I just setup a linux machine that act as a gateway along with squid running in transparent mode. Now I have one asterisk server which is behind that gateway I mean on my local subnet which pass through my linux gateway. Voip server having 4mb up n 4 mb down limit. Clients having 512kbps and upload 2mb.
Linux gateway : controlling band width of each clients
Squid acl forNAT issue with voip sites
Now my question is regarding skype calling. Since skype uses port 80, does it mean that it passes its request via proxy or direct and for safe side I've changed skype incoming port to 443 which squid does not see it. How much and width does skype use for calling in that case. Some one told me that it using squid to pass its request which I don't agree.
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?acl blocksites url_regex yahoohttp_access deny blocksitesI have also tried saving some url & filter content in a file and edited configuration as follows,acl blocksites url_regex "/etc/squid/squid-block.acl"http_access deny blocksitesThe squid-block.acl file contents are.cricinfo.commp3
I'm having some issues settings up a transparent proxy server, which should allow only regular web browsing (port 80), any other port (including HTTPS (443)) has to be blocked, as well as any other port. Right now, I'm using Debian 6 and Squid3. The server only has one NIC. The topology is like this: Clients <-> Proxy Server + DHCP Server <-> Internet
With this setup, the network does have internet access and the websites I whitelisted are the only ones accesible via browser, however port block is not working, every port is open, hence why trying to access blacklisted websites through HTTPS is possible. Seems to me Squid3 is doing it's job fine, however IPTABLES for some reason seems to be redirecting all the trafic to port 3128 (Squid3 port). I could be wrong, but I've been unable to do anything related to ports with squid3 (either whitelisting or blacklisting).
For Iptables I used: Code: iptables -A PREROUTING -t nat -i eth0 -p tcp -j REDIRECT --dport 80 --to-port 3128 iptables -A INPUT -i eth0 -m tcp -p tcp --dport 80 -j ACCEPT iptables -A INPUT -i eth0 -m tcp -p tcp --dport 22 -j ACCEPT iptables -A INPUT -i eth0 -m tcp -p tcp --dport 3128 -j ACCEPT iptables -A INPUT -i eth0 -m tcp -p tcp --dport 443 -j DROP
Using 10.4, got the webmin installed and squid. Got my access control list setup.Within the acccess control list setup, I can not go to sites likemethodistmd.org or mollimd.org for whatever reason. But I can go to votekirkland as well as google. Why would webmin and/or squid only work with certain sites within the the defined access control list?
I have a problem with sites or domain blocking by squid proxy server in rehl 5. I have trying lots of time but i'm not succed.pls help me how to block sites or domain in rhel 5.
i have seven department in my office. i want to restricte web sites for all the departments but not same web sites for all the departments i.e. different sites for different departments.i have no idea about this issue.
I dual boot XP and FC14 and have 2 routers. I can connect and ping one of these routers when I'm in FC and I have an IP address I just can't load any websites. When I connect to the other router (my main router) it works fine. When I boot into XP and connect to the problem router I can load pages fine. It's only when I'm on FC14 and connect to the problem router that I can't load pages even though I have an IP and can ping around.
My home networking consists of a slackware box, running iptables with a dual NIC. That's the firewall. I have a Netgear FSM 7352S, which is a level 3 switch, which I am currently just using as a switch. Clients are numerous PCs and a couple of networked printers.
The "firewall" machine is also a file server.
Here are the issues I could use some pointers on:
I'd like to assure that the VOIP adapters get priority, assuring QOS, particularly voice quality.
I'd like to provide reasonable priority for video streaming, such as hulu and other sources, that the kids use.
I'd like bulk data transfers (like backing up partitions) to the file server that runs iptables, and acts as the firewall/gateway for a cable internet connection. It would be good to be able to do this without impacting VOIP and video streaming.
I was given a project of installing a new Jive VOIP PBX and will be migrating it from an older Avaya PBX. I need to perform in order to migrate the DID's and extensions and etc from the old system to the new? It is something that I have never done and have been ask to perform a miracle. I have never used JIVE VOIP PBX's and am familiar with Trixbox stuff but for smaller business and nothing of this size.
I'm trying to setup QoS for my VoIP line on my debian router box. I have tested wondershaper and to me it doesn't seem to work at all, so I'm looking for a better solution. Ultimately I would like something in the lines of [URL] but I guess such nice things doesn't exist for linux. Currently I'm on an ADSL link switching to cable in a few months.
I'm using tcpdump and tcptrace to track all incoming and outgoing data packets through my network interfaces. But I fail to monitor the voip data for skype that way, although it works well with http port 80, for example.
I want to track the ip address of the data packets for skype, i.e. know the ip address of the other one speaking at the other end of skype. How can I achieve this?
I've checked the port setting in my skype and I'm sure I'm listening on the right port. But nothing is showing up while I'm in connection with skype.
I have a complex network. ADSL broadband comes into the house and connects to an Orange Livebox. An Ethernet cable then connects the Livebox to a more powerful router, a DrayTek Vigor 2710Vn. The reason for this is that the Livebox has a second line capability using Voip, but it is not powerful enough to get around my stone house. The DrayTek router has Voip capability, but as yet Orange will not connect the Voip line to it. I connect to this system with Ubuntu. Android, Windows and I-phone. I can connect to either of the routers, though I usually use the DrayTek.
Voip on the Livebox does not require a computer to run it, you just plug a normal phone into it and use it to get free calls. I actually take this line into a Panasonic telephone switch to give me a 2 line system around the house. The problem with this set-up is that after a short time something happens to the network which prevents Ubuntu computers connecting to it. Windows machines, I-phones and Android phones connect, but Ubuntu does not. If I re-boot the Livebox, or in an extreme case take it back to it's factory settings, the Ubuntu machines can connect again, but it's only temporary.
The fact that fixing Livebox sorts the problem definitely points to Ubuntu being innocent, but at the moment I can't do without the Livebox. That means, for the moment, having to stay with Windows. If I post the output log after a failed connection attempt, all it would show is the connection timing out. Why is Ubuntu so sensitive to network problems that are not of it's making. Is there anything I can do about it other than changing my ISP. I am considering that, but other factors make that difficult.
I have two asterisk servers each one behind a linux firewall/gw. Linux is Centos 5.4, kernel 2.6.18-164.el5, iptables v1.3.5. Routes on the fws are ok and when iptables is stoped the servers are see each other, all good. But when I run iptables script in any fw, one server (not always the same) goes unreachable. I verify this with asterisk -r, then show sip trunk, and status becomes UNREACHABLE.
Iptables scripts is generated by fwbuilder. The weird part is I put only one rule to de script and it looks like Source=any, Destination=any, Service=any, Interface=any, Direction (Inbound,Outbound)=any, Time=Any, Action=ACCEPT. So as you can see I tried something like "Do not do anything at all". But anyway I run the script in any fw and one server becomes UNREACHABLE. I think the script does something wrong after all or maybe I have some missconfiguration in my asterisk conf files. The point is I am not so expert in iptables or shell scripting so I can't see anything in the iptables script. I have look for some issues like iptables blocking because of ip_conntrack table full, or "dont fragment" bit set in kernel problem, but nothing seems to be the right problem at all.
I have recently bought a IP/PABX system with one FXO and one FXS port. I intend to install this on a remote site with a public but dynamic IP (can be resolved via dyndns though) and make calls via clients that are NATTed (inside a home router). I would like to seek advice on the port opening and the recommended settings. I have been reading a lot on VOIP and I am getting feedback that SIP calls are difficult to establish on a NATTed environment.
1.) SIP port 5060 UDP? 2.) RTP ports - what range should I open for this? I see some use 10000-20000 UDP 3.) STUN server - Is this something that needs to be configured?
How can I ensure that the other party can hear the audio just like a regular telephone? Is it really impossible to do if the client is behind a router in which it is using a Private IP Address? What other network configurations needs to be done?
In the past week or so I've noticed some weird network behaviour. I find accessing some sites such as Amazon, Paypal, and Bigstockphoto really slow. Sometimes the page will not load at all. Other sites are fine. The problem sites are not a problem for others on my LAN at home. When I try to open the problem sites, I can see in Firestarter blocked connections coming from 2.1(8/9).xxx.xxx on various ports such as 36007. This only happens for the problem sites. I attached a typical output from firestarter.
This happens with Firfeox or Chrome. Using Ubuntu 10.10
I`m using Fedora 14 and i`ve one problem, i use x-lite phone on windows and what is x-lite alternative for linux ? i`ve found x-lite phone for linux but it dont work fine . It has problems with sound card etc. What do you recommend?
I am complete new to the technical side of VOIP. I know above diagram is not technically correct. I want a setup that works like that and oh the cheaper yet not compromising the better, even ekiga or skype can do that.
I am running Ubuntu 9.04 32bit on a dual boot (XP) computer. No internet problems in windows, and I am currently typing this post on my wifes HP laptop running 9.10. I have no browsing ability on the desktop running 9.04, and updates don't work (in details, every other line fails) But, I can bring up Google, and search it, pictures and all, but cannot go to different sites (ebay, hotmail, amazon as the first few i try). Also, my pidgin works fine, as I am talking on it now. I have tried to turn off ipv6 in Firefox and ubuntu, neither doing anything noticeable.
I have an odd Linux problem. Changed ISP recently -- Windows NT4 & W95 work fine. Linux has worked fine on previous ISPs, but on the newest ISP, I can connect successfully on Linux, but can only communicate w/maybe one out of 10 sites (Google, for ex.). Mostly I get "cannot connect to site". Some points:
-Linux is Slackware w/kernel build 2.4.26. -No settings changed from Linux setup that worked fine on previous ISPs. -/var/log/Log file says PPP connects via CHAP successfully & no problems.. -I don't see any similarity on the few sites I can connect to -- seems random. -ISP is useless -- say they "don't support Linux". -Using Firefox & Konqueror browsers.
I need to block some websites and torrents on my LAN running on mostly WIndows XP pcs and a Windows 2008 domain controller. It's possible to block some sites using DNS in Windows Domain controller, but users have the rights to change DNS and bypass the rule. Editing HOSTS file doesn't workThen I tried using Avast antivirus Site Block feature, but that doesn't work on any browser except Mozilla. We have to use Epic and Mozilla Firefox.We can't use a dedicated hardware firewall due to budget constraints and the fact that we have multiple ADSL lines for internet. No single gateway.
I can ping certain websites, such as Adobe.com, but I cannot access them via http (i.e. through firefox or yum). Some websites work through http, like Google, while others don't. The ones that don't are always the same.
What really hurts here is I cannot yum to all repos i'd like to. Since the same sites cannot be accessed through firefox, I imagine there is some underlying problem with my system's HTTP setup.
My windows machine on the same network works fine. I have had this problem since I installed Fedora 10 about 4 months ago. I'd rather not reinstall as nothing really seems broken (aside from this http issue), my system is completely up to date.
If I use a public proxy website I can get to the sites I can't connect to directly. I've followed a FAQ from mozilla for Firefox that hasn't helped, but I don't think its a Firefox issue since yum suffers as well. I also followed the fedora FAQ and I have been using OpenDNS servers.
For a while now I've got a problem when surfing the internet. Everythings fine for let's say 15 minutes and then all of a sudden it takes about 1 minute to load a -random- page, once it has loaded, everthing's fine again. Transmission does not seem to have this problem. I'll double check this. Looking thru the forum I found the following "solutions". None of which has worked for me up to now:
- disable ipv6 in firefox - set method under network manager to "Automatic (DHCP) addresses only" and use google or OpenDNS dns servers - change resolv.conf (comparable to the second one I guess)