Bug 137882

Summary: TestYourVoIP.com can't connect -- other machines on same network can
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Bryce Nesbitt <bryce2>
Component: BasesystemAssignee: Ludwig Nussel <lnussel>
Status: RESOLVED INVALID QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: locilka
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: http://www.testyourvoip.com/
Whiteboard:
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Bryce Nesbitt 2005-12-09 19:25:24 UTC 
I've used http://www.testyourvoip.com/ many times.  Since upgrading to SUSE, I can't.  I get:

------------------------------------------------------------------------------
Your computer couldn't call our location on the standard SIP port (5060) or a commonly available port (6000). This suggests that a firewall is blocking all UDP access including SIP. Please check the following:

    * Your Personal Firewall, if you are using Windows XP, may be filtering the SIP and UDP ports used for communication.
    * Your home firewall or your broadband provider's firewall may be blocking the SIP and UDP ports used for communication.

Please check these firewall settings and ensure that UDP ports 5060 and 50000 - 50100 are open for RTP streams and SIP signaling. Then re-run your test.
---------------------------------------------------------------------------


Of course I've opened those ports in the firewall:

ACCEPT     tcp  --  0.0.0.0/0  0.0.0.0/0           tcp dpt:22
ACCEPT     udp  --  0.0.0.0/0  0.0.0.0/0           udp dpts:50000:50100
ACCEPT     udp  --  0.0.0.0/0  0.0.0.0/0           udp dpt:5060
ACCEPT     udp  --  0.0.0.0/0  0.0.0.0/0           udp dpt:138
ACCEPT     udp  --  0.0.0.0/0  0.0.0.0/0           udp dpt:137

I even tried with the firewall totally OFF ---- same results.

Other computers on the same network have no trouble.
Can you try this, and let me know if it is a SUSE thing?
Is it an ipv6 thing?
Comment 1 Ludwig Nussel 2005-12-12 12:21:24 UTC 
No idea. Ports 22, 138, 137 are not required for VoIP for sure though. Opening them to the internet is bad.
Comment 2 Bryce Nesbitt 2005-12-12 17:16:07 UTC 
22,137,138 are open for SSH & Samba.

Samba is open to the external network, because YaST offers no obvious way to restrict it to the local network (the firewall documentation is very confusing - and does not mention the local network anywhere).

None of that has anything to do with the bug report.  The testyourvoip site fails even if SUSE Firewall is OFF.  Does http://www.testyourvoip.com/ work from your SUSE machines?  From your Windows based machines?
Comment 3 Ludwig Nussel 2005-12-12 17:20:29 UTC 
I don't know and honestly I don't care what some random site on the internet claims. It's also not a firewall bug if it doesn't even work without firewall. Note this is a bug tracking system rather than a support forum.

I'll forward your concern wrt YaST to the appropriate maintainer though so thanks for that!
Comment 4 Bryce Nesbitt 2005-12-12 18:25:03 UTC 
When perfectly reasonable websites -- that work from Redhat -- that work from Windows -- don't work on SuSE, that's a bug.  Maybe not a firewall bug though.

Where SHOULD I report it, if not here?
Comment 5 Bryce Nesbitt 2005-12-12 18:32:13 UTC 
Note that this site works from Redhat and Windows on the *SAME MACHINE* when booted into those operating systems.
Comment 6 Lukas Ocilka 2005-12-13 07:31:55 UTC 
Responsing to the comment #2 -> "Samba is open to the external network, because YaST offers no obvious way to restrict it to the local network" ->

Bryce, could you, please specify, how did you configure the firewall and which documentation did you use for that?
Do you have more network cards - one for the external and another for the internal network or just one?

Thanks
Comment 7 Bryce Nesbitt 2005-12-13 16:26:12 UTC 
I have one network card, as is typical for home users with home broadband.

I used Yast, the printed manual, and /etc/sysconfig/SuSEFirewall2 as documentation.

I tried adding samba to the "internal zone", the "dmz" and the "internal zone".  Either samba did not work, it was open from everywhere (not just the 192.168.1.xxx subnet).

----------------------------------------------------
http://www.testyourvoip.com/ continues to fail on SuSE.
But it still works from the windows machine sitting next to me, the
RedHat machine, and the other windows machine all on the local network.