Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Ident perhaps' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Ident perhaps
Authored by: EddEdmondson on Apr 03, '03 10:15:30AM
This sounds like the kind of thing that can happen when a server can't make an ident connection - try opening port 113 on your firewall? PracticallyNetworked.com has a little more info. Try it, and let us know if it works. It'd be much better to only open up that port than to discard your firewall altogether!

[ Reply to This | # ]
Ident perhaps
Authored by: percy on Apr 03, '03 10:26:38AM

*sigh* And I wondered why my IRC connections took so long to set up. Port 113 was closed.



[ Reply to This | # ]
Ident perhaps
Authored by: escowles on Apr 03, '03 12:03:04PM
Thank you! And the hint submitter!

This has been driving me nuts for months. I even setup my own SMTP server on my firewall/NAT machine, with no luck. I added port 113 to my allowed ports in the firewall preferences, and now my emails go in a flash even using my ISP's servers.

-Esme

[ Reply to This | # ]

Mail server, client firewall tips
Authored by: thrig on Apr 03, '03 12:40:03PM

If you run mail services, you can disable or lower ident lookup timeouts; older versions of mail servers set a 30 second timeout, while more recent ones set much lower values.

$ grep Timeout.ident /etc/mail/sendmail.cf
#O Timeout.ident=5s

The above sets a default five second ident lookup timeout in sendmail; a custom value would not be commented out. To set a custom value, use something like the following in your sendmail.mc, then rebuild sendmail.cf.

define(`confTO_IDENT', `1s')

For more information on sendmail, see my sendmail configurations and documentation.

On the client side of things, one can effect an immediate timeout while still firewalling the ident port by sending back a "that port is closed" response from the firewall.

/sbin/ipfw add reset tcp from any to any 113 in

For more firewall rule examples, see how I run ipfw on my Mac.



[ Reply to This | # ]
Sorry, broken link
Authored by: EddEdmondson on Apr 04, '03 05:17:57AM

Seems I put .html instead of .htm. Should really make more use of cut and paste ;-)



[ Reply to This | # ]