From owner-freebsd-security  Wed Feb 10 06:23:59 1999
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id GAA02816
          for freebsd-security-outgoing; Wed, 10 Feb 1999 06:23:59 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from kendra.ne.mediaone.net (kendra.ne.mediaone.net [24.128.94.182])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA02809
          for <security@freebsd.org>; Wed, 10 Feb 1999 06:23:54 -0800 (PST)
          (envelope-from software@kew.com)
Received: from sonata.hh.kew.com (root@sonata-dmz.hh.kew.com [192.168.205.1])
	by kendra.ne.mediaone.net (8.9.1/8.9.1) with ESMTP id JAA09209;
	Wed, 10 Feb 1999 09:23:50 -0500 (EST)
Received: from kew.com (minerva.hh.kew.com [192.168.203.144])
	by sonata.hh.kew.com (8.9.1/8.9.1) with ESMTP id JAA13883;
	Wed, 10 Feb 1999 09:23:49 -0500 (EST)
Message-ID: <36C19674.F553CB64@kew.com>
Date: Wed, 10 Feb 1999 09:23:48 -0500
From: Drew Derbyshire <software@kew.com>
Organization: Kendra Electronic Wonderworks, Stoneham, MA 02180 (http://www.kew.com)
X-Mailer: Mozilla 4.5 [en] (WinNT; U)
X-Accept-Language: en
MIME-Version: 1.0
To: security@FreeBSD.ORG
Subject: firewall with SOCKS5, UDP, ICQ
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

I've got a firewall running FreeBSD 2.2.7-RELEASE.  Because the ICQ Windows
client longs for UDP support, I've installed the  socks5-v1.0r8 server, but
keep seeing the following errors:

Feb 10 09:07:31 pandora Socks5[9147]: Socks5 starting at Wed Feb 10 09:07:31 1999 from inetd
Feb 10 09:07:31 pandora Socks5[9147]: UDP Proxy Request: (lucia.hh.kew.com:1177) for user thomas
Feb 10 09:07:31 pandora Socks5[9147]: UDP Proxy Established: (lucia.hh.kew.com:1178) for user thomas

Now, I don't care about the errors per se, but the general functionality of
the ICQ client behind the firewall is affected by as opposed to on a bare dial
connection is noticeable, such as server time outs and the like.

Time out for the server is set for 240 (minutes), time-outs for the client is
set for 9999 (seconds).   Suggestions, comments?

--
Drew Derbyshire         UUPC/extended e-mail:  software@kew.com
                                   Telephone:  617-279-9812

"People will buy anything that's one to the customer"   - Sinclair Lewis



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message