1
21.1 Legacy Series / Traffic being dropped,unable to figure out why
« on: February 11, 2021, 12:02:08 am »
Hello OPNSense forum how are you doing? It seems I managed to get my firewall to allow traffic to my freepbx server, unfortunately I didn’t lock it down to only my SIP provider, now my got completely spammed, think I had over 1703 calls by the time I checked. In a panic and whilst on my phone I was meant to disable the rules instead I deleted it -.- and didn’t backup the config.
I’ve recreated the rules to what I thought they would be, I can see on my WAN traffic is being allowed but my freepbx server isn’t showing any logs on the console of the calls and it doesn’t ring on my IP phone or on the phone I’m dialing my landline. Before I rebuilt the freepbx server I just want to QC my rules encase it was a stupid mistake I’ve made and over looked something. I see on pfTop they are being dropped and I'm trying to figure out why.
Here is my firewall rules and live log view https://imgur.com/a/E4RuPEB
pfTop:
Thanks, Leprejohn
I’ve recreated the rules to what I thought they would be, I can see on my WAN traffic is being allowed but my freepbx server isn’t showing any logs on the console of the calls and it doesn’t ring on my IP phone or on the phone I’m dialing my landline. Before I rebuilt the freepbx server I just want to QC my rules encase it was a stupid mistake I’ve made and over looked something. I see on pfTop they are being dropped and I'm trying to figure out why.
Here is my firewall rules and live log view https://imgur.com/a/E4RuPEB
pfTop:
Code: [Select]
Up State 1-200/576, View: default, Order: source port
PR DIR SRC DEST STATE AGE EXP PKTS BYTES
udp In SIP-IP:5060 10.1.1.6:5060 NO_TRAFFIC:SINGLE 00:00:07 00:00:26 4 3572
udp Out SIP-IP:5060 10.1.1.6:5060 SINGLE:NO_TRAFFIC 00:00:07 00:00:26 4 3572
Code: [Select]
Int Proto Source -> Router -> Destination State
all udp 10.1.1.6:5060 (WAN-IP:5060) <- SIP-IP:5060 NO_TRAFFIC:SINGLE
all udp SIP-IP -> 10.1.1.6:5060 SINGLE:NO_TRAFFIC
Thanks, Leprejohn