Re: ipfilter ident issue
This is a discussion on Re: ipfilter ident issue within the IPFilter forums, part of the System Security and Security Related category; On 12/10/05, Peter Postma <peter@pointless.nl> wrote: > So what you need is a ident ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-13-2005
|
|||
|
|||
Re: ipfilter ident issue
On 12/10/05, Peter Postma <peter@pointless.nl> wrote:
> So what you need is a ident proxy like ports/security/oidentd, or you need > to configure identd to send out fake replys. I installed oidentd with pkg_add -r. For now I am starting it like: /usr/local/sbin/oidentd -r zelwig I removed my ident nat rule from /etc/ipnat.rules. I flushed and reinserted my nat rules using: > ipnat -CF -f /etc/ipnat.rules I still have my ident rule in /etc/ipfilter.rules: > cat /etc/ipf.rules |grep 113 pass in quick on dc0 proto tcp from any to any port = 113 flags S keep state keep frags I've tried every variation of this rule I could find google'ng. Still I have no ident using ipfilter: > telnet 24.183.200.193 113 Trying 24.183.200.193... telnet: Unable to connect to remote host: Connection timed out Using ipfstat -t I see the connection attempt listed: 207.45.69.69,55389 24.183.200.193,113 2/3 tcp 3 180 0:15 Any idea what I am doing wrong with this new setup? Thanks, -- Greg Donald Zend Certified Engineer MySQL Core Certification http://destiney.com/ 
|
Linear Mode
