FireWall Ports  Network Protocol    Application Protocol    Description

1719    UDP H.323 Gatekeeper RAS port
1720    TCP H.323 Call Signaling

3478    UDP STUN service    Used for NAT traversal
3479    UDP STUN service    Used for NAT traversal

5002    TCP MLP protocol server
5003    UDP Neighborhood service

5060    UDP & TCP   SIP UAS Used for SIP signaling (Standard SIP Port, for default Internal Profile)
5070    UDP & TCP   SIP UAS Used for SIP signaling (For default "NAT" Profile)
5080    UDP & TCP   SIP UAS Used for SIP signaling (For default "External" Profile)

8021    TCP ESL Used for mod_event_socket *

16384-32768 UDP RTP/ RTCP multimedia streaming  Used for audio/video data in SIP and other protocols

5066    TCP Websocket   Used for WebRTC
7443    TCP Websocket   Used for WebRTC		
		
		

fail2ban 自动拦截恶意注册

		
firewall-cmd --zone=public --add-port=1719/udp  --permanent
firewall-cmd --zone=public --add-port=1720/tcp  --permanent
firewall-cmd --zone=public --add-port=3478-3479/udp  --permanent
firewall-cmd --zone=public --add-port=5002/tcp  --permanent
firewall-cmd --zone=public --add-port=5003/udp  --permanent
firewall-cmd --zone=public --add-port=5060/udp  --permanent
firewall-cmd --zone=public --add-port=5060/tcp  --permanent
firewall-cmd --zone=public --add-port=5070/udp  --permanent
firewall-cmd --zone=public --add-port=5080/udp  --permanent
firewall-cmd --zone=public --add-port=5006/tcp  --permanent
firewall-cmd --zone=public --add-port=5007/tcp  --permanent
firewall-cmd --zone=public --add-port=5008/tcp  --permanent
firewall-cmd --zone=public --add-port=8021/tcp  --permanent
firewall-cmd --zone=public --add-port=16384-32768/udp  --permanent
firewall-cmd --zone=public --add-port=5066/tcp  --permanent
firewall-cmd --zone=public --add-port=7443/tcp  --permanent
		
		
		

重启防火墙

		
firewall-cmd --reload		
		
		

查看已开放的端口

		
firewall-cmd --list-ports