Reply To: Zeroshell with multiple SIP devices and multiple WANs?

Home Page Forums Network Management ZeroShell Zeroshell with multiple SIP devices and multiple WANs? Reply To: Zeroshell with multiple SIP devices and multiple WANs?

#48794

ieee754
Member

hi atheling –

can i ask what you mean by “overriding what it does in the mangle table” ?

I am having all sorts of trouble getting SIP to work through my zeroshell.

for the purposes of testing i have completely erased my output/input/forward chains and set them to ACCEPT.

i have net balancer turned on.
i have a rule setup to direct all traffic from my asterisk box, 192.168.61.250, out on ppp0.
i have a virtual server entry for udp 5060 and udp 10000-20000 to forward to 192.168.61.250

i can see the asterisk registration attempts going out through the connection monitor – with a [UNREPLIED] state next to each attempt.

i can see the following in the PRE/POSTROUTING chains:


Chain PREROUTING (policy ACCEPT 2964 packets, 280K bytes)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- ppp3 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1723 to:192.168.61.2:1723
0 0 DNAT tcp -- ppp3 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:4125 to:192.168.61.2:4125
5 276 DNAT tcp -- ppp3 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 to:192.168.61.3:25
4 220 DNAT tcp -- ppp3 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 to:192.168.61.2:443
0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060 to:192.168.61.250:5060
0 0 DNAT udp -- ppp0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:10000:20000 to:192.168.61.250:10000-20000

Chain POSTROUTING (policy ACCEPT 219 packets, 17960 bytes)
pkts bytes target prot opt in out source destination
2625 235K SNATVS all -- * * 0.0.0.0/0 0.0.0.0/0
651 59278 MASQUERADE all -- * ppp0 0.0.0.0/0 0.0.0.0/0
137 12877 MASQUERADE all -- * ppp1 0.0.0.0/0 0.0.0.0/0
135 12392 MASQUERADE all -- * ppp2 0.0.0.0/0 0.0.0.0/0
202 18911 MASQUERADE all -- * ppp3 0.0.0.0/0 0.0.0.0/0

Chain SNATVS (1 references)
pkts bytes target prot opt in out source destination

naturally the asterisk box complains there is no response.
you can see my mail port fwd working fine in the above table.
you can see 0 packets being fwd that match the 5060 rule.

any suggestions?

i am completely at a loss here. thanks.