RE: [leaf-user] LEAF and H323

Tue, 09 Mar 2004 23:20:30 -0800 

Robert,

Here is what i did to get netmeeting going through Bering 1.2

In the modules i have declared the following (remove the ftp and irc modules
if you don't need them)

# Masquerading 'helper' modules
# Other modules available in bering/modules/net/ipv4/netfilter
ip_conntrack_ftp
ip_conntrack_irc
ip_conntrack_h323
ip_nat_ftp
ip_nat_irc
ip_nat_h323


and in shorewall rules you have to add the following (I assume you are
NATing you connection)

DNAT            awmn1     loc:192.168.1.3    tcp     1720    -  10.18.213.1

where
awmn1 is your interaced name
loc:192.168.1.3 is the local machine where the netmeeting calls will be
directed
and
10.18.213.1 is your outside network address

The above set up works well on a wireless network with 3 interfaces,
accepting and placing netmeeting calls.
What it does not do, is work well with a Gatekeeper (when calling or
receiving calls from VOIP telephones or other Netmeeting pc's using a
Gatekeeper) but this is a problem that the Gatekepper has with NAT firewalls
in general...


Stelios

> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Robert
> & Sabine von Knobloch
> Sent: Monday, March 08, 2004 7:02 PM
> To: Request LEAF (E-Mail)
> Subject: [leaf-user] LEAF and H323
>
>
> Hall LEAF World,
>
> i'm trying (I know it's not very secure, but some friends want desperately
> to do it) to set up a MS Netmeeting 3 connection between 2
> private networks
> 8mine with a LEAF Bering Uclibc 2 Firewall has anyone experience of how to
> set this up in the Shorewall rules? I have loaded the
> ip_conntrack_h323.0 &
> ip_nat_h323.o and have rules to allow ports 1720 & 1503 out (and Port
> forward incoming to a Windoze PC).
> So far I can get some signalling (remote end asys there is a
> connection, but
> I can't complete the call.
> I know there are many UDP ports involved, what must I tell Shorewall to
> allow the traffic flow ?
>
> p.s. ust for info - not directly LEAF. Here in Germany we have
> now got URL's
> (since 1st. March) with the special german "Umlaut" characters in them
> (those with 2 dots above them). I have a web site with such a domain name,
> it became active today when I found that MSIE §$%&! won't acces such
> addresses. Mozilla works fine but, sadly, most others tend to
> have MSIE :-(
> I don't know if MS are going to fix this, but it seems pretty stupid.
>
> Greetings from the Black Forest,
>
> Robert von Knobloch
>
>
>
> -------------------------------------------------------
> This SF.Net email is sponsored by: IBM Linux Tutorials
> Free Linux tutorial presented by Daniel Robbins, President and CEO of
> GenToo technologies. Learn everything from fundamentals to system
> administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
> ------------------------------------------------------------------------
> leaf-user mailing list: [EMAIL PROTECTED]
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
>



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70&alloc_id638&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to