From owner-freebsd-net Sun Sep 19 9:16:58 1999 Delivered-To: freebsd-net@freebsd.org Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [18.24.4.193]) by hub.freebsd.org (Postfix) with ESMTP id 83A9014CC2 for ; Sun, 19 Sep 1999 09:16:56 -0700 (PDT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.9.3/8.9.3) id MAA64792; Sun, 19 Sep 1999 12:16:52 -0400 (EDT) (envelope-from wollman) Date: Sun, 19 Sep 1999 12:16:52 -0400 (EDT) From: Garrett Wollman Message-Id: <199909191616.MAA64792@khavrinen.lcs.mit.edu> To: Mohit Aron Cc: freebsd-net@FreeBSD.ORG Subject: limit on number of sockets by zone allocator In-Reply-To: <199909190520.AAA20766@cs.rice.edu> References: <199909190520.AAA20766@cs.rice.edu> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [Only one mailing-list, please!] < said: > allocator limits the maximum number of socket structures to about 8000 (I > configured my kernel with 256 MAXUSERS). A busy webserver can have about `maxsockets' is defined to be the maximum of `nmbclusters' and `maxfiles'. It can easily be changed through the `kern.ipc.maxsockets' tunable in the kernel's boot environment. In -current you should also increase the size of the callout wheel, which is not presently tunable. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sun Sep 19 19:10:59 1999 Delivered-To: freebsd-net@freebsd.org Received: from shuttle.wide.toshiba.co.jp (shuttle.wide.toshiba.co.jp [202.249.10.124]) by hub.freebsd.org (Postfix) with ESMTP id 627EF152DF for ; Sun, 19 Sep 1999 19:10:48 -0700 (PDT) (envelope-from jinmei@isl.rdc.toshiba.co.jp) Received: from localhost ([3ffe:501:100f:1048:2a0:24ff:fe66:1350]) by shuttle.wide.toshiba.co.jp (8.9.1+3.1W/8.9.0) with ESMTP id LAA28251 for ; Mon, 20 Sep 1999 11:01:34 +0900 (JST) Date: Mon, 20 Sep 1999 11:13:42 +0900 Message-ID: <14309.38998.969576.82635W@condor.isl.rdc.toshiba.co.jp> From: JINMEI Tatuya / =?ISO-2022-JP?B?GyRCP0BMQEMjOkgbKEI=?= To: freebsd-net@FreeBSD.ORG Subject: Re: IPsec support in FreeBSD. In-Reply-To: In your message of "Sun, 19 Sep 1999 15:44:22 +1000 (EST)" References: User-Agent: Wanderlust/2.2.1 (Wild World) Emacs/20.4 Mule/4.0 (HANANOEN) Organization: Research & Development Center, Toshiba Corp., Kawasaki, Japan. MIME-Version: 1.0 (generated by SEMI 1.13.4 - "Terai") Content-Type: text/plain; charset=US-ASCII X-Dispatcher: imput version 980905(IM100) Lines: 20 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> On Sun, 19 Sep 1999 15:44:22 +1000 (EST), >>>>> Chris Keladis said: > Hi all, > Was wondering what IPSec implementations are available for 3.[23]-STABLE ? > I noticed KAME, but from what i read i didnt see anything about IPv4 support. If you worry about whether KAME supports IPv4 IPsec, no problem. KAME of course supports IPv4 IPsec as well. We admit that we don't provide enough document for KAME IPsec on the web page(i.e. http://www.kame.net/). If you have any questions or problems about KAME IPsec, please ask your questions on snap-users@kame.net. JINMEI, Tatuya Communication Platform Lab. Corporate R&D Center, Toshiba Corp. jinmei@isl.rdc.toshiba.co.jp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Mon Sep 20 16:30:45 1999 Delivered-To: freebsd-net@freebsd.org Received: from paprika.michvhf.com (paprika.michvhf.com [209.57.60.12]) by hub.freebsd.org (Postfix) with SMTP id A395A14EA9 for ; Mon, 20 Sep 1999 16:30:29 -0700 (PDT) (envelope-from vev@michvhf.com) Received: (qmail 11872 invoked by uid 1001); 20 Sep 1999 23:30:32 -0000 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Mon, 20 Sep 1999 19:30:31 -0400 (EDT) X-Face: *0^4Iw) To: freebsd-net@FreeBSD.ORG Subject: 3.2 and 3com Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have an odd one going on. In the last couple of weeks we installed 3.2 (from the CDs) on 7 machines. 5 were new pIII-450's ASUS MB with 3C905 PCI network cards, two are older Pentium 150's with 3C509B's - ISA, all with 128MB ram. All power management stuff is turned off in BIOS. These machines, if left alone with no traffic, will seem to drop off the network. No ping, no telnet, no ssh. If you walk up to the console you can log in and ping anywhere you want and suddenly you can get in from outside again. It's like it was woke up. It also wakes up if a cronjob sends mail. Right now I have open pings running to a couple of the machines to keep them awake. The only things these machines seem to have in common are: 10base-t, FreeBSD 3.2-RELEASE, 128MB Ram and a Cisco Catalyst 1900 switch. Anyone seen this before or have any ideas? Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null # include TEAM-OS2 Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Sep 21 0:13: 8 1999 Delivered-To: freebsd-net@freebsd.org Received: from ritchie.wplus.net (relay.wplus.net [195.131.52.179]) by hub.freebsd.org (Postfix) with ESMTP id 87FEB14FF5 for ; Tue, 21 Sep 1999 00:12:55 -0700 (PDT) (envelope-from dms@woland.wplus.net) Received: from woland.wplus.net (woland.wplus.net [195.131.0.39]) by ritchie.wplus.net (8.9.1/8.9.1/wplus.2) with ESMTP id LAA05016; Tue, 21 Sep 1999 11:12:54 +0400 (MSK/MSD) X-Real-To: freebsd-net@FreeBSD.ORG Received: (from dms@localhost) by woland.wplus.net (8.9.2/8.9.1/wplus.2) id LAA03114; Tue, 21 Sep 1999 11:12:54 +0400 (MSD) Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=KOI8-R Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Tue, 21 Sep 1999 11:12:53 +0400 (MSD) From: Dmitry Samersoff To: Vince Vielhaber Subject: RE: 3.2 and 3com Cc: freebsd-net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 20-Sep-99 Vince Vielhaber wrote: > > I have an odd one going on. In the last couple of weeks we installed 3.2 > (from the CDs) on 7 machines. 5 were new pIII-450's ASUS MB with 3C905 > PCI network cards, two are older Pentium 150's with 3C509B's - ISA, all > with 128MB ram. All power management stuff is turned off in BIOS. These > machines, if left alone with no traffic, will seem to drop off the network. > No ping, no telnet, no ssh. If you walk up to the console you can log in > and ping anywhere you want and suddenly you can get in from outside again. > It's like it was woke up. It also wakes up if a cronjob sends mail. Right > now I have open pings running to a couple of the machines to keep them > awake. The only things these machines seem to have in common are: 10base-t, > FreeBSD 3.2-RELEASE, 128MB Ram and a Cisco Catalyst 1900 switch. > > Anyone seen this before or have any ideas? Looks like IRQ problem ... Is all plug-play-cry possibility (BIOS and 3C5x9 setup) disabled and 3C5x9 IRQ marked as reserved for ISA in BIOS? Try to set IRQ to Free's 3C5x9 driver explicitly. --- Dmitry Samersoff, dms@wplus.net, ICQ:3161705 http://devnull.wplus.net * There will come soft rains ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Sep 21 2:25:38 1999 Delivered-To: freebsd-net@freebsd.org Received: from paprika.michvhf.com (paprika.michvhf.com [209.57.60.12]) by hub.freebsd.org (Postfix) with SMTP id CA36914C85 for ; Tue, 21 Sep 1999 02:25:35 -0700 (PDT) (envelope-from vev@michvhf.com) Received: (qmail 13261 invoked by uid 1001); 21 Sep 1999 09:25:35 -0000 Date: Tue, 21 Sep 1999 05:25:35 -0400 (EDT) From: Vince Vielhaber To: Dmitry Samersoff Cc: freebsd-net@FreeBSD.ORG Subject: RE: 3.2 and 3com In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 21 Sep 1999, Dmitry Samersoff wrote: > > On 20-Sep-99 Vince Vielhaber wrote: > > > > I have an odd one going on. In the last couple of weeks we installed 3.2 > > (from the CDs) on 7 machines. 5 were new pIII-450's ASUS MB with 3C905 > > PCI network cards, two are older Pentium 150's with 3C509B's - ISA, all > > with 128MB ram. All power management stuff is turned off in BIOS. These > > machines, if left alone with no traffic, will seem to drop off the network. > > No ping, no telnet, no ssh. If you walk up to the console you can log in > > and ping anywhere you want and suddenly you can get in from outside again. > > It's like it was woke up. It also wakes up if a cronjob sends mail. Right > > now I have open pings running to a couple of the machines to keep them > > awake. The only things these machines seem to have in common are: 10base-t, > > FreeBSD 3.2-RELEASE, 128MB Ram and a Cisco Catalyst 1900 switch. > > > > Anyone seen this before or have any ideas? > > Looks like IRQ problem ... > > Is all plug-play-cry possibility (BIOS and 3C5x9 setup) disabled and 3C5x9 IRQ > marked as reserved for ISA in BIOS? > > Try to set IRQ to Free's 3C5x9 driver explicitly. I did that on the 150s. We used the 3com setup disk on the card and set the IRQ to (I think 3), then in BIOS we reserved 3 and shut off COM2 since we weren't using it anyway. My desktop uses the same card in the same config with 2.2.8. Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null # include TEAM-OS2 Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Sep 21 16:17:30 1999 Delivered-To: freebsd-net@freebsd.org Received: from cdc.net (server1.cdc.net [207.244.0.12]) by hub.freebsd.org (Postfix) with SMTP id BE97514BF9 for ; Tue, 21 Sep 1999 16:17:24 -0700 (PDT) (envelope-from mwade@cdc.net) Received: (qmail 14930 invoked by uid 100); 21 Sep 1999 23:17:24 -0000 Date: Tue, 21 Sep 1999 19:17:24 -0400 (EDT) From: Mike Wade X-Sender: mwade@server1 To: Vince Vielhaber Cc: freebsd-net@FreeBSD.ORG Subject: Re: 3.2 and 3com In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 20 Sep 1999, Vince Vielhaber wrote: > I have an odd one going on. In the last couple of weeks we installed 3.2 > (from the CDs) on 7 machines. 5 were new pIII-450's ASUS MB with 3C905 > PCI network cards, two are older Pentium 150's with 3C509B's - ISA, all > with 128MB ram. All power management stuff is turned off in BIOS. These > machines, if left alone with no traffic, will seem to drop off the network. > No ping, no telnet, no ssh. If you walk up to the console you can log in > and ping anywhere you want and suddenly you can get in from outside again. > It's like it was woke up. It also wakes up if a cronjob sends mail. Right > now I have open pings running to a couple of the machines to keep them > awake. The only things these machines seem to have in common are: 10base-t, > FreeBSD 3.2-RELEASE, 128MB Ram and a Cisco Catalyst 1900 switch. > > Anyone seen this before or have any ideas? I had a similar problem with a 3Com ethernet switch. The solution was to up the MAC address expire time so the switch didn't drop the MAC making it unavailable to the network until the machine generated traffic. --- Mike Wade (mwade@cdc.net) Director of Systems Administration CDC Internet, Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Tue Sep 21 20:38:49 1999 Delivered-To: freebsd-net@freebsd.org Received: from valis.worldgate.ca (valis.worldgate.ca [198.161.84.2]) by hub.freebsd.org (Postfix) with ESMTP id B4BCA157B0 for ; Tue, 21 Sep 1999 20:38:46 -0700 (PDT) (envelope-from skafte@worldgate.ca) Received: from worldgate.ca (skafte@diskless4.worldgate.ca [198.161.84.132]) by valis.worldgate.ca (8.9.3/8.9.1) with ESMTP id VAA03531; Tue, 21 Sep 1999 21:38:45 -0600 (MDT) Message-ID: <37E84F45.1AAEE032@worldgate.ca> Date: Tue, 21 Sep 1999 21:38:45 -0600 From: Greg Skafte Organization: WorldGate Inc. X-Mailer: Mozilla 4.61 [en] (X11; I; Linux 2.0.36 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-net@freebsd.org Subject: rt_refcnt in RELENG_2_2 Content-Type: multipart/mixed; boundary="------------4A17C6AC4429AA8CCD4A038C" Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. --------------4A17C6AC4429AA8CCD4A038C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I see that rt_refcnt was changed from short to long in 1.30 of route.h are there any "known" gotchas if I do this on a RELENG_2_2 machine..... running 2_2 on a bgp router box and the routing table does exceed 64k routes ( and if you delete a route when youy exceed 64k the machine panics)...... -- Email: skafte@worldgate.com Voice: +780 413 1910 Fax: +780 421 4929 #575 Sun Life Place * 10123 99 Street * Edmonton, AB * Canada * T5J 3H1 -- -- When things can't get any worse, they simplify themselves by getting a whole lot worse then complicated. A complete and utter disaster is the simplest thing in the world; it's preventing one that's complex. (Janet Morris) --------------4A17C6AC4429AA8CCD4A038C Content-Type: text/x-vcard; charset=us-ascii; name="skafte.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Greg Skafte Content-Disposition: attachment; filename="skafte.vcf" begin:vcard n:Skafte;Greg tel;pager:(780) 491 4791 tel;fax:(780) 421 4929 tel;work:(780) 413 1910 x-mozilla-html:FALSE url:www.worldgate.ca org:

;Network Operations version:2.1 email;internet:skafte@worldgate.ca title:Operations Manager adr;quoted-printable:;;#575 Sun Life Place =0D=0A10123 99 Street;Edmonton;Alberta;T5J 3H1;Canada x-mozilla-cpt:;3360 fn:Greg Skafte end:vcard --------------4A17C6AC4429AA8CCD4A038C-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 4:57:50 1999 Delivered-To: freebsd-net@freebsd.org Received: from granite.sentex.net (granite.sentex.ca [199.212.134.1]) by hub.freebsd.org (Postfix) with ESMTP id 86E9714F94 for ; Wed, 22 Sep 1999 04:57:47 -0700 (PDT) (envelope-from mike@sentex.net) Received: from ospf-mdt.sentex.net (ospf-mdt.sentex.net [205.211.164.81]) by granite.sentex.net (8.8.8/8.6.9) with SMTP id HAA16253; Wed, 22 Sep 1999 07:57:43 -0400 (EDT) From: mike@sentex.net (Mike Tancsa) To: skafte@worldgate.ca (Greg Skafte) Cc: freebsd-net@freebsd.org Subject: Re: rt_refcnt in RELENG_2_2 Date: Wed, 22 Sep 1999 12:11:29 GMT Message-ID: <37e8c516.553265093@mail.sentex.net> References: In-Reply-To: X-Mailer: Forte Agent .99e/32.227 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 21 Sep 1999 23:39:04 -0400, in sentex.lists.freebsd.net you wrote: >This is a multi-part message in MIME format. >--------------4A17C6AC4429AA8CCD4A038C >Content-Type: text/plain; charset=us-ascii >Content-Transfer-Encoding: 7bit > > > >I see that rt_refcnt was changed from short to long in 1.30 of route.h > >are there any "known" gotchas if I do this on a RELENG_2_2 machine..... > >running 2_2 on a bgp router box and the routing table does exceed >64k routes ( and if you delete a route when youy exceed 64k the machine >panics)...... Yes, good old PR 10570. I too am effected by it. I would upgrade the box to 3.3 however, I have no official drivers for my etinc T1 card. Can you not just upgrade your box to 3.3 ? I did this for my other border router which has only ethernet. It of course is humming along no problem. If you make the modification, please share your results. ---Mike Mike Tancsa (mdtancsa@sentex.net) Sentex Communications Corp, Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 5:10:52 1999 Delivered-To: freebsd-net@freebsd.org Received: from enst.enst.fr (enst.enst.fr [137.194.2.16]) by hub.freebsd.org (Postfix) with ESMTP id 3B23D154CD for ; Wed, 22 Sep 1999 05:10:47 -0700 (PDT) (envelope-from beyssac@enst.fr) Received: from bofh.enst.fr (bofh-2.enst.fr [137.194.2.37]) by enst.enst.fr (8.9.1a/8.9.1) with ESMTP id OAA03892; Wed, 22 Sep 1999 14:10:45 +0200 (MET DST) Received: by bofh.enst.fr (Postfix, from userid 12426) id A187DD226; Wed, 22 Sep 1999 14:10:43 +0200 (CEST) Message-ID: <19990922141043.A79858@enst.fr> Date: Wed, 22 Sep 1999 14:10:43 +0200 From: Pierre Beyssac To: Greg Skafte , freebsd-net@FreeBSD.ORG Subject: Re: rt_refcnt in RELENG_2_2 References: <37E84F45.1AAEE032@worldgate.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <37E84F45.1AAEE032@worldgate.ca>; from Greg Skafte on Tue, Sep 21, 1999 at 09:38:45PM -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Sep 21, 1999 at 09:38:45PM -0600, Greg Skafte wrote: > I see that rt_refcnt was changed from short to long in 1.30 of route.h > are there any "known" gotchas if I do this on a RELENG_2_2 machine..... That should work OK. Just recompile a kernel with that change and see what happens. Basically that's what I did when testing that under -current. Then check that netstat and friends still work correctly, and recompile them if they don't. This wasn't needed under 3.x and -current but IIRC the way they access the kernel data structures has changed with respect to 2.x. -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 7:40:37 1999 Delivered-To: freebsd-net@freebsd.org Received: from arc.netlab.sk (arc.netlab.sk [195.168.1.2]) by hub.freebsd.org (Postfix) with ESMTP id D2F74153E9 for ; Wed, 22 Sep 1999 07:40:31 -0700 (PDT) (envelope-from palo.adamec@tecton.sk) Received: from wsadmin ([195.168.13.18]) by arc.netlab.sk (8.9.3/8.9.3) with SMTP id QAA02768 for ; Wed, 22 Sep 1999 16:40:29 +0200 (CEST) Received: by localhost with Microsoft MAPI; Wed, 22 Sep 1999 16:43:11 +0200 Message-ID: <01BF0519.8E8AB700.palo.adamec@tecton.sk> From: Pavol Adamec To: "'freebsd-net@freebsd.org'" Subject: Q: process using TCP connection Date: Wed, 22 Sep 1999 16:43:09 +0200 X-Mailer: Microsoft Internet E-mail/MAPI - 8.0.0.4211 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sorry for the question, I think it's been already answered but I can't find it the archive. How can I find out which process is using a TCP connection? Thanks Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 8: 1:41 1999 Delivered-To: freebsd-net@freebsd.org Received: from pau-amma.whistle.com (pau-amma.whistle.com [207.76.205.64]) by hub.freebsd.org (Postfix) with ESMTP id 1C206151B9 for ; Wed, 22 Sep 1999 08:01:38 -0700 (PDT) (envelope-from dhw@whistle.com) Received: (from dhw@localhost) by pau-amma.whistle.com (8.9.2/8.9.2) id IAA38589; Wed, 22 Sep 1999 08:01:38 -0700 (PDT) Date: Wed, 22 Sep 1999 08:01:38 -0700 (PDT) From: David Wolfskill Message-Id: <199909221501.IAA38589@pau-amma.whistle.com> To: freebsd-net@FreeBSD.ORG, palo.adamec@tecton.sk Subject: Re: Q: process using TCP connection In-Reply-To: <01BF0519.8E8AB700.palo.adamec@tecton.sk> Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >From: Pavol Adamec >Date: Wed, 22 Sep 1999 16:43:09 +0200 >Sorry for the question, I think it's been already answered but I can't >find it the archive. >How can I find out which process is using a TCP connection? "lsof" (in /usr/ports/sysutils/lsof) is one tool that can tell you the answer to this type of question. Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator voice: (650) 577-7158 pager: (888) 347-0197 FAX: (650) 372-5915 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 11:28:34 1999 Delivered-To: freebsd-net@freebsd.org Received: from rgate2.ricochet.net (rgate2.ricochet.net [204.179.143.3]) by hub.freebsd.org (Postfix) with ESMTP id 39C3F154A9 for ; Wed, 22 Sep 1999 11:28:26 -0700 (PDT) (envelope-from boshea@ricochet.net) Received: from beastie.localdomain (mg-20425426-10.ricochet.net [204.254.26.10]) by rgate2.ricochet.net (8.9.3/8.9.3) with ESMTP id NAA09748; Wed, 22 Sep 1999 13:28:22 -0500 (CDT) Received: (from brian@localhost) by beastie.localdomain (8.9.3/8.8.7) id LAA01574; Wed, 22 Sep 1999 11:34:44 -0700 (PDT) (envelope-from brian) Date: Wed, 22 Sep 1999 11:34:44 -0700 From: "Brian O'Shea" To: Pavol Adamec Cc: "'freebsd-net@freebsd.org'" Subject: Re: Q: process using TCP connection Message-ID: <19990922113444.B57569@beastie.localdomain> Mail-Followup-To: Pavol Adamec , "'freebsd-net@freebsd.org'" References: <01BF0519.8E8AB700.palo.adamec@tecton.sk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: <01BF0519.8E8AB700.palo.adamec@tecton.sk>; from Pavol Adamec on Wed, Sep 22, 1999 at 04:43:09PM +0200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There is a neat perl script called sockstat in FreeBSD 3.2-RELEASE that does what you are looking for. It doesn't seem to be in 3.1-RELEASE, but it should be possible to modify it to work on older releases. It just cross-references the output from the 'netstat -Aan -finet' and 'fstat' commands. I couldn't get it to work properly when I copied it onto a 3.1-RELEASE system, but I didn't devote too much time to the task. It doesn't look like the output fields or format for either command has changed, but the minor version of perl has (from 5.005_02 to 5.005_03). -brian On Wed, Sep 22, 1999 at 04:43:09PM +0200, Pavol Adamec wrote: > Sorry for the question, I think it's been already answered but I can't > find it the archive. > How can I find out which process is using a TCP connection? > > Thanks > Paul > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > -- Brian O'Shea boshea@ricochet.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 14: 7:42 1999 Delivered-To: freebsd-net@freebsd.org Received: from hotmail.com (law-f19.hotmail.com [209.185.131.82]) by hub.freebsd.org (Postfix) with SMTP id DEDC71551B for ; Wed, 22 Sep 1999 14:07:40 -0700 (PDT) (envelope-from skalir@hotmail.com) Received: (qmail 15283 invoked by uid 0); 22 Sep 1999 21:03:08 -0000 Message-ID: <19990922210308.15282.qmail@hotmail.com> Received: from 166.62.215.119 by www.hotmail.com with HTTP; Wed, 22 Sep 1999 14:03:08 PDT X-Originating-IP: [166.62.215.119] From: "skalir scalar" To: freebsd-questions@freebsd.org, freebsd-net@freebsd.org Subject: serial cable login Date: Wed, 22 Sep 1999 13:03:08 AKDT Mime-Version: 1.0 Content-Type: text/plain; format=flowed Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I dont need to have a serial console, But i would like to know howto be able to login over a serial cable from one machine to another. I just need to know how to enable the serial login on the fbsd 3.X box... thanks ______________________________________________________ Get Your Private, Free Email at http://www.hotmail.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 14:22:42 1999 Delivered-To: freebsd-net@freebsd.org Received: from chickasaw.gate.net (chickasaw.gate.net [198.206.134.26]) by hub.freebsd.org (Postfix) with ESMTP id 7F6B714E9A; Wed, 22 Sep 1999 14:22:34 -0700 (PDT) (envelope-from wjm@gate.net) Received: from tiwa.gate.net (wjm@tiwa.gate.net [199.227.0.141]) by chickasaw.gate.net (8.8.6/8.6.12) with ESMTP id RAA63010; Wed, 22 Sep 1999 17:20:21 -0400 Received: from localhost (wjm@localhost) by tiwa.gate.net (8.8.6/8.7.3) with ESMTP id RAA35422; Wed, 22 Sep 1999 17:23:59 -0400 X-Authentication-Warning: tiwa.gate.net: wjm owned process doing -bs Date: Wed, 22 Sep 1999 17:23:59 -0400 (EDT) From: William Melanson To: skalir scalar Cc: freebsd-questions@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: serial cable login In-Reply-To: <19990922210308.15282.qmail@hotmail.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 22 Sep 1999, skalir scalar wrote: % % I dont need to have a serial console, But i would like to know howto % be able to login over a serial cable from one machine to another. % % I just need to know how to enable the serial login on the fbsd 3.X % box... thanks % This should do it: http://www.freebsd.org/handbook/x12103.html - bill --------------------------------oOo------------------------------------ William J. Melanson CyberGate, Inc. | e.spire Communications Sr Network Controller Deerfield Beach, FL 33441 Network Operations Center Phone: (954) 429-8080 finger wjm@gate.net PGP public key --------------------------------oOo------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 14:32: 7 1999 Delivered-To: freebsd-net@freebsd.org Received: from phluffy.fks.bt (170-45.dynamic.visi.com [209.98.170.45]) by hub.freebsd.org (Postfix) with ESMTP id F3793159C6; Wed, 22 Sep 1999 14:31:59 -0700 (PDT) (envelope-from myke@ees.com) Received: from localhost (myke@localhost) by phluffy.fks.bt (8.8.8/8.8.8) with ESMTP id QAA02826; Wed, 22 Sep 1999 16:31:55 -0500 (CDT) (envelope-from myke@ees.com) X-Authentication-Warning: phluffy.fks.bt: myke owned process doing -bs Date: Wed, 22 Sep 1999 16:31:51 -0500 (CDT) From: Mike Holling X-Sender: myke@phluffy.fks.bt To: skalir scalar Cc: freebsd-questions@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Subject: Re: serial cable login In-Reply-To: <19990922210308.15282.qmail@hotmail.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I dont need to have a serial console, But i would like to know howto > be able to login over a serial cable from one machine to another. > > I just need to know how to enable the serial login on the fbsd 3.X > box... thanks Edit the following entries in /etc/ttys: # Serial terminals ttyd0 "/usr/libexec/getty std.9600" vt100 on secure ttyd1 "/usr/libexec/getty std.9600" vt100 on secure ttyd2 "/usr/libexec/getty std.9600" unknown off secure ttyd3 "/usr/libexec/getty std.9600" unknown off secure Set whichever serial lines you want active to "on". I have two serial ports on my machine setup for serial logins. To make the change take effect simply do kill -1 1 You'll need to have a null modem serial cable, in the US you can get null modem converter blocks from Radio Shack. It's best to first test out your terminal using Kermit or another comm program on the unix box. - Mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 15:59:44 1999 Delivered-To: freebsd-net@freebsd.org Received: from paprika.michvhf.com (paprika.michvhf.com [209.57.60.12]) by hub.freebsd.org (Postfix) with SMTP id DDB5A14F80 for ; Wed, 22 Sep 1999 15:59:33 -0700 (PDT) (envelope-from vev@michvhf.com) Received: (qmail 18385 invoked by uid 1001); 22 Sep 1999 22:59:37 -0000 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Wed, 22 Sep 1999 18:59:37 -0400 (EDT) X-Face: *0^4Iw) To: Mike Wade Subject: Re: 3.2 and 3com Cc: freebsd-net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 21-Sep-99 Mike Wade wrote: > On Mon, 20 Sep 1999, Vince Vielhaber wrote: > >> I have an odd one going on. In the last couple of weeks we installed 3.2 >> (from the CDs) on 7 machines. 5 were new pIII-450's ASUS MB with 3C905 >> PCI network cards, two are older Pentium 150's with 3C509B's - ISA, all >> with 128MB ram. All power management stuff is turned off in BIOS. These >> machines, if left alone with no traffic, will seem to drop off the network. >> No ping, no telnet, no ssh. If you walk up to the console you can log in >> and ping anywhere you want and suddenly you can get in from outside again. >> It's like it was woke up. It also wakes up if a cronjob sends mail. Right >> now I have open pings running to a couple of the machines to keep them >> awake. The only things these machines seem to have in common are: 10base-t, >> FreeBSD 3.2-RELEASE, 128MB Ram and a Cisco Catalyst 1900 switch. >> >> Anyone seen this before or have any ideas? > > I had a similar problem with a 3Com ethernet switch. The solution was to > up the MAC address expire time so the switch didn't drop the MAC making it > unavailable to the network until the machine generated traffic. Looks like you got it. The router was showing that it hadn't heard from any of the machines in more than 15 minutes (or something to that nature) and the switch decided that it needed to try sending any traffic for the subnets involved to the 'Network Uplink Port'. Disabling this (since it was no longer in use) fixed the problem. It's been up for more than 16 hours now. Thanks!! Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null # include TEAM-OS2 Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 16:26:10 1999 Delivered-To: freebsd-net@freebsd.org Received: from paprika.michvhf.com (paprika.michvhf.com [209.57.60.12]) by hub.freebsd.org (Postfix) with SMTP id A7BDD15373 for ; Wed, 22 Sep 1999 16:26:03 -0700 (PDT) (envelope-from vev@michvhf.com) Received: (qmail 18457 invoked by uid 1001); 22 Sep 1999 23:26:07 -0000 Message-ID: X-Mailer: XFMail 1.3 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Wed, 22 Sep 1999 19:26:07 -0400 (EDT) X-Face: *0^4Iw) To: freebsd-net@FreeBSD.ORG Subject: realserver and 3.2 vs 2.2.8 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Were there any significant changes in the ed0 driver between 2.2.8 and 3.2-STABLE? RealServer can't open port 7070 (and a couple of others I've tried) on a machine I just installed 3.2-STABLE on (I got the same results with both the 2.2realserver and 3.0realserver) but it ran fine for months on the same hardware with 2.2.8. I just tried it on another 3.2 machine that uses the ep0 driver (3com) and it started without a problem. The cards are just cheap ne2000 cards, unfortunately I don't have any others around here. Here's the kdump on the error: 13187 rmserver CALL socket(0x2,0x1,0) 13187 rmserver RET socket 9 13187 rmserver CALL setsockopt(0x9,0xffff,0x4,0xbfbfceb0,0x4) 13187 rmserver RET setsockopt 0 13187 rmserver CALL bind(0x9,0xbfbfceb4,0x10) 13187 rmserver RET bind 0 13187 rmserver CALL ioctl(0x9,FIONBIO,0xbfbfceb0) 13187 rmserver RET ioctl 0 13187 rmserver CALL listen(0x9,0xa) 13187 rmserver RET listen 0 13187 rmserver CALL socket(0x2,0x1,0) 13187 rmserver RET socket 10/0xa 13187 rmserver CALL setsockopt(0xa,0xffff,0x4,0xbfbfce9c,0x4) 13187 rmserver RET setsockopt 0 13187 rmserver CALL bind(0xa,0xbfbfcea0,0x10) 13187 rmserver RET bind -1 errno 49 Can't assign requested address 13187 rmserver CALL close(0xa) 13187 rmserver RET close 0 13187 rmserver CALL write(0x1,0x8140000,0x1f) 13187 rmserver GIO fd 1 wrote 31 bytes "E: could not open PNAPort 7070 " 13187 rmserver RET write 31/0x1f The only hardware in the machine is the network card, vga, and ide. It's an old 486DX-50 with 16MB ram. Thanks in advance for any ideas... Vince. -- ========================================================================== Vince Vielhaber -- KA8CSH email: vev@michvhf.com flame-mail: /dev/null # include TEAM-OS2 Online Campground Directory http://www.camping-usa.com Online Giftshop Superstore http://www.cloudninegifts.com ========================================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 18:34:14 1999 Delivered-To: freebsd-net@freebsd.org Received: from spooky.eis.net.au (spooky.eis.net.au [203.12.171.2]) by hub.freebsd.org (Postfix) with ESMTP id 55F9B15022 for ; Wed, 22 Sep 1999 18:34:07 -0700 (PDT) (envelope-from ernie@spooky.eis.net.au) Received: (from ernie@localhost) by spooky.eis.net.au (8.9.3/8.8.3) id LAA75166 for freebsd-net@freebsd.org; Thu, 23 Sep 1999 11:37:56 +1000 (EST) From: Ernie Elu Message-Id: <199909230137.LAA75166@spooky.eis.net.au> Subject: Dlink DFE-570TX Quad ethernet To: freebsd-net@freebsd.org Date: Thu, 23 Sep 1999 11:37:56 +1000 (EST) X-Mailer: ELM [version 2.4ME+ PL40 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Has anyone had any luck running the new Dlink DFE-570TX Quad Ethernet adapeter yet? It's based on the DEC DC21143 chip set. http://www.dlink.com/products/adapters/dfe570tx/faq.htm I was thinking of buying one or two for a router but not unitl I know it will run with FreeBSD. - Ernie. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Wed Sep 22 23:46:27 1999 Delivered-To: freebsd-net@freebsd.org Received: from sttlpop5.sttl.uswest.net (sttlpop5.sttl.uswest.net [206.81.192.5]) by hub.freebsd.org (Postfix) with SMTP id 1DD6315516 for ; Wed, 22 Sep 1999 23:46:17 -0700 (PDT) (envelope-from nchong@uswest.net) Received: (qmail 415 invoked by alias); 23 Sep 1999 06:46:17 -0000 Delivered-To: fixup-freebsd-net@freebsd.org@fixme Received: (qmail 404 invoked by uid 0); 23 Sep 1999 06:46:16 -0000 Received: from ddslppp190.sttl.uswest.net (HELO gchunghome) (216.160.75.190) by sttlpop5.sttl.uswest.net with SMTP; 23 Sep 1999 06:46:16 -0000 From: "N. C. Hong" To: Subject: FreeBSD 3.2 bug when calling connect on a UDP socket? Date: Wed, 22 Sep 1999 23:48:51 -0700 Message-ID: <000201bf058f$b27c0e40$0200000a@gchunghome> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On FreeBSD 3.2, when running two instances of the following program, the second instance fails during the connect call. It works fine on Windows NT. I haven't tested on other platforms. I don't see any reason why two UDP sockets bound to the same port on the same host can't both be "connected" to a multicast endpoint. #include #include #include #include #include #include #include #include void checkError(int status) { if (status < 0) { fprintf(stderr, "SOCKET ERROR: %d\n", errno); assert(0); } } void main() { int status; struct sockaddr_in sa; printf("before socket\n"); int sockfd = socket(AF_INET, SOCK_DGRAM, 0); checkError(sockfd); printf("after socket\n"); printf("before setsockopt SO_REUSEPORT\n"); const int on = 1; status = setsockopt(sockfd, SOL_SOCKET, SO_REUSEPORT, &on, sizeof(on)); checkError(status); printf("after setsockopt SO_REUSEPORT\n"); printf("before bind\n"); bzero(&sa, sizeof(sa)); sa.sin_family = AF_INET; sa.sin_port = htons(10000); sa.sin_addr.s_addr = htonl(INADDR_ANY); status = bind(sockfd, (const sockaddr *)&sa, sizeof(sa)); checkError(status); printf("after bind\n"); printf("before connect\n"); bzero(&sa, sizeof(sa)); sa.sin_family = AF_INET; sa.sin_port = htons(10001); sa.sin_addr.s_addr = inet_addr("225.0.0.1"); status = connect(sockfd, (const struct sockaddr *)&sa, sizeof(sa)); checkError(status); printf("after connect\n"); printf("before recvfrom\n"); char buf[8192]; status = recvfrom(sockfd, buf, 8192, 0, 0, 0); checkError(status); printf("after recvfrom\n"); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 1:51:43 1999 Delivered-To: freebsd-net@freebsd.org Received: from enst.enst.fr (enst.enst.fr [137.194.2.16]) by hub.freebsd.org (Postfix) with ESMTP id 6FB54158A6 for ; Thu, 23 Sep 1999 01:51:34 -0700 (PDT) (envelope-from beyssac@enst.fr) Received: from bofh.enst.fr (bofh-2.enst.fr [137.194.2.37]) by enst.enst.fr (8.9.1a/8.9.1) with ESMTP id KAA18687; Thu, 23 Sep 1999 10:51:33 +0200 (MET DST) Received: by bofh.enst.fr (Postfix, from userid 12426) id 0288FD236; Thu, 23 Sep 1999 10:51:32 +0200 (CEST) Message-ID: <19990923105131.A99097@enst.fr> Date: Thu, 23 Sep 1999 10:51:31 +0200 From: Pierre Beyssac To: "N. C. Hong" , freebsd-net@FreeBSD.ORG Subject: Re: FreeBSD 3.2 bug when calling connect on a UDP socket? References: <000201bf058f$b27c0e40$0200000a@gchunghome> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <000201bf058f$b27c0e40$0200000a@gchunghome>; from N. C. Hong on Wed, Sep 22, 1999 at 11:48:51PM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Sep 22, 1999 at 11:48:51PM -0700, N. C. Hong wrote: > On FreeBSD 3.2, when running two instances of the following program, the > second instance fails during the connect call. It works fine on Windows NT. > I haven't tested on other platforms. I don't see any reason why two UDP > sockets bound to the same port on the same host can't both be "connected" to > a multicast endpoint. Apparently, you haven't given any indication to the system that you want to connect to a multicast endpoint. You have to use socket option IP_ADD_MEMBERSHIP. See man ip(4). -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 5:27:39 1999 Delivered-To: freebsd-net@freebsd.org Received: from antioche.lip6.fr (antioche.lip6.fr [132.227.74.11]) by hub.freebsd.org (Postfix) with ESMTP id DC0F414D71 for ; Thu, 23 Sep 1999 05:27:34 -0700 (PDT) (envelope-from bouyer@antioche.lip6.fr) Received: (from bouyer@localhost) by antioche.lip6.fr (8.9.3/8.9.3) id OAA14465; Thu, 23 Sep 1999 14:26:34 +0200 (MEST) Date: Thu, 23 Sep 1999 14:26:32 +0200 From: Manuel Bouyer To: Ernie Elu Cc: freebsd-net@FreeBSD.ORG Subject: Re: Dlink DFE-570TX Quad ethernet Message-ID: <19990923142632.A14400@antioche.eu.org> References: <199909230137.LAA75166@spooky.eis.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4us In-Reply-To: <199909230137.LAA75166@spooky.eis.net.au>; from Ernie Elu on Thu, Sep 23, 1999 at 11:37:56AM +1000 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Sep 23, 1999 at 11:37:56AM +1000, Ernie Elu wrote: > Has anyone had any luck running the new Dlink DFE-570TX Quad Ethernet > adapeter yet? It's based on the DEC DC21143 chip set. > http://www.dlink.com/products/adapters/dfe570tx/faq.htm > > > I was thinking of buying one or two for a router but not unitl I know it > will run with FreeBSD. I'm using them in NetBSD boxes, they are really nice board. I can't see why they wouldn't run with FreeBSD, as the de driver is almost the same :) -- Manuel Bouyer -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 8: 5:32 1999 Delivered-To: freebsd-net@freebsd.org Received: from Samizdat.uucom.com (samizdat.uucom.com [198.202.217.54]) by hub.freebsd.org (Postfix) with ESMTP id B3ECE14F33; Thu, 23 Sep 1999 08:05:28 -0700 (PDT) (envelope-from cshenton@uucom.com) Received: (from cshenton@localhost) by Samizdat.uucom.com (8.9.3/8.9.3) id LAA28407; Thu, 23 Sep 1999 11:03:59 -0400 (EDT) To: freebsd-net@FreeBSD.ORG Cc: freebsd-security@FreeBSD.ORG Subject: Inetd -l: log *all* connection attempts (not just valid svcs) User-Agent: SEMI/1.13.3 (Komaiko) FLIM/1.12.5 (Hirahata) Emacs/20.3 (i386-pc-solaris2.7) MULE/4.0 (HANANOEN) MIME-Version: 1.0 (generated by SEMI 1.13.3 - "Komaiko") Content-Type: text/plain; charset=US-ASCII From: Chris Shenton Date: 23 Sep 1999 11:03:59 -0400 In-Reply-To: Pierre Beyssac's message of "Thu, 23 Sep 1999 10:51:31 +0200" Message-ID: Lines: 23 X-Mailer: Gnus v5.6.45/Emacs 20.3 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org FreeBSD-3.2 inetd has a "-l" flag which logs all attempts: If the -l option is specified, all connection attempts are logged, whether they are allowed, denied or not wrapped at all. Otherwise, only denied requests will be logged. but I gather it only logs attempts for ports which inetd.conf has configured for services. I'd like a way to log *all* network connection attempts, especially attempts to services which aren't defined. This would allow me to spot people scanning my host (where only a few services are enabled). Perhaps inetd isn't the right place to do this since it has no awareness of other services which might be running (e.g., httpd on port 80). Is this true? Or can inetd be bound to all unused ports to log attempts? If not I suppose the logical conclusion would be to run ipfw or ipfil... certainly doable, but not as trivial for users to enable as turning on an inetd flag. Suggestions? Thanks. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 8:12:16 1999 Delivered-To: freebsd-net@freebsd.org Received: from mail.snowcrest.net (mail.snowcrest.net [216.102.43.227]) by hub.freebsd.org (Postfix) with ESMTP id D060915E86 for ; Thu, 23 Sep 1999 08:12:09 -0700 (PDT) (envelope-from djewett@snowcrest.net) Received: from ws2983 (stkppC031.snowcrest.net [209.78.171.31]) by mail.snowcrest.net (8.9.0/8.9.0) with SMTP id IAA29643 for ; Thu, 23 Sep 1999 08:11:18 -0700 (PDT) Message-ID: <001201bf05d5$db058c10$1fab4ed1@co.shasta.ca.us> From: "Derek Jewett" To: Subject: FTP authentication is slow... Date: Thu, 23 Sep 1999 08:10:59 -0700 Organization: Shasta County MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_000F_01BF059B.2B645A50" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_000F_01BF059B.2B645A50 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Running 3.1-R I am still getting a strange dilema every once in a = while... Happened last night; When a user hits my FBSD box to do an ftp = session the machine takes like some three or four minutes to = authenticate the user.. The same thing happens when you try to do a = telnet session as well.. and then after some time passes the problem = goes away and it operates as normal. This box is mission critical as = daily and nightly file transfers happen on a normal basis.. Anyone got = any ideas as to what may be causing these mystry slow downs..?=20 ------=_NextPart_000_000F_01BF059B.2B645A50 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable

Running 3.1-R I am still getting a = strange dilema=20 every once in a while... Happened last night; When a user hits my FBSD = box to do=20 an ftp session the machine takes like some three or four minutes to = authenticate=20 the user.. The same thing happens when you try to do a telnet session as = well..=20 and then after some time passes the problem goes away and it operates as = normal.=20 This box is mission critical as daily and nightly file transfers happen = on a=20 normal basis.. Anyone got any ideas as to what may be causing these = mystry slow=20 downs..?

------=_NextPart_000_000F_01BF059B.2B645A50-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 8:12:24 1999 Delivered-To: freebsd-net@freebsd.org Received: from wopr.caltech.edu (wopr.caltech.edu [131.215.240.222]) by hub.freebsd.org (Postfix) with ESMTP id 2E78B15EF0; Thu, 23 Sep 1999 08:12:20 -0700 (PDT) (envelope-from mph@wopr.caltech.edu) Received: (from mph@localhost) by wopr.caltech.edu (8.9.3/8.9.1) id IAA00915; Thu, 23 Sep 1999 08:11:53 -0700 (PDT) (envelope-from mph) Date: Thu, 23 Sep 1999 08:11:53 -0700 From: Matthew Hunt To: Chris Shenton Cc: freebsd-net@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Message-ID: <19990923081153.B668@wopr.caltech.edu> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Chris Shenton on Thu, Sep 23, 1999 at 11:03:59AM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Sep 23, 1999 at 11:03:59AM -0400, Chris Shenton wrote: > I'd like a way to log *all* network connection attempts, especially > attempts to services which aren't defined. This would allow me to spot > people scanning my host (where only a few services are enabled). To log connections to ports with nothing listening, set "log_in_vain" to "YES" in /etc/rc.conf if it's in there, or do "sysctl -w net.inet.tcp.log_in_vain=1" as root. This is handled by the kernel, not inetd, because as you said, inetd is not aware of connections attempts to ports it's not listening to. -- Matthew Hunt * UNIX is a lever for the http://www.pobox.com/~mph/ * intellect. -J.R. Mashey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 8:16:47 1999 Delivered-To: freebsd-net@freebsd.org Received: from charon.npc.net (charon.npc.net [199.15.61.3]) by hub.freebsd.org (Postfix) with ESMTP id 918C514E2C; Thu, 23 Sep 1999 08:16:37 -0700 (PDT) (envelope-from mjung@npc.net) Received: from exchange.finall.com (exchange [10.0.158.37]) by charon.npc.net (8.9.3/8.8.8) with SMTP id LAA00882; Thu, 23 Sep 1999 11:14:53 -0400 (EDT) (envelope-from mjung@npc.net) Received: by exchange.finall.com with SMTP (Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62) id <01BF05B5.06A2B850@exchange.finall.com>; Thu, 23 Sep 1999 11:16:04 -0400 Message-ID: From: "Jung, Michael" To: "'Chris Shenton'" , "'freebsd-net@FreeBSD.ORG'" Cc: "'freebsd-security@FreeBSD.ORG'" Subject: RE: Inetd -l: log *all* connection attempts (not just valid svcs) Date: Thu, 23 Sep 1999 11:16:03 -0400 X-Mailer: Microsoft Exchange Server Internet Mail Connector Version 4.0.996.62 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org sysctl -w net.inet.udp.log_in_vain=1 sysctl -w net.inet.tcp.log_in_vain=1 will give you (root@charon) /home/mikej/mount$grep Connection /var/log/debug Sep 23 11:00:26 charon /kernel: Connection attempt to UDP 127.0.0.1:4456 from 127.0.0.1:53 Sep 23 11:00:53 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:00:57 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:01:58 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:02:03 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:03:04 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:03:08 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:03:20 charon /kernel: Connection attempt to UDP 127.0.0.1:137 from 127.0.0.1:4250 Sep 23 11:04:14 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:04:16 charon /kernel: Connection attempt to UDP 127.0.0.1:137 from 127.0.0.1:2554 Sep 23 11:04:19 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:05:19 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:05:25 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:06:23 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:06:23 charon /kernel: Connection attempt to UDP 127.0.0.1:137 from 127.0.0.1:4561 Sep 23 11:06:27 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 Sep 23 11:07:28 charon /kernel: Connection attempt to UDP 10.0.158.10:161 from 10.0.158.28:1063 --mikej >-----Original Message----- >From: Chris Shenton [SMTP:cshenton@uucom.com] >Sent: Thursday, September 23, 1999 11:04 AM >To: freebsd-net@FreeBSD.ORG >Cc: freebsd-security@FreeBSD.ORG >Subject: Inetd -l: log *all* connection attempts (not just valid svcs) > >FreeBSD-3.2 inetd has a "-l" flag which logs all attempts: > > If the -l option is specified, all connection attempts are logged, > whether they are allowed, denied or not wrapped at all. Otherwise, only > denied requests will be logged. > >but I gather it only logs attempts for ports which inetd.conf has >configured for services. > >I'd like a way to log *all* network connection attempts, especially >attempts to services which aren't defined. This would allow me to spot >people scanning my host (where only a few services are enabled). > >Perhaps inetd isn't the right place to do this since it has no >awareness of other services which might be running (e.g., httpd on >port 80). Is this true? Or can inetd be bound to all unused ports to >log attempts? > >If not I suppose the logical conclusion would be to run ipfw or >ipfil... certainly doable, but not as trivial for users to enable as >turning on an inetd flag. Suggestions? > >Thanks. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 8:31: 5 1999 Delivered-To: freebsd-net@freebsd.org Received: from fedde.littleton.co.us (fedde.littleton.co.us [216.17.174.44]) by hub.freebsd.org (Postfix) with ESMTP id 269CE1516F; Thu, 23 Sep 1999 08:30:58 -0700 (PDT) (envelope-from cfedde@fedde.littleton.co.us) Received: from fedde.littleton.co.us (localhost.fedde.littleton.co.us [127.0.0.1]) by fedde.littleton.co.us (8.9.3/8.9.3) with ESMTP id JAA05543; Thu, 23 Sep 1999 09:30:10 -0600 (MDT) Message-Id: <199909231530.JAA05543@fedde.littleton.co.us> To: "skalir scalar" Cc: freebsd-questions@FreeBSD.ORG, freebsd-net@FreeBSD.ORG From: Chris Fedde Subject: Re: serial cable login In-reply-to: Your message of "Wed, 22 Sep 1999 13:03:08 +0700." <19990922210308.15282.qmail@hotmail.com> Date: Thu, 23 Sep 1999 09:30:10 -0600 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "skalir scalar" writes: +--------------- | I dont need to have a serial console, But i would like to know howto | be able to login over a serial cable from one machine to another. | | I just need to know how to enable the serial login on the fbsd 3.X | box... thanks +--------------- Section 14 of the Handbook (/usr/share/doc/handbook/handbook.ascii) probably details what you need. It boils down to the following: Get your terminal and cableing right then start a getty using an entry in /etc/ttys and "kill -HUP 1" thanks chris __ Chris Fedde 303 773 9134 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 9:47:31 1999 Delivered-To: freebsd-net@freebsd.org Received: from mail.snowcrest.net (mail.snowcrest.net [216.102.43.227]) by hub.freebsd.org (Postfix) with ESMTP id 8EFDC1607C for ; Thu, 23 Sep 1999 09:47:20 -0700 (PDT) (envelope-from djewett@snowcrest.net) Received: from ws2983 (stkfrB019.snowcrest.net [209.78.173.19]) by mail.snowcrest.net (8.9.0/8.9.0) with SMTP id JAA05849 for ; Thu, 23 Sep 1999 09:47:08 -0700 (PDT) Message-ID: <000d01bf05e3$3dfeb140$13ad4ed1@co.shasta.ca.us> From: "Derek Jewett" To: Subject: Errors - Date: Thu, 23 Sep 1999 09:46:48 -0700 Organization: Shasta County MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I tailed my messages file and I have a ton of these errors... Anyone know what this means...? Sep 19 02:02:30 DSS-FIREWALL ftpd[58086]: control bind: Address already in use Sep 20 02:02:30 DSS-FIREWALL ftpd[59254]: control bind: Address already in use Sep 21 02:02:30 DSS-FIREWALL ftpd[60432]: control bind: Address already in use Sep 22 02:02:31 DSS-FIREWALL ftpd[61611]: control bind: Address already in use Sep 23 02:02:30 DSS-FIREWALL ftpd[62827]: control bind: Address already in use and in the past there were alot of these... but have not had any since Aug 31 Aug 31 07:51:45 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host is not on local network Aug 31 08:12:00 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host is not on local network Aug 31 08:31:31 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host is not on local network Aug 31 08:57:25 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host is not on local network Aug 31 09:12:50 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host is not on local network To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 9:49:24 1999 Delivered-To: freebsd-net@freebsd.org Received: from mail.snowcrest.net (mail.snowcrest.net [216.102.43.227]) by hub.freebsd.org (Postfix) with ESMTP id 3B99814F72 for ; Thu, 23 Sep 1999 09:49:18 -0700 (PDT) (envelope-from djewett@snowcrest.net) Received: from ws2983 (stkfrB019.snowcrest.net [209.78.173.19]) by mail.snowcrest.net (8.9.0/8.9.0) with SMTP id JAA07089 for ; Thu, 23 Sep 1999 09:49:16 -0700 (PDT) Message-ID: <001d01bf05e3$8a59cfc0$13ad4ed1@co.shasta.ca.us> From: "Derek Jewett" To: Subject: FTP authentication - Date: Thu, 23 Sep 1999 09:49:01 -0700 Organization: Shasta County MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sorry if this is duplicate, I sent the last message out formatted.. sorry Running 3.1-R I am still getting a strange dilema every once in a while... Happened last night; When a user hits my FBSD box to do an ftp session the machine takes like some three or four minutes to authenticate the user.. The same thing happens when you try to do a telnet session as well.. and then after some time passes the problem goes away and it operates as normal. This box is mission critical as daily and nightly file transfers happen on a normal basis.. Anyone got any ideas as to what may be causing these mystry slow downs To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 11:10:47 1999 Delivered-To: freebsd-net@freebsd.org Received: from mailhost.mlnet.net (mailhost.mlnet.net [193.116.163.156]) by hub.freebsd.org (Postfix) with ESMTP id 94A3314F05 for ; Thu, 23 Sep 1999 11:10:37 -0700 (PDT) (envelope-from M@mlnet.net) Received: (from postie@localhost) by mailhost.mlnet.net (8.8.8/8.8.8) id SAA13844; Thu, 23 Sep 1999 18:05:33 GMT Received: from ip57.medsoft.org(193.116.163.57) by mailhost.mlnet.net via smap (V1.3.ML.3) id sma013842; Thu Sep 23 18:05:06 1999 Received: (from postie@localhost) by newgate.home.ml-associates.co.uk (8.8.8/8.8.8) id SAA18581; Thu, 23 Sep 1999 18:03:48 GMT Message-Id: <199909231803.SAA18581@newgate.home.ml-associates.co.uk> Received: from oban(192.168.191.2) by newgate.home.ml-associates.co.uk via smap (V1.3.ML.3) id sma018579; Thu Sep 23 18:03:39 1999 X-Sender: msmith!home.ml-associates.co.uk@192.168.191.10 X-Mailer: Windows Eudora Light Version 1.5.2 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Date: Thu, 23 Sep 1999 19:08:34 +0000 To: "Derek Jewett" , From: Matthew Smithshaw Subject: Re: FTP authentication - Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org If this is pre-authentication, ie between 'connected' and the login/username prompt, then it could be a reverse DNS lookup problem rather than an authentication problem. Regards -M At 09:49 23/09/1999 -0700, Derek Jewett wrote: >Sorry if this is duplicate, I sent the last message out formatted.. sorry > >Running 3.1-R I am still getting a strange dilema every once in a while... >Happened last night; When a user hits my FBSD box to do an ftp session the >machine takes like some three or four minutes to authenticate the user.. The >same thing happens when you try to do a telnet session as well.. and then >after some time passes the problem goes away and it operates as normal. This >box is mission critical as daily and nightly file transfers happen on a >normal basis.. Anyone got any ideas as to what may be causing these mystry >slow downs > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-net" in the body of the message > > > -- Matthew Smithshaw | ML Associates M@UK.COM or M@mlnet.net | P O Box 16076 tel:+44-141-951-2229 | Glasgow Scotland fax:+44-141-951-8877 | G11 7TL To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 11:15:27 1999 Delivered-To: freebsd-net@freebsd.org Received: from Samizdat.uucom.com (samizdat.uucom.com [198.202.217.54]) by hub.freebsd.org (Postfix) with ESMTP id 9D8BA14DF3; Thu, 23 Sep 1999 11:15:23 -0700 (PDT) (envelope-from cshenton@uucom.com) Received: (from cshenton@localhost) by Samizdat.uucom.com (8.9.3/8.9.3) id OAA00487; Thu, 23 Sep 1999 14:14:00 -0400 (EDT) To: Matthew Hunt Cc: freebsd-net@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) References: <19990923081153.B668@wopr.caltech.edu> User-Agent: SEMI/1.13.3 (Komaiko) FLIM/1.12.5 (Hirahata) Emacs/20.3 (i386-pc-solaris2.7) MULE/4.0 (HANANOEN) MIME-Version: 1.0 (generated by SEMI 1.13.3 - "Komaiko") Content-Type: text/plain; charset=US-ASCII From: Chris Shenton Date: 23 Sep 1999 14:14:00 -0400 In-Reply-To: Matthew Hunt's message of "Thu, 23 Sep 1999 08:11:53 -0700" Message-ID: Lines: 16 X-Mailer: Gnus v5.6.45/Emacs 20.3 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 23 Sep 1999 08:11:53 -0700, Matthew Hunt said: Matthew> To log connections to ports with nothing listening, set Matthew> "log_in_vain" to "YES" in /etc/rc.conf if it's in there, or Matthew> do "sysctl -w net.inet.tcp.log_in_vain=1" as root. That's exactly what I was looking for, thanks! As to the name of the variable... you guys are the zaniest :-) (When did this variable appear?) PS: Anthony Di Pietro suggested "clog" in ports, which I tried. It does a nice job of reporting all connections on the LAN segment, not just rejected ones nor just ones to the local machine. Nice tool for seeing what's on your LAN. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 11:17:20 1999 Delivered-To: freebsd-net@freebsd.org Received: from wopr.caltech.edu (wopr.caltech.edu [131.215.240.222]) by hub.freebsd.org (Postfix) with ESMTP id 323E815088; Thu, 23 Sep 1999 11:17:13 -0700 (PDT) (envelope-from mph@wopr.caltech.edu) Received: (from mph@localhost) by wopr.caltech.edu (8.9.3/8.9.1) id LAA03972; Thu, 23 Sep 1999 11:17:06 -0700 (PDT) (envelope-from mph) Date: Thu, 23 Sep 1999 11:17:06 -0700 From: Matthew Hunt To: Chris Shenton Cc: freebsd-net@freebsd.org, freebsd-security@freebsd.org Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Message-ID: <19990923111705.A3938@wopr.caltech.edu> References: <19990923081153.B668@wopr.caltech.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Chris Shenton on Thu, Sep 23, 1999 at 02:14:00PM -0400 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Sep 23, 1999 at 02:14:00PM -0400, Chris Shenton wrote: > As to the name of the variable... you guys are the zaniest :-) Yes; it's far from obvious. It makes sense once you understand what it does, but when looking for its functionality, I wouldn't think of the phrase "in vain". > (When did this variable appear?) It's been around for a while: revision 1.41 date: 1996/04/04 10:46:39; author: phk; state: Exp; lines: +13 -2 Log TCP syn packets for ports we don't listen on. Controlled by: sysctl net.inet.tcp.log_in_vain: 1 Log UDP syn packets for ports we don't listen on. Controlled by: sysctl net.inet.udp.log_in_vain: 1 Suggested by: Warren Toomey -- Matthew Hunt * UNIX is a lever for the http://www.pobox.com/~mph/ * intellect. -J.R. Mashey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 12:58:24 1999 Delivered-To: freebsd-net@freebsd.org Received: from pau-amma.whistle.com (pau-amma.whistle.com [207.76.205.64]) by hub.freebsd.org (Postfix) with ESMTP id C5ED415903; Thu, 23 Sep 1999 12:58:20 -0700 (PDT) (envelope-from dhw@whistle.com) Received: (from dhw@localhost) by pau-amma.whistle.com (8.9.2/8.9.2) id MAA00728; Thu, 23 Sep 1999 12:56:30 -0700 (PDT) Date: Thu, 23 Sep 1999 12:56:30 -0700 (PDT) From: David Wolfskill Message-Id: <199909231956.MAA00728@pau-amma.whistle.com> To: cshenton@uucom.com, freebsd-net@FreeBSD.ORG Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Cc: freebsd-security@FreeBSD.ORG In-Reply-To: Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >From: Chris Shenton >Date: 23 Sep 1999 11:03:59 -0400 >FreeBSD-3.2 inetd has a "-l" flag which logs all attempts: >... >I'd like a way to log *all* network connection attempts, especially >attempts to services which aren't defined. This would allow me to spot >people scanning my host (where only a few services are enabled). >Perhaps inetd isn't the right place to do this since it has no >awareness of other services which might be running (e.g., httpd on >port 80). Is this true? Or can inetd be bound to all unused ports to >log attempts? Well, once you have (say) an SMTP server listening to TCP/25, any connection attempt to TCP/25 doesn't involve inetd any more. Sure, you can avoid that issue by instantiating the server in question once for each connection, but that sounds painful to me. >If not I suppose the logical conclusion would be to run ipfw or >ipfil... certainly doable, but not as trivial for users to enable as >turning on an inetd flag. Suggestions? For what it might be worth, when I set up my NAT/firewall box at home (for the DSL connection), in addition to logging all denied packets, I also set it up to log all passed "setup" TCP requests. And yes, I did this with ipfw. Cheers, david -- David Wolfskill dhw@whistle.com UNIX System Administrator voice: (650) 577-7158 pager: (888) 347-0197 FAX: (650) 372-5915 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 13:31: 1 1999 Delivered-To: freebsd-net@freebsd.org Received: from bingsun2.cc.binghamton.edu (bingsun2.cc.binghamton.edu [128.226.6.4]) by hub.freebsd.org (Postfix) with ESMTP id CC9E914CD0 for ; Thu, 23 Sep 1999 13:30:55 -0700 (PDT) (envelope-from bg24484@binghamton.edu) Received: from localhost (bg24484@localhost) by bingsun2.cc.binghamton.edu (8.9.3/8.9.3) with ESMTP id QAA15202 for ; Thu, 23 Sep 1999 16:30:47 -0400 (EDT) X-Authentication-Warning: bingsun2.cc.binghamton.edu: bg24484 owned process doing -bs Date: Thu, 23 Sep 1999 16:30:47 -0400 (EDT) From: X-Sender: bg24484@bingsun2 To: freebsd-net@freebsd.org Subject: Tulip drivers for BSD. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Can any one tell me the sites for "Well Documented" Tulip drivers for BSD. I did search a lot but failed. Thanx, Roshan. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 20:45:51 1999 Delivered-To: freebsd-net@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 2335E14DF2; Thu, 23 Sep 1999 20:45:42 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id VAA09607; Thu, 23 Sep 1999 21:45:40 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id VAA45589; Thu, 23 Sep 1999 21:45:56 -0600 (MDT) Message-Id: <199909240345.VAA45589@harmony.village.org> To: Matthew Hunt Subject: Re: Inetd -l: log *all* connection attempts (not just valid svcs) Cc: Chris Shenton , freebsd-net@FreeBSD.ORG, freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Thu, 23 Sep 1999 11:17:06 PDT." <19990923111705.A3938@wopr.caltech.edu> References: <19990923111705.A3938@wopr.caltech.edu> <19990923081153.B668@wopr.caltech.edu> Date: Thu, 23 Sep 1999 21:45:56 -0600 From: Warner Losh Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <19990923111705.A3938@wopr.caltech.edu> Matthew Hunt writes: : Yes; it's far from obvious. It makes sense once you understand what : it does, but when looking for its functionality, I wouldn't think of : the phrase "in vain". If someone went looking for you and couldn't find them, how would you describe their search? I'd say it was in vain. However, enough people have not been able to grok it to make me wonder if the choice was in vain. : > (When did this variable appear?) : : It's been around for a while: : revision 1.41 : date: 1996/04/04 10:46:39; author: phk; state: Exp; lines: +13 -2 Yes, but the rc.conf variable has been around since earlier this year only. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 22:17:36 1999 Delivered-To: freebsd-net@freebsd.org Received: from sttlpop5.sttl.uswest.net (sttlpop5.sttl.uswest.net [206.81.192.5]) by hub.freebsd.org (Postfix) with SMTP id 355F014D71 for ; Thu, 23 Sep 1999 22:17:23 -0700 (PDT) (envelope-from nchong@uswest.net) Received: (qmail 7110 invoked by alias); 24 Sep 1999 05:16:59 -0000 Delivered-To: fixup-freebsd-net@FreeBSD.ORG@fixme Received: (qmail 7099 invoked by uid 0); 24 Sep 1999 05:16:58 -0000 Received: from ddslppp190.sttl.uswest.net (HELO gchunghome) (216.160.75.190) by sttlpop5.sttl.uswest.net with SMTP; 24 Sep 1999 05:16:58 -0000 From: "N. C. Hong" To: "'Pierre Beyssac'" , Subject: RE: FreeBSD 3.2 bug when calling connect on a UDP socket? Date: Thu, 23 Sep 1999 22:21:02 -0700 Message-ID: <000301bf064c$992e6920$0200000a@gchunghome> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <19990923105131.A99097@enst.fr> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Importance: Normal Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org That shouldn't matter. I don't have to join the UDP socket to a multicast group in order to simply do a sendto of a UDP datagram to that multicast group. Regardless, the behavior still exists even if I explicitly join the UDP socket to the multicast group. Ultimately, I desire to use the more efficient send call to the multicast endpoint by calling connect first. But as the program demonstrates, I am restricted to one doing this from one process per host. -----Original Message----- From: Pierre Beyssac [mailto:beyssac@enst.fr] Sent: Thursday, September 23, 1999 1:52 AM To: N. C. Hong; freebsd-net@FreeBSD.ORG Subject: Re: FreeBSD 3.2 bug when calling connect on a UDP socket? On Wed, Sep 22, 1999 at 11:48:51PM -0700, N. C. Hong wrote: > On FreeBSD 3.2, when running two instances of the following program, the > second instance fails during the connect call. It works fine on Windows NT. > I haven't tested on other platforms. I don't see any reason why two UDP > sockets bound to the same port on the same host can't both be "connected" to > a multicast endpoint. Apparently, you haven't given any indication to the system that you want to connect to a multicast endpoint. You have to use socket option IP_ADD_MEMBERSHIP. See man ip(4). -- Pierre Beyssac pb@enst.fr To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 23: 9:11 1999 Delivered-To: freebsd-net@freebsd.org Received: from pau-router.itb.ac.id (pau-router.ITB.ac.id [167.205.22.99]) by hub.freebsd.org (Postfix) with SMTP id BF727150FE for ; Thu, 23 Sep 1999 23:09:00 -0700 (PDT) (envelope-from dodi@pau-router.itb.ac.id) Received: (qmail 18745 invoked by uid 1001); 24 Sep 1999 13:07:41 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 24 Sep 1999 13:07:41 -0000 Date: Fri, 24 Sep 1999 13:07:41 +0000 (GMT) From: dodi maryanto To: freebsd-net@freebsd.org Subject: sniffit Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I use 2.2.8 Release and try to use sniffit. When I do force sniffit to use ed0, it always give me a core dump. But when I force to use xl0 in same PC , output is okay. Buggy on ed0 ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Thu Sep 23 23:40:20 1999 Delivered-To: freebsd-net@freebsd.org Received: from mail.xmission.com (mail.xmission.com [198.60.22.22]) by hub.freebsd.org (Postfix) with ESMTP id A34CB14EAF for ; Thu, 23 Sep 1999 23:40:18 -0700 (PDT) (envelope-from wes@softweyr.com) Received: from [204.68.178.39] (helo=softweyr.com) by mail.xmission.com with esmtp (Exim 2.12 #2) id 11UP0q-0004rq-00; Fri, 24 Sep 1999 00:39:21 -0600 Message-ID: <37EB1C97.64915398@softweyr.com> Date: Fri, 24 Sep 1999 00:39:19 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.5 [en] (X11; U; FreeBSD 3.1-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: bg24484@binghamton.edu Cc: freebsd-net@FreeBSD.ORG Subject: Re: Tulip drivers for BSD. References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org bg24484@binghamton.edu wrote: > > Can any one tell me the sites for "Well Documented" Tulip drivers for BSD. > I did search a lot but failed. man de They're included in the system; you don't have to go fetch them from some website somewhere. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Fri Sep 24 1:16: 4 1999 Delivered-To: freebsd-net@freebsd.org Received: from btm4r4.alcatel.be (btm4r4.alcatel.be [195.207.101.110]) by hub.freebsd.org (Postfix) with ESMTP id 33EBC1521A for ; Fri, 24 Sep 1999 01:15:56 -0700 (PDT) (envelope-from livensw@rc.bel.alcatel.be) Received: from btmq9s.rc.bel.alcatel.be (btmq9s.rc.bel.alcatel.be [138.203.65.182]) by btm4r4.alcatel.be (8.9.1a/8.9.1) with ESMTP id KAA19098; Fri, 24 Sep 1999 10:14:54 +0200 (MET DST) Received: from btmq9z.rc.bel.alcatel.be (btmq9z [138.203.65.192]) by btmq9s.rc.bel.alcatel.be (8.8.8+Sun/8.8.8) with ESMTP id KAA08274; Fri, 24 Sep 1999 10:15:27 +0200 (MET DST) Received: (from livensw@localhost) by btmq9z.rc.bel.alcatel.be (8.8.8+Sun/8.8.8) id KAA05698; Fri, 24 Sep 1999 10:14:47 +0200 (MET DST) Date: Fri, 24 Sep 1999 10:14:47 +0200 From: Wim Livens To: Derek Jewett Cc: freebsd-net@freebsd.org Subject: Re: Errors - Message-ID: <19990924101447.R10019@rc.bel.alcatel.be> References: <000d01bf05e3$3dfeb140$13ad4ed1@co.shasta.ca.us> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.5i In-Reply-To: <000d01bf05e3$3dfeb140$13ad4ed1@co.shasta.ca.us>; from Derek Jewett on Thu, Sep 23, 1999 at 09:46:48AM -0700 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Sep 23, 1999 at 09:46:48AM -0700, Derek Jewett wrote: > I tailed my messages file and I have a ton of these errors... Anyone know > what this means...? > > > > Sep 19 02:02:30 DSS-FIREWALL ftpd[58086]: control bind: Address already in > use > and in the past there were alot of these... but have not had any since Aug > 31 > > Aug 31 07:51:45 DSS-FIREWALL /kernel: arplookup 158.96.244.12 failed: host > is not on local network Please provide the output of 'netstat -rn' and 'ifconfig -a', the second message looks like you have a wrong netmask somewhere. -- Wim Livens. Alcatel - Corporate Research Center wim.livens@alcatel.be Fr. Wellesplein 1 livensw@rc.bel.alcatel.be B-2018 Antwerpen Tel: +32 3 240 7570 Belgium. Fax: +32 3 240 9932 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message From owner-freebsd-net Sat Sep 25 5:10:59 1999 Delivered-To: freebsd-net@freebsd.org Received: from mx1.lublin.pl (mx1.lublin.pl [212.182.63.76]) by hub.freebsd.org (Postfix) with ESMTP id E0ABE14D2F for ; Sat, 25 Sep 1999 05:10:55 -0700 (PDT) (envelope-from venglin@FreeBSD.lublin.pl) Received: from lagoon.freebsd.lublin.pl ([212.182.117.180]:28936 "HELO lagoon.FreeBSD.lublin.pl") by krupik.man.lublin.pl with SMTP id ; Sat, 25 Sep 1999 14:10:47 +0200 Received: (qmail 48392 invoked by uid 66); 25 Sep 1999 12:10:57 -0000 Received: (qmail 59878 invoked from network); 25 Sep 1999 06:33:27 -0000 Received: from lagoon.gadaczka.org (venglin@192.168.0.2) by mailhost.gadaczka.org with SMTP; 25 Sep 1999 06:33:27 -0000 Message-ID: X-Mailer: XFMail 1.3 [p0] on Linux X-Priority: 3 (Normal) Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7BIT MIME-Version: 1.0 In-Reply-To: X-Operating-System: FreeBSD 3.3-STABLE (i386) X-SMS: +48601383657@text.plusgsm.pl X-PGP: PGP key on WWW or finger X-GeekCode-1: GED d- s+:- a16 C+++ ULB++++$ P+>+++ L+++ E+ W+++$ N+++ X-GeekCode-2: o? K? w--- O M- V PS PE+ Y PGP++ t+ 5 X++ R tv++ b++ DI+ X-GeekCode-3: D++ G e- h! r !y+ Date: Sat, 25 Sep 1999 08:33:17 +0200 (CEST) Organization: Lublin BSD Users Group (www.FreeBSD.lublin.pl) From: Przemyslaw Frasunek To: Chris Shenton Subject: RE: Inetd -l: log *all* connection attempts (not just valid svcs Cc: freebsd-security@FreeBSD.ORG, freebsd-net@FreeBSD.ORG Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- On 23-Sep-99 Chris Shenton wrote: > I'd like a way to log *all* network connection attempts, especially > attempts to services which aren't defined. This would allow me to spot > people scanning my host (where only a few services are enabled). look at www.FreeBSD.lublin.pl/Sources/plogd.c - --- * Fido: 2:480/124 ** WWW: FreeBSD.lublin.pl/~venglin ** GSM: +48-601-062409 * * Inet: venglin@FreeBSD.lublin.pl ** PGP: D48684904685DF43 EA93AFA13BE170BF * -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQCVAwUBN+xsrNO5/yfsePq1AQFc+AQAl7u7o1vvmoatll1K/p+AXt66pWLtbH8F qnzuZBNIg5Mz7XcD87EPafLLGbgi4lJgm7Fq7BubNVjqJfBWd7Nicm3s0aXz92+s DOLqNMPWAPAsdBUQN6xE9RMEAoEq00vOejqxvcoNyw7jkL6uCV9XLi7ms5f63nzJ WJa9zSvCKb0= =KyVK -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message