[NCLUG] port monitorer

Chris Wolney chris at wolney.com
Sun Feb 18 23:02:20 MST 2001


That's a nice tool, I'll have to tuck that away for any future linux-based
firewalling I do.

Here's some other information that may help you out.  I only use ICQ on my
Windoze box with a Linksys BFSR41 cable/DSL router, so please take this
information with a grain of salt.  If you have any MS boxes using the
ICQ-provided client behind your firewall it may help.

The rc.firewall tool looks like it opens up port 4000 for ICQ.   My Windoze
box is connecting to the ICQ server at 5190.  That was enough for me to
connect to the server and send messages.  The pain for me was getting file
transfer to work.  In order to get that going, I had to keep an eye on
things with netstat while trying to send files.  I had to forward ports
20000-20020 and 51200-51220 to my box, and set the Connections - User -
Advanced Users section to "Not Using Proxy" and set "Use the following TCP
listen port for incoming events: 20000-20020".  I'm not certain that the
Linux clients will have that setting available, since I stopped using the
Linux ICQ clients quite some time ago.

FWIW,

-Chris


----- Original Message -----
From: dann <dannf at dannf.org>
To: <nclug at nclug.org>
Sent: Sunday, February 18, 2001 7:59 PM
Subject: Re: [NCLUG] port monitorer


> hey,
>   here are the rules provided by the "Linux Firewall Design Tool" for
> allowing ICQ connections:
> http://linux-firewall-tools.com/linux/firewall/index.html
>
> you can also try logging denied packets & watch the logs while you use
> your icq client.
>
>     # ICQ server (4000)
>     # -----------------
>     ipchains -A input  -i $EXTERNAL_INTERFACE -p tcp  \
>              -s any/0 $UNPRIVPORTS \
>              -d $IPADDR 2000:4000 -j ACCEPT
>
>     ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y \
>              -s $IPADDR 2000:4000 \
>              -d any/0 $UNPRIVPORTS -j ACCEPT
>
>     ipchains -A input  -i $EXTERNAL_INTERFACE -p udp  \
>              -s any/0 $UNPRIVPORTS \
>              -d $IPADDR 4000 -j ACCEPT
>
>     ipchains -A output -i $EXTERNAL_INTERFACE -p udp  \
>              -s $IPADDR 4000 \
>              -d any/0 $UNPRIVPORTS -j ACCEPT
>
>
>     # ICQ client (4000)
>     # -----------------
>     ipchains -A output -i $EXTERNAL_INTERFACE -p tcp  \
>              -s $IPADDR $UNPRIVPORTS \
>              --destination-port 2000:4000 -j ACCEPT
>
>     ipchains -A input  -i $EXTERNAL_INTERFACE -p tcp ! -y \
>              --source-port 2000:4000 \
>              -d $IPADDR $UNPRIVPORTS -j ACCEPT
>
>     ipchains -A output -i $EXTERNAL_INTERFACE -p udp  \
>              -s $IPADDR $UNPRIVPORTS \
>              --destination-port 4000 -j ACCEPT
>
>     ipchains -A input  -i $EXTERNAL_INTERFACE -p udp  \
>              --source-port 4000 \
>              -d $IPADDR $UNPRIVPORTS -j ACCEPT
>
> "Mark C. Smith" wrote:
> >
> > Greetings,
> > My firewall is blocking a needed port for running icq, and I'm having
> > a hard time finding it.  I realize icq is *supposed* to use
> > 2000-2020 tcp and 4000 udp, but those are open and it's still not
> > working unless I open everything.
> > Do you guys know of a tool that will tell me which ports are being
> > used so that I can run it w/ icq and see what icq's doing?
> > Muchas gracias.
> >
> > Mark
> >
> >
*---------------------------------------------------------------------------
*
> > Mark c. Smith                            Markcs at CS.ColoState.EDU
> > Dept. Computer Science
http://WWW.CS.ColoState.EDU/~markcs
> > Colorado State University                (970)491-5305 (work)
> >
*---------------------------------------------------------------------------
*
> >
> > _______________________________________________
> > NCLUG mailing list
> > NCLUG at nclug.org
> > http://www.nclug.org/mailman/listinfo/nclug
>
> --
>
> dannf at dannf.org
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
>




More information about the NCLUG mailing list