[clug] Bad echo when using gnome meeting

Richard richard_c at tpg.com.au
Mon Jun 14 12:07:53 GMT 2004

It's link-tastic!!!!

Michael Still wrote:

> It was actually two wireless laptops in the same room. I believe in 
> pushing the technology.

Sometimes the technology just wants to be left alone to sulk in a corner.

> Does iptables do connection tracking for H323? The scenario is random 
> machine on the internet talking to a machine at home via dnat.

I believe not. h.323 uses a mind-bending selection of random ports, TCP, 
UDP, with/without RTP, nuts, wafers, and/or chocolate sauce. See 
convenient article at: http://www.securityfocus.com/infocus/1782

There was/is an 2.2.0 ip_masq_h323 module hosted at: 
http://www.coritel.it/coritel/projects/nat/index.html I tried this  
sometime ago with a Smoothwall router I had at the time, but couldn't 
test it effectively. Also, this module only supports call setup things, 
so you can't register your presence with a gateway (I think it's a 
gateway, this was a year ago, or two, that I got curious about this 
stuff); the other party needs to know your IP address. Apparently, SIP 
is much easier to route, but is a little "feature-light" for many 
purposes (only supporting call setup). H.323 has a "cradle to grave" 
view of a call in comparison.

Routing H.323 is a proper PITA. Use a gatekeeper and its eccentricities 
in preference to a head-on assault against the protocol proper. Of 
course you /could/ use all that spare time you have to re-write 
ip_masq_h323 for the brave new 2.6 world :-P  I'd do it, but I have a 
pressing appointment at the pub for the next 3 months or so.


More information about the linux mailing list