[ previous ] [ next ] [ threads ]
 
 From:  mgraves at mstvp dot com
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: Re: [m0n0wall] pinhole timing?
 Date:  Tue, 18 Feb 2014 08:08:45 -0700
--------- Original Message --------- Subject: Re: [m0n0wall] pinhole timing?
From: "Lee Sharp" <leesharp at hal dash pc dot org>
Date: 2/17/14 11:14 pm
To: m0n0wall at lists dot m0n0 dot ch

On 02/17/2014 02:16 PM, mgraves at mstvp dot com wrote:
 > Hello All,
 >
 > Can someone please tell me how long m0n0wall maintains a pinhole when an inside client makes a
hole to reach an external host?
 >
 > I have a SIP phone that's losing access to the far-end SIP registry server. When the fault
happens the external server tries to ring the phone but it generates a (SIP)408-Timeout.
 >
 >
 > I've set the SIP keep-alive to 30 seconds in the phone, but that doesn't seem to have helped.
 >
 > It's not clear if this is something new since I installed the latest release a few weeks ago.
 
 It is not a pinhole, but a state. When you open an outbound connection, 
 it can allow traffic both ways. But once the connection ages out, it is 
 gone for inbound traffic. A keepalive only creates a new session. As 
 for how long this is, you will have to sniff your client to see when it 
 is closing down the state.
 
 Lee
 
OK, thanks. That helps a bit. I have the device in question connected to a hub that's shared with a
PC running Wireshark. I can see the SIP traffic for registration, call setup, etc.
 
I don't see anything that looks like the phone closing down the connection. What would that look
like? 
 
Also, is there any way to monitor the state table so that I'm notified when it changes for a
particular target IP address?
 
Michael