[ previous ] [ next ] [ threads ]
 From:  Lee Sharp <leesharp at hal dash pc dot org>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] pinhole timing?
 Date:  Mon, 17 Feb 2014 23:14:38 -0600
On 02/17/2014 02:16 PM, mgraves at mstvp dot com wrote:
> Hello All,
> Can someone please tell me how long m0n0wall maintains a pinhole when an inside client makes a
hole to reach an external host?
> I have a SIP phone that's losing access to the far-end SIP registry server. When the fault happens
the external server tries to ring the phone but it generates a (SIP)408-Timeout.
> I've set the SIP keep-alive to 30 seconds in the phone, but that doesn't seem to have helped.
> It's not clear if this is something new since I installed the latest release a few weeks ago.

It is not a pinhole, but a state.  When you open an outbound connection, 
it can allow traffic both ways.  But once the connection ages out, it is 
gone for inbound traffic.  A keepalive only creates a new session.  As 
for how long this is, you will have to sniff your client to see when it 
is closing down the state.