Re: [GnomeMeeting-list] IPCHAINS drudgery
- From: Damien Sandras <dsandras seconix com>
- To: gnomemeeting-list gnome org
- Subject: Re: [GnomeMeeting-list] IPCHAINS drudgery
- Date: 12 Apr 2003 14:46:32 +0200
Hi,
I think that IPCHAINS didn't support port forwarding...
Le sam 12/04/2003 à 12:40, AG a écrit :
> I'm running a legacy IPCHAINS FW and would like to configure it to
> portfwd the required ports for GM. The FW is a homemade LINUX gateway,
> running the 2.2.18 kernel. PMFirewall is my FW software.
> I only wish to pass packets to one machine on my private LAN.
>
> The box supports NAT and I believe IP Translation too, but doesn't
> natively support H.323 or the other fancy Netmeeting protocols. The
> machine has 484 days of uptime and I do not wish to shut it down and
> upgrade my Slack distro to setup IPTABLES just to get GM working ;)
>
> Could anyone help me with IPCHAINS translation equivalent of the
> IPTABLES solution below? Hopefully, this will be a painless and simple
> process..
>
> Thx in advance..
>
> <-snip->
> IPTABLES=/usr/local/sbin/iptables
> OUT_DEV=eth0
> IN_HOST=192.168.1.12
> TCP_PORT_RANGE=30000:30010
> UDP_PORT_RANGE=5000:5003
> TCP_LISTENING_PORT=1720
> $IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j DNAT --to-dest $IN_HOST
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p udp --dport $UDP_PORT_RANGE -j DNAT --to-dest $IN_HOST
> $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST -j ACCEPT
> $IPTABLES -A FORWARD -p udp -i $OUT_DEV --dport $UDP_PORT_RANGE -d $IN_HOST -j ACCEPT
> $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST
> $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d $IN_HOST -j ACCEPT
> <-snip->
--
Damien Sandras <dsandras seconix com>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]