* IRC and Conntrack problem
@ 2002-11-02 15:42 Mihai Tanasescu
2002-11-03 11:15 ` Alistair Tonner
2002-11-03 18:11 ` Roy Sigurd Karlsbakk
0 siblings, 2 replies; 4+ messages in thread
From: Mihai Tanasescu @ 2002-11-02 15:42 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 240 bytes --]
I have installed the kernel module for conntracking irc connections. Still I can only receive dcc sends but I can't initiate any dcc send sessions. I get the error message failed to connect or something like that.
What am I doing wrong?
[-- Attachment #2: Type: text/html, Size: 564 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: IRC and Conntrack problem
2002-11-02 15:42 IRC and Conntrack problem Mihai Tanasescu
@ 2002-11-03 11:15 ` Alistair Tonner
2002-11-03 18:11 ` Roy Sigurd Karlsbakk
1 sibling, 0 replies; 4+ messages in thread
From: Alistair Tonner @ 2002-11-03 11:15 UTC (permalink / raw)
To: Mihai Tanasescu; +Cc: netfilter
1) the ipt_conntrack_irc and ipt_nat_irc modules need to know
what
ports you are connecting to the IRC servers on. You pass
these
port numbers as a parameter to the module when loaded.
2) IRC clients behind the firewall *must* use their *inside* ip
address *not* the firewall ip address ... this is notable in
MIRC -- the client defaults to using the ip reported by the
server. -- that turns the connection requests into something
that iptables will drop as a forged IRC command -- check
your logs.
In my case:
/sbin/modprobe ip_conntrack_irc
ports=6663,6664,6665,6666,6667,6668,6669,7000
/sbin/modprobe ip_nat_irc ports=6663,6664,6665,6666,6667,6668,6669,7000
You can edit ip_conntrack_irc.c and ip_nat_irc.c and change MAX_PORTS
if you
need more ports to connect to and then rebuild the modules.
On 2002.11.02 10:42 Mihai Tanasescu wrote:
> I have installed the kernel module for conntracking irc connections.
> Still I can only receive dcc sends but I can't initiate any dcc send
> sessions. I get the error message failed to connect or something like
> that.
> What am I doing wrong?
>
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: IRC and Conntrack problem
2002-11-02 15:42 IRC and Conntrack problem Mihai Tanasescu
2002-11-03 11:15 ` Alistair Tonner
@ 2002-11-03 18:11 ` Roy Sigurd Karlsbakk
1 sibling, 0 replies; 4+ messages in thread
From: Roy Sigurd Karlsbakk @ 2002-11-03 18:11 UTC (permalink / raw)
To: Mihai Tanasescu, netfilter
Mihai Tanasescu wrote:
> I have installed the kernel module for conntracking irc connections.
> Still I can only receive dcc sends but I can't initiate any dcc send
> sessions. I get the error message failed to connect or something like
> that.
> What am I doing wrong?
have you got any lines in iptables looking like this?
iptables -A INPUT -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
please send your iptables config
^ permalink raw reply [flat|nested] 4+ messages in thread
* IRC and Conntrack problem
@ 2002-11-02 15:39 Mihai Tanasescu
0 siblings, 0 replies; 4+ messages in thread
From: Mihai Tanasescu @ 2002-11-02 15:39 UTC (permalink / raw)
To: netfilter
[-- Attachment #1: Type: text/plain, Size: 241 bytes --]
I have installed the kernel module for conntracking irc connections. Still I can only receive dcc sends but I can't initiate any dcc send sessions. I get the error message failed to connect or something like that.
What am I doing wrong?
[-- Attachment #2: Type: text/html, Size: 565 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2002-11-03 18:11 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2002-11-02 15:42 IRC and Conntrack problem Mihai Tanasescu
2002-11-03 11:15 ` Alistair Tonner
2002-11-03 18:11 ` Roy Sigurd Karlsbakk
-- strict thread matches above, loose matches on Subject: below --
2002-11-02 15:39 Mihai Tanasescu
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.