On 18:11:37 Dec 01, Narendran wrote: > Presently I have need to build up a Linux NAT box, over which I could be > able to run almost all common application including FTP, peer-to-peer > application (voice and video chatting) etc. Now I do something like > this: if a particular application is failing, I trying to add the > correspoding ip_nat modules. Say a SIP based application fails, I add > nf_nat_sip and nf_conntrack_sip. > What I want know is there some systematic way of doing this which would > comprehensively take of all classes applications?
Protocols like SIP, FTP, RTP and other broken protocols that negotiate port numbers in the payload (this includes all of RPC protocols including NFS of course) need special handling in the firewall/NAT box. I dunno a thing about linux firewalling but it is really really messy... -Girish _______________________________________________ To unsubscribe, email [EMAIL PROTECTED] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
