On Tue, 21 May 2002, Raffael Ferenc wrote: > > If you use NAT, you have to load in the IRC nat helper module with the > > same parameters as you used at the IRC conntrack helper. > > IMHO DCC uses random unprivports, so you have to enable all ports > between 1025 and 65535 for the target ip address. (which is quite > unsecure, so use it with care)
The IRC conntrack/NAT helper is responsible to handle the requested data channels on the unprivileged ports together with the state matching in netfilter/iptables. (Therefore iptables is a big step ahead compared to ipchains.) There is no need to open up all unprivileged ports at all. Regards, Jozsef - E-mail : [EMAIL PROTECTED], [EMAIL PROTECTED] WWW-Home: http://www.kfki.hu/~kadlec Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
