Firewall regeln aushebeln - Asterisk hinter FritzBox

Sidebar Sidebar
Upgrade 3CX to v18 and get it hosted free!
B

Becka

Neuer User
Mitglied seit
5 Nov 2005
Beiträge
116
Punkte für Reaktionen
0
Punkte
16
da betateilchen im asterisk forum so eine tolle anleitung hinterlassen hat hab ich mir auch mal nen asterisk aufgesetzt aber ich komm nich durch die firewall der box durch
ich habs auch schon über die ar7.cfg probiert aber ein freund von mir mit dem ichs teste kommt trotzdem nich durch sondern landet immer auf dem voipd von der box
kann ichs irgendwie einstellen das sowohl die box als auch der asterisk durch die box kommen?

btw: wisst ihr auch wie ich auf dem dnsmasq wildcard domains einstellen kann, auf dem server läuft auch noch ein confixx aber ich muss jede subdomain auf der box per hand eintragen
 
Du kannst die beiden "Server" nicht auf dem selben Port laufen lassen.
Der voipd lauscht doch auf 5060? Dann musst du den Port auf dem Asterisk umstellen. Oder reden wir jetzt aneinander vorbei?

MfG Oliver
 
Ich habe es mit einer Umstellung des Ports bei Asterisk nicht geschafft, mit 1&1 eine Verbindung hinzubekommen. Es kamen einfach keine Anrufe rein und die, die raus gingen, waren stumm. Deshalb mußte in den Asterisken auf 5060 lassen und die FritzBox auf 5062 schieben, dann ging alles. Portforwards rein und die Welt ist in Dortmund... ;-)

Hawedieehre.
Fant
 
auf der box läuft ja der voipd und laut syslog is der voipd auf die anmelde versuche von außen eingegangen, bzw er hat sie abgelehnt
ich habs dann probiert den voipd zu killen und dafür die portforwards in der ar7.cfg auf 5060 zum server geleitet aber das hat komischerweise auch net geklappt
 
@ fant

wie verschiebst Du denn den lauschport(5060) der FBF auf 5062, das ist nämlich auch mein Problem.
Ich denke in den regulären Einstellungen der Box geht das wohl nicht(wäre ja auch zu einfach)?!
Erklärs mir aber bitte langsam, weil kein Programierspezi!

Danke
 
Zum Verschieben des Lauschports sind folgende Schritte notwendig:

- per telnet/ssh auf die Box gehen
- nach /var/flash wechseln und in die Datei debug.cfg folgendes eintragen:
Code: 
/etc/init.d/rc.voip stop
voipd -P 5062
sleep 5
telefon a127.0.0.1
- Ich poste jetzt mal meine modifizierte ar7.cfg. Ich habe da an drei Stellen aus der Portnummer 5060 eine 5062 gemacht. Nicht alle 5060, die in der Datei vorkommen, auf 5062 ändern, sondern nur die, die ich kenntlich gemacht habe:
Code: 
/*
 * /var/flash/ar7.cfg
 * Tue Apr 11 14:51:13 2006
 */

ar7cfg {
        mode = dsldmode_router;
        tsdisabled = no;
        igddenabled = yes;
        igdd_control_enabled = no;
        wan_bridge_with_dhcpc = yes;
        wan_bridge_gateway = 0.0.0.0;
        dhcpc_use_static_dns = no;
        ethmode = ethmode_router;
        StatisticStartOfMonth = 1;
        macdsl_override = 00:00:00:00:00:00;
        ethinterfaces {
                name = "eth0";
                dhcp = no;
                ipaddr = 192.168.2.1;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                dhcpenabled = no;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        } {
                name = "eth0:0";
                dhcp = no;
                ipaddr = 192.168.178.254;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                dhcpenabled = yes;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        } {
                name = "eth1";
                dhcp = no;
                ipaddr = 192.168.100.1;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                dhcpenabled = yes;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        } {
                name = "usbrndis";
                dhcp = no;
                ipaddr = 192.168.201.1;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                dhcpenabled = yes;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        } {
                name = "wlan";
                dhcp = no;
                ipaddr = 192.168.200.1;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                interfaces = "tiwlan0", "wdsup0", "wdsdw0", "wdsdw1",
                             "wdsdw2", "wdsdw3";
                dhcpenabled = no;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        }
        brinterfaces {
                name = "lan";
                dhcp = no;
                ipaddr = 192.168.2.1;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                interfaces = "eth0", "usbrndis", "eth1", "tiwlan0", "wdsup0",
                             "wdsdw0", "wdsdw1", "wdsdw2", "wdsdw3";
                dhcpenabled = no;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        } {
                name = "lan:0";
                dhcp = no;
                ipaddr = 192.168.178.254;
                netmask = 255.255.255.0;
                dstipaddr = 0.0.0.0;
                dhcpenabled = yes;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        }
        dslinterface {
                name = "dsl";
                dhcp = no;
                ipaddr = 192.168.179.1;
                netmask = 255.255.255.255;
                dstipaddr = 192.168.179.1;
                dhcpenabled = yes;
                dhcpstart = 0.0.0.0;
                dhcpend = 0.0.0.0;
        }
        dslinterface_metric = 2;
        routes {
                enabled = yes;
                ipaddr = 192.168.1.0;
                mask = 255.255.255.0;
                gateway = 192.168.2.29;
                metric = 0;
        } {
                enabled = yes;
                ipaddr = 192.168.110.0;
                mask = 255.255.255.0;
                gateway = 192.168.2.29;
                metric = 0;
        } {
                enabled = yes;
                ipaddr = 192.168.3.0;
                mask = 255.255.255.0;
                gateway = 192.168.2.29;
                metric = 0;
        } {
                enabled = yes;
                ipaddr = 192.168.12.0;
                mask = 255.255.255.0;
                gateway = 192.168.2.29;
                metric = 0;
        }
    pppoefw {
                interfaces = "usbrndis", "eth0", "eth1", "tiwlan0", "wdsup0",
                             "wdsdw0", "wdsdw1", "wdsdw2", "wdsdw3";
                nofirewall = yes;
                ipnetbiosfilter = yes;
                dnsfilter_for_active_directory = yes;
                hostuniq_filter = "";
                dpconfig {
                        security = dpsec_host;
                        lowinput {
                                policy = "reject";
                                accesslist =
                                             "permit ip any any connection outgoing-related",
                                             "permit ip any any connection incoming-related",
                                             "permit icmp any any";
                        }
                        lowoutput {
                                policy = "permit";
                        }
                        highinput {
                                policy = "permit";
                        }
                        highoutput {
                                policy = "permit";
                                accesslist =
                                             "reject ip any 242.0.0.0 255.0.0.0",
                                             "deny ip any host 255.255.255.255",
                                             "reject ip any 10.0.0.0 255.0.0.0",
                                             "reject ip any 169.254.0.0 255.255.0.0",
                                             "reject udp any any eq 135",
                                             "reject tcp any any eq 135",
                                             "reject udp any any range 137 139",
                                             "reject tcp any any range 137 139",
                                             "reject udp any any range 161 162",
                                             "reject udp any any eq 520",
                                             "reject udp any any eq 111",
                                             "reject udp any any eq 22289",
                                             "reject udp any any eq 1710",
                                             "reject udp any any eq 1048",
                                             "reject udp any any eq 158",
                                             "reject udp any any eq 515",
                                             "reject icmp any 149.1.1.0 255.255.255.0",
                                             "reject tcp any host 202.106.185.127 eq 25";
                        }
                        shaper = "globalshaper";
                }
        }
        budget {
                Enabled = no;
                Period = 2;
                VolumeLow = 0;
                VolumeHigh = 0;
                ConnectionTime = 0;
                WarnOnly = yes;
        }
        vccs {
                VPI = 1;
                VCI = 32;
                dsl_encap = dslencap_pppoe;
                ipbridgeing = no;
                connections = "internet";
        }
        dslifaces {
                name = "internet";
                dsl_encap = dslencap_inherit;
                ppptarget = "internet";
                etherencapcfg {
                        use_dhcp = yes;
                        ipaddr = 0.0.0.0;
                        netmask = 0.0.0.0;
                        gateway = 0.0.0.0;
                        dns1 = 0.0.0.0;
                        dns2 = 0.0.0.0;
                }
                stay_always_online = yes;
                redial_delay_after_auth_failure = 1m;
                redial_limit = 3;
                redial_after_limit_reached = 1h;
                username_prefix_after_auth_failure = "";
                dsldpconfig {
                        security = dpsec_firewall;
                        lowinput {
                                policy = "permit";
                                accesslist =
                                             "deny ip any 242.0.0.0 255.0.0.0",
                                             "deny ip any host 255.255.255.255",
                                             "deny udp any any eq 135",
                                             "deny tcp any any eq 135",
                                             "deny udp any any range 137 139",
                                             "deny tcp any any range 137 139",
                                             "deny udp any any range 161 162",
                                             "deny udp any any eq 520",
                                             "deny udp any any eq 111",
                                             "deny udp any any eq 22289",
                                             "deny udp any any eq 1710",
                                             "deny udp any any eq 1048",
                                             "deny udp any any eq 158",
                                             "deny udp any any eq 515";
                        }
                        lowoutput {
                                policy = "permit";
                        }
                        highinput {
                                policy = "permit";
                        }
                        highoutput {
                                policy = "permit";
                                accesslist =
                                             "deny ip 192.168.200.0 255.255.255.0 any",
                                             "reject ip any 242.0.0.0 255.0.0.0",
                                             "deny ip any host 255.255.255.255",
                                             "reject ip any 10.0.0.0 255.0.0.0",
                                             "reject ip any 169.254.0.0 255.255.0.0",
                                             "reject udp any any eq 135",
                                             "reject tcp any any eq 135",
                                             "reject udp any any range 137 139",
                                             "reject tcp any any range 137 139",
                                             "reject udp any any range 161 162",
                                             "reject udp any any eq 520",
                                             "reject udp any any eq 111",
                                             "reject udp any any eq 22289",
                                             "reject udp any any eq 1710",
                                             "reject udp any any eq 1048",
                                             "reject udp any any eq 158",
                                             "reject udp any any eq 515",
                                             "reject icmp any 149.1.1.0 255.255.255.0",
                                             "reject tcp any host 202.106.185.127 eq 25";
                        }
                        forwardrules = "tcp 0.0.0.0:0 0.0.0.0:0 1 out",
                                       "udp 0.0.0.0:0 0.0.0.0:0 1 out",
     -> HIER ÄNDERN        "udp 0.0.0.0:5062 0.0.0.0:5062",
                                       "udp 0.0.0.0:7078 0.0.0.0:7078",
                                       "udp 0.0.0.0:7079 0.0.0.0:7079",
                                       "udp 0.0.0.0:7080 0.0.0.0:7080",
                                       "udp 0.0.0.0:7081 0.0.0.0:7081",
                                       "udp 0.0.0.0:7082 0.0.0.0:7082",
                                       "udp 0.0.0.0:7083 0.0.0.0:7083",
                                       "udp 0.0.0.0:7084 0.0.0.0:7084",
                                       "udp 0.0.0.0:7085 0.0.0.0:7085",
                                       "# tcp 0.0.0.0:21 192.168.178.20:21 0 # FTP-Server",
                                       "# tcp 0.0.0.0:3389 192.168.178.20:3389 0 # MS Remote Desktop",
                                       "udp 0.0.0.0:1194 192.168.2.29:1194 0 # OpenVPN",
                                       "tcp 0.0.0.0:25 192.168.2.29:25 0 # SMTP",
                                       "tcp 0.0.0.0:22 192.168.2.29:22 0 # SSH",
                                       "tcp 0.0.0.0:443 192.168.2.29:443 0 # HTTPS",
                                       "tcp 0.0.0.0:1731 192.168.3.32:1731 0 # Netmeeting",
                                       "tcp 0.0.0.0:1503 192.168.3.32:1503 0 # Netmeeting",
                                       "tcp 0.0.0.0:1720 192.168.3.32:1720 0 # Netmeeting",
                                       "tcp 0.0.0.0:80 192.168.2.29:80 0 # HTTP-Server",
                                       "udp 0.0.0.0:10000+301 192.168.2.29:10000 0 # Asterisk",
                                       "tcp 0.0.0.0:5060 192.168.2.29:5060 0 # Asterisk",
                                       "udp 0.0.0.0:5060 192.168.2.29:5060 0 # Asterisk",
                                       "# tcp 0.0.0.0:4569 192.168.2.29:4569 0 # Asterisk IAX",
                                       "# udp 0.0.0.0:4569 192.168.2.29:4569 0 # Asterisk IAX";
                        shaper = "globalshaper";
                }
        } {
                name = "voip";
                dsl_encap = dslencap_inherit;
                ppptarget = "voip";
                etherencapcfg {
                        use_dhcp = yes;
                        ipaddr = 0.0.0.0;
                        netmask = 0.0.0.0;
                        gateway = 0.0.0.0;
                        dns1 = 0.0.0.0;
                        dns2 = 0.0.0.0;
                }
                stay_always_online = yes;
                redial_delay_after_auth_failure = 1m;
                redial_limit = 3;
                redial_after_limit_reached = 1h;
                username_prefix_after_auth_failure = "";
                dsldpconfig {
                        security = dpsec_firewall;
                        lowinput {
                                policy = "permit";
                                accesslist = "permit udp any any",
                                             "permit icmp any any",
                                             "deny ip any host 255.255.255.255",
                                             "reject ip any any";
                        }
                        lowoutput {
                                policy = "permit";
                        }
                        highinput {
                                policy = "permit";
                        }
                        highoutput {
                                policy = "permit";
                                accesslist = "permit udp any any",
                                             "reject ip any any";
                        }
                        forwardrules = "tcp 0.0.0.0:0 0.0.0.0:0 1 out",
                                       "udp 0.0.0.0:0 0.0.0.0:0 1 out",
        -> HIER ÄNDERN     "udp 0.0.0.0:5062 0.0.0.0:5060",
                                       "udp 0.0.0.0:7078 0.0.0.0:7078",
                                       "udp 0.0.0.0:7079 0.0.0.0:7079",
                                       "udp 0.0.0.0:7080 0.0.0.0:7080",
                                       "udp 0.0.0.0:7081 0.0.0.0:7081",
                                       "udp 0.0.0.0:7082 0.0.0.0:7082",
                                       "udp 0.0.0.0:7083 0.0.0.0:7083",
                                       "udp 0.0.0.0:7084 0.0.0.0:7084",
                                       "udp 0.0.0.0:7085 0.0.0.0:7085";
                        shaper = "globalshaper";
                }
        }
        voip_routes = "permit ip any any connection exists",
                      "permit udp any eq 5060 any",
                      "permit udp any eq 7077 any eq 53",
                      "permit udp any range 7078 7085 any";
        targets {
                type = pppcfg_target_internet;
                name = "internet";
                only_crypt_auth = no;
                local {
                        username = "----------------------";
                        passwd = "------------------------------------------------";
                }
                remoteauth = pppcfg_authtype_chap;
                remoteauth_only_on_incoming = yes;
                remote {
                }
                inactivity_timeout = 0w;
                bUseChargeInterval = no;
                nChargeInterval = 1m;
                logicaldisconnect_with_physical = yes;
                disconnect_timeout = 0w;
                finaldisconnectcall = no;
                ipnetbiosspoofing = no;
                ipnetbiosfilter = yes;
               dnsfilter_for_active_directory = no;
                no_outgoing_calls = no;
                coso = pppcfg_coso_caller;
                callback_delay = 1s;
                icbmode = pppcfg_icbmode_none;
                ocbmode = pppcfg_ocbmode_none;
                mscbprefered = no;
                multilink {
                        extra_static_channels = 0;
                        max_channels = 1;
                        automatic = no;
                        automatic_param {
                                window = 20s;
                                add_percent = 85;
                                drop_percent = 70;
                                sportlich = no;
                        }
                }
                header_compression = yes;
                data_compression = pppcfg_datacomp_auto;
                stac_reset_with_history_number = no;
                encryption = pppcfg_crypt_none;
                inactivity_prevention_interval = 0w;
                new_ipaddr_on_connect = no;
                my_ipaddr = 0.0.0.0;
                his_ipaddr = 0.0.0.0;
                bVolumeRoundUp = no;
                VolumeRoundUpBytes = 0;
                bProviderDisconnectPrevention = yes;
                ProviderDisconnectPreventionInterval = 1d;
                ProviderDisconnectPreventionHour = 2;
                bProviderDisconnectPreventionHourSet = yes;
        } {
                type = pppcfg_target_internet;
                name = "voip";
                only_crypt_auth = no;
                local {
                        username = "";
                        passwd = "";
                }
                remoteauth = pppcfg_authtype_chap;
                remoteauth_only_on_incoming = yes;
                remote {
                }
                inactivity_timeout = 0w;
                bUseChargeInterval = no;
                nChargeInterval = 1m;
                logicaldisconnect_with_physical = yes;
                disconnect_timeout = 0w;
                finaldisconnectcall = no;
                ipnetbiosspoofing = no;
                ipnetbiosfilter = yes;
                dnsfilter_for_active_directory = no;
                no_outgoing_calls = no;
                coso = pppcfg_coso_caller;
                callback_delay = 1s;
                icbmode = pppcfg_icbmode_none;
                ocbmode = pppcfg_ocbmode_none;
                mscbprefered = no;
                multilink {
                        extra_static_channels = 0;
                        max_channels = 1;
                        automatic = no;
                        automatic_param {
                                window = 20s;
                                add_percent = 85;
                                drop_percent = 70;
                                sportlich = no;
                        }
                }
                header_compression = yes;
                data_compression = pppcfg_datacomp_auto;
                stac_reset_with_history_number = no;
                encryption = pppcfg_crypt_none;
                inactivity_prevention_interval = 0w;
                new_ipaddr_on_connect = no;
                my_ipaddr = 0.0.0.0;
                his_ipaddr = 0.0.0.0;
                bVolumeRoundUp = no;
                VolumeRoundUpBytes = 0;
                bProviderDisconnectPrevention = yes;
                ProviderDisconnectPreventionInterval = 1d;
                ProviderDisconnectPreventionHour = 2;
                bProviderDisconnectPreventionHourSet = yes;
        }
        dslglobalconfig {
                autodetect = yes;
                speed_in_netto = 1024;
                speed_out_netto = 128;
                manual_speed = no;
                connect_delay_when_synced = 3s;
                templates {
                        VPI = 1;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 48;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 48;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 67;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 67;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 64;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 36;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 9;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 30;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 38;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 38;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 81;
                       VPI = 8;
                        VCI = 64;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 36;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 9;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 34;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 30;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 32;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 38;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 38;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 35;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 8;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 8;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 8;
                        VCI = 81;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                } {
                        VPI = 0;
                        VCI = 100;
                        manu = 0;
                        encap = dslencap_pppoe;
                } {
                        VPI = 0;
                        VCI = 100;
                        manu = 0;
                        encap = dslencap_pppoa;
                } {
                        VPI = 0;
                        VCI = 100;
                        manu = 0;
                        encap = dslencap_pppoa_llc;
                }
        }
        shapers {
                name = "globalshaper";
                OutFragmentWhenVoIP = 0;
                shaperconnection {
                        enabled = yes;
                        targets = "";
                        name = "Fritz!Box";
                        limiters {
                                name = "default-out";
                                bps_limit {
                                        limit_total = 100;
                                        limit_p0 = 0;
                                        limit_p1 = 95;
                                        limit_p2 = 95;
                                        limit_p3 = 0;
                                }
                                pps_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                min_priority = 0;
                                max_priority = 3;
                                grouping_by_source_ip = no;
                                grouping_by_dest_ip = no;
                                grouping_by_source_port = no;
                                grouping_by_dest_port = no;
                                dynamic_balancing = no;
                                bps_child_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                pps_child_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                shapeOutgoingOnIncomingCounters = no;
                        } {
                                name = "default-in";
                                bps_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                pps_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                min_priority = 0;
                                max_priority = 0;
                                grouping_by_source_ip = no;
                                grouping_by_dest_ip = no;
                                grouping_by_source_port = no;
                                grouping_by_dest_port = no;
                                dynamic_balancing = no;
                                bps_child_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                pps_child_limit {
                                        limit_total = 0;
                                        limit_p0 = 0;
                                        limit_p1 = 0;
                                        limit_p2 = 0;
                                        limit_p3 = 0;
                                }
                                shapeOutgoingOnIncomingCounters = no;
                        }
                        out_rules {
                                name = "download-tcp-ack";
                                filter = "tcp and len <= 64";
                                priority = 2;
                                limiters = "default-out";
                        } {
                                name = "dns";
                                filter = "udp port 53";
                                priority = 1;
                                limiters = "default-out";
                        } {
                                name = "fon-rtp";
                                filter = "udp[8] = 0x80 or udp port 5060";
                                priority = 3;
                                limiters = "default-out";
                        } {
                                name = "http-requests";
                                filter = "(tcp dst port 80 or dst port 8080 or dst port 3128) and (len <= 800)";
                                priority = 1;
                                limiters = "default-out";
                        } {
                                name = "pri-out";
                                filter = "icmp";
                                priority = 1;
                                limiters = "default-out";
                        } {
                                name = "default";
                                filter = "";
                                priority = 0;
                                limiters = "default-out";
                        }
                        in_rules {
                                name = "default";
                                filter = "";
                                priority = 0;
                                limiters = "default-in";
                        }
                        demasquerade = no;
                }
        }
        RunVoIPDSLAutodetect = 0;
}


servercfg {
        hostname = "(none)";
        dns1 = 192.168.180.1;
        dns2 = 192.168.180.2;
}


websrv {
        port = "80";
        read_timeout = 15m;
        request_timeout = 30s;
        keepalive_timeout = 5m;
        nokeepalive = "*";
        errordir = "/usr/lib/websrv/errors";
        webdir = "/usr/www";
        cgidir = "cgi-bin";
        indexfn = "index.var", "index.htm", "index.html";
}


dhcpserver {
        saveinterval = 1h;
        generic {
                default_lease_time = 10d;
                max_lease_time = 13d;
        }
}


dhcpclient {
        metric = 9;
}


dnsserver {
        cache_maxKB = 16;
        negative_ttl = 5m;
}


ddns {
        accounts {
                enabled = yes;
                domain = "irgendwas.homeip.net";
                iface = 0;
                username = "--------";
                passwd = "--------";
                ddnsprovider = "dyndns.org";
        }
        types {
                type = "dyndns";
                url = "/nic/update?system=dyndns&hostname=<domain>&myip=<ipaddr>&wildcard=NOCHG";
        } {
                type = "dyndns-custom";
                url = "/nic/update?system=custom&hostname=<domain>&myip=<ipaddr>&wildcard=NOCHG";
        } {
                type = "dyndns-statdns";
                url = "/nic/update?system=statdns&hostname=<domain>&myip=<ipaddr>&wildcard=NOCHG";
        } {
                type = "noip";
                url = "/ducupdate.php?update=<b64>username=<username>&pass=<pass>&h[]=<domain>&ip=<ipaddr></b64>";
        } {
                type = "2mydns";
                url = "/dyn.asp?username=<username>&password=<pass>&hostname=<domain>&myip=<ipaddr>";
        } {
                type = "dns4biz";
                url = "/nic/update?hostname=<domain>&myip=<ipaddr>";
        } {
                type = "selfhost";
                url = "/nic/update?myip=<ipaddr>";
        } {
                type = "userdefined";
                url = "";
        }
        provider {
                name = "dyndns.org";
                type = "dyndns";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "dyndns.org-custom";
                type = "dyndns-custom";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "dyndns.org-statdns";
                type = "dyndns-statdns";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "No-IP.com";
        } {
                type = "selfhost";
                url = "/nic/update?myip=<ipaddr>";
        } {
                type = "userdefined";
                url = "";
        }
        provider {
                name = "dyndns.org";
                type = "dyndns";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "dyndns.org-custom";
                type = "dyndns-custom";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "dyndns.org-statdns";
                type = "dyndns-statdns";
                livedelay = 0w;
                touchtime = 30d;
                server = "members.dyndns.org";
                infourl = "http://www.dyndns.org/";
        } {
                name = "No-IP.com";
                type = "noip";
                livedelay = 4m;
                touchtime = 0w;
                server = "dynupdate.no-ip.com:8245";
                infourl = "http://www.no-ip.com/";
        } {
                name = "2myDNS";
                type = "2mydns";
                livedelay = 0w;
                touchtime = 0w;
                server = "dyn.2mydns.com";
                infourl = "http://www.2mydns.com/";
        } {
                name = "DNS4BIZ.DE Premium";
                type = "dns4biz";
                livedelay = 0w;
                touchtime = 0w;
                server = "au-eu.dns4biz.net";
                infourl = "http://www.dns4biz.com/services_avm.php3";
        } {
                name = "DNS4BIZ.DE Business";
                type = "dns4biz";
                livedelay = 0w;
                touchtime = 0w;
                server = "au-eu.dns4biz.biz";
                infourl = "http://www.dns4biz.com/services_avm.php3";
        } {
                name = "selfhost.de";
                type = "selfhost";
                livedelay = 0w;
                touchtime = 0w;
                server = "carol.selfhost.de";
                infourl = "http://www.selfhost.de";
        } {
                name = "Benutzerdefiniert";
                type = "userdefined";
                livedelay = 4m;
                touchtime = 0w;
                server = "";
                infourl = "http://";
        }
}


webui {
        username = "";
        password = "--------";
        expertmode = yes;
        wizard_completed = yes;
}


capiovertcp {
        enabled = yes;
        maxctrl = 4;
        port = 5031;
}


emailnotify {
        enabled = yes;
        interval = daily;
        From = "[email protected]";
        To = "[email protected]";
        SMTPServer = "192.168.2.29";
        accountname = "";
        passwd = "";
        show_eventlist = yes;
}


usbhost {
        readonly = no;
        password = "";
        autoprov_enabled = yes;
}


night_time_control {
        enabled = no;
        time_on = "";
        time_off = "";
        ring_blocked = no;
}


ntpclient {
        server_list = "0.europe.pool.ntp.org";
}


// EOF
- danach die Box neu starten.

Allerdings muß so die Box immer neu gestartet werden, wenn VoIP-Provider ein- bzw. abgeschaltet werden, weil sonst der voipd auf dem falschen Port (also wieder 5060) läuft.

Natürlich ist das alles ohne Gewähr, aber bei mir hats geklappt.

Hawedieehre.
Fant
 
Danke Fant!

Aber eine Frage hab ich noch -meine Box hat noch Garantie, wenn ich da jetzt das PRG ändere ist die ja wohl hin?

Wäre es nicht möglich die ganze Sache auf dem Asterisk direkt in folgender Art zu lösen:

lauschen auf 5060 (hier protokolliert er jetzt schon alles was die Box reinbekommt)

rausgehen auf 5062 (da die Box ja alles was über 5060 geht an sich reisst)

Hab ich da einen Knoten in meiner Denkstruktur, oder wäre das ein praktikabler Ansatz?
Wenn ja, wie muß ich dann überhaupt etwas in der forwarden?

grübelnde Grüße
 
Also ich würde das nicht als mod bezeichnen. Wenn Du irgendwelche Änderungen machst und hast ein Garantieproblem, dann mach das rückgängig. Ich denke aber nicht, daß die Dir was wollen, Du hast ja die Software nicht verändert, sondern bist einfach per Telnet in die Kiste rein.

Ich weiß nicht, ob das überhaupt gehen kann, die 5060 für zwei Rechner (Box/PC) zu nutzen, das muß meines Erachtens schief gehen. Aber setze die Adressen um, das ist kein großes Ding.

Zur Not geht immer ein Recover... ;-)

Hawedieehre.
Fant
 
wie krieg ich jetz eigentlich den asterisk durch die box, am liebsten wärs mir auf port 5060 weil man bei den meisten tools den port nicht ändern kann
und welche ports muss ich sonst noch weiterleiten, vorallem wie krieg ich die rtp pakete durch die box?
 
Ich leite folgende Ports durch (Ausschnitt aus dem Fritz!Box-Konfigmenü Portfreigabe):

Asterisk UDP 10000-10300 192.168.2.29 10000-10300
Asterisk TCP 5060 192.168.2.29 5060
Asterisk UDP 5060 192.168.2.29 5060

192.168.2.29 ist die interne Adresse des Asterisken. In der rtp.conf habe ich die Ports 10000-10300 angegeben und das funzt so. Der Firewall auf dem Server selbst macht es dann genauso.

Hawedieehre.
Fant
 
Can't make outgoing calls with modified port?

Hi Fant,
I must run AVM FBF on port 8891. I did modified ar7.cfg as you suggested. With these modifications i am able to recieve calls but can't make calls. I have turned packet capture on FBF & seen that when FBF is dailing it sends SIP/SDP Request packets on destination port 5060 instead of configured port 8891. Can you suggest any thing so that FBF sends SIP/SDP Request packets on destination port 8891. Here is captured packet:

No. Time Source Destination Protocol Info
68 0.000000 87.193.4.21 203.128.7.14 SIP/SDP Request: INVITE sip:[email protected], with session description

Frame 68 (1056 bytes on wire, 1056 bytes captured)
Ethernet II, Src: Avm_9c:39:45 (00:04:0e:9c:39:45), Dst: Unispher_a0:15:7e (00:90:1a:a0:15:7e)
PPP-over-Ethernet Session
Point-to-Point Protocol
Internet Protocol, Src: 87.193.4.21 (87.193.4.21), Dst: 203.128.7.14 (203.128.7.14)
User Datagram Protocol, Src Port: 8891 (8891), Dst Port: 5060 (5060)
Session Initiation Protocol

Also one more thing,In your previous message you said that you modified ar7.cfg on three places but I could find only 2 modified places in ar7.cfg file. Can you prove that it should be modified on 3 places or 2?

My configuration:

Registerar: my-isp:8891
SIP Listen: voipd -P 8891

Any suggession?

Mit freundlichen Grüßen.

majo
 
Hi Majo,

obviously I am unable to count my modifications. I changed 2 port numbers to 5062 only.

The SIP port provided by your vendor has to be 5060 according to IANA. Therefore FritzBox tries to reach your provider on that specific port.

If you have to use another external port like your-provider.net:8891 you have to modify your ar7.cfg again. Every 5060 you left untouched has to be changed to 8891. This opens your firewall and you will be able to reach the strange port.

But I do not know how to make the box connect the strange port your provider offers. My provider still keeps on listening on port 5060 so that I needed to modify my local ports only.

I have an idea to make your box run as you wish. Try to modify your voip.cfg which is located in /var/flash. Use nvi to edit the file. Search for the correct entry and modify the line

registrar = "bla.provider.com"

to


registrar = "bla.provider.com:8891"

This *MIGHT* work but I never tried.

Please give me note about your (hopefully achieved) success.

Regards,
Fant

...and sorry for my poor English.
 
Um antworten zu können musst du eingeloggt sein.

Zurzeit aktive Besucher

Gesamt: 528 (Mitglieder: 37, Gäste: 491)

Neueste Beiträge

Statistik des Forums

Themen
244,858
Beiträge
2,219,612
Mitglieder
371,571
Neuestes Mitglied
FritzFunk
Holen Sie sich 3CX - völlig kostenlos!
Verbinden Sie Ihr Team und Ihre Kunden Telefonie Livechat Videokonferenzen

Gehostet oder selbst-verwaltet. Für bis zu 10 Nutzer dauerhaft kostenlos. Keine Kreditkartendetails erforderlich. Ohne Risiko testen.

3CX
Für diese E-Mail-Adresse besteht bereits ein 3CX-Konto. Sie werden zum Kundenportal weitergeleitet, wo Sie sich anmelden oder Ihr Passwort zurücksetzen können, falls Sie dieses vergessen haben.
Ihr E-Mail-Adresse verifizieren

Ihr E-Mail-Adresse verifizieren

Wir haben Ihnen eine E-Mail geschickt. Klicken Sie auf die Schaltfläche im E-Mail-Text, um Ihre E-Mail-Adresse zu verifizieren – (Können Sie diese nicht finden können, dann überprüfen Sie Ihren Spam-Ordner).

IPPF im Überblick

Neueste Beiträge

Direktlinks Telefonanlage

Website-Sponsoren

3CX sponsor
KONTAKTIEREN SIE UNS BEI INTERESSE
| Style by ThemeHouse
XenPorta 2 PRO © Jason Axelrod of 8WAYRUN
Oben Unten
Zurück