Re: IPTABLES full DMZ

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



You just could put a switch between ADSL and the linux
box, so you conect the VIP to the switch directly to
the internet, unless you want to manage traffic from
the linux box, you could made a bridge between eth1
and eth2 an manage traffic with iptables and ebtables.

If you want to know what ports are open on your VIP
you could use a port snanner like nmap and/or a
sniffer to detect which ports get connections when a
call comes in or out.


 --- Javier Robles <linuxsl@xxxxxxxxxxxxxxxxxxxx>
escribió:

> Hi Thomas
> iam try explain my network layout
> 
> ADSL ----> ETH1 --->  LINUX Router (redhat 9)
>                                          ETH0 --->
> 16-port Fast Ethernet 
> Switch ----> All my internal PC´s
>                                          ETH2 ---> 
> VIP-400 (Planet VOIP 
> Gateway)
> 
> When i mail to PLANET to ask for the TCP/UDP port
> use the VIP-400 they 
> sendme these:
> Model:     TCP port Used               UDP ports
> used 
> Additional UDP port used if GK is involved
> VIP-400    1024-5000        rtp_port_base  - 
> rtp_port_base +11 
> 1024
>                                                    
> for default value is 
> 30000
> 
> i need make  the VIP have full acces to the intenet
> and from internet, 
> (sorry for my bad inglish)
> 
> Thanks for your help!
> 
> 
> 
> ----- Original Message ----- 
> From: "Thomas Cameron"
> <thomas.cameron@xxxxxxxxxxxxxxx>
> To: "For users of Fedora Core releases"
> <fedora-list@xxxxxxxxxx>
> Sent: Thursday, July 21, 2005 5:36 PM
> Subject: Re: IPTABLES full DMZ
> 
> 
> >> Hello, first iam sorry for my bad inglish.
> >>
> >>     I need some help, iam try connect a VIP-400
> VOIP from PLANET, in my
> >> network but i cant make a good DMZ in my
> iptables, dont work, some
> >> help please.
> >>
> >> Javier Robles
> >> Argentina
> >
> > Hi Javier -
> >
> > You're asking a very broad question, it's hard to
> answer clearly.  What do
> > you mean by "DMZ?"  Normally this is an area where
> there is access to a
> > computer from the Internet.  There are a number of
> ways to accomplish this
> > - opening ports through the firewall, port
> forwarding, etc.  It's really
> > dependant upon how your network is set up.
> >
> > Can you give a little more information on how your
> network is set up so we
> > can make recommendations?
> >
> > Thomas
> >
> > -- 
> > fedora-list mailing list
> > fedora-list@xxxxxxxxxx
> > To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list 
> 
> -- 
> fedora-list mailing list
> fedora-list@xxxxxxxxxx
> To unsubscribe:
> http://www.redhat.com/mailman/listinfo/fedora-list
> 


-----

Mazin...go!!!
Mazinkaiza...go!!!
Visit http://mazingo.cjb.net  for episodes ONLINE!!!
Visit #mechaworld @ irc.mircx.com to talk and download!!!
irc://irc.mircx.com/MechaWorld

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis! 
Regístrate ya - http://correo.espanol.yahoo.com/ 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux