|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Cannot redirect oidentd port 113 to jail
Hey everyone, i have a problem with redirection of oident port 113 to jail. I want to share irssi for users but they connect without static ident. For example "~user@host" instead "users@host". Whey try from host, works vell. Where could be problem ?
My /etc/pf.conf Code:
IP_PUB="178.xxx.xxx.xxx" IP_JAIL="192.168.0.1" NET_JAIL="192.168.0.0/24" PORT_JAIL="{80,31337,6667,113,12345}" ################ Translation ### NAT and Redirection rules are first match ### nat pass on em0 from $NET_JAIL to any -> $IP_PUB rdr pass on em0 proto tcp from any to $IP_PUB port $PORT_JAIL -> $IP_JAIL |
|
|||
I am not sure whether the following is applicable to your setup
In a thread on the official FreeBSD forums, the problem was that the connection was initiated locally and not remotely. A local test connection did not work, but doing ir remotely worked. See https://forums.freebsd.org/viewtopic.php?&t=32139 But I don't understand why you need identd to work. When I was using irssi, I used to block incoming port 113 requests and instructed pf to send a TCP reset as answer. That way the IRC server knew that identd was not enabled.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
hey,
I need it becouse looks better :P People can change idents and irc servers impose restrictions of limit connections if u connect with "~". |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
redirect outgoing http | petter | OpenBSD Security | 8 | 25th March 2013 04:56 PM |
Jail How To: | sharris | FreeBSD General | 4 | 18th May 2011 02:10 AM |
VNC and sound redirect | DNAeon | FreeBSD Ports and Packages | 2 | 16th September 2009 07:52 PM |
Redirect Internal Network to Internal Website | plexter | OpenBSD Security | 12 | 12th February 2009 08:00 PM |
Getting around Jail IP Adresses | starbuck | FreeBSD Security | 8 | 9th August 2008 01:15 AM |