Hi guys, Just started playing around with shorewall, and have noticed, that im getting these type of messages from ICQ, I''m have normal contact with my icq contacts, messaging back and forth is no problem. Jun 26 00:51:39 gw-homenet kernel: Shorewall:net2all:DROP:IN=eth1 OUTMAC=00:60:08:74:39:5d:00:80:9f:24:14:3e:08:00 SRC=206.82.136.154 DST=10.0.0.100 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=1703 DF PROTO=TCP SPT=1202 DPT=31474 WINDOW=8760 RES=0x00 SYN URGP=0 This is my only setting I have pertaining to ICQ in my rules config. ACCEPT net loc tcp 4000:4100 Can all other settings are basically like those from Tom''s documentation, no DMS in place Thnks for the help
On Wed, 26 Jun 2002, Reginald R. Richardson wrote:> > Jun 26 00:51:39 gw-homenet kernel: Shorewall:net2all:DROP:IN=eth1 OUT> MAC=00:60:08:74:39:5d:00:80:9f:24:14:3e:08:00 SRC=206.82.136.154 > DST=10.0.0.100 LEN=48 TOS=0x00 PREC=0x00 TTL=107 ID=1703 DF PROTO=TCP > SPT=1202 DPT=31474 WINDOW=8760 RES=0x00 SYN URGP=0 > > > This is my only setting I have pertaining to ICQ in my rules config. > ACCEPT net loc tcp > 4000:4100 >You will want that to be: DNAT net loc:10.0.0.100 tcp 4000:4100 unless you (like I) are using static NAT. You also need to be sure that your ICQ client is configured to use ports 4000:4100. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ teastep@shorewall.net