[LARTC] Re: LARTC digest, Vol 1 #312

* [LARTC] Re: LARTC digest, Vol 1 #312 - 2 msgs
@ 2001-11-05 15:36 Yolanda Knoop
  2001-11-05 15:36 ` Yolanda Knoop
                   ` (14 more replies)
  0 siblings, 15 replies; 16+ messages in thread
From: Yolanda Knoop @ 2001-11-05 15:36 UTC (permalink / raw)
  To: lartc


----- Original Message -----
From: <lartc-request@mailman.ds9a.nl>
To: <lartc@mailman.ds9a.nl>
Sent: Monday, November 05, 2001 12:01 PM
Subject: LARTC digest, Vol 1 #312 - 2 msgs


> Send LARTC mailing list submissions to
> lartc@mailman.ds9a.nl
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.ds9a.nl/mailman/listinfo/lartc
> or, via email, send a message with subject or body 'help' to
> lartc-request@mailman.ds9a.nl
>
> You can reach the person managing the list at
> lartc-admin@mailman.ds9a.nl
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of LARTC digest..."
>
>
> Today's Topics:
>
>    1. RE: IRC and DCC (Largo Hellenz)
>    2. RE: IRC and DCC (Sebastian 'spax' Pape)
>
> --__--__--
>
> Message: 1
> Reply-To: <lamp@nyc.rr.com>
> From: "Largo Hellenz" <lamp@nyc.rr.com>
> To: <lartc@mailman.ds9a.nl>
> Subject: RE: [LARTC] IRC and DCC
> Date: Sun, 4 Nov 2001 12:16:30 -0500
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
>
> i had this same problem... dcc's sent to me after i requested them within
a
> few seconds would work, but dcc's sent to me  minutes after would
> drop...(can't connect)
>
> the solution for me was to install socks5 on gateway only allowing
relaying
> from internal interface and opening up port tcp/1080 (or whatever your
> socks5 port is) on the external interface for incoming connections.
>
> my two questions are:
> 1) is this a security issue to open up 1080 externally?
> 2) i can only connect to irc servers that dont require ident.... (ie.
> underet, but not dalnet)... any ideads?
>
> thanks,
> fernando pando
>   -----Original Message-----
>   From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
> Behalf Of Joachim Wickman
>   Sent: Friday, November 02, 2001 5:25 PM
>   To: Greg Scott; lartc@mailman.ds9a.nl
>   Subject: Re: [LARTC] IRC and DCC
>
>
>   I have compiled everything into the kernel
>
>     ----- Original Message -----
>     From: Greg Scott
>     To: 'Joachim Wickman' ; lartc@mailman.ds9a.nl
>     Sent: Saturday, November 03, 2001 12:31 AM
>     Subject: RE: [LARTC] IRC and DCC
>
>
>     There are some modules you need to modprobe.  Try this:
>
>         /sbin/modprobe ip_conntrack_irc
>
>     I'll bet there are also others.  Is there some central list of modules
> and what they do anywhere?
>
>     - Greg
>
>
>       -----Original Message-----
>       From: Joachim Wickman [mailto:jwickman@tawi.fi]
>       Sent: Friday, November 02, 2001 3:47 PM
>       To: lartc@mailman.ds9a.nl
>       Subject: [LARTC] IRC and DCC
>
>
>       Hello
>
>       I'm running NAT on my Linux box (192.168.0.1) with this command
>
>       /usr/local/sbin/iptables -t nat -A POSTROUTING -o ippp0 -j
MASQUERADE
>
>       Everything is working fine, except DCC in IRC.
>       When I try to send something the remote machine get's "can't
connect"
>
>       Have I missed something, or what?
>       It does work when I NAT with ipchains, but I like iptables more.
>
>       Thanks,
>          Joachim
>
>
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
> <HTML><HEAD>
> <META content="text/html; charset=iso-8859-1" > http-equiv=Content-Type>
> <META content="MSHTML 5.00.2920.0" name=GENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=#ffffff>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=181500917-04112001>i had 
> this same problem... dcc's sent to me after i requested them within a > few 
> seconds would work, but dcc's sent to me&nbsp; minutes after would > drop...(can't 
> connect)</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=181500917-04112001></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=181500917-04112001>the 
> solution for me was to install socks5 on gateway only allowing relaying > from 
> internal interface and opening up port tcp/1080 (or whatever your socks5 > port 
> is) on the external interface for incoming > connections.</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=181500917-04112001></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=181500917-04112001>my two 
> questions are:</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=181500917-04112001>1) is 
> this a security issue to open up 1080 externally?</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=181500917-04112001>2) i 
> can only connect to irc servers that dont require ident.... (ie. > underet, but 
> not dalnet)... any ideads?</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=181500917-04112001></SPAN></FONT>&nbsp;</DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=181500917-04112001>thanks,</SPAN></FONT></DIV>
> <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
> class=181500917-04112001>fernando pando</SPAN></FONT></DIV>
> <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
>   <DIV align=left class=OutlookMessageHeader dir=ltr><FONT > face=Tahoma 
>   size=2>-----Original Message-----<BR><B>From:</B> > lartc-admin@mailman.ds9a.nl 
>   [mailto:lartc-admin@mailman.ds9a.nl]<B>On Behalf Of </B>Joachim 
>   Wickman<BR><B>Sent:</B> Friday, November 02, 2001 5:25 > PM<BR><B>To:</B> Greg 
>   Scott; lartc@mailman.ds9a.nl<BR><B>Subject:</B> Re: [LARTC] IRC and 
>   DCC<BR><BR></DIV></FONT>
>   <DIV><FONT face=Arial size=2>I have compiled everything into the 
>   kernel</FONT></DIV>
>   <DIV>&nbsp;</DIV>
>   <BLOCKQUOTE dir=ltr 
>   style="BORDER-LEFT: #000000 2px solid; MARGIN-LEFT: 5px; > MARGIN-RIGHT: 0px; PADDING-LEFT: 5px; PADDING-RIGHT: 0px">
>     <DIV style="FONT: 10pt arial">----- Original Message ----- </DIV>
>     <DIV 
>     style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: > black"><B>From:</B> 
>     <A href="mailto:GregScott@InfraSupportEtc.com" 
>     title=GregScott@InfraSupportEtc.com>Greg Scott</A> </DIV>
>     <DIV style="FONT: 10pt arial"><B>To:</B> <A > href="mailto:jwickman@tawi.fi" 
>     title=jwickman@tawi.fi>'Joachim Wickman'</A> ; <A 
>     href="mailto:lartc@mailman.ds9a.nl" 
>     title=lartc@mailman.ds9a.nl>lartc@mailman.ds9a.nl</A> </DIV>
>     <DIV style="FONT: 10pt arial"><B>Sent:</B> Saturday, November 03, > 2001 12:31 
>     AM</DIV>
>     <DIV style="FONT: 10pt arial"><B>Subject:</B> RE: [LARTC] IRC and > DCC</DIV>
>     <DIV><BR></DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001>There are some modules you need to > modprobe.&nbsp; 
>     Try this:</SPAN></FONT></DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001></SPAN></FONT>&nbsp;</DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001>&nbsp;&nbsp;&nbsp; /sbin/modprobe 
>     ip_conntrack_irc<BR></SPAN></FONT></DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001>I'll bet there are also others.&nbsp; Is > there some 
>     central list of modules and what they do > anywhere?</SPAN></FONT></DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001></SPAN></FONT>&nbsp;</DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN > class=670451822-02112001>- 
>     Greg</SPAN></FONT></DIV>
>     <DIV><FONT color=#0000ff face=Arial size=2><SPAN 
>     class=670451822-02112001>&nbsp;</DIV></SPAN></FONT>
>     <DIV><FONT color=#0000ff face=Arial size=2></FONT>&nbsp;</DIV>
>     <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
>       <DIV align=left class=OutlookMessageHeader dir=ltr><FONT > face=Tahoma 
>       size=2>-----Original Message-----<BR><B>From:</B> Joachim > Wickman [<A 
>       > href="mailto:jwickman@tawi.fi">mailto:jwickman@tawi.fi</A>]<BR><B>Sent:> </B> 
>       Friday, November 02, 2001 3:47 PM<BR><B>To:</B> <A 
>       > href="mailto:lartc@mailman.ds9a.nl">lartc@mailman.ds9a.nl</A><BR><B>Sub> ject:</B> 
>       [LARTC] IRC and DCC<BR><BR></FONT></DIV>
>       <DIV><FONT face=Arial size=2>Hello</FONT></DIV>
>       <DIV>&nbsp;</DIV>
>       <DIV><FONT face=Arial size=2>I'm running NAT on my Linux box > (192.168.0.1) 
>       with this command</FONT></DIV>
>       <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>       <DIV><FONT face=Arial size=2>/usr/local/sbin/iptables -t nat > -A 
>       POSTROUTING -o ippp0 -j MASQUERADE</FONT></DIV>
>       <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>       <DIV><FONT face=Arial size=2>Everything is working fine, > except DCC in 
>       IRC.</FONT></DIV>
>       <DIV><FONT face=Arial size=2>When I try to send something the > remote 
>       machine get's "can't connect"</FONT></DIV>
>       <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>       <DIV><FONT face=Arial size=2>Have I missed something, or 
> what?</FONT></DIV>
>       <DIV><FONT face=Arial size=2>It does work when I NAT with > ipchains, but I 
>       like iptables more.</FONT></DIV>
>       <DIV><FONT face=Arial size=2></FONT>&nbsp;</DIV>
>       <DIV><FONT face=Arial size=2>Thanks,</FONT></DIV>
>       <DIV><FONT face=Arial > size=2>&nbsp;&nbsp;&nbsp;Joachim<BR></FONT></DIV>
>       <DIV><FONT face=Arial 
> size=2>&nbsp;</DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></FONT></BODY> ></HTML>
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0--
>
>
>
> --__--__--
>
> Message: 2
> Date: Mon, 5 Nov 2001 00:56:23 +0100 (MET)
> From: "Sebastian 'spax' Pape" <pape@rbg.informatik.tu-darmstadt.de>
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] IRC and DCC
>
> hi!
>
> > 2) i can only connect to irc servers that dont require ident.... (ie.
> > underet, but not dalnet)... any ideads?
> Which identd did you install? If you use NAT/MASQ your identd should
> be able to forward requests to the proper machine and you have to run
> an identd on the client machines. The client-machine's identd also has
> to allow the gateway-identd to ask him even if the connection goes out
> to the internet. Or if you don't care about your idents let the
> gateway-identd just return a dummy-string.
>
> best regards
>
> Sebastian
>
> --
> Sebastian 'spax' Pape          | Three things are certain: Death, taxes,
and
> mailto: sebastian@p-a-p-e.de   | lost data. Guess which has occurred...
> pgp: http://p-a-p-e.de/pgp.asc |
>          --- Do you want to know more? http://www.p-a-p-e.de/ ---
>
>
>
>
> --__--__--
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc
>
>
> End of LARTC Digest
>


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

^ permalink raw reply	[flat|nested] 16+ messages in thread