From owner-freebsd-questions  Mon Feb 16 14:16:24 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA16883
          for freebsd-questions-outgoing; Mon, 16 Feb 1998 14:16:24 -0800 (PST)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from ha1.rdc1.sfba.home.com (siteadm@ha1.rdc1.sfba.home.com [24.0.0.66])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA16739
          for <freebsd-questions@FreeBSD.ORG>; Mon, 16 Feb 1998 14:15:55 -0800 (PST)
          (envelope-from ludwigp@bigfoot.com)
Received: from speedy.plstn1.sfba.home.com ([24.1.82.47])
          by ha1.rdc1.sfba.home.com (Netscape Mail Server v2.02) with SMTP
          id AAA14301; Mon, 16 Feb 1998 14:15:27 -0800
Message-Id: <3.0.3.32.19980216141641.0337eea0@mail.plstn1.sfba.home.com>
X-Sender: ludwigp@mail.plstn1.sfba.home.com
X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.3 (32)
Date: Mon, 16 Feb 1998 14:16:41 -0800
To: Doug White <dwhite@resnet.uoregon.edu>,
        Mark Castillo <mark@relationships.com>
From: Ludwig Pummer <ludwigp@bigfoot.com>
Subject: Re: SOCKS or NAT
Cc: freebsd-questions@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.96.980216112759.10577I-100000@gdi.uoregon.edu>
References: <004f01bd38cd$90774a70$c800a8c0@phineas>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 11:28 AM 2/16/98 -0800, Doug White wrote:
>On Fri, 13 Feb 1998, Mark Castillo wrote:
>
>> I am planning on installing a small network of about 3-5 pc's.  One will be
>> FreeBSD connected to ASDL and local ethernet (192.168.0.x).  We will
only be
>> using outbound www, ftp, and email, and possibly use ICQ.  Is it easier to
>> use a SOCKS server (with socksified clients) or "natd"?
>
>natd by a long shot.  SOCKS requres SOCKSified clients.
>
>Doug White                              | University of Oregon  
>Internet:  dwhite@resnet.uoregon.edu    | Residence Networking Assistant
>http://gladstone.uoregon.edu/~dwhite    | Computer Science Major

I've found ICQ is quite picky about working through a natd / SOCKSed
machine. I've got 5 systems connected via a cable modem and was using NEC's
SOCKS5 for a while. This worked _sometimes_. ICQ would take forever to
connect when using the SOCKS5 method, but i could usually get incoming
direct connections (chat requests, file transfers). Using the SOCKS4
method, ICQ connected more quickly, but i couldn't get incoming direct
connections. I finally used natd's port -> ip:port redirection and set up
15 incoming TCP ports for each ICQ machine. ICQ is set to use those 15
incoming TCP ports instead of communicating with a SOCKS firewall. That's
been working very well for a few weeks now.
Two notes: 1) ICQ still uses incoming UDP to communicate with the ICQ
servers, but natd is intelligent about those. 2) ICQ doesn't seem to work
too well with SOCKS5. I saw in /var/log/messages that ICQ was requesting a
port, getting a different one (one or two ports higher than it requested),
closing that port, and requesting another. I think Mirabilis needs to worka
on their SOCKS5 support.

--Ludwig Pummer
ludwigp@bigfoot.com   ICQ UIN: 692441   http://chipweb.home.ml.org


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message