Re: [GnomeMeeting-list] iptables firewall rules?

From: Jeffrey Bell <jfbell earthlink net>
To: gnomemeeting <gnomemeeting-list gnome org>
Subject: Re: [GnomeMeeting-list] iptables firewall rules?
Date: 29 Sep 2002 19:43:17 -0400

Damien,

My fault, that was a typo in my email message.
I have since found a decent person on the outside to test my firewall
rule set and have had GREAT results. I was talking with a person who was
running GM with H.245(tunneling) disabled.

I don't know if it was due to my sound card running non-duplex mode or
my rule set that was causing me so much trouble. I spent many nights
trying to work this problem out.

I switched over to ALSA sound driver instead of OSS. 

Now, I remember reading somewhere about NM users needing to install a
GSM driver of some sort. A NM user I am trying to communicate with has
NM-3.01 with Microsoft G.723.1, so I would need to have him install a
GSM driver, correct?

On Sun, 2002-09-29 at 11:59, Damien Sandras wrote:
> le dim 29-09-2002 à 17:22, Jeffrey Bell a écrit :
> > Hi,
> > 
> > I'm sitting behind a firewall using iptables. I am trying to talk with a
> > Netmeeting user and GM users.
> > 
> > I am having a few difficulties with setting up the firewall rules.
> > 
> > I understand which ports need to be allowed, TCP 1720, random UDP
> > 5000:5003 for audio/video and UDP 30000:30010 if talking with a NM user
> > or a GM user with H.245 disabled.
> 
> 30000-30010 is for TCP, not UDP!!
> 
> 
> > 
> > Does anybody have a set of rules that they use that work with the above
> > scenario?
> > 
> > What I have done so far in my feeble attempt is to add these lines:
> > 
> > # Allow netmeeting connections 
> >         $IPTABLES -A PREROUTING -t nat -p tcp -d $EXTIP  --dport 1720 -j
> > DNAT --to $NETMEETING:1720
> > 
> > # ports for Netmeeting dynamic audio/video
> >         $IPTABLES -A INPUT -i $EXTIF -p udp --sport 5000:5004 -j ACCEPT
> >         $IPTABLES -A OUTPUT -o $INTIF -p udp --sport 5000:5004 -j ACCEPT
> > 
> > # ports for Netmeeting with H.245 disabled or Netmeeting users.
> >         $IPTABLES -A INPUT -i $EXTIF -p tcp --sport 30000:30010 -j
> > ACCEPT
> >         $IPTABLES -A OUTPUT -o $INTIF -p tcp --sport 30000:30010 -j
> > ACCEPT
> > 
> > Where $NETMEETING is my internal IP of my workstation, where GM is
> > running.
> >

Follow-Ups:
- Re: [GnomeMeeting-list] iptables firewall rules?
  - From: PUYDT Julien

References:
- [GnomeMeeting-list] iptables firewall rules?
  - From: Jeffrey Bell
- Re: [GnomeMeeting-list] iptables firewall rules?
  - From: Damien Sandras

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]