If NAT support is enabled with the --masquerade option, oidentd reads the /etc/oidentd_masq.conf file to determine ident responses to queries intended for other machines. It is also possible to forward queries to ident servers on the hosts connecting through the machine oidentd runs on. For more information on forwarding, please see the --forward option in oidentd(8).
The NAT configuration file contains one rule per line. Lines are read from top to bottom, and only the first matching rule is used. Lines starting with a number sign ("#") are ignored.
Rules must have the following form:
host[/mask] response system-type
The host field specifies the hostname or IP address of the host that owns the connection for which an ident query was received. This host must be connecting through the machine oidentd runs on. The host may be specified as either an IP address or a hostname.
If a network mask is specified using the mask field, the rule applies to all hosts in the given subnetwork. Network masks may be specified in dot notation (e.g., "255.255.192.0") or in CIDR notation (e.g., "18").
The response field specifies the response to be sent when receiving a query for the specified host or subnetwork.
The system-type field specifies the operating system to send alongside the ident response. See the --other option in oidentd(8) for more information.
# host[/mask] response system-type 10.0.0.1 user1 UNIX server.internal user2 UNIX-BSD 10.0.0.0/24 user3 UNIX 10.0.0.0/255.255.0.0 user4 UNKNOWN
Note that the order of the rules is significant in this example. Due to lines being read from top to bottom, more specific rules must precede more general ones. For example, the rule for "10.0.0.1" would not match any connections if it were preceded by the more general "10.0.0.0/24".
Originally written by Ryan McCabe.
Please report any bugs to Janik Rabe.