[ previous ] [ next ] [ threads ]
 
 From:  DevAuto <devauto at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  AOL IM Strange Behavior With 1.2
 Date:  Wed, 2 Nov 2005 05:05:08 -0500
Hey All,

First and foremost, I have searched the archives for an answer and have not
been able to find one. If I have overlooked something please point me in the
right direction.

I have had my m0n0 in place for a very long time (IIRC since v0.24 or
something like that). My ruleset is pretty well established (and very basic)
and hasn't changed in quite some time. This m0n0 protects a home network and
offers "protected" access for my family to get out to the net.

In the last couple of days, m0n0wall has stopped passing AOL Instant
Messenger traffic over port 5190, and my logs are filling up with entries
that it has been denied. I have since added rules to the LAN and WAN
interfaces to explicitly permit all 5190 traffic outbound, in an effort to
troubleshoot and see what the problem is. Unfortunately, even with the new
rules, the traffic is still denied. All other allowed network traffic seems
to be working just fine, IM is the only (apparant) issue. Almost forgot,
this started on m0n0wall 1.2b3, so my first effort to fix it was to upgrade
to 1.2 final. Can anyone tell me what is going on? Specifically, my
questions are as follows:

1. What would cause m0n0wall to suddenly stop passing this traffic (and not
all traffic)?
2. Why is m0n0wall denying this traffic even after adding explicit permit
rules?
3. More importantly, how do I fix it? I have tried everything I can think of
with no success.

Also, just for the record, I am quite aware of the security issues
surrounding IM traffic and the proliferation of viruii, trojans, and hackers
that like to target these types of services, so all PCs on the network are
running additional protective measures to attempt to mediate this threat
(A/V, Anti-Spyware, Pop-up blockers, etc...). I would appreciate it if you
would hold any comments on the insecurity of allowing these services onto my
network, the risk has been analyzed and as many protective measures as
possible (and realistic) have been put in place.

Thank you in advance for any assistance you can provide.

--
DevAuto
Failure is not an option ... it comes bundled with your Micro$oft solution!