Guest nunyas Posted May 18, 2004 Report Share Posted May 18, 2004 Hi all, I did a brief search and didn't see threads that specifically pertained to what I'm attempting to do here. What I want to do: MSN video conference/NetMeet from inside my LAN with someone on the internet. What I have: Linux box running Mandrake 10 Official with kernel 2.6.3, IPTables, and Shorewall handling the NAT/IPMasquerading. eth0 is connected to my DSL and eth1 connected to the LAN. As far as 'normal' internet usage goes it's working great all 5 PCs behind the Linux box can connect to the internet and browse, instant message, play 'online' games, etc. But I can't seem to get NetMeeting to work (a.k.a. H.323). I read somewhere a month or two ago that kernel 2.6.x is supposed to be able to handle/support special protocols like H.323. I've looked in the modules directory and could not find any modules that were named in a manner to indicate the support that i'm looking for. Can this be done through IPTables/IPMasq? I should add that I do not want to forward to any single specific computer and would like to maintain the ability to have any of the computers use NetMeeting at any time without having to reconfigure. If I can't do this with the tools already there, is my best bet to go Proxy and get Socks5? Thanks in advance for any advice, Nunyas Quote Link to comment Share on other sites More sharing options...
fissy Posted May 19, 2004 Report Share Posted May 19, 2004 (edited) so your mandrake box works as a router and your windows xp machine connects through it? If thats the case, and you want other H.323 users to be able to connect to you, you'll need to forward the port that H.323 uses. Yes, this can be done with iptables. I think its best to use shorewall to use iptables, a little bit simpler. As root, you'll need to add a rule to /etc/shorewall/rules, and restart shorewall with "service shorewall restart" An example of what you are after is given in the rules file: # #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL # # PORT PORT(S) DEST # DNAT net loc:192.168.1.3 tcp ssh,http # # Example: Forward all http connection requests from the internet # to local system 192.168.1.3 with a limit of 3 per second and # a maximum burst of 10 hope that helps (you'll need to set up your zones file too, so that shorewall knows what net means) Edited May 19, 2004 by fissy Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.