I am currently configuring IP Tables for my Thirdlane MTE box, and I wanted to know what ports I need to leave open for Thirdlane MTE/SIP/registration/devices.
Thanks.
it depends on what services
it depends on what services you want to allow.
the voip-info wiki will give you a few examples of ports.
raven, your RTP information
raven, your RTP information is incorrect. rtp.conf defines the ports as 10000-20000, unless you have other SIP based applications running on your PBX, sip.conf is limited to just 5060 so the range specified is incorrect.
also if you are using T38 you also need to consider the port ranges of udptl.conf 4000 - 4999
and it would be VERY unwise to unblock 5038 to the world. If your PBX has an Achilles heel, the AMI port is that tendon.
i'm following cisco.
you're right about the conf files. however cisco tends to release its equipment with rtp set for 16384 - 32767 so I modified my pbx. Forgot the base conf file was defaulted to 10-20K, which no voip device I've run across is set equivalent. Also right about 5038, that actually needs the 'established' hole in the firewall to complete the CRM pop, but I forgot to write all that out. Anyway the guy was looking for some port numbers and no one was giving him any, so good thing we could add to the discussion and he can sift through it to see what he might need.
Use the ISO to set up the box, it sets up the Linux Firewall for you. If you run an additional firewall other then the box itself, you can always take a look at the IP tables after the install or use the Webmin interface for the more GUI inclined.