Date: Fri, 20 Oct 2000 14:03:47 +0000 From: Bjarni Runar Einarsson <bre@netverjar.is> To: freebsd-net@FreeBSD.ORG Subject: Re: natd & identd cooperation? (and identd + jails) Message-ID: <20001020140347.A25546@klaki.net> In-Reply-To: <20001019120511.A4555@sunbay.com>; from Ruslan Ermilov on Thu, Oct 19, 2000 at 12:05:11PM %2B0300 References: <20001018184017.A1218@klaki.net> <20001019110110.C98924@sunbay.com> <20001019120511.A4555@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2000-10-19, 12:05:11 (+0300) Ruslan Ermilov wrote: > > I am working on implementing IDENT support for libalias(3) and (as a > > consequence) for natd(8). Meanwhile, you can do it with inetd(8) as > > follows: I took a stab at the problem, and have implemented primitive support within libalias for cooperation with oidentd. The implementation uses my UDB library (http://bre.klaki.net/programs/udb/), which allows the libalias app. and the ident server to share a table of ip<->user and connection<->user or connection<->connection mappings. The ident protocol doesn't by default allow user-land forwarding of connections (machine A can't request info about connections between B and C), but adding support for forwarded requests to an ident daemon is relatively easy. All in all, it works reasonably well - should I clean it up and share? While hacking I found out that all this effort was not quite necessary for a jailed environment like mine - an unmodified oidentd appears to ident connections correctly already, as long as natd is instructed to use the same ports. Using my libalias/UDB/oidentd hack is only useful because it adds the option of assigning a single user name to a whole jail. -- Bjarni R. Einarsson PGP: 02764305, B7A3AB89 bre@netverjar.is -><- http://bre.klaki.net/ Netverjar gegn ruslpósti: http://www.netverjar.is/baratta/ruslpostur/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001020140347.A25546>