From owner-freebsd-isp@FreeBSD.ORG Sun Jul 22 07:31:14 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 19BB816A419 for ; Sun, 22 Jul 2007 07:31:14 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx21.fluidhosting.com [204.14.89.4]) by mx1.freebsd.org (Postfix) with SMTP id B0B3213C469 for ; Sun, 22 Jul 2007 07:31:13 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 21218 invoked by uid 399); 22 Jul 2007 07:31:13 -0000 Received: from localhost (HELO ?192.168.0.4?) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 22 Jul 2007 07:31:13 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <46A307BD.5010506@FreeBSD.org> Date: Sun, 22 Jul 2007 00:31:09 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.5 (Windows/20070716) MIME-Version: 1.0 To: freebsd-isp@freebsd.org X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Wanted, FreeBSD hosting provider with IPv6 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: dougb@FreeBSD.org List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jul 2007 07:31:14 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Don't know why it didn't occur to me to ask here before, but here goes. I would like to move my current (fairly limited) hosting needs to an HIP who provides FreeBSD installed on dedicated servers (6.x good, 7.x better) and has native IPv6 bandwidth available. If you meet those criteria, please respond to me with some information on your service and how to contact you. If there are sufficient responses I'll gladly summarize them for the archives. For those of you already on http://www.freebsd.org/commercial/isp.html that have IPv6 let me know and I can add that to your description. If you're not on that page, you might want to consider filing a PR with a brief blurb about your company. :) Thanks, Doug - -- This .signature sanitized for your protection -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) iD8DBQFGowe9yIakK9Wy8PsRAo2zAKD12kqdlcKRCC2D2kQWKIB5/AMxUgCfbbFc X7MYzdLhJP643umiG+snp+4= =ncYV -----END PGP SIGNATURE----- From owner-freebsd-isp@FreeBSD.ORG Sun Jul 22 09:57:29 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 833C116A41A for ; Sun, 22 Jul 2007 09:57:29 +0000 (UTC) (envelope-from technical@halenet.com.au) Received: from helen.halenet.com.au (helen.halenet.com.au [203.55.33.243]) by mx1.freebsd.org (Postfix) with ESMTP id 3D10613C45E for ; Sun, 22 Jul 2007 09:57:29 +0000 (UTC) (envelope-from technical@halenet.com.au) Received: from localhost (localhost.halenet.com.au [127.0.0.1]) by helen.halenet.com.au (Postfix) with ESMTP id 860461143E for ; Sun, 22 Jul 2007 19:25:49 +1000 (EST) X-Virus-Scanned: amavisd-new at halenet.com.au Received: from helen.halenet.com.au ([127.0.0.1]) by localhost (helen.halenet.com.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wkki2jI9xXh1 for ; Sun, 22 Jul 2007 19:25:46 +1000 (EST) Received: from laptopt (wireless-48-210.halenet.com.au [61.88.48.210]) by helen.halenet.com.au (Postfix) with SMTP id EEB6511442 for ; Sun, 22 Jul 2007 19:25:45 +1000 (EST) Message-ID: <00d801c7cc43$44048310$6500a8c0@laptopt> From: "Lists" To: Date: Sun, 22 Jul 2007 19:32:47 +1000 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.3138 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138 Subject: PPPOE ppp.conf ifaddr config X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jul 2007 09:57:29 -0000 Hi All Has anyone successfully configured a ppp.conf file to have 2 differnt C class addresses specified in the ppp.conf? ie: set ifaddr 203.5.3.1 203.5.3.2-203.5.3.254 255.255.255.255 I need to add another c class from another IP range Regards Tim From owner-freebsd-isp@FreeBSD.ORG Tue Jul 24 18:13:20 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B595C16A419 for ; Tue, 24 Jul 2007 18:13:20 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.freebsd.org (Postfix) with SMTP id 1140913C458 for ; Tue, 24 Jul 2007 18:13:15 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: (qmail 26667 invoked from network); 24 Jul 2007 17:46:31 -0000 Received: from unknown (HELO smtp0.wlink.com.np) (202.79.32.96) by 0 with SMTP; 24 Jul 2007 17:46:31 -0000 Received: (qmail 63265 invoked by uid 98); 24 Jul 2007 17:46:31 -0000 Received: from 202.79.55.249 by smtp0.wlink.com.np (envelope-from , uid 1009) with qmail-scanner-1.25 (clamdscan: 0.90.3/3620. Clear:RC:1(202.79.55.249):. Processed in 0.039408 secs); 24 Jul 2007 17:46:31 -0000 X-Qmail-Scanner-Mail-From: janasamit@wlink.com.np via smtp0.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.55.249):. Processed in 0.039408 secs) Received: from 249.55.79.202.wireless.static.wlink.com.np (HELO [202.79.55.249]) by smtp0.wlink.com.np (qmail-smtpd) with SMTP; 24 Jul 2007 17:46:28 -0000 (Tue, 24 Jul 2007 23:31:28 +0545) Message-ID: <46A63AF2.40405@wlink.com.np> Date: Tue, 24 Jul 2007 23:31:26 +0545 From: Samit User-Agent: Thunderbird 2.0.0.4 (X11/20070706) MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Check-By: smtp0.wlink.com.np Spam: No ; 3.6 / 5.0 X-Spam-Status-WL: No, hits=3.6 required=5.0 Subject: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2007 18:13:20 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, iptables can easily do it via mangle table. Is there any way using ipfw2 to change the ttl size of the forwarding packets? Samit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQEVAwUBRqY66Q/ARsiwb5bmAQKGLgf+MbXxXSx3ogu95U1lshz4TBTKkAvTTz3t sUfROowxH/m9DqN/YRWhFL2CoA9hnIUhT0jxf2MWDMp8kvORrZKEm6W+ERt3qvVB CYDWgHggqeUJJK8bIZul6LcmjUk1FG+w2th9161YOr6o53OHzwi2vdl67y4uZM+r f4tlQ92eFclVdOP5KIRzLONmSXAJAYsoPv+OXneJd5Ct8hYq2r+Lepj7GyZLJel+ ZJ86LZHCIjz7TJn4tsHVlWoRu2acihKWGd281gt4WHfnWm24n4RY6PjfsNG0E99I Ac+XBf/paUsx2a7PNPX45qgpM3J/gpHF2WtskUSF4j0HNIN7xiEO5A== =Gb5Q -----END PGP SIGNATURE----- From owner-freebsd-isp@FreeBSD.ORG Tue Jul 24 18:52:20 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9D49716A418 for ; Tue, 24 Jul 2007 18:52:20 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from mail-out3.apple.com (mail-out3.apple.com [17.254.13.22]) by mx1.freebsd.org (Postfix) with ESMTP id 884A913C491 for ; Tue, 24 Jul 2007 18:52:20 +0000 (UTC) (envelope-from cswiger@mac.com) Received: from relay6.apple.com (relay6.apple.com [17.128.113.36]) by mail-out3.apple.com (Postfix) with ESMTP id 4937ACA49B0; Tue, 24 Jul 2007 11:28:04 -0700 (PDT) Received: from relay6.apple.com (unknown [127.0.0.1]) by relay6.apple.com (Symantec Mail Security) with ESMTP id 369E510042; Tue, 24 Jul 2007 11:28:04 -0700 (PDT) X-AuditID: 11807124-a4fb7bb0000007f3-6f-46a644b49427 Received: from [17.214.13.96] (cswiger1.apple.com [17.214.13.96]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by relay6.apple.com (Apple SCV relay) with ESMTP id 225B610025; Tue, 24 Jul 2007 11:28:04 -0700 (PDT) In-Reply-To: <46A63AF2.40405@wlink.com.np> References: <46A63AF2.40405@wlink.com.np> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Chuck Swiger Date: Tue, 24 Jul 2007 11:28:03 -0700 To: Samit X-Mailer: Apple Mail (2.752.2) X-Brightmail-Tracker: AAAAAA== Cc: freebsd-isp@freebsd.org Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2007 18:52:20 -0000 On Jul 24, 2007, at 10:46 AM, Samit wrote: > iptables can easily do it via mangle table. Is there any way using > ipfw2 > to change the ttl size of the forwarding packets? The size of the TTL field is fixed by the IP protocol to 1 byte; perhaps you are looking for the IPFW transparent firewall option, which prevents it from decrementing the TTL in order to make a "hidden" firewall...? -- -Chuck From owner-freebsd-isp@FreeBSD.ORG Tue Jul 24 19:31:19 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8EA9E16A419 for ; Tue, 24 Jul 2007 19:31:19 +0000 (UTC) (envelope-from fjwcash+freebsd@gmail.com) Received: from smtp.sd73.bc.ca (smtp.sd73.bc.ca [142.24.13.140]) by mx1.freebsd.org (Postfix) with ESMTP id 71EA413C467 for ; Tue, 24 Jul 2007 19:31:19 +0000 (UTC) (envelope-from fjwcash+freebsd@gmail.com) Received: from localhost (localhost [127.0.0.1]) by localhost.sd73.bc.ca (Postfix) with ESMTP id 364471A0007C8 for ; Tue, 24 Jul 2007 12:04:28 -0700 (PDT) X-Virus-Scanned: Debian amavisd-new at smtp.sd73.bc.ca Received: from smtp.sd73.bc.ca ([127.0.0.1]) by localhost (smtp.sd73.bc.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id vsWPPA-r-J3r for ; Tue, 24 Jul 2007 12:04:26 -0700 (PDT) Received: from coal (s10.sbo [192.168.0.10]) by smtp.sd73.bc.ca (Postfix) with ESMTP id C7EF51A0007BB for ; Tue, 24 Jul 2007 12:04:25 -0700 (PDT) From: Freddie Cash Organization: School District 73 To: freebsd-isp@freebsd.org Date: Tue, 24 Jul 2007 12:04:19 -0700 User-Agent: KMail/1.9.7 References: <46A63AF2.40405@wlink.com.np> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200707241204.20453.fjwcash+freebsd@gmail.com> Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2007 19:31:19 -0000 On July 24, 2007 11:28 am Chuck Swiger wrote: > On Jul 24, 2007, at 10:46 AM, Samit wrote: > > iptables can easily do it via mangle table. Is there any way using > > ipfw2 > > to change the ttl size of the forwarding packets? > > The size of the TTL field is fixed by the IP protocol to 1 byte; > perhaps you are looking for the IPFW transparent firewall option, > which prevents it from decrementing the TTL in order to make a > "hidden" firewall...? Taken from http://www.linuxtopia.org/Linux_Firewall_iptables/x1196.html: The TTL target is used to change the TTL (Time To Live) field of the packet. We could tell packets to only have a specific TTL and so on. One good reason for this could be that we don't want to give ourself away to nosy Internet Service Providers. Some Internet Service Providers do not like users running multiple computers on one single connection, and there are some Internet Service Providers known to look for a single host generating different TTL values, and take this as one of many signs of multiple computers connected to a single connection. What you are looking for is the IPSTEALTH kernel option, which gives you an ipstealth sysctl that you can toggle. This will change the network stack to either decrement the TTL as per normal (ipstealth=0) or not decrement the TTL (ipstealth=1). -- Freddie Cash, LPIC-2 CCNT CCLP Network Support Technician School District 73 (250) 377-HELP [377-4357] fjwcash+freebsd@gmail.com From owner-freebsd-isp@FreeBSD.ORG Tue Jul 24 19:53:34 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8327516A417 for ; Tue, 24 Jul 2007 19:53:34 +0000 (UTC) (envelope-from idiotbg@gmail.com) Received: from smtp.studnetz.uni-leipzig.de (smtp.studnetz.uni-leipzig.de [139.18.143.252]) by mx1.freebsd.org (Postfix) with ESMTP id 4524113C461 for ; Tue, 24 Jul 2007 19:53:34 +0000 (UTC) (envelope-from idiotbg@gmail.com) Received: from localhost (localhost [127.0.0.1]) by smtp.studnetz.uni-leipzig.de (Postfix) with ESMTP id AC2C825D; Tue, 24 Jul 2007 21:24:37 +0200 (CEST) X-Virus-Scanned: by amavisd-new at studnetz-ul Received: from smtp.studnetz.uni-leipzig.de ([127.0.0.1]) by localhost (smtp.studnetz.uni-leipzig.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vAnGCdRKZuG1; Tue, 24 Jul 2007 21:24:37 +0200 (CEST) Received: from a144026.studnetz.uni-leipzig.de (a144026.studnetz.uni-leipzig.de [139.18.144.26]) by smtp.studnetz.uni-leipzig.de (Postfix) with ESMTP id C5FB825C; Tue, 24 Jul 2007 21:24:36 +0200 (CEST) From: Momchil Ivanov To: freebsd-isp@freebsd.org Date: Tue, 24 Jul 2007 21:24:30 +0200 User-Agent: KMail/1.9.7 References: <46A63AF2.40405@wlink.com.np> In-Reply-To: <46A63AF2.40405@wlink.com.np> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2160212.06u4Re80Jd"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200707242124.35449.idiotbg@gmail.com> Cc: Samit Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 24 Jul 2007 19:53:34 -0000 --nextPart2160212.06u4Re80Jd Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline =D0=9D=D0=B0 Tuesday 24 July 2007 19:46:26 Samit =D0=BD=D0=B0=D0=BF=D0=B8= =D1=81=D0=B0: > Hi, > > iptables can easily do it via mangle table. Is there any way using ipfw2 > to change the ttl size of the forwarding packets? > > Samit > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" As far as I know there is no way to manipulate TTL with ipfw. There is a wa= y=20 to manipulate TTL with pf: http://www.openbsd.org/faq/pf/ =2D-=20 PGP KeyID: 0x3118168B Keyserver: pgp.mit.edu Key fingerprint BB50 2983 0714 36DC D02E =C2=A0158A E03D 56DA 3118 168B =20 --nextPart2160212.06u4Re80Jd Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) iD8DBQBGplHv4D1W2jEYFosRAm6/AKDFr4aJB1a5FFGfwrCXEFCicPlbewCeJrNi C4VyfDrcrsR0v5y1Km/njBY= =YqAc -----END PGP SIGNATURE----- --nextPart2160212.06u4Re80Jd-- From owner-freebsd-isp@FreeBSD.ORG Wed Jul 25 03:34:17 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DE22516A417 for ; Wed, 25 Jul 2007 03:34:17 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.freebsd.org (Postfix) with SMTP id 7EA6D13C467 for ; Wed, 25 Jul 2007 03:34:13 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: (qmail 72664 invoked from network); 25 Jul 2007 03:34:08 -0000 Received: from unknown (HELO smtp0.wlink.com.np) (202.79.32.96) by 0 with SMTP; 25 Jul 2007 03:34:08 -0000 Received: (qmail 95206 invoked by uid 98); 25 Jul 2007 03:34:08 -0000 Received: from 202.79.55.249 by smtp0.wlink.com.np (envelope-from , uid 1009) with qmail-scanner-1.25 (clamdscan: 0.90.3/3620. Clear:RC:1(202.79.55.249):. Processed in 0.039099 secs); 25 Jul 2007 03:34:08 -0000 X-Qmail-Scanner-Mail-From: janasamit@wlink.com.np via smtp0.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.55.249):. Processed in 0.039099 secs) Received: from 249.55.79.202.wireless.static.wlink.com.np (HELO [202.79.55.249]) by smtp0.wlink.com.np (qmail-smtpd) with SMTP; 25 Jul 2007 03:34:05 -0000 (Wed, 25 Jul 2007 09:19:05 +0545) Message-ID: <46A6C4AA.1010301@wlink.com.np> Date: Wed, 25 Jul 2007 09:19:02 +0545 From: Samit User-Agent: Thunderbird 2.0.0.4 (X11/20070706) MIME-Version: 1.0 To: Chuck Swiger References: <46A63AF2.40405@wlink.com.np> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Check-By: smtp0.wlink.com.np Spam: No ; 4.0 / 5.0 X-Spam-Status-WL: No, hits=4.0 required=5.0 Cc: freebsd-isp@freebsd.org Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jul 2007 03:34:17 -0000 Chuck Swiger wrote: > On Jul 24, 2007, at 10:46 AM, Samit wrote: >> iptables can easily do it via mangle table. Is there any way using ipfw2 >> to change the ttl size of the forwarding packets? > > The size of the TTL field is fixed by the IP protocol to 1 byte; perhaps > you are looking for the IPFW transparent firewall option, which prevents > it from decrementing the TTL in order to make a "hidden" firewall...? > The other way round,want to lower the TTL as much as I want, as soon as it passes my firewall. Samit From owner-freebsd-isp@FreeBSD.ORG Wed Jul 25 04:08:11 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C257B16A417 for ; Wed, 25 Jul 2007 04:08:11 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: from smtp5.wlink.com.np (smtp5.wlink.com.np [202.79.32.52]) by mx1.freebsd.org (Postfix) with SMTP id 2BE2E13C45E for ; Wed, 25 Jul 2007 04:08:06 +0000 (UTC) (envelope-from janasamit@wlink.com.np) Received: (qmail 78967 invoked from network); 25 Jul 2007 04:08:02 -0000 Received: from unknown (HELO smtp1.wlink.com.np) (202.79.32.76) by 0 with SMTP; 25 Jul 2007 04:08:02 -0000 Received: (qmail 36424 invoked by uid 98); 25 Jul 2007 04:08:02 -0000 Received: from 202.79.55.249 by smtp1.wlink.com.np (envelope-from , uid 1009) with qmail-scanner-1.25 (clamdscan: 0.88.4/2205. Clear:RC:1(202.79.55.249):. Processed in 0.209662 secs); 25 Jul 2007 04:08:02 -0000 X-Qmail-Scanner-Mail-From: janasamit@wlink.com.np via smtp1.wlink.com.np X-Qmail-Scanner: 1.25 (Clear:RC:1(202.79.55.249):. Processed in 0.209662 secs) Received: from [202.79.55.249] (HELO [202.79.55.249]) by smtp1.wlink.com.np (qmail-smtpd) with SMTP; 25 Jul 2007 04:07:54 -0000 (Wed, 25 Jul 2007 09:52:54 +0545) Message-ID: <46A6CC96.8020609@wlink.com.np> Date: Wed, 25 Jul 2007 09:52:50 +0545 From: Samit User-Agent: Thunderbird 2.0.0.4 (X11/20070706) MIME-Version: 1.0 To: Momchil Ivanov References: <46A63AF2.40405@wlink.com.np> <200707242124.35449.idiotbg@gmail.com> In-Reply-To: <200707242124.35449.idiotbg@gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit X-Spam-Check-By: smtp1.wlink.com.np Spam: No ; 0.6 / 5.0 X-Spam-Status-WL: No, hits=0.6 required=5.0 Cc: freebsd-isp@freebsd.org Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jul 2007 04:08:11 -0000 Momchil Ivanov wrote: > ?? Tuesday 24 July 2007 19:46:26 Samit ??????: >> Hi, >> >> iptables can easily do it via mangle table. Is there any way using ipfw2 >> to change the ttl size of the forwarding packets? >> >> Samit >> >> _______________________________________________ >> freebsd-isp@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > As far as I know there is no way to manipulate TTL with ipfw. There is a way > to manipulate TTL with pf: http://www.openbsd.org/faq/pf/ > Cannot migrate to pf as I am using dummynet. min-ttl option in pf packet option seems only increase ttl to a given value? no max-ttl :) . From owner-freebsd-isp@FreeBSD.ORG Fri Jul 27 13:19:38 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A922F16A41A for ; Fri, 27 Jul 2007 13:19:38 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: from web54301.mail.re2.yahoo.com (web54301.mail.re2.yahoo.com [206.190.49.111]) by mx1.freebsd.org (Postfix) with SMTP id 4712F13C468 for ; Fri, 27 Jul 2007 13:19:38 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: (qmail 52488 invoked by uid 60001); 27 Jul 2007 13:19:37 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.hk; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=Qo9uCZFAzllgvp3Ak6rD9LBc250c49E8YDMZcPuN7dbBSxQumQnqguEUgohseXE2Vzjsf+IVuan7slCO2zN2DPSB4SP5H6jU5mWbD2r+iAhQAO0yjt7UGOByL1sfEBQCnhjB3lKikVIxbtzy0f9R0Z+Ab6Tv5wwjsdru1ifFe9o=; X-YMail-OSG: jgZwOBAVM1nP35midtyi8lSzvhdGgHGfup5LYpyk_.3Feu9LRqCxNjHrrqOTmjCKww-- Received: from [61.15.61.52] by web54301.mail.re2.yahoo.com via HTTP; Fri, 27 Jul 2007 06:19:37 PDT Date: Fri, 27 Jul 2007 06:19:37 -0700 (PDT) From: Patrick Dung To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <413095.46144.qm@web54301.mail.re2.yahoo.com> Cc: freebsd-isp@freebsd.org Subject: ISC bind9 with dynamic DNS update (chroot problem) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 13:19:38 -0000 Hi I use FreeBSD 6.2 and the base bind9. For dynamic DNS update, bind9 automatically generate the journal file (end in .jnl). The default config is to use chroot and the running user as 'bind'. The problem is that after named is started (/etc/init.d/named start), the default chroot directory /var/named/etc/named permission will be reset to own by root. So the named daemon (run as user 'bind') cannot create the journal file and complain: Jul 27 21:06:54 fbsd62 named[2862]: general: localdomain.db.jnl: create: permission denied One temp fix is to use chroot and run as root, any suggestions? Regards Patrick ____________________________________________________________________________________ Be a better Globetrotter. Get better travel answers from someone who knows. Yahoo! Answers - Check it out. http://answers.yahoo.com/dir/?link=list&sid=396545469 From owner-freebsd-isp@FreeBSD.ORG Fri Jul 27 16:06:18 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4249F16A41B for ; Fri, 27 Jul 2007 16:06:18 +0000 (UTC) (envelope-from ob@gruft.de) Received: from obh.snafu.de (v6.gruft.de [IPv6:2001:1560:2342::2]) by mx1.freebsd.org (Postfix) with ESMTP id DD76C13C46A for ; Fri, 27 Jul 2007 16:06:17 +0000 (UTC) (envelope-from ob@gruft.de) Received: from ob by obh.snafu.de with local (Exim 4.67 (FreeBSD)) (envelope-from ) id 1IESKX-0006U6-0v for freebsd-isp@freebsd.org; Fri, 27 Jul 2007 18:06:17 +0200 Date: Fri, 27 Jul 2007 18:06:16 +0200 From: Oliver Brandmueller To: freebsd-isp@freebsd.org Message-ID: <20070727160616.GM44043@e-Gitt.NET> References: <413095.46144.qm@web54301.mail.re2.yahoo.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dWYAkE0V1FpFQHQ3" Content-Disposition: inline In-Reply-To: <413095.46144.qm@web54301.mail.re2.yahoo.com> User-Agent: Mutt/1.5.16 (2007-06-09) Sender: Oliver Brandmueller Subject: Re: ISC bind9 with dynamic DNS update (chroot problem) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 16:06:18 -0000 --dWYAkE0V1FpFQHQ3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Mornin', On Fri, Jul 27, 2007 at 06:19:37AM -0700, Patrick Dung wrote: > The problem is that after named is started (/etc/init.d/named start), > the default chroot directory /var/named/etc/named permission will be > reset to own by root. So the named daemon (run as user 'bind') cannot > create the journal file and complain: Create a subdir for your zones, just as anybody else :-) - Olli --=20 | Oliver Brandmueller | Offenbacher Str. 1 | Germany D-14197 Berlin | | Fon +49-172-3130856 | Fax +49-172-3145027 | WWW: http://the.addict.de/ | | Ich bin das Internet. Sowahr ich Gott helfe. | | Eine gewerbliche Nutzung aller enthaltenen Adressen ist nicht gestattet! | --dWYAkE0V1FpFQHQ3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.4 (FreeBSD) iD8DBQFGqhf4iqtMdzjafykRAhDGAKCYrV6jw3K5Rsi8JbZE36vpQVhWrQCgw6el u/JnnO2Sjjc8uTU9t9ABTMs= =Ue5T -----END PGP SIGNATURE----- --dWYAkE0V1FpFQHQ3-- From owner-freebsd-isp@FreeBSD.ORG Fri Jul 27 21:15:39 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 83A4416A420 for ; Fri, 27 Jul 2007 21:15:39 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with SMTP id 17E4F13C481 for ; Fri, 27 Jul 2007 21:15:38 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 18154 invoked by uid 399); 27 Jul 2007 21:15:38 -0000 Received: from localhost (HELO ?192.168.0.4?) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 27 Jul 2007 21:15:38 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <46AA6078.6020300@FreeBSD.org> Date: Fri, 27 Jul 2007 14:15:36 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.5 (Windows/20070716) MIME-Version: 1.0 To: Patrick Dung References: <413095.46144.qm@web54301.mail.re2.yahoo.com> In-Reply-To: <413095.46144.qm@web54301.mail.re2.yahoo.com> X-Enigmail-Version: 0.95.2 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org Subject: Re: ISC bind9 with dynamic DNS update (chroot problem) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jul 2007 21:15:39 -0000 Patrick Dung wrote: > Hi > > I use FreeBSD 6.2 and the base bind9. > For dynamic DNS update, bind9 automatically generate the journal file > (end in .jnl). > The default config is to use chroot and the running user as 'bind'. > > The problem is that after named is started (/etc/init.d/named start), Are you sure you're doing this on FreeBSD? We have rc.d, not initd. Assuming that was just a typo ... > the default chroot directory /var/named/etc/named The default directory is /etc/namedb, which is a symlink to /var/named/etc/namedb. > permission will be reset to own by root. So the named daemon (run > as user 'bind') cannot create the journal file and complain: You shouldn't be creating journal files in the config directory anyway. > One temp fix is to use chroot and run as root, any suggestions? Yeah, don't run named as root. Ever. :) Assuming that you are actually running FreeBSD, and that you have not turned off the mtree option, you should have the following directories in /etc/namedb: drwxr-xr-x 2 bind wheel 512 Jul 23 00:47 dynamic/ drwxr-xr-x 2 root wheel 512 Jul 13 22:33 master/ drwxr-xr-x 2 bind wheel 512 Jul 27 14:05 slave/ The dynamic directory is obviously designed to hold dynamic zones, and it (like the slave directory) is chowned to user bind so that named can write to it after it drops privileges. hth, Doug -- This .signature sanitized for your protection