From owner-freebsd-questions  Thu Feb 12 08:56:50 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA23040
          for questions-outgoing; Thu, 12 Feb 1998 08:56:50 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from relay.ucb.crimea.ua (relay.ucb.crimea.ua [194.93.177.113])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA23028
          for <freebsd-questions@FreeBSD.ORG>; Thu, 12 Feb 1998 08:56:40 -0800 (PST)
          (envelope-from ru@relay.ucb.crimea.ua)
Received: (from ru@localhost)
	by relay.ucb.crimea.ua (8.8.8/8.8.8) id QAA28601;
	Thu, 12 Feb 1998 16:53:25 +0200 (EET)
	(envelope-from ru)
From: Ruslan Ermilov <ru@ucb.crimea.ua>
Message-Id: <199802121453.QAA28601@relay.ucb.crimea.ua>
Subject: Re: using ipfw to block icq
In-Reply-To: <XFMail.980212092423.patrick@cre8tivegroup.com> from "Patrick Gardella" at "Feb 12, 98 09:24:23 am"
To: patrick@cre8tivegroup.com (Patrick Gardella)
Date: Thu, 12 Feb 1998 16:53:24 +0200 (EET)
Cc: tlt@tltodd.com, freebsd-questions@FreeBSD.ORG
X-My-Interests: Unix,Oracle,Networking
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi!

You may use ICQ (and its user-to-user interaction) using natd program.

Configure your ICQ client so it is "Behind the firewall" and assign
each client a separate portrange (minimum 11 contiguous ports required).

Then use natd to directly map this portrange to a proper client (see
redirect_port command of natd for details on how it works).

Once Patrick Gardella wrote:
> I've got the opposite problem.  Somewhere ICQ is being blocked for me, but
> shouldn't be.
> 
> ICQ sends it's stuff mainly on port 4000.  But the app allows you to get around
> firewalls and seems to be specifically designed for this.  The typical user to
> user stuff is supposed to take place between UDP ports 2000 and 4000, although
> I've found it uses UDP 1190-1237 (Which is where I was blocked).  Don't ask why!
> 
> Patrick
> 
> 
> On 11-Feb-98 Terry Todd wrote:
> > 
> > Anybody know how to block ICQ traffic?  I have ipfw set up and it does
> > a fine job of blocking IRC traffic.  Now there's new thing called ICQ
> > that I'm not sure how to block.  I am using my Freebsd system as a
> > firewall between a network of windoze systems and the internet.  ICQ
> > is running on the windoze system.  Anybody know how this works?
> > 
> > Thanks,
> > Terry Todd
> > 
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe questions" in the body of the message
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe questions" in the body of the message
> 


-- 
Ruslan A. Ermilov	System Administrator
ru@ucb.crimea.ua	United Commercial Bank
+380-652-247647 	Simferopol, Crimea
2426679 		ICQ Network, UIN

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe questions" in the body of the message