To determine if port 5060 (commonly used for SIP services) is open and listening on your CentOS system:
# Check if port is listening locally
ss -tulnp | grep 5060
# Alternative using netstat
netstat -tulnp | grep 5060
To verify if the port is accessible externally:
# From another machine on the same network:
telnet your_server_ip 5060
nc -zv your_server_ip 5060
# If you need to install netcat:
yum install nc -y
To confirm your server has a public IP and isn't behind NAT:
# Check your public IP
curl ifconfig.me
curl icanhazip.com
# Compare with local IP
ip addr show
For CentOS 7/8 firewall management:
# Check firewall status
systemctl status firewalld
# View open ports
firewall-cmd --list-ports
# Add port 5060 if needed
firewall-cmd --permanent --add-port=5060/udp
firewall-cmd --permanent --add-port=5060/tcp
firewall-cmd --reload
For comprehensive testing:
# Install nmap for port scanning
yum install nmap -y
# Scan your own server
nmap -sU -sT -p 5060 localhost
# External testing (from another machine)
nmap -sU -sT -p 5060 your_public_ip
For SIP protocol verification:
# Install sipp for SIP testing
yum install sipp -y
# Basic SIP test (from another machine)
sipp -sn uac your_server_ip:5060
To check if your ISP is blocking the port:
# Test from outside your network
# Use online port checking services like:
# https://www.yougetsignal.com/tools/open-ports/
# https://portchecker.co/
To determine if port 5060 (commonly used for SIP services) is open and listening on your CentOS system, you can use several command-line tools:
# Check if port is listening locally
sudo netstat -tulnp | grep 5060
# Alternative using ss command
sudo ss -tulnp | grep 5060
# Check with nmap (install via yum install nmap)
nmap -sT -p 5060 localhost
Local checks don't guarantee external accessibility. To test from outside:
# On remote machine test connection (replace with your server IP)
telnet your.server.ip 5060
nc -zv your.server.ip 5060
To verify if your system has a public IP and proper routing:
# Check your public IP
curl ifconfig.me
curl icanhazip.com
# Compare with local interface IPs
ip addr show
ip route show
Examine iptables/nftables rules that might block SIP traffic:
# Check current firewall rules
sudo iptables -L -n -v | grep 5060
sudo nft list ruleset | grep 5060
# For firewalld
sudo firewall-cmd --list-all | grep 5060
Here's a comprehensive bash script to test SIP port configuration:
#!/bin/bash
PORT=5060
EXT_IP=$(curl -s ifconfig.me)
echo "=== SIP Port (5060) Connectivity Test ==="
echo "Public IP: $EXT_IP"
echo -e "\n[1] Checking local listeners..."
sudo ss -tulnp | grep $PORT || echo "No local service listening on $PORT"
echo -e "\n[2] Testing external accessibility..."
if which nc &>/dev/null; then
echo "Testing with netcat from localhost..."
nc -zv localhost $PORT && echo "Success" || echo "Failed"
echo -e "\nNote: For complete testing, try from external machine:"
echo "nc -zv $EXT_IP $PORT"
else
echo "netcat not installed (install with: yum install nc)"
fi
echo -e "\n[3] Checking firewall rules..."
if which iptables &>/dev/null; then
echo "IPTables rules for $PORT:"
sudo iptables -L -n -v | grep $PORT || echo "No specific rules found"
fi
if which firewall-cmd &>/dev/null; then
echo -e "\nFirewalld configuration:"
sudo firewall-cmd --list-ports | grep $PORT && echo "Port $PORT is open" || \
echo "Port $PORT not explicitly opened in firewalld"
fi
For more thorough testing, consider these approaches:
- Use
tcpdumpto monitor SIP traffic:sudo tcpdump -i any port 5060 -vv - Test with SIPp (SIP testing tool):
sipp -sn uac remote_ip:5060 - Check NAT traversal if behind a gateway:
stunclient stun.server.com