Date: Wed, 13 Jan 1999 14:22:45 -0800 From: "Joseph T. Lee" <nugundam@la.best.com> To: Marcin Cieslak <saper@system.pl>, Brian Somers <brian@Awfulhak.org> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: libalias and ident Message-ID: <19990113142245.A28487@la.best.com> In-Reply-To: <Pine.GSO.4.02.9901131138370.26242-100000@tricord.system.pl>; from Marcin Cieslak on Wed, Jan 13, 1999 at 11:45:15AM %2B0100 References: <199901121821.SAA13888@keep.lan.Awfulhak.org> <Pine.GSO.4.02.9901131138370.26242-100000@tricord.system.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jan 13, 1999 at 11:45:15AM +0100, Marcin Cieslak wrote: > I think that ident should be made by a separate daemon, like midentd. > The only problem with libalias is to make information about proxified > connections available to other processes. If aliasing were done in > kernel, it would be ioctl() or /proc or whatever. Ident is already a separate daemon, namely pidentd. > Since it is not, I suggest using a named pipe or other form of IPC > (control socket?) in order to allow ident - and perhaps others > processes interested - to gain information about current > network translation table. Even with the local ident daemon having the necessary information to forward the ident query, it still would not work due to the way the RFC 113 protocol works. It matches the query's remote ip with a same remote ip, and port gleaned from the query. If the natd host made the query, then it would not work, as the ips would not match. I've coded far enough into libalias to test this, as I understand it. This is all due to the host behind natd connecting 'through' the natd firewall instead of 'to' the firewall, as how other proxying schemes work. I'm not even sure why identd supports a PROXY query command, since it wouldn't match the ip/port tables anyways... Any better ways to hack around this crux would be most welcome. -- Joseph nugundam =best=com==/==\=IIGS=/==\=Playstation=/==\=Civic HX CVT=/==\ # Anime Expo 1998 >> www.anime-expo.org/ > # Redline Games >> www.redlinegames.com/ > # Cal-Animage Epsilon >> www.best.com/~nugundam/epsilon/ > # EX: The Online World of Anime & Manga >> www.ex.org/ / To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990113142245.A28487>