On Mon, 2003-04-28 at 01:35, Patrick Kwan wrote: > Hello, > > I'm using iptables NAT to allow lan client to access internet. > if i patch my kernel with netfilter's POM and load the required > H323 modules. > > I want to confirm if h323 modules also allow "Incoming connection" > to Netmeeting in internal lan client? If you're talking about a new connection being initiated, then it's the same as with any other NAT situation - you have to explicitly DNAT new incoming connections to a local IP if you want them to reach a particular target. Otherwise they will end up in the INPUT chain, destined for the firewall/nat box itself. As long as you only need incoming NEW state connections to reach a single client, just add a DNAT rule to nat PREROUTING to handle them. If you need multiple internal clients to be able to receive NEW connections from outside the network, you have a problem. (however, you would anyway, regardless of firewall/NAT solution - this is a limit imposed by the nature of NAT itself, not netfilter) > Please clarify me. (already search the past thread) > Many thanks your advices. > > Patrick j
