From owner-freebsd-stable Fri Nov 2 18:18:57 2001 Delivered-To: freebsd-stable@freebsd.org Received: from rfnj.org (rfnj.org [216.239.237.194]) by hub.freebsd.org (Postfix) with ESMTP id E450E37B40D for ; Fri, 2 Nov 2001 18:18:52 -0800 (PST) Received: from megalomaniac.biosys.net (megalomaniac.rfnj.org [216.239.237.200]) by rfnj.org (Postfix) with ESMTP id E52291367C; Fri, 2 Nov 2001 21:17:59 +0000 (GMT) Message-Id: <5.1.0.14.0.20011102210953.00ae4528@rfnj.org> X-Sender: asym@rfnj.org X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 02 Nov 2001 21:21:05 -0500 To: Andreas Ntaflos From: Allen Landsidel Subject: Re: ICQ and NAT again.. :( Cc: freebsd-stable@freebsd.org In-Reply-To: <20011103023357.A1564@Deadcell.ANT> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 02:33 AM 11/3/2001 +0100, you wrote: >To have ICQ work well behind a firewall, you need to redirect a range >of ports to the machine you have the ICQ client running. AFAIK, you need >a different range of ports for each machine behind the NAT box. I would just like to clarify something here. This is no longer true for the current versions of ICQ. If you are using an old version or a "clone" it may be true. Currently, ICQ needs only the following : (from http://www.icq.com/icqtour/firewall/netadmin.html -- just scroll down to the part where it says "In the event you cannot open any TCP listening port) To be able to open a TCP connection to port 5190 on login.icq.com After that, it needs nothing. Configure it to use no listening ports, and it will use none and work just fine by transferring messages through the server. I am currently using ICQ on my windows box, behind a FreeBSD firewall. While I am not behind NAT, I allow no incoming traffic to this box except for those my box has created going out; it works fine. I won't address the rest of the message because it doesn't appear that you are using the latest version of ICQ, and it is quite possible that you are using a clone instead.. so a reasonable person would see three options here: #1 : If you are using ICQ, upgrade to the latest version. #2 : If you are using a clone, upgrade to the latest version. 2a: If there is not a new version of the clone available that uses the new protocol, pester the developer to get up to speed. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message