Re: Patch for h323 conntack for certain kernels

To:	netfilter@lists.netfilter.org
Subject:	Re: Patch for h323 conntack for certain kernels
From:	Alan Ezust <alan.ezust@presinet.com>
Date:	Wed, 20 Dec 2006 13:17:09 -0800
Cc:
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	netfilter-list1@securepoint.com
In-reply-to:	<200612201258.02920.alan.ezust@presinet.com>
List-archive:	</pipermail/netfilter>
List-help:	<mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id:	General discussion and user questions <netfilter.lists.netfilter.org>
List-post:	<mailto:netfilter@lists.netfilter.org>
List-subscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe:	<https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Organization:	Presinet, Inc
References:	<59064.195.55.244.106.1164885677.squirrel@www.arcoscom.com> <200612201258.02920.alan.ezust@presinet.com>
Sender:	netfilter-bounces@lists.netfilter.org
User-agent:	KMail/1.9.5

Just to follow-up: the bittorrent match seems to work fine, just the h323 
doesn't. I was using that for testing, just to make sure that l7filters is 
installed properly.

I added a SIP match just in case this phone speaks SIP language, but I don't 
think I need it.

On Wednesday 20 December 2006 12:57, Alan Ezust wrote:
> I just patched 2.6.16.29 with the h323 patchlets from a version of
> patchomatic in the archives. lsmod shows me that these modules are properly
> loaded.
>
> ip_nat_sip              3936  0
> ip_conntrack_sip        6960  1 ip_nat_sip
> ip_nat_h323             2368  0
> ip_conntrack_h323      70080  1 ip_nat_h323
>
> Then I added a couple of matches
> iptables -t promisc -I PROMISC -m layer7 --l7proto "bittorrent"
> iptables -t promisc -I PROMISC -m layer7 --l7proto "h323"
> iptables -t promisc -I PROMISC -m layer7 --l7proto "sip"
>
> I expected after making some phonecalls and running a bittorrent client,
> I'd see some packets and bytes listed when I did iptables -L -t promisc -nv
>
>  pkts bytes target     prot opt in     out     source
> destination
>     0     0            0    --  *      *       0.0.0.0/0           
> 0.0.0.0/0 LAYER7 l7proto bittorrent
>     0     0            0    --  *      *       0.0.0.0/0           
> 0.0.0.0/0 LAYER7 l7proto sip
>     0     0            0    --  *      *       0.0.0.0/0           
> 0.0.0.0/0 LAYER7 l7proto h323
>
>
> But it seems that none of these matches are getting detected...
> Has anyone succeeded in getting the h323 match working?
>
> I'd like to try to debug it, but I think what I would be very useful for
> debugging is some sort of formal protocol specification that describes how
> the H323 protocol is suppoed to look. Does such a thing exist in the public
> domain?
>
> On Thursday 30 November 2006 03:21, ArcosCom Linux User wrote:
> > Hi, I'm trying to patch kernel 2.6.16.34 with h323 conntrack patches, but
> > I don't found it in pom-ng.
> >
> > I'm thinking in take it from 2.6.19 kernel (the *h323* files and take a
> > view in Kconfigs and Makefiles files).
> >
> > I know from 2.6.17 series, h323 where into kernel and they patched
> > sometimes h323 sources.
> >
> > Could anybody say me if copying the files into 2.6.16.34 sources and
> > modifiying Kconfig and Makefile files it will work?
> >
> > Thanks

-- 
Alan Ezust            www.presinet.com
Presinet, inc         alan.ezust@presinet.com
           Victoria, BC, Canada

pgpvhYlXfehC3.pgp
Description: PGP signature

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Patch for h323 conntack for certain kernels, Alan Ezust Re: Patch for h323 conntack for certain kernels, Alan Ezust <= Re: Patch for h323 conntack for certain kernels, Alan Ezust

Previous by Date:	Re: Patch for h323 conntack for certain kernels, Alan Ezust
Next by Date:	Re: [LARTC] Interesting article about punching holes in firewalls..., Carl-Daniel Hailfinger
Previous by Thread:	Re: Patch for h323 conntack for certain kernels, Alan Ezust
Next by Thread:	Re: Patch for h323 conntack for certain kernels, Alan Ezust
Indexes:	[Date] [Thread] [Top] [All Lists]