Hi all, Thanks for the answers to the previous question - my internal samba now works. My next problem is that I'd like to use MS Messenger voice thru my firewall. I've seen projects such as upnp and Linux UPnP Internet Gateway Device project, do I need to use them ? As you can guess I'm a very inexperienced iptables/firewall user, so I'd really appreciate any help you can give.

For a detailed portlist look on the microsoft homepage. They give portlists for each of their service. Search with keywords "firewall", "messanger", "open ports" and you will find your portlist. I think messanger works with the same technique like netmeeting and so it will work with iptables (h323 works over tcp/ip). I don't know, if it's the same ports like netmeeting, so better look on the m$-pages. Netmeeting works fine with masquerading and without on SuSEfirewall2 (I tested it). To make it work from external you have to allow these ports over the firewall not on the firewall itself. This can be done with the forwarding rules in the susefirewall at point 13 or 14 (depends, if you use masquerading or not). For usage look in the config-file in /etc/sysconfig (SuSE >= v8.0) or /etc/rc.config.d (SuSE < v8.0). Because of the many open ports this app forces (I think >1024 and several others) you should block all used Ports on the firewall and use the rules e.g. with an mysql: forward Ports 1024-3005 and 3007-65535 to external not 3306! This keeps your mysql from beeing world accessible - for instance with mysql. This is only an example find your own solution for your lan. I hope this will help, but you have to get some info for your own on the web about the portlist. Philippe