Find the answer to your Linux question:
Results 1 to 9 of 9
Hi folks I have a linux box in my LAN with : RH 9 , iptables-1.2.6a-2 , kernel 2.4.18.-14 , iproute-2.4.7-5 , squid-2.5.STABLE1 valid IPs : 1.2.3.140 -- 1.2.3.143 invalid ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jul 2003
    Location
    Iran
    Posts
    3

    Yahoo messenger confusion with iptables SNAT


    Hi folks
    I have a linux box in my LAN with :

    RH 9 , iptables-1.2.6a-2 , kernel 2.4.18.-14 , iproute-2.4.7-5 , squid-2.5.STABLE1

    valid IPs : 1.2.3.140 -- 1.2.3.143
    invalid IPs : 192.168.0.128 -- 192.168.0.191


    ifconfig eth0 192.168.0.135 netmask 255.255.255.192 broadcast 192.168.0.191
    ifconfig eth0:0 1.2.3.142 netmask 255.255.255.252 broadcast 1.2.3.143

    route add default gw 1.2.3.141

    iptables -t nat -A POSTROUTING -s 192.168.0.128/26 -o eth0 -j SNAT --to 1.2.3.142

    this box is my gateway; everything is good : my users can ping the internet, use http and ftp and . . .
    but there is a problem :
    when they want to login with yahoo messenger sometimes they can , and sometimes they can't

    any idea?

    thanks in advance
    Pejman

  2. #2
    Linux Engineer
    Join Date
    Apr 2003
    Location
    Sweden
    Posts
    796
    I have heard that some messanger programs ahre using port-ranges instead of on specific port. Verify that it isnt so in this case. If so you have to grant and nat for the portrange also.
    Regards

    Andutt

  3. #3
    Just Joined!
    Join Date
    Jul 2003
    Location
    Iran
    Posts
    3
    Thanks, I'll try it .

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Newbie
    Join Date
    Aug 2003
    Posts
    113
    This is an outgoing tcp port 5050 connection..Static...Theres no need to port forward anything into the local lan. Yahoo IM is a like a client_server app. Everything is pushed to the server at yahoo. Nothing is ever incoming to you..


    JBanks
    JB

  6. #5
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    I'm pretty sure that file transfers aren't pushed through yahoo's servers. It's true that the login procedure probably has nothing to do with it, though.

  7. #6
    Linux Newbie
    Join Date
    Aug 2003
    Posts
    113
    Correct Dolda,

    All clients interact with the server thats it. You'll never see a Yahoo IM client directly connect to another Yahoo IM client. The clients connect to the server authenticate and then when another client wants to send a message it will send it to the server. Since the server and the other client have already established a TCP circut the server merely updates the other client to let them know someone is type or has just sent a message..BeeP...


    JB

  8. #7
    Linux Newbie
    Join Date
    Aug 2003
    Posts
    113
    Hello Dolda,

    Can you please send a response to this as a test. For some reason sykkn@linuxforums.org Keeps getting dumped into the spam bucket...Yahoo's been having some problems today I guess.


    Thanks,
    JB

  9. #8
    Linux Guru
    Join Date
    Oct 2001
    Location
    Täby, Sweden
    Posts
    7,578
    Although the server's bandwidth would get eaten if all files transfers were being routed through it. Therefore, a direct connection is established between two clients if someone wants to transfer a file.

  10. #9
    Linux Newbie
    Join Date
    Aug 2003
    Posts
    113
    Hello Dolda,

    I've never actually "transferred files" with Gaim messenger client using Yahoo protocol. I've only watched Ethereal packet sniffer when just using the simple Yahoo IM messenging back and forth with another Yahoo IM client..
    If your corect then that would mean that I would need to configure my firewall to let that in. Thats not really a problem because I know what fixed ip addresses that Yahoo IM buddies or coming from.

    I would like to test this theory thought just to see if your correct..

    Thanks,
    JB

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •