To communicate using a tool like Microsoft NetMeeting or GnomeMeeting through a Linux (kernel 2.4.x-based) firewall, you have to redirect some ports to one IP address in the inside network, otherwise, it won’t work.
Here is a little script meant to achieve exactly that:
#!/bin/sh # Script to redirect H.323 trafic to one specific IP behind the firewall IPTABLES=/sbin/iptables OUT_DEV=ppp0 IN_HOST=192.168.11.33 TCP_PORT_RANGE=30000:30010 UDP_PORT_RANGE=5000:5003 TCP_LISTENING_PORT=1720 #$IPTABLES -t nat -A POSTROUTING -o $OUT_DEV -j MASQUERADE $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_PORT_RANGE -j DNAT --to-dest $IN_HOST $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p udp --dport $UDP_PORT_RANGE -j DNAT --to-dest $IN_HOST $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_PORT_RANGE -d $IN_HOST -j ACCEPT $IPTABLES -A FORWARD -p udp -i $OUT_DEV --dport $UDP_PORT_RANGE -d $IN_HOST -j ACCEPT $IPTABLES -t nat -A PREROUTING -i $OUT_DEV -p tcp --dport $TCP_LISTENING_PORT -j DNAT --to-dest $IN_HOST $IPTABLES -A FORWARD -p tcp -i $OUT_DEV --dport $TCP_LISTENING_PORT -d $IN_HOST -j ACCEPT
You have of course to modify the variables at the beginning to suit your particuliar setup. This one works for a bunch of Debian-based installs with ADSL connection.
This article was first written in October 2003 for the BeezNest technical website (http://glasnost.beeznest.org/articles/75)
GNU/Linux is particularly adapted as file server for Microsoft Windows, MacOS (any version) and UNIX workstations. It is adapted to serving printers to them as well and, as every UNIX, is well-suited as application server (mail, web, DHCP, …).
Users and groups are stored on the server for centralized and common access from all the client types.
For the management of all that, we use Webmin, a web interface that allows a lot of things, even remote and shared management between several administrators.
Samba is a free CiFS (also known as SMB, a file and print server and client for UNIX) implementation, known as performing faster than the original Microsoft implementation. It can integrate into an existing Windows-based network, or completely replace it for every service the Windows version can provide. By integration, I mean be client or server or both at the same time.
Netatalk is a free Appletalk implementation for UNIX. It allows Mac users to access the files created by the users of the other systems.
A FTP server is sometimes the best way to transfer files betweens computers, for example from the outside of the local network. It must be secured, however, to only allow access to people who need it.
CUPS is a free implementation of the widely supported (Microsoft, HP, …) IPP (Internet Printing Protocol) which removes most of the burden associated to networked printers. It allows, with various interfaces (web, GTK+, …), to install and configure all kinds of printers. It also allows printers autodiscovery on your network.
To manage users and groups accross the network, various solutions exist, depending on the existing infrastructure. If you do not already run an NT Domain (or Active Directory) or do not want to use it, we use NIS or LDAP to store, retrieve and manage users, passwords and groups. Otherwise, Samba is also able to integrate your GNU/Linux to the existing Domain or replace it completely.
This article was first written in October 2003 for the BeezNest technical website (http://glasnost.beeznest.org/articles/74)