[GnomeMeeting-list] need help to configure my iptables

From: p80 <p80 free fr>
To: gnomemeeting-list gnome org
Subject: [GnomeMeeting-list] need help to configure my iptables
Date: Tue, 4 May 2004 02:26:48 +0200

hey all,
I'm no iptables master so I have a couple of questions :)
My computer1 have two ethernet cards eth0 and eth1.
I have a little network at home i get the internet on my computer1 on eth1
(public ip is 81.57.5.106) and I forward it with eth0(192.168.0.1) to two 
other computers 192.168.0.2 and 192.168.0.3 . I want to use gnomemeeting on 
the 192.168.0.3 so I tried the script on the FAQ but it didn't work :( Maybe 
I didn't configure it well. here is what I did: 

#!/bin/bash
IPTABLES=/sbin/iptables
# = where resides the iptables binary (see "type -p iptables")
OUT_DEV=81.57.5.106
# = your public Internet-Device
IN_DEV=eth1
# = your internal Internet-Device
IN_HOST=192.168.0.3
# = Host to which the incoming H323 is being forwarded
TCP_PORT_RANGE=30000:30010
RTP_PORT_RANGE=5000:5007
TCP_LISTENING_PORT=1720
GK_PORT_RANGE=5010:5013
#TCP_PORT_RANGE - H245, if no tunneling is made
#RTP_PORT_RANGE - RTP connections (2 audio, 2 video - RTP and RTCP)
#TCP_LISTENING_PORT - H.323 port
#GK_PORT_RANGE - if external GK is used
# activate masquerading on public interface
$IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
# set incoming port forwarding...
$IPTABLES -t nat -I PREROUTING 1 -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j 
DNAT --to-dest $IN_HOST
$IPTABLES -t nat -I PREROUTING 1 -i $OUT_DEV -p udp --dport $RTP_PORT_RANGE -j 
DNAT --to-dest $IN_HOST
$IPTABLES -I FORWARD 1 -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST 
-j ACCEPT
$IPTABLES -I FORWARD 1 -p udp -i $OUT_DEV --dport $RTP_PORT_RANGE -d $IN_HOST 
-j ACCEPT
$IPTABLES -t  nat -I PREROUTING 1 -i $OUT_DEV -p tcp --dport 
$TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST
$IPTABLES -I FORWARD 1 -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d 
$IN_HOST -j ACCEPT
# add port forwarding for external GK
$IPTABLES -t nat -I PREROUTING 1 -i $OUT_DEV -p udp --dport $GK_PORT_RANGE -j 
DNAT --to-dest $IN_HOST
$IPTABLES -I FORWARD 1 -p udp -i $OUT_DEV --dport $GK_PORT_RANGE -d $IN_HOST 
-j ACCEPT
$IPTABLES -I POSTROUTING 1 -t nat -o $IN_DEV -d $IN_HOST -p udp --dport 
$GK_PORT_RANGE -j ACCEPT

yet it didn't work, maybe I did something  wrong, anyone?

thanx in advance!

Follow-Ups:
- Re: [GnomeMeeting-list] need help to configure my iptables
  - From: Dennis Gilmore

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]