----- Original Message -----
From: <lartc-request@mailman.ds9a.nl>
To: <lartc@mailman.ds9a.nl>
Sent: Monday, November 05, 2001 12:01 PM
Subject: LARTC digest, Vol 1 #312 - 2 msgs
> Send LARTC mailing list submissions to
> lartc@mailman.ds9a.nl
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://mailman.ds9a.nl/mailman/listinfo/lartc
> or, via email, send a message with subject or body ''help''
to
> lartc-request@mailman.ds9a.nl
>
> You can reach the person managing the list at
> lartc-admin@mailman.ds9a.nl
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of LARTC digest..."
>
>
> Today''s Topics:
>
> 1. RE: IRC and DCC (Largo Hellenz)
> 2. RE: IRC and DCC (Sebastian ''spax'' Pape)
>
> --__--__--
>
> Message: 1
> Reply-To: <lamp@nyc.rr.com>
> From: "Largo Hellenz" <lamp@nyc.rr.com>
> To: <lartc@mailman.ds9a.nl>
> Subject: RE: [LARTC] IRC and DCC
> Date: Sun, 4 Nov 2001 12:16:30 -0500
>
> This is a multi-part message in MIME format.
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0
> Content-Type: text/plain;
> charset="iso-8859-1"
> Content-Transfer-Encoding: 7bit
>
> i had this same problem... dcc''s sent to me after i requested them
within
a> few seconds would work, but dcc''s sent to me minutes after would
> drop...(can''t connect)
>
> the solution for me was to install socks5 on gateway only allowing
relaying> from internal interface and opening up port tcp/1080 (or whatever your
> socks5 port is) on the external interface for incoming connections.
>
> my two questions are:
> 1) is this a security issue to open up 1080 externally?
> 2) i can only connect to irc servers that dont require ident.... (ie.
> underet, but not dalnet)... any ideads?
>
> thanks,
> fernando pando
> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
> Behalf Of Joachim Wickman
> Sent: Friday, November 02, 2001 5:25 PM
> To: Greg Scott; lartc@mailman.ds9a.nl
> Subject: Re: [LARTC] IRC and DCC
>
>
> I have compiled everything into the kernel
>
> ----- Original Message -----
> From: Greg Scott
> To: ''Joachim Wickman'' ; lartc@mailman.ds9a.nl
> Sent: Saturday, November 03, 2001 12:31 AM
> Subject: RE: [LARTC] IRC and DCC
>
>
> There are some modules you need to modprobe. Try this:
>
> /sbin/modprobe ip_conntrack_irc
>
> I''ll bet there are also others. Is there some central list of
modules
> and what they do anywhere?
>
> - Greg
>
>
> -----Original Message-----
> From: Joachim Wickman [mailto:jwickman@tawi.fi]
> Sent: Friday, November 02, 2001 3:47 PM
> To: lartc@mailman.ds9a.nl
> Subject: [LARTC] IRC and DCC
>
>
> Hello
>
> I''m running NAT on my Linux box (192.168.0.1) with this
command
>
> /usr/local/sbin/iptables -t nat -A POSTROUTING -o ippp0 -j
MASQUERADE>
> Everything is working fine, except DCC in IRC.
> When I try to send something the remote machine get''s
"can''t
connect">
> Have I missed something, or what?
> It does work when I NAT with ipchains, but I like iptables more.
>
> Thanks,
> Joachim
>
>
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0
> Content-Type: text/html;
> charset="iso-8859-1"
> Content-Transfer-Encoding: quoted-printable
>
> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0
Transitional//EN">
> <HTML><HEAD>
> <META content=3D"text/html; charset=3Diso-8859-1" >
http-equiv=3DContent-Type>
> <META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR>
> <STYLE></STYLE>
> </HEAD>
> <BODY bgColor=3D#ffffff>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN >
class=3D181500917-04112001>i had=20
> this same problem... dcc''s sent to me after i requested them
within a > few=20
> seconds would work, but dcc''s sent to me minutes after
would > drop...(can''t=20
> connect)</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
>
class=3D181500917-04112001></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN >
class=3D181500917-04112001>the=20
> solution for me was to install socks5 on gateway only allowing relaying
> from=20
> internal interface and opening up port tcp/1080 (or whatever your socks5
> port=20
> is) on the external interface for incoming >
connections.</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
>
class=3D181500917-04112001></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN >
class=3D181500917-04112001>my two=20
> questions are:</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN >
class=3D181500917-04112001>1) is=20
> this a security issue to open up 1080
externally?</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN >
class=3D181500917-04112001>2) i=20
> can only connect to irc servers that dont require ident.... (ie. >
underet, but=20
> not dalnet)... any ideads?</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
>
class=3D181500917-04112001></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D181500917-04112001>thanks,</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN=20
> class=3D181500917-04112001>fernando
pando</SPAN></FONT></DIV>
> <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
> <DIV align=3Dleft class=3DOutlookMessageHeader dir=3Dltr><FONT
> face=3DTahoma=20
> size=3D2>-----Original Message-----<BR><B>From:</B>
> lartc-admin@mailman.ds9a.nl=20
> [mailto:lartc-admin@mailman.ds9a.nl]<B>On Behalf Of
</B>Joachim=20
> Wickman<BR><B>Sent:</B> Friday, November 02, 2001 5:25
> PM<BR><B>To:</B> Greg=20
> Scott; lartc@mailman.ds9a.nl<BR><B>Subject:</B> Re:
[LARTC] IRC and=20
> DCC<BR><BR></DIV></FONT>
> <DIV><FONT face=3DArial size=3D2>I have compiled everything
into the=20
> kernel</FONT></DIV>
> <DIV> </DIV>
> <BLOCKQUOTE dir=3Dltr=20
> style=3D"BORDER-LEFT: #000000 2px solid; MARGIN-LEFT: 5px; >
MARGIN-RIGHT: 0px; PADDING-LEFT: 5px; PADDING-RIGHT: 0px">
> <DIV style=3D"FONT: 10pt arial">----- Original Message
----- </DIV>
> <DIV=20
> style=3D"BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: >
black"><B>From:</B>=20
> <A href=3D"mailto:GregScott@InfraSupportEtc.com"=20
> title=3DGregScott@InfraSupportEtc.com>Greg Scott</A>
</DIV>
> <DIV style=3D"FONT: 10pt arial"><B>To:</B>
<A > href=3D"mailto:jwickman@tawi.fi"=20
> title=3Djwickman@tawi.fi>''Joachim
Wickman''</A> ; <A=20
> href=3D"mailto:lartc@mailman.ds9a.nl"=20
> title=3Dlartc@mailman.ds9a.nl>lartc@mailman.ds9a.nl</A>
</DIV>
> <DIV style=3D"FONT: 10pt
arial"><B>Sent:</B> Saturday, November 03, > 2001
12:31=20
> AM</DIV>
> <DIV style=3D"FONT: 10pt
arial"><B>Subject:</B> RE: [LARTC] IRC and >
DCC</DIV>
> <DIV><BR></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
> class=3D670451822-02112001>There are some modules you need to >
modprobe. =20
> Try this:</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
>
class=3D670451822-02112001></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
> class=3D670451822-02112001>
/sbin/modprobe=20
> ip_conntrack_irc<BR></SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
> class=3D670451822-02112001>I''ll bet there are also
others. Is > there some=20
> central list of modules and what they do >
anywhere?</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
>
class=3D670451822-02112001></SPAN></FONT> </DIV>
> <DIV><FONT color=3D#0000ff face=3DArial size=3D2><SPAN
> class=3D670451822-02112001>-=20
> Greg</SPAN></FONT></DIV>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2><SPAN=20
>
class=3D670451822-02112001> </DIV></SPAN></FONT>
> <DIV><FONT color=3D#0000ff face=3DArial
size=3D2></FONT> </DIV>
> <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px">
> <DIV align=3Dleft class=3DOutlookMessageHeader
dir=3Dltr><FONT > face=3DTahoma=20
> size=3D2>-----Original
Message-----<BR><B>From:</B> Joachim > Wickman [<A=20
> >
href=3D"mailto:jwickman@tawi.fi">mailto:jwickman@tawi.fi</A>]<BR><B>Sent:>
</B>=20
> Friday, November 02, 2001 3:47 PM<BR><B>To:</B>
<A=20
> >
href=3D"mailto:lartc@mailman.ds9a.nl">lartc@mailman.ds9a.nl</A><BR><B>Sub>
ject:</B>=20
> [LARTC] IRC and DCC<BR><BR></FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2>Hello</FONT></DIV>
> <DIV> </DIV>
> <DIV><FONT face=3DArial size=3D2>I''m running NAT
on my Linux box > (192.168.0.1)=20
> with this command</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2>/usr/local/sbin/iptables
-t nat > -A=20
> POSTROUTING -o ippp0 -j MASQUERADE</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2>Everything is working
fine, > except DCC in=20
> IRC.</FONT></DIV>
> <DIV><FONT face=3DArial size=3D2>When I try to send
something the > remote=20
> machine get''s "can''t
connect"</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial size=3D2>Have I missed something,
or=20
> what?</FONT></DIV>
> <DIV><FONT face=3DArial size=3D2>It does work when I NAT
with > ipchains, but I=20
> like iptables more.</FONT></DIV>
> <DIV><FONT face=3DArial
size=3D2></FONT> </DIV>
> <DIV><FONT face=3DArial
size=3D2>Thanks,</FONT></DIV>
> <DIV><FONT face=3DArial >
size=3D2> Joachim<BR></FONT></DIV>
> <DIV><FONT face=3DArial=20
>
size=3D2> </DIV></BLOCKQUOTE></BLOCKQUOTE></BLOCKQUOTE></FONT></BODY>
></HTML>
>
> ------=_NextPart_000_00BF_01C1652A.8904CEB0--
>
>
>
> --__--__--
>
> Message: 2
> Date: Mon, 5 Nov 2001 00:56:23 +0100 (MET)
> From: "Sebastian ''spax'' Pape"
<pape@rbg.informatik.tu-darmstadt.de>
> Cc: lartc@mailman.ds9a.nl
> Subject: RE: [LARTC] IRC and DCC
>
> hi!
>
> > 2) i can only connect to irc servers that dont require ident.... (ie.
> > underet, but not dalnet)... any ideads?
> Which identd did you install? If you use NAT/MASQ your identd should
> be able to forward requests to the proper machine and you have to run
> an identd on the client machines. The client-machine''s identd also
has
> to allow the gateway-identd to ask him even if the connection goes out
> to the internet. Or if you don''t care about your idents let the
> gateway-identd just return a dummy-string.
>
> best regards
>
> Sebastian
>
> --
> Sebastian ''spax'' Pape | Three things are
certain: Death, taxes,
and> mailto: sebastian@p-a-p-e.de | lost data. Guess which has occurred...
> pgp: http://p-a-p-e.de/pgp.asc |
> --- Do you want to know more? http://www.p-a-p-e.de/ ---
>
>
>
>
> --__--__--
>
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc
>
>
> End of LARTC Digest
>