Dan Perez
September 1st, 2003, 07:21 PM
Hi All :)
Has anyone successfully got this to work within LnS? I am still looking at other alternative implementations but I have been able to get this to work thus far only by creating a generic allow for remote TCP 1863 and then allowing all UDP from the remote party's specific IP but this is less than ideal, particularly depending on how often our respective IPs change.
After allowing TCP 1863 and before allowing all UDP I found from the logs that remote UDP 1900 and remote UDP 7001 were blocked (these are from various MS servers) so I made a rule allowing these, but as soon as I attempted a voice session I began getting a slew of higher UDP to higher UDP packets from the IP of the other party. The ports used are random for each session but seem to stay within the same ports once a given session is established.
It would seem to me that one or more of the other three ports that are consistent across MSN sessions are control channels and that when a UDP voice session is negotiated each side has to agree on which port to receive on and if there is any makeshift UDP "Stateful" provision in LnS this might be applied here. But I do not know of any. Is there anything that I am missing in my approach to this issue?
Any input would be greatly appreciated ;D
Also :) , on an unrelated point, is there any means for establishing IP address/range variables that can then be envoked within the various rules (rather like the implementation in Snort)? This would mean that whenever there is a group of rules that are intended to apply to a certain address, or group of addresses and whenever that address changes one merely has to change the variable definition rather than go to each corresponding rule and edit there.
TIA
Has anyone successfully got this to work within LnS? I am still looking at other alternative implementations but I have been able to get this to work thus far only by creating a generic allow for remote TCP 1863 and then allowing all UDP from the remote party's specific IP but this is less than ideal, particularly depending on how often our respective IPs change.
After allowing TCP 1863 and before allowing all UDP I found from the logs that remote UDP 1900 and remote UDP 7001 were blocked (these are from various MS servers) so I made a rule allowing these, but as soon as I attempted a voice session I began getting a slew of higher UDP to higher UDP packets from the IP of the other party. The ports used are random for each session but seem to stay within the same ports once a given session is established.
It would seem to me that one or more of the other three ports that are consistent across MSN sessions are control channels and that when a UDP voice session is negotiated each side has to agree on which port to receive on and if there is any makeshift UDP "Stateful" provision in LnS this might be applied here. But I do not know of any. Is there anything that I am missing in my approach to this issue?
Any input would be greatly appreciated ;D
Also :) , on an unrelated point, is there any means for establishing IP address/range variables that can then be envoked within the various rules (rather like the implementation in Snort)? This would mean that whenever there is a group of rules that are intended to apply to a certain address, or group of addresses and whenever that address changes one merely has to change the variable definition rather than go to each corresponding rule and edit there.
TIA