On Tue, 12 Jun 2001, Paul Haesler wrote: > Ah forget it. It seems to work with outsiders - it's just transfers > between clients on the LAN that doesn't work.
I don't think the problem is with the firewall, but with ICQ. ICQ 99 and earlier used a different protocol from ICQ 2000. When clients send files to each other they establish a direct TCP/IP connection to each other. Normally they do this with messages also but it is not required, messages can also be sent through the server. When a user on your contact list logs in, the server sends you that client's IP address. In the case of ICQ99 and earlier, both the IP address that the server sees, and the IP address that the client thinks it has (i.e. the local address on the local network), are sent. This is how ICQ clients locate each other to establish these connections. Although I am not familiar with the ICQ 2000 protocol so much as the earlier ones, my first instinct is that the local address is not being sent - either to the client, to the server or both. The clients are trying to send to the externally-visible address, the proxy server, and it does not know what to do with the file request. See if you can send files between lan clients when one or both of them is ICQ 99b or earlier. If so then my hypothesis is probably correct and it is a limitation in ICQ2000. (you might also look for strange looking TCP connections from the sending client to the proxy - probably on a port corresponding to an open port on the host trying to receive the file).