Re: how to 'dcc'(in IRC) with iptables
On Tue, 21 May 2002, Raffael Ferenc wrote:
> > If you use NAT, you have to load in the IRC nat helper module with the
> > same parameters as you used at the IRC conntrack helper.
> IMHO DCC uses random unprivports, so you have to enable all ports
> between 1025 and 65535 for the target ip address. (which is quite
> unsecure, so use it with care)
The IRC conntrack/NAT helper is responsible to handle the requested data
channels on the unprivileged ports together with the state matching in
netfilter/iptables. (Therefore iptables is a big step ahead compared to
There is no need to open up all unprivileged ports at all.
E-mail : firstname.lastname@example.org, email@example.com
Address : KFKI Research Institute for Particle and Nuclear Physics
H-1525 Budapest 114, POB. 49, Hungary
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com