I'd be more than willing to help debug this. I have both the Dachstein and Bering firewalls setup, I just switch the cables and I'm set to go. If you want specifics of the setups, tell me what you need and I'll send it to you.
Eyeball Chat says it does NOT use H323 (is that the correct number?) video conferencing protocol, so I'm not sure that Dachstein's ipmasq setting would have helped. I am using the Dachstein CD 1.02. I added some rules for SSH and VNC. I did nothing specific for Eyeball Chat. I can send whatever config files you might want. I was using Bering Stable, with Shorewall 1.3.12a. I upgraded the shorewall to 1.3.14 last night. I haven't tried Eyeball since the upgrade. I used the 2 nic version and added some DNAT for ssh and VNC. Let me know what you want me to log on each firewall and I'll give it a go. I'd like to avoid opening ports, esp. since its a p2p app, and who would I open them for? My inlaws are on dial-up. I've seen posts on Google Groups of users saying "it just worked" through their firewall when other apps didn't. What I like is that it compresses video and audio so it is usable on a dial-up connection. Ray, I'll attempt some connections tonight (If I get a chance) and send the output from Dachstein and Bering that you suggested. Sean > >There is something that we are missing here regarding the difference > >between his Dachstein and Bering configurations. Not only would these high > >ports have to have been open but they would have to have been forwarded to > >the internal machine running his P2P application. That would have required > >an explicit configuration action on his part. > > I *think* this assertion is incorrect. The firewall paper Sean referred us > to *seems* to be describing a workaround for exactly this requirement. I > don't fully understand how they do it (either the paper intentionally omits > some key technical detail, or I just missed it). Lynn's suggestion above, a > more succinct expression of the thought I talked about in rambly form, is > probably closer to the target. > > >The exception would be if the application is built on some standard > >technology like IRC where a masquerade module is available on Dachstein > >but not on Bering. > ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
