.\" oidentd.8 - oidentd ident (RFC 1413) implementation.
.\" Copyright (c) 2001-2006 Ryan McCabe <ryan@numb.org>
.\" Copyright (c) 2018      Janik Rabe  <oidentd@janikrabe.com>
.\"
.\" Permission is granted to copy, distribute and/or modify this document
.\" under the terms of the GNU Free Documentation License, Version 1.1
.\" or any later version published by the Free Software Foundation;
.\" with the Invariant Sections being no invariant sections, with the
.\" Front-Cover Texts being no front-cover texts, and with the Back-Cover
.\" Texts being no back-cover texts. A copy of the license is included with
.\" this package in the file "COPYING.DOC."
.TH oidentd_masq.conf 5 "2019-01-10" "version 2.3.2"

.SH NAME
oidentd_masq.conf - oidentd IP masquerading (NAT) configuration file.

.SH DESCRIPTION
If you are using IP masquerading or NAT, \fBoidentd\fP can optionally return a
username for connections from other machines. Support for this is enabled by
calling \fBoidentd\fP with the \fB\-m\fP (or \fB\-\-masquerade\fP) flag and by
creating an \fB/etc/oidentd_masq.conf\fP file. This file is read from top to
bottom, and \fBoidentd\fP stops at the first matching entry it encounters.
.PP
\fBoidentd\fP can also forward requests for an IP masqueraded connection to
the machine from which the connection originates by way of the \fB\-f\fP (or
\fB\-\-forward\fP) option. This will only work if the host to which the
connection is forwarded is running \fBoidentd\fP with the \fB\-P\fP
(\fB\-\-proxy\fP) flag, or if the host's ident daemon returns a valid reply
regardless of the input supplied by and the address of the host sending the
request.
.PP
When forwarding is enabled with the \fB\-f\fP option, \fBoidentd\fP forwards
ident queries before reading the IP masquerading configuration file. If this
is not desired, the \fB\-M\fP (or \fB\-\-masquerade\-first\fP) option can be
used.

.SH FORMAT
<IP Address|Hostname>[/<Mask>] <Ident Response> <System Type>
.PP
The first field contains the IP address or the hostname of a machine that IP
masquerades through the machine on which \fBoidentd\fP runs. The mask
parameter can be either a network mask or a mask in CIDR notation. A mask of
24 is equivalent to 255.255.255.0, a mask of 16 is equivalent to 255.255.0.0,
etc.
.PP
The second field specifies the reply that \fBoidentd\fP will return for lookups
to the host matching the IP address specified in the first parameter.
.PP
The third field specifies the operating system the machine matching the first
parameter is running.

.SH EXAMPLES
.sp 1n
.PD 0
.TP 16
.B "<Host>[/<Mask>]             <Ident Response>      <System Type>"
.TP
192.168.1.1                   someone               UNIX
.TP
192.168.1.2                   noone                 WINDOWS
.TP
192.168.1.1/32                user1                 UNIX
.TP
192.168.1.0/24                user2                 UNIX
.TP
192.168.0.0/16                user3                 UNIX
.TP
somehost                      user4                 UNIX
.TP
192.168.1.0/255.255.255.0     user5                 UNIX
.PD
.LP

.SH AUTHOR
Janik Rabe <oidentd@janikrabe.com>
.br
https://oidentd.janikrabe.com
.PP
Originally written by Ryan McCabe <ryan@numb.org>.

.SH SEE ALSO
.BR oidentd (8)
.BR oidentd.conf (5)