Greetings:

Does anyone know if there is any type of application proxy for ipfilter
and SIP on NetBSD?  Ipfilter has an application proxy for outgoing active
mode FTP, and Linux has a SIP application proxy that works with its
IPTables, but I cannot find any solution for NetBSD.  The Linux Shorewall
distribution is able to do this right out of the box, so hopefully some
solution exists for NetBSD.

I have a Cisco 7960 IP phone (SIP based) with a vonage soft account,
which accesses the Internet via a NetBSD router (running NetBSD 3.1,
ipfilter & ipnat).  The IP phone does not have any difficulties calling
out, but more than 80% of the incomming calls are blocked by ipfilter.
I can observe the blocked incoming UDP SIP packets using ipmon.  If I
configure ipfilter to allow all incoming traffic, then the IP phone is
able to receive all of the calls without any problems.  But neutralizing
the firewall is not a secure option!

So other than using Linux, I considered using a lightweight SIP proxy,
but neither asterisk nor openser could be considered lightweight or
secure to put on a firewall.

Any suggestions would be greatly appreciated.

Thank you in advance,
Alicia.