When using iChat with NAT routers and firewalls, certain ports must be open to allow video and audio conferencing behind a firewall. Some devices have these ports open by default, while others require configuration. Note: This article lists all ports used by iChat, not just those used by audio/visual content. A list of individual port functions can be found in "'Well known' TCP and UDP ports used by Apple software products".
edit: SOLVED - see below for solution
Hi there,
I've inherited a gob of Linux hosts and so am learning linux from the bottom of the deep end of the pool (gotta say I'm warming up to Linux though - it's not half bad)
Right now iptables is confusing me and I could use some pointers as to how... (0 Replies)
Upon replacing my linux router/server with a Solaris one I've noticed very poor network performance. The server itself has no issues connecting to the net, but clients using the server as a router are getting a lot of IP fragments as indicated from some packet sniffing I conducted.
Here was my... (3 Replies)
I've experienced this same issue with both the Endian Firewall Appliance and a Vyatta Firewall Appliance. Conversely, it works with a Draytek Firewall/Router.
I am trying to forward port 80 traffic to my internal web server which is located on the /24 subnet. I have an external static IP which... (0 Replies)
I set up remote printing on a clients Unix server to my Windows XP USB printer. My USB printer is connected directly to my PC (no print server and no network input on printer). With my Win XP PC connected to my cable modem (without the router), i can do
lp -dhp842c /etc/hosts and it prints. I... (7 Replies)
hi guys,
its been a while since my last visit here,
could not keep up the pace on this ever changing industry :)
i'd just doing my home research under vmware to make a solaris-based router-firewall using zones - doing a lot of reading about zones & review solaris zone functionality.
and... (4 Replies)
HI all,
I have setup IPTables firewall/Router and my home network, with address space 192.168.10.XXX
Form my private network hosts, i can ping the gateway ( 192.168.10.101 ) , but the reverse is not happening.
Can someone help me as of what i need to do, so that i can ping my private... (1 Reply)
SHOREWALL-NAT(5) [FIXME: manual] SHOREWALL-NAT(5)NAME
nat - Shorewall one-to-one NAT file
SYNOPSIS
/etc/shorewall/nat
DESCRIPTION
This file is used to define one-to-one Network Address Translation (NAT).
Warning
If all you want to do is simple port forwarding, do NOT use this file. See http://www.shorewall.net/FAQ.htm#faq1[1]. Also, in many
cases, Proxy ARP (shorewall-proxyarp[2](5)) is a better solution that one-to-one NAT.
The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in
the alternate specification syntax).
EXTERNAL - {address|COMMENT}
External IP Address - this should NOT be the primary IP address of the interface named in the next column and must not be a DNS Name.
If you put COMMENT in this column, the rest of the line will be attached as a comment to the Netfilter rule(s) generated by the
following entries in the file. The comment will appear delimited by "/* ... */" in the output of "shorewall show nat"
To stop the comment from being attached to further rules, simply include COMMENT on a line by itself.
INTERFACE - interfacelist[:[digit]]
Interfaces that have the EXTERNAL address. If ADD_IP_ALIASES=Yes in shorewall.conf[3](5), Shorewall will automatically add the EXTERNAL
address to this interface. Also if ADD_IP_ALIASES=Yes, you may follow the interface name with ":" and a digit to indicate that you want
Shorewall to add the alias with this name (e.g., "eth0:0"). That allows you to see the alias with ifconfig. That is the only thing
that this name is good for -- you cannot use it anwhere else in your Shorewall configuration.
Each interface must match an entry in shorewall-interfaces[4](5). Shorewall allows loose matches to wildcard entries in
shorewall-interfaces[4](5). For example, ppp0 in this file will match a shorewall-interfaces[4](5) entry that defines ppp+.
If you want to override ADD_IP_ALIASES=Yes for a particular entry, follow the interface name with ":" and no digit (e.g., "eth0:").
INTERNAL - address
Internal Address (must not be a DNS Name).
ALL INTERFACES (allints) - [Yes|No]
If Yes or yes, NAT will be effective from all hosts. If No or no (or left empty) then NAT will be effective only through the interface
named in the INTERFACE column.
LOCAL - [Yes|No]
If Yes or yes, NAT will be effective from the firewall system
FILES
/etc/shorewall/nat
SEE ALSO
http://shorewall.net/NAT.htm
http://shorewall.net/configuration_file_basics.htm#Pairs
shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5),
shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5),
shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-routestopped(5), shorewall-rules(5), shorewall.conf(5),
shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5),
shorewall-zones(5)NOTES
1. http://www.shorewall.net/FAQ.htm#faq1
http://www.shorewall.net/manpages/../FAQ.htm#faq1
2. shorewall-proxyarp
http://www.shorewall.net/manpages/shorewall-proxyarp.html
3. shorewall.conf
http://www.shorewall.net/manpages/shorewall.conf.html
4. shorewall-interfaces
http://www.shorewall.net/manpages/shorewall-interfaces.html
[FIXME: source] 06/28/2012 SHOREWALL-NAT(5)