IPTABLES full DMZ

Igor Guarisma iguarism at yahoo.com
Fri Jul 22 14:43:16 UTC 2005 

You just could put a switch between ADSL and the linux
box, so you conect the VIP to the switch directly to
the internet, unless you want to manage traffic from
the linux box, you could made a bridge between eth1
and eth2 an manage traffic with iptables and ebtables.

If you want to know what ports are open on your VIP
you could use a port snanner like nmap and/or a
sniffer to detect which ports get connections when a
call comes in or out.


 --- Javier Robles <linuxsl at slotsmachines.com.ar>
escribió:

> Hi Thomas
> iam try explain my network layout
> 
> ADSL ----> ETH1 --->  LINUX Router (redhat 9)
>                                          ETH0 --->
> 16-port Fast Ethernet 
> Switch ----> All my internal PC´s
>                                          ETH2 ---> 
> VIP-400 (Planet VOIP 
> Gateway)
> 
> When i mail to PLANET to ask for the TCP/UDP port
> use the VIP-400 they 
> sendme these:
> Model:     TCP port Used               UDP ports
> used 
> Additional UDP port used if GK is involved
> VIP-400    1024-5000        rtp_port_base  - 
> rtp_port_base +11 
> 1024
>                                                    
> for default value is 
> 30000
> 
> i need make  the VIP have full acces to the intenet
> and from internet, 
> (sorry for my bad inglish)
> 
> Thanks for your help!
> 
> 
> 
> ----- Original Message ----- 
> From: "Thomas Cameron"
> <thomas.cameron at camerontech.com>
> To: "For users of Fedora Core releases"
> <fedora-list at redhat.com>
> Sent: Thursday, July 21, 2005 5:36 PM
> Subject: Re: IPTABLES full DMZ
> 
> 
> >> Hello, first iam sorry for my bad inglish.
> >>
> >>     I need some help, iam try connect a VIP-400
> VOIP from PLANET, in my
> >> network but i cant make a good DMZ in my
> iptables, dont work, some
> >> help please.
> >>
> >> Javier Robles
> >> Argentina
> >
> > Hi Javier -
> >
> > You're asking a very broad question, it's hard to
> answer clearly.  What do
> > you mean by "DMZ?"  Normally this is an area where
> there is access to a
> > computer from the Internet.  There are a number of
> ways to accomplish this
> > - opening ports through the firewall, port
> forwarding, etc.  It's really
> > dependant upon how your network is set up.
> >
> > Can you give a little more information on how your
> network is set up so we
> > can make recommendations?
> >
> > Thomas
> >
> > -- 
> > fedora-list mailing list
> > fedora-list at redhat.com
> > To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list 
> 
> -- 
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
> 


-----

Mazin...go!!!
Mazinkaiza...go!!!
Visit http://mazingo.cjb.net  for episodes ONLINE!!!
Visit #mechaworld @ irc.mircx.com to talk and download!!!
irc://irc.mircx.com/MechaWorld

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis! 
Regístrate ya - http://correo.espanol.yahoo.com/

More information about the fedora-list mailing list