On Mon, 2007-11-26 at 13:27 +0800, Wilson Kwok wrote: > Sorry Tom, I sent the dump file to support again.
Wilson,
Are you certain that the Video conferencing software that you are using
is compatible with NAT? Is there English Language documentation about
this software?
In the dump, I see the following:
Chain eth1_in (1 references)
pkts bytes target prot opt in out source destination
1 92 DNAT all -- * * 0.0.0.0/0 w.x.y.114
to:192.168.0.103
0 0 DNAT all -- * * 0.0.0.0/0 w.x.y.115
to:192.168.0.2
1 48 DNAT all -- * * 0.0.0.0/0 w.x.y.116
to:192.168.0.18
So one connection request to w.x.y.116 was made (Good).
I also see:
tcp 6 431993 ESTABLISHED src=p.q.r.79 dst=w.x.y.116 sport=1640 dport=3000
packets=119 bytes=6682 src=192.168.0.18 dst=p.q.r.79 sport=3000 dport=1640
packets=72 bytes=16950 [ASSURED] use=1
That means that your home system (p.q.r.79) has established a connection
to the server (w.x.y.116) on port 3000.
So the initial connection is being made and I don't see any other failed
connection attempts. So it may be the case that the server is inviting
the client to open another connection on a dynamic port but because the
server is NATed, it is inviting the client to connect to 192.168.0.18
(the server's real IP).
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
