Help with a rule for Yahoo messenger.

Discussion in 'LnS English Forum' started by Ron1, Mar 3, 2007.

Thread Status:
Not open for further replies.
  1. Ron1

    Ron1 Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    3
    I am using 2.06 beta1 (working great) and have quite a tight ruleset with rules added on a per application basis. I've just installed the latest Yahoo IM thinking the creation of a rule for it would be easy, but it seems many ports are used, and it's harder than I thought.

    Can anybody who has an existing rules for Yahoo messenger please share them? Alernatively, help with creating rules for Yahoo IM would be greatly appreciated, and then shared in this thread. The the rules created would be as tight/restrictive as possible in keeping with my existing ruleset hopefully.

    Cheers.
     
  2. Climenole

    Climenole Look 'n' Stop Expert

    Joined:
    Jun 3, 2005
    Posts:
    1,640
    Hi Ron1 :)


    Yahoo Messenger used the following ports:

    In TCP: port 443 (Https) and 5050 (Yahoo-Messenger)

    in UDP: port 53 (DNS), 3478 (STUN)

    With the Enhanced rule set of LNS

    the TCP ports 443 and 5050 are checked by the general rule "allow most common internet applications" ...

    The UDP port 53 is checked by the general rule for Domain Name requests (DNS)

    So you have to create one specific rule for Yahoo-Messenger for the STUN protocol [Simple Traversal of UDP through NATs]...

    Somethings like :

    Protocol: UDP
    Packets: in and out
    Address: from my @IP
    local ports : 1024 to 5000
    remote port: 3478
    application: Yahoo messenger

    It's important to include the Yahoo messenger program in this specific rule.
    In the rule edition window, click on "applications..." button and add the program in the list (list in the left side...)

    Hope this help. Let us know.

    :)
     
  3. Ron1

    Ron1 Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    3
    Hi Climenole,

    Thanks for the reply. My existing ruleset doesn't use the general allow rule, and I try to make rules on a per application basis. This hopefully makes the firewall tighter I think, but also harder to work with (I find ;) ).

    Many thanks with the help with the ports used by YIM. I have made 2 rules so far allowing ports 80, 443 and 5050 (TCP) and placed them under my 'Block all TCP incoming connections' rule and the basics of YIM seem to be working. I haven't tried any voice/file transfers yet however, and I'd imagine that these features will require extra rules.

    I'll try and keep this thread updated with further info regarding YIM, and hopefully attatch the rules when confirmed working...

    Again, all feedback most welcome. :)
     
  4. Ron1

    Ron1 Registered Member

    Joined:
    Mar 3, 2007
    Posts:
    3
    Here's some more info (from helpbytes) that is going to help...

    Yahoo! Connection Problems
    Yahoo! on a Router, Firewall or Proxy!

    People using Routers, Firewalls and Proxies often experience Yahoo! Messenger connection problems. The official Yahoo! support lacks detailed information, and misses some important facts! The following aims to break the information down, and explain easily in sufficient detail.

    Connection Options

    There are 4 connection Options.
    These may be found from the Messenger menu, choose Perferences, and click Connection.

    No Proxies - This is the default option for those who dont have any security issues, such as firewalls or connection through proxies.

    Firewall, No Proxies - This option is selected if a firewall is detected. This method forbids voice chat, super webcam, and p2p IM. This option is not recommended, unless you have no control over your firewall.

    Use Proxies - Use this when you have to connect through a proxy, HTTP (basic and slow) or SOCKS4 or SOCKS5(with authentication). Common in the workplace, or advanced security.

    No Network Detection - Recommended for everyone who doesn't require a proxy server, and has firewall control. The firewall option doesn't care that you open ports, it automatically blocks, this option does not perform any detection of your network type.


    Ports Yahoo! Messenger uses!

    Yahoo! Messenger services uses a variety of ports.

    Chat & Messenger - TCP Port 5050: Client Access only

    Insider/Room Lists - TCP Port 80: Client Access only

    File Transfer - TCP Port 80: Server Access.
    Your ISP may block this port, as its used for web hosting.
    You can change port in Messenger, Preferences, File Transfer.

    Voice Chat - UDP 5000-5010, TCP 5000-5001 - Client Access
    If UDP Fails, TCP will be used instead, see below.

    WebCam TCP Port 5100: Client Access

    Super Webcam - TCP Port 5100: Server Access

    P2P Instant Messages - TCP Port 5101: Server Access
    PMs between Buddys may not use the Yahoo! Server, but this is not a requirement.

    TCP versus UDP:

    TCP is a reliable protocol, and all data sent has a number of extra fields that guarantee delivery. This creates large overhead, and can make the stream slower.

    UDP does not carry the same overhead, the data is transmitted much faster, but some data may not be delivered.
    If you use a firewall

    :)
     
Thread Status:
Not open for further replies.