Re: [GnomeMeeting-list] Gnomemeeting and firewall rules?
- From: Ivo Clarysse <soggie soti org>
- To: gnomemeeting-list gnome org
- Subject: Re: [GnomeMeeting-list] Gnomemeeting and firewall rules?
- Date: Tue, 5 Mar 2002 16:34:16 +0100 (CET)
On Tue, 5 Mar 2002, Jonathan A. Davis wrote:
> On 5 Mar 2002, Jeffrey Bell wrote:
>
> >
> > What is everybody else doing with reguards to gm behind a firewall?
> >
> >
>
> I'm doing pretty much the same thing. The only thing is, although I'm
> running 2.4.17 on the NAT box, I shoehorned the (for 2.4.13)
> newnat-suite from http://www.kfki.hu/%7Ekadlec/sw/netfilter/newnat-suite.
> Mainly as I didn't know there *was* a CVS lurking around with something
> newer. :-)
>
> In any case, I have basically the identical entries such as:
>
> $IPTABLES -A PREROUTING -i $GATEWAY -p tcp -m tcp --dport 1720 -j DNAT
> --to-destination athena
>
> One difference might be that I'm not summarily DROPping ports above 1023,
> but only selected ones.
>
> If memory serves, net/gnomemeeting uses the following:
>
> 389/TCP ILS
> 522/TCP ULS
AFAIK, Gnomemeeting does not support ULS (User Location Service) - it uses
ILS instead. NetMeeting can also use ILS.
> 1503/TCP T.120
Gnonemeeting does not support T.120.
> 1720/TCP H.323 & H.225 (video and call setup)
> 1731/TCP Audio
This port is (according to http://www.shenton.org/~chris/nasa-hq/netmeeting/)
Microsoft's msiccp 'Audio call control' protocol. Again, AFAIK Gnomemeeting
does not use or support this.
> Dyn/TCP H.245
> Dyn/UDP RTCP/RTP
>
> Thus you may need to check and open a hole for 1731...
(I tested with allowing all inbound UDP/TCP on 1024-65535, just to
make sure if that would help, but it didn't, nor did forwarding
port 1731 to the internal host)
>
Ivo.
--
Ivo Clarysse PGP key: DF533D7C <soggie soti org>
H.R. Leuven 107057
BTW: BE 708.837.396
Rek: 735-0029047-32 http://www.soti.org/~soggie/
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]