dear all

I am having problem with yahoo through my redhat box. I am very new in netfilter, and maybe have missed a lot many things. Following is what I have done :

1. setup redhat firewalling through setup program, select eth1 as trusted device, allow 53:tcp,53:udp,443:tcp,115:tcp at the external interface.

2. restart IPTables

3. at the prompt, manually insert the rules (assuming my local IP is 192.168.0.1, external IP is 172.16.0.1, for devices eth1 and eth0 respectively)

/sbin/iptables -A OUTPUT -p tcp --sport 1024:65535 \
-s 192.168.0.0/24 -d 0/0 --dport 5000:7000 -j ACCEPT

/sbin/iptables -A INPUT -p tcp --sport 5000:7000 \
-s 0/0 -j ACCEPT

/sbin/iptables -t nat -A POSTROUTING \
-s 192.168.0.0/24 -o eth0 -j SNAT --to 172.16.0.1

Now, I can connect to MSN, but cannot connect to Yahoo (with no proxy). I can connect using proxy and using "behind firewall but no proxy", but then my voice chat doesn't work.

Any help appreciated.

Thanks in advance.

I think the first thing would be finding out, and posting, the port(s) this app uses.

well, can you please give me some hint on how I can to that? As far as I can see, when I'm trying to connect with "no proxy", it is trying port 20, 21, 80 and a few more (these are common ones, and shoulnd't cause problem, right?), and then failing to connect ("not connected" state).

Also, if I'm using "no proxy but behind firewall", then it is connecting properly without allowing voice chat.

How can I check which ports it is trying to connect to?

Thanks for the response.

To get the port's there are multiple ways. One way would be to allow outbound traffic, and the inbound part (using --state) and append a rule that just logs all traffic. Another way would be to Google around for ports Yahoo chat uses (it's a mix of TCP and UDP ports).
One of the things that make using log rules usefull is now you got the addresses it tries to connect to as well.
Last part of refining the rules would be to restrict traffic to those addresses and restrict to the used ports as well.