But wait, the example is for 2.0.x and the subject states 2.2.3...
I think these examples will work (untested), particulars match David's
example.
ipmasqadm (http://juanjox.linuxhq.com/) is used for port forwarding setup.
I'll presume you've already enabled masquerading for the local net and that
input and output rules allowing the traffic are already in place. You'll
should also have a open connection for udp 4000 so that ICQ can talk to it's
servers. (it is a pain because all machines share this)
Try only one of the following combinations:
--
# port forwarding for ICQ using mfw
# for help /usr/sbin/ipmasqadm mfw -h
# ipchains rule to set the mark
ipchains -I input -p tcp -d-m 1
# imasqadm rule to forward the mark
ipmasqadm mfw -I -m 1 -r 192.168.0.10 2000:2020
--
--
# port forwarding for ICQ using autofw
# note: autofw is currently broken on my system and
# ipmasqadm autofw -h while documented does not work
# udp is security hole but it allows registration
ipmasqadm autofw -A -r udp 4000 4000
ipmasqadm autofw -A -r tcp 2000 2020 -h 192.168.0.10
--
--
# port forwarding for ICQ using portfw
# note: I have never tried this one
# for help /usr/sbin/ipmasqadm portfw -h
ipmasqadm portfw -a -P tcp -L 10.1.2.3 2000:2020 -R 192.168.0.10 2000:2020
--
Note: I do not have to reboot or restart ICQ for the firewall changes to
work, just had to disconnect and reconnect to the ICQ server. (Just
rechecked with ICQ 99a and ICQ 98.)
HTH,
Lourdes
David A. Ranch wrote:
> >What rule do I need to add to my rc.firewall to get ICQ on WinXX
> >machines to be able to connect the the ICQ servers? I searched
> >dejanews
> >and can't find anything that works.
>
> Cut directly from the new IPMASQ howto that hopefully will
> be finished this weekend. Its also in the TrinityOS doc:
>
> http://www.ecst.csuchico.edu/~dranch/LINUX/TrinityOS.wri
>
> --
> With the following configuration, ICQ messaging, URLs, chat, file
> transfer, etc ALL work fine!
>
> First, you need to be running a Linux kernel with
> IPPPORTFW enabled.
>
> Next, you need to add the following lines to your
> /etc/rc.d/rc.firewall
> file. This example assumes that 10.1.2.3 is your
> external Internet IP
> address and your internal MASQed ICQ machine is 192.168.0.10:
>
> The following example is for a 2.0.x kernel:
[snip]
>
> Once your new rc.firewall is ready, reload the ruleset to
> make sure things
> are ok by simple typing in "/etc/rc.d/rc.firewall". If you
> get any errors,
> you either don't have IPPORTFW support in the kernel or you
> made a typo
> in the rc.firewall file.
>
> Now, in ICQ's Preferences-->Connection, configure it to be
> "Behind a LAN"
> and "Behind a firewall or Proxy". Now, click on "Firewall
> Settings" and
> configure it to be "I don't use a SOCK5 proxy", enable
> "Firewall session
> timeouts" and set it for "30" seconds. Finally, click on Next and
> configure ICQ to "Use the following TCP listen ports.." from "2000" to
> "2020". Now click done.
>
> Now ICQ will tell you that you have to restart ICQ for the changes to
> take effect. To be honest, I had to REBOOT the Windows9x
> machine to get
> things to work right. So.. try it both ways.
> --
_______________________________________________
Masq maillist - [EMAIL PROTECTED]
http://tiffany.indyramp.com/mailman/listinfo/masq
Admin requests can be handled by web (above) or [EMAIL PROTECTED]
