Sorry, ignore my ignorance.. missed the vital Subject line... What ports does this program use? Have you port forward it to your PC? Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au Phone : +61 2 9955 2644 HelpDesk: +61 2 9955 2698 -----Original Message----- From: George Vieira Sent: Tuesday, May 27, 2003 4:25 PM To: kaushalender shekhawet; netfilter@xxxxxxxxxxxxxxxxxxx Subject: RE: voicechat(yahoo messenger) Voice chat using what program.. I have a million chatting utilites.... Have you researched www.google.com for anything? Thanks, ____________________________________________ George Vieira Systems Manager Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: kaushalender shekhawet [mailto:kaushalenders@xxxxxxxxxxx] Sent: Tuesday, May 27, 2003 3:35 PM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: voicechat(yahoo messenger) Hi group, we have redhat 8 on which we are running iptables.We have problem that all user behind this are not able to voice chat.Plz help me on that These r the rules i am using #!/bin/sh export PATH="/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin" IPTABLES="/sbin/iptables" IFCONFIG="/sbin/ifconfig" # Delete and flush. Default table is "filter". Others like "nat" must be explicitly stated. /sbin/iptables --table nat --flush /sbin/iptables --delete-chain /sbin/iptables --table nat --delete-chain /sbin/iptables -F # Add SysV style initialization support (ignore everything except 'stop' and 'clear'). if [ "$1" == "stop" ] || [ "$1" == "clear" ]; then iptables -t filter -F > /dev/null 2>&1 iptables -t filter -X > /dev/null 2>&1 iptables -t nat -F > /dev/null 2>&1 iptables -t nat -X > /dev/null 2>&1 iptables -t mangle -F > /dev/null 2>&1 iptables -t mangle -X > /dev/null 2>&1 iptables -t filter -P INPUT ACCEPT > /dev/null 2>&1 iptables -t filter -P OUTPUT ACCEPT > /dev/null 2>&1 iptables -t filter -P FORWARD ACCEPT > /dev/null 2>&1 iptables -t nat -P PREROUTING ACCEPT > /dev/null 2>&1 iptables -t nat -P POSTROUTING ACCEPT > /dev/null 2>&1 iptables -t nat -P OUTPUT ACCEPT > /dev/null 2>&1 iptables -t mangle -P POSTROUTING ACCEPT > /dev/null 2>&1 iptables -t mangle -P OUTPUT ACCEPT > /dev/null 2>&1 iptables -t mangle -P PREROUTING ACCEPT > /dev/null 2>&1 iptables -t mangle -P INPUT ACCEPT > /dev/null 2>&1 iptables -t mangle -P FORWARD ACCEPT > /dev/null 2>&1 echo "-> Firewall disabled." exit fi iptables -t nat -X iptables -t nat -P PREROUTING ACCEPT iptables -t nat -P POSTROUTING ACCEPT iptables -t nat -P OUTPUT ACCEPT #iptables -t mangle -F #iptables -t mangle -X #iptables -t mangle -P POSTROUTING ACCEPT #iptables -t mangle -P OUTPUT ACCEPT /sbin/iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 /sbin/iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128 /sbin/iptables -A INPUT -p icmp --icmp-type 0 -j ACCEPT /sbin/iptables -A INPUT -p icmp --icmp-type 3 -j ACCEPT # Set up IP FORWARDing and Masquerading /sbin/iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE /sbin/iptables --append FORWARD --in-interface eth0 -j ACCEPT /sbin/iptables --table nat --append POSTROUTING --out-interface eth1 -j MASQUERADE /sbin/iptables --append FORWARD --in-interface eth1 -j ACCEPT ## Ignore any broadcast icmp echo requests if [ -e /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts ]; then echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts fi # ## Don't accept source routed packets. if [ -e /proc/sys/net/ipv4/conf/all/accept_source_route ] for interface in /proc/sys/net/ipv4/conf/*/accept_source_route; do echo "0" > $interface done fi # Automatic IP defragmenting ############################ if [ -e /proc/sys/net/ipv4/ip_always_defrag ] then echo "1" > /proc/sys/net/ipv4/ip_always_defrag fi # /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 111 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 111 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 6668 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 6668 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 22 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 22 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 111 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 111 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 135 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 135 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 137 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 137 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 138 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 138 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 139 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 139 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 445 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 445 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 6667 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 6667 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 1025 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 1978 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 2002 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 1433 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 1433 -j DROP /sbin/iptables -A INPUT -p udp -s 0/0 -d 0/0 --dport 1434 -j DROP /sbin/iptables -A INPUT -p tcp -s 0/0 -d 0/0 --dport 1434 -j DROP #Turning on Linux kernel support for spoof and DOS (Denial Of Service) protection: echo 1 >/proc/sys/net/ipv4/tcp_syncookies echo 1 > /proc/sys/net/ipv4/ip_forward _________________________________________________________________ Himalayan holiday! Waiting to be won. http://server1.msn.co.in/sp03/summerfun/index.asp Find out more.
