Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Bill Talcott on July 09, 2002, 07:03:54 PM

Title: Ident Masquerade Howto
Post by: Bill Talcott on July 09, 2002, 07:03:54 PM

I happened to see http://forums.contribs.org/index.php?topic=19931.msg78391#msg78391 and for some reason decided to figure out what made it work. By customizing one template, you can have it rebuild the actual file that controls ident masq.

/etc/identd.masq is a listing of IP addresses, along with user# and UNIX:
# pico /etc/identd.masq

10.0.0.1   user1      UNIX
10.0.0.2   user2      UNIX
...

According to the Wishlist thread, you can enable ident masqing by changing the user# entries to *, and UNIX to RELAY.

Make the custom template directory.
# mkdir -p /etc/e-smith/templates-custom/etc/identd.masq

Copy the original template to the custom location.
# cp /etc/e-smith/templates/etc/identd.masq/50localaddresses /etc/e-smith/templates-custom/etc/identd.masq/50localaddresses

Edit the custom template.
# pico /etc/e-smith/templates-custom/etc/identd.masq/50localaddresses

Near the end you will see a line like this:

$OUT .= "$ip\tuser$i\t\tUNIX\n";

You want to change 'user$i' and 'UNIX' to '*' and 'RELAY'. You will end up with a line like this:

$OUT .= "$ip\t*\t\tRELAY\n";

Exit Pico with Ctrl-X, saving your changes.

Expand the template.
# /sbin/e-smith/expand-template /etc/identd.masq

Open the identd.masq file and verify the changes.
# pico /etc/identd.masq

You should see something like this now:
10.0.0.1   *      RELAY
10.0.0.2   *      RELAY
...


Hope this helps some of you out...

Title: Re: Ident Masquerade Howto
Post by: Eric Belhomme on July 22, 2002, 07:56:05 PM

I applied this to solve my long smtp connect delay, and i got as result the delay taken from mail got get away is reduced from 60s to 10s so it's better, but still not perfect :-\

Moreover, look this tcpump session, taken when I send a mail :
[root@vega root]# tcpdump 'port 25 or 113'
tcpdump: listening on eth0
16:52:14.575112 168.1.103.8.2007 > vega.almas.fr.smtp: S 3023267415:3023267415(0) win 16384 (DF)
16:52:14.575163 vega.almas.fr.smtp > 168.1.103.8.2007: S 1725266608:1725266608(0) ack 3023267416 win 30660 (DF)
16:52:14.575412 168.1.103.8.2007 > vega.almas.fr.smtp: . ack 1 win 17520 (DF)
16:52:26.304538 vega.almas.fr.smtp > 168.1.103.8.2007: P 1:36(35) ack 1 win 32120 (DF)
16:52:26.305841 168.1.103.8.2007 > vega.almas.fr.smtp: P 1:12(11) ack 36 win 17485 (DF)
16:52:26.305893 vega.almas.fr.smtp > 168.1.103.8.2007: . ack 12 win 32109 (DF)

I don't see any auth connection, nethertheless the mod i done on /etc/ident.masq do something (but what ?)

Maybe someone could explain me ?

Eric Belhomme

Title: Re: Ident Masquerade Howto
Post by: Arjay on July 26, 2003, 07:11:38 PM

will still work with SME5.6 ??? coz SME5.6 is already using oidentd. and when i tried to:
pico /etc/identd.masq  


there is nothing there.