Hi,

This is what I would like to do:

I have a domain name: abc.com
I also have a cloud server whose IP: 111.222.333.444
In zoneedit, I created an A record:

sip.abc.com to go to my cloudserver 111.222.333.444

This is fine so far. if I type sip.abc.com I can see my apache webpage. I can also access my webmin if I type sip.abc.com:10000

This means that all ports are forwarded to my new cloudserver.

Now, I have a voip service provider at 222.333.444.555
who I want to hide from my friends and a few clients I have. What I want to do is the following:

sip.abc.com will go to my cloudserver who will then unconditionally forward all requests to my voip provider except port 80.

That way if someone types sip.abc.com in their web browser they see my apache webpage on my cloudserver but not my voip provider's webpage.

How can I do this?

Only thing a google search is returning web proxy related stuff - did some study but transparent proxy is probably not the right tool for this. Any help or direction from expert DNS/Network experts here would greatly be appreciated. If someone wants a reasonable small fee, I can pay too, in that case please pm me.

Thanks,

KK

ALL ports? I really don't think you actually want to do that. It seems like you should be using different hostnames here. Why are you trying to hide the provider so much?

Maybe not all ports but ports 5000 to 6000 are used for IAX and SIP protocols and then for media RTP 10000 to 40000 are used. Different providers use different range for RTP but for SIP its port 5060 - 5080. So I want to pass everything or at least these ranges through my server but drop port 80.

Why I want to hide it?
I configured a bunch of my friend and family's computer and IP phones with services from voipbuster,voipcheap, etc. alike. Some of their friends are now asking for the voip long distance services. I am told by my friends that I can margin it up by $5 to $10 per month and make a few pennies. Nothing wrong with that, right? Anyway, if I just give them the providers server address to configure their sip phones, some of them will find out who they are and go directly. That is why I want to hide.

Let me know if you have know how to pass through everything through a server but just drop port 80. I can use the linux firewall to drop 80 but how do I then redirect?

Thanks for any help.

KK

well you really MUST be selective. That can be a selection of a thousand I suppose, but still do it.

There is probably an issue of understanding the SIP / RTP traffic flows. Unless you are jumping out to PSTN or similar, your RTP traffic will flow between the two end points, not via your server, only the SIP data will flow to that. I don't know if natting traffic will cause a logical breakdown in what's going on with that, as original source addresses are often important to establishing the flow. You may prefer to look at a proper sip proxy - http://www.nongnu.org/partysip/partysip.html

Thanks Chris, I will look into the SIP Proxy servers. Do you think Sip Express Routers / Session Border Controllers will be a better option? Any knowledge on these as whether they will allow what I am trying to achieve which is to just pass through sip ports and block port 80?

Thanks,

KK