Results 1 to 9 of 9
Hi folks
I have a linux box in my LAN with :
RH 9 , iptables-1.2.6a-2 , kernel 2.4.18.-14 , iproute-2.4.7-5 , squid-2.5.STABLE1
valid IPs : 1.2.3.140 -- 1.2.3.143
invalid ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 08-02-2003 #1Just Joined!
- Join Date
- Jul 2003
- Location
- Iran
- Posts
- 3
Yahoo messenger confusion with iptables SNAT
Hi folks
I have a linux box in my LAN with :
RH 9 , iptables-1.2.6a-2 , kernel 2.4.18.-14 , iproute-2.4.7-5 , squid-2.5.STABLE1
valid IPs : 1.2.3.140 -- 1.2.3.143
invalid IPs : 192.168.0.128 -- 192.168.0.191
ifconfig eth0 192.168.0.135 netmask 255.255.255.192 broadcast 192.168.0.191
ifconfig eth0:0 1.2.3.142 netmask 255.255.255.252 broadcast 1.2.3.143
route add default gw 1.2.3.141
iptables -t nat -A POSTROUTING -s 192.168.0.128/26 -o eth0 -j SNAT --to 1.2.3.142
this box is my gateway; everything is good : my users can ping the internet, use http and ftp and . . .
but there is a problem :
when they want to login with yahoo messenger sometimes they can , and sometimes they can't
any idea?
thanks in advance
Pejman
- 08-02-2003 #2Linux Engineer
- Join Date
- Apr 2003
- Location
- Sweden
- Posts
- 796
I have heard that some messanger programs ahre using port-ranges instead of on specific port. Verify that it isnt so in this case. If so you have to grant and nat for the portrange also.
Regards
Andutt
- 08-02-2003 #3Just Joined!
- Join Date
- Jul 2003
- Location
- Iran
- Posts
- 3
Thanks, I'll try it .
- 08-22-2003 #4Linux Newbie
- Join Date
- Aug 2003
- Posts
- 113
This is an outgoing tcp port 5050 connection..Static...Theres no need to port forward anything into the local lan. Yahoo IM is a like a client_server app. Everything is pushed to the server at yahoo. Nothing is ever incoming to you..
JBanksJB
- 08-22-2003 #5Linux Guru
- Join Date
- Oct 2001
- Location
- Täby, Sweden
- Posts
- 7,578
I'm pretty sure that file transfers aren't pushed through yahoo's servers. It's true that the login procedure probably has nothing to do with it, though.
- 08-23-2003 #6Linux Newbie
- Join Date
- Aug 2003
- Posts
- 113
Correct Dolda,
All clients interact with the server thats it. You'll never see a Yahoo IM client directly connect to another Yahoo IM client. The clients connect to the server authenticate and then when another client wants to send a message it will send it to the server. Since the server and the other client have already established a TCP circut the server merely updates the other client to let them know someone is type or has just sent a message..BeeP...
JB
- 08-23-2003 #7Linux Newbie
- Join Date
- Aug 2003
- Posts
- 113
Hello Dolda,
Can you please send a response to this as a test. For some reason sykkn@linuxforums.org Keeps getting dumped into the spam bucket...Yahoo's been having some problems today I guess.
Thanks, JB
- 08-23-2003 #8Linux Guru
- Join Date
- Oct 2001
- Location
- Täby, Sweden
- Posts
- 7,578
Although the server's bandwidth would get eaten if all files transfers were being routed through it. Therefore, a direct connection is established between two clients if someone wants to transfer a file.
- 08-23-2003 #9Linux Newbie
- Join Date
- Aug 2003
- Posts
- 113
Hello Dolda,
I've never actually "transferred files" with Gaim messenger client using Yahoo protocol. I've only watched Ethereal packet sniffer when just using the simple Yahoo IM messenging back and forth with another Yahoo IM client..
If your corect then that would mean that I would need to configure my firewall to let that in. Thats not really a problem because I know what fixed ip addresses that Yahoo IM buddies or coming from.
I would like to test this theory thought just to see if your correct..
Thanks,JB
Reply With Quote 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
