[sclug] Netmeeting and GNUGk
Simon Huggins
huggie at earth.li
Mon May 16 16:09:39 UTC 2005
On Mon, May 16, 2005 at 01:23:30PM +0100, James Wyper wrote:
> I have a Mandrake 10.1 box which acts as combined [shorewall] firewall
> / router between dual-boot (Win98 / Mandrake) clients on my home
> network. I've got a Windows-only webcam, and I want to be able to use
> Netmeeting to videoconference with (Windows-using) family in Australia.
> It appears that Netmeeting (or the H323 protocol generally) doesn't
> play well with NAT firewalls (I've tried DNATing lots of ports on the
> firewall to one of the Windows clients without success). I think I
> have the following alternatives to choose from:
That's news to me. I have it on a private IP working fine (admittedly
gnomemeeting not netmeeting).
In my firewall script I have:
modprobe ip_nat_h323
modprobe ip_conntrack_h323
iptables -t nat -A PREROUTING -p tcp --dport 1720 -i $EXTINTERFACE \
-j DNAT --to 192.168.2.21:1720
iptables -A block -m state --state NEW -i $EXTINTERFACE -p tcp \
-d 192.168.2.21 --dport 1720 -j ACCEPT
Where block is my generic table most things passthrough, 192.168.2.21 is
the internal host with netmeeting and EXTINTERFACE is my external
interface (ppp0 now).
Both FORWARD and INPUT go through block and the first rule in block is
the classic:
iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
Works For Me (TM).
Simon.
--
Just another wannabie | "Somebody's poisoned the | Just another fool
----------------------+ waterhole!" +-------------------
This message was brought to you by the letter N and the number 13.
htag.pl 0.0.22 -- http://www.earth.li/projectpurple/progs/htag.html
More information about the Sclug
mailing list