On Tue, Dec 2, 2008 at 10:54 AM, Girish Venkatachalam < [EMAIL PROTECTED]> wrote: > > Protocols like SIP, FTP, RTP and other broken protocols that negotiate > port numbers in the payload (this includes all of RPC protocols > including NFS of course) need special handling in the firewall/NAT box. > > I dunno a thing about linux firewalling but it is really really messy...
IPTables has NAT helpers or ALGs for precisely these reasons. It is easy to do and there is no need to think of it as messy. One needs some time and resolve, thats it. In case you want a packaged distro for the edge that does this and a lot more, look at Untangle. Mohan _______________________________________________ To unsubscribe, email [EMAIL PROTECTED] with "unsubscribe <password> <address>" in the subject or body of the message. http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
