H323

H323

[Jeffrey J. Karrels]

Hello,

I am trying to get Netmeeting/Remote Desktop Sharing to work.  I have
2.4.20-30.9 kernel and am running iptables-1.2.9.  I have patched the kernel
with the only the H323 patch.  I opened up the 1720 and 1503 ports.  I get
the following message in my syslog when I try to open up an connection from
the outside going in:

H.323_NAT: partial packet 0/6 in 0/0

I have seen this in the mailing list a couple of times, I was wondering if
anyone knew anything about it? Any suggestions?  Am I missing something?

Thank you
-Jeff

h323

[Michael Fernández M.]

Hi....

Someone have h323 modules (netfilter) working on Debian Sarge (Kernel
2.4.27)... i need these modules but i`m not sure about how to patch the
kernel... 

There is a good document that explain the process?

Thanks a lot!!!!

Michael.-

RE: h323

[George Vieira]

[-- Attachment #1: Type: text/plain, Size: 1952 bytes --]

        insmod ip_nat_h323
        insmod ip_conntrack_h323
 
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 389    -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 522    -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 1503   -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 1720   -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 1731   -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 8080   -j DNAT --to 192.168.0.1         # H323
        $IPTABLES -t nat -A PREROUTING -i $EXTDEV -p tcp --dport 1469   -j DNAT --to 192.168.0.1         # H323aud
 
 
 

Thanks,

 
____________________________________________
George Vieira
Citadel Computer Systems Pty Ltd Systems Manager georgev AT citadelcomputer DOT com DOT au 
Citadel Computer Systems Pty Ltd
Phone : +61 2 9955 2644 HelpDesk: +61 2 9955 2698  <http://www.citadelcomputer.com.au/> http://www.citadelcomputer.com.au
 
 
-----Original Message-----
From: Sundaram Ramasamy [mailto:sun@percipia.com]
Sent: Friday, August 15, 2003 11:35 PM
To: George Vieira; dalive@flashmail.com; netfilter@lists.netfilter.org
Cc: Morrison, Trevor (Trevor)
Subject: Re: h323


Can you post your iptables rules for this?

----- Original Message ----- 
From: George Vieira <mailto:georgev@citadelcomputer.com.au>  
To: dalive@flashmail.com ; netfilter@lists.netfilter.org 
Cc: Morrison, Trevor (Trevor) <mailto:tmorrison@avaya.com>  
Sent: Tuesday, August 12, 2003 6:48 AM
Subject: RE: h323

Just use the H323 patch in p-o-m... I use it and it works fine for me..
I don't know what this gatekeeper is.. but it's not needed if you can successfully patch in the pom module.


[-- Attachment #2: Type: text/html, Size: 7254 bytes --]

h323

[Morrison, Trevor (Trevor)]

[-- Attachment #1: Type: text/plain, Size: 979 bytes --]

Hi,

I have a RH 9.0 box running iptables-1.2.8 and a 2.4.20 kernel with the h323 patch applied and recompiled.  My network looks like this:

				    dhcp from ISP
Win 2000 box <--------------------------->RH 9.0 Box<---------------------->Internet
192.168.1.0/24				NAT       12.207.X.X/32


I have searched the archives back to September of last year trying to find what rules I need to apply to my iptables to allow h323 traffic through my NAT'd box.  I am now more confused then before because the threads mentioned something about a gatekeeper that I need to run on a NAT box?

What I am looking for is what are the rules that I need to put into my filter file and what other programs or procedures do I need to add to that I have the full features and functionality of Microsoft's Net Meeting from my Win 2k box.  

Thanks in Advance and sorry for bring this subject up again but I could not find the information in the previous threads.

Trevor Morrison


[-- Attachment #2: Type: text/html, Size: 2030 bytes --]

Re: h323

[DALive Editor]

[-- Attachment #1: Type: text/plain, Size: 1395 bytes --]

Hello to this mailinglist,

I'd also really like an awnser to the question bellow about H323, you 
have no idea how long I've toiled unsuccessfully. What is this about a 
patch? And I've read a little about the gatekeeper, could someone cluse 
me in further?

Thanks alot - I'd given up hope


Morrison, Trevor (Trevor) wrote:

> Hi,
>
> I have a RH 9.0 box running iptables-1.2.8 and a 2.4.20 kernel with 
> the h323 patch applied and recompiled.  My network looks like this:
>
>                                     dhcp from ISP
> Win 2000 box <--------------------------->RH 9.0 
> Box<---------------------->Internet
> 192.168.1.0/24                          NAT       12.207.X.X/32
>
>
> I have searched the archives back to September of last year trying to 
> find what rules I need to apply to my iptables to allow h323 traffic 
> through my NAT'd box.  I am now more confused then before because the 
> threads mentioned something about a gatekeeper that I need to run on a 
> NAT box?
>
> What I am looking for is what are the rules that I need to put into my 
> filter file and what other programs or procedures do I need to add to 
> that I have the full features and functionality of Microsoft's Net 
> Meeting from my Win 2k box. 
>
> Thanks in Advance and sorry for bring this subject up again but I 
> could not find the information in the previous threads.
>
> Trevor Morrison
>

[-- Attachment #2: Type: text/html, Size: 2644 bytes --]

RE: h323

[George Vieira]

[-- Attachment #1: Type: text/plain, Size: 1797 bytes --]

Just use the H323 patch in p-o-m... I use it and it works fine for me..
I don't know what this gatekeeper is.. but it's not needed if you can
successfully patch in the pom module.

-----Original Message-----
From: netfilter-admin@lists.netfilter.org
[mailto:netfilter-admin@lists.netfilter.org]On Behalf Of DALive Editor
Sent: Tuesday, August 12, 2003 6:47 AM
To: netfilter@lists.netfilter.org
Cc: Morrison, Trevor (Trevor)
Subject: Re: h323


Hello to this mailinglist,

I'd also really like an awnser to the question bellow about H323, you have
no idea how long I've toiled unsuccessfully. What is this about a patch? And
I've read a little about the gatekeeper, could someone cluse me in further?

Thanks alot - I'd given up hope


Morrison, Trevor (Trevor) wrote:

  Hi,

  I have a RH 9.0 box running iptables-1.2.8 and a 2.4.20 kernel with the
h323 patch applied and recompiled.  My network looks like this:

                                      dhcp from ISP
  Win 2000 box <--------------------------->RH 9.0
Box<---------------------->Internet
  192.168.1.0/24                          NAT       12.207.X.X/32



  I have searched the archives back to September of last year trying to find
what rules I need to apply to my iptables to allow h323 traffic through my
NAT'd box.  I am now more confused then before because the threads mentioned
something about a gatekeeper that I need to run on a NAT box?

  What I am looking for is what are the rules that I need to put into my
filter file and what other programs or procedures do I need to add to that I
have the full features and functionality of Microsoft's Net Meeting from my
Win 2k box.

  Thanks in Advance and sorry for bring this subject up again but I could
not find the information in the previous threads.

  Trevor Morrison

[-- Attachment #2: Type: text/html, Size: 3509 bytes --]

Re: h323

[Sundaram Ramasamy]

[-- Attachment #1: Type: text/plain, Size: 2148 bytes --]

Can you post your iptables rules for this?
  ----- Original Message ----- 
  From: George Vieira 
  To: dalive@flashmail.com ; netfilter@lists.netfilter.org 
  Cc: Morrison, Trevor (Trevor) 
  Sent: Tuesday, August 12, 2003 6:48 AM
  Subject: RE: h323


  Just use the H323 patch in p-o-m... I use it and it works fine for me..
  I don't know what this gatekeeper is.. but it's not needed if you can successfully patch in the pom module.

  -----Original Message-----
  From: netfilter-admin@lists.netfilter.org [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of DALive Editor
  Sent: Tuesday, August 12, 2003 6:47 AM
  To: netfilter@lists.netfilter.org
  Cc: Morrison, Trevor (Trevor)
  Subject: Re: h323


  Hello to this mailinglist, 

  I'd also really like an awnser to the question bellow about H323, you have no idea how long I've toiled unsuccessfully. What is this about a patch? And I've read a little about the gatekeeper, could someone cluse me in further? 

  Thanks alot - I'd given up hope


  Morrison, Trevor (Trevor) wrote:

    Hi, 

    I have a RH 9.0 box running iptables-1.2.8 and a 2.4.20 kernel with the h323 patch applied and recompiled.  My network looks like this:

                                        dhcp from ISP 
    Win 2000 box <--------------------------->RH 9.0 Box<---------------------->Internet 
    192.168.1.0/24                          NAT       12.207.X.X/32 



    I have searched the archives back to September of last year trying to find what rules I need to apply to my iptables to allow h323 traffic through my NAT'd box.  I am now more confused then before because the threads mentioned something about a gatekeeper that I need to run on a NAT box?

    What I am looking for is what are the rules that I need to put into my filter file and what other programs or procedures do I need to add to that I have the full features and functionality of Microsoft's Net Meeting from my Win 2k box.  

    Thanks in Advance and sorry for bring this subject up again but I could not find the information in the previous threads.

    Trevor Morrison 

[-- Attachment #2: Type: text/html, Size: 4853 bytes --]

Re: h323

[Scott van Looy]

You'll need to be happy building your own custom redhat kernel -

install from source patch-o-matic, adding the h323 patch
recompile kernel, then boot into kernel
install from source iptables

then make sure your modules are loaded
/sbin/modprobe -k ip_nat_h323
/sbin/modprobe -k ip_conntrack_h323

open ports 1503 and 1720 (389 and 522 if you want to use ils)

and it should just work!

Today Sundaram Ramasamy did spake thusly:

> Can you post your iptables rules for this?
>   ----- Original Message -----
>   From: George Vieira
>   To: dalive@flashmail.com ; netfilter@lists.netfilter.org
>   Cc: Morrison, Trevor (Trevor)
>   Sent: Tuesday, August 12, 2003 6:48 AM
>   Subject: RE: h323
>
>
>   Just use the H323 patch in p-o-m... I use it and it works fine for me..
>   I don't know what this gatekeeper is.. but it's not needed if you can successfully patch in the pom module.
>
>   -----Original Message-----
>   From: netfilter-admin@lists.netfilter.org [mailto:netfilter-admin@lists.netfilter.org]On Behalf Of DALive Editor
>   Sent: Tuesday, August 12, 2003 6:47 AM
>   To: netfilter@lists.netfilter.org
>   Cc: Morrison, Trevor (Trevor)
>   Subject: Re: h323
>
>
>   Hello to this mailinglist,
>
>   I'd also really like an awnser to the question bellow about H323, you have no idea how long I've toiled unsuccessfully. What is this about a patch? And I've read a little about the gatekeeper, could someone cluse me in further?
>
>   Thanks alot - I'd given up hope
>
>
>   Morrison, Trevor (Trevor) wrote:
>
>     Hi,
>
>     I have a RH 9.0 box running iptables-1.2.8 and a 2.4.20 kernel with the h323 patch applied and recompiled.  My network looks like this:
>
>                                         dhcp from ISP
>     Win 2000 box <--------------------------->RH 9.0 Box<---------------------->Internet
>     192.168.1.0/24                          NAT       12.207.X.X/32
>
>
>
>     I have searched the archives back to September of last year trying to find what rules I need to apply to my iptables to allow h323 traffic through my NAT'd box.  I am now more confused then before because the threads mentioned something about a gatekeeper that I need to run on a NAT box?
>
>     What I am looking for is what are the rules that I need to put into my filter file and what other programs or procedures do I need to add to that I have the full features and functionality of Microsoft's Net Meeting from my Win 2k box.
>
>     Thanks in Advance and sorry for bring this subject up again but I could not find the information in the previous threads.
>
>     Trevor Morrison
>

-- 
Scott van Looy - email:me@ethosuk.org.uk | web:www.ethosuk.org.uk
PGP Fingerprint: 7180 5543 C6C4 747B 7E74  802C 7CF9 E526 44D9 D4A7
      -------------------------------------------
      |/// /// /// /// WIDE LOAD /// /// /// ///|
      -------------------------------------------

"Irrigation of the land with sewater desalinated by fusion power is ancient.
It's called 'rain'."
-- Michael McClary, in alt.fusion

H323

[gold gold]

Hello everybody,



     I've already asked this question before, but here it is again:



How do I enable my masqueraded Windows machine to use MSN's audio/video 
conversation? I've been told to load the "H323" module and do some 
"patch-o-matic stuff" (??), but I don't really know alot about these 
stuff... could someone please give me detailed step-by-step instructions on 
how to do that? I would really appreciate this. Thanks a lot.

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

Re: H323

[Emanoil Kotsev]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

In general it is not so hard to apply and activate the H.323 patch.
you have to
1) download iptables, download POM(patch-o-matic) for the proper version of 
iptables i think
2) have the kernel source of course 
3) untar&unzip everything (I have done this in /usr/src)
than
4) I do a backup of my compiled kernel directory and than start making all the 
rest to avoid recompiling everything 
5) apply the patches (there is info how to do this in POM itself and you don't 
need to apply patches that you won't use and know - try first only the H.323 
patch)
6) reconfigure your kernel and enable H.323 (networking options => ip 
netfilter configuration)
7) (re)make your new kernel
8) change into iptables dir and make "make KERNEL_DIR= ... " path to your 
kernel 
make install
9) enable your kernel (ex. make install, make modules_install - change lilo, 
grub, boot, make initrd or anything you use)
IMPORTANT TIP
10) Be sure to have a rescue floppy or entry in the bootloader for the old 
kernel to be able to boot your old configuration in case of failure
- --------------
If it's just you staying behind a firewall and useing  netmeeting and you have 
rights to manage the firewall, you can forward the ports (1720 and few 
others) to your windows machine (google tells you how)

best regards and good luck

On Saturday 19 July 2003 09:08, gold gold wrote:
> Hello everybody,
>
>
>
>      I've already asked this question before, but here it is again:
>
>
>
> How do I enable my masqueraded Windows machine to use MSN's audio/video
> conversation? I've been told to load the "H323" module and do some
> "patch-o-matic stuff" (??), but I don't really know alot about these
> stuff... could someone please give me detailed step-by-step instructions on
> how to do that? I would really appreciate this. Thanks a lot.
>
> _________________________________________________________________
> The new MSN 8: smart spam protection and 2 months FREE*
> http://join.msn.com/?page=features/junkmail

- -- 
//----------------------
||
|| Emanoil Kotsev       
||
|| tel. 0043 1 9253175
||
\\--- penguin friendly--
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/Gl0xMdng4VCsE9oRAsEiAJ0d3yV9oMkvPW681sqQrZfX6pcSbwCgvFfQ
KEw1uuBn/Y4HSb3AY5A5+kQ=
=I0tH
-----END PGP SIGNATURE-----

h323

[Esteban Ribicic]

hi,

ive got a network masqueraded by iptables to internet.
my clients (the one who are masqueraded) ask me for neetmeting and h323
stuff that does not work....does the h323 module for iptables permit
such transmissions?

or should i try to set a h323gatekeeper on the firewall?
thanks

esteban

Re: h323

[Rasmus Bøg Hansen]

On 13 Feb 2003, Esteban Ribicic wrote:

> ive got a network masqueraded by iptables to internet.
> my clients (the one who are masqueraded) ask me for neetmeting and h323
> stuff that does not work....does the h323 module for iptables permit
> such transmissions?

H.323 (including netmeeting) will work fine with the H323 modules.

You cannot, however, use call servers (I don't remember, what they're
called) along with NAT.

/Rasmus

-- 
-- [ Rasmus "Møffe" Bøg Hansen ] ---------------------------------------
"Microsoft spel chekar worgs grate!"
----------------------------------[ moffe at amagerkollegiet dot dk ] --

Re: forward traffic web to squid server

[Joel Newkirk]

On Wednesday 12 February 2003 05:24 pm, Linux User wrote:
> Hi friends,
>
> In my server RedHat-8.0, I have installed script-firewall with
> iptables, this firewall-server has connection to Internet and the
> users of the internal network correctly work, now my restlessness is
> in which I have installed a squid server in the internal network but
> that simultaneously this connected by another network to a server with
> line ADSL to Internet, my question is as I can configure my firewall
> to forward all traffic web to my squid server that this in the
> internal network?

You can use a nat PREROUTING rule to DNAT all HTTP traffic to the squid 
box, then out its internet connection (if so configured), and the rest 
of the traffic will go out the internet connection on the firewall box.  
HOWEVER:

1 - you must also SNAT the traffic that goes to the squid server in nat 
POSTROUTING to ensure that return traffic comes back to the firewall box 
from the squid server, NOT directly to the clients.

2 - hopefully HTTP is the only connections the squid box will accept 
and/or forward, otherwise your firewall covers the front of the internal 
network while leaving its butt exposed...

The rules you'd need are:

/sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT
--to 192.168.100.254
/sbin/iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 192.168.100.254
-j SNAT --to 192.168.100.1

plus appropriate FORWARD rules, which you may already have in place.

j

> __________
>
> |Internet |
> |
> |_________|
>
> ___|____200.37.245.159
>
> |Server |
> |with   |
> | ADSL  |
> |_______|192.168.105.1
>
> __|____
>
> |Squid  |192.168.105.2
> |Server |
> |_______|
> |
>    |192.168.100.254
>    |
>    |___________________________INTERNAL NETWORK
>
> ___|_____
>
> |Firewall|192.168.100.1
> |Server  |___________________________INTERNET
> |_______ |
>
> I can configure my firewall to forward all traffic web to my squid
> server that this in the internal network?
>
>
> THANKS
> Joseph
>
>
> _________________________________________________________________
> Charla con tus amigos en línea mediante MSN Messenger:
> http://messenger.yupimsn.com/

H323

[Dhyanesh Ramaiya]

Greetings,

I am running Redhat 7.3 with Linux kernel 2.4.20 with H323 applied (compiled
in the kernel). However, I am still not able to get netmeeting working over
the NAT server. Is there any detailed documentation that I could refer to?
Also, is there any way I could get MSN voice chat and file transfers to work
over NAT firewall? I am running iptables-1.2.6a-2 on my NAT firewall. I have
a rule in my firewall script that is SNAT-ting all the internal traffic to
the IP address of the ethernet card connected to the Internet.

Please assist.

Thank you very much.

Dhyanesh Ramaiya
dhyanesh@intafrica.com

Re: H323

[Eric Wood]

I think netfilter can do the job.  You'll need a gatekeeper to do this:

Here's a few:
OpenGK gatekeeper translates between user aliases and IP addresses. Makes
your life easier.
OpenH232Proxy is a gatekeeper with built in proxy feature. It enables the
routing through the gatekeeper of the RTP traffic (audio and video) and the
T.120 traffic (data) so no traffic is directly exchanged between endpoints.
(This one is not in the distro yet.)
OpenMCU H.323 conferencing server lets you hold virtual conferences. simply
connect to openmcu server instead of connecting to another gnomemeeting
client, and you are ready to go. If installed on a firewall (and visible
from both sides), openmcu can serve as a proxy.


I've got OpenH232Proxy sort of working for my cams.
http://openh323proxy.sourceforge.net/

-eric wood


----- Original Message -----
From: "Dhyanesh Ramaiya" <dhyanesh@intafrica.com>
To: <netfilter@lists.netfilter.org>
Sent: Tuesday, February 25, 2003 9:37 AM
Subject: H323


> Greetings,
>
> I am running Redhat 7.3 with Linux kernel 2.4.20 with H323 applied
(compiled
> in the kernel). However, I am still not able to get netmeeting working
over
> the NAT server. Is there any detailed documentation that I could refer to?
> Also, is there any way I could get MSN voice chat and file transfers to
work
> over NAT firewall? I am running iptables-1.2.6a-2 on my NAT firewall. I
have
> a rule in my firewall script that is SNAT-ting all the internal traffic to
> the IP address of the ethernet card connected to the Internet.
>
> Please assist.
>
> Thank you very much.
>
> Dhyanesh Ramaiya
> dhyanesh@intafrica.com
>

Re: H323

[Rasmus Reinholdt Nielsen]

Hi

Does anybody know I can use one of these gatekeepers / proxys as a 
transparent proxy for the msn messenger ip telephone client?


Thanks


/Rasmus

At 09:58 25-02-2003 -0500, Eric Wood wrote:
>I think netfilter can do the job.  You'll need a gatekeeper to do this:
>
>Here's a few:
>OpenGK gatekeeper translates between user aliases and IP addresses. Makes
>your life easier.
>OpenH232Proxy is a gatekeeper with built in proxy feature. It enables the
>routing through the gatekeeper of the RTP traffic (audio and video) and the
>T.120 traffic (data) so no traffic is directly exchanged between endpoints.
>(This one is not in the distro yet.)
>OpenMCU H.323 conferencing server lets you hold virtual conferences. simply
>connect to openmcu server instead of connecting to another gnomemeeting
>client, and you are ready to go. If installed on a firewall (and visible
>from both sides), openmcu can serve as a proxy.
>
>
>I've got OpenH232Proxy sort of working for my cams.
>http://openh323proxy.sourceforge.net/
>
>-eric wood
>
>
>----- Original Message -----
>From: "Dhyanesh Ramaiya" <dhyanesh@intafrica.com>
>To: <netfilter@lists.netfilter.org>
>Sent: Tuesday, February 25, 2003 9:37 AM
>Subject: H323
>
>
> > Greetings,
> >
> > I am running Redhat 7.3 with Linux kernel 2.4.20 with H323 applied
>(compiled
> > in the kernel). However, I am still not able to get netmeeting working
>over
> > the NAT server. Is there any detailed documentation that I could refer to?
> > Also, is there any way I could get MSN voice chat and file transfers to
>work
> > over NAT firewall? I am running iptables-1.2.6a-2 on my NAT firewall. I
>have
> > a rule in my firewall script that is SNAT-ting all the internal traffic to
> > the IP address of the ethernet card connected to the Internet.
> >
> > Please assist.
> >
> > Thank you very much.
> >
> > Dhyanesh Ramaiya
> > dhyanesh@intafrica.com
> >

Re: H323

[Rasmus Bøg Hansen]

On Sun, 2 Mar 2003, Rasmus Reinholdt Nielsen wrote:

> Does anybody know I can use one of these gatekeepers / proxys as a
> transparent proxy for the msn messenger ip telephone client?

MSN telephoy does not use H.323 and therefore is not supported by
iptables.

IIRC MSN messenger can be configured to use a socks proxy like dante
(http://www.inet.no/dante/).

/Rasmus

-- 
-- [ Rasmus "Møffe" Bøg Hansen ] ---------------------------------------
A wizard is never late, nor is he too early.
He arrives precisely when he wants to
                                  -- Gandalf
----------------------------------[ moffe at amagerkollegiet dot dk ] --

H323

[Tim]

[-- Attachment #1: Type: text/plain, Size: 363 bytes --]

Hi, just wondering if anyone has the same problem.

Fresh copy of 2.4.19 and iptables 1.2.7a with patch-o-matic and used the z-newnat and h323 that comes with it.. fixed the newnat patch which couldn't load. add 2 lines to a ip_conntrack.h file and it worked fine. We send audio fine but can't receive it.. possibly the same problem with video too...

Tim


[-- Attachment #2: Type: text/html, Size: 826 bytes --]

h323

[Mattia Martinello]

Hi

I am on a LAN which access to the Internet with a NAT on a gateway Linux 
server configured with iptables.
How I can use on a client inside the LAN a program which uses h323 
protocol, for example Microsoft Netmeeting? I wish to correctly use 
text, audio and video features of Netmeeting, and I wish to call and to 
be called.

How I can configure the firewall on the gateway server?
I rememeber that for ipchains there was an h323 module. There is 
anything for iptables too?

Thank you very much
Bye
Mattia Martinello
m.martinello@iol.it

Re: h323

[Toshihiro Sonoda]

Iptables has h323 modules, too.
You have to apply kernel-patch of patch-o-matic.
 But, I think h323 modules is not perfect...


> Hi
> 
> I am on a LAN which access to the Internet with a NAT on a gateway Linux 
> server configured with iptables.
> How I can use on a client inside the LAN a program which uses h323 
> protocol, for example Microsoft Netmeeting? I wish to correctly use 
> text, audio and video features of Netmeeting, and I wish to call and to 
> be called.
> 
> How I can configure the firewall on the gateway server?
> I rememeber that for ipchains there was an h323 module. There is 
> anything for iptables too?
> 
> Thank you very much
> Bye
> Mattia Martinello
> m.martinello@iol.it
> 
> 
> 
> 

Re: h323

[Diego R. Rodriguez Herlein]

Hi, 
sorry about my english.
I use kernel 2.4.17 with the newnat patch and h323 work great !
Regards,

Diego


----- Original Message ----- 
From: "Mattia Martinello" <m.martinello@iol.it>
To: <netfilter@lists.netfilter.org>
Sent: Sunday, September 22, 2002 2:00 PM
Subject: h323


> Hi
> 
> I am on a LAN which access to the Internet with a NAT on a gateway Linux 
> server configured with iptables.
> How I can use on a client inside the LAN a program which uses h323 
> protocol, for example Microsoft Netmeeting? I wish to correctly use 
> text, audio and video features of Netmeeting, and I wish to call and to 
> be called.
> 
> How I can configure the firewall on the gateway server?
> I rememeber that for ipchains there was an h323 module. There is 
> anything for iptables too?
> 
> Thank you very much
> Bye
> Mattia Martinello
> m.martinello@iol.it
> 
> 
> 

Re: h323

[Toshihiro Sonoda]

Hi, Diego.

I have questions.
does the new nat patch have h.225ras, or ldap for NAT problems.
before, when i applied the h.323 patch, the patchs
have a part of h.323, but not h.225.
Is that ok?

Can you use ILS server, or Gatekeeper?


> Hi, 
> sorry about my english.
> I use kernel 2.4.17 with the newnat patch and h323 work great !
> Regards,
> 
> Diego
> 
> 
> ----- Original Message ----- 
> From: "Mattia Martinello" <m.martinello@iol.it>
> To: <netfilter@lists.netfilter.org>
> Sent: Sunday, September 22, 2002 2:00 PM
> Subject: h323
> 
> 
> > Hi
> > 
> > I am on a LAN which access to the Internet with a NAT on a gateway Linux 
> > server configured with iptables.
> > How I can use on a client inside the LAN a program which uses h323 
> > protocol, for example Microsoft Netmeeting? I wish to correctly use 
> > text, audio and video features of Netmeeting, and I wish to call and to 
> > be called.
> > 
> > How I can configure the firewall on the gateway server?
> > I rememeber that for ipchains there was an h323 module. There is 
> > anything for iptables too?
> > 
> > Thank you very much
> > Bye
> > Mattia Martinello
> > m.martinello@iol.it
> > 
> > 
> > 
> 
> 

Re: h323

[Jozsef Kadlecsik]

On Mon, 23 Sep 2002, Toshihiro Sonoda wrote:

> does the new nat patch have h.225ras, or ldap for NAT problems.

The h323 patch does not support RAS.

> before, when i applied the h.323 patch, the patchs
> have a part of h.323, but not h.225.
> Is that ok?

Yes, that's OK.

> Can you use ILS server, or Gatekeeper?

The h323 patch does not support gatekeepers.

Regards,
Jozsef
-
E-mail  : kadlec@blackhole.kfki.hu, kadlec@sunserv.kfki.hu
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : KFKI Research Institute for Particle and Nuclear Physics
          H-1525 Budapest 114, POB. 49, Hungary

H323

[j-michel.caricand]

[-- Attachment #1: Type: text/plain, Size: 432 bytes --]

Hello, I am a serious problem this my gateway. I must apply the newnat/h323 patch for use netmetting. 
I have following the steps of the patch-o-matic DOC, but I can not apply the patch. 

I have kernel 2.4.18 installed.
I get all patches from CVS 
I follow your documentation to do that 

but ... 

Do you want to apply this patch [N/y/t/f/a/r/b/w/v/q/?] t
...
FAILED...
...

This very important for me ! HELP !!!


[-- Attachment #2: Type: text/html, Size: 1232 bytes --]