What ports does it use? Did they change them lately? Thanks Nick -- ----------------------------- Anybody got plans for an ark? ----------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Tue, 26 Sep 2000, Nick Zentena wrote:
<*]Date: Tue, 26 Sep 2000 18:40:17 -0500
<*]From: Nick Zentena
On Tue, 26 Sep 2000, Nicolas Beaulieu wrote:
On Tue, 26 Sep 2000, Nick Zentena wrote:
<*]Date: Tue, 26 Sep 2000 18:40:17 -0500 <*]From: Nick Zentena
<*]To: suse-linux-e@suse.com <*]Subject: [SLE] ICQ chat? <*] <*] <*] What ports does it use? Did they change them lately? <*] Hi Nick,
I've been using the same mirabilis server for 2 years now (icq1.mirabilis.com), and it's on port 4000. I don't think they have changed it...
Hi, I went to the ICQ homepage and looked a few things up. Amazing what you can find when you look-) ICQ uses port 4000 for client to server stuff. But for peer to peer then it tries to use a port above 1024 [1023? I always forget] You can restrict the ports it tires to use. The problem is my firewall is somehow blocking peer to peer stuff. Sending messages back to the server works just fine but chat or direct messages have problems. Anybody care to look at the ICQ lines of my firewall and point out how stupid I am? # ICQ server (4000) # ----------------- ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \ -s any/0 $UNPRIVPORTS \ -d $IPADDR 2000:4000 -j ACCEPT ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \ -s $IPADDR 2000:4000 \ -d any/0 $UNPRIVPORTS -j ACCEPT ipchains -A input -i $EXTERNAL_INTERFACE -p udp \ -s any/0 $UNPRIVPORTS \ -d $IPADDR 4000 -j ACCEPT ipchains -A output -i $EXTERNAL_INTERFACE -p udp \ -s $IPADDR 4000 \ -d any/0 $UNPRIVPORTS -j ACCEPT # ICQ client (4000) # ----------------- ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \ -s $IPADDR $UNPRIVPORTS \ --destination-port 2000:4000 -j ACCEPT ipchains -A output -i $EXTERNAL_INTERFACE -p udp \ -s $IPADDR $UNPRIVPORTS \ --destination-port 4000 -j ACCEPT ipchains -A input -i $EXTERNAL_INTERFACE -p udp \ --source-port 4000 \ -d $IPADDR $UNPRIVPORTS -j ACCEPT I think the problem should be in the server section. Maybe the second line with a ! but what I don't understand is the error messages I'm getting Sep 27 10:10:09 barley kernel: Packet log: input DENY ppp0 PROTO=6 other person:1198 me:2443 L=48 S=0x00 I=54283 F=0x4000 T=113 SYN (#107) Now I'd understand if it was the other way around but then I might just be confused. Nick -- ----------------------------- Anybody got plans for an ark? ----------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
Hi Nick, Wednesday, September 27, 2000, 1:03:32 PM, you wrote:
Hi, I went to the ICQ homepage and looked a few things up. Amazing what you can find when you look-)
ICQ uses port 4000 for client to server stuff. But for peer to peer then it tries to use a port above 1024 [1023? I always forget] You can restrict the ports it tires to use.
The problem is my firewall is somehow blocking peer to peer stuff. Sending messages back to the server works just fine but chat or direct messages have problems.
Anybody care to look at the ICQ lines of my firewall and point out how stupid I am?
# ICQ server (4000) # ----------------- ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \ -s any/0 $UNPRIVPORTS \ -d $IPADDR 2000:4000 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \ -s $IPADDR 2000:4000 \ -d any/0 $UNPRIVPORTS -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \ -s any/0 $UNPRIVPORTS \ -d $IPADDR 4000 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \ -s $IPADDR 4000 \ -d any/0 $UNPRIVPORTS -j ACCEPT
# ICQ client (4000) # ----------------- ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \ -s $IPADDR $UNPRIVPORTS \ --destination-port 2000:4000 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \ -s $IPADDR $UNPRIVPORTS \ --destination-port 4000 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \ --source-port 4000 \ -d $IPADDR $UNPRIVPORTS -j ACCEPT
I think the problem should be in the server section. Maybe the second line with a ! but what I don't understand is the error messages I'm getting Sep 27 10:10:09 barley kernel: Packet log: input DENY ppp0 PROTO=6 other person:1198 me:2443 L=48 S=0x00 I=54283 F=0x4000 T=113 SYN (#107)
Quick summary of message: input chain, denied the packet, interface ppp0, PROTO=6 (it is a tcp packet), from "other person":port 1198, to "me":port 2443, L(length)= 48 bytes, S(service field info?), I(ID info), F(fragment info), T(time to live in jumps/hops), SYN flag set (as opposed to ACK). Finally the part we want (#107). This is the rule number that started the whole thing. Nice of it to say where to start looking, 107 is a long way down the list. So, which one is 107?
Now I'd understand if it was the other way around but then I might just be confused.
It would be more confusing if you were given an M$ style error message to start with, like "Windows has encountered an error and cannot continue - OK".:-) -- Good luck, Tim mailto:tduggan@dekaresearch.com -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
On Wed, 27 Sep 2000, Tim Duggan wrote:
Sep 27 10:10:09 barley kernel: Packet log: input DENY ppp0 PROTO=6 other person:1198 me:2443 L=48 S=0x00 I=54283 F=0x4000 T=113 SYN (#107)
Quick summary of message: input chain, denied the packet, interface ppp0, PROTO=6 (it is a tcp packet), from "other person":port 1198, to "me":port 2443, L(length)= 48 bytes, S(service field info?), I(ID info), F(fragment info), T(time to live in jumps/hops), SYN flag set (as opposed to ACK). Finally the part we want (#107). This is the rule number that started the whole thing. Nice of it to say where to start looking, 107 is a long way down the list. So, which one is 107?
Good question. I printed out the firewall script and I can only count 70. So I'm likely counting incorrectly.
Now I'd understand if it was the other way around but then I might just be confused.
It would be more confusing if you were given an M$ style error message to start with, like "Windows has encountered an error and cannot continue - OK".:-)
What I meant was the that I might understand if the firewall was blocking me sending out the packet but it's blocking an incoming packet. My limited understanding of the the ipchains rules is that the incoming packet is being allowed. ipchains -L prints out about 70 lines. Is there a better option for printing out all the rules? Thanks Nick -- ----------------------------- Anybody got plans for an ark? ----------------------------- -- To unsubscribe send e-mail to suse-linux-e-unsubscribe@suse.com For additional commands send e-mail to suse-linux-e-help@suse.com Also check the FAQ at http://www.suse.com/support/faq
participants (3)
-
gulliver@patagonia.dyndns.org
-
tduggan@dekaresearch.com
-
zentena@hophead.dyndns.org