Firewall configuration for gnomemeeting
Jack Bowling
jbinpg at shaw.ca
Thu Jul 8 20:08:49 UTC 2004
On Thu, Jul 08, 2004 at 02:51:29PM -0500, Jeff Vian wrote:
> On Thu, 2004-07-08 at 13:41, Colin Paul Adams wrote:
> > >>>>> "Pedro" == Pedro Fernandes Macedo <webmaster at margo.bijoux.nom.br> writes:
> >
> > >>
> > Pedro> Then she can use netmeeting (comes with windows , at least
> > Pedro> in windows xp) and you use gnomemeeting.. If you have a
> > Pedro> firewall , you'll need to punch a few holes through
> > Pedro> it... (I say few , but one of them is huge.. It means
> > Pedro> opening udp ports from 5000 to 65000)
> >
> > You ARE joking aren't you? That's 60,000 ports!
> > It would take me a year to type all that lot in!
> > Isn't there a way to limit which ports it uses?
> > --
> > Colin Paul Adams
> > Preston Lancashire
> >
>
> Pedro,
> Why do you need that much open?.
> Iptables, with using statefull rules allows established/related ports to
> be opened. Would not the other port(s) be related to the initial
> contact port and thus fit these rules?
>
> An example of what I mean is ftp. Control connection is on port 21, and
> I do not need to list the data port as it is "related" so it is
> automatically allowed. It seems netmeeting or gnomemeeting should work
> similarly. I have not tried this but it seems logical.
The L7 match filters are the best bet for handling p2p packets. Check for
the latest revs on freshmeat.net
--
Jack Bowling
mailto: jbinpg at shaw.ca
More information about the fedora-list
mailing list