On Tue, 14 Nov 2000 12:36:32 +0100 (CET), you wrote:
I want my (firewalled)-gw responds to an ident (113 port) request with a RST packet, thus simulating the service is closed. I'm using Ipchains with kernel 2.2.17. Is there any way of doing that? I think if you leave the port open and don't run identd you will have the desired behaviour ...
Right. But I cannot do that, identd is running and I don't want to close it. The idea is that some hosts/networks can see the service (opened) and some others not (through packet filtering). BTW, a total different matter. How is produced the Syslog (514/udp) handshaking in a centralized environment? I set up a machine with syslog in listening mode (-r) and configured the other machines to forward logs the the former machine. I though only the first (listening) machine would open the service port (514/udp), but I got surprised when I saw the other machines also had the same port open!!! (these last ones run syslog in normal mode, not listening). I've observed these machines open and begin listening their syslog port inmediately when I add the following line in /etc/syslog.conf and re-start syslog: *.* @logger-machine Why does it happen? I thought logs were sent to the logger machine in an unidirectional fashion so only 514 port *in logger machine* was opened.... PS: Automatic "away" responses should NOT be allowed in mailing-lists (use filters like procmail, dudez). They're annoying. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ** RoMaN SoFt / LLFB ** roman@madrid.com http://pagina.de/romansoft ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~