If I install openfire behind socks / http proxy and I have transport plugins (for yahoo, msn etc ) installed on the server. Does the transport provision through proxy settings to go outside the firewall ?
Basically, I am looking for :
client (psi/spark) ->openfire (with transport plugins) -> FIREWALL -> XMPP server , Yahoo , MSN
as far as I know Openfire does not support using a SOCKS proxy for s2s connections.
For Gateway connections to XMPP, Y!, MSN, … you may want to ask in the Kraken - IM Gateway forum but as GATE-130 is still open I think that it does not yet support a proxy.
After some research I managed the MSN transport to work with my non-transparent firewall (IPCop) running the following iptables commands:
iptables -t filter -A CUSTOMFORWARD -p tcp --dport 1863 -s OPENFIRE_MACHINE_IP -j ACCEPT #OPENFIRE->MSN
iptables -t filter -A CUSTOMFORWARD -p tcp --sport 1863 -d OPENFIRE_MACHINE_IP -j ACCEPT #MSN->OPENFIRE
iptables -t filter -A CUSTOMFORWARD -p tcp --dport 443 -s OPENFIRE_MACHINE_IP -j ACCEPT #OPENFIRE->SSL
iptables -t filter -A CUSTOMFORWARD -p tcp --sport 443 -d OPENFIRE_MACHINE_IP -j ACCEPT #SSL->OPENFIRE
You’ll have to chance the chain CUSTOMFORWARD by FORWARD if you don’t use IPCop, but I think it will have the same results. I hope these commands works for you if you are using a iptables firewall. Sorry by my poor english.