man.bsd.lv manual page server

DESCRIPTION

identd operates by looking up specific TCP/IP connections and returning information which may or may not be associated with the process owning the connection.

The following options are available:

-4

Bind to IPv4 addresses only (valid with flag -b).

-6

Bind to IPv6 addresses only (valid with flag -b).

-a address

Bind to the specified address. This may be an IPv4 or IPv6 address or even a hostname. If a hostname is specified then identd will resolve it to an address (or addresses) and will bind this address (valid with flag -b).

-b

Run in the background (as daemon).

-c charset

Specify an optional character set designator to be included in replies. charset should be a valid charset set as described in the MIME RFC in upper case characters.

-e

Return “UNKNOWN-ERROR” instead of the usual “NO-USER” or “INVALID-PORT” error replies.

-F format

Specify the format to display info. The allowed format specifiers are:

%u	print user name
%U	print user number
%g	print (primary) group name
%G	print (primary) group number
%l	print list of all groups by name
%L	print list of all groups by number

The lists of groups (%l, %L) are comma-separated, and start with the primary group which is not repeated. Any other characters (preceded by %, and those not preceded by it) are printed literally.

-f username

Specify a fall back username. If the lookup fails then this username will be returned. This can be useful for when running this service on a NAT host and not using the forward/proxy functionality.

-g gid

Specify the group id number or name which the server should switch to after binding itself to the TCP/IP port.

-I

Same as -i but without the restriction that the username in .ident must not match an existing user.

-i

If the .ident file exists in the home directory of the identified user, return the username found in that file instead of the real username. If the username found in .ident is that of an existing user, then the real username will be returned.

-L username

Specify a “lie” username. identd will return this name for all valid ident requests.

-l

Use syslogd(8) for logging purposes.

-m filter

Enables forwarding of ident queries. The filter argument specifies which packet filter should be used to lookup the connections, currently ‘ipfilter’, ‘npf’, and ‘pf’ are supported packet filters. Note that identd changes the ident queries to use the local port on the NAT host instead of the local port on the forwarding host. This is needed because otherwise we can't do a lookup on the proxy host. On the proxy host, “proxy mode” should be enabled with the -P flag or “lying mode” with the -L flag.

-N

Enable .noident files. If this file exists in the home directory of the identified user then return “HIDDEN-USER” instead of the normal USERID response.

-n

Return numeric user IDs instead of usernames.

-o osname

Return osname instead of the default “UNIX”.

-P address

Specify a proxy server which will be used to receive proxied ident queries from. See also the -m flag how this operates.

-p portno

Specify an alternative port number under which the server should run. The default is port 113 (valid with flag -b).

-r

Return a random name of alphanumeric characters. If the -n flag is also enabled then a random number will be returned.

-t seconds

Specify a timeout for the service. The default timeout is 30 seconds.

-u uid

Specify the user id number or name to which the server should switch after binding itself to the TCP/IP port.