[BUG??] irc module fails

Thu Oct 6 15:43:37 CEST 2005

On Wednesday 05 October 2005 19:32, Patrizio Bassi wrote:
> if i ask dcc chat to an user it doesn't work.
> if i try to send a file, neither (no nat/router problem)
>
> if i try to receive a file it works.
> i've sniffed a dcc chat session with ethereal..

Yes, that's because of the nature of the DCC protocol. If you want to send a 
file, it will open a port locally and the remote host will connect to it. In 
theory - with NAT this is a different story. Of course, if you want to 
receive a file, the remote host opens the port and you connect to it. That 
will work through NAT.

> packet arrives but is discarded...
> why? no tracking? seems so strange..

Yes, from ip_conntrack_irc.c:

 *      Module load syntax:
 *      insmod ip_conntrack_irc.o ports=port1,port2,...port<MAX_PORTS>
 *                          max_dcc_channels=n dcc_timeout=secs
 *
 *      please give the ports of all IRC servers You wish to connect to.
 *      If You don't specify ports, the default will be port 6667.
 *      With max_dcc_channels you can define the maximum number of not
 *      yet answered DCC channels per IRC session (default 8).
 *      With dcc_timeout you can specify how long the system waits for
 *      an expected DCC channel (default 300 seconds).

The kernel must "spy" in irc connections and look out for DCC commands.
If you use IPv6, SSL or a different port than standard 6667, it won't work.

-- 
Thilo Schulz
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter/attachments/20051006/a76ec6c0/attachment.pgp