Date: Thu, 21 Oct 1999 00:19:05 -0700 From: Ludwig Pummer <ludwigp@bigfoot.com> To: michaels@inet.no Cc: freebsd-questions@freebsd.org Subject: Re: Problems with ICQ via NAT Message-ID: <380EBE69.B82E96A9@bigfoot.com> References: <19991017103504.19549.qmail@bastesen.inet.no>
next in thread | previous in thread | raw e-mail | index | archive | help
michaels@inet.no wrote: > > > Your redirect_port solution doesn't work if you're trying to communicate > > with someone else behind a firewall. I've tried. ICQ seems to refuse to > > even try. So I installed a SOCK5 Proxy. I had great success with Dante > > v1.1.0-pre2 (http://www.inet.no/dante). Unfortunately, the 1.1.0 final > > release version is worse with ICQ than NEC's socks5 proxy was. If anyone > > wants 1.1.0-pre2, I can stick it on an FTP server. > > That's strange. Are you sure you did not just forget to change > your rulefile (sockd.conf) when going to 1.1? The announcement for > 1.1 included this: > *** Incompatible changes compared to the previous release: > - The addition of the "udpreply" command means you have to > modify your existing server configfile to allow udppackets > "back in" if you are allowing udppackets. > > It was also mentioned in the NEWS file, but unfortunately not > emphasized at all there: > o new command for socks-rules added: "udpreply". This is analogous to > the "bindreply" command and replaces the old way of saying what > addresses udppacket "replies" shall be allowed from. > > If something else is the problem, we'll try to fix it if someone > lets us know. > > (I don't read this list so cc is in order for any reply.) Sorry I've been slow to reply. I didn't update my configuration file, but that's because I didn't do any kind of command limit, for example, the block and pass sections of my config file: ----- client pass { from: 172.16.0.0/16 to: 0.0.0.0/0 log: connect error } client block { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect error } block { from: 0.0.0.0/0 to: 127.0.0.1/8 log: connect error } pass { from: 0.0.0.0/0 to: 0.0.0.0/0 log: connect error } ----- No one on the inside network knows how to do anything evil with SOCKS5, so I didn't limit which SOCKS5 commands are allowed. The log file didn't look any different between 1.1.0 and 1.1.0-pre2, but I suppose I could increase the log: statements to aid with debugging or change whatever in my config file you suggest. We should probably take this off the mailing list until a resolution is reached. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?380EBE69.B82E96A9>