Date: Thu, 19 Oct 2000 11:01:10 +0300 From: Ruslan Ermilov <ru@FreeBSD.ORG> To: Bjarni Runar Einarsson <bre@netverjar.is> Cc: freebsd-net@FreeBSD.ORG Subject: Re: natd & identd cooperation? Message-ID: <20001019110110.C98924@sunbay.com> In-Reply-To: <20001018184017.A1218@klaki.net>; from bre@netverjar.is on Wed, Oct 18, 2000 at 06:40:17PM %2B0000 References: <20001018184017.A1218@klaki.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Oct 18, 2000 at 06:40:17PM +0000, Bjarni Runar Einarsson wrote: > Hi all, > > I'm a relatively new FreeBSD user, lured from the world of Linux by > the FreeBSD jails... so far so good. > > I'm currently playing with a 4.1.1 box which gives jailed users > access to the 'net via natd. For those users interested in using > IRC, the lack of an identd which will correctly either reply on a > jail-by-jail basis or relay the ident requests back to a jailed > identd is a bit of a problem. > > No, I'm not interested in randomizing the ident replies. :-) > > So, my question is, am I overlooking something, or is my only > option to go ahead and hack up some identd and natd so they will > communicate with each other? > > My current strategy is to use shared-memory tables to get oidentd > and natd to talk to each other, allowing me to set up both static > ip<->username mappings and dynamic connection<->user mappings. I > have a ready-to-use library (UDB) designed for just this sort of > thing, so this shouldn't take too much effort. > > Am I reinventing the wheel here, or is this a worthwhile project? > Please stop me if someone has already solved this problem! > > Please CC: any replies directly to me, since I am not at the moment > subscribed to this mailing list. > I am working on implementing IDENT support for libalias(3) and (as a consequence) for natd(8). Meanwhile, you can do it with inetd(8) as follows: In /etc/inetd.conf, specify the following string for internal ``auth'': auth stream tcp nowait root internal auth -d foo Then redirect the TCP port 113 to this machine's inetd like this: natd -redirect_port tcp NAT:auth auth If you like, I will let you know when my IDENT patch will be ready. Hope this helps, -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001019110110.C98924>