From owner-freebsd-stable  Sun Dec 12 17: 3:39 1999
Delivered-To: freebsd-stable@freebsd.org
Received: from copland.udel.edu (copland.udel.edu [128.175.13.92])
	by hub.freebsd.org (Postfix) with ESMTP id 5131514E36
	for <freebsd-stable@FreeBSD.ORG>; Sun, 12 Dec 1999 17:03:32 -0800 (PST)
	(envelope-from papalia@UDel.Edu)
Received: from morgaine (host75-157.student.udel.edu [128.175.75.157])
	by copland.udel.edu (8.9.3/8.9.3) with SMTP id UAA09810;
	Sun, 12 Dec 1999 20:03:23 -0500 (EST)
Message-Id: <4.1.19991212200211.0093e390@mail.udel.edu>
X-Sender: papalia@mail.udel.edu
X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 
Date: Sun, 12 Dec 1999 20:03:32 -0500
To: Pekka Savola <Pekka.Savola@netcore.fi>
From: John <papalia@UDel.Edu>
Subject: Re: pidentd
Cc: williamsl@home.com, Sheepman <sheepman@mindcrash.com>,
	freebsd-stable@FreeBSD.ORG
In-Reply-To: <3.0.6.32.19991212190534.007ec9b0@netcore.home>
References: <4.1.19991212114203.00959100@mail.udel.edu>
 <3.0.6.32.19991212184024.0097fa70@netcore.home>
 <4.1.19991212111055.009552e0@mail.udel.edu>
 <3.0.6.32.19991212141700.007e2ac0@netcore.home>
 <Pine.BSF.4.10.9912111021230.22332-100000@hemorrhage.mindcr ash.com>
 <7101.991211@Home.Com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>If you're running windows boxen behind your FreeBSD server, then (at least
>>I think) the EASIEST way to solve your problem is to run IRC clients on
>>yoru windows boxen which contain identd servers to themselves.  This
>
>This is correct, but doesn't help the actual problem because internal boxes
>never get those ident requests.
>
>The scenario here is that upon connecting to an irc server, the server asks
>from your BSD server's identd who the heck that user is.  FreeBSD's identd
>server has no way of knowing that this request should be forwarded to a
>NAT'ed windows box X.  So, there will never be an identd request from irc
>server to MIRC to respond to.  The working behaviour could probably be
>achieves so that the identd server on FreeBSD examined NAT state data and
>forwarded requests appropriately (if the server was configured to forward
>them - this could be security risk too).
>
>You could, of course, redirect all identd requests coming on your FreeBSD
>box to the internal windows box, but this would break the BSD box pretty
>badly. (e.g. login timeouts when using FTP) - and there could be only one
>computer in your private LAN that'd use ident.
>
>One solution might be to use an appropriate proxy/bouncer in the FreeBSD
>box and connect to it using IRC clients, but I wouldn't want to do that.


I went back through my notes from earlier this year, and alas discovered
that I never did solve the problem you're describing.  And at the time of
my posting a response to your answer, I guess I wasn't awake enough to
fully absorb the question.

Simply put, I'd like to apologize for posting a useless answer that didn't
help in the slightest :)

Regards,
John


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message