Dear List,

A company using NetBSD on their servers installed a new firewall.  This
firewall blocks all identd queries (it just eats the packets).  Now, when
someone tries to telnet/ftp/smtp into a NetBSD box through the firewall,
NetBSD sends out an identd query, gets no response, sends out another
packet in 5 seconds, gets no response, and proceeds to login after a 10
second (total) delay.

What should the firewall do?  Is it ok to just drop the packets or should
some ICMP packet (or something) be returned?  I was told that the firewall
can not be configured to do this.

Is it possible to disable the identd query in ftpd, telnetd, sendmail, and
whatever daemons use it?

Thanks,

  -jm