What is this for?
It is preferable to make custom template
This is the model of nethserver, if you dont update this file, and alter config with interface of nethserver, his alter the original file.
1 Like
That makes sense. It’s the template file location that the nethserver interface is based on and then writes to the config files from those. That’s good to know! Thanks!
I’ve confirmed that this works for mine too. So should we submit a feature request to expose this as a check-box option in the web interface?
all calls are made without problems?
so workaroud is :
- mkdir -p /etc/e-smith/templates-custom/etc/shorewall/shorewall.conf
- cp /etc/e-smith/templates/etc/shorewall/shorewall.conf/60options
/etc/e-smith/templates-custom/etc/shorewall/shorewall.conf/60options - sed -i -e ‘s/DONT_LOAD=/DONT_LOAD=nf_nat_sip/g’ /etc/e-smith/templates-custom/etc/shorewall/shorewall.conf/60options
- signal-event firewall-adjust
2 Likes
Now you’re just showing off! 
I ran out of time and had to go pick up my daughter, but I placed several incoming and outgoing calls and they all worked. I’ll do more testing tomorrow morning.
Confirmed. All calls are working. I made at least a dozen test calls this morning.
Is there a possibility of this being added to the GUI?
Bump. Is this going to be added as a check-box to disable/enable this shorewall module?
This module is using while you configure grant bandwidth for SIP traffic. So maybe it its better to configure rather disabling module.
and my workaround VoIP behind NethServer works
Workarounds are nice and all, but at the end of the day, wouldn’t it be better to improve NethServer and have something that’s easier to use?
sure…
NS is open source and you and your code are welcome 
@Adam I think we need to be sure that it’s not a bug in the nf_nat_sip kernel module before disabling it entirely.
I’ll try to understand the problem next week, but if someone has more information about sip problems, please share them.
Thank you.
1 Like
Haha! Good answer! I used to program a bit around 15 years ago. As much as I’d love to contribute in that area, all of that knowledge has since faded. So for now, I have the resources to do some solid testing and provide my results.
Thank you, Filippo. Please let me know if there are any specific logs or other information I can provide to help.
I did see a lot of information saying that the shorewall sip ALG modules are known to cause issues and it’s common practice to disable them if the PBX you’re using has settings for NAT. It makes sense to me since you don’t want the router changing packet headers when the PBX is already compensating for NAT.
Some links to those info would be perfect. Thanks.
1 Like
This is probably the most valid one to mention since it’s in the shorewall FAQ:
http://shorewall.net/FAQ.htm
Thank you @Adam.
I still can’t understand the source of the problem, though.
I read some docs, see these:
http://www.asteriskguru.com/tutorials/sip_nat_oneway_or_no_audio_asterisk.html
Do you think we’ll be safe if we modify NethServer to follow shorewall faq #77? Or we need an option to enable the faq only in case of problems?
If a PBX doesn’t have the ability to change packet headers to ‘hide’ NAT, it may be required to have the sip helpers enabled. So the preferred solution would be to have the option to enable/disable them as needed.