Thread: AIM Express, squid, iptables configuration
View Single Post

  #2 (permalink)  
Old 07-05-2003
Dan Bar
 
Posts: n/a
Default Re: AIM Express, squid, iptables configuration


Mike napsal(a):
> SUMMARY
> -------
> AIM Express doesn't work on my home computer. I think the packets are
> being blocked by either squid or iptables. Does AIM Express work with
> squid? If so, how can I configure squid and iptables to allow this
> traffic?
>
> DETAILS
> -------
> I am trying to use AIM Express on my home computer (WinNT Workstation
> 4) but I can't get past the logon screen. I don't get any error
> messages -- it just goes off into limbo.
>
> I suspect that my squid/iptables configuration is stopping the AIM
> Express packets. Here is how my computers are set up. The WinNT box
> is connected to my Red Hat 7.1 box on eth0. All Web traffic for WinNT
> is via squid -- Red Hat is not set up for NAT.

Has your NT machine public IP (?) - since you are not using NAT, it must
have one to get IM packets out over Internet. Simple test - do ping
google.com from NT box work ?

> Squid has all of the
> standard ports open (e.g., http/https/ftp.) The Red Hat box is
> running an iptables firewall which only has the standard ports open
> (e.g., squid on the inside, http/https/ftp/dns on the outside.) The
> Red Hat box uses a PPPoE DSL connection to get to the Internet.
>
> My understanding was that AIM Express does all of its communications
> over port 80. However, when I tried running AIM Express at work, our
> firewall logged that it had blocked packets destined for port 5190.
> At home I opened up port 5190 on my iptables firewall but AIM Express
> still didn't respond. I even tried opening ports 5190 through 5193
> for inbound and outbound connections to no avail.
>

I do not have experience with your IM. But because the company is also
developing ICQ, there may be similarities with each other. In ICQ -
communication with ICQ server may be done directly or using proxy. When
I installed ICQ on firewalled intranet, I setup ICQ to communicate over
proxy (Squid) with no problem. Just take a look in setup window of your IM.

> Any help in getting the right configuration is greatly appreciated --
> my kids are going through severe IM withdrawal, and I need to fix this
> problem to save my sanity! ;-)
>
> Mike

(http://www.aim.com/help_faq/linux/la....adp#firewalls)

or simply run packet sniffer on one of your boxes (ethereal, tcpdump)
and watch what is going on.

Dan

Reply With Quote