Re: [GnomeMeeting-list] Re: quicknet and gnomemeeting questions
- From: Damien Sandras <dsandras seconix com>
- To: gnomemeeting-list gnome org
- Subject: Re: [GnomeMeeting-list] Re: quicknet and gnomemeeting questions
- Date: 14 Oct 2003 11:33:18 +0200
Hello,
Please contact noc quicknet com when you are sure that your firewall is
correctly configured and that the problem is on your side.
As I already said in a previous mail, I think that the 1st step is to
try normal calls with normal users. That is the only way to make sure
everything works.
Le mar 14/10/2003 à 04:13, Eythan Weg a écrit :
> Damien Sandras <dsandras seconix com> writes:
>
> > That rule is only if you control outgoing traffic. I will remove it from
> > the FAQ to not confuse people anymore.
> >
> > Le lun 13/10/2003 à 23:44, Damien Sandras a écrit :
> >> Le lun 13/10/2003 à 19:26, Eythan Weg a écrit :
> >>
> >> >
> >> > $IPTABLES -I POSTROUTING 1 -t nat -o $IN_DEV -d \
> >> > $IN_HOST -p udp --dport $TCP_PORT_RANGE -j ACCEPT
> >>
> >> Ouch, thanks for mentionning this !!!
> >> I will update the FAQ now, I'm surprised we have not more users with
> >> problems.
>
> I have tried some more. Here are the relevant
> setting given by iptables. I flushed all the
> tables and reset the rules just before I start
> gnomemeeting. First the filter table:
>
> -----------------------------
> Chain INPUT (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
> 1330 91067 bad_tcp_packets tcp -- any any anywhere anywhere
> 1 60 tcp_packets tcp -- eth0 any anywhere anywhere
> 22 7667 udp_packets udp -- eth0 any anywhere anywhere
> 0 0 DROP all -- eth0 any anywhere BASE-ADDRESS.MCAST.NET/8
>
> Chain FORWARD (policy DROP 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
> 16 3707 ACCEPT udp -- eth0 any anywhere 192.168.0.2 udp dpts:5010:5013
> 0 0 ACCEPT tcp -- eth0 any anywhere 192.168.0.2 tcp dpt:1720
> 486 33628 ACCEPT udp -- eth0 any anywhere 192.168.0.2 udp dpts:5000:5003
> 19 1827 ACCEPT tcp -- eth0 any anywhere 192.168.0.2 tcp dpts:30000:30010
>
> Chain allowed (3 references)
> pkts bytes target prot opt in out source destination
> 1 60 ACCEPT tcp -- any any anywhere anywhere tcp flags:SYN,RST,ACK/SYN
> 0 0 ACCEPT tcp -- any any anywhere anywhere state RELATED,ESTABLISHED
> 0 0 DROP tcp -- any any anywhere anywhere
>
>
> Chain tcp_packets (1 references)
> pkts bytes target prot opt in out source destination
> 1 60 allowed tcp -- any any anywhere anywhere tcp dpt:smtp
> 0 0 allowed tcp -- any any anywhere anywhere tcp dpts:30000:30010
> 0 0 allowed tcp -- any any anywhere anywhere tcp dpt:1720
>
> Chain udp_packets (1 references)
> pkts bytes target prot opt in out source destination
> 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5000:5003
> 0 0 ACCEPT udp -- any any anywhere anywhere udp dpts:5010:5013
> 22 7667 DROP udp -- eth0 any anywhere 255.255.255.255 udp dpts:bootps:bootpc
>
>
> And here is the relevant nat table.
>
> Chain PREROUTING (policy ACCEPT 52 packets, 9034 bytes)
> pkts bytes target prot opt in out source destination
> 1 150 DNAT udp -- eth0 any anywhere anywhere udp dpts:5010:5013 to:192.168.0.2
> 0 0 DNAT tcp -- eth0 any anywhere anywhere tcp dpt:1720 to:192.168.0.2
> 2 268 DNAT udp -- eth0 any anywhere anywhere udp dpts:5000:5003 to:192.168.0.2
> 0 0 DNAT tcp -- eth0 any anywhere anywhere tcp dpts:30000:30010 to:192.168.0.2
>
> Chain POSTROUTING (policy ACCEPT 2 packets, 142 bytes)
> pkts bytes target prot opt in out source destination
> 1 150 ACCEPT udp -- any eth1 anywhere 192.168.0.2 udp dpts:5010:5013
> 0 0 ACCEPT tcp -- any eth1 anywhere 192.168.0.2 tcp dpt:1720
> 2 268 ACCEPT udp -- any eth1 anywhere 192.168.0.2 udp dpts:5000:5003
> 0 0 ACCEPT tcp -- any eth1 anywhere 192.168.0.2 tcp dpts:30000:30010
>
> -------------------------
> eth0 is the external interface and eth1 is the internal.
> GM runs on 192.68.0.2.
>
> Seems to me something is moving on the 5000:5013
> ports. No record of DROPed packets relevant to
> our matter. However, it fails, and Microtelco
> does not charge. Here is the history as
> registered by GM. I call myself but I do not hear
> any rings on the other phone. The first call ends
> with a busy signal, and the second also but very
> quickly with "Remote user cleared the call". What
> sense can be made out of this?
>
>
> ------------------------
> 0:15:05 Started GnomeMeeting V0.98 for weg
>
> 20:15:05 Using Quicknet device Internet PhoneJACK-ISA /dev/phone0
> 20:15:37 Gatekeeper set to bmac 66 7 159 99
> 20:16:15 Phone is off hook
> 20:16:35 Calling h323:765497xxxx
> 20:16:37 Attaching lid hardware to codec
> 20:16:37 Started New Logical Channel...
> 20:16:37 Sending G.723.1A(6.3k)-Cisco{hw}
> 20:16:37 Enabled silence detection for G.723.1A(6.3k)-Cisco{hw}
> 20:16:37 Attaching lid hardware to codec
> 20:16:37 Started New Logical Channel...
> 20:16:37 Receiving G.723.1A(6.3k)-Cisco{hw}
>
> Rings and then sounds busy and I put the
> handset on the hook.
>
>
> 20:17:02 Phone is on hook
> 20:17:02 Trying to stop calling
> 20:17:03 Local user cleared the call
> 20:19:07 Phone is off hook
> 20:19:07 Calling h323:765497xxxx
> 20:19:09 Remote user cleared the call
> 20:19:13 Phone is on hook
>
> --------------------
>
> I use GM 0.98.5, and the nixj driver is cvs
> from October 1 or thereabout.
>
> Sincerely, eythan
>
> _______________________________________________
> GnomeMeeting-list mailing list
> GnomeMeeting-list gnome org
> http://mail.gnome.org/mailman/listinfo/gnomemeeting-list
--
_ Damien Sandras
(o- GnomeMeeting: http://www.gnomemeeting.org/
//\ FOSDEM 2003: http://www.fosdem.org
v_/_ H.323 phone: callto://ils.seconix.com/dsandras seconix com
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
