Simon, the question I have with the GK requesting a TCP connection from the endpoint is that unless the router has h.323 spying activated (kernel modules for h.323 connection tracking), how will this dynamically-negotiated TCP port pass through the firewall before the endpoint? I am *not* willing to forward ports 1k to 64k through a firewall to the computer on which an endpoint is running. I am willing to let a limited and well-calculated number of ports through to the computer via port-forwarding, no more than necessary. It is my desire to eventually use h.323 connection tracking in a Linux firewall and only open up pinholes in the firewall, one by one, automatically, as negotiated between GK and EP. However, with reference to http://max.kellermann.name/projects/netfilter/h323.html I only see H.323, H.225, H.245 protocols as being spied upon, so I don't know if h323-conntrack-nat, which is now integrated into all modern Linux kernels, will spy on H.460 negotiations - or even if it is necessary to spy on H.460 to open up the required pinholes ? My application is secure telecom for a small, non-profit organization, striving to improve the the present and future conditions of mankind. I have to figure out all the technical complications by myself in my spare time, hopefully with a bit of help from the h.323 community. Earl Simon Horne wrote: > The TCP Listening port is redundant and has no effect with H.460.18/.19 as > the gatekeeper will request a TCP connection from the endpoint when a call > comes in. [snip] > > Simon > > -----Original Message----- > From: Earl [mailto:Large.Files@xxxxxxx] > Sent: Saturday, 21 November 2009 5:12 AM > To: GNU Gatekeeper Users > Subject: Re: Test Gatekeeper for 2.3.1 RC1 online > > [snip] > > strange: > the TCP listening port configuration in Pacphone can be changed to any port > and registration will take place. ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
