> > > I run an IRC server (IRCd) on the same box that does the packet filtering
> > > (netfilter/iptables). I connect to that box with one of my other local
> > > machines and I am unable to send/receive DCC stuff. I think it's because
> > > the local box sees our local IP addresses (192.168.1.0/24) so it can't
> > > forward the packets appropriately (or maybe because the local addresses
> > > can't resolve via DNS). Is ther any way I can fix this, other than using an
> > > actual proxy?
> I have been connecting to my IRC server on it's external IP. In fact, it won't
> allow me to connect to IRC on it's internal IP. Yet it still sees my
> IP as 192.168.1.177 .
As I think about this some more, DCC sends will not work with the server on the
gateway box.
This is because the way ip_nat_irc determines what address to give the remote host to
connect
to is to look at the address the server thinks it is connected to, which is the
external IP if
you are connected to a remote server, but will be the LAN IP of the client
(192.168.1.177 in
your example) if the server is local. If you can put the server on a DMZ and SNAT the
connection to the external IP it might work.
IP: 12.207.4.70
|
----------- -----------
| | | |
| DMZ | 10.0.0.1| Gateway/ |
| |< --------------- >| Router |
| ircd |10.0.0.2 | |
| | | |
----------- -----------
|192.168.1.1
|
|192.168.1.177
-----------
| |
| Work- |
| Station |
| |
-----------
iptables -t nat -A POSTROUTING -s 192.168.1.1/24 -d 10.0.0.2 -j SNAT --to-source
12.207.4.70
-Bob
