From owner-freebsd-stable  Mon Dec 13 11:17:52 1999
Delivered-To: freebsd-stable@freebsd.org
Received: from kiwi.mail.easynet.net (kiwi.mail.easynet.net [195.40.1.40])
	by hub.freebsd.org (Postfix) with ESMTP id 3A531151A9
	for <freebsd-stable@freebsd.org>; Mon, 13 Dec 1999 11:17:41 -0800 (PST)
	(envelope-from ak@freenet.co.uk)
Received: from freenet.co.uk (alister.w.easynet.co.uk [212.212.251.86])
	by kiwi.mail.easynet.net (Postfix) with ESMTP
	id C70BDDAFE4; Mon, 13 Dec 1999 19:17:26 +0000 (GMT)
Message-ID: <38554782.E3F6901A@freenet.co.uk>
Date: Mon, 13 Dec 1999 19:22:42 +0000
From: Alex <ak@freenet.co.uk>
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.0-CURRENT i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Pekka Savola <Pekka.Savola@netcore.fi>
Cc: Sheepman <sheepman@mindcrash.com>, williamsl@home.com,
	freebsd-stable@freebsd.org
Subject: Re: pidentd
References: <7101.991211@Home.Com> <3.0.6.32.19991212141700.007e2ac0@netcore.home>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Pekka Savola wrote:
> 
> >  When I set up masq'ing awhile back I used a different ident daemon.  I
> >did not use pidentd.  I think maybe it was cidentd, but I am not sure.  It
> >was specifically for ip masqing.  Hope this helps a smidge.  :)
> >
> >>    I am trying to get pidentd (or any other ident daemon) to work for
> >> masqueraded hosts on a private LAN connected to the internet via a
> >> 3.2-RELEASE box. I've managed to successfully compile and install
> >> pidentd which works as a standard ident daemon but I am having
> >> difficulty figuring out how to make it work for masq'd hosts. Any
> >> ideas?
> 
> Hi,
> 
> I encountered the similar problem myself - and asked around for solutions.
> I have come to the conclusion that there are _no_ identd implementations
> for FreeBSD that would support NAT/Masq'ed connections.  There are plenty
> of them for Linux, but they seem to use proc filesystem and are of no use..



$ grep ident /etc/services 
auth            113/tcp    ident tap    #Authentication Service
auth            113/udp    ident tap    #Authentication Service


Why can't you just tell natd to redirect all incoming connections (UDP
and TCP) on port 113 to a machine behind the firewall?   

redirect_port tcp 192.168.1.2:113 113
redirect_port udp 192.168.1.2:113 113
                  ^^^^^^^^^^^
                IP address of the machine you want to respond

Alex


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message