Hello Guys,
I've setup an iptables firewall that uses REJECT as default rule for
INPUT and FORWARD chains.
It's working with no problems, altough I've seen LOTS of packets being
rejected on INPUT chain ..... after some research, I've noticed those are
not hacker packets, they are ICQ packets ( yes, ICQ is allowed ).
As we know, ICQ receives messages in random ports, thus I cannot easily
allow it on the firewall. Seems that every time some of my internal users
receives an ICQ message, some packets are rejected but message still arrives
( is it being sent through server ?? ).
Question is: Is there any intelligent way of allowing ICQ packets to
pass through ( external to internal ) without blocking them ? Is there any
ip_conntrack_icq available ??
Sincerily,
Leonardo Rodrigues
