From owner-freebsd-questions Tue Jun 27 17:24:30 2000 Delivered-To: freebsd-questions@freebsd.org Received: from fusion.unixfreak.org (cx272244-b.orng1.occa.home.com [24.1.179.34]) by hub.freebsd.org (Postfix) with ESMTP id 9503537B61E for ; Tue, 27 Jun 2000 17:24:25 -0700 (PDT) (envelope-from bhishan@fusion.unixfreak.org) Received: (from bhishan@localhost) by fusion.unixfreak.org (8.9.3/8.9.3) id RAA00534 for freebsd-questions@freebsd.org; Tue, 27 Jun 2000 17:24:26 -0700 (PDT) (envelope-from bhishan) From: Bhishan Hemrajani Message-Id: <200006280024.RAA00534@fusion.unixfreak.org> Subject: tircproxy, natd, socks5 To: freebsd-questions@freebsd.org Date: Tue, 27 Jun 2000 17:24:25 -0700 (PDT) X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I am trying to get DCC CHAT to work by sending a request from the internal network to a computer located elsewhere. I have successfully been able to use DCC SEND by implimenting a socks5 proxy and configure my irc client (mIRC) behind the firewall to use the socks5 proxy in connecting and in establishing DCC connections. However, even with the socks5 proxy, I could successfully request a DCC CHAT. Although, I could receive them. So, I decided to impliment tircproxy. From there, I installed tircproxy from the ports, and continued on by reading the manual. From what I gathered from the manual, for my network, I needed to start tircproxy like this: tircproxy -HD -s 6667 -b 192.168.0.1 -i 192.168.0.1 -o 24.x.x.x -r socks Where 192.168.0.1 is my internal address, and 24.x.x.x is my external address. This did not work as I forgot one vital step: From http://bre.klaki.net/programs/tircproxy/manual/tircproxy-20.html: Linux 2.0: ipfwadm -I -i accept -P tcp -S 192.168.0.0/24 -D 0.0.0.0/0 6667 -r 7666 Linux 2.2: ipchains -A input -j REDIRECT 7666 -p tcp -s 192.168.0.0/24 -d 0.0.0.0/0 6667 IPF: rdr de0 192.168.0.0/24 port 6667 -> 127.0.0.1 port 7666 tcp I am stumped as to how to port these statements to FreeBSD's ipfw. Here is my current firewall config: 00010 46068 40842177 divert 8668 ip from any to any via de1 01000 0 0 deny ip from any to 192.168.0.5 01001 0 0 deny ip from any to 207.199.68.5 01050 9154 696052 allow ip from any to any gid wheel 01051 0 0 allow ip from any to any uid nat 01052 0 0 deny ip from any to any gid users via de0 65534 90504 81550625 allow ip from any to any 65535 1 345 deny ip from any to any Thanks. --bhishan -- Bhishan Hemrajani / bhishan@fusion.unixfreak.org / PGP: 0xFAC75561 Finger bhishan@fusion.unixfreak.org for more information. The difference between us and a computer is that, the computer is blindingly stupid, but it is capable of being stupid many, many million times a second. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message