From mboxrd@z Thu Jan  1 00:00:00 1970
From: sean darcy <seandarcy2@gmail.com>
Subject: does -p udp --dport 5060 not work with -j LOG?
Date: Wed, 30 Apr 2008 18:27:43 -0400
Message-ID: <fvarov$iq2$1@ger.gmane.org>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Return-path: <netfilter-owner@vger.kernel.org>
Sender: netfilter-owner@vger.kernel.org
List-ID: <netfilter.vger.kernel.org>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
To: netfilter@vger.kernel.org

I'm trying to figure out why my sip port forwarding doesn't work.

$IPT -t nat -A PREROUTING -i external -p udp --dport 5060 -j DNAT --to 
10.10.10.180:5060
$IPT -A FORWARD -p udp -m state --state NEW -d 10.10.10.180 --dport 5060 
-j ACCEPT

So before everything I put:

$IPT -t nat -A PREROUTING -i external -p udp --sport 5060 --dport 5060 
-j LOG --log-prefix "SIP-BEFORE:  "

(I also tried it without --sport.)

But in syslog I get packets both from "lan" my internal interface:

SIP-BEFORE:  IN=lan OUT= MAC=01:00:5e:7f:ff:fa:00:15:99:25:e1:32:08:00 
SRC=10.10.10.102 DST=239.255.255.250 LEN=364 TOS=0x00 PREC=0x00 TTL=1 
ID=33785 PROTO=UDP SPT=1024 DPT=1900 LEN=344
SIP-BEFORE:  IN=lan OUT= MAC=01:00:5e:7f:ff:fa:00:15:99:25:e1:32:08:00 
SRC=10.10.10.102 DST=239.255.255.250 LEN=372 TOS=0x00 PREC=0x00 TTL=1 
ID=33795 PROTO=UDP SPT=1024 DPT=1900 LEN=352

And, from the external interface, it logs all udp ports:

SIP-BEFORE:  IN=external OUT= 
MAC=00:48:54:8b:ab:29:00:1a:e2:84:bf:3b:08:00 SRC=xxx.yyy.113.22 
DST=xxx.yyy.167.178 LEN=126 TOS=0x04 PREC=0x00 TTL=112 ID=56357 
PROTO=UDP SPT=17214 DPT=32375 LEN=106
SIP-BEFORE:  IN=external OUT= 
MAC=00:48:54:8b:ab:29:00:1a:e2:84:bf:3b:08:00 SRC=xxx.yyy.113.22 
DST=xx.yy.167.178 LEN=126 TOS=0x04 PREC=0x00 TTL=112 ID=56357 PROTO=UDP 
SPT=17214 DPT=32375 LEN=106

So any suggestions on port forwarding sip appreciated. I'm disappointed 
I can't figure this out myself using -j LOG (:

sean