Thread: Ident problems
View Single Post
Old 12-03-2004, 06:37 PM  
Join Date: Sep 2004
Posts: 82

Yes, you can, although it's a hassle.

a) This is no problem configuring if you connect to a different site from your laptop than from your desktop. E.g.:

/usr/sbin/iptables -t nat -A PREROUTING -p tcp -i ppp0 -s $IDENTFROM1/ -d --destination-port 113 -j DNAT --to $IDENTTO1:113
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -i ppp0 -s $IDENTFROM2/ -d --destination-port 113 -j DNAT --to $IDENTTO2:113

b) If you need to be able to forward ident requests from the same site to both pc's, this will not work right away. However, there is a way to trick the connection tracking code of e.g. Linux, but it's rather complicated. Google is your friend, I'm lazy.

c) The third possibility is to run an ident server on your router, so if that is a Linux machine, don't forward connections to your PC at all but use oident or similar to reply with the same ident whenever the connection is coming from the site ip.

Your LinkSys router will not be able to do this at all, but you have the possibility to forward all ident requests to a little linux box behind it (or simply run a linux VM as a firewall). Should anyone think that this is crap, nope it's not, it's even the professional solution and it doesn't cost money if you have enough resources or a spare old pc.
chotaire is offline