[NCLUG] port monitorer
dann
dannf at dannf.org
Sun Feb 18 20:59:40 MST 2001
hey,
here are the rules provided by the "Linux Firewall Design Tool" for
allowing ICQ connections:
http://linux-firewall-tools.com/linux/firewall/index.html
you can also try logging denied packets & watch the logs while you use
your icq client.
# ICQ server (4000)
# -----------------
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp \
-s any/0 $UNPRIVPORTS \
-d $IPADDR 2000:4000 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \
-s $IPADDR 2000:4000 \
-d any/0 $UNPRIVPORTS -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
-s any/0 $UNPRIVPORTS \
-d $IPADDR 4000 -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \
-s $IPADDR 4000 \
-d any/0 $UNPRIVPORTS -j ACCEPT
# ICQ client (4000)
# -----------------
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp \
-s $IPADDR $UNPRIVPORTS \
--destination-port 2000:4000 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp ! -y \
--source-port 2000:4000 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
ipchains -A output -i $EXTERNAL_INTERFACE -p udp \
-s $IPADDR $UNPRIVPORTS \
--destination-port 4000 -j ACCEPT
ipchains -A input -i $EXTERNAL_INTERFACE -p udp \
--source-port 4000 \
-d $IPADDR $UNPRIVPORTS -j ACCEPT
"Mark C. Smith" wrote:
>
> Greetings,
> My firewall is blocking a needed port for running icq, and I'm having
> a hard time finding it. I realize icq is *supposed* to use
> 2000-2020 tcp and 4000 udp, but those are open and it's still not
> working unless I open everything.
> Do you guys know of a tool that will tell me which ports are being
> used so that I can run it w/ icq and see what icq's doing?
> Muchas gracias.
>
> Mark
>
> *---------------------------------------------------------------------------*
> Mark c. Smith Markcs at CS.ColoState.EDU
> Dept. Computer Science http://WWW.CS.ColoState.EDU/~markcs
> Colorado State University (970)491-5305 (work)
> *---------------------------------------------------------------------------*
>
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
--
dannf at dannf.org
More information about the NCLUG
mailing list