Windows messenger

d_kilshtein · 10-06-2004, 10:46 AM

Hi all,

My server is a Slackware 9.1 Linux and a client is Win XP.
i would like to use the Win XP messenger from the client.
The problem is, i can't connect using sound, video and i can't trasfer a file.

how can i use my Win XP messenger from my client?

maxut · 10-06-2004, 10:51 AM

u can try to forward msn port to xp client. probably u will be able to transfer files and do others.

Code:

iptables -t nat -I PREROUTING -i internet_interface -p tcp --dport 1863 -j DNAT --to win_xp_ip

good luck.

d_kilshtein · 10-07-2004, 07:43 AM

Thanks maxut,

I tried it but still, I can’t make an audio/video connection
Here is my rc.firewall - maybe it has a clue in it:

#!/bin/sh

#Change the part after the = to the where you IPTABLES is on your system
IPTABLES=/usr/sbin/iptables

#flush existing rules
$IPTABLES -F INPUT

#Allow Ping echo
#I have commented this line, so ping from an outside machine will not work.
#Uncomment the next line to make ping from outside work.
#$IPTABLES -A INPUT -p icmp -j ACCEPT

#Allow incoming FTP requests
#$IPTABLES -A INPUT -p tcp --dport 20 -j ACCEPT
#$IPTABLES -A INPUT -p tcp --dport 21 -j ACCEPT

#Allow incoming HTTP requests (to Web server)
#$IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT

#This allows all data that has been sent out for the computer running the firewall
# to come back
#(for all of ICMP/TCP/UDP).
#For example, if a ping request is made it will allow the reply back
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p icmp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p tcp
$IPTABLES -A INPUT -j ACCEPT -m state --state ESTABLISHED -i eth0 -p udp

#Allow traffic from ethernet adapter eth1 to pass through if
#you have a network, or
#as using linux as a router for internet etc.
#Your first ethernet card is eth0 and the second would be eth1 etc.
$IPTABLES -A INPUT -i eth1 -j ACCEPT

#messenger
#------------------------------------------------------------------------------------------------------------
$IPTABLES -t nat -I PREROUTING -i eth0 -p tcp --dport 1863 -j DNAT --to 192.168.0.2
#------------------------------------------------------------------------------------------------------------

#Allow incoming SSH requests
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT

#Drop and log all other data
#The logging is set so if more than 5 packets are dropped in
#three seconds they will be ignored. This helps to prevent a DOS attack
#Crashing the computer the firewall is running on
$IPTABLES -A INPUT -m limit --limit 3/second --limit-burst 5 -i ! lo -j LOG
$IPTABLES -A INPUT -i ! lo -j DROP

#The logs from the firewall are put into your system log file, which can be found at #/var/log/syslog

Thanks,
Daniel

maxut · 10-07-2004, 08:03 AM

im confused. how is network structure?
linux is gateway for xp right?

i dont see any POSTROUTING rule in your firewall scripts.

d_kilshtein · 10-07-2004, 08:59 AM

I am very new to Linux and it is very difficult to read (and understand) the manuals on the Internet. The firewall script I am using came from a book I read so it is far from being perfect.
I will do my best to try and describe my network:

1- Server
OS: Slackware 9.1

Eth0 - external interface (connected to the internet)
Eth1 - internal interface (connected to the client) - IP: 192.168.0.1

2- client (only one for now)
OS: windows XP (sp1)

One interface - connected to the server - IP: 192.168.0.2
Gateway: 192.168.0.1

From outside:
----------------
I want allow only SSH connection to the server.
And then, start/allow any other server I will need (VNC, Webmin, HTTP, etc…) for a limited period of time.

From inside
---------------
I want to be able to use the messenger, get/send mail, use the printer and brows the local network.

So far, only the messenger is not working. After I will resolve this problem I want to add another interface to the server and connect it to another client (Win XP).
Then I will set the mail and the print servers.

maxut · 10-07-2004, 09:12 AM

hmm..
i can advice u to visit www.iptables-script.dk u can create a firewall and NAT script for yourself. it is simple and secure enough. if u want to run some services on gateway box u can add the following line end of that script:
iptables -A INPUT -i lo -j ACCEPT

how eth0 goes to internet? via ADSL modem? if it doesnt reach internet directly (i mean if it doesnt have a public ip) there can be some troubles with port foward.

good luck.

d_kilshtein · 10-13-2004, 09:24 PM

I finally got my messenger to work from behind the firewall.

The problem with the messenger is that it opens random ports on a client PC.
After a short research I came to a conclusion I need to install a gateway of some sort.

So I found a gateway software: upnpsdk-1.0.4.tar.gz
But, before installing it, you must install the SDK from ,libupnp-doc-1.2.1.tar.gz

The combination of these two is proven to work (don't try any new versions like 1.2.1a or any other version)

Some times changes must be made to the source code or the firewall but
there is a great forum on http://sourceforge.net/forum/?group_id=52728

Thanks again for the help,
Daniel