Messaging Protocols... newbie

Messaging Protocols... newbie

[Shawn Duffy]

[-- Attachment #1: Type: text/plain, Size: 903 bytes --]

Hey all... 
I am finally buckling down and getting a grasp on netfilter after being
a long time OpenBSD/ipf/pf user...
My base ruleset is just about ready to go but I am having a hard time
finding comprehensive rules that allow the following messaging
protocols:

AIM, Yahoo, ICQ, MSN, IRC

Also, doesn anyone have any rulesets that allow gtk-gnutella? 
I am more interested in the messaging rulesets since I don't use
gnutella that often but it would be helpful...

If someone could show me what they use or perhaps point me in the
direction of some docs that I may have missed online...

Thanks!
Shawn
-- 
email: pakkit at codepiranha dot org
web: http://codepiranha.org/~pakkit
gpg key: http://codepiranha.org/~pakkit/pakkit.asc
gpg fpr: 8988 6FB6 3CFE FE6D 548E  98FB CCE9 6CA9 98FC 665A
having problems reading email from me? http://codepiranha.org/~pakkit/pgp-trouble.html

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

RE: Messaging Protocols... newbie

[Darrell Dieringer]

Hello,

I haven't had any problems with AIM, Y!, ICQ, or MSN though my NAT-ing
firewall.  (Don't know about ICQ - I don't have occassion to use it.)
Of course, my firewall rules allow machines in my LAN to make new
connections to the outside world.  The firewall accepts the
ESTABLISHED,RELATED traffic for those connections.

Let me ammend what I said about "not having problems"... I don't have
any problems with the _chat_ features of those systems.  I am also
able to initaite file transfers (though AIM and MSN at least), but I
am not able to receive AIM file transfers initiated by another user.

I'm sure some kind of protocol helper is needed to allow the incomming
direct connection for AIM file transfers to work, but I haven't needed
it enough to look into it.  (I know someone has posted information
about it in the last few months on this list, accompanied by a very
good description of how the AIM network operates.)

If you are writing egress filtering rules on your firewall and need to
know what traffic to accept, make sure you are logging all of your
DROP-ed packets.  Then, open up AIM / Y! / etc and immediately check
the logs.  From the dropped packets in the logs, you can decipher what
the chat client was trying to do.  Then, you can write a rule to
permit it.

Darrell Dieringer - Madison, WI


> -----Original Message-----
> My base ruleset is just about ready to go but I am having a
> hard time
> finding comprehensive rules that allow the following messaging
> protocols:
>
> AIM, Yahoo, ICQ, MSN, IRC
>

RE: Messaging Protocols... newbie

[Rob Sterenborg]

> Let me ammend what I said about "not having problems"... I 
> don't have any problems with the _chat_ features of those 
> systems.  I am also able to initaite file transfers (though 
> AIM and MSN at least), but I am not able to receive AIM file 
> transfers initiated by another user.

I did have problems with ICQ chat and filetransfer, but solved them with
the (old) NEC socks5 server.
Normal messaging should be no problem when SNAT- or MASQ-ing.


Rob