From owner-freebsd-questions Thu Mar 21 6:39:52 2002 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (oe51.law10.hotmail.com [64.4.14.40]) by hub.freebsd.org (Postfix) with ESMTP id B668937B400 for ; Thu, 21 Mar 2002 06:39:45 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 21 Mar 2002 06:39:45 -0800 X-Originating-IP: [209.202.81.200] From: "Sandro Mancuso" To: "'agusri dodi'" , Cc: Subject: RE: Firewall Rule for IRC Date: Thu, 21 Mar 2002 09:40:27 -0500 Message-ID: <000a01c1d0e6$576c37d0$e83dfea9@windows> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <20020321095937.37447.qmail@web20605.mail.yahoo.com> Importance: Normal X-OriginalArrivalTime: 21 Mar 2002 14:39:45.0640 (UTC) FILETIME=[3EB83680:01C1D0E6] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd- >questions@FreeBSD.ORG] On Behalf Of agusri dodi > >I am using Natd to connect my LAN to Internet.Web and >FTP work well but my client can not use IRC services > Do you mean you can't access the servers at all or you are not allowed to complete a connection to them? >here is the content of my configuration file > >RC.CONF : >gateway_enable="YES" >natd_enable="YES" >natd_interface="fxp0" > >natd_flags="-f /etc/natd.conf" > > >firewall_enable="NO" > > Did you install identd from ports? >THE CONTENT OF RC.lOCAL FILE : > >echo 'Starting Firewall' >/sbin/ipfw -f flush >/sbin/ipfw add divert natd all from any to any via >fxp0 > ># My Local Network (my netwrok interface (INTEL) >/sbin/ipfw add allow ip from >192.168.0.0:255.255.255.0 to any via fxp0 > >#Allow INDENT >/sbin/ipfw add allow log tcp from any to any 194 in >recv fxp0 setup > >#Allow IRC >/sbin/ipfw add allow log tcp from any to any 113 in >recv fxp0 setup > > >#Deny X >/sbin/ipfw add 00300 deny log tcp from any to any 6000 >in recv fxp0 > ># DNS of my ISP >/sbin/ipfw add allow tcp from 202.134.0.155 to any >in recv fxp0 >/sbin/ipfw add allow tcp from 202.134.2.5 to any in >recv fxp0 > >/sbin/ipfw add allow udp from 202.134.0.155 to any >in recv fxp0 >/sbin/ipfw add allow udp from 202.134.2.5 to any in >recv fxp0 > > >/sbin/ipfw add pass all from any to any > > >echo 'Starting Natd ' >natd -n fxp0 -f /etc/natd.conf > > >echo 'Starting Boa ' >boa > Now, I'm not all that familiar with ipfw. Here's what I do to connect to IRC though: If your default outgoing is to block, make sure ports 6667-6669 at least are open. Next, its not enough to just open port 113, you have to have identd running (its in the ports, under "IRC" if I'm not mistaken) If you are trying to connect from a machine behind this firewall/router then you have to either redirect port 113 to the computer behind the firewall (I don't know how in natd, ipnat uses a simple rdr command... must be similar) or, what you can do is run a bnc (irc bouncer) on the firewall box and connect to that and then to IRC from there > >THE CONTENT OF NATD.CONF FILE : >interface fxp0 >use_sockets yes >same_ports yes > >What should I do ? >Is there any setting for IRC client ? > >thank for reply > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message