[NTLUG:Discuss] use web cam
m m
llliiilll at hotmail.com
Thu Nov 21 08:21:18 CST 2002
>From: MadHat <madhat at unspecific.com>
> >
> > does anyone have used the web cam through linux fire wall?
> > I am try to use web cam in one of computer inside firewall,
> > and let people in the internet can see it real time, either use player
>or
> > web...
> > I use iptables running on RH 6.2 as firewall, what do I need to take
>care to
> > make it work?
> >
>
>Depends on the software being used.
I thought I went to try net meeting, it requires to open a lot of ports and
all ports about 1024. I gave up. I have tried Yahoo messenger, and it is
very very easy, just plug web cam in and works without extra work. that is
want I want.
poeple told me that new meeting will get good quality on video and sound,
and I think may be I will try it.
can some one take a look at the following rule for me (if it is right)?
it try to open 389,522,1503,1720,1731 and all ports above 1024 and goes to
192.168.1.6 box.
# For netmeeting ----------------------------------------
iptables -A INPUT -i eth0 -p tcp --dport 389 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 389 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 389 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 389 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p tcp --dport 522 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 522 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 522 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 522 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p tcp --dport 1503 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 1503 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 1503 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 1503 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p tcp --dport 1720 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 1720 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 1720 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 1720 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p tcp --dport 1731 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 1731 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 1731 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 1731 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p tcp --dport 1024:65535 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth0 -p udp --dport 1024:65535 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p tcp --dport 1024:65535 -j ACCEPT #NetMeeting
iptables -A INPUT -i eth1 -p udp --dport 1024:65535 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 389 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 522 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 1503 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 1720 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 1731 -j ACCEPT #NetMeeting
iptables -A FORWARD -p tcp --sport 1024:65535 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 389 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 522 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 1503 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 1720 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 1731 -j ACCEPT #NetMeeting
iptables -A OUTPUT -p tcp --dport 1024:65535 -j ACCEPT #NetMeeting
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 389 -j DNAT --to 192.168.1.6:389
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 522 -j DNAT --to 192.168.1.6:522
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 1503 -j DNAT --to 192.168.1.6:1503
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 1720 -j DNAT --to 192.168.1.6:1720
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 1731 -j DNAT --to 192.168.1.6:1731
iptables -t nat -A POSTROUTING -o eth1 -j SNAT --to 112.237.180.181
# end For netmeeting ----------------------------------------
Thanks for Paul Ingendrof's suggestion of http://www.videolan.org
>
> > I also have problem using ftp download to download a file. (http
>download is
> > ok) what do I need to change in config file to make it work, too.
> >
>
>FTP uses different ports. I recommend using passive FTP, only opening
>up 21 for the command port and greater than 49152 for the data
>transfers. When using Active, you have to open 20 and everything above
>1023, IIRC, which opens many more holes that I really like.
I do have all necessary modules loaded.
and poeple can ftp to me use my server. my problem is I can not connect to
remote site and down load files from them. here are the rules:
modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp
# are these three lines need?
#iptables -A INPUT -p tcp --dport 21 -j ACCEPT #ftp
#iptables -A FORWARD -p tcp --sport 21 -j ACCEPT
#iptables -A OUTPUT -p tcp --dport 21 -j ACCEPT #ftp
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 21 -j DNAT --to 192.168.1.6:21
iptables -A PREROUTING -t nat -p tcp -d 112.237.180.181 \
--dport 20 -j DNAT --to 192.168.1.6:20
Thanks ro Richard Geoffrion's reply.
> > thanks in advance.
> >
> >
> >
> >
> >
> >
> > _________________________________________________________________
> > Add photos to your e-mail with MSN 8. Get 2 months FREE*.
> > http://join.msn.com/?page=features/featuredemail
> >
> >
> > _______________________________________________
> > https://ntlug.org/mailman/listinfo/discuss
>--
>MadHat at Unspecific.com
>"Anyone who understands Linux/Unix, really understands the universe.
> Anyone who understands Windows, really understands Windows."
> - Richard Thieme, DefCon 10, 2002
>
>_______________________________________________
>https://ntlug.org/mailman/listinfo/discuss
_________________________________________________________________
The new MSN 8: advanced junk mail protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
More information about the Discuss
mailing list