Re: IRC DCC between 2 clients on the same net.

[Jihoon Chung <difro@sexycoder.com>]

Thanks for the reply.

On Thu, Nov 21, 2002 at 07:52:39PM -0800, Bob Hockney wrote:
> > I have 2 clients behind a masquerading gateway.
> >
> > When one of them DCC SEND to the outside world, everything's fine.
> > (Thanks
> > to ip_conntrack_irc/ip_nat_irc)
> >
> > But when I DCC-SEND from one client to the other client on the same
> > network, it doesn't work.  The sending side fails almost immediately.
> >
> > Is this normal?
> > I'm using kernel 2.4.17.
>
> DCC is a passive protocol so sending a file means an inbound tcp connection, why
> you need the irc modules in the first place.  What is happening is that
> ip_nat_irc has little choice but to substitute the external ip of your gateway
> for your LAN ip in the DCC SEND request, thus making the other client think it
> should connect to your gateway instead of the LAN address of the client machine
> to get the file -- what you want if the other client is outside your firewall.
> ip_nat_irc then intercepts this and forwards the connection to the LAN ip making
> to DCC SEND request.
>
> Try unloading the two irc modules and attempting a SEND, which should work if
> the two LAN computers can connect to each other.  Also, make sure the rules in

Yes, unloading the two irc modules does work.  But, that means I have to
manually unload the modules when I'm sending to LAN computer, and load
it again when I want to send to outside world.  Surely there must be an
easier way to support both cases.

> the FORWARD chain of the gateway box allow connections to the external ip from
> you LAN.

Why FORWARD? Shouldn't it be the INPUT chain?
Anyway, I tried it with default policy of INPUT/FORWARD/OUTPUT set to
"ACCEPT", it didn't work.