Re: [GnomeMeeting-list] iptables firewall rules?

[Damien Sandras <dsandras seconix com>]

le dim 29-09-2002 à 17:22, Jeffrey Bell a écrit :
> Hi,
> 
> I'm sitting behind a firewall using iptables. I am trying to talk with a
> Netmeeting user and GM users.
> 
> I am having a few difficulties with setting up the firewall rules.
> 
> I understand which ports need to be allowed, TCP 1720, random UDP
> 5000:5003 for audio/video and UDP 30000:30010 if talking with a NM user
> or a GM user with H.245 disabled.

30000-30010 is for TCP, not UDP!!


> 
> Does anybody have a set of rules that they use that work with the above
> scenario?
> 
> What I have done so far in my feeble attempt is to add these lines:
> 
> # Allow netmeeting connections 
>         $IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP  --dport 1720 -j
> DNAT --to $NETMEETING:1720
> 
> # ports for Netmeeting dynamic audio/video
>         $IPTABLES -A INPUT -i $EXTIF -p udp --sport 5000:5004 -j ACCEPT
>         $IPTABLES -A OUTPUT -o $INTIF -p udp --sport 5000:5004 -j ACCEPT
> 
> # ports for Netmeeting with H.245 disabled or Netmeeting users.
>         $IPTABLES -A INPUT -i $EXTIF -p udp --sport 30000:30010 -j
> ACCEPT
>         $IPTABLES -A OUTPUT -o $INTIF -p upd --sport 30000:30010 -j
> ACCEPT
> 
> Where $NETMEETING is my internal IP of my workstation, where GM is
> running.
> 
> Am I in the ball park on these?
> 
> 
> Thanks.
> -- 
> Jeffrey Bell <jfbell earthlink net>
>    -------------------------------------------------------------
>    Research is what I'm doing when I don't know what I'm doing.
>                         -- Wernher von Braun --
> 
> _______________________________________________
> GnomeMeeting-list mailing list
> GnomeMeeting-list gnome org
> http://mail.gnome.org/mailman/listinfo/gnomemeeting-list
-- 
Damien Sandras 

GnomeMeeting - H.323 Video-Conferencing application -
  web:	http://www.gnomemeeting.org/
FOSDEM 2002  - Free Software and Open Source Developers Meeting -
  web:	http://www.fosdem.org/