identd

Discussion of EFnet's IRCDs (hybrid, ratbox, csircd)

Moderators: Website/Forum Admins, Software/IRCD Moderators

kaydiddy
Posts: 5
Joined: Thu Jan 08, 2004 5:18 am

identd

Postby kaydiddy » Thu Jan 08, 2004 5:21 am

User avatar
corrupt
Site Admin
Posts: 81
Joined: Wed Jul 02, 2003 1:08 pm
Location: Danville, KY
Contact:

Postby corrupt » Thu Jan 08, 2004 5:42 am

I have no idea what exactly you are trying to say, so perhaps you could rephrase it. No, EFNet servers do not send ident requests from port 6667, they send requests from port 113 which follows the RFC1413 guidelines. For more information about RFC1413 visit .

If you want to give your users access to use identd to connect to EFNet servers, simply place a rule in your firewall that allows all TCP traffic to and from port 113.
Josh Baird
[corrupt]@EFNet
O: irc.choopa.net
kaydiddy
Posts: 5
Joined: Thu Jan 08, 2004 5:18 am

pfft

Postby kaydiddy » Thu Jan 08, 2004 11:49 am

If you don't mind, I wasn't exactly requesting a reply from a newbie, but ah, I suppose I shouldn't expect anything less. No, EFNet servers (what exactly are 'EFNet servers'?) do not send ident requests from port 113, they send ident requests destined for port 113. What exactly does this have to do with my post? Thanks.
Hwy
Posts: 66
Joined: Wed Jul 16, 2003 12:27 pm

Postby Hwy » Thu Jan 08, 2004 12:59 pm

All IRC servers use a standard TCP connect() to send the identd request. There is no logical reason in the code to set the source port, and unlike in UDP, I don't think it would work.

I believe you'll always have to deal with a source port for identd checks as ephemeral.

If you want to firewall things, why not just choose 1 or 2 stable servers and allow them by IP; or use stateful filtering?
Last edited by Hwy on Thu Jan 08, 2004 2:31 pm, edited 1 time in total.
User avatar
munky
Site Admin
Posts: 826
Joined: Wed Jul 02, 2003 4:54 pm
Location: Phoenix AZ
Contact:

Postby munky » Thu Jan 08, 2004 2:19 pm

nowhere in rfc does it state what port an ident request should come from. it only states that a query should include the port the client is connecting to.
ie:
client.23523 -> server.6667
initiates an ident requesty
server.[random] -> client.113
query = "23523,6667"

afaik, not many, if any, services have a set port that connections come from. it's pretty standard that the client port be a random port > 1024. i believe that with standard bsd sockets, where you create a socket(AF_INET, SOCK_STREAM, 0) (nope, no source port specified here), and connect to a sockaddr, which specifies a sin_port, sin_addr, and sin_family of the server (no source port there, either).

so, my guess is, no, you're not going to be seeing ratbox or hybrid or any other portable ircd having all ident requests come from 6667.
In God we trust,
Everyone else must have an X.509 certificate.
User avatar
corrupt
Site Admin
Posts: 81
Joined: Wed Jul 02, 2003 1:08 pm
Location: Danville, KY
Contact:

Re: pfft

Postby corrupt » Thu Jan 08, 2004 4:48 pm

Josh Baird

[corrupt]@EFNet

O: irc.choopa.net
kaydiddy
Posts: 5
Joined: Thu Jan 08, 2004 5:18 am

heh

Postby kaydiddy » Fri Jan 09, 2004 6:48 am

User avatar
corrupt
Site Admin
Posts: 81
Joined: Wed Jul 02, 2003 1:08 pm
Location: Danville, KY
Contact:

Postby corrupt » Fri Jan 09, 2004 7:40 am

Josh Baird

[corrupt]@EFNet

O: irc.choopa.net

Return to “IRCD”

Who is online

Users browsing this forum: No registered users and 1 guest