From: Florian Boelstler <euphoria@web.de>
Cc: netfilter <netfilter@lists.netfilter.org>
Subject: Re: icq
Date: Wed, 16 Jun 2004 20:25:13 +0200 [thread overview]
Message-ID: <40D09089.7010704@web.de> (raw)
In-Reply-To: <17e501c453c9$a9b83490$49caa8c0@caris.priv>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
Peter Marshall wrote:
> what do I need to do to allow ICQ to work through my firewall
For plain ICQ messages I use the following rules in my iptables setup
script:
$IPTABLES=`which iptables`
ICQ="205.188.0.0/16 64.12.0.0/16" # subnets for ICQ servers
[...]
# if you use iptables on your desktop
for icq in $ICQ
do
$IPTABLES -A OUTPUT -o <YOUR EXTERNAL IF> -m state NEW \
-p TCP --sport 1024:65535 --dport 5190 -d $icq -j ACCEPT
done
# if you use iptables on your gateway
for icq in $ICQ
do
$IPTABLES -A FORWARD -i <YOUR INTERNAL IF> \
-o <YOUR EXTERNAL IF> -m state --state NEW -p TCP \
--sport 1024:65535 --dport 5190 -d $icq -j ACCEPT
done
[...]
Of course you'll need default rules(ESTABLISHED,RELATED) for all
subsequent packets and the way back to your clients or desktop.
Florian
- --
Public PGP key is available on common key servers.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Debian - http://enigmail.mozdev.org
iD8DBQFA0JCJwT2gPfZm6tURAlJgAKCGIhQP0bHpyIazISLz8Oamk3QUBwCguDbL
Op02A+6Cu5uy7yUUvGLg4e0=
=7naS
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2004-06-16 18:25 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-06-16 17:45 icq Peter Marshall
2004-06-16 17:51 ` icq Alexis
2004-06-16 18:25 ` Florian Boelstler [this message]
2004-06-16 20:42 ` icq Rob Sterenborg
-- strict thread matches above, loose matches on Subject: below --
2004-06-16 21:03 icq Hudson Delbert J Contr 61 CS/SCBN
2004-06-17 2:26 ` icq Alistair Tonner
2004-06-18 13:15 icq Hudson Delbert J Contr 61 CS/SCBN
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=40D09089.7010704@web.de \
--to=euphoria@web.de \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.