Re: netmeeting my host receives no video

From: Kees Bakker (kees.bakker@altium.nl)
Date: 01/30/03 

From: kees.bakker@altium.nl (Kees Bakker)
Date: 30 Jan 2003 16:21:09 +0100

>>>>> Edwin writes:
>
> I need 1 host on my internal lan to run netmeeting, now it sends video but
> it doesn't receive any from the opposite side.
> What am i doing wrong? Can I debug this someway?
>
> This is the part of my iptables config.
>
> # Allow netmeeting connections
> $IPTABLES -A PREROUTING -t nat -p tcp -d $INET_IP --dport 1720 -j DNAT --to $NETMEETING:1720
> # ports for Netmeeting dynamic audio/video
> $IPTABLES -A INPUT -i $INET_IFACE -p udp --sport 5000:5004 -j ACCEPT
> $IPTABLES -A OUTPUT -o $LAN_IFACE -p udp --sport 5000:5004 -j ACCEPT
> # ports for Netmeeting with H.245 disabled or Netmeeting users.
> $IPTABLES -A INPUT -i $INET_IFACE -p tcp --sport 30000:30020 -j ACCEPT
> $IPTABLES -A OUTPUT -o $LAN_IFACE -p tcp --sport 30000:30020 -j ACCEPT
>
> greetings Edwin
>
>

These are the firewall rules suggested by the GnomeMeeting FAQ:

OUT_DEV=ppp0
IN_HOST=192.168.1.12
TCP_PORT_RANGE=30000:30010
UDP_PORT_RANGE=5000:5003
TCP_LISTENING_PORT=1720
$IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j DNAT --to-dest $IN_HOST
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p udp --dport $UDP_PORT_RANGE -j DNAT --to-dest $IN_HOST
$IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST -j ACCEPT
$IPTABLES -A FORWARD -p udp -i $OUT_DEV --dport $UDP_PORT_RANGE -d $IN_HOST -j ACCEPT
$IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST
$IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d $IN_HOST -j ACCEPT

As you can see these rules are for destination ports, while your script
have rules for source ports. Maybe that is the problem.

                Kees

Relevant Pages

  • Re: PMJ help
    ... I dont know what is wrong, no response from my NM I will try ... the rules in the modem and grc showed the ports as open. ... Protocol that NetMeeting uses) *are* Open OK, ... Have you changed the Router to a different one? ...
    (uk.people.silversurfers)
  • Re: Port forwarding/open ports?
    ... > To be able for another person to connect to my Netmeeting in ... > Windows XP and share applications I would need to open the ports 1720 ... > and 1503 in my router firewall. ...
    (alt.computer.security)
  • Re: why isnt the set of open ports a security problem?
    ... > I use a Windows XP Pro PC from behind a router with a NAT ... Just started using NetMeeting recently. ... > ports on my router. ... to be a risk. ...
    (microsoft.public.internet.netmeeting)
  • Re: NetMeeting and NAT firewall
    ... > Is it possible to support NetMeeting via a NAT firewall, ... firewall because you have to open LOTS of ports. ... 389 Internet Locator Server (TCP) ...
    (comp.security.firewalls)
  • Re: Ping pmj
    ... a software firewall to fill the gaps in or you will get intruders!!! ... Software Firewall, or not Forwarded in your Router), then NetMeeting ... *also* Open up some Ports when receiving Calls. ... Such as VNC ...
    (uk.people.silversurfers)