Re: [masq] Microsoft NetMeeting

Thu, 16 Apr 1998 02:02:34 -0400 

Masquerading uses ports from 61000 up, so you could only set
ipautofw -A -r {tcp|udp} 1024 60999.
However, this screws up everything running on the Linux box. For example,
ftp to the Linux box does not work, DNS to the DNS server at your ISP does
not work.
I got ftp to work by only forwarding udp, but my logs indicate that DNS uses
udp ports above 1024 for the udp packets back from the server to the Linux
box.
So for now I abandoned Netmeeting.

-Joe

Joseph Kwok wrote:

> Does anybody can have NetMeeting working properly.  I had tried the
> setup in
>
> http://dijon.nais.com/~nevo/masq/chat.html#netmeeting
>
> The Primary TCP connections part works fine for me and I can connect to
> a netmeeting server and see other people.  But once I turns on the
> Secondary TCP/UDP connections to hopefully get Audio conference work.
> My masquerading linux server got crazy.  I had my network traffic in a
> mess.  Something like local network (127.0.0.1) is trying to get through
> my ppp dialup line to the ISP to ask for services like BIND.  As my
> firewalls rule will not expect anything like this happen and logged down
> something like:
> IP fw-out deny ppp0 UDP 127.0.0.1:53 0.0.0.0:1030 L=206 S=0x00 I=77
> F=0x0000 T=63
> IP fw-out deny ppp0 TCP 210.176.55.2:53 0.0.0.0:1024 L=44 S=0x00 I=5691
> F=0x0000 T=62
>
> 210.176.55.2 is my primary DNS server where I (210.176.55.16) am the
> secondary DNS server.  My /etc/resolv.conf set up that I will look up
> using localhost (127.0.0.1).  I then try even stop any firewall rules
> except with masquerading on, the system didn't get better.  BIND is
> still not working.  That create me in a difficult situation.  Not only
> named was not working, httpd was also.  I can't even telnet to my own
> linux box.
>
> Anyway, could anyone teach my what exactly ipautofw is doing and why the
> followings:
>
> ipautofw -A -r tcp 1024 65535
> ipautofw -A -r udp 1024 65535
>
> will result my disater situation.
>
> Regards,
> Joseph
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> For daily digest info, email [EMAIL PROTECTED]

 --
Joachim Feise
mailto:[EMAIL PROTECTED]             http://www.ics.uci.edu/~jfeise/
mailto:[EMAIL PROTECTED]                           mailto:[EMAIL PROTECTED]
---------------------------------------------------------------------


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
For daily digest info, email [EMAIL PROTECTED]

Reply via email to