Announcement

Collapse
No announcement yet.

Firewalling question (shorewall)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Firewalling question (shorewall)

    Ok, I'm running Mandrake 9.2 on my server, and sometimes I need to use the webcam on my Desktop PC through Yahoo messenger, it works fine now, but I was wondering if anyone has been able to get it to work in the "Super Webcam" mode. It says if you're just running XP and have the built-in Firewall turned on, to open up tcp port 5100. I've tried several different things in /etc/shorewall/rules, but haven't had much luck. Any help would be greatly appreciated.

    Leech
    Wah! Wah!

    In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

  • #2
    This is probably obvious to you, but in case it isn't, you'll need to open that port on your server and forward it to your desktop PC. And make sure the port's open on your desktop PC too.

    I've never seen Shorewall so I can't help with that, but the iptables rule will look something like iptables -t nat -A PREROUTING -p tcp -d <server's Internet IP> --dport 5100 -j DNAT --to <Desktop PC's IP>. Hope this helps...
    Blah blah blah nick blah blah confusion, blah blah blah blah frog.

    Comment


    • #3
      Yeah, I know that I'd need it open on my desktop PC. Under Windows XP I don't have the firewall enabled or anything.... Shorewall, (from what I can tell) is simply a slightly easier way to configure iptables. Here's a few example lines from my Shorewall rules file...

      DNAT net loc:192.168.1.81 tcp 4662
      DNAT net loc:192.168.1.81 udp 6822
      ACCEPT net fw tcp 80,443,53,22,20,21,25,109,110,143,137,138,139,631, 5100 -
      ACCEPT net fw udp 53,137,138,139,631 -


      Leech
      Wah! Wah!

      In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

      Comment


      • #4
        Heh, that syntax is just about as obtuse as iptables anyway.
        From what I can tell you are ACCEPTing traffic on 5100 but where are you telling it to forward that traffic to your windows box?

        Comment


        • #5
          Yeah, that's what I was thinking.... DNAT of course does just that, though I think I tried that.... I think the line I have in there now just allows whichever computer behind the firewall to have the port 5100 open.

          One of these days I think I just need to put Debian back on my server. It's so much smaller and easier to maintain for me.

          Leech
          Wah! Wah!

          In a perfect world... spammers would get caught, go to jail, and share a cell with many men who have enlarged their penises, taken Viagra and are looking for a new relationship.

          Comment

          Working...
          X