我怀疑路由器或 上的防火墙或其他安全措施tleilax导致dogeSIP 呼叫出现问题。如何确定连接是被允许的并且没有被阻止?
我只想从192.168.1.3拨打SIP 电话192.168.1.4;或者根本不拨打电话。铃声?嘟嘟声?ping 声?某种“hello world”连接。
192.168.1.1 netgear router
192.168.1.2 asterisk (vicidial)
192.168.1.3 ubuntu client
192.168.1.4 mac OSX client (not shown)
我是否存在防火墙问题,是否会影响软电话建立连接?
thufir@doge:~$
thufir@doge:~$ nmap 192.168.1.1
Starting Nmap 6.46 ( http://nmap.org ) at 2015-02-18 06:10 PST
Nmap scan report for 192.168.1.1
Host is up (0.0086s latency).
Not shown: 994 closed ports
PORT STATE SERVICE
23/tcp open telnet
53/tcp open domain
80/tcp open http
3333/tcp open dec-notes
5555/tcp open freeciv
49152/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 0.14 seconds
thufir@doge:~$
thufir@doge:~$ nmap 192.168.1.2
Starting Nmap 6.46 ( http://nmap.org ) at 2015-02-18 06:10 PST
Nmap scan report for 192.168.1.2
Host is up (0.00027s latency).
Not shown: 997 filtered ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 4.95 seconds
thufir@doge:~$
thufir@doge:~$
thufir@doge:~$ ssh [email protected]
Password:
Last login: Mon Feb 16 00:43:01 2015 from 192.168.1.2
Thank you for installing ViciBox Server v.6.0!
This software is available for free download at
http://www.vicibox.com. If you paid for this
software you have been ripped off. Please report
any fraud or abuses of this software to
[email protected]. Please report any bugs on
the forum at http://www.vicidial.org
To configure the LAN settings type:
yast lan
To change the server IP in the database type:
/usr/share/astguiclient/ADMIN_update_server_ip.pl
Official paid-for ViciDial support is available at
http://www.vicidial.com
Free community-based ViciDial Support is available
at http://www.vicidial.org/VICIDIALforum
- ViciBox Redux v.6.0.3-141118
Could not chdir to home directory /home/thufir: No such file or directory
thufir@tleilax:/>
thufir@tleilax:/> nmap 192.168.1.3
Starting Nmap 6.40 ( http://nmap.org ) at 2015-02-18 09:14 EST
Nmap scan report for 192.168.1.3
Host is up (0.00075s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
22/tcp open ssh
2000/tcp open cisco-sccp
Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds
thufir@tleilax:/>
thufir@tleilax:/>
也可以看看:
答案1
这确实是一个网络故障排除问题,而不是 InfoSec。nmap 是扫描端口的绝佳工具,但由于您确实可以访问每个端点,因此我会使用 netcat 来排除故障。
根据维基百科,SIP 监听 5060 / 5061(UDP 或 TCP)。要验证哪个端口正在监听,您可以使用 SIP 服务器上的以下工具之一:
- lsof -P -n -iTCP -sTCP:监听,已建立
- 网络状态监测
- tcpview(TCPVCON)
一旦您弄清楚了正在监听的内容,您就可以使用 Netcat 来验证防火墙是否阻止了连接/端口。
- 停止 SIP 服务器,这样端口就不会被监听并且可以自由使用
- 跑步:netcat -l [-u] 506[0-1]
- 来自客户:网猫SIP 服务器 IP 地址[-u] 506[0-1]
- 在一个端点上输入一些随机文本,如果它出现在另一个端点上,则流量不会被阻止。
-u 代表 UDP,默认为 TCP
答案2
要用图片回复您的评论:您在一个客户端上输入的内容会出现在另一个客户端上:
