4 Jun
2007
4 Jun
'07
3:59 p.m.
Hi,
On Mon, Jun 04, 2007 at 09:58:21PM +0800, Liu Wenlong wrote:
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 5060 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 5060 -j ACCEPT COMMIT
You should add those additional rules above the REJECT rule, not below it. Otherwise the REJECT rule will just reject (as the name says) any packets that make it to that point and your rules for port 5060 will never be processed.
Regards, Jan
--
Jan Andres jan.andres@freenet.ag