Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Ian Wells on January 19, 2002, 04:56:22 PM
-
I have an application (h323) running on a Win98 machine behind e-smith.
it needs:
UDP ports 1717, 1718, 1719 (for both in and out bound traffic)
TCP port 1720 (for both in and out bound traffic)
All TCP and UDP ports between 16384 and 32767
So I need to open the firewall on e-smith, and then forward all of the ports
mentioned above, but I could restrict this to the ip addresses that
callserve use.
What I don't have clear in my mind is will port forwarding work? or do
I need IP Masq instead?
How do you change the IP Chains settings in e-smith?
I see the file \etc\rc.d\init.d\masq (if my memory serves me) but it
has a big heading saying don't modify, instead modify the template.
The templates are then a huge confusing directory that I don't yet
understand.
If I could modify the rules to log all TCP/UDP packets that were blocked
then I would be in a better position to debug this problem.
Does IP Chains block outgoing ports?
Maybe I should add that on Windows it didn't work to start with,
it turned out that ICS was doing the NAT OK, but the firewall (ZApro)
was blocking the ports. After looking in the firewall log I could easily
open the required ports and suddenly it worked.
Finally to I do try to RTFM, reading about MASQ & IP Chains,
but as I'm down with flu I might be a little more thick than usual.
thanks for any help
Ian