
#-----------------------------------------------------------------------
# CHANGES
#-----------------------------------------------------------------------
#
# 2000-10-31  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Added ignore and deny actions for v5.0.1.
# 2000-10-14  Jean-Sebastien Morisset <jsmoriss@jsm-mv.dyndns.org>
#             Initial module written for v5.0.
#
#-----------------------------------------------------------------------
# MODULE CONFIGURATION
#-----------------------------------------------------------------------
#
#m# 123
#a# accept ignore deny
#i# cluster
#n# auth
#t# clients
#
#   |--------------------------------------------------------------------|
#d# The identd daemon, used by IRC and several other services, gives out 
#d# login names. Several people believe this service gives out too much 
#d# information. If you decide to open-up this service, you should use an
#d# application like xinetd, tcp wrappers, etc. to log connections.
#   |--------------------------------------------------------------------|
#
#-----------------------------------------------------------------------
# START OF MODULE CODE
#-----------------------------------------------------------------------

module_name="auth"
module_type="clients"
service_name="Auth/Identd"
service_port="113"

for action in ignore deny accept
do
	case $action in
		accept|ignore)
				action_log_msg="$LOG_MSG"; action_log="$LOG";;
		deny)	action_log_msg="(logged)"; action_log="-l"  ;;
	esac
	for host in `Option_Value $action $INTOPT $module_name $module_type`
	do
		case $action in
			ignore|deny)
				echo "Deny $INTOPT $IPADDR $service_name <- $host $action_log_msg"
				ipchains -A $INCHAIN -j DENY -p tcp -s $host -d $IPADDR $service_port $action_log
				;;
			accept)
				Accept_Hostports local tcp "$service_name" $host $service_port
				;;
		esac
	done
done

unset module_name service_name service_port
unset action action_log_msg action_log host

