Re: [GnomeMeeting-list] gnomemeeting, netmeeting, lan and NAT
- From: Truong <tphuong wol be>
- To: gnomemeeting-list gnome org
- Subject: Re: [GnomeMeeting-list] gnomemeeting, netmeeting, lan and NAT
- Date: Sun, 19 Jan 2003 22:17:29 +0100
% *** Chris Searle <gnomemeeting chrissearle org> wrote: ***
% Damien Sandras <dsandras seconix com> writes:
%
[..]
% > Other tips:
% > - the h323_masq_module are buggy : they do not respect the H.323
% > protocol, they only react well with Netmeeting because they were coded
% > with Netmeeting in mind, and not with H.323 in mind. It means that they
% > will work with Netmeeting, but not with H.323 programs. What you have to
% > do for the GnomeMeeting (LAN) -> Netmeeting (Internet) case is to read :
% > http://www.gnomemeeting.org/index.php?rub=3&pos=0#AEN192
%
% OK - I'll have a shot at doing this with just redirection - just have
% to convert it all to ipchains first. The floppyfw machine is a 486 and
% does not support 2.4.x kernels. However - since all it does is route -
% I can live with ipchains.
%
The lastest stable floppyfw-2.0.4 was released on 2002-12-10 and it was
build from the kernel 2.4.20. So you may use it safely with iptables
instead of the old ipchains. (I used floppyfw-1.9.10 with kernel 2.4.12,
released on 2001-10).
% > - it is also probable that if you are using h323_masq_module, it
% > prevents to work the IP translation technic described in the FAQ and
% > supported by GnomeMeeting only.
%
% Now - I'm a little unclear here. FAQ 6.3.1 gives a list of iptables
% that can be used. If I insert that lot on the floppyfw machine (think
% of it as a router) - do I need the ip translation stuff in FAQ 6.3?
%
If you use NAT/PAT for GnomeMeeting (who is behind your floppyfw) you
don't need to load ip_masq_h323 (for kernel 2.2.xx, ipchains) neither
ip_nat_h323 (for kernel 2.4.xx, iptables).
One more thing, you might add ACCEPT as the default policy for the three
chains INPUT, OUTPUT, FORWARD before the iptables' rules found on the
GnomeMeeeting FAQ (section 6.3.1). For example:
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
I don't like very much to have this policy ACCEPT on the firewall and as
soon as I find a better way to get GM going through I will DROP them all.
Enjoy GnomeMeeting,
Truong
--
Truong <tphuong wol be>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]