To create new wiki account, please join us on #znc at Libera.Chat and ask admins to create a wiki account for you. You can say thanks to spambots for this inconvenience.
Using ident spoofs with identserver and iptables: Difference between revisions
DarthGandalf (talk | contribs) Created page with "{{Languages}} If you don't want to install oidentd, but still want proper idents - username@host instead of ~username@host, this is what you can try. =..." |
Restore Using_Ident... from archive.org - 2016/08/13 |
||
| (One intermediate revision by one other user not shown) | |||
| Line 9: | Line 9: | ||
== How it's done == | == How it's done == | ||
1. Download the identserver module from [ | 1. Download the identserver module from [https://raw.github.com/KiNgMaR/znc/msvc/win32/extra_modules/identserver.cpp here]. | ||
2. Open it with a text editor | 2. Open it with a text editor and replace | ||
and replace | |||
m_serverPort = 113; | m_serverPort = 113; | ||
with | with | ||
| Line 24: | Line 22: | ||
6. Add this iptables rule: | 6. Add this iptables rule: | ||
iptables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 | |||
ip6tables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 | |||
Replace '''both''' instances of ''1.2.3.4'' with your server's IP. If you have multiple "vhosts", you need to issue this command once for each IP. | Replace '''both''' instances of ''1.2.3.4'' with your server's IP. If you have multiple "vhosts", you need to issue this command once for each IP. | ||
| Line 32: | Line 31: | ||
The rule from above will not stick across restarts. On Gentoo, you can use | The rule from above will not stick across restarts. On Gentoo, you can use | ||
/etc/init.d/iptables save | /etc/init.d/iptables save | ||
/etc/init.d/ip6tables save | |||
to make it stick. | to make it stick. | ||
To delete/remove the rule, use the same command as above, but insert -D instead of -A: | To delete/remove the rule, use the same command as above, but insert -D instead of -A: | ||
iptables -t nat -D PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 | iptables -t nat -D PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 | ||
ip6tables -t nat -D PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 | |||
Enjoy! | Enjoy! | ||
Latest revision as of 20:25, 19 May 2017
 |
Languages: |
[[::Using ident spoofs with identserver and iptables|English]] |
If you don't want to install oidentd, but still want proper idents - username@host instead of ~username@host, this is what you can try.
What you need
- You need root access.
- You need iptables.(iptables --version shouldn't say "command not found")
- You need a compiler.
How it's done
1. Download the identserver module from here.
2. Open it with a text editor and replace
m_serverPort = 113;
with
m_serverPort = 11300;
3. Save the cpp file.
4. compile this module and copy the .so file to your modules folder.
5. Load the module into ZNC. It's a global module.
6. Add this iptables rule:
iptables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 ip6tables -t nat -A PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300
Replace both instances of 1.2.3.4 with your server's IP. If you have multiple "vhosts", you need to issue this command once for each IP.
7. That's it. If you did everything correctly, ZNC can now send ident replies without oidentd.
iptables info
The rule from above will not stick across restarts. On Gentoo, you can use
/etc/init.d/iptables save /etc/init.d/ip6tables save
to make it stick.
To delete/remove the rule, use the same command as above, but insert -D instead of -A:
iptables -t nat -D PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300 ip6tables -t nat -D PREROUTING -p tcp -d 1.2.3.4 --dport 113 -j DNAT --to 1.2.3.4:11300
Enjoy!