Date: Thu, 7 Dec 2000 08:58:25 -0500 From: "Matthew Emmerton" <matt@gsicomp.on.ca> To: "Mike Nowlin" <mike@argos.org>, <freebsd-net@FreeBSD.ORG> Subject: Re: NAT & IRC Message-ID: <000f01c06055$ca376ad0$1200a8c0@gsicomp.on.ca> References: <Pine.LNX.4.21.0012070322030.21819-100000@jason.argos.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> I'm running a lot of DHCP clients (issued 10.0.0.0/8 addrs) through a FBSD > NATD proxy. It's a pretty basic NAT setup - no keepalives, etc. (That > might(?) be the answer to my problem?) > > Earlier today, I set up x-chat on one of the clients. It was able to > connect to irc.openprojects.net without any problems, but when I tried to > connect to irc.freebsd.org, the server responded with something like > "Sorry, you must be running ident to connect.." Understanding the > reasoning for this, what's the solution? IRC networks use ident to better track abusers of the IRC network. What you need to do is run the ident service on any machine that is going to be running IRC, and add the appropriate firewall rules to allow ident packets to/from that host. One point - on a NAT network, I believe it's only possible for one "inside" client to be running ident, as the port must be forwarded explicitly. If you want to enable ident for the entire network, you could run it on the firewall machine, but that may open up certain security holes. -- Matthew Emmerton To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000f01c06055$ca376ad0$1200a8c0>