PDA

View Full Version : Ident problems


danjef
12-03-2004, 01:50 PM
I have port forward to my wireless laptop on port 113 and it works fine. then i add a port forward for 113 on my other pc but then it does work how can i make it work for both pc's...

I have a linksys WRT54G wireless router

Thanks for any help in advance.

MxxCon
12-03-2004, 04:03 PM
you can not forward a port to 2 computers at the same time.

chotaire
12-03-2004, 06:37 PM
Yes, you can, although it's a hassle.

a) This is no problem configuring if you connect to a different site from your laptop than from your desktop. E.g.:

/usr/sbin/iptables -t nat -A PREROUTING -p tcp -i ppp0 -s $IDENTFROM1/255.255.255.255 -d 0.0.0.0/0.0.0.0 --destination-port 113 -j DNAT --to $IDENTTO1:113
/usr/sbin/iptables -t nat -A PREROUTING -p tcp -i ppp0 -s $IDENTFROM2/255.255.255.255 -d 0.0.0.0/0.0.0.0 --destination-port 113 -j DNAT --to $IDENTTO2:113

b) If you need to be able to forward ident requests from the same site to both pc's, this will not work right away. However, there is a way to trick the connection tracking code of e.g. Linux, but it's rather complicated. Google is your friend, I'm lazy.

c) The third possibility is to run an ident server on your router, so if that is a Linux machine, don't forward connections to your PC at all but use oident or similar to reply with the same ident whenever the connection is coming from the site ip.

Your LinkSys router will not be able to do this at all, but you have the possibility to forward all ident requests to a little linux box behind it (or simply run a linux VM as a firewall). Should anyone think that this is crap, nope it's not, it's even the professional solution and it doesn't cost money if you have enough resources or a spare old pc.

MxxCon
12-03-2004, 07:26 PM
there are hacks that allow WRT54G to run linux. so he could do it and then run identd on the router.

Harm
12-04-2004, 01:13 AM
If he can run Linux on his router, then he can run midentd or oidentd that are able to redirect ident requests for masqueraded (nat) connections.