Date: Fri, 20 Oct 2000 16:45:48 +0000 From: Bjarni Runar Einarsson <bre@netverjar.is> To: freebsd-net@FreeBSD.ORG Subject: Re: natd & identd cooperation? (and identd + jails) Message-ID: <20001020164548.A27552@klaki.net> In-Reply-To: <20001020172003.A50854@sunbay.com>; from Ruslan Ermilov on Fri, Oct 20, 2000 at 05:20:03PM %2B0300 References: <20001018184017.A1218@klaki.net> <20001019110110.C98924@sunbay.com> <20001019120511.A4555@sunbay.com> <20001020140347.A25546@klaki.net> <20001020172003.A50854@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I am mostly interested in a real IDENT support for libalias(3), that > would allow it to redirect incoming IDENT queries to the original host. > Is it in any way possible with your patch? Yes, but it is a user-space solution, which requires the internal ident to accept forwarded ident queries. AFAIK there is no standard way to represent such queries, but for my local setup I just fixed oidentd so it understood syntax like: "ip : port , port" instead of just the ambiguous "port , port". I actually prefer my solution to the one you propose, since it lets me configure on a per-IP or per-connection basis whether I forward the ident query or not. I like not being forced to trust all internal ident daemons. In a PC environment (or a jailed environment where users are given root in their respective jails) forwarding the ident query doesn't really make sense. -- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 bre@netverjar.is -><- http://bre.klaki.net/ Netverjar gegn ruslpósti: http://www.netverjar.is/baratta/ruslpostur/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001020164548.A27552>