How do I allow ICQ file-transfers through my iptables-based firewall?

To make ICQ accept files behind NAT firewall:

  1. Choose some ports for the computer, the range is around 20000-20019
  2. Forward those ports UDP/TCP from the router to the computer running ICQ. You can do this like so:
    while [ $I -le $PORTEND ]; do
      echo $I
      $IPTABLES -t nat -A PREROUTING -p tcp --dport $I -j DNAT --to $DESTIP:$I
      $IPTABLES -t nat -A PREROUTING -p udp --dport $I -j DNAT --to $DESTIP:$I
  3. In ICQ, under Preferences -< Connections. Go to the tab "User" and click on "Not using proxy" and "Use the following TCP listen port for incoming event", and enter the port range you chose, 20000 to 20019.
  4. Click OK, and disconnect and reconnect to make it work.
  5. The transfer should work now. enjoy and have a happy life.
Last updated on 2004-02-07 14:00:00 -0700, by Shalom Craimer

