Re: DCC Send in conjunction with Iptables

[Ian <freebsd@damnhippie.dyndns.org>]

> 
>> I'm using X-Chat version 1.8.7 and I cannot send files through my router
>> (using iptables).  Sending of files works fine with BitchX so I'm
>> figuring that the problem lies in X-Chat.
>> 
>> I see the following in my /var/log/syslog:
>> 
>> Forged DCC command from 192.168.0.3: 208.10.42.134:31028
> 
> 192.168.0.3 is - if I am not mistaken - a private IP address, i.e. the
> one you have on your LAN, and you can not connect to a privat LAN
> address from the internet.
> 
> You have to instruct XChat to ask the IRC server for your "internet"
> IP number, once you have logged in, and use that address for DCC. You
> find this switch under "settings - settings - IRC - IP address" (or
> whatever the english menu names are... 4th menu).
> 
> Mike

Actually I suspect exactly the opposite is the case: xchat has formulated a
DCC with the real public IP and the NAT functionality in the router is
complaining that it can't properly change the outgoing DCC request for IP
masquerading because of that.  (I'm a freebsd user so I'm not all that
familiar with the iptables stuff.  But I've done some work on the DCC
munging part of freebsd's natd.)

You need to configure xchat (I don't know how, I don't use it for DCC at
all) to use the local LAN IP in the DCC requests so that the NAT router can
properly transform the request as it goes out.  Another possibility is to
configure the router to ignore DCC requests completely, then do a totally
manual configuration to static-map a range of ports to the machine running
xchat, then tell xchat to use only that port range for DCC (again I don't
know how to tell xchat to do that).

-- Ian

--
XChat-discuss: mailing list for XChat users
Archive:       http://mail.nl.linux.org/xchat-discuss/