On Thu, Jul 08, 2004 at 02:51:29PM -0500, Jeff Vian wrote: > On Thu, 2004-07-08 at 13:41, Colin Paul Adams wrote: > > >>>>> "Pedro" == Pedro Fernandes Macedo <webmaster@xxxxxxxxxxxxxxxxxxx> writes: > > > > >> > > Pedro> Then she can use netmeeting (comes with windows , at least > > Pedro> in windows xp) and you use gnomemeeting.. If you have a > > Pedro> firewall , you'll need to punch a few holes through > > Pedro> it... (I say few , but one of them is huge.. It means > > Pedro> opening udp ports from 5000 to 65000) > > > > You ARE joking aren't you? That's 60,000 ports! > > It would take me a year to type all that lot in! > > Isn't there a way to limit which ports it uses? > > -- > > Colin Paul Adams > > Preston Lancashire > > > > Pedro, > Why do you need that much open?. > Iptables, with using statefull rules allows established/related ports to > be opened. Would not the other port(s) be related to the initial > contact port and thus fit these rules? > > An example of what I mean is ftp. Control connection is on port 21, and > I do not need to list the data port as it is "related" so it is > automatically allowed. It seems netmeeting or gnomemeeting should work > similarly. I have not tried this but it seems logical. The L7 match filters are the best bet for handling p2p packets. Check for the latest revs on freshmeat.net -- Jack Bowling mailto: jbinpg@xxxxxxx
