[Spce-user] [EXTERNAL] Physical interface VS virtual interface on iptables rules
Michael Prokop
mprokop at sipwise.com
Wed Sep 18 02:49:27 EDT 2024
Hi,
* Javier Valencia [Mon Sep 16, 2024 at 08:53:40PM +0200]:
> Hi there!
>
> My NGCP CE mr9.5.7 (on bullseye (11.10) 5.10.0-30-amd64 SMP) box isn't
> responding on sip_ext, because it's generating "/etc/iptables/rules.v4"
> with virtual ethernet interface instead physical ethernet interface.
>
> In example:
> -A INPUT -i *neth0:0* -p tcp --dport 5060 -j ACCEPT -m comment --comment
> "sip_ext"
>
> Must be:
> -A INPUT -i *neth0* -p tcp --dport 5060 -j ACCEPT -m comment --comment
> "sip_ext"
>
> When I delete the first line and insert into iptables (with cli commands)
> the second line, the server starts to respond.
[...]
Aha interesting. Before we're coming up with a workaround through
/etc/ngcp-config/config.yml or ngcpcfg patchtt.tt2 for this, I'd
like to understand your situation and how to properly fix this. :)
What kind of environment is this with this virtual ethernet interface?
What's inside your /etc/ngcp-config/network.yml?
What's output of `ip a` + `ip link` on your system?
PS: please make sure to subscribe to the mailing list, otherwise
your messages end up in moderation queue (we just let it through)
and you might also miss replies.
regards
-mika-
More information about the Spce-user
mailing list