This one time, at band camp, Dan Hunt said: > Crispin. I made the changes you suggested rebooted and now I'm back > with a Debian Firewall protecting my Debian box. Thank You. > > Any suggestions on allowing streaming Audio through the Firewall to > XMMS? > > Thank you Jeff, I will try inserting Disk #5 in the boot cd and > install Debian with the 2.4 kernel soon. > > Microsoft Free and loving Debian GNU/Linux. Dan Hunt St. Brieux > Saskatchewan Canada
There is something new in iptables that wasn't in ipchains, that allows connections already established. A line like: $IPTABLES -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT Will allow any already established connection through, even if that port is otherwise firewalled. I have all ports set to drop (except ssh) on my firewall, but this allows all the NAT'ed boxes behind it to do whatever they need to do. Steve -- "If a computer can't directly address all the RAM you can use, it's just a toy." -- anonymous comp.sys.amiga posting, non-sequitir
msg11530/pgp00000.pgp
Description: PGP signature
