(First, my english is not good) Hi, In my network, people want and are allowed to use msn. A new release 6 was installed in some windows machines. With iptables, i set policies to drop in input, output and forward. Then, accept established an related connections: iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT And finally allow connections to everywhere, port 1863 iptables -A FORWARD -p tcp -s 10.0.0.0/8 --destination-port 1863 -m state --state NEW -j MSN iptables -A MSN -j LOG --log-prefix "MSN ACCEPT " iptables -A MSN -j ACCEPT I've captured sessions of connections with tcpdump, and as far as i can see, the client connect, first to a messenger.hotmail.com, then negotiate the connections to another site baym-csxxx.msgr.hotmail.com where xxx is the final number of the ip. It seems that always use only the port 1863, but is not working. I've even configured dante, and didn't worked too. Is there any error in my configuration of iptables?. Or is just a FUD?, because connections going through ISA Server work fine.
participants (1)
-
Francisco Acosta