--- DrewB <[EMAIL PROTECTED]> wrote: > I have recently built a server which runs a private IRCD, and I would like > to be able to support DCC connections to the server using the IRC connection > tracking module. I have built a custom 2.6.1 kernel for the server (using DCC connections "to" an ircd? I did not know that there was a client interface to the server, thought it is posible it's unlikely that this is what you want.
> make-kpkg) and all iptables/netfilter options are statically built into the > kernel (no modules used). I used Firewall Builder to build the basic > iptables script. The script generated by Firewall Builder attempts to > execute the following iptables command in order to implement the IRC > connection tracking module: > > iptables -A INPUT -d 208.254.7.36 -m irc -m state --state NEW -j ACCEPT > I have to admit I coulden't get this to work my self. AFAIK the -m irc is not neaded. What I did what put ip_nat_irc and the like in /etc/modules. This caused ipfilter to track masquraded irc connections and translated DDC requests. YOU DON'T WANT TO DO THIS ON YOUR SERVER AS ALL DCC REQUESTS WILL BE NATED TO IT! I don't know how to controle the state mechine on linux I would use bsd's netfilter, it's got better support for this. However linux has a better shaper(tc). mike > IPTables complains, however, when it encounters the above the command line. > The error notice is: > > iptables v1.2.9: Couldn't load match `irc':/lib/iptables/libipt_irc.so: > cannot open shared object file: No such file or directory > > I am currently using the v1.29 iptables & iptables-dev Debian packages. My > kernel source includes the file "ip_conntrack_irc.c" and this option is > enabled in the kernel. Am I looking at two different types of IRC tracking > between the kernel tracking option versus the above iptables command or is > IRC connection tracking simply not yet included in the Debian iptables > packages? Thank you to anyone who might be able to shed some light on what I > am missing here. > > Respectfully, > > Drew Berendts, CISSP > __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/
