SIP implementation incompatible with firewall configuration.

Binary package hint: ekiga

SIP is strictly signaling, and the audio/video component of the calls occurs as part of an arranged connection. When negotiating a port for audio (and possibly video; I didn't test that) media, Ekiga does not choose a consistent, configurable or predictable receive port. Since I'm running a firewall (firehol) on the same machine as Ekiga, that means I can't selectively open up a port for it. I can, of course, tell firehol to allow SIP traffic, but it (and iptables) can't predict where the callback connection for audio and video media will be, portwise; telling it to allow SIP traffic only opens up the signaling pathways.

Since I can't configure this in Ekiga, and since Ekiga isn't predictable or consistent in choosing its own ports, I can't configure my firewall to open up the relevant ports. My only option, short of setting up a local proxy, would be allowing all incoming UDP traffic, which seems ridiculous.

Description: Ubuntu 9.10
Release: 9.10

ekiga:
  Installed: 3.2.5-1ubuntu1
  Candidate: 3.2.5-1ubuntu1
  Version table:
 *** 3.2.5-1ubuntu1 0
        500 http://us.archive.ubuntu.com karmic/main Packages
        100 /var/lib/dpkg/status

ProblemType: Bug
Architecture: amd64
CheckboxSubmission: c02fcea4c1d29eba39eee29bde12a1cc
CheckboxSystem: edda5d4f616ca792bf437989cb597002
Date: Wed Mar 24 20:22:39 2010
DistroRelease: Ubuntu 9.10
ExecutablePath: /usr/bin/ekiga
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
NonfreeKernelModules: nvidia
Package: ekiga 3.2.5-1ubuntu1
ProcEnviron:
 SHELL=/bin/bash
 PATH=(custom, user)
 LANG=en_US.UTF-8
ProcVersionSignature: Ubuntu 2.6.31-20.58-generic
SourcePackage: ekiga
Uname: Linux 2.6.31-20-generic x86_64