[OpenSIPS-Users] media-relay not relaying when iptables running

Saúl Ibarra Corretgé saul at ag-projects.com
Fri Oct 21 11:42:01 CEST 2011


On Oct 20, 2011, at 5:44 PM, JimDoesVoip wrote:

> Hi Jeff,
>  Thanks.  I looked at this earlier as well.  I swapped the REJECT line out
> for a blanked ACCEPT with forwards and it didn't seem to have an effect.  I
> keep wondering if there is something in raw that needs to be put in place
> based upon the messages from iptables as it exists.  I took another look
> based on your note and I think I found something meaningful.
>  iptables (at least on centos) appears to load different tables
> independently when you use the --list option.  So I started a call with only
> the raw table loaded.  no audio.  I then stopped iptables and had audio.  I
> then loaded filter and nat tables and each time still had audio.  Then as
> the call was going I loaded the raw table, and the call still had audio.  I
> stopped the call and started a new one: no audio.  Unloaded the raw table;
> audio.  
> # iptables -t raw --list   
> Chain PREROUTING (policy ACCEPT)
> target     prot opt source               destination         
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination         
> # /etc/init.d/iptables stop
> iptables: Flushing firewall rules:                         [  OK  ]
> iptables: Setting chains to policy ACCEPT: raw             [  OK  ]
> iptables: Unloading modules:                               [  OK  ]
> # 
> So it feels likely that the raw part of my iptables config is blocking
> things.  Perhaps, even though it says it is defaulting to ACCEPT, it is
> blocking packets from getting to conntrack rules setup by media-relay?

MediaProxy will use the raw table briefly to intercept the traffic in PREROUTING. Once the conntrack rule is up those rules in the raw table will go away.

Not sure what's going on there, it never happened to me before, alas I can't be of much help :-S


Saúl Ibarra Corretgé
AG Projects

More information about the Users mailing list