On 2/6/19 9:50 AM, Kevin Olbrich wrote: > Hi! > > I read this article: > http://shorewall.org/Helpers.html > > Currently I have some problems with an Asterisk installation and > broken SIP packets (because they are generated by bots). > While I try to debug this, I noticed that the SIP helper is active. As > far as I understand, I don't need it because I have correct rules in > place (also, I don't want the firewall to open ports based on the SDP > for RTP as this is hardcoded in my setup). > > Should I set "AUTOHELPERS=Yes" to No in shorewall.conf? >
That isn't necessary. AUTOHELPERS=Yes simply associates those helpers that are enabled with their respective protocol and port. As explained in the helpers article, to disable SIP you list the SIP helper in DONT_LOAD, then list the helpers that you do want to load in HELPERS. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
