I just patched 2.6.16.29 with the h323 patchlets from a version of patchomatic
in the archives. lsmod shows me that these modules are properly loaded.
ip_nat_sip 3936 0
ip_conntrack_sip 6960 1 ip_nat_sip
ip_nat_h323 2368 0
ip_conntrack_h323 70080 1 ip_nat_h323
Then I added a couple of matches
iptables -t promisc -I PROMISC -m layer7 --l7proto "bittorrent"
iptables -t promisc -I PROMISC -m layer7 --l7proto "h323"
iptables -t promisc -I PROMISC -m layer7 --l7proto "sip"
I expected after making some phonecalls and running a bittorrent client, I'd
see some packets and bytes listed when I did iptables -L -t promisc -nv
pkts bytes target prot opt in out source
destination
0 0 0 -- * * 0.0.0.0/0 0.0.0.0/0
LAYER7 l7proto bittorrent
0 0 0 -- * * 0.0.0.0/0 0.0.0.0/0
LAYER7 l7proto sip
0 0 0 -- * * 0.0.0.0/0 0.0.0.0/0
LAYER7 l7proto h323
But it seems that none of these matches are getting detected...
Has anyone succeeded in getting the h323 match working?
I'd like to try to debug it, but I think what I would be very useful for
debugging is some sort of formal protocol specification that describes how
the H323 protocol is suppoed to look. Does such a thing exist in the public
domain?
On Thursday 30 November 2006 03:21, ArcosCom Linux User wrote:
> Hi, I'm trying to patch kernel 2.6.16.34 with h323 conntrack patches, but
> I don't found it in pom-ng.
>
> I'm thinking in take it from 2.6.19 kernel (the *h323* files and take a
> view in Kconfigs and Makefiles files).
>
> I know from 2.6.17 series, h323 where into kernel and they patched
> sometimes h323 sources.
>
> Could anybody say me if copying the files into 2.6.16.34 sources and
> modifiying Kconfig and Makefile files it will work?
>
> Thanks
--
Alan Ezust www.presinet.com
Presinet, inc alan.ezust@presinet.com
Victoria, BC, Canada
pgpuYP6lJsMbI.pgp
Description: PGP signature
|