Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
IRC and ident requests with oidentd/fakeidentd
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
yogipsu
Tux's lil' helper
Tux's lil' helper


Joined: 30 Aug 2003
Posts: 98

PostPosted: Sat Aug 30, 2003 2:03 am    Post subject: IRC and ident requests with oidentd/fakeidentd Reply with quote

Hi,

First, thanks for any assistance in advance. I've been attempting to get the ident daemon to function properly all day. I've tried both fakeidentd and oidentd. Both have been successfully emerged and started as processes. However, even with this, I still can't ident on IRC.

I am behind a hardware router, so that provides NAT; I have port 113 configured to forward to my machine. (I've tried sshing into my machine through port 113; it doesn't refuse the connection. Same when sshing into my WAN's IP and trying port 113. In contrast, when I try port 22 the connection is refused.)

I don't have a firewall enabled. I've tried setting this machine as the DMZ. Nothing changes.

For IRC, I'm using xchat. Any help would be greatly appreciated.
Back to top
View user's profile Send private message
yogipsu
Tux's lil' helper
Tux's lil' helper


Joined: 30 Aug 2003
Posts: 98

PostPosted: Sat Aug 30, 2003 5:01 am    Post subject: Reply with quote

Just for more information, which is beginning to really confuse me... I ran nmap against my WAN's ip to see if the router would correctly forward anything. (No one can telnet to the WAN ip, or ping it.)

Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2003-08-30 00:55 EST
Host WAN (wan_ip) appears to be up ... good.
Initiating SYN Stealth Scan against WAN (wan_ip) at 00:55
Adding open port 80/tcp
The SYN Stealth Scan took 71 seconds to scan 1644 ports.
Interesting ports on WAN (wan_ip):
(The 1641 ports scanned but not shown below are in state: filtered)
Port State Service
22/tcp closed ssh
80/tcp open http
113/tcp closed auth

...

Why are those ports listed? And how can I open port 113? When I ran sshd, port 22 WAS open -- but no one could telnet in.

Thanks again for any help.
Back to top
View user's profile Send private message
yogipsu
Tux's lil' helper
Tux's lil' helper


Joined: 30 Aug 2003
Posts: 98

PostPosted: Sat Aug 30, 2003 8:49 am    Post subject: Reply with quote

Again, sorry to be a hassle, but I've spent hours on this ... I can't be pinged or tracerouted. I've recompiled the kernel with support for iptables. I tried that, but /etc/init.d/iptables save didn't work; it couldn't write to the file, giving a cat error, even though I made the directory and created the file.

Even when I have sshd and oidentd running, with netstat -natu showing that they're listening on those ports -- and with my router configured to forward ports 22 and 113 to my machine (which works on my windows computer) -- I get nothing, and no one's able to connect, nor can I respond to any IRC identd requests. So I guess I have to be missing something simple here.

My WAN ip, 68.168.168.233, can't be pinged. (My router is configured to NOT block WAN requests.) I'm at wits' end here trying to figure out how to resolve this.

Thanks again...
Back to top
View user's profile Send private message
formzero
n00b
n00b


Joined: 14 Dec 2002
Posts: 36
Location: Noisetown

PostPosted: Sun Aug 31, 2003 2:51 pm    Post subject: Reply with quote

ok. you need to have oidentd running on your firewall/router as well. you then configure oidentd on your firewall by creating a file in /etc called oidentd_masq.conf.

Code:
/etc/oidentd_masq.conf


the format of the file should be

Code:
<Host>[/<Mask>] <Ident Response> <System Type>


for example:

Code:
192.168.0.1/255.255.255.0 jimmy UNIX


then on all of your boxes behind the firewall, you also need oidentd running. in the file

Code:
/etc/conf.d/oidentd


you need to set the OPTIONS below

USER="nobody"
GROUP="nobody"
OPTIONS="--proxy=firewall/router host"


do that and let us know how it goes
Back to top
View user's profile Send private message
Twister
n00b
n00b


Joined: 31 Aug 2003
Posts: 7

PostPosted: Sun Aug 31, 2003 3:20 pm    Post subject: Reply with quote

i have a similar problem
but i use a w*nd*w* gateway
im trying to connect with an eggdrop
and i get this
i tried what you said but no go
the gateway runs an mirc client though with identd enabled

[15:14] -NOTICE- *** Looking up your hostname
[15:14] -NOTICE- *** Found your hostname, cached
[15:14] -NOTICE- *** Checking Ident
[15:15] -NOTICE- *** No ident response
[15:15] snoke.nl.quakenet.org says I'm not registered, trying next one.

OPTIONS="--proxy=10.0.0.1"
like this?

strangest thing is
i can connect with irssi
so must be a config mistake by me
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum