Re: icq through masqueraded firewall /socks4
On Tue, 12 Jun 2001, Paul Haesler wrote:
> Ah forget it. It seems to work with outsiders - it's just transfers
> between clients on the LAN that doesn't work.
I don't think the problem is with the firewall, but with ICQ. ICQ 99 and
earlier used a different protocol from ICQ 2000. When clients send files
to each other they establish a direct TCP/IP connection to each
other. Normally they do this with messages also but it is not required,
messages can also be sent through the server.
When a user on your contact list logs in, the server sends you that
client's IP address. In the case of ICQ99 and earlier, both the IP
address that the server sees, and the IP address that the client thinks it
has (i.e. the local address on the local network), are sent. This is how
ICQ clients locate each other to establish these connections.
Although I am not familiar with the ICQ 2000 protocol so much as the
earlier ones, my first instinct is that the local address is not being
sent - either to the client, to the server or both. The clients are
trying to send to the externally-visible address, the proxy server, and it
does not know what to do with the file request.
See if you can send files between lan clients when one or both of them is
ICQ 99b or earlier. If so then my hypothesis is probably correct and it
is a limitation in ICQ2000. (you might also look for strange looking TCP
connections from the sending client to the proxy - probably on a port
corresponding to an open port on the host trying to receive the file).
Reply to: