So on a customers network I was having issues with what looked like port blocking based on the source address of my UDP packets. Weird eh? Basically whenever a remote SIP client registered with my asterisk box it would work for a while, then eventually the responses from asterisk would get blocked. I put this down to a defective router somewhere in the communication path. My work around which seemed to work was to change the UDP port asterisk was using for SIP and use iptables to reroute from the original port to the new port. This way the response would come from the new port and not get blocked. And it worked to!! This is what I did to move the ports /sbin/iptables -t nat -F /sbin/iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5060 -j REDIRECT --to-ports $port sed -i "s/bindport.*/bindport=$port/" /etc/asterisk/sip.conf /etc/init.d/asterisk restart buuuuuuut....., the iptables flush doesn't work, and there is nothing that seems to make it work. after a while see this with tcpdump 14:37:20.064722 IP 192.168.10.97.5060 > 192.168.10.59.5067: SIP, length: 4 14:37:20.064772 IP 192.168.10.97.5060 > 192.168.10.59.5062: SIP, length: 4 14:37:20.064783 IP 192.168.10.97.5060 > 192.168.10.59.5064: SIP, length: 4 14:37:20.064800 IP 192.168.10.97.5060 > 192.168.10.59.5065: SIP, length: 4 14:37:20.064834 IP 192.168.10.97.5060 > 192.168.10.59.5066: SIP, length: 4 14:37:20.064990 IP 192.168.10.97.5060 > 192.168.10.59.5063: SIP, length: 4 14:37:20.065025 IP 192.168.10.97.5060 > 192.168.10.59.5060: SIP, length: 4 It looks like the packets get cloned multiple times (each time I move the port). What is worse is I cannot switch back to port 5060 because of it. I've done just about everything I can imagine to get iptables to behave properly. Putting aside my original issue with the external source port blocking, has anybody seen anything like this before? The only thing I can do to restore the kernel firewall is to reboot.