Paul wrote:
They are probably doing something like making a new connection back to your box, to a specific port. The problem is knowing the port. You can look in the firewall logs to see what port is getting rejected, and forward that port to the same port on the Windows machine. It is hard to write a rule without knowing the port. And because it is a new connection, and not a responce on a connection you have opened, the firewall does not know what to do with it. You would think they would have instructions for using it with hardware firewalls. That would tell you the port numbers. I guess you could just forward all incomming connections from their IP address to the Windows machine...Hi all,
I am trying to send in my tax-stuff through the internet. Unfortunately the program is for ms-windose. That is running on an old spare machine which connects to the internet through my linux machine. I have an iptables firewall running. Regular http-calls and so on run through the firewall without a problem. But the (dutch) tax-program complains that it cannot connect because of a problem with 'windows sockets'. The recommended solution in the help-function is to temporarily shut down the firewall (right).
Is there someone here that can tell me how to make the tax-program communicate? Is there something special about iptables and windows sockets?
I already tried running the program with the firewall accepting just about anything (as long as forwarding is on):
$iptables -F FORWARD $iptables -F -t nat $iptables -P FORWARD DROP $iptables -A FORWARD -i eth0 -j ACCEPT $iptables -A INPUT -i eth0 -j ACCEPT $iptables -A OUTPUT -o eth0 -j ACCEPT $iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT $iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j MASQUERADE
$iptables -A OUTPUT -o eth1 -j ACCEPT $iptables -A INPUT -i eth1 -j ACCEPT
but that does not do it either.
Does anyone know?
Thanks in advance...
Paul
There is one other possibility - the program may be checking the IP address of the windows machie, and sending that information. If the remote site is trying to connect back to your local IP address, it will never work!
Mikkel
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
