* strange about netmeeting via iptables?
@ 2002-09-17 17:37 Bird Chen
0 siblings, 0 replies; 3+ messages in thread
From: Bird Chen @ 2002-09-17 17:37 UTC (permalink / raw)
To: netfilter
Hi,
I am new to this list. But I have been searching for solution on this
issue over and over. I have a linux running iptables between my intranet
and ISP through ADSL link. And my client which is running win2k try to
netmeeting the internet people. But when the connection was established,
peer can hear what I am saying but I can't hear the peer's voice.
Here is the output of my iptables -L,
root@srv1:/proc/net# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp
dpt:telnet
ACCEPT tcp -- 10.1.1.0/24 anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
LOG tcp -- anywhere anywhere tcp dpt:www
LOG leve
l warning prefix `HTTP tried to access.'
LOG udp -- anywhere anywhere udp dpt:www
LOG leve
l warning prefix `HTTP tried to access.'
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/NONE
DROP all -- !10.1.1.0/24 anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 10.0.0.0/8 anywhere
LOG tcp -- anywhere anywhere tcp
spts:netbios-ns:
netbios-ssn LOG level warning prefix `SMB tried to cross.'
LOG udp -- anywhere anywhere udp
spts:netbios-ns:
netbios-ssn LOG level warning prefix `SMB tried to cross.'
DROP tcp -- anywhere anywhere tcp
spts:netbios-ns:
netbios-ssn
DROP udp -- anywhere anywhere udp
spts:netbios-ns:
netbios-ssn
DROP tcp -- anywhere anywhere tcp spt:635
DROP udp -- anywhere anywhere udp spt:635
DROP tcp -- anywhere anywhere tcp spt:2049
DROP udp -- anywhere anywhere udp spt:2049
DROP tcp -- anywhere anywhere tcp
spt:sunrpc
DROP udp -- anywhere anywhere udp
spt:sunrpc
DROP udp -- anywhere anywhere udp
dpt:syslog
DROP tcp -- anywhere anywhere tcp
dpt:printer
DROP tcp -- anywhere anywhere tcp
dpt:shell
DROP tcp -- anywhere anywhere tcp dpt:exec
ACCEPT all -- 10.1.1.0/24 anywhere state NEW
ACCEPT all -- !10.1.1.0/24 anywhere state
RELATED,ESTABL
ISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Any idea? I have compiled the modules for h323 support which I grab
the source from internet. And my patched kernel now is
2.4.19-Newnat16-v2.
Thanks for help.
Best regards,
--
Bird Chen
Personal Key:0BAD AC36 4C98 9495 3A2E 126A 0925 EA4C 702C CEFC
^ permalink raw reply [flat|nested] 3+ messages in thread
* strange about netmeeting via iptables?
@ 2002-09-17 17:40 Bird Chen
2002-09-17 21:54 ` Jozsef Kadlecsik
0 siblings, 1 reply; 3+ messages in thread
From: Bird Chen @ 2002-09-17 17:40 UTC (permalink / raw)
To: netfilter
Hi,
I am new to this list. But I have been searching for solution on this
issue over and over. I have a linux running iptables between my intranet
and ISP through ADSL link. And my client which is running win2k try to
netmeeting the internet people. But when the connection was established,
peer can hear what I am saying but I can't hear the peer's voice.
Here is the output of my iptables -L,
root@srv1:/proc/net# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/NONE
DROP tcp -- anywhere anywhere tcp
dpt:telnet
ACCEPT tcp -- 10.1.1.0/24 anywhere tcp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
LOG tcp -- anywhere anywhere tcp dpt:www
LOG leve
l warning prefix `HTTP tried to access.'
LOG udp -- anywhere anywhere udp dpt:www
LOG leve
l warning prefix `HTTP tried to access.'
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG
DROP tcp -- anywhere anywhere tcp
flags:FIN,SYN,RS
T,PSH,ACK,URG/NONE
DROP all -- !10.1.1.0/24 anywhere
DROP all -- 192.168.0.0/16 anywhere
DROP all -- 172.16.0.0/12 anywhere
DROP all -- 10.0.0.0/8 anywhere
LOG tcp -- anywhere anywhere tcp
spts:netbios-ns:
netbios-ssn LOG level warning prefix `SMB tried to cross.'
LOG udp -- anywhere anywhere udp
spts:netbios-ns:
netbios-ssn LOG level warning prefix `SMB tried to cross.'
DROP tcp -- anywhere anywhere tcp
spts:netbios-ns:
netbios-ssn
DROP udp -- anywhere anywhere udp
spts:netbios-ns:
netbios-ssn
DROP tcp -- anywhere anywhere tcp spt:635
DROP udp -- anywhere anywhere udp spt:635
DROP tcp -- anywhere anywhere tcp spt:2049
DROP udp -- anywhere anywhere udp spt:2049
DROP tcp -- anywhere anywhere tcp
spt:sunrpc
DROP udp -- anywhere anywhere udp
spt:sunrpc
DROP udp -- anywhere anywhere udp
dpt:syslog
DROP tcp -- anywhere anywhere tcp
dpt:printer
DROP tcp -- anywhere anywhere tcp
dpt:shell
DROP tcp -- anywhere anywhere tcp dpt:exec
ACCEPT all -- 10.1.1.0/24 anywhere state NEW
ACCEPT all -- !10.1.1.0/24 anywhere state
RELATED,ESTABL
ISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Any idea? I have compiled the modules for h323 support which I grab
the source from internet. And my patched kernel now is
2.4.19-Newnat16-v2.
Thanks for help.
Best regards,
--
Bird Chen
Personal Key:0BAD AC36 4C98 9495 3A2E 126A 0925 EA4C 702C CEFC
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: strange about netmeeting via iptables?
2002-09-17 17:40 strange about netmeeting via iptables? Bird Chen
@ 2002-09-17 21:54 ` Jozsef Kadlecsik
0 siblings, 0 replies; 3+ messages in thread
From: Jozsef Kadlecsik @ 2002-09-17 21:54 UTC (permalink / raw)
To: Bird Chen; +Cc: netfilter
On Wed, 18 Sep 2002, Bird Chen wrote:
> I am new to this list. But I have been searching for solution on this
> issue over and over. I have a linux running iptables between my intranet
> and ISP through ADSL link. And my client which is running win2k try to
> netmeeting the internet people. But when the connection was established,
> peer can hear what I am saying but I can't hear the peer's voice.
The possible problems are: either party enabled H.245 tunneling (or 'fast
start') or use RAS/gatekeeper.
The current H.323 helper works for the most simple setups only being a
crude hack.
Regards,
-
E-mail : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2002-09-17 21:54 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-09-17 17:40 strange about netmeeting via iptables? Bird Chen
2002-09-17 21:54 ` Jozsef Kadlecsik
-- strict thread matches above, loose matches on Subject: below --
2002-09-17 17:37 Bird Chen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox