Pfseanse ignores RTP/SIP traffic

  • Hello, I'm using Pfsense firewall and I have a problem, I am being attacke by several IP addressed around the world, I have opened rules and blocked all of the IP that are attacking me, but one IP is attacking me through telephonic traffic sip/rtp among the rest through ports 5060 and the Pfsense ignores that traffic despite of the fact that I'm blocking it. What can I do? How can I block TP/SIP traffic to specific IP addresses?

  • Rules are read from top to bottom. Make sure your block rules are at the top and use "Any" protocol…

  • The rule is first from the top and I also blocked "any" protocol and still he doesn't block me the traffic of the RTP in ports 5060, he just ignores them and I have no idea why, could it be that there is a definition in the firewall that says to ignore the telephonic traffic?

  • If you are running a telephony client or server behind pfsense, don´t use port forwarding and only allow inbound from your voip provider´s ip range. I see pfsense blocking quite a lot of connection attempts on port 5060 these days.

Log in to reply