From owner-freebsd-isp@FreeBSD.ORG Sun Apr 25 03:42:30 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E44CE16A4CE for ; Sun, 25 Apr 2004 03:42:30 -0700 (PDT) Received: from qmail-scanner.wlink.com.np (qmail-scanner.wlink.com.np [202.79.32.74]) by mx1.FreeBSD.org (Postfix) with SMTP id DA78E43D3F for ; Sun, 25 Apr 2004 03:42:25 -0700 (PDT) (envelope-from bikrant_ml@wlink.com.np) Received: (qmail 58822 invoked by uid 1008); 25 Apr 2004 10:42:15 -0000 Received: from bikrant_ml@wlink.com.np by qmail-scanner.wlink.com.np by uid 1002 with qmail-scanner-1.20 (clamscan: 0.60. Clear:RC:1(202.79.32.78):. Processed in 1.792328 secs); 25 Apr 2004 10:42:14 -0000 Received: from smtp3.wlink.com.np (202.79.32.78) by qmail-scanner.wlink.com.np with SMTP; 25 Apr 2004 10:42:10 -0000 Received: (qmail 18336 invoked by uid 514); 25 Apr 2004 10:40:38 -0000 Received: from [202.79.36.168] (HELO bikrant.org.np) by smtp3.wlink.com.np (qmail-smtpd) with SMTP; 25 Apr 2004 10:40:38 -0000 (Sun, 25 Apr 2004 16:25:38 +0545) From: Bikrant To: "JJB" Date: Sun, 25 Apr 2004 16:25:28 +0545 User-Agent: KMail/1.5 References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200404251625.28816.bikrant_ml@wlink.com.np> X-Spam-Check-By: smtp3.wlink.com.np Spam: No ; 0.0 / 5.0 X-Spam-Status: No, hits=0.0 required=5.0 cc: freebsd-isp@freebsd.org Subject: Re: What is PPPoed? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2004 10:42:31 -0000 On Friday 23 April 2004 19:38, JJB wrote: > Gleb > > I see from the mailing list that you are currently helping Bikrant > with his 'pppoed crashed' problem. In 5 years on this list I have > not seen pppoed ever mentioned and was even unaware of it's > existents. > > I all ready did my homework reading the man pppoed and googleing. > > The 'man pppoed' documentation is very cryptic and gives absolutely > no insight as to the conditions under which a person would need to > use it, as well as no instructions on how to enable it. Not until I > read Bikrant's post containing his rc.conf statements did I realize > that pppoed was something different that 'user pppoe'. From my > search for documentation I am surprised at the fact that Bikrant > even found out about the rc.conf statement needed it enable it. > > I already know that pppoed is different than 'user pppoe'. > I know under what conditions someone would use 'user pppoe'. > > Would you or Bikrant please post any reference web sites or links to > documentation on pppoed that you have used to learn about using and > configuring pppoed as I would like to learn more about this pppoed > function? Hi joe, pppoe is Point to point protocol over ethernet. You can use the service to authenticate Lan/wireless/adsl users before they start using internet. I'm using the service to authenticate and shape bandwith (by running script when the ppp interface comes up) of my wireless users. I hope you got the idea. http://w3.itoh.net/pppoe3.html with regards, Bikrant > > Could you or Bikrant please explain what need or purpose pppoed is > being used to satisfy? > > Thanks > Joe From owner-freebsd-isp@FreeBSD.ORG Sun Apr 25 08:51:55 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C75DA16A4CE for ; Sun, 25 Apr 2004 08:51:55 -0700 (PDT) Received: from hotmail.com (bay8-f64.bay8.hotmail.com [64.4.27.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id ACE7C43D46 for ; Sun, 25 Apr 2004 08:51:55 -0700 (PDT) (envelope-from unixtools@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 25 Apr 2004 08:51:55 -0700 Received: from 202.63.171.45 by by8fd.bay8.hotmail.msn.com with HTTP; Sun, 25 Apr 2004 15:51:55 GMT X-Originating-IP: [202.63.171.45] X-Originating-Email: [unixtools@hotmail.com] X-Sender: unixtools@hotmail.com From: "Sunil Sunder Raj" To: freebsd-isp@freebsd.org Date: Sun, 25 Apr 2004 21:21:55 +0530 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 25 Apr 2004 15:51:55.0626 (UTC) FILETIME=[3C0424A0:01C42ADD] Subject: sbfs 4gb file limit X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Apr 2004 15:51:55 -0000 Hi, I was using smbfs on one of our Unix servers to mount a 800 GB raid of a win2k server with NTFS partition. Mounting seems to be great, but when I try to copy a 18GB file from the unix server to the windows server, strangely after 4GB it gives time out. Is there any fix for this. The command I am using ----------------------------------- # mount_smbfs //BACKUP_SHARE_USER@terabyte1/home5 /home5 terabyte1 is my win2k server with netbios enabled. Uname output on my unix server --------------------------------------------- FreeBSD backupbrain 4.6-RELEASE FreeBSD 4.6-RELEASE #0: Tue Jun 11 06:14:12 GMT 2002 murray@builder.freebsdmall.com:/usr/src/sys/compile/GENERIC i386 I any patch available to fix this problem. Regards SSR _________________________________________________________________ Contact brides & grooms FREE! http://www.shaadi.com/ptnr.php?ptnr=hmltag Only on www.shaadi.com. Register now! From owner-freebsd-isp@FreeBSD.ORG Sun Apr 25 21:30:11 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1046816A4CE for ; Sun, 25 Apr 2004 21:30:11 -0700 (PDT) Received: from sngrel5.hp.com (sngrel5.hp.com [192.6.86.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id C6D4D43D5C for ; Sun, 25 Apr 2004 21:30:10 -0700 (PDT) (envelope-from "") Received: from xsgbrg4.sgp.hp.com (xsgbrg4.sgp.hp.com [15.85.49.114]) by sngrel5.hp.com (Postfix) with ESMTP id 3EB72396 for ; Mon, 26 Apr 2004 12:30:09 +0800 (SGP) Received: by xsgbrg4.sgp.hp.com with Internet Mail Service (5.5.2657.72) id ; Mon, 26 Apr 2004 12:30:09 +0800 Message-ID: <8374254389F2B149A7DB74DE15AD2A4D0120AB1B@xin07.india.hp.com> From: "RAJ,PARIKSHITH (HP-India,ex3)" To: freebsd-isp@freebsd.org Date: Mon, 26 Apr 2004 12:30:08 +0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2657.72) Content-Type: text/plain; charset="windows-1252" Subject: Out of Office AutoReply: Hi X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2004 04:30:11 -0000 Hi, Thanks for your message. I am currently out of office and I will not have access to my mail box. I'll reply to your mail when I get back. Incase of emergency,kindly contact Srilakshmi Sirasanagandla.Telnet:25046584. Thank You. Regards, Parikshith Raj From owner-freebsd-isp@FreeBSD.ORG Mon Apr 26 03:49:44 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9480616A4CE for ; Mon, 26 Apr 2004 03:49:44 -0700 (PDT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id E254C43D6A for ; Mon, 26 Apr 2004 03:49:42 -0700 (PDT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.32 #0 (FreeBSD 4.9)) id 1BI3g9-000GxD-H2 by authid for ; Mon, 26 Apr 2004 13:49:37 +0300 Date: Mon, 26 Apr 2004 13:49:37 +0300 From: Odhiambo Washington To: freebsd-isp@freebsd.org Message-ID: <20040426104937.GA58605@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.5.1i (2003-11-05) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.5.1i Subject: pw and file locking X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Apr 2004 10:49:44 -0000 Hi, I am using pw to process users on my box from a small script. What happens is that one script on a different machines executes the script (below) on another machine with the required variables. NB: It is quite possible that the script on the remote box can be executed by two processes simultaneously, so my concern here would be about locking. Variously I have ended up with a corrupted master.passwd file and I had to restore from backup (Thanks to FreeBSD periodic-daily scripts). Here is the script, very simplistic, but it works: #!/bin/sh # -- useradd # Script to ADD a mail account # This script essentially requires the following data: # username = $1 # realname = $2 # password = $3 # PW=`which pw` OPERATION='useradd' # Note: I am not quite sure about how to handle the initial password entry.. # So I am doing that on the 2nd step .. # Add the user account $PW $OPERATION $1 -c "$2" -g users -m # Now fix the password echo $1 $2 $3 >> /script/WBS/useradd.log echo "$3" | pw usermod $1 -h 0 My questions: 1. It it possible (or even necessary) to implement locking when this script runs to take care of any race condition that might lead to master.passwd file corruption? If so, clues/suggestions are welcome. 2. I'll need to capture stderr to the logfile. At what juncture is this suitable? Thanks -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Aleph-null bottles of beer on the wall, Aleph-null bottles of beer, You take one down, and pass it around, Aleph-null bottles of beer on the wall. From owner-freebsd-isp@FreeBSD.ORG Tue Apr 27 08:13:52 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4AFEB16A4CE for ; Tue, 27 Apr 2004 08:13:52 -0700 (PDT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 67F7443D48 for ; Tue, 27 Apr 2004 08:13:51 -0700 (PDT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.32 #0 (FreeBSD 4.9)) id 1BIUHM-0008hn-0R by authid for ; Tue, 27 Apr 2004 18:13:48 +0300 Date: Tue, 27 Apr 2004 18:13:47 +0300 From: Odhiambo Washington To: freebsd-isp@freebsd.org Message-ID: <20040427151347.GJ9695@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.5.1i (2003-11-05) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.5.1i Subject: Sending Mass mail to users on a system X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2004 15:13:52 -0000 Hello Admins, Currently we use a small Perl script that sends an e-mail to all users on our system. Yes, a Perl script, not a list of users. The script injects the e-mail into the queue. I have a challenge here, since the script wasn't written by me. Does anyone have a script that have a feature for being able to mass mail users while including attachment(s) from an easier interface? Even one used from CLI. Thanks in advance. -Wash -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ WARNING TO ALL PERSONNEL: Firings will continue until morale improves. From owner-freebsd-isp@FreeBSD.ORG Tue Apr 27 08:34:51 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D26516A4CE for ; Tue, 27 Apr 2004 08:34:51 -0700 (PDT) Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by mx1.FreeBSD.org (Postfix) with SMTP id 906EE43D31 for ; Tue, 27 Apr 2004 08:34:50 -0700 (PDT) (envelope-from simon@optinet.com) Received: (qmail 68171 invoked by uid 110); 27 Apr 2004 15:34:49 -0000 Received: from ool-18baaf5c.dyn.optonline.net (HELO win2kpc1) (24.186.175.92) by cobra.acceleratedweb.net with SMTP; 27 Apr 2004 15:34:49 -0000 From: "Simon" To: "freebsd-isp@freebsd.org" , "Odhiambo Washington" Date: Tue, 27 Apr 2004 11:35:48 -0400 Priority: Normal X-Mailer: PMMail 2000 Professional (2.20.2661) For Windows 2000 (5.0.2195;4) In-Reply-To: <20040427151347.GJ9695@ns2.wananchi.com> MIME-Version: 1.0 Message-Id: <20040427153450.906EE43D31@mx1.FreeBSD.org> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: Sending Mass mail to users on a system X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2004 15:34:51 -0000 Try http://scriptsearch.com and http://cgi-resources.com How exactly is this related to FreeBSD? other than the fact that you want to run it on FreeBSD? scripts like this have nothing special that would make them compatible with FreeBSD. They will pretty much work on any Unix server given the requirements, such as MTA, are met. -Simon On Tue, 27 Apr 2004 18:13:47 +0300, Odhiambo Washington wrote: >Hello Admins, > >Currently we use a small Perl script that sends an e-mail to all users >on our system. Yes, a Perl script, not a list of users. The script >injects the e-mail into the queue. I have a challenge here, since the >script wasn't written by me. > >Does anyone have a script that have a feature for being able to mass >mail users while including attachment(s) from an easier interface? >Even one used from CLI. > >Thanks in advance. > >-Wash > >-- >+======================================================================+ > |\ _,,,---,,_ | Odhiambo Washington >Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com > |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 > '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 >+======================================================================+ > WARNING TO ALL PERSONNEL: > >Firings will continue until morale improves. >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 00:41:26 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 503CC16A4CE for ; Wed, 28 Apr 2004 00:41:26 -0700 (PDT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id DEB0743D5A for ; Wed, 28 Apr 2004 00:41:24 -0700 (PDT) (envelope-from wash@wananchi.it) Received: from wash by ns2.wananchi.com with local (Exim 4.32 #0 (FreeBSD 4.9)) id 1BIjh1-0003zK-Mm by authid ; Wed, 28 Apr 2004 10:41:19 +0300 Date: Wed, 28 Apr 2004 10:41:19 +0300 From: Odhiambo Washington To: Simon Message-ID: <20040428074119.GJ8504@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Simon , FBSD-ISP Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.5.1i (2003-11-05) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.5.1i cc: FBSD-ISP Subject: Re: Sending Mass mail to users on a system X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 07:41:26 -0000 * Simon [20040427 20:21]: wrote: > > Try http://scriptsearch.com and http://cgi-resources.com > > How exactly is this related to FreeBSD? other than the fact that you want to > run it on FreeBSD? scripts like this have nothing special that would make > them compatible with FreeBSD. They will pretty much work on any Unix server > given the requirements, such as MTA, are met. You are actually correct in your observation. But I am also right in asking a question in a forum that is frequented by systems admins, no? -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Everything you know is wrong! From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 02:04:04 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F3E8816A4CE for ; Wed, 28 Apr 2004 02:04:03 -0700 (PDT) Received: from rzdspc1.informatik.uni-hamburg.de (rzdspc1.informatik.uni-hamburg.de [134.100.9.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8BAF743D46 for ; Wed, 28 Apr 2004 02:04:02 -0700 (PDT) (envelope-from latex-bugs.nospam@latex-project.org) Received: from sun.dante.de (sun.dante.de [134.100.9.52]) i3S93uvg010184 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Wed, 28 Apr 2004 11:03:56 +0200 (CEST) Received: from sun.dante.de (localhost [127.0.0.1]) by sun.dante.de (8.12.10/8.12.9) with ESMTP id i3S93sV5021784 for ; Wed, 28 Apr 2004 11:03:54 +0200 (CEST) Received: (from gnats@localhost) by sun.dante.de (8.12.10/8.12.10/Submit) id i3S93sbr021783; Wed, 28 Apr 2004 11:03:54 +0200 (CEST) Date: Wed, 28 Apr 2004 11:03:54 +0200 (CEST) Message-Id: <200404280903.i3S93sbr021783@sun.dante.de> X-Authentication-Warning: sun.dante.de: gnats set sender to latex-bugs.nospam@latex-project.org using -f To: freebsd-isp@freebsd.org References: <200404280903.i3S93i7S010132@rzdspc1.informatik.uni-hamburg.de> In-Reply-To: <200404280903.i3S93i7S010132@rzdspc1.informatik.uni-hamburg.de> From: latex-bugs.nospam@latex-project.org X-Scanned-By: MIMEDefang 2.28 (www . roaringpenguin . com / mimedefang) Subject: Re: Mail Delivery (failure latex-bugs@latex-project.org) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: latex-bugs@latex-project.org List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 09:04:04 -0000 Thank you for your message to latex-bugs@latex-project.org. Sorry, but the latex-bugs email processor cannot handle MIME attachments. Please resend your problem report with the contents of latexbug.msg as the body of your message. Please do not reply to this message! To prevent SPAM, you cannot reply to the sender address of this message -- From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 02:12:53 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2FBC16A4CE for ; Wed, 28 Apr 2004 02:12:52 -0700 (PDT) Received: from guldan.demon.nl (cust.13.38.adsl.cistron.nl [62.216.13.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id A961A43D2F for ; Wed, 28 Apr 2004 02:12:52 -0700 (PDT) (envelope-from robert@guldan.demon.nl) Received: from bombur.guldan.demon.nl ([192.168.201.3] helo=localhost) by guldan.demon.nl with esmtp (Exim 4.24; FreeBSD) id 1BIl38-0008eR-Ce; Wed, 28 Apr 2004 11:08:14 +0200 Date: Wed, 28 Apr 2004 11:11:18 +0200 From: Robert Blacquiere To: freebsd-isp@freebsd.org Message-ID: <20040428091118.GC66226@bombur.guldan.demon.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Disclaimer: running FreeBSD X-Spam-Score: 0.0 (/) Subject: radius authentication and user ppp X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 09:12:53 -0000 Hi, I'm working on a system giving access with pptp to our network. I'd like to move the users from the /etc/ppp/ppp.sercet and have them in a radius server. I have build a test setup but it fails the authentication using radius. If i debug it seems ppp sends a radius paket without a username and passwd (with pap). The radius server will reject this. Is there something missing? or have i overlooked some thing. With /etc/ppp/ppp.secret it works normaly as expected. I use the ppp option set radius /etc/radius.conf and have there 2 lines in. auth my_radius.server my_big_secret acct my_radius.server my_big_secret Also i did some tcpdumps to see if the radius server is missing the usernames. but when analysing the dump it is a empty username. Robert -- Microsoft: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? OpenBSD: Hey guys you left some holes out there! From owner-freebsd-isp@FreeBSD.ORG Tue Apr 27 08:40:54 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CB38716A4CE; Tue, 27 Apr 2004 08:40:54 -0700 (PDT) Received: from lmfilto02.st1.spray.net (lmfilto02.st1.spray.net [212.78.202.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id D366C43D3F; Tue, 27 Apr 2004 08:40:53 -0700 (PDT) (envelope-from wijayakusuma@lycos.co.uk) Received: from localhost (localhost [127.0.0.1]) by lmfilto02.st1.spray.net (Postfix) with ESMTP id DA405AD663; Tue, 27 Apr 2004 15:40:51 +0000 (GMT) Received: from lmcodec04.st1.spray.net ([212.78.202.209])port 10024) with ESMTP id 30124-05; Tue, 27 Apr 2004 15:40:51 +0000 (GMT) Received: from lmcodec04.st1.spray.net (localhost [127.0.0.1]) by lmcodec04.st1.spray.net (Postfix) with SMTP id 26D5DCF903; Tue, 27 Apr 2004 15:40:51 +0000 (GMT) From: "Teguh Kurniawan " To: freebsd-isp@freebsd.org, freebsd-net@freebsd.org, freebsd-www@freebsd.org Message-ID: <1083080450009450@lycos-europe.com> X-Mailer: LycosMail X-Originating-IP: [202.152.9.132] Mime-Version: 1.0 Date: Tue, 27 Apr 2004 15:40:50 GMT Content-Type: multipart/mixed; boundary="=_NextPart_Lycos_0094501083080450_ID" X-Virus-Scanned: by amavisd-new at spray.net X-Mailman-Approved-At: Wed, 28 Apr 2004 05:11:52 -0700 Subject: Inserting html/frame/banner to requested webpage by proxy/gateway X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Apr 2004 15:40:55 -0000 This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. --=_NextPart_Lycos_0094501083080450_ID Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Hi there, anybody here can told me, how to insert html code to any requested page by proxy/gateway. Thank's. Teguh Lycos Email has 10 MB of FREE storage space. http://mail.lycos.co.uk --=_NextPart_Lycos_0094501083080450_ID-- From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 06:39:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E3A8B16A4D4 for ; Wed, 28 Apr 2004 06:39:10 -0700 (PDT) Received: from smtp.octapharma.se (smtp.octapharma.se [195.198.168.141]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83DAF43D58 for ; Wed, 28 Apr 2004 06:39:09 -0700 (PDT) (envelope-from Mikael.Gunnarsson@octapharma.se) Received: from sestosrv004p.ad.octapharma.se ([195.198.13.61] RDNS failed) by smtp.octapharma.se with Microsoft SMTPSVC(5.0.2195.6713); Wed, 28 Apr 2004 15:42:57 +0200 X-MimeOLE: Produced By Microsoft Exchange V6.0.6487.1 content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 28 Apr 2004 15:39:05 +0200 Message-ID: X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Inserting html/frame/banner to requested webpage by proxy/gateway Thread-Index: AcQtGgrdhOeiztueQnGEk7HMky4U+wACoBdw From: "Gunnarsson, Mikael" To: "Teguh Kurniawan " , X-OriginalArrivalTime: 28 Apr 2004 13:42:57.0937 (UTC) FILETIME=[B73BC010:01C42D26] Subject: RE: Inserting html/frame/banner to requested webpage by proxy/gateway X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 13:39:11 -0000 Please don't crosspost. I don't know of any proxy software that lets= you change the content it passes in such a way.. You'd probably have to = hack something up yourself. I question the point though. If it's outgo= ing content you want to modify, it would probably be easier to let the we= b server itself add a header/footer or whatever it is you want to add. = If it's incoming web pages you want to modify, I question the ethic of it= . Would YOU like to use a web proxy that adds banners to every page you v= isit? Also, it would probably screw up the rendering of most non-simpl= e pages, so there's technical issues as well.. > -----Original Mes= sage----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd= -isp@freebsd.org]On Behalf Of Teguh Kurniawan > Sent: den 27 april 2004= 17:41 > To: freebsd-isp@freebsd.org; freebsd-net@freebsd.org; > freebs= d-www@freebsd.org > Subject: Inserting html/frame/banner to requested we= bpage by > proxy/gateway > > > Hi there, > anybody here can told m= e, how to insert html code to any > requested page by proxy/gateway. >= Thank's. > > Teguh > > Lycos Email has 10 MB of FREE storage space= . http://mail.lycos.co.uk > > This email and any files transmitted w= ith it are confidential and intended solely for the use of the individual= or entity to whom they are addressed. If you have received this email in= error please notify the system manager. This message contains confidenti= al information and is intended only for the individual named. If you are = not the named addressee you should not disseminate, distribute or copy th= is e-mail. From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 11:11:41 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7892516A4CE for ; Wed, 28 Apr 2004 11:11:41 -0700 (PDT) Received: from spintime.org (mail.spintime.org [207.206.44.110]) by mx1.FreeBSD.org (Postfix) with SMTP id D828743D3F for ; Wed, 28 Apr 2004 11:11:40 -0700 (PDT) (envelope-from cody@wilkshire.net) Received: (qmail 13642 invoked by uid 5020); 28 Apr 2004 18:12:55 -0000 Received: from cody@wilkshire.net by spintime.org by uid 0 with qmail-scanner-1.21 (clamdscan: 0.70-rc. Clear:RC:1(198.30.217.3):. Processed in 0.054198 secs); 28 Apr 2004 18:12:55 -0000 X-Qmail-Scanner-Mail-From: cody@wilkshire.net via spintime.org X-Qmail-Scanner: 1.21 (Clear:RC:1(198.30.217.3):. Processed in 0.054198 secs) Received: from unknown (HELO wilkshire.net) (spinnah@spintime.org@198.30.217.3) by mail.spintime.org with SMTP; 28 Apr 2004 18:12:55 -0000 Message-ID: <408FF3AC.7060907@wilkshire.net> Date: Wed, 28 Apr 2004 14:10:52 -0400 From: Cody Baker User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org References: In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: Inserting html/frame/banner to requested webpage by proxy/gateway X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 18:11:41 -0000 I should imagine this is going to be used as a reverse proxy. I believe it's possible with mod_layout and apache ( http://tangent.org/index.pl?lastnode_id=478&node_id=362 ). Thank You, Cody Baker cody@wilkshire.net Gunnarsson, Mikael wrote: >Please don't crosspost. > >I don't know of any proxy software that lets you change the content it passes in such a way.. You'd probably have to hack something up yourself. > >I question the point though. If it's outgoing content you want to modify, it would probably be easier to let the web server itself add a header/footer or whatever it is you want to add. > >If it's incoming web pages you want to modify, I question the ethic of it. Would YOU like to use a web proxy that adds banners to every page you visit? > >Also, it would probably screw up the rendering of most non-simple pages, so there's technical issues as well.. > > > > > >>-----Original Message----- >>From: owner-freebsd-isp@freebsd.org >>[mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Teguh Kurniawan >>Sent: den 27 april 2004 17:41 >>To: freebsd-isp@freebsd.org; freebsd-net@freebsd.org; >>freebsd-www@freebsd.org >>Subject: Inserting html/frame/banner to requested webpage by >>proxy/gateway >> >> >>Hi there, >>anybody here can told me, how to insert html code to any >>requested page by proxy/gateway. >>Thank's. >> >>Teguh >> >>Lycos Email has 10 MB of FREE storage space. http://mail.lycos.co.uk >> >> >> >> >This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 14:08:21 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D833816A4CE for ; Wed, 28 Apr 2004 14:08:21 -0700 (PDT) Received: from morpheus.mind.net (morpheus.mind.net [69.9.130.12]) by mx1.FreeBSD.org (Postfix) with SMTP id 9544843D54 for ; Wed, 28 Apr 2004 14:08:21 -0700 (PDT) (envelope-from jfox@morpheus.mind.net) Received: (qmail 5424 invoked by uid 1001); 28 Apr 2004 21:10:07 -0000 Date: Wed, 28 Apr 2004 14:10:07 -0700 From: John Fox To: freebsd-isp@freebsd.org Message-ID: <20040428211007.GB357@mind.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.1i X-Quip: Fly the white flag of war! Subject: Question: SSL via POP3 a performance killer? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2004 21:08:22 -0000 I'm planning my company's next mail server, and would like to get away from using plain-text authentication for POP3 service. It's been suggested to me that my best bet would actually be to run POP3 over SSL, and thus simply encrypt the clear-text authentication, and that would be good enough for me. However, I've also been told that SSL can be very demanding of even a very powerful computer. This new machine will likely run an AMD XP 2600 (or if I'm lucky, maybe even a 3X99) processor and 1G of RAM, and the OS will (obviously) be FreeBSD, probably 4.10. It will service approx- imately 13,000 POP3 accounts, and handle approximately 100,000 POP3 requests per day. Does this seem a workable setup, or does it appear that the system will indeed be overwhelmed by all the SSL? If there's further information that would be of help in answering this question, please let me know and I will do my best to provide it. Thank you, -John -- +---------------------------------------------------------------------------+ | John Fox | System Administrator | InfoStructure | +---------------------------------------------------------------------------+ | I used to trust the media to tell me the truth, tell us the truth | | But now I've seen the payoffs everywhere I look | | Who can you trust when everyone's a crook? | | -- Queensryche, "Revolution Calling" | +---------------------------------------------------------------------------+ From owner-freebsd-isp@FreeBSD.ORG Wed Apr 28 17:35:19 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E951916A4D3 for ; Wed, 28 Apr 2004 17:35:19 -0700 (PDT) Received: from gamera.svk.isite.net (mail.isite.net [205.217.158.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id B354543D31 for ; Wed, 28 Apr 2004 17:35:10 -0700 (PDT) (envelope-from jrhett@isite.net) Received: from anubis.svk.isite.net (anubis.svk.isite.net [205.217.158.5]) by gamera.svk.isite.net (8.12.10/8.12.9) with ESMTP id i3T0ZAqa011815 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Wed, 28 Apr 2004 17:35:10 -0700 (PDT) Received: from anubis.svk.isite.net (localhost [127.0.0.1]) i3T0ZA0G007528; Wed, 28 Apr 2004 17:35:10 -0700 (PDT) Received: (from jrhett@localhost)i3T0Z62W007527; Wed, 28 Apr 2004 17:35:06 -0700 (PDT) Date: Wed, 28 Apr 2004 17:35:06 -0700 From: Joe Rhett To: John Fox Message-ID: <20040429003506.GA7380@isite.net> Mail-Followup-To: John Fox , freebsd-isp@freebsd.org References: <20040428211007.GB357@mind.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040428211007.GB357@mind.net> User-Agent: Mutt/1.4.2i Organization: Isite Services, Inc. cc: freebsd-isp@freebsd.org Subject: Re: Question: SSL via POP3 a performance killer? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2004 00:35:20 -0000 If it is just POP3, then it will be overkill. But how are the messages getting there? You'll need at least LMTPd. Are your POP users sending mail through this same server, using ESMTP+TLS? If so, thats a bit more encryption. Our experience is that this system would handle both just fine, but you'd be better off increasing the memory to handle the large mail queues and/or large POP downloads, which are both loaded into memory for processing. Memory is cheap these days, get at least 4gb. On Wed, Apr 28, 2004 at 02:10:07PM -0700, John Fox wrote: > I'm planning my company's next mail server, and would like to get > away from using plain-text authentication for POP3 service. It's > been suggested to me that my best bet would actually be to run POP3 > over SSL, and thus simply encrypt the clear-text authentication, > and that would be good enough for me. > > However, I've also been told that SSL can be very demanding of even > a very powerful computer. > > This new machine will likely run an AMD XP 2600 (or if I'm lucky, > maybe even a 3X99) processor and 1G of RAM, and the OS will (obviously) > be FreeBSD, probably 4.10. It will service approx- imately 13,000 > POP3 accounts, and handle approximately 100,000 POP3 requests per > day. > > Does this seem a workable setup, or does it appear that the > system will indeed be overwhelmed by all the SSL? > > If there's further information that would be of help in answering > this question, please let me know and I will do my best to > provide it. > > Thank you, > > -John > -- > +---------------------------------------------------------------------------+ > | John Fox | System Administrator | InfoStructure | > +---------------------------------------------------------------------------+ > | I used to trust the media to tell me the truth, tell us the truth | > | But now I've seen the payoffs everywhere I look | > | Who can you trust when everyone's a crook? | > | -- Queensryche, "Revolution Calling" | > +---------------------------------------------------------------------------+ > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- Joe Rhett Chief Geek JRhett@Isite.Net Isite Services, Inc. From owner-freebsd-isp@FreeBSD.ORG Thu Apr 29 06:02:03 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B29FA16A4CE for ; Thu, 29 Apr 2004 06:02:03 -0700 (PDT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id D95E043D45 for ; Thu, 29 Apr 2004 06:02:02 -0700 (PDT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.32 #0 (FreeBSD 4.9)) id 1BJBAu-000NNS-05 by authid for ; Thu, 29 Apr 2004 16:02:00 +0300 Date: Thu, 29 Apr 2004 16:01:59 +0300 From: Odhiambo Washington To: freebsd-isp@freebsd.org Message-ID: <20040429130159.GA82083@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , freebsd-isp@freebsd.org References: <20040428211007.GB357@mind.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040428211007.GB357@mind.net> X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.5.1i (2003-11-05) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.5.1i Subject: Re: Question: SSL via POP3 a performance killer? X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Apr 2004 13:02:03 -0000 * John Fox [20040429 00:09]: wrote: > I'm planning my company's next mail server, and would like to get > away from using plain-text authentication for POP3 service. It's > been suggested to me that my best bet would actually be to run POP3 > over SSL, and thus simply encrypt the clear-text authentication, > and that would be good enough for me. > > However, I've also been told that SSL can be very demanding of even > a very powerful computer. > > This new machine will likely run an AMD XP 2600 (or if I'm lucky, > maybe even a 3X99) processor and 1G of RAM, and the OS will (obviously) > be FreeBSD, probably 4.10. It will service approx- imately 13,000 > POP3 accounts, and handle approximately 100,000 POP3 requests per > day. > > Does this seem a workable setup, or does it appear that the > system will indeed be overwhelmed by all the SSL? This is an overkill. And I recommend tpop3d as the POP3 daemon. 1.5.3 Supports SSL. I run it here for over 14k users on a machine with specs lower than yours, which is also my main SMTP server, does web hosting, IMAP, etc. -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ A pedestal is as much a prison as any small, confined space. -- Gloria Steinem From owner-freebsd-isp@FreeBSD.ORG Fri Apr 30 09:46:18 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F3B9D16A4CF for ; Fri, 30 Apr 2004 09:46:17 -0700 (PDT) Received: from web25109.mail.ukl.yahoo.com (web25109.mail.ukl.yahoo.com [217.12.10.57]) by mx1.FreeBSD.org (Postfix) with SMTP id 7DB0043D49 for ; Fri, 30 Apr 2004 09:46:17 -0700 (PDT) (envelope-from samira1732002@yahoo.co.uk) Message-ID: <20040430164019.21761.qmail@web25109.mail.ukl.yahoo.com> Received: from [195.219.178.11] by web25109.mail.ukl.yahoo.com via HTTP; Fri, 30 Apr 2004 17:40:19 BST Date: Fri, 30 Apr 2004 17:40:19 +0100 (BST) From: =?iso-8859-1?q?samira=20danesh?= To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Subject: Please reactivate your Yahoo! Groups account X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Apr 2004 16:46:18 -0000 ____________________________________________________________ Yahoo! Messenger - Communicate instantly..."Ping" your friends today! Download Messenger Now http://uk.messenger.yahoo.com/download/index.html From owner-freebsd-isp@FreeBSD.ORG Fri Apr 30 15:30:46 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 796A316A4CE; Fri, 30 Apr 2004 15:30:46 -0700 (PDT) Received: from bigass1.bitblock.com (ns1.bitblock.com [66.199.170.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 44EB043D1D; Fri, 30 Apr 2004 15:30:46 -0700 (PDT) (envelope-from mitch@bitblock.com) Received: from a1200 ([24.83.187.201]) (AUTH: LOGIN mitch@bitblock.com) by bigass1.bitblock.com with esmtp; Fri, 30 Apr 2004 22:30:43 +0000 X-Abuse-Reports: Visit http://www.bitblock.com/abuse.php X-Abuse-Reports: and submit a copy of the message headers X-Abuse-Reports: or review our policies and procedures X-Abuse-Reports: ID= 4092D393.00011760.bigass1.bitblock.com,dns; a1200 ([24.83.187.201]),AUTH: LOGIN mitch@bitblock.com From: "Mitch (bitblock)" To: freebsd-net@freebsd.org, freebsd-isp@freebsd.org Date: Fri, 30 Apr 2004 15:30:42 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Routing and VPN troubles... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 30 Apr 2004 22:30:46 -0000 There are about a 1000 different lists - hope this is the right two - if not, any suggestions welcome! The crux of my problem, is that I need to configure a VPN network in a star - one central node, many outside nodes... easy right? The problem is that I need the individual "rays" or "spokes" to be able to communicate with each other SELECTIVELY. I've tried to get this config working with BSD boxes - I have about 50 spokes to deal with right now and that number will hopefully grow.... I've been looking at the two problems separately, but I'll describe the whole mess, and then hope you are more inspired than I am. PC1 (192.168.1.10)<--\ PC2 (192.168.1.11)<-->(192.168.1.1)FBSD 1(10.1.1.2)<-->ADSL<------\ | PC3 (192.168.2.10)<--\ | PC4 (192.168.2.11)<-->(192.168.2.1)FBSD 2(10.1.1.3)<-->ADSL<----\ | | | PC5 (192.168.3.10)<--\ | | PC6 (192.168.3.11)<-->(192.168.3.1)FBSD 3(10.1.1.4)<-->ADSL<--\ | | | | | <--/ / / INTERNET <---> (SOME PUBLIC IP) FBSD 4 (10.1.1.1) <---/ / <----/ In actual fact, the 10.1.1.X addresses are all public addresses on a subnet. PC1 and PC2 need full access to PC3 - 6. PC3 needs access to certain ports on PC 5. That is the essence of the firewalling / port filtering of the VPN - like can I trest the virtual VPN interfaces as normal interfaces for purposes of writing firewall rules? Second problem. To do this, 10.1.1.2 and 10.1.1.3 need to communciate with 10.1.1.4 to set up these vpn's. The problem is that we have ADSL over ATM. ATM manages data flow by configured path. Consider FBSD 4 to be on dedicated vlans with each of FBSD 1 - 3. All remote nodes have a "path" to the router, not each other... so FBSD 4 needs to be able to establish VPN's with FBSD 1 - 3 and route between the VPN's. If I can use FBSD 4 for this, and if I can treat the virtual interfaces as normal ones in ipfw, then I can do what I want - right? I can probably alter my layout and use of IP addresses and so on somewhat, but the key is that routing has to be performed on a single interface in order to redirect traffic from the hosts that can't see each other. Does that make the problem clear? For starters, there are really FBSD 1 - 50 (not just 1 - 3) ;-) At present, I've got a variety of hardware and software (Linksys SX41 / Netgear / etc.) deployed in place of FBSD 1 - 3 and FreeBSD in place of FBSD 4... I have a couple of test machines to work with though and figure if I can get 3 working I can get the rest working too. I've heard something about /32 subnetting, not sure how that works, or what has to be done to enable it... I've been looking for any information on that I can find on that subject - might solve the problem another way if I can make my endpoint routers (1 - 3) communicate through regular IP by forcing them to bounce through the router - but I've been told the router has to support this function as a router woudl normally ignore traffic bound for the same subnet as it comes from - right? If you know it's impossible, that's ok... I tried ;-) Any alternatives? PPPOE instead of VPN between the gateway's? Thanks in advance. Hope I'm not asking to much, or that the challenge is worthy ;-) m/ From owner-freebsd-isp@FreeBSD.ORG Sat May 1 00:30:52 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4509116A4CE; Sat, 1 May 2004 00:30:52 -0700 (PDT) Received: from flash.mipk.kharkiv.edu (flash.mipk.kharkiv.edu [194.44.157.113]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7078D43D2F; Sat, 1 May 2004 00:30:49 -0700 (PDT) (envelope-from artem@mipk.kharkiv.edu) Received: from mipk.kharkiv.edu (aws.aws-net.org.ua [192.168.32.1]) i417TLT1036266; Sat, 1 May 2004 10:29:23 +0300 (EEST) (envelope-from artem@mipk.kharkiv.edu) Message-ID: <409351D8.8060603@mipk.kharkiv.edu> Date: Sat, 01 May 2004 10:29:28 +0300 From: "Artyom V. Viklenko" Organization: IIAT NTU "KhPI" User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: ru, uk, en MIME-Version: 1.0 To: "Mitch (bitblock)" References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: Routing and VPN troubles... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2004 07:30:52 -0000 Mitch (bitblock) wrote: > The crux of my problem, is that I need to configure a VPN network in a > star - one central node, many outside nodes... easy right? First of all, is it really a VPN network? How you connect your ADSL links to FBSD 4? And second, if FBSD4 is only point which handle ALL traffic between FBSD1-3 and their clients, you can use ipfw to block unwanted traffic. For example, if your ADSL links connected to VLAN-avare switch, and each ADSL link paired to FBSD4 in the separate VLAN, you can set up different interfaces vlan0-vlanx for each one and use these interfaces in ipfw rules. -- Sincerely yours, Artyom V. Viklenko. ====================================================== System Administrator artem@mipk.kharkiv.edu ------------------------------------------------------ IIAT NTU "KhPI" 21, Frunze Str., Kharkov Ukraine 61002 Phone: +38 (0572) 400026 Fax: +38 (057) 7062749 ====================================================== From owner-freebsd-isp@FreeBSD.ORG Sat May 1 02:03:22 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25DF416A4CE; Sat, 1 May 2004 02:03:22 -0700 (PDT) Received: from bigass1.bitblock.com (ns1.bitblock.com [66.199.170.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id C48EB43D41; Sat, 1 May 2004 02:03:21 -0700 (PDT) (envelope-from mitch@bitblock.com) Received: from a1200 ([24.83.187.201]) (AUTH: LOGIN mitch@bitblock.com) by bigass1.bitblock.com with esmtp; Sat, 01 May 2004 09:03:17 +0000 X-Abuse-Reports: Visit http://www.bitblock.com/abuse.php X-Abuse-Reports: and submit a copy of the message headers X-Abuse-Reports: or review our policies and procedures X-Abuse-Reports: ID= 409367D5.0000020F.bigass1.bitblock.com,dns; a1200 ([24.83.187.201]),AUTH: LOGIN mitch@bitblock.com From: "Mitch (bitblock)" To: "Artyom V. Viklenko" Date: Sat, 1 May 2004 02:03:17 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <409351D8.8060603@mipk.kharkiv.edu> cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: RE: Routing and VPN troubles... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2004 09:03:22 -0000 > -----Original Message----- > From: Artyom V. Viklenko [mailto:artem@mipk.kharkiv.edu] > Sent: Saturday, May 01, 2004 12:29 AM > To: Mitch (bitblock) > Cc: freebsd-net@freebsd.org; freebsd-isp@freebsd.org > Subject: Re: Routing and VPN troubles... > > > Mitch (bitblock) wrote: > > The crux of my problem, is that I need to configure a VPN network in a > > star - one central node, many outside nodes... easy right? > > First of all, is it really a VPN network? > How you connect your ADSL links to FBSD 4? > > And second, if FBSD4 is only point which handle > ALL traffic between FBSD1-3 and their clients, you can > use ipfw to block unwanted traffic. > For example, if your ADSL links connected to VLAN-avare > switch, and each ADSL link paired to FBSD4 in the separate VLAN, > you can set up different interfaces vlan0-vlanx > for each one and use these interfaces in ipfw rules. Thanks Artyom... The PC's behind FBSD1-3 are on private network addresses. The ADSL infrastructure and ATM paths will only route the assigned public address to the router FBSD4. There is no VLAN-aware switch, it's just the way that the ATM paths are configured that made it a close analogy (so I thought). The VPN stuff might be easy if I could figure out how to make FBSD1-3 route through FBSD4 (regardless of the fact that they are all on the same subnet... the traffic from FBSD1 needs to "bounce" off FBSD4 on it's way to FBSD3 for example... either that, or maybe the gif interfaces count as distinct interfaces for routing? m/ From owner-freebsd-isp@FreeBSD.ORG Sat May 1 02:13:59 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 64D3D16A4CE; Sat, 1 May 2004 02:13:59 -0700 (PDT) Received: from guldan.demon.nl (cust.13.38.adsl.cistron.nl [62.216.13.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA0FA43D31; Sat, 1 May 2004 02:13:58 -0700 (PDT) (envelope-from robert@guldan.demon.nl) Received: from bombur.guldan.demon.nl ([192.168.201.3] helo=localhost) by guldan.demon.nl with esmtp (Exim 4.24; FreeBSD) id 1BJqUd-000CCz-2M; Sat, 01 May 2004 11:09:07 +0200 Date: Sat, 1 May 2004 11:12:20 +0200 From: Robert Blacquiere To: "Mitch (bitblock)" Message-ID: <20040501091220.GT67426@bombur.guldan.demon.nl> References: <409351D8.8060603@mipk.kharkiv.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i X-Disclaimer: running FreeBSD X-Spam-Score: 0.0 (/) cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: Routing and VPN troubles... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2004 09:13:59 -0000 On Sat, May 01, 2004 at 02:03:17AM -0700, Mitch (bitblock) wrote: > > Thanks Artyom... > > The PC's behind FBSD1-3 are on private network addresses. The ADSL > infrastructure and ATM paths will only route the assigned public address to > the router FBSD4. There is no VLAN-aware switch, it's just the way that the > ATM paths are configured that made it a close analogy (so I thought). May be it is possible to use proxy arp on de "gateway" FBSD4 machine. So all machines can talk to each thru FBSD4 box. We use some similair setup to prevent people to talk to each without us knowning (bigboss is watching). All traffic will then be handled by the proxy arp box. > > The VPN stuff might be easy if I could figure out how to make FBSD1-3 route > through FBSD4 (regardless of the fact that they are all on the same > subnet... the traffic from FBSD1 needs to "bounce" off FBSD4 on it's way to > FBSD3 for example... either that, or maybe the gif interfaces count as > distinct interfaces for routing? > > m/ > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- Microsoft: Where do you want to go today? Linux: Where do you want to go tomorrow? FreeBSD: Are you guys coming or what? OpenBSD: Hey guys you left some holes out there! From owner-freebsd-isp@FreeBSD.ORG Sat May 1 13:16:04 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 96AB916A4CE; Sat, 1 May 2004 13:16:04 -0700 (PDT) Received: from bigass1.bitblock.com (ns1.bitblock.com [66.199.170.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 49AE943D62; Sat, 1 May 2004 13:16:04 -0700 (PDT) (envelope-from mitch@bitblock.com) Received: from a1200 ([24.83.187.201]) (AUTH: LOGIN mitch@bitblock.com) by bigass1.bitblock.com with esmtp; Sat, 01 May 2004 20:15:59 +0000 X-Abuse-Reports: Visit http://www.bitblock.com/abuse.php X-Abuse-Reports: and submit a copy of the message headers X-Abuse-Reports: or review our policies and procedures X-Abuse-Reports: ID= 4094057F.00006381.bigass1.bitblock.com,dns; a1200 ([24.83.187.201]),AUTH: LOGIN mitch@bitblock.com From: "Mitch (bitblock)" To: "Robert Blacquiere" Date: Sat, 1 May 2004 13:15:59 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20040501091220.GT67426@bombur.guldan.demon.nl> cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: RE: Routing and VPN troubles... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 01 May 2004 20:16:04 -0000 > May be it is possible to use proxy arp on de "gateway" FBSD4 > machine. So all > machines can talk to each thru FBSD4 box. We use some similair setup to > prevent people to talk to each without us knowning (bigboss is watching). > > All traffic will then be handled by the proxy arp box. > I'll look and see what info I can find on this idea - had a few people suggest I switch to OpenVPN instead of IPSec which creates virtual devices allowing full firewalling etc. Thanks Robert m/