Re: irc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Okay, here's the revised copy of my situation, with ip addresses:

Client machine (192.168.1.162) ->  (192.168.1.7)  squid-proxy 
(208.224.3.156)  ->  DMZ  (208.224.3.153) ->  (irc.blessed.net)  IRC Server.

I don't know what "IT" is.  That is what I need to find out (packet 
sniffer?).  I'm assuming it's the irc server.

I know how to set nat up in this situation.  I know it's what I need, but 
am not sure how to do it.





Antony Stone <Antony@xxxxxxxxxxxxxxxxxxxx>
Sent by: netfilter-admin@xxxxxxxxxxxxxxxxxxx
11/17/2003 01:11 PM

 
        To:     netfilter@xxxxxxxxxxxxxxxxxxx
        cc: 
        Subject:        Re: irc


On Monday 17 November 2003 5:43 pm, trainier@xxxxxxxxxx wrote:

> I'll attempt to clear things up a bit.
>
> An irc proxy, is a machine that accepts a connection, then forwards you 
on
> to the proxy server.  An irc bounce, is very similiar in nature.

Ah, so there is a difference between an IRC proxy and an IRC server?   (I 
didn't know - I'm not familiar enough with the IRC protocol).

> What I'm looking for, is not an irc proxy.  I'm already connecting to an
> irc proxy.  The problem is, when I changed my default gateway to point 
at
> my http-proxy, I can no longer make connections out to my irc server.

That sort of makes sense.   Does your http proxy know how to forward 
non-http 
traffic (so the traffic can get to the IRC proxy, for example), and is it 
correctly forwarding such traffic?

> (It comes back with a "connection refused").

I'm puzzled about what "it" is in this sentence.   Which machine sends 
back a 
packet to your IRC client indicating that there's a problem?

> I thought I would have to use NAT in this case, just like I have to use 
NAT
> to allow http and ftp requests, through the squid proxy server.

Whether or not you need to use NAT depends on where your public & private 
IP 
addresses meet.   If the squid proxy is also your router joining the 
public 
to the private network, then yes, you will need NAT rules in order to get 
any 
non-http traffic through it.   If the 'other side' of your squid proxy is 
still privately addressed within your own network, and your public IP 
address 
router is somewhere beyond it, then you don't need to do NAT on the squid 
proxy, just normal routing table entries (and the machines on the other 
side 
need to know that this is a gateway back to the addresses on the inside of 
it 
of course).

> Here's how I'm set up:
>
> Client machine ->   squid-proxy   ->  DMZ  ->  IRC Server.

If you can add some IP addresses / network ranges to that diagram, and 
maybe 
include your Internet router in there as well, it would be helpful

Please note that I have chosen the sig below specifically for this email 
:)

Regards,

Antony.

-- 

90% of network problems are routing problems.
9 of the remaining 10% are routing problems in the other direction.
The remaining 1% might be something else, but check the routing anyway.

                                                     Please reply to the 
list;
                                                           please don't CC 
me.







[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux