Contents

ZDNet Chat and Firewalls

I had this situation:

One machine connected to the Internet and two other machines networked to that machine. I gave my two non-Internet machines Internet access by installing a proxy server on the one machine with Internet access. This gave me my basic web surfing and such, but I couldn't do ZDNet Chat.

With most proxy setups, each program on the client has to know to use a proxy server. For Example: You tell your web browser to use the private lan IP address of the proxy server for Internet access. Well since ZDNet Chat doesn't do this, you can't chat except on the machine with the real Internet connection.

There are two ways to get around this:

  1. Setup the machine with the Internet connection using the Linux OS and IP Masquarding
  2. Use DNS overloading to fool ZDNet Chat into thinking it is addressing a different computer

The first option works well because as far as your clients are concerned there is no proxy server. Almost all software will work fine this way. Some stuff like Netmeeting and other Internet phones won't work though, and this also requires a dedicated computer. Usually though you can go buy some old 486 and do fine this way.

If you don't have some old computer you can dedicate in this way, then you can use Windows as your server and use some kind of Windows proxy server. To make this work you need to use TCP mapping on the following address and port with your proxy server: TCP chat.zdnet.com : 9955
Basically telling the proxy to take anything coming from your clients that is destined for port 9955 and forward it to chat.zdnet.com.

This is only half of the trick. Since the Java applet used in ZDNet Chat doesn't have a way to setup a proxy server connection, it tries to access chat.zdnet.com directly instead of using your proxy server's IP address. You can fool your Window's clients into thinking that your proxy server is chat.zdnet.com by adding this line to your C:\WINDOWS\HOSTS on each client:
10.1.1.1 chat.zdnet.com

If that file doesn't exist, then create it, but make sure it doesn't have any extension.

Set 10.1.1.1 to whatever the private lan IP address of your proxy server is. Whenever ZDNet Chat on the client tries to connect to chat.zdnet.com on port 9955 it will do a DNS lookup and think the IP address of chat.zdnet.com is actually 10.1.1.1 (or whatever your proxy server is). When your proxy server gets the request it will forward all traffic over to chat.zdnet.com.

Hope that helps!


Rodney Beede 1999-2000 | Top