Please help.

I've configure Squid and Firewall on same machine. eth0 is my internet interface and eth1 is my Local network interface. Problem is that when I try to connect yahoo messenger with No proxies then it never sign In. And when I define my proxy it never support voice Video chat.

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 8080

Is that problem due to I redirect only port 80 traffic to 8080?
Will it solve when I use following configuration?

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80,5050,11999,5000,5001,5100 -j REDIRECT --to-port 8080

If it is okay then what setting I will use for my messenger proxy or No proxy.

Please help me.

as soon as possible

Please help me I am trapped, I've to done this but here I need the help of you GURUs.
THANKS

Hi Farrukh,

try this:
Pls note that the connection is NAT'ed via ports as above.

Dear zamri,

what address I should use for SNAT in masquerading it sets auto matically my internet nic address in my case is 192.168.0.6.

Should I use this or not?

Thanks for your reply its a new hope when I lose all my hope..
Thanks once again...and waiting for your response.

Hi Farukh,

iptables -A FORWARD -i eth1 -p tcp -m multiport --dports 5050,11999,5000,5001,5100 -j ACCEPT

Dear I've used above(your code) configuration yesterday but no success.

Farukh ,
Can you describe ur N/W structure and also provide the /etc/sysconfig/iptables file

try this one also
-A INPUT -s 0.0.0.0/0 -p tcp --dport 1024:65535 -j ACCEPT
-A INPUT -s 0.0.0.0/0 -p udp --dport 1024:65535 -j ACCEPT

My problem is that I want to enable voice chat in yahoo, when i try to connect my client behind squid to yahoo messenger with following options.

1) No porxies------------->never connect(no error shown only trying for a while and then no result)

2)firewall with no proxy------------------->connected but voice chat is not enable(no option for voice chat)

3)use proxies---------------------->connected but again voice chat is not enable(no option for voice)

4)No network detection----------->again failed to connect(no fate)

I've squid and firewall running on same machine
eth1 is my LAN side and eth0 is my Internet NIC.
configurations are

iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 80 \
-j REDIRECT --to-port 8080
iptables -A INPUT -j ACCEPT -m state \
--state NEW,ESTABLISHED,RELATED -i eth1 -p tcp \
--dport 8080
iptables -A OUTPUT -j ACCEPT -m state \
--state NEW,ESTABLISHED,RELATED -o eth0 -p tcp \
--dport 80
iptables -A INPUT -j ACCEPT -m state \
--state ESTABLISHED,RELATED -i eth0 -p tcp \
--sport 80
iptables -A OUTPUT -j ACCEPT -m state \
--state ESTABLISHED,RELATED -o eth1 -p tcp \
--sport 80

and in the end I am using MASQUERADING which solve my msn problem but yahoo problem still presists.


eth1 = is my LAN ip = 192.168.11.0
eht0 = is my Internet = 192.168.0.6

plz guide me thanks

Regards,
FArrukh

all these command I've written in /etc/rc.local
like
/sbin/iptables -A

plz help me

Regards,
Farrukh.

try this one also
-A INPUT -s 0.0.0.0/0 -p tcp -i eth0 --dport 1024:65535 -j ACCEPT
-A INPUT -s 0.0.0.0/0 -p udp -i eth0 --dport 1024:65535 -j ACCEPT

Dear still no fate is Zamri idea is good ?
he sent
iptables -t nat -A POSTROUTING -i eth1 -p tcp -m multiport --dport 5050,11999,5000,5001,5100 -j SNAT --to-source xxx.xxx.xxx.xxx (192.168.0.6) in my case?
plz guide me
thanks for taking care of me
regards,
Farrukh

-A INPUT -s 0.0.0.0/0 -p tcp -i eth0 --dport 1024:65535 -j ACCEPT
-A INPUT -s 0.0.0.0/0 -p udp -i eth0 --dport 1024:65535 -j ACCEPT
-A FORWARD -p tcp -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT

Thanks for this but still no luck. I don't know where is the problem... Masquerading is also working well because if I never Masquerade then i am unable to connect MSN messenger...
What to do I try many many method but no luck....

Well thanks for your help if U have any idea then plz update me I am looking forward for ur response

Thanks,
Farrukh