Re: IRC DCC through a firewall

To: Debian User List <debian-user@lists.debian.org>
Subject: Re: IRC DCC through a firewall
From: Rene Chaddock <renec-debian-user@zorro.pangea.ca>
Date: Sat, 6 Oct 2001 19:53:35 -0500
Message-id: <[🔎] 20011006195335.B8142@zorro.pangea.ca>
In-reply-to: <[🔎] 20011004183026.A25396@pobox.com>
References: <[🔎] 1002207501.3bbc790db3ad9@dios.teppic.co.uk> <[🔎] 20011004110948.B14710@harmony.cs.rit.edu> <[🔎] 1002211332.3bbc88048c9d2@dios.teppic.co.uk> <[🔎] 20011004183026.A25396@pobox.com>

reason it doesn't work is that it sends the wrong IP address.

dcc send sends the ip address of the machine in the actual protocol, 
and so those packets have to be munged.

Beats me why the module doesn't work right, its never worked here. Not
once.

Rene

On Oct 04, Fredrik Jagenheim wrote:
> On Thu, Oct 04, 2001 at 05:02:12PM +0100, Andrew Pritchard wrote:
> > Quoting dman <dsh8290@rit.edu>:
> > > I've got a Debian firewall setup, which is working ok. I can DCC
> > > receive files, but I can't DCC send. The ip_masq_irc module is |
> > > installed on the firewall. If I try to send, it starts trying to |
> > > send, the receiver gets the right IP address, and sends the |
> > > acknowledgement, but the transfer never starts. Have I |
> > > misconfiguered something or is this by design?
> > > 
> > 
> > ipchains, fairly loose rules. It's a debian stable box, very very
> > little running on the machine.
> > 
> 
> I'm a little unsure of the DCC protcol, but could it be that you never
> see the ack?
> That is, you send 'I have a file for you' over _normal_ IRC channel.
> He receives this and then sends the ack to a different port on your
> computer telling you 'fine, I accept that fine file you have for me,
> let's use this socket-pair for the transfer'.
> And as you're probably running NAT, your firewall won't know that the
> port your friend is sending to should go to your IRC program, thus it
> simply drops it, and you never see the ack, and the transfer doesn't
> start.
> As I said, I don't remember the IRC protocol, haven't been on there
> for ages, but check your firewalls logging for what it drops...
> 
> Oh, you wanted to know the solution too?
> Check if you can't either get a SOCKS-server running on the firewall
> (I've tried it, and I can't make it work at all) or tell the IRC
> program to use specific ports for DCC transfers and forward those
> ports inward. For example, I've done this for accepting files through
> ICQ (using iptables, but you get the idea):
> iptables -t nat -A PREROUTING -i eth1 -p TCP --dport 6060 -j DNAT --to 192.168.1.2
> 
> HTH,
> //Fredde
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

References:
- IRC DCC through a firewall
  - From: Andrew Pritchard <andrew@teppic.co.uk>
- Re: IRC DCC through a firewall
  - From: dman <dsh8290@rit.edu>
- Re: IRC DCC through a firewall
  - From: Andrew Pritchard <andrew@teppic.co.uk>
- Re: IRC DCC through a firewall
  - From: Fredrik Jagenheim <humming@pobox.com>

Prev by Date: Re: Packages
Next by Date: FIXED! Re: make X messages more verbose
Previous by thread: Re: IRC DCC through a firewall
Next by thread: Fwd: Re: IRC DCC through a firewall
Index(es):
- Date
- Thread