/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting!
/* ALSO: Don't quote this header. It makes you look lame :-) */
Steve Sobka wrote:
> I was wondering if anyone could help me with the correct impasqadm line for a
> program called "clickit" (Part of a FREE web telephone service) which lets you
> make calls from your PC to any US phone for free??
>
> My Problem is:
>
> I can get the software to dial, and the person at the other end can hear me,
> but I cannot hear anything they say???
>
> I am running RedHat 6.2 using the DRanch secure firewall script. I was
> reading on their website about firewall ports, but I am not sure how to enter
> them into the script properly? Here is the information from their website.
>
> ---------
> SOURCE DESTINATION
> Local High port (ex. 3325) -> TCP 12053
> Local High port (ex. 3325) <- TCP 12053
>
> Local High port (ex. 3328) -> TCP 12083
> Local High port (ex. 3328) <- TCP 12083
>
> UDP 12122, 24150 - 24179 <- -> UDP 12122, 24150 - 24179
>
> UDP 12120 <- -> UDP 12080
> ---------
>
> Now I am not sure how to convert this information into the Ipmasqadm
> commandline?
>
> Any help would be appreciated... I tried doing a search on DEJA for: +linux
> +deltathree and found nothing, I also searched the MASQ Archives, and the MASQ
> Apps list and found nothing about this program? So I am kinda stuck?
it'll be something like:
for incoming clickit:
ipchains -A input -i $extif -p tcp -s $extnet 1024: -d $intnet 12053 -j ACCEPT
ipchains -A output -i $extif -p tcp -s $intnet 12053 -d $extnet 1024: ! -y -j ACCEPT
ipchains -A input -i $extif -p tcp -s $extnet 1024: -d $intnet 12083 -j ACCEPT
ipchains -A output -i $extif -p tcp -s $intnet 12083 -d $extnet 1024: ! -y -j ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 12122 -d $intnet 12122 -j ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 12122 -d $extnet 12122 -j ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 24150:24179 -d $intnet 24150:24179 -j
ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 24150:24179 -d $extnet 24150:24179 -j
ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 12120 -d $intnet 12080 -j ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 12080 -d $extnet 12120 -j ACCEPT
for outgoing clickit:
ipchains -A output -i $extif -p tcp -s $intnet 1024:4999 -d $extnet 12053: -j ACCEPT
ipchains -A input -i $extif -p tcp -s $extnet 12053 -d $intnet 1024:4999 ! -y -j
ACCEPT
ipchains -A output -i $extif -p tcp -s $intnet 1024:4999 -d $extnet 12083 -j ACCEPT
ipchains -A input -i $extif -p tcp -s $extnet 12083 -d $intnet 1024:4999 ! -y -j
ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 12122 -d $extnet 12122 -j ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 12122 -d $intnet 12122 -j ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 24150:24179 -d $extnet 24150:24179 -j
ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 24150:24179 -d $intnet 24150:24179 -j
ACCEPT
ipchains -A output -i $extif -p udp -s $intnet 12080 -d $extnet 12120 -j ACCEPT
ipchains -A input -i $extif -p udp -s $extnet 12120 -d $intnet 12080 -j ACCEPT
where:
$extif = the external network interface
$intnet = the internal network (or just the internal host engaged in clickit)
$extnet = the external network (or just the external host engaged in clickit)
note:
the udp parts are identical for incoming and outgoing clickit connections.
this assumes that the source and destination ports for udp are the same.
good luck,
raf
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ --
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]
PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.
