www.delorie.com/gnu/docs/xboard/xboard_18.html   search  
 
Buy GNU books!


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

6. Connecting to the ICS through a firewall

By default, communicates with an Internet Chess Server by opening a TCP socket directly from the machine it is running on to the ICS. If there is a firewall between your machine and the ICS, this won't work. Here are some recipes for getting around common kinds of firewalls using special options to . Important: See the paragraph in the below about extra echoes, in 8. Known limitations and bugs.

Suppose that you can't telnet directly to ICS, but you can telnet to a firewall host, log in, and then telnet from there to ICS. Let's say the firewall is called `fire.wall.com'. Set command-line options as follows:

 
xboard -ics -icshost fire.wall.com -icsport 23
Or in your `.Xdefaults' file:

 
XBoard*internetChessServerHost: fire.wall.com
XBoard*internetChessServerPort: 23
Then when you run in ICS mode, you will be prompted to log in to the firewall host. (This works because port 23 is the standard telnet login service.) Do so, then telnet to ICS, using a command like `telnet chessclub.com 5000', or whatever command the firewall provides for telnetting to port 5000.

If your firewall lets you telnet (or rlogin) to remote hosts, but doesn't let you telnet to port 5000, you will have to find some other host outside the firewall that does let you do this, and hop through it. For instance, suppose you have an account at `foo.edu'. Follow the recipe above, but instead of typing `telnet chessclub.com 5000' to the firewall, type `telnet foo.edu' (or `rlogin foo.edu'), log in there, and then type `telnet chessclub.com 5000'.

Exception: chessclub.com itself lets you connect to the chess server on the default telnet port (23), which is what you get if you don't specify a port to the telnet program. But the other chess servers don't allow this.

Suppose that you can't telnet directly to ICS, but you can use rsh to run programs on a firewall host, and that host can telnet to ICS. Let's say the firewall is called `rsh.wall.com'. Set command-line options as follows:

 
xboard -ics -gateway rsh.wall.com -icshost chessclub.com
Or in your `.Xdefaults' file:

 
XBoard*gateway: rsh.wall.com
XBoard*internetChessServerHost: chessclub.com
Then when you run in ICS mode, it will connect to the ICS by using `rsh' to run the command `telnet chessclub.com 5000' on host `rsh.wall.com'.

Suppose that you can telnet anywhere you want, but you have to run a special program called `ptelnet' to do so.

First, we'll consider the easy case, in which `ptelnet chessclub.com 5000' gets you to the chess server. In this case set command line options as follows:

 
xboard -ics -telnet -telnetProgram ptelnet
Or in your `.Xdefaults' file:

 
XBoard*useTelnet: true
XBoard*telnetProgram: ptelnet
Then when you run in ICS mode, it will issue the command `ptelnet chessclub.com 5000' to connect to the ICS.

Next, suppose that `ptelnet chessclub.com 5000' doesn't work; that is, your `ptelnet' program doesn't let you connect to alternative ports. In this case, you will have to find some other host outside the firewall that does let you do this, and hop through it. For instance, suppose you have an account at `foo.edu'. Set command line options as follows:

 
xboard -ics -telnet -telnetProgram ptelnet -icshost foo.edu -icsport ""
Or in your `.Xdefaults' file:

 
XBoard*useTelnet: true
XBoard*telnetProgram: ptelnet
XBoard*internetChessServerHost: foo.edu
XBoard*internetChessServerPort:
Then when you run in ICS mode, it will issue the command `ptelnet foo.edu' to connect to your account at `foo.edu'. Log in there, then type `telnet chessclub.com 5000'.

ICC timestamp and FICS timeseal do not work through many firewalls. You can use them only if your firewall gives a clean TCP connection with a full 8-bit wide path. If your firewall allows you to get out only by running a special telnet program, you can't use timestamp or timeseal across it. But if you have access to a computer just outside your firewall, and you have much lower netlag when talking to that computer than to the ICS, it might be worthwhile running timestamp there. Follow the instructions above for hopping through a host outside the firewall (foo.edu in the example), but run timestamp or timeseal on that host instead of telnet.

Suppose that you have a SOCKS firewall that requires you to go through some extra level of authentication, but after that will give you a clean 8-bit wide TCP connection to the chess server. In that case, you could make a socksified version of

and run that. If you are using timestamp or timeseal, you will to socksify it, not ; this may be difficult seeing that ICC and FICS do not provide source code for these programs. Socksification is beyond the scope of this document, but see the SOCKS Web site at http://www.socks.nec.com/how2socksify.html.


[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

  webmaster   donations   bookstore     delorie software   privacy  
  Copyright 2003   by The Free Software Foundation     Updated Jun 2003