-----Ursprungliche Nachricht----- Von: Corvin Russell [mailto:corvinr@sympatico.ca] Gesendet: Freitag, 5. Januar 2001 15:50 An: suse-security@suse.com Betreff: [suse-security] ICQ and firewals
I am using the firewall package that came with 6.4. Neither kicq nor ICQJava can establish a connection. Both work fine when
the firewall
is stopped. What do I need to allow? I don't have a sniffer running,
Yes, you have. Try tcpdump or iptraf. I think you do better with iptraf. If it's not installed on your linux box, install it from the n(etwork) section.
and there's no documentation about the ports that ICQ listens on. I have noticed 1067, 1069 so far. The ICQ server is at 205.188.153.100 - 205.188.153.110 (looks like) and connects on port 4000.
So icq is doing the following: Request to icq server: You ------> icq server 1024: ------> 4000 Answer from icq server: You <------ icq server 1024: <------ 4000 And this is how you have to open your firewall. ipchains wise it would sound like this: ipchains -A output -p tcp -s [ip.of.your.machine] 1024: -d [ip.of.icq.server] 4000 -i [ext-eth] -j ACCEPT # with this rule the packets are leaving your firewall box on ext-eth to icq server ipchains -A input -p tcp -s [ip.of.icq.server] 4000 -d [ip.of.your.machine] 1024: -i [ext-eth] -j ACCEPT # and this is icq server's answer on ext eth on your firewall box. The only thing you have now to do is to define both forward and input rules and then you'll be fine. You can also adapt this to SuSE firewall which, as much as I've heard about it, does not have a real good reputation. HTH Philipp
TIA
Corvin
-- Corvin Russell
---------------------------------------------------------------------
To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com