# IRC and ident requests with oidentd/fakeidentd

## yogipsu

Hi,

First, thanks for any assistance in advance.  I've been attempting to get the ident daemon to function properly all day.  I've tried both fakeidentd and oidentd.  Both have been successfully emerged and started as processes.  However, even with this, I still can't ident on IRC.

I am behind a hardware router, so that provides NAT; I have port 113 configured to forward to my machine.  (I've tried sshing into my machine through port 113; it doesn't refuse the connection.  Same when sshing into my WAN's IP and trying port 113.  In contrast, when I try port 22 the connection is refused.)

I don't have a firewall enabled.  I've tried setting this machine as the DMZ.  Nothing changes.

For IRC, I'm using xchat.  Any help would be greatly appreciated.

----------

## yogipsu

Just for more information, which is beginning to really confuse me... I ran nmap against my WAN's ip to see if the router would correctly forward anything.  (No one can telnet to the WAN ip, or ping it.)

Starting nmap 3.30 ( http://www.insecure.org/nmap/ ) at 2003-08-30 00:55 EST

Host WAN (wan_ip)  appears to be up ... good.

Initiating SYN Stealth Scan against WAN (wan_ip) at 00:55

Adding open port 80/tcp

The SYN Stealth Scan took 71 seconds to scan 1644 ports.

Interesting ports on WAN (wan_ip):

(The 1641 ports scanned but not shown below are in state: filtered)

Port       State       Service

22/tcp     closed      ssh

80/tcp     open        http

113/tcp    closed      auth

...

Why are those ports listed?  And how can I open port 113?  When I ran sshd, port 22 WAS open -- but no one could telnet in.

Thanks again for any help.

----------

## yogipsu

Again, sorry to be a hassle, but I've spent hours on this ... I can't be pinged or tracerouted.  I've recompiled the kernel with support for iptables.  I tried that, but /etc/init.d/iptables save didn't work; it couldn't write to the file, giving a cat error, even though I made the directory and created the file.

Even when I have sshd and oidentd running, with netstat -natu showing that they're listening on those ports -- and with my router configured to forward ports 22 and 113 to my machine (which works on my windows computer) -- I get nothing, and no one's able to connect, nor can I respond to any IRC identd requests.  So I guess I have to be missing something simple here.

My WAN ip, 68.168.168.233, can't be pinged.  (My router is configured to NOT block WAN requests.)  I'm at wits' end here trying to figure out how to resolve this.

Thanks again...

----------

## formzero

ok.  you need to have oidentd running on your firewall/router as well.  you then configure oidentd on your firewall by creating a file in /etc called oidentd_masq.conf. 

```
/etc/oidentd_masq.conf
```

the format of the file should be

```
<Host>[/<Mask>] <Ident Response> <System Type>
```

for example:

```
192.168.0.1/255.255.255.0 jimmy UNIX
```

then on all of your boxes behind the firewall, you also need oidentd running.  in the file 

```
/etc/conf.d/oidentd 
```

you need to set the OPTIONS below

USER="nobody"

GROUP="nobody"

OPTIONS="--proxy=firewall/router host"

do that and let us know how it goes

----------

## Twister

i have a similar problem

but i use a w*nd*w* gateway

im trying to connect with an eggdrop

and i get this

i tried what you said but no go

the gateway runs an mirc client though with identd enabled

[15:14] -NOTICE- *** Looking up your hostname

[15:14] -NOTICE- *** Found your hostname, cached

[15:14] -NOTICE- *** Checking Ident

[15:15] -NOTICE- *** No ident response

[15:15] snoke.nl.quakenet.org says I'm not registered, trying next one.

OPTIONS="--proxy=10.0.0.1" 

like this?

strangest thing is

i can connect with irssi

so must be a config mistake by me

----------

