-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Peter Marshall wrote:
> what do I need to do to allow ICQ to work through my firewall
For plain ICQ messages I use the following rules in my iptables setup
script:
$IPTABLES=`which iptables`
ICQ="205.188.0.0/16 64.12.0.0/16" # subnets for ICQ servers
[...]
# if you use iptables on your desktop
for icq in $ICQ
do
$IPTABLES -A OUTPUT -o <YOUR EXTERNAL IF> -m state NEW \
-p TCP --sport 1024:65535 --dport 5190 -d $icq -j ACCEPT
done
# if you use iptables on your gateway
for icq in $ICQ
do
$IPTABLES -A FORWARD -i <YOUR INTERNAL IF> \
-o <YOUR EXTERNAL IF> -m state --state NEW -p TCP \
--sport 1024:65535 --dport 5190 -d $icq -j ACCEPT
done
[...]
Of course you'll need default rules(ESTABLISHED,RELATED) for all
subsequent packets and the way back to your clients or desktop.
Florian
- --
Public PGP key is available on common key servers.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFA0JCJwT2gPfZm6tURAlJgAKCGIhQP0bHpyIazISLz8Oamk3QUBwCguDbL
Op02A+6Cu5uy7yUUvGLg4e0=
=7naS
-----END PGP SIGNATURE-----
