[plug] Masquerading ICQ?
Matt Kemner
zombie at wasp.net.au
Thu May 3 11:10:08 WST 2001
On Wed, 2 May 2001, Bernard Blackham wrote:
> With kernel 2.4.x I believe it'd be possible to use it's improved
> firewalling setup to forward particular ports to particular machines and
> set the option for ICQ to say "I can receive connections on this range of
> ports". I've never done it before, but I suspect it should work. Anyone
> tried this?
You don't need 2.4.x for that. It works great on 2.2.x and even 2.0.x, but
the syntax differs.
Under 2.0.x you would do:
ipautofw -A -r tcp 2000 2020 -h <IP of machine running ICQ>
ipautofw -A -r udp 2000 2020 -h <IP of machine running ICQ>
Under 2.2.x you would do:
port=2000
while [ $port -le 2020 ]
do
/usr/local/sbin/ipmasqadm portfw -a -P tcp -L <gateway ext IP> $port \
-R <ICQ IP> $port
port=$(($port+1))
done
And then configure ICQ to use only ports 2000->2020
Note that if you don't have a static IP, your gateway ext IP will change
so you will need to re-create the rules every time you dial in (which is
what /etc/ppp/ip-up comes in real handy for)
- Matt
More information about the plug
mailing list