Hi,
A couple of people have asked me for a summary of how I got this
working, suggestions I got and so on. Here's a few thoughts, by no means
complete, I hope they're useful... (All this assumes that you've already
got a local network set up with ipchains working to share Internet
access).
First, most people suggested using the ip_masq_icq module. You can get
this here <http://djsf.tripod.com/masq-icq/>. Got a good README, easy to
install. In theory you should be able to insmod this module like any of
the other ip_masq_* ones, and it should work. But it didn't work for me
- not sure why, possibly an unsupported version of ICQ, possibly
something else. The problem seemed to be with UDP packets getting lost.
I played with various settings for a while, but didn't make any
progress. I suspect that playing with the UDP timeout settings on both
the Linux box and in the ICQ client could have got this working, but I
couldn't be bothered spending too much time on it.
For me the method that did work was to use ipmasqadm
<http://juanjox.kernelnotes.org/> to forward the ports that ICQ wanted.
Install ipmasqadm, and add the line 'ipmasqadm autofw -A -r tcp 2000
4000 -h machine.to.be.masqueraded' to the script that starts your
ipchains rules. Using ports 2000-4000 will allow the ICQ client to be
set up without changing any of its defaults - just tell it it has a dial
up connection. If you want to use a different port range that's fine,
but you need to alter the firewall settings in ICQ to let it know which
ports to use. With this set up I seem to have full functionality of ICQ.
This method also has the advantage over the ip_masq_icq module that it
should work regardless of changes to the ICQ protocol (The ip_masq_icq
module doesn't currently work with the latest version of ICQ).
Thanks again to all those who gave suggestions.
Tom
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
