From owner-freebsd-questions  Mon Sep 14 10:44:32 1998
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA11676
          for freebsd-questions-outgoing; Mon, 14 Sep 1998 10:44:32 -0700 (PDT)
          (envelope-from owner-freebsd-questions@FreeBSD.ORG)
Received: from mediaone.net (nvp.ne.mediaone.net [24.128.50.139])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA11671
          for <freebsd-questions@freebsd.org>; Mon, 14 Sep 1998 10:44:30 -0700 (PDT)
          (envelope-from nvp@mediaone.net)
Received: (from nvp@localhost)
	by mediaone.net (8.8.8/8.8.8) id NAA06526
	for freebsd-questions@freebsd.org; Mon, 14 Sep 1998 13:46:30 -0500 (EST)
From: "Nathan V. Patwardhan" <nvp@mediaone.net>
Message-Id: <199809141846.NAA06526@mediaone.net>
Subject: pidentd and IP Masq
To: freebsd-questions@FreeBSD.ORG
Date: Mon, 14 Sep 1998 13:46:30 -0500 (EST)
X-Mailer: ELM [version 2.4ME+ PL38 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Hi everyone,

I've been quite pleased with FreeBSD's ipfw and natd; I've got a cable
modem and setup a LAN (a PC, a NeXTstation and my FreeBSD server).
The FreeBSD server's got two NICs (both 3C509b's); one NIC is
connected to the cable modem (uses wide-dhcp) and the other is
connected to a hub (from which the other machines are connected).

Here's a better description:

       Cable Modem
	    |
         10baseT (NIC #1)
	    |
	  SERVER
	    |
	 10baseT (NIC #2)
	    |
	   HUB
	  /   \
        NeXT   PC

As mentioned above, I've got natd/ipfw working correctly; I can telnet,
ftp and use the web from machines on the LAN out to the net.  BUT I
can't do anything which requires ident; IRC is one such example.
Basically, I've tried to redirect_port from 113 of my local IP
(192.168.0.3) to 113 of my real IP (server), but this isn't working.

redirect_port	tcp my.real.ip.here:113 192.168.0.3:113

I've also run natd in debug mode but it appears that the ident packets
aren't ever getting returned to the local machine when redirected to
the server's port.  (Footnote: I've thought of some evil, evil ways to
make this work but I'd prefer a more direct solution).

I'm running the latest port of pidentd.  I've read through the pidentd
docs and source, and (now that I think about it) it doesn't sound like
it can work with IP Masq'ed hosts.

OR, am I misdirecting my attention?  Should I be trying to redirect
irc ports instead?

Any suggestions?  Patches?  Just wondering and thanks!

-- 
Nate Patwardhan, System Administrator
O'Reilly and Associates
nvp@oreilly.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message