FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 04-19-2008, 06:45 PM
Andrei Popescu
 
Default iptables rule for streaming

On Sat, Apr 19, 2008 at 07:32:43PM +0200, Shams Fantar wrote:
> Hi,
>
> With iptables, which are the rules to use to be able for streaming
> (audio/video) protocol ?

You must give more details than this. What are you trying to achieve and
what is your current setup?

Regards,
Andrei
--
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)
 
Old 04-20-2008, 08:05 AM
Shams Fantar
 
Default iptables rule for streaming

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrei Popescu wrote:
> On Sat, Apr 19, 2008 at 07:32:43PM +0200, Shams Fantar wrote:
>> Hi,
>>
>> With iptables, which are the rules to use to be able for streaming
>> (audio/video) protocol ?
>
> You must give more details than this. What are you trying to achieve and
> what is your current setup?
>
> Regards,
> Andrei

I'm writing the iptables rules for a machine, a desktop, so, on this
machine, the users can listen to streaming (like the BBC, or other
radios...). Therefore, I need to open the good ports to allow the use of
streaming. And I can't write this rule because I don't know the ports
used by streaming... And I believe that ports can be very different
depending on the radio.

- --
Shams Fantar (Website : http://snurf.info)
My public GPG Key : http://snurf.info/sfantar.gpg
A book is like a garden carried in the pocket.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFICvlG5ChwvXmalbURAideAJ4pFAkU0tNQVfOJYucdvw 2hrr6tDACg/l46
xD3fmbF8c8Zc9z+T0SGOWJc=
=z6az
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-20-2008, 08:34 AM
Andrei Popescu
 
Default iptables rule for streaming

On Sun, Apr 20, 2008 at 10:05:26AM +0200, Shams Fantar wrote:

> I'm writing the iptables rules for a machine, a desktop, so, on this
> machine, the users can listen to streaming (like the BBC, or other
> radios...). Therefore, I need to open the good ports to allow the use of
> streaming. And I can't write this rule because I don't know the ports
> used by streaming... And I believe that ports can be very different
> depending on the radio.

You only need to worry about it if you want to block *outgoing*
connections. I have a "DROP all incoming/ALLOW all outgoing" type setup
on my systems and I can listen to internet radio without problems (in
fact it runs almost 24/7).

Some people might consider my "ALLOW all outgoing" to be too lax, but I
am the only user and I only install programs from Debian sources.

Regards,
Andrei
--
If you can't explain it simply, you don't understand it well enough.
(Albert Einstein)
 
Old 04-20-2008, 12:03 PM
Shams Fantar
 
Default iptables rule for streaming

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andrei Popescu wrote:
> On Sun, Apr 20, 2008 at 10:05:26AM +0200, Shams Fantar wrote:
>
>> I'm writing the iptables rules for a machine, a desktop, so, on this
>> machine, the users can listen to streaming (like the BBC, or other
>> radios...). Therefore, I need to open the good ports to allow the use of
>> streaming. And I can't write this rule because I don't know the ports
>> used by streaming... And I believe that ports can be very different
>> depending on the radio.
>
> You only need to worry about it if you want to block *outgoing*
> connections. I have a "DROP all incoming/ALLOW all outgoing" type setup
> on my systems and I can listen to internet radio without problems (in
> fact it runs almost 24/7).
>
> Some people might consider my "ALLOW all outgoing" to be too lax, but I
> am the only user and I only install programs from Debian sources.
>
> Regards,
> Andrei

That works ! Thanks for your answers. ;-)

The solution is :

iptables -A OUTPUT -o eth0 -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT

- --
Shams Fantar (Website : http://snurf.info)
My public GPG Key : http://snurf.info/sfantar.gpg
A book is like a garden carried in the pocket.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFICzEF5ChwvXmalbURAoTDAJ93ORyzJ1Z3n9bWz3BaXK SmbtWdDQCglO4d
9zAf2ey3Zwfn7gnE9ZWYn3o=
=Sm9T
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-20-2008, 12:35 PM
Chris Bannister
 
Default iptables rule for streaming

On Sat, Apr 19, 2008 at 07:32:43PM +0200, Shams Fantar wrote:
> Hi,
>
> With iptables, which are the rules to use to be able for streaming
> (audio/video) protocol ?

Have a look at shorewall. You will need to know the ports the streaming
protocol uses.

--
Chris.
======
"One, with God, is always a majority, but many a martyr has been burned
at the stake while the votes were being counted." -- Thomas B. Reed


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 04:58 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org