[Sheflug] RTSP / Real Media Clients / Firewalls/ Proxies

[Barrie Bremner <baz-sheflug [at] xxxxxxxxxxxxxxxxx>]

>>>>> "Alan" == Alan Dawson <Dawson> writes:

    Alan> All, I was wondering how other sites cope with RTSP and real
    Alan> media traffic, particulary with respect to firewalls.
 
    [...]

    Alan> Or have a magic incantation for firewall rules.

Assuming that the firewall is masquarading, inbound traffic is coming
in on eth1 and the client is behind the firewall:

iptables -A INPUT   -i eth1 -m state --state NEW,INVALID -j DROP
iptables -A FORWARD -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT

Works for me, anyway.

Baz.
-- 
Barrie J. Bremner
baz-sheflug [at] barriebremner.com      http://barriebremner.com/


___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.