Hello,

I have a WRTSL54GS running WhiteRussian 0.9 as my router.
I am able to send DCC file transfers over IRC without any issues.
However, I am unable to receive DCC transfers from others.

My router is performing NAT for my internal network.

I have loaded the following modules in an attempt to fix the problem:
root@wrtsl54gs:~# lsmod | grep ipt
ipt_REDIRECT             640   0 (unused)
ipt_MIRROR              1296   0 (unused)
ipt_conntrack           1104   0 (unused)
ipt_connbytes            624   0 (unused)
ipt_connmark             352   0 (unused)
ipt_helper               560   0 (unused)
ipt_CONNMARK             816   0 (unused)

I have tried to force the DCC port my IRC client uses to 7666, and specifically forwarded it through my router to my internal system.

I have also tried configuring my IRC client to use my external "real" IP address with no success.

I have the following IPTables rules in my firewall:
iptables -P INPUT DROP                         
iptables -A INPUT -m state --state INVALID -j DROP
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --tcp-flags SYN SYN --tcp-option \! 2 -j  DROP

iptables -P FORWARD DROP                                                     
iptables -A FORWARD -m state --state INVALID -j DROP                         
iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pm
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT           

In addition to the standard masquerade entries, and some user-defined port forwardings.

Hopefully, someone can point out something obvious that I've missed, and I'll gladly feel like a fool for missing it as long as I can get this fixed.  I spend quite a bit of time on IRC, and the inability to receive DCC files is quite annoying.

If there is any further information you might need to help troubleshoot my problem, I'll gladly provide it.

Thanks in advance.

Find and insert ip_conntrack_irc and ip_nat_irc modules. Also make sure, your client reports local (192.168.x.x - Lookup method normal in mirc IIRC, haven't used it in a while) ip address, because only then will the iptables modules correctly overwrite it. DCC uses random ports, so iptables modules are required to make it work.

ahh, therein lies the problem.  :-)

I have searched through ipkg.be, google, and through the forums.  I was unable to find any packages that carry those modules.
I don't suppose you would happen to know where they could be found?
I'd even be willing to just run an IRC proxy on my WRT if I had to, but prefer to use the conntrack method if possible.

Thanks for the assist...

kmod-ipt-nat-default has them all

My thanks.  This solved my problem.

I found this ipkg via ipkg.be.  I suppose I didn't consider it because I'd already installed the package called "kmod-ipt-nat" and thought both were the same.  (See what I get for thinking?)

After installing, all I had to do was set my IRC client back to where it used my router's IP address for DCC transfers, and two-way DCC transfers started working.

I really appreciate your assistance here.

This package is also in openwrt repository. It's always best to use the package for your version.

Yes, the version I found on ipkg.be came from the openwrt repository.

There is one small issue, though.  I can't load the ip_nat_irc or the ip_nat_ftp modules.  Any time I try to manually load them, I get this error on the console:

Using /lib/modules/2.4.30/ip_nat_irc.o
insmod: init_module: ip_nat_irc: Device or resource busy
Using /lib/modules/2.4.30/ip_nat_ftp.o
insmod: init_module: ip_nat_ftp: Device or resource busy

In my logs, I see this:

ip_nat_irc: error registering helper for port 6667
ip_nat_ftp: error registering helper for port 21

However, ip_nat_tftp loads without issue.

I've worked around the IRC issue because the ip_conntrack_irc module loaded.  All I had to do was set up my IRC client to use my router IP.  But I'm still curious to find out why the other two won't load.