Board index Linux Security

MSN Messenger & ipchains

MSN Messenger & ipchains

Post by Layton Welbor » Sun, 10 Sep 2000 10:45:55



This is my original post to the comp.os.linux.networking group and I
didn't receive an
answer.  I was hoping maybe someone in here could help.

Thanx in advance,

Hello everyone,
    I have an issue....
        We have an ipchains firewall MASQing all of our internet
traffic.  We have some employees that work remotely ( mainly my boss )
and we all use the MSN Messenger service.  The problem I am having is
doing voice communication via this tool.  The instant messaging & file
transfers work fine, but the voice doesn't.

Here is what M$ says to do:
    For instant messaging:
        Make sure that outgoing TCP connections to Port 1863 are
enabled.
        For voice communications Make sure that outgoing TCP connections

from Port 6901 are enabled.
         Also, you need to enable UDP packets where either the source or

the destination port is 6901.

   For file transfer:
        Enable both incoming and outgoing TCP connections to this range
of ports: 6891 to 6900.
            This allows up to 10 simultaneous file transfers per sender.

        The TCP ports need to be configured so that sockets on a port
are open for extended periods of time.

****For voice communications:
        Make sure that outgoing TCP connections from Port 6901 are
enabled.
        Also, you need to enable UDP packets where either the source or
the destination port is 6901.

Here is what I have done so far:
        /sbin/ipchains -F input
        /sbin/ipchains -F forward
        /sbin/ipchains -F output
        /sbin/ipchains -M -S 7200 10 60
        /sbin/ipchains -A input -j ACCEPT -i eth0 -s 0/0 68 -d 0/0 67 -p

udp
        /sbin/ipchains -P forward DENY
        /sbin/ipchains -A forward -s 144.72.36.0/24 -j MASQ
        /sbin/ipchains -A forward -j DENY -l
        echo 1 > /proc/sys/net/ipv4/ip_forward
        /sbin/modprobe ip_masq_ftp
        /sbin/modprobe ip_masq_raudio
        /usr/sbin/ipmasqadm portfw -f
        # For Instant Messaging
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 1863 -R my_pc
1863
        # For voice
        /usr/sbin/ipmasqadm portfw -a -P tcp -L $EXTIP 6901 -R my_pc
6901
        /usr/sbin/ipmasqadm portfw -a -P udp -L $EXTIP 6901 -R my_pc
6901

Can anyone help me with what the proper port forwarding settings would
be?

ANY HELP would be GREATLY appreciated.

THANX in advance,

Layton

 
 
 
Top

1. Ipchains: MSN & AOL Messenger Port#s?

Hi all,

I am wondering if anyone knows the ports that AOL and MSN instant
messengers use?

I would like to block users access to these programs with IPCHAINS, but
cant seem to find any good resources on the net about programs and their
port #s?

If anyone knows the ports these use..THANKS SO MUCH, but also if someone
could pass me some web resources that list ports and programs, I would
be soo thankful as I wouldnt have to waiste  your time posting here.

Thanks All

--
Quad

Sent via Deja.com http://www.deja.com/
Before you buy.

2. Dial-on-Demand works, now make it stop - or diald

3. MSN Messenger & an ipchains FW

4. Copper Gig Ethernet Interface doesn't seem to work

5. ipchains & MSN Messenger 3.6 VOICE

6. tcpip printer in solaris

7. MSN Messenger behind IPCHAINS

8. KDE error?

9. AOL IM/MSN Messenger file xfer thru ipchains

10. MSN messenger and IPChains

11. MSN Messenger VOICE through IPChains/IPMasqadm Firewall

12. use ipchains to block msn messenger

13. MSN Messenger and IPChains


All times are UTC
Board index