[arch-general] Google Voice through iptables?

Bill Sun cap.sensitive at gmail.com
Wed Apr 25 12:49:50 EDT 2012 

Hi,

I just tried to use google voice to contact someone, after 2 'dialing
sounds', I couldn't hear anything. After I stopped iptables, I can make
phone calls via google voice successfully.

I searched the web, and found 2 possible solutions: [1] and [2]. Then I
added iptables rules according to their instructions, but none of them
worked.

Also, I noticed that my browser just kept trying to receive/send data to
relay.google.com (Waiting for relay.google.com)

How to configure iptables so I can use google voice with iptables
enabled?

[1]: http://support.google.com/talk/bin/answer.py?hl=en&answer=27930
[2]: http://juberti.blogspot.com/2010/08/google-voice-and-video-enterprise.html

(see attachment for my iptables.rules)

Regards,
Bill
-------------- next part --------------
*filter
-P INPUT   DROP
-P OUTPUT  DROP
-P FORWARD DROP

-A INPUT  -i lo -j ACCEPT
-A OUTPUT -o lo -j ACCEPT

-A INPUT  -p icmp --icmp-type echo-request -j ACCEPT
-A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
-A INPUT  -p icmp --icmp-type echo-reply   -j ACCEPT
-A OUTPUT -p icmp --icmp-type echo-reply   -j ACCEPT

-A INPUT  -p udp --sport 53 -j ACCEPT
-A OUTPUT -p udp --dport 53 -j ACCEPT

-A INPUT  -p tcp --sport 22 -j ACCEPT
-A OUTPUT -p tcp --dport 22 -j ACCEPT

# ftp MUST die!
-A INPUT  -p tcp -m multiport --sports 20,21 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 20,21 -j ACCEPT
-A INPUT  -p tcp -m state --state ESTABLISHED         --sport 1024: --dport 1024: -j ACCEPT
-A OUTPUT -p tcp -m state --state ESTABLISHED,RELATED --sport 1024: --dport 1024: -j ACCEPT

# HTTP & HTTPS
-A INPUT  -p tcp -m multiport --sports 80,443 -j ACCEPT
-A OUTPUT -p tcp -m multiport --dports 80,443 -j ACCEPT

# NTP
-A INPUT  -p udp --sport 123 -j ACCEPT
-A OUTPUT -p udp --dport 123 -j ACCEPT

# GIT
-A INPUT  -p tcp --sport 9418 -j ACCEPT
-A OUTPUT -p tcp --dport 9418 -j ACCEPT

# POP3/S
-A INPUT  -p tcp --sport 110 -j ACCEPT
-A OUTPUT -p tcp --dport 110 -j ACCEPT
-A INPUT  -p tcp --sport 995 -j ACCEPT
-A OUTPUT -p tcp --dport 995 -j ACCEPT

# Gmail
-A INPUT  -p tcp --sport 587 -j ACCEPT
-A OUTPUT -p tcp --dport 587 -j ACCEPT

# Google Voice (not working)
-A INPUT  -p udp --sport 19295 -j ACCEPT
-A OUTPUT -p udp --dport 19302 -j ACCEPT
-A INPUT  -p udp --sport 19295 -j ACCEPT
-A OUTPUT -p udp --dport 19302 -j ACCEPT

COMMIT

More information about the arch-general mailing list