangoma firewall off, but fail2ban on.
We’re trying to do the following to help tighten down our server a little more:
-A INPUT -i eth0 -p tcp -m tcp --dport 7775 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 7775 -m string --string “REGISTER
sip:sip1.ourservers.com” --algo bm --to 65535 -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 7775 -j DROP
Got that from this post
Anyway, I cannot get an endpoint to connect like this. I have to simply open up TCP 7775 like this:
-A INPUT -p tcp --dport 7775 -j ACCEPT
Any idea why the the string thing isn’t working? I even did a tcpdump and saw the “REGISTER sip:sip1…” line. It did include :7775 at the end, put I even tried to add that to the iptables string and no go.