|
Alois Treindl wrote:
> I know there is chapter 16 in the HPWTO and it writes a lot about
> identd,
> but I apparently fail to understand what I need to do.
I guess I need to make this clearer.
1. In general: compile the utility NOT to use identd/tcpd/wrappers
(pam ?).
2. For VS-NAT, you tell the director to NAT the calls from the ident
client on the real-servers. I don't remember exactly how to do it.
You could NAT everything from the real-servers, which you seem to
have done here (so I don't know why it isn't working)
> I have an ipchains entry on the director
> -A forward -s 10.1.1.1/255.255.255.255 1025:65535 -d 0.0.0.0/0.0.0.0
> -p 6 -j MASQ
> (10.1.1.1 is the RIP 'w1' from the log message further up).
or you could NAT all calls to -d 0.0.0.0:authd
If you are root on the client, ident on the real-server
will return a fail (I think).
Joe
--
Joseph Mack PhD, Senior Systems Engineer, Lockheed Martin
contractor to the National Environmental Supercomputer Center,
mailto:mack.joseph@xxxxxxx ph# 919-541-0007, RTP, NC, USA
|
