Hi there, I've recently had a cable modem installed at my house, shared between 3 users. I've got it all working nicely with the default policies of Net loc REJECT Loc net ACCEPT And I have added the following rules to allow my pc (192.168.1.1) to use Direct Connect in Active mode behind the firewall. ACCEPT net loc:192.168.1.1:412 tcp ACCEPT net loc:192.168.1.1:412 udp DNAT net loc:192.168.1.1:412 tcp DNAT net loc:192.168.1.1:412 udp It works fine, but is this the correct way of doing this? And is it fairly secure?
Will I have to use 2 other different ports on the firewalls external interface, e.g., 413 and 414, to enable this on the other two machines in the house? Is there any way to just say OPEN PORT 412? Next question.. MSN Messanger file sharing and H323 I have to open a range of ports for MSNM's file sharing. Do I have to ACCEPT and DNAT all of these ports for all of the 3 machines (using 3 different ranges)? I have glanced at the "Netfilter helper modules", but these just confuse the hell out of me, I'm afraid my Linux knowledge is very limited. Thanks! James L S Neave BSc(Hons) Software Engineer Spur Information Solutions Ltd, Hayward House, Hayward Business Centre, New Lane, Havant, Hants. PO9 2NL Tel: +44 (0)23 9245 5564 Fax: +44 (0)23 9247 0874 ------------------------------------------------------- This SF.NET email is sponsored by: Thawte.com Understand how to protect your customers personal information by implementing SSL on your Apache Web Server. Click here to get our FREE Thawte Apache Guide: http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0029en ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html