AIM Express, squid, iptables configuration

SUMMARY
-------
AIM Express doesn't work on my home computer. I think the packets are
being blocked by either squid or iptables. Does AIM Express work with
squid? If so, how can I configure squid and iptables to allow this
traffic?

DETAILS
-------
I am trying to use AIM Express on my home computer (WinNT Workstation
4) but I can't get past the logon screen. I don't get any error
messages -- it just goes off into limbo.

I suspect that my squid/iptables configuration is stopping the AIM
Express packets. Here is how my computers are set up. The WinNT box
is connected to my Red Hat 7.1 box on eth0. All Web traffic for WinNT
is via squid -- Red Hat is not set up for NAT. Squid has all of the
standard ports open (e.g., http/https/ftp.) The Red Hat box is
running an iptables firewall which only has the standard ports open
(e.g., squid on the inside, http/https/ftp/dns on the outside.) The
Red Hat box uses a PPPoE DSL connection to get to the Internet.

My understanding was that AIM Express does all of its communications
over port 80. However, when I tried running AIM Express at work, our
firewall logged that it had blocked packets destined for port 5190.
At home I opened up port 5190 on my iptables firewall but AIM Express
still didn't respond. I even tried opening ports 5190 through 5193
for inbound and outbound connections to no avail.

Any help in getting the right configuration is greatly appreciated --
my kids are going through severe IM withdrawal, and I need to fix this
problem to save my sanity! ;-)

Mike

Mike napsal(a):
> SUMMARY
> -------
> AIM Express doesn't work on my home computer. I think the packets are
> being blocked by either squid or iptables. Does AIM Express work with
> squid? If so, how can I configure squid and iptables to allow this
> traffic?
>
> DETAILS
> -------
> I am trying to use AIM Express on my home computer (WinNT Workstation
> 4) but I can't get past the logon screen. I don't get any error
> messages -- it just goes off into limbo.
>
> I suspect that my squid/iptables configuration is stopping the AIM
> Express packets. Here is how my computers are set up. The WinNT box
> is connected to my Red Hat 7.1 box on eth0. All Web traffic for WinNT
> is via squid -- Red Hat is not set up for NAT.

Has your NT machine public IP (?) - since you are not using NAT, it must
have one to get IM packets out over Internet. Simple test - do ping
google.com from NT box work ?

> Squid has all of the
> standard ports open (e.g., http/https/ftp.) The Red Hat box is
> running an iptables firewall which only has the standard ports open
> (e.g., squid on the inside, http/https/ftp/dns on the outside.) The
> Red Hat box uses a PPPoE DSL connection to get to the Internet.
>
> My understanding was that AIM Express does all of its communications
> over port 80. However, when I tried running AIM Express at work, our
> firewall logged that it had blocked packets destined for port 5190.
> At home I opened up port 5190 on my iptables firewall but AIM Express
> still didn't respond. I even tried opening ports 5190 through 5193
> for inbound and outbound connections to no avail.
>

I do not have experience with your IM. But because the company is also
developing ICQ, there may be similarities with each other. In ICQ -
communication with ICQ server may be done directly or using proxy. When
I installed ICQ on firewalled intranet, I setup ICQ to communicate over
proxy (Squid) with no problem. Just take a look in setup window of your IM.

> Any help in getting the right configuration is greatly appreciated --
> my kids are going through severe IM withdrawal, and I need to fix this
> problem to save my sanity! ;-)
>
> Mike

(http://www.aim.com/help_faq/linux/la....adp#firewalls)

or simply run packet sniffer on one of your boxes (ethereal, tcpdump)
and watch what is going on.

Dan