|
On Wed, Oct 08, 2003 at 03:19:16PM +0800, Michael Lee wrote:
> Thanks for explaining those to me. Now I am convinced that I am experiencing
> the authd/identd problem.
Are you seeing any identd packets on your network?
> I tried to implement the solution presented in
> chapter 12 of the howto, but I failed.
>
> First, I tried the solution on 12.7: ipchains. each of the three command
> options returned the following error msg:
>
> ipchains: Protocol no available
ipchains? Which kernel are you using. iptables is usually
the go for 2.4.x. Off the top of my head the rules should be.
ipchains -A forward -j MASQ -s 192.168.1.0/24 -d 0.0.0.0/0
becomes:
iptables -t nat -A POSTROUTING -j MASQUERADE -s 192.168.1.0/24 -d 0.0.0.0/0
ipchains -A forward -p tcp -j MASQ -s realserver1 telnet -d 0.0.0.0/0
becomes:
iptables -t nat -A POSTROUTING -j MASQUERADE -s realserver1 \
--source-port telnet -d 0.0.0.0/0
ipchains -A forward -p tcp -j MASQ -s realserver1 1024:65535 -d 0.0.0.0/0
becomes
iptables -t nat -A POSTROUTING -j MASQUERADE -s realserver \
--source-port 1024:65535 -d 0.0.0.0/0
> Then I tried the solution on 12.8: Turn off tcpwrappers. It directed me to
> modify inetd.conf, but I don't have that file. I tried to modify the file
> inside the xinetd.d directory, but the format is different, and it seem to me
> that tcp wrapper is not enabled, as shown in the telent setting:
>
> service telnet
> {
> disable = no
> flags = reuse
> socket type = stream
> wait = no
> user = root
> server = /usr/sbin/in.telnetd
> log_on_failure += USERID
> }
Given that tcpd.in doesn't feature there I guess it is
not being used and thus tcpwrappers is not being used.
But perhaps telnetd is invoking it directly.
What do your /etc/hosts.allow and /etc/hosts.deny files look like?
>
> Moreover, I can't find any setting for http, which is my main concern
http generally doesn't used identd. I am skeptical about
this being the source of your problem if http isn't working.
--
Horms
|
