[GnomeMeeting-list] IPCHAINS drudgery

From: AG <agreen bkaeg org>
To: gnomemeeting-list gnome org
Subject: [GnomeMeeting-list] IPCHAINS drudgery
Date: Sat, 12 Apr 2003 06:40:55 -0400

I'm running a legacy IPCHAINS FW and would like to configure it to
portfwd the required ports for GM. The FW is a homemade LINUX gateway,
running the 2.2.18 kernel. PMFirewall is my FW software.
I only wish to pass packets to one machine on my private LAN.

The box supports NAT and I believe IP Translation too, but doesn't
natively support H.323 or the other fancy Netmeeting protocols.  The
machine has 484 days of uptime and I do not wish to shut it down and
upgrade my Slack distro to setup IPTABLES just to get GM working ;)  

Could anyone help me with IPCHAINS translation equivalent of the
IPTABLES solution below?  Hopefully, this will be a painless and simple
process..

Thx in advance..

<-snip->
IPTABLES=/usr/local/sbin/iptables
OUT_DEV=eth0
IN_HOST=192.168.1.12
TCP_PORT_RANGE=30000:30010
UDP_PORT_RANGE=5000:5003
TCP_LISTENING_PORT=1720
$IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j DNAT --to-dest $IN_HOST
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p udp --dport $UDP_PORT_RANGE -j DNAT --to-dest $IN_HOST
$IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST -j ACCEPT
$IPTABLES -A FORWARD -p udp -i $OUT_DEV --dport $UDP_PORT_RANGE -d $IN_HOST -j ACCEPT
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST
$IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d $IN_HOST -j ACCEPT
<-snip->
-- 
AG

Follow-Ups:
- Re: [GnomeMeeting-list] IPCHAINS drudgery
  - From: Damien Sandras

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]