FreeSWITCH 1.0.0 “Phoenix” Released!

FreeSWITCH 1.0.0 “Phoenix” has been released. Congratulations to Anthony, Mike, Brian and everybody who has contributed to make this happen! For quite some time I have witnessed FS in the making on irc and the mailinglist. The amount of effort that has gone into creating FS is quite astonishing. It’s all too easy to take great Open Source projects like FreeSWITCH for granted but let’s not forget about the time and money the team has sunk into this project. It would be great if the Community starts helping out (more) with documenting things on the Wiki, bugfixes, testing etc. I look forward to give FreeSWITCH another whirl and see what has changed since last time I messed with it.

OpenVPN and firewall rules on RHEL 5 or CentOS 5

It took me a bit too long to figure out how to add a masquerade rule to the server’s firewall so openvpn clients can reach the Intarweb too. So here it is in case you are looking to do the same:

# service iptables stop
# iptables -t nat -A POSTROUTING -s <network/cidr> -o <interface> -j MASQUERADE
# service iptables save
# service iptables restart

Example of <ip network/cidr>: 10.0.1.0/24
Example of <ethernet interface>: eth0

You can find the added rule in /etc/sysconfig/iptables

And make sure that you have IP forwarding enabled too or else it will still not work:

# echo “1” > /proc/sys/net/ipv4/ip_forward

Update:

The solution above does not cover the situation where you already have firewall rules active and want to *add* the masquerading rule to your existing firewall rules. The solution is explained below. Note that you do *not* stop your active firewall to make this work. You should also make a backup of your existing firewall rules so you can go back to the original firewall configuration in case something goes wrong.

# cp /etc/sysconfig/iptables /etc/sysconfig/iptables.backup
# iptables -t nat -A POSTROUTING -s <network/cidr> -o <interface> -j MASQUERADE
# service iptables save
# service iptables restart

That’s it. If you open /etc/sysconfig/iptables you should see the masquerading rule at the top. And if you issue the command “service iptables status” then you should see the new masquerading rule active.