[Spce-user] iptables issue

Jonathan Yue jonathan.yue at turboitsolutions.com
Mon Apr 18 17:31:59 EDT 2016 

Hi, all,

I customized iptables by allowing some ip addresses in INPUT chain, and 
put "iptables -A INPUT -j DROP" at the bottom. Aftert that, the 
execution of "iptables -L" is extremely slow; more importantly phones 
can't register. packet captures ( i can still ssh to server) show that 
spce doesn't respond to sip registration. I read handbook, which 
mentions RTPENGINE, however it's there, untouched.
  sudo iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  77.72.169.0/24       anywhere
ACCEPT     all  --  46.19.208.0/22       anywhere
............ ( a few line omitted )
rtpengine  all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             LOG level 
warning

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain rtpengine (1 references)
target     prot opt source               destination
RTPENGINE  udp  --  anywhere             anywhere             RTPENGINE 
id:0

After command "iptables -D INPUT -j DROP", issue is gone right away. I 
wonder what's the proper way to configure iptables on spce?

thanks,

J.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20160418/5ebe6d79/attachment-0001.html>

More information about the Spce-user mailing list