MSN Messenger & an ipchains FW

MSN Messenger & an ipchains FW

Post by Layton Welbor » Thu, 31 Aug 2000 04:00:00



Hello everyone,
    I have an issue....
        We have an ipchains firewall MASQing all of our internet
traffic.  We have some employees that work remotely ( mainly my boss )
and we all use the MSN Messenger service.  The problem I am having is
doing voice communication via this tool.  The instant messaging & file
transfers work fine, but the voice doesn't.

Here is what M$ says to do:
    For instant messaging:
        Make sure that outgoing TCP connections to Port 1863 are
enabled.
        For voice communications Make sure that outgoing TCP connections
from Port 6901 are enabled.
         Also, you need to enable UDP packets where either the source or
the destination port is 6901.

   For file transfer:
        Enable both incoming and outgoing TCP connections to this range
of ports: 6891 to 6900.
            This allows up to 10 simultaneous file transfers per sender.

        The TCP ports need to be configured so that sockets on a port
are open for extended periods of time.

****For voice communications:
        Make sure that outgoing TCP connections from Port 6901 are
enabled.
        Also, you need to enable UDP packets where either the source or
the destination port is 6901.

Here is what I have done so far:
        /sbin/ipchains -F input
        /sbin/ipchains -F forward
        /sbin/ipchains -F output
        /sbin/ipchains -M -S 7200 10 60
        /sbin/ipchains -A input -j ACCEPT -i eth0 -s 0/0 68 -d 0/0 67 -p
udp
        /sbin/ipchains -P forward DENY
        /sbin/ipchains -A forward -s 144.72.36.0/24 -j MASQ
        /sbin/ipchains -A forward -j DENY -l
        echo 1 > /proc/sys/net/ipv4/ip_forward
        /sbin/modprobe ip_masq_ftp
        /sbin/modprobe ip_masq_raudio
        /usr/sbin/ipmasqadm portfw -f
        # For Instant Messaging
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 1863 -R my_pc
1863
        # For voice
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 6901 -R my_pc
6901
        /usr/sbin/ipmasqadm portfw -a -P udp -L $EXTIP 6901 -R my_pc
6901

Can anyone help me with what the proper port forwarding settings would
be?

ANY HELP would be GREATLY appreciated.

THANX in advance,

Layton

 
 
 

1. MSN Messenger & ipchains

This is my original post to the comp.os.linux.networking group and I
didn't receive an
answer.  I was hoping maybe someone in here could help.

Thanx in advance,

Hello everyone,
    I have an issue....
        We have an ipchains firewall MASQing all of our internet
traffic.  We have some employees that work remotely ( mainly my boss )
and we all use the MSN Messenger service.  The problem I am having is
doing voice communication via this tool.  The instant messaging & file
transfers work fine, but the voice doesn't.

Here is what M$ says to do:
    For instant messaging:
        Make sure that outgoing TCP connections to Port 1863 are
enabled.
        For voice communications Make sure that outgoing TCP connections

from Port 6901 are enabled.
         Also, you need to enable UDP packets where either the source or

the destination port is 6901.

   For file transfer:
        Enable both incoming and outgoing TCP connections to this range
of ports: 6891 to 6900.
            This allows up to 10 simultaneous file transfers per sender.

        The TCP ports need to be configured so that sockets on a port
are open for extended periods of time.

****For voice communications:
        Make sure that outgoing TCP connections from Port 6901 are
enabled.
        Also, you need to enable UDP packets where either the source or
the destination port is 6901.

Here is what I have done so far:
        /sbin/ipchains -F input
        /sbin/ipchains -F forward
        /sbin/ipchains -F output
        /sbin/ipchains -M -S 7200 10 60
        /sbin/ipchains -A input -j ACCEPT -i eth0 -s 0/0 68 -d 0/0 67 -p

udp
        /sbin/ipchains -P forward DENY
        /sbin/ipchains -A forward -s 144.72.36.0/24 -j MASQ
        /sbin/ipchains -A forward -j DENY -l
        echo 1 > /proc/sys/net/ipv4/ip_forward
        /sbin/modprobe ip_masq_ftp
        /sbin/modprobe ip_masq_raudio
        /usr/sbin/ipmasqadm portfw -f
        # For Instant Messaging
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 1863 -R my_pc
1863
        # For voice
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 6901 -R my_pc
6901
        /usr/sbin/ipmasqadm portfw -a -P udp -L $EXTIP 6901 -R my_pc
6901

Can anyone help me with what the proper port forwarding settings would
be?

ANY HELP would be GREATLY appreciated.

THANX in advance,

Layton

2. 2.4.19-pre8-ac2 does not compile

3. Ipchains: MSN & AOL Messenger Port#s?

4. Printer setup (HP Deskjet 695) -- no colors!!

5. ipchains & MSN Messenger 3.6 VOICE

6. AHA-1740 SCSI errors

7. MSN Messenger behind IPCHAINS

8. Beast Kit 1.2????

9. AOL IM/MSN Messenger file xfer thru ipchains

10. MSN messenger and IPChains

11. MSN Messenger VOICE through IPChains/IPMasqadm Firewall

12. use ipchains to block msn messenger

13. MSN Messenger and IPChains