On Wed, Jun 02, 1999 at 04:33:57PM +0100, Mario Jorge Nunes Filipe wrote: > Hi > > With kernel 2.0.x and ipfwadm it was necessary to compile something into > the kernel so that it would allow real* traffic to go by. Is the same > still valid for kernel 2.2.x with ipchains? >
I assume by real* you are talking about real-audio and real-video. By default, you should not need to do anything to allow these to go by. But, if you have firewalled off most everything, something like this should let these work: ipchains -A input -p udp -s 0/0 6969:7171 -d 0/0 1024: -j ACCEPT ipchains -A input -p tcp -s 0/0 554 -d 0/0 1024: -j ACCEPT ipchains -A input -p tcp -s 0/0 7070 -d 0/0 1024: -j ACCEPT ipchains -A output -p tcp -d 0/0 554 -j ACCEPT ipchains -A output -p tcp -d 0/0 7070 -j ACCEPT Note this is only for the 2.2.x with ipchains. This info can be obtained from their website under the support sec. HTH, Bill Van Devender
