Date: Tue, 12 Jan 1999 18:21:26 +0000 From: Brian Somers <brian@Awfulhak.org> To: Marcin Cieslak <saper@system.pl> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: libalias and ident Message-ID: <199901121821.SAA13888@keep.lan.Awfulhak.org> In-Reply-To: Your message of "Tue, 12 Jan 1999 17:42:42 %2B0100." <Pine.GSO.4.02.9901121734040.23770-100000@tricord.system.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
[.....] > However, I would like also to see another way of handling > ident queries (I guess it's much easier to implement) > returning the predefined string (for example hostname but > not neccesary) uniquely identifying the host behind NAT. > This may be not what the security guys want, but this > would be a handy way of identifying machine for LARTing > purposes for example :) > > We can go further and report something like "user+host" > in the ident response: giving "host" identifying the hidden > machine and "user" resulting from the ident query on that > machine. > > I think that all those modes should be configurable, at > least at the compile time. This sounds nice, but it's more than just a packet translation mechanism. It requires the ability to create a new process on the fly and pass all the necessary information to it. It also requires libalias to create a channel to that process so that it can pick up the response and send it as a packet back to the ident requestor. This is non-trivial as it would require natd to select() at the top level rather than just reading from the divert socket. I don't think the functionality warrants the effort required, and I think the libalias code would be polluted too much as a result. > -- > << Marcin Cieslak // saper@system.pl >> > > ----------------------------------------------------------------- > SYSTEM Internet Provider http://www.system.pl -- Brian <brian@Awfulhak.org> <brian@FreeBSD.org> <brian@OpenBSD.org> <http://www.Awfulhak.org>; Don't _EVER_ lose your sense of humour ! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199901121821.SAA13888>