On 04/03/2015 10:10 AM, John Talbut wrote:
I had checked and have rechecked my router and ports 3478 - 3479 are
allowed. Also I can successfully ping and run traceroute to 77.72.174.167.
I would suggest running a VOIP port check.
Change _registar to your sip provider in the attached script and see
what happens.
Do read third paragraph of header for needed applications.
#!/bin/bash
#***********************************************************************
#*
#* ck_voip - check voip ports version 2.1
#*
#* Verify ports used by ekiga are open on pc and accessible
#* through pc firewall and modem.
#* Verify DiamondCard SIP servers have not blacklisted your WAN ip.
#*
#* Uses nc from netcat-openbsd rpm to test port connections
#* wget from wget rpm,
#* pkill from procps rpm,
#* netstat from net-tools rpm, and
#* dig from bind-utils rpm to check sip.diamondcard.us servers.
#*
#* If you are not going to be using the ports, and it is not marked required
#* free to remove the line from the port_ary.
#*
#* Do change _registar="sip.diamondcard.us" to your VOIP carrier
#*
#*
#* If behind NAT router, read
#* http://wiki.ekiga.org/index.php/Ekiga_behind_a_NAT_router
#*
#*
#* Required /etc/shorewall/rules snippet follows:
#*
#* # ekiga UDP Through NAT (STUN) ports
#* ACCEPT $FW net udp 3478:3479
#* ACCEPT net $FW udp 3478:3479
#*
#* # ekiga incomming SIP VoIP, Windows Messenger ports
#* ACCEPT $FW net udp 5000:5100
#* ACCEPT net $FW udp 5000:5100
#*
#* # ekiga RTP
#* ACCEPT net $FW udp 7070
#* ACCEPT net $FW udp 16382
#*
#* # ekiga incomming H.323, Netmeeting ports
#* ACCEPT net $FW tcp 1720
#* ACCEPT $FW net tcp 1720
#* ACCEPT $FW net tcp 30000:30010
#* ACCEPT net $fw tcp 30000:30010
#*
#*
#***********************************************************************
set -u
export LC_ALL=C
_exe=$0
_app=$(basename $_exe)
_dport=0
declare -a _errors=("")
_fault_flg=0
_fault_msg=""
_ipv_mode="-4"
ix=0
_lan_ip=""
_msg=""
_nc_app="nc"
_pkt_sw=""
_pkt="-u"
_registar="sip.diamondcard.us"
_required=""
_rpm=""
_servers=""
_servers_ip=""
_sport=38564
_svr_fn=$HOME/tmp/$_app.log
_target="$_lan_ip"
_test=""
_test_msg=""
_test_type=""
_wan_ip=""
declare -a port_ary=(
"3478 udp mandatory Outgoing STUN for SIP (phone calls) and RTP (video)."
"3479 udp mandatory Outgoing STUN for calls and video."
"5060 udp required SIP listen port for incoming SIP signaling."
"5000 udp required SIP SIP signaling range 5000-5100."
"5100 udp required SIP end of SIP 5000-5100 and H.323 gatekeepers range."
"5004 udp required RTP Incoming traffic from the other end. Often 5004,
7070, 16382."
"7070 udp optional RTP Incoming traffic from the other end. Often 5004,
7070, 16382."
"16382 udp required RTP is the IETF standard used to transport audio and
video. "
"1720 tcp optional H.323 Listening port for H.323 gatekeepers (Netmeeting)."
"30000 tcp optional H.245 channel for old H.323 implementations
(Netmeeting). "
"30010 tcp optional H.245 end of 30000-30010 range (Netmeeting)."
)
function port_test ()
{
_fault_flg=0
_errors=("")
if [ "$_test_type" = "LAN" ] ; then
_test_msg="pc firewall"
_target="$_lan_ip"
else
_test_msg="router firewall"
_target="$_wan_ip"
fi
echo " "
echo "Testing $_test_type $_target ports"
i=0
while [ $i -ne ${#port_ary[@]} ] ; do
set -- $(echo ${port_ary[$i]})
_dport=$1
_pkt=$2
_required=$3
shift 3
_test="$@"
if [ "$_pkt" = "udp" ] ; then
_pkt_sw="-u"
else
_pkt_sw=""
fi
_test_args="$_ipv_mode -s $_sport $_pkt_sw -w 3 $_target"
rm -f $_svr_fn
/bin/echo -n "$_required $_pkt port $_dport "
_msg="$_test_type $_test_msg port ${port_ary[$i]}"
$_nc_app $_ipv_mode -l $_pkt_sw $_dport > $_svr_fn 2>&1 &
/bin/echo "$_msg" |$_nc_app $_test_args $_dport
_count=$(grep -c "$_msg" $_svr_fn)
if [ $_count -eq 0 ] ; then
/bin/echo " FAILED"
(( _fault_flg++ ))
_errors+=("")
_errors+=("$_required $_test_type $_pkt $_dport FAILED")
_errors+=("$_test")
_errors+=("")
_errors+=("Sent: $_msg ")
_errors+=("Received: $(cat $_svr_fn )")
_errors+=("")
_errors+=("Run netstat | grep $_dport")
_errors+=("if you have port in use errors.")
else
/bin/echo " passed"
fi
(( i++ ))
done
/bin/echo "
"
} # end function port_test
#**********************************
#* main code start here
#**********************************
pgrep -f ekiga > /dev/null 2>&1
if [ $? -eq 0 ] ; then
echo "
ekiga is running somewhere. You need to stop it
"
exit 1
fi
#**********************************
#* Verify needed apps are installed
#**********************************
_apps="pkill nc wget dig hostname netstat /bin/echo"
for _app in $_apps ; do
type $_app > /dev/null 2>&1
if [ $? -ne 0 ] ; then
_errors+=("unable to find $_app")
(( _fault_flg++ ))
fi
done
if [ $_fault_flg -gt 0 ] ; then
echo "
$_exe fatal error:"
for ix in ${!_errors[*]} ; do
printf " %s\n" "${_errors[$ix]}"
done
echo "Please install missing application "
exit 1
fi
_lan_ip=$(hostname --ip-address)
_wan_ip=$(wget -qO - http://myip.dnsomatic.com/)
mkdir -p $HOME/tmp
_nc_app=$(type -p nc)
pkill -u $USER -f $_nc_app > /dev/null 2>&1
#**************************************************
#* check LAN pc firewall then WAN router ports
#**************************************************
echo "
Testing LAN PC firewall, WAN Router ports and Registar sip server
connectivity
"
for _test_type in LAN WAN ; do
port_test
if [ $_fault_flg -ne 0 ] ; then
break
fi
done
pkill -u $USER -f $_nc_app > /dev/null 2>&1
sleep 1
echo "ignore any Terminated \$_nc_app \$_ipv_mode .... messages "
if [ $_fault_flg -gt 0 ] ; then
if [ ${#_errors[*]} -gt 0 ] ; then
echo "$_exe fatal error:"
for ix in ${!_errors[*]} ; do
printf " %s\n" "${_errors[$ix]}"
done
echo "
Solution:"
if [ "$_test_type" = "LAN" ] ; then
echo "Open FAILED port in $_test_type's firewall"
echo "Allow ip/app in $_target's /etc/hosts.allow or"
echo "Remove ip/app in $_target's /etc/hosts.deny"
echo "if you are using tcpwrappers and modified those files"
else
echo "Open and forward FAILED port to LAN $_lan_ip"
echo "in the $_test_type's router"
fi
fi
echo "
Clear all port FAILED failures to finish
$_exe testing.
Assuming you did not get any nc: errors;
LAN port failures are a PC firewall problem.
Maybe /etc/hosts.(allow | deny) if you are using them.
WAN failures are a ROUTER firewall problem and you
need to open/forward ports to your LAN pc
For any questions about ports/router, refer to
http://wiki.ekiga.org/index.php/Manual#Using_Ekiga_with_routers_and_firewalls
If you get $_nc_app argument error, then you do not have a compatible
netcat-openbsd $_nc_app application.
"
exit 1
fi
echo "
Testing sip servers by ip then by name.
"
#*************************************************
#* get registar's sip udp server and ip address
#*************************************************
while read -r line; do
set -- $line
_servers="$_servers $4"
set -- $(host $4)
_servers_ip="$_servers_ip $4"
done < <((dig +short _sip._udp.$_registar SRV))
#*********************************************
#* ping by ip then by name
#*********************************************
for _serv in $_servers_ip $_servers ; do
_cmd="ping -c1 -w2 $_serv"
/bin/echo -n "$_cmd"
$_cmd > /dev/null 2>&1
if [ $? -ne 0 ] ; then
/bin/echo " FAILED"
(( _fault_flg++ ))
else
/bin/echo " passed"
fi
done
/bin/rm $_svr_fn
if [ $_fault_flg -ne 0 ] ; then
echo "
If one sip server FAILED and the other passed, then I
am betting your WAN ip ($_wan_ip) has been blacklisted.
You get blacklisted after X number of failed connection attempts.
You will need to contact diamond to clear it from their blacklist.
http://wiki.diamondcard.us/BlockdIp
Repeated server pings can also get you blacklisted. :(
"
else
echo "
Yay, if all tests passed, that indicates echo test should work.
You may want to consider running something like audacity to check
microphone input and on what device before setting it in Ekiga
preferences.
Assuming you have the account configured correctly.
I had to remove the Ekiga account, on one ekiga release,
to get my diamond account working.
My Account settings:
Name: sip.diamondcard.us
Registrar: sip.diamondcard.us
User and Authentication user are both the same value.
My Audio-> codec preference order had to be
PCMU
PCMA
Speex
All others not selected. I have not done any video call testing.
"
fi
#****************** end ck_voip *********************************************
_______________________________________________
ekiga-list mailing list
ekiga-list@gnome.org
https://mail.gnome.org/mailman/listinfo/ekiga-list
