From mboxrd@z Thu Jan 1 00:00:00 1970 From: Sp0oKeR Subject: Re: allow DCC through iptables nat box Date: Mon, 29 Aug 2005 13:41:03 -0300 Message-ID: <9255886c050829094144ddcd3a@mail.gmail.com> References: <43133603.3010005@mit-web.dk> Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: <43133603.3010005@mit-web.dk> Content-Disposition: inline List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii" To: Lars Nielsen Cc: netfilter@lists.netfilter.org You can use Patch O Matic module 5.4 irc-conntrack-nat patch This patch by Harald Welte allows DCC to work though NAT and connection tracking. By default, this module will track IRC connection on port 6667. But you can change this for another port with the `ports=3Dxx' argument. http://www.netfilter.org/documentation/HOWTO//netfilter-extensions-HOWTO-5.= html#ss5.4 Regards, Sp0oKeR On 8/29/05, Lars Nielsen wrote: > Hey >=20 > I have the following setup: >=20 > LAN 192.168.1.0/24 > Linux box with iptables > eth0 192.168.1.1 > eth1 ext_ip > internet >=20 > I use the following to allow internal clients to access the internet. > iptables -t nat -A POSTROUTING -o eth1 -s 192.168.1.0/24 -d 0/0 -j > MASQUERADE >=20 > Which rules should i use to allow DCC to and from an internal Mirc > client on ip 192.168.1.2 >=20 > I hope you can help me! ;o) >=20 > Best regards Lars Nielsen >=20 >=20 >