Confirm i'm planning on doing the right thing?

MKEbrew · December 30, 2011, 1:25pm

What Linux distribution is this? If you don’t know, this might help you determine: http://www.mariusv.com/how-to-determine-linux-distribution/

jhotchkiss · December 30, 2011, 1:30pm

cool… thanks. its Debian v5.0.3

MKEbrew · December 30, 2011, 1:50pm

Try: update-rc.d -f iptables remove

to stop it from starting at boot. I’m not running iptables on my current debian box to test this method, and these types of things can be different from distro to distro.

Run this, reboot, then iptables -L to list active rules. Once you get Webmin installed, you’d basically just check a box telling it not to start at boot.

MKEbrew · January 4, 2012, 3:33pm

Isn’t RTP UDP?

TCP Port 10000 is used for Webmin…

jhotchkiss · January 4, 2012, 3:32pm

Just wanted to post back (after the Christmas / new year break) and say thanks for all your help. I’m beginning to get an much better understanding of Linux and the asterisk / FreePBX system in general and your tips have helped start this.

So one final question for you all as I think I might have found the cause of the problem…?

If the firewall / IPTables on my server has only a single entry for rtp ports and it set to be 10000 but NOT a range of ports i.e. the recommended 10000:20000 could this be the cause of the intermittent one-way audio?

the line that creates the IPtable entry is:
-A INPUT -p tcp --dport 10000 -j my_chain_name

Within that chain, there are rules to allow from IP’s on our internal network.

There are other lines in the FW for the SIP port etc, but this stood out to me as a potential cause?

many thanks, hopefully this will be the last request/question on this thread

jhotchkiss · January 4, 2012, 4:45pm

yep, I meant UDP, been staring at LOTS of FW lines today and think my heads got a little fuzzy!

Questions remains the same though… do you think this is causing a restriction?

many thanks

MKEbrew · January 4, 2012, 4:58pm

Possibly. It needs to be a range for it to work properly. A quick way to find out would be flushing iptables and seeing if your issues are corrected. If not, then it’s not likely to be an iptables related problem.

jhotchkiss · January 9, 2012, 10:30am

Thanks for all the help. just wanted to let you know that swapping the external modem and the network cable, plus some tweaks to to the IPTables as mentioned above fixed the problem. Now all I have to do is begin to tie it down for security… could be revisiting some of these issues, but at least with the help you’ve suggested here already I’ll know where and how to be looking.

Thanks again