Re: [leaf-user] LEAF and H323

2004-03-10 Thread Tony 
HI Stelios,

I have one question in line

Stelios Koroneos wrote:

Robert,

Here is what i did to get netmeeting going through Bering 1.2

In the modules i have declared the following (remove the ftp and irc modules
if you don't need them)
# Masquerading 'helper' modules
# Other modules available in bering/modules/net/ipv4/netfilter
ip_conntrack_ftp
ip_conntrack_irc
ip_conntrack_h323
ip_nat_ftp
ip_nat_irc
ip_nat_h323
and in shorewall rules you have to add the following (I assume you are
NATing you connection)
DNATawmn1 loc:192.168.1.3tcp 1720-  10.18.213.1
 

where
awmn1 is your interaced name
 

 ]

What is an interaced name?

loc:192.168.1.3 is the local machine where the netmeeting calls will be
directed
and
10.18.213.1 is your outside network address
The above set up works well on a wireless network with 3 interfaces,
accepting and placing netmeeting calls.
What it does not do, is work well with a Gatekeeper (when calling or
receiving calls from VOIP telephones or other Netmeeting pc's using a
Gatekeeper) but this is a problem that the Gatekepper has with NAT firewalls
in general...
Stelios
 



Thanks,

Tony



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] LEAF and H323

2004-03-10 Thread Christian HOSTELET 
Hello,


 HI Stelios,

 I have one question in line

 Stelios Koroneos wrote:
 
 and in shorewall rules you have to add the following (I assume you are
 NATing you connection)
 
 DNATawmn1 loc:192.168.1.3tcp 1720-
10.18.213.1
 
 
 where
 awmn1 is your interaced name
 
 
   ]


I think Stelios meant interface but his keyboard bounced :-)

Using an off-the-shelf standard config that should read

DNAT   net   loc:192.168.1.3  tcp  1720 - 10.18.213.1

or, simply

DNAT  net   loc:192.168.1.3   tcp   1720

 
 Stelios
 

 Thanks,

 Tony


--
Christian - Grenoble






---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] LEAF and H323

2004-03-10 Thread Stelios Koroneos 
 
  where
  awmn1 is your interaced name
  
  
]
 
 
 I think Stelios meant interface but his keyboard bounced :-)
 
Human operator error... system halted... please reboot operator :-)


---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Re: [leaf-user] LEAF and H323

2004-03-10 Thread Tony 
Oi!

I feel stupidI see now

Thanks!

Tony



Stelios Koroneos wrote:

where
awmn1 is your interaced name
   

 ]

 

I think Stelios meant interface but his keyboard bounced :-)

   

Human operator error... system halted... please reboot operator :-)

---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
 



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

RE: [leaf-user] LEAF and H323

2004-03-09 Thread Stelios Koroneos 
Robert,

Here is what i did to get netmeeting going through Bering 1.2

In the modules i have declared the following (remove the ftp and irc modules
if you don't need them)

# Masquerading 'helper' modules
# Other modules available in bering/modules/net/ipv4/netfilter
ip_conntrack_ftp
ip_conntrack_irc
ip_conntrack_h323
ip_nat_ftp
ip_nat_irc
ip_nat_h323


and in shorewall rules you have to add the following (I assume you are
NATing you connection)

DNATawmn1 loc:192.168.1.3tcp 1720-  10.18.213.1

where
awmn1 is your interaced name
loc:192.168.1.3 is the local machine where the netmeeting calls will be
directed
and
10.18.213.1 is your outside network address

The above set up works well on a wireless network with 3 interfaces,
accepting and placing netmeeting calls.
What it does not do, is work well with a Gatekeeper (when calling or
receiving calls from VOIP telephones or other Netmeeting pc's using a
Gatekeeper) but this is a problem that the Gatekepper has with NAT firewalls
in general...


Stelios

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Behalf Of Robert
  Sabine von Knobloch
 Sent: Monday, March 08, 2004 7:02 PM
 To: Request LEAF (E-Mail)
 Subject: [leaf-user] LEAF and H323


 Hall LEAF World,

 i'm trying (I know it's not very secure, but some friends want desperately
 to do it) to set up a MS Netmeeting 3 connection between 2
 private networks
 8mine with a LEAF Bering Uclibc 2 Firewall has anyone experience of how to
 set this up in the Shorewall rules? I have loaded the
 ip_conntrack_h323.0 
 ip_nat_h323.o and have rules to allow ports 1720  1503 out (and Port
 forward incoming to a Windoze PC).
 So far I can get some signalling (remote end asys there is a
 connection, but
 I can't complete the call.
 I know there are many UDP ports involved, what must I tell Shorewall to
 allow the traffic flow ?

 p.s. ust for info - not directly LEAF. Here in Germany we have
 now got URL's
 (since 1st. March) with the special german Umlaut characters in them
 (those with 2 dots above them). I have a web site with such a domain name,
 it became active today when I found that MSIE §$%! won't acces such
 addresses. Mozilla works fine but, sadly, most others tend to
 have MSIE :-(
 I don't know if MS are going to fix this, but it seems pretty stupid.

 Greetings from the Black Forest,

 Robert von Knobloch



 ---
 This SF.Net email is sponsored by: IBM Linux Tutorials
 Free Linux tutorial presented by Daniel Robbins, President and CEO of
 GenToo technologies. Learn everything from fundamentals to system
 administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click
 
 leaf-user mailing list: [EMAIL PROTECTED]
 https://lists.sourceforge.net/lists/listinfo/leaf-user
 SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html




---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id70alloc_id638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

[leaf-user] LEAF and H323

2004-03-08 Thread Robert Sabine von Knobloch 
Hall LEAF World,

i'm trying (I know it's not very secure, but some friends want desperately
to do it) to set up a MS Netmeeting 3 connection between 2 private networks
8mine with a LEAF Bering Uclibc 2 Firewall has anyone experience of how to
set this up in the Shorewall rules? I have loaded the ip_conntrack_h323.0 
ip_nat_h323.o and have rules to allow ports 1720  1503 out (and Port
forward incoming to a Windoze PC).
So far I can get some signalling (remote end asys there is a connection, but
I can't complete the call.
I know there are many UDP ports involved, what must I tell Shorewall to
allow the traffic flow ?

p.s. ust for info - not directly LEAF. Here in Germany we have now got URL's
(since 1st. March) with the special german Umlaut characters in them
(those with 2 dots above them). I have a web site with such a domain name,
it became active today when I found that MSIE §$%! won't acces such
addresses. Mozilla works fine but, sadly, most others tend to have MSIE :-(
I don't know if MS are going to fix this, but it seems pretty stupid.

Greetings from the Black Forest,

Robert von Knobloch



---
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470alloc_id=3638op=click

leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html