Simply putting a NAT rule in ipnat.rules doesn't mean the packets are passed by the ipf.rules. What's in there?
-----Original Message-----
From: Rajesh Saxena [mailto:bluehaze@sympatico.ca]
Sent: Wednesday, September 13, 2000 12:32 PM
To: misc@openbsd.org
Subject: Tircproxy problems on OpenBSD 2.7
I'm trying to set up tircproxy properly so I can connect to Efnet servers, none
of which I can connect to right now because they all complain about me not
having identd. I followed instructions from the tircproxy man page and this is
what I did.
The first line in /etc/ipnat.rules is this..
rdr tun0 192.168.1.0/24 port 6667 -> 127.0.0.1 port 7666 tcp
I chose to run tircproxy and identd from inetd and then since I was
experiencing problems I decided to run tircproxy in the foreground instead so I could
notice any error messages..
(64.229.34.26 is my external IP address and 192.168.1.1 is the firewall's IP
address where tircproxy is installed, the machine where I'm trying to access IRC
servers is 192.168.1.2)
optimus# ./tircproxy -OKHR -d9 -s 7666 -o 64.229.34.26 -i 192.168.1.1
irc.fasti.net
[7715] Port lookup 7666 -> 7666
[7715] IP lookup 64.229.34.26 -> 0x1a22e540
[7715] IP lookup 192.168.1.1 -> 0x0101a8c0
[7715] IP lookup irc.fasti.net -> 0xfda923cf
No remote port specified, defaulting to 6667
Then I issued the following commands on the computer behind the firewall..
# export IRCSERVER=irc.fasti.net
# bitchx optimus:7666
But no luck, ipfilter informs me of packets from the irc server to identd being
blocked..
Sep 13 02:33:38 optimus ipmon[23876]: 02:33:38.690956 tun0 @0:9 b
207.35.169.253,2012 -> 64.229.34.26,113 PR tcp len 20 44 -S IN
Sep 13 02:33:41 optimus ipmon[23876]: 02:33:41.685804 tun0 @0:9 b
207.35.169.253,2012 -> 64.229.34.26,113 PR tcp len 20 44 -S IN
I'd really appreciate it if someone could point out what I'm doing wrong and
preferably email me along with posting replies on the mailing list. Thanks in
advance.