From owner-freebsd-isp Sun Nov 5 5:58:46 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gerbang.untan.ac.id (gerbang.untan.ac.id [167.205.153.129]) by hub.freebsd.org (Postfix) with SMTP id 71CB237B479 for ; Sun, 5 Nov 2000 05:56:25 -0800 (PST) Received: (qmail 337 invoked by uid 1001); 5 Nov 2000 12:49:38 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 5 Nov 2000 12:49:38 -0000 Date: Sun, 5 Nov 2000 20:49:38 +0800 (BORT) From: Salihin To: FreeBSD-ISP Subject: Configurasi Cisco and TACACS Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, i need help Does anyone can give me example configuration TACACS and NAS (Cisco 2511) i need example configuration like this .. --- in TACACS file ---------------- user using file "/etc/passwd" service PPP (STATIC IP) , pap/chap and then log file like wtmp .. ---------------------------------- thanks, best regards. Salihin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 5 12:25: 8 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by hub.freebsd.org (Postfix) with ESMTP id 4091837B4CF for ; Sun, 5 Nov 2000 12:25:05 -0800 (PST) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id WAA64514 for ; Sun, 5 Nov 2000 22:25:02 +0200 Date: Sun, 5 Nov 2000 22:25:02 +0200 (WET) From: Evren Yurtesen To: freebsd-isp@freebsd.org Subject: sendmail and auth Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org is there anybody using sendmail with authentication support? I want to authenticate users before they send email if they are coming from another domain than which is defined in relay-domains file. thanks Evren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 5 17:35:44 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hotmail.com (oe35.pav0.hotmail.com [64.4.32.115]) by hub.freebsd.org (Postfix) with ESMTP id 2D38137B4CF; Sun, 5 Nov 2000 17:35:41 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sun, 5 Nov 2000 17:35:41 -0800 X-Originating-IP: [209.187.170.44] From: "Jonathan M. Slivko" To: Subject: Pine 4.30 Date: Sun, 5 Nov 2000 20:36:15 -0500 MIME-Version: 1.0 X-Mailer: MSN Explorer 6.00.0009.1102 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0005_01C04768.0B634580" Message-ID: X-OriginalArrivalTime: 06 Nov 2000 01:35:41.0160 (UTC) FILETIME=[DF7B3E80:01C04791] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ------=_NextPart_001_0005_01C04768.0B634580 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable According to this list, there is a new version of UW Pine, version 4.30. = I'm wondering: Does this new version fix the problem that made the commit= ting team (Kris Kennaway in particular) mark the port as forbidden? I wou= ld like to know so I can get the fixed version and offer it to my users i= nstead of elm, etc. that I am offering now. Thanks. -- Jonathan M. Slivko= ___________________________________________________________ Get more from your time online. FREE MSN Explorer download : http://expl= orer.msn.com ------=_NextPart_001_0005_01C04768.0B634580 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
According to this li= st, there is a new version of UW Pine, version 4.30. I'm wondering: Does = this new version fix the problem that made the committing team (Kris Kenn= away in particular) mark the port as forbidden? I would like to know= so I can get the fixed version and offer it to my users instead of elm, = etc. that I am offering now. Thanks. -- Jonathan M. Slivko

___________________________________________________________
Get= more from your time online. FREE MSN Explorer download : http://explore= r.msn.com ------=_NextPart_001_0005_01C04768.0B634580-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 5 17:39:37 2000 Delivered-To: freebsd-isp@freebsd.org Received: from silby.com (cb34181-c.mdsn1.wi.home.com [24.183.3.139]) by hub.freebsd.org (Postfix) with ESMTP id 5D66D37B4D7 for ; Sun, 5 Nov 2000 17:39:33 -0800 (PST) Received: (qmail 40220 invoked by uid 1000); 6 Nov 2000 01:39:32 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 6 Nov 2000 01:39:32 -0000 Date: Sun, 5 Nov 2000 19:39:32 -0600 (CST) From: Mike Silbersack To: "Jonathan M. Slivko" Cc: freebsd-security@freebsd.org, freebsd-isp@freebsd.org Subject: Re: Pine 4.30 In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, 5 Nov 2000, Jonathan M. Slivko wrote: > According to this list, there is a new version of UW Pine, version 4.30. I'm wondering: Does this new version fix the problem that made the committing team (Kris Kennaway in particular) mark the port as forbidden? I would like to know so I can get the fixed version and offer it to my users instead of elm, etc. that I am offering now. Thanks. -- Jonathan M. Slivko___________________________________________________________ The forbidden marking was due to the general bad coding style of pine. This has not changed sufficiently with 4.30. However, there are no (publically) known security issues with the latest 4.21 from ports or 4.30. So, the question of whether it's safe or not depends on your level of paranoia. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:19:52 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.sai.co.za (ns1.amandla.co.za [196.33.40.1]) by hub.freebsd.org (Postfix) with ESMTP id E672237B657 for ; Mon, 6 Nov 2000 04:19:44 -0800 (PST) Received: from fdisk (dave.sai.co.za [196.33.40.17]) by mail.sai.co.za (8.9.3/8.9.3) with SMTP id OAA37530 for ; Mon, 6 Nov 2000 14:20:15 +0200 (SAST) (envelope-from davew@sai.co.za) Message-ID: <027901c047eb$ccf15ab0$112821c4@sai.co.za> From: "Dave Wilson" To: Subject: Limited FTP accounts Date: Mon, 6 Nov 2000 14:19:24 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi guys, howzit going ? Any one got any ideas on how to restrict an FTP user to only accessing his home directory and nothing else ? See I want a normal user to have access to nothing else other than his home directory. Thanks. Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is "General Failure", and what is he doing reading my hard disk ?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:23:26 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hitline.ch (unknown [195.129.74.66]) by hub.freebsd.org (Postfix) with ESMTP id 237F937B479 for ; Mon, 6 Nov 2000 04:23:23 -0800 (PST) Received: from [195.129.74.2] (HELO [10.10.10.150]) by hitline.ch (CommuniGate Pro SMTP 3.3b9) with ESMTP id 2665450 for freebsd-isp@freebsd.org; Mon, 06 Nov 2000 13:27:01 +0100 Mime-Version: 1.0 X-Sender: moshea%tronic-group.com@mail.com4u.ch Message-Id: In-Reply-To: <027901c047eb$ccf15ab0$112821c4@sai.co.za> References: <027901c047eb$ccf15ab0$112821c4@sai.co.za> Date: Mon, 6 Nov 2000 13:23:11 +0100 To: freebsd-isp@freebsd.org From: Michael O Shea Subject: Re: Limited FTP accounts Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Hi guys, howzit going ? > >Any one got any ideas on how to restrict an FTP user to only accessing his >home directory and nothing else ? >See I want a normal user to have access to nothing else other than his home >directory. >Thanks. > You need to chroot them into their own homedirs. Most FTPDs can do this , some with better security than others. I have used this with both wuftpd and proftpd. -- Micheal O Shea ----------------------------------------------------- com-o-tronic ag Micheal O Shea, Systems Engineer Gewerbepark CH-5506 M=E4genwil E-Mail micheal@com4u.ch Voice: +41 62 887 3734 =46ax: +41 62 896 1133 Internet: http://www.com4u.ch http://www.ehitline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:28:12 2000 Delivered-To: freebsd-isp@freebsd.org Received: from livia.netfoo.org (ppp11-iligan.mozcom.com [206.151.137.172]) by hub.freebsd.org (Postfix) with ESMTP id CE96137B4CF for ; Mon, 6 Nov 2000 04:28:05 -0800 (PST) Received: from kreaper by livia.netfoo.org with local (Exim 3.16 #1 (Debian)) id 13shcv-0000QC-00 for ; Mon, 06 Nov 2000 16:27:37 +0800 Date: Mon, 6 Nov 2000 16:27:37 +0800 To: freebsd-isp@freebsd.org Subject: Re: Limited FTP accounts Message-ID: <20001106162737.A1614@livia.netfoo.org> References: <027901c047eb$ccf15ab0$112821c4@sai.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: ; from moshea@tronic-group.com on Mon, Nov 06, 2000 at 01:23:11PM +0100 From: Livia Admin Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org how bout sharing us your config of proftpd? On Mon, Nov 06, 2000 at 01:23:11PM +0100, Michael O Shea wrote: > >Hi guys, howzit going ? > > > >Any one got any ideas on how to restrict an FTP user to only accessing his > >home directory and nothing else ? > >See I want a normal user to have access to nothing else other than his home > >directory. > >Thanks. > > > You need to chroot them into their own homedirs. > Most FTPDs can do this , some with better security than others. > I have used this with both wuftpd and proftpd. > -- > > Micheal O Shea > > ----------------------------------------------------- > com-o-tronic ag > Micheal O Shea, Systems Engineer > Gewerbepark > CH-5506 Mägenwil > > E-Mail micheal@com4u.ch > > Voice: +41 62 887 3734 > Fax: +41 62 896 1133 > > Internet: http://www.com4u.ch http://www.ehitline.ch > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:30: 9 2000 Delivered-To: freebsd-isp@freebsd.org Received: from jupiter.pwm.neonline.net (jupiter.pwm.neonline.net [207.228.202.48]) by hub.freebsd.org (Postfix) with ESMTP id 5E65E37B479 for ; Mon, 6 Nov 2000 04:30:07 -0800 (PST) Received: from adam (150-110.suscom-maine.net [207.5.150.110]) by jupiter.pwm.neonline.net (8.9.3/8.9.3) with SMTP id HAA88233; Mon, 6 Nov 2000 07:26:28 -0500 (EST) (envelope-from adam@neonline.net) From: "Adam Herzog" To: "Dave Wilson" , Subject: RE: Limited FTP accounts Date: Mon, 6 Nov 2000 07:25:50 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 In-Reply-To: <027901c047eb$ccf15ab0$112821c4@sai.co.za> Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm doing that for my users, now... I followed the instructions here without any problem: http://www.freebsddiary.org/ftpd-ls.html -Adam -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dave Wilson Sent: Monday, November 06, 2000 7:19 AM To: freebsd-isp@FreeBSD.ORG Subject: Limited FTP accounts Hi guys, howzit going ? Any one got any ideas on how to restrict an FTP user to only accessing his home directory and nothing else ? See I want a normal user to have access to nothing else other than his home directory. Thanks. Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is "General Failure", and what is he doing reading my hard disk ?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:35:59 2000 Delivered-To: freebsd-isp@freebsd.org Received: from donhost.co.uk (t1o315p25.teliauk.com [195.12.242.25]) by hub.freebsd.org (Postfix) with ESMTP id 6F33237B4CF for ; Mon, 6 Nov 2000 04:35:55 -0800 (PST) Received: from doncasterser1 [127.0.0.1] by 0risknames.net [127.0.0.1] with SMTP (MDaemon.v2.84.R) for ; Mon, 06 Nov 2000 12:36:32 +0000 From: "Daniel Conlon" To: "Dave Wilson" , Subject: RE: Limited FTP accounts Date: Mon, 6 Nov 2000 12:36:31 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <027901c047eb$ccf15ab0$112821c4@sai.co.za> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal X-MDaemon-Deliver-To: freebsd-isp@FreeBSD.ORG X-Return-Path: daniel@donhost.co.uk Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You have achieve this with the chroot facility built into the FreeBSD = native FTP server. Details on the 'ftpd' man page. For even greater security, try wu-ftp, you can chroot them into their = public_html directory within their home directory. Kind Regards, Daniel Conlon Donhost ########################## Tel: +44 (0)800 956 7642 Fax: +44 (0)8707 41 51 07 http://www.donhost.co.uk ##########################=20 > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dave Wilson > Sent: 06 November 2000 12:19 > To: freebsd-isp@FreeBSD.ORG > Subject: Limited FTP accounts >=20 >=20 > Hi guys, howzit going ? >=20 > Any one got any ideas on how to restrict an FTP user to only accessing = his > home directory and nothing else ? > See I want a normal user to have access to nothing else other=20 > than his home > directory. > Thanks. >=20 > Regards > Dave Wilson > The S.A. Internet > (033) 3456777 > 0825496159 > http://www.sai.co.za > "Who is "General Failure", and what is he doing reading my hard disk = ?" >=20 >=20 >=20 >=20 >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:38: 1 2000 Delivered-To: freebsd-isp@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id B201237B479 for ; Mon, 6 Nov 2000 04:37:58 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1501) id 983D41360E; Mon, 6 Nov 2000 07:38:02 -0500 (EST) Date: Mon, 6 Nov 2000 07:38:02 -0500 From: Chris Faulhaber To: Daniel Conlon Cc: Dave Wilson , freebsd-isp@FreeBSD.ORG Subject: Re: Limited FTP accounts Message-ID: <20001106073802.A19501@peitho.fxp.org> References: <027901c047eb$ccf15ab0$112821c4@sai.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from daniel@donhost.co.uk on Mon, Nov 06, 2000 at 12:36:31PM -0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Nov 06, 2000 at 12:36:31PM -0000, Daniel Conlon wrote: > You have achieve this with the chroot facility built into the FreeBSD native FTP server. Details on the 'ftpd' man page. > > For even greater security, try wu-ftp, you can chroot them into their public_html directory within their home directory. > Of course, you might want to familiarize yourself with all the wu-ftpd exploits/holes reported over the past few years before equating wu-ftpd with security. -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 4:55:16 2000 Delivered-To: freebsd-isp@freebsd.org Received: from donhost.co.uk (t1o315p25.teliauk.com [195.12.242.25]) by hub.freebsd.org (Postfix) with ESMTP id 226B737B4D7 for ; Mon, 6 Nov 2000 04:55:11 -0800 (PST) Received: from doncasterser1 [127.0.0.1] by 0risknames.net [127.0.0.1] with SMTP (MDaemon.v2.84.R) for ; Mon, 06 Nov 2000 12:55:31 +0000 From: "Daniel Conlon" To: "Chris Faulhaber" , Subject: RE: Limited FTP accounts Date: Mon, 6 Nov 2000 12:55:31 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20001106073802.A19501@peitho.fxp.org> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal X-MDaemon-Deliver-To: freebsd-isp@FreeBSD.ORG X-Return-Path: daniel@donhost.co.uk Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Apologies, should have phrased that one differently: For even greater _flexibility_, try wu-ftp, you can chroot them into = their public_html directory within their home directory. It tends to prevent users screwing up the dotfiles in there, mistaking = the bin directory for their cgi-bin directory etc. Kind Regards, Daniel Conlon Donhost ########################## Tel: +44 (0)800 956 7642 Fax: +44 (0)8707 41 51 07 http://www.donhost.co.uk ##########################=20 > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Chris Faulhaber > Sent: 06 November 2000 12:38 > To: Daniel Conlon > Cc: Dave Wilson; freebsd-isp@FreeBSD.ORG > Subject: Re: Limited FTP accounts >=20 >=20 > On Mon, Nov 06, 2000 at 12:36:31PM -0000, Daniel Conlon wrote: > > You have achieve this with the chroot facility built into the=20 > FreeBSD native FTP server. Details on the 'ftpd' man page. > >=20 > > For even greater security, try wu-ftp, you can chroot them into=20 > their public_html directory within their home directory. > >=20 >=20 > Of course, you might want to familiarize yourself with all the wu-ftpd > exploits/holes reported over the past few years before equating > wu-ftpd with security. >=20 > --=20 > Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org > -------------------------------------------------------- > FreeBSD: The Power To Serve - http://www.FreeBSD.org >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 5:14:56 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hitline.ch (unknown [195.129.74.66]) by hub.freebsd.org (Postfix) with ESMTP id EAB2937B479 for ; Mon, 6 Nov 2000 05:14:53 -0800 (PST) Received: from [195.129.74.2] (HELO [10.10.10.150]) by hitline.ch (CommuniGate Pro SMTP 3.3b9) with ESMTP id 2665823 for freebsd-isp@freebsd.org; Mon, 06 Nov 2000 14:18:38 +0100 Mime-Version: 1.0 X-Sender: moshea%tronic-group.com@mail.com4u.ch Message-Id: In-Reply-To: <20001106162737.A1614@livia.netfoo.org> References: <027901c047eb$ccf15ab0$112821c4@sai.co.za> <20001106162737.A1614@livia.netfoo.org> Date: Mon, 6 Nov 2000 14:14:47 +0100 To: freebsd-isp@freebsd.org From: Michael O Shea Subject: Re: Limited FTP accounts Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >how bout sharing us your config of proftpd? No need, its only one line, DefaultRoot ~ -- Micheal O Shea ----------------------------------------------------- com-o-tronic ag Micheal O Shea, Systems Engineer Gewerbepark CH-5506 M=E4genwil E-Mail micheal@com4u.ch Voice: +41 62 887 3734 =46ax: +41 62 896 1133 Internet: http://www.com4u.ch http://www.ehitline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 7:19:10 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by hub.freebsd.org (Postfix) with ESMTP id BBDE937B682 for ; Mon, 6 Nov 2000 07:19:00 -0800 (PST) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id RAA31114; Mon, 6 Nov 2000 17:18:40 +0200 Date: Mon, 6 Nov 2000 17:18:40 +0200 (WET) From: Evren Yurtesen To: kirk Bailey Cc: jfporter@howlermonkey.net, freebsd-isp@freebsd.org Subject: Re: sendmail and auth In-Reply-To: <3A0630D4.F37AD787@netzero.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Well I ment if somebody is using Authentication with sendmail. You know in your mail client you can set your password and username so the server can authenticate you when you are sending email. I see this is available in the latest versions of sendmail. Sendmail now supports SMTP authentication I guess... Quote from the readme is below; +--------------------------------+ | SMTP AUTHENTICATION | +--------------------------------+ The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be used in anti-relay rulesets to allow relaying for those users that authenticated themselves. A very simple example is: SLocal_check_rcpt R$* $: $&{auth_type} R$+ $# OK which checks whether a user has successfully authenticated using any available mechanism. Depending on the setup of the CYRUS SASL library, more sophisticated rulesets might be required, e.g., SLocal_check_rcpt R$* $: $&{auth_type} $| $&{auth_authen} RDIGEST-MD5 $| $+@$=w $# OK to allow relaying for users that authenticated using DIGEST-MD5 and have an identity in the local domains. The ruleset Strust_auth is used to determine whether a given AUTH= parameter (that is passed to this ruleset) should be trusted. This ruleset may make use of the other ${auth_*} macros. Only if the ruleset resolves to the error mailer, the AUTH= parameter is not trusted. A user supplied ruleset Local_trust_auth can be written to modify the default behavior, which only trust the AUTH= parameter if it is identical to the authenticated user. Per default, relaying is allowed for any user who authenticated via a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(`list of mechanisms') --------------------------------------------------------------------------- I just wondered if anybody configured this so far? This is quite handy when your customers do connect from a lot of different ISP's which doesnt offer SMTP service or the other ISP is also offering SMTP service to their customers only with SMTP authentication etc. Evren On Sun, 5 Nov 2000, kirk Bailey wrote: > Sure do. SMTP is unlocked for a limited time when they successfully pop > the account. THAT individual IP is listed in a table of authorized > users. every foo minutes it is erased, so we have to pop again to > continue accessing. This is a bit of a hack, but ALL pop before send is > a hack, out of the box the sendmail does not handle pop before send. > > As an aside, to help resist spam, limit the max number od deamon > children to some modest number, and the max number of recipients per > envope. We opted for 12 ceamon children and 10 recipeints. This alone is > VERY fustrating to someone who wants to send out 100,000+ addresses. > > The pop 2 send project is still under devlopment. It works, but is a bit > f a kludge. when the code smith in the team has time, he will refine the > process to drop CRON out of the deal, and write a C executable instead > of perl scripting to handle file management. When that is done and > debugged, and we feel it is ready for public light, we will talk about > offering it- and his services- to the public. > > for now, I would not want to accept responsibility for handing you an > app which is in effect a working ALPHA version of something. > > But feel free to write us. As a in team courtesy to Jim, I am CCing a > copy of this letter to him. PLEASE conduct correspoondance with me, as > he is VERY busy right now with several contracts. > > > Evren Yurtesen wrote: > > > > is there anybody using sendmail with authentication support? > > I want to authenticate users before they send email if they are coming > > from another domain than which is defined in relay-domains file. > > thanks > > Evren > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > -- > > > > -Respectfully, > -Kirk D Bailey > > > end > ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ > |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| > | _ \___ __ _ __| |_(_)_ _ __ _| |_| |_ ___ / __/ _ \| \| | > | / _ Y _` (_-< _| | ' \/ _` | _| ' \/ -_) (_| (_) | .` |_ > |_|_\___|__,_/__/\__|_|_||_\__, |\__|_||_\___|\___\___/|_|\_( ) > |___/ |/ > > Kirk Bailey, consulting loose cannon > > www.howlermonkey.net highprimate@howlermonkey.net > http://gipco.webjump.com idiot1@netzero.net > _ _ _ _ > ___ _ _ ___ _ _ _ _| |_ __ _| |_ __ _| |_(_)_ __ ___ > / _ \ ' \/ -_) ' \ || | _/ _` | _/ _` | _| | ' \/ -_)_ > \___/_||_\___|_||_\_,_|\__\__,_|\__\__,_|\__|_|_|_|_\___(_)_ ___ > |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| > > > _______________________________________________ > Why pay for something you could get for free? > NetZero provides FREE Internet Access and Email > http://www.netzero.net/download/index.html > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 9: 3:39 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.hiwaay.net (fly.HiWAAY.net [208.147.154.56]) by hub.freebsd.org (Postfix) with ESMTP id D785A37B4C5 for ; Mon, 6 Nov 2000 09:03:35 -0800 (PST) Received: from bonsai.knology.net (user-24-214-88-8.knology.net [24.214.88.8]) by mail.hiwaay.net (8.11.0/8.11.0) with ESMTP id eA6H3T715876; Mon, 6 Nov 2000 11:03:30 -0600 (CST) Received: (from steve@localhost) by bonsai.knology.net (8.11.0/8.9.3) id eA6H3Tx51475; Mon, 6 Nov 2000 11:03:29 -0600 (CST) (envelope-from steve) Date: Mon, 6 Nov 2000 11:03:28 -0600 From: Steve Price To: Dave Wilson Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Limited FTP accounts Message-ID: <20001106110328.B70975@bonsai.knology.net> References: <027901c047eb$ccf15ab0$112821c4@sai.co.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <027901c047eb$ccf15ab0$112821c4@sai.co.za>; from davew@sai.co.za on Mon, Nov 06, 2000 at 02:19:24PM +0200 X-Operating-System: FreeBSD 5.0-CURRENT i386 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Nov 06, 2000 at 02:19:24PM +0200, Dave Wilson wrote: # # Any one got any ideas on how to restrict an FTP user to only accessing his # home directory and nothing else ? # See I want a normal user to have access to nothing else other than his home # directory. From the ftpd() manpage: 5. If the user name appears in the file /etc/ftpchroot, or the user is a member of a group with a group entry in this file, i.e. one prefixed with `@', the session's root will be changed to the user's login directory by chroot(2) as for an ``anonymous'' or ``ftp'' account (see next item). This facil- ity may also be triggered by enabling the boolean "ftp-chroot" capability in login.conf(5). However, the user must still supply a password. This feature is intended as a compromise between a fully anonymous account and a fully privileged ac- count. The account should also be set up as for an anonymous account. -steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 10:13:53 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gifw.genroco.com (genroco.com [205.254.195.202]) by hub.freebsd.org (Postfix) with ESMTP id 5E0A337B479 for ; Mon, 6 Nov 2000 10:13:48 -0800 (PST) Received: from gi2.genroco.com (gi2.genroco.com [192.133.120.3]) by gifw.genroco.com (8.9.3/8.9.3) with ESMTP id MAA14890; Mon, 6 Nov 2000 12:13:43 -0600 Received: from scot.genroco.com (scot.genroco.com [192.133.120.125]) by gi2.genroco.com (8.9.3/8.9.3) with SMTP id MAA11741; Mon, 6 Nov 2000 12:13:37 -0600 Message-ID: <020a01c0481d$4b93c200$7d7885c0@genroco.com> From: "Scot W. Hetzel" To: "Evren Yurtesen" Cc: References: Subject: Re: sendmail and auth Date: Mon, 6 Nov 2000 12:13:36 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: "Evren Yurtesen" > Well I ment if somebody is using Authentication with sendmail. > You know in your mail client you can set your password and username > so the server can authenticate you when you are sending email. > I see this is available in the latest versions of sendmail. > Sendmail now supports SMTP authentication I guess... > Quote from the readme is below; > > +--------------------------------+ > | SMTP AUTHENTICATION | > +--------------------------------+ > : > which checks whether a user has successfully authenticated using > any available mechanism. Depending on the setup of the CYRUS SASL > library, more sophisticated rulesets might be required, e.g., > : > > > I just wondered if anybody configured this so far? > This is quite handy when your customers do connect from a lot of > different ISP's which doesnt offer SMTP service or the other ISP > is also offering SMTP service to their customers only with SMTP > authentication etc. > I believe several people are using SASL authentication with sendmail. All you need to do is Install the Cyrus SASL port, read the Sendmail.README file for adding a few configuration variables to your /etc/make.conf file. Then rebuild either sendmail, or rebuild FreeBSD. Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 11:35:25 2000 Delivered-To: freebsd-isp@freebsd.org Received: from saturn.futuredesigns.net (unknown [216.91.66.1]) by hub.freebsd.org (Postfix) with SMTP id 2BAE037B479 for ; Mon, 6 Nov 2000 11:35:24 -0800 (PST) Received: (qmail 2563 invoked from network); 6 Nov 2000 19:35:18 -0000 Received: from sun.futuredesigns.net (HELO SUN.mikesweb.com) (216.91.66.69) by 216.91.66.2 with SMTP; 6 Nov 2000 19:35:18 -0000 Message-Id: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> X-Sender: sturdee@mail.futuredesigns.net X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 06 Nov 2000 14:36:19 -0500 To: freebsd-isp@freebsd.org From: Mike Subject: 4.2-BETA Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of it.. I thought RELENG_4 was supposed to get the STABLE tree.. Should this still be considered "production environment" ready or no? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 11:37:10 2000 Delivered-To: freebsd-isp@freebsd.org Received: from peitho.fxp.org (peitho.fxp.org [209.26.95.40]) by hub.freebsd.org (Postfix) with ESMTP id A103F37B4CF for ; Mon, 6 Nov 2000 11:37:08 -0800 (PST) Received: by peitho.fxp.org (Postfix, from userid 1501) id 385841360E; Mon, 6 Nov 2000 14:37:09 -0500 (EST) Date: Mon, 6 Nov 2000 14:37:09 -0500 From: Chris Faulhaber To: Mike Cc: freebsd-isp@freebsd.org Subject: Re: 4.2-BETA Message-ID: <20001106143709.B43465@peitho.fxp.org> References: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net>; from mike@mikesweb.com on Mon, Nov 06, 2000 at 02:36:19PM -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Nov 06, 2000 at 02:36:19PM -0500, Mike wrote: > I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of it.. I > thought RELENG_4 was supposed to get the STABLE tree.. > > Should this still be considered "production environment" ready or no? > See http://www.FreeBSD.org/cgi/query-pr.cgi?pr=22627 for a quick explanation. -- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 11:39:49 2000 Delivered-To: freebsd-isp@freebsd.org Received: from saturn.futuredesigns.net (unknown [216.91.66.1]) by hub.freebsd.org (Postfix) with SMTP id 902D237B4C5 for ; Mon, 6 Nov 2000 11:39:44 -0800 (PST) Received: (qmail 2834 invoked from network); 6 Nov 2000 19:39:43 -0000 Received: from sun.futuredesigns.net (HELO SUN.mikesweb.com) (216.91.66.69) by 216.91.66.2 with SMTP; 6 Nov 2000 19:39:43 -0000 Message-Id: <4.3.2.7.2.20001106144022.03fb4920@mail.futuredesigns.net> X-Sender: sturdee@mail.futuredesigns.net X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 06 Nov 2000 14:40:45 -0500 To: Chris Faulhaber From: Mike Subject: Re: 4.2-BETA Cc: freebsd-isp@freebsd.org In-Reply-To: <20001106143709.B43465@peitho.fxp.org> References: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 02:37 PM 11/6/2000 -0500, Chris Faulhaber wrote: >On Mon, Nov 06, 2000 at 02:36:19PM -0500, Mike wrote: > > I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of > it.. I > > thought RELENG_4 was supposed to get the STABLE tree.. > > > > Should this still be considered "production environment" ready or no? > > > >See http://www.FreeBSD.org/cgi/query-pr.cgi?pr=22627 for a quick >explanation. > >-- >Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org >-------------------------------------------------------- >FreeBSD: The Power To Serve - http://www.FreeBSD.org > Thanks, That's all I needed.. =) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 11:39:59 2000 Delivered-To: freebsd-isp@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id 341BA37B479; Mon, 6 Nov 2000 11:39:51 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 84BF218E0; Mon, 6 Nov 2000 14:39:50 -0500 (EST) Date: Mon, 6 Nov 2000 14:39:50 -0500 From: Will Andrews To: Mike Cc: freebsd-questions@FreeBSD.org Subject: Re: 4.2-BETA Message-ID: <20001106143950.P565@puck.firepipe.net> Reply-To: Will Andrews References: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net>; from mike@mikesweb.com on Mon, Nov 06, 2000 at 02:36:19PM -0500 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [ redirected to -questions ] On Mon, Nov 06, 2000 at 02:36:19PM -0500, Mike wrote: > I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of it.. I > thought RELENG_4 was supposed to get the STABLE tree.. > > Should this still be considered "production environment" ready or no? Yes. 4.2-BETA is just a symbolic name for 4.1.1-STABLE before 4.2-RELEASE. It is intended to be a pre-RC1, and for the most part its only purpose is to test ports to make sure nothing has a dumb configure script (i.e. where it thinks 4.2 is not a valid FreeBSD version or something). The moral of the story is: don't trust naming schemes much, understand the purpose of the branch. -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 12:15:35 2000 Delivered-To: freebsd-isp@freebsd.org Received: from lb36-utv-sto.telia.net (lb36-utv-sto.telia.net [193.44.56.36]) by hub.freebsd.org (Postfix) with ESMTP id ADDC637B479 for ; Mon, 6 Nov 2000 12:15:27 -0800 (PST) Received: from veidit.net (t5o41p7.telia.com [195.67.253.7]) by lb36-utv-sto.telia.net (8.11.1/8.11.1) with ESMTP id eA6MBkl73908 for ; Mon, 6 Nov 2000 22:11:46 GMT Message-ID: <3A071137.4B4C3FFD@veidit.net> Date: Mon, 06 Nov 2000 21:14:47 +0100 From: John Angelmo X-Mailer: Mozilla 4.76 [en] (Win95; U) X-Accept-Language: sv, en MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: Re: 4.2-BETA References: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Well I tried to "make buildworld" There was some errors (heya) OK I'll wait a while but there was one problem: /usr/obj/usr/src/gnu/usr.bin/perl/utils/hints/ This dir can't be deleted I use rm -rf but it sais the directory is not empty but it is.. Any one got any good ideas? /John Mike wrote: > > I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of it.. I > thought RELENG_4 was supposed to get the STABLE tree.. > > Should this still be considered "production environment" ready or no? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 12:25:39 2000 Delivered-To: freebsd-isp@freebsd.org Received: from saturn.futuredesigns.net (unknown [216.91.66.1]) by hub.freebsd.org (Postfix) with SMTP id 9270137B4CF for ; Mon, 6 Nov 2000 12:25:35 -0800 (PST) Received: (qmail 5729 invoked from network); 6 Nov 2000 20:25:34 -0000 Received: from sun.futuredesigns.net (HELO SUN.mikesweb.com) (216.91.66.69) by 216.91.66.2 with SMTP; 6 Nov 2000 20:25:34 -0000 Message-Id: <4.3.2.7.2.20001106152603.03fb5298@mail.futuredesigns.net> X-Sender: sturdee@mail.futuredesigns.net X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 06 Nov 2000 15:26:35 -0500 To: John Angelmo , freebsd-isp@FreeBSD.ORG From: Mike Subject: Re: 4.2-BETA In-Reply-To: <3A071137.4B4C3FFD@veidit.net> References: <4.3.2.7.2.20001106143417.00b9d9d8@mail.futuredesigns.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 09:14 PM 11/6/2000 +0100, John Angelmo wrote: >Hi > >Well I tried to "make buildworld" There was some errors (heya) >OK I'll wait a while but there was one problem: >/usr/obj/usr/src/gnu/usr.bin/perl/utils/hints/ >This dir can't be deleted I use rm -rf but it sais the directory is not >empty >but it is.. > >Any one got any good ideas? > >/John > > > >Mike wrote: > > > > I am confused.. I cvsup'ed RELENG_4, and got a 4.2-BETA build out of it.. I > > thought RELENG_4 was supposed to get the STABLE tree.. > > > > Should this still be considered "production environment" ready or no? > > Do: cd /usr/obj chflags -R noschg * then you can 'rm -fr' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 14:11:12 2000 Delivered-To: freebsd-isp@freebsd.org Received: from swan.prod.itd.earthlink.net (swan.prod.itd.earthlink.net [207.217.120.123]) by hub.freebsd.org (Postfix) with ESMTP id 0D57737B479 for ; Mon, 6 Nov 2000 14:11:09 -0800 (PST) Received: from veager.siteplus.net (user-38lc8u1.dialup.mindspring.com [209.86.35.193]) by swan.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id OAA26149; Mon, 6 Nov 2000 14:10:43 -0800 (PST) Date: Mon, 6 Nov 2000 17:10:36 -0500 (EST) From: Jim Weeks To: Steve Price Cc: Dave Wilson , freebsd-isp@FreeBSD.ORG Subject: Re: Limited FTP accounts In-Reply-To: <20001106110328.B70975@bonsai.knology.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 6 Nov 2000, Steve Price wrote: > On Mon, Nov 06, 2000 at 02:19:24PM +0200, Dave Wilson wrote: > # > # Any one got any ideas on how to restrict an FTP user to only accessing his > # home directory and nothing else ? > # See I want a normal user to have access to nothing else other than his home > # directory. > > >From the ftpd() manpage: > > 5. If the user name appears in the file /etc/ftpchroot, or the > user is a member of a group with a group entry in this file, > i.e. one prefixed with `@', the session's root will be changed > to the user's login directory by chroot(2) as for an > ``anonymous'' or ``ftp'' account (see next item). This facil- > ity may also be triggered by enabling the boolean "ftp-chroot" > capability in login.conf(5). However, the user must still > supply a password. This feature is intended as a compromise > between a fully anonymous account and a fully privileged ac- > count. The account should also be set up as for an anonymous > account. The only problem with this is that the user can not cd into a soft linked web directory. Example of the web tree: "/usr/local/www/data/user" Example of home: "/usr/home/user" with a "ln -s /usr/local/www/data/user www" where www is a soft link to the true server tree. If your machine is already set up this way you may want to move "/usr/local/www/data/user" to "/usr/home/www" and ad a link in the server tree like "ln -s /usr/home/www user". This will work. If your version is 4.X or above "FTPD_INTERNAL_LS" is already functional. If you are using 3.5 or bellow you will need to make and install /usr/src/libexec/ftpd with "FTPD_INTERNAL_LS" defined. This is necessary for the user to be able to ls his/her directories under chroot. Hope this helps, Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 14:22:10 2000 Delivered-To: freebsd-isp@freebsd.org Received: from scaup.prod.itd.earthlink.net (scaup.prod.itd.earthlink.net [207.217.121.49]) by hub.freebsd.org (Postfix) with ESMTP id 6375E37B4D7 for ; Mon, 6 Nov 2000 14:22:08 -0800 (PST) Received: from veager.siteplus.net (user-38lc8u1.dialup.mindspring.com [209.86.35.193]) by scaup.prod.itd.earthlink.net (EL-8_9_3_3/8.9.3) with ESMTP id OAA29401; Mon, 6 Nov 2000 14:21:57 -0800 (PST) Date: Mon, 6 Nov 2000 17:21:50 -0500 (EST) From: Jim Weeks To: Steve Price Cc: Dave Wilson , freebsd-isp@FreeBSD.ORG Subject: Re: Limited FTP accounts In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I really hate to correct myself, but it should read. On Mon, 6 Nov 2000, Jim Weeks wrote: If your machine is already set up this way you may want to move "/usr/local/www/data/user" to "/usr/home/user/www" and ad a link in the server tree like "ln -s /usr/home/user/www user". This will work. Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 15:13:59 2000 Delivered-To: freebsd-isp@freebsd.org Received: from web510.mail.yahoo.com (web510.mail.yahoo.com [216.115.104.225]) by hub.freebsd.org (Postfix) with SMTP id 1387937B479 for ; Mon, 6 Nov 2000 15:13:56 -0800 (PST) Message-ID: <20001106231355.13678.qmail@web510.mail.yahoo.com> Received: from [208.142.193.5] by web510.mail.yahoo.com; Mon, 06 Nov 2000 15:13:55 PST Date: Mon, 6 Nov 2000 15:13:55 -0800 (PST) From: Justin Levine Subject: tacacs plus not installing on freeBSD 4.1 To: freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I have been trying to install tacacs plus on my Server running freeBSD 4.1 and keep getting the following errors: # make tac_plus gcc -g -DFREEBSD -DMAXSESS -c acct.c gcc -g -DFREEBSD -DMAXSESS -c authen.c gcc -g -DFREEBSD -DMAXSESS -c author.c gcc -g -DFREEBSD -DMAXSESS -c choose_authen.c gcc -g -DFREEBSD -DMAXSESS -c config.c gcc -g -DFREEBSD -DMAXSESS -c do_acct.c do_acct.c: In function 'wtmp_entry': do_acct.c:162: 'O_SYNC' undeclared (first use in do_acct.c:162: this function) do_acct.c:162: (Each undeclared identifier is do_acct.c:162: reported only once for each do_acct.c:162: function it appears in.) ***Error code 1 Stop in /usr/tacacs/tac_plus.F4.0.4.alpha. # Has anyone had this problem before and/or know how to resolve it? Thanks Justin Levine __________________________________________________ Do You Yahoo!? Thousands of Stores. Millions of Products. All in one Place. http://shopping.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 6 16:39:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from verde.onda.com.br (verde.onda.com.br [200.195.192.10]) by hub.freebsd.org (Postfix) with ESMTP id C7DBC37B4C5 for ; Mon, 6 Nov 2000 16:39:27 -0800 (PST) Received: from terrificus (cmcta002p161.onda.com.br [200.195.205.161]) by verde.onda.com.br (8.8.8/8.8.8) with SMTP id WAA19762 for ; Mon, 6 Nov 2000 22:39:26 -0200 (EDT) Message-ID: <004301c0485c$1ed6ab30$02ffa8c0@terrificus> From: "=?iso-8859-1?Q?Crist=F3v=E3o_B._B._Dalla_Costa?=" To: Subject: qmail not working Date: Mon, 6 Nov 2000 22:43:21 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I installed qmail from ports, and, after disabling sendmail, copied /var/qmail/boot/home+df to /var/qmail/rc , and then ran /var/qmail/rc. Now, I'm stuck with a non-working mail system, since I can't get sendmail to work either. I can't send local mail, but the mail command doesn't complain either. I'm using FreeBSD 4.1 with the original qmail port, and I have previously tried every file from /var/qmail/boot with no success. I also followed the steps in the qmail INSTALL file. Here's what appear in the log when I send local mail ("mail cbraga"): Nov 6 22:22:40 crotalus qmail: 973556560.275998 status: local 0/10 remote 0/20 Nov 6 22:23:40 crotalus qmail: 973556620.724169 new msg 74 Nov 6 22:23:40 crotalus qmail: 973556620.725351 info msg 74: bytes 267 from qp 40765 uid 0 Nov 6 22:23:40 crotalus qmail: 973556620.851848 starting delivery 1: msg 74 to local cbraga@cmcta002p161.onda.com.br Nov 6 22:23:40 crotalus qmail: 973556620.854260 status: local 1/10 remote 0/20 Nov 6 22:23:40 crotalus qmail: 973556620.874708 delivery 1: deferral: dot-forward:_not_found/ Nov 6 22:23:40 crotalus qmail: 973556620.875429 status: local 0/10 remote 0/20 Nov 6 22:25:21 crotalus qmail: 973556721.880993 starting delivery 2: msg 74 to local cbraga@cmcta002p161.onda.com.br Nov 6 22:25:21 crotalus qmail: 973556721.882986 status: local 1/10 remote 0/20 Nov 6 22:25:21 crotalus qmail: 973556721.901861 delivery 2: deferral: dot-forward:_not_found/ Nov 6 22:25:21 crotalus qmail: 973556721.902552 status: local 0/10 remote 0/20 Nov 6 22:30:21 crotalus qmail: 973557021.915500 starting delivery 3: msg 74 to local cbraga@cmcta002p161.onda.com.br Nov 6 22:30:21 crotalus qmail: 973557021.917389 status: local 1/10 remote 0/20 Nov 6 22:30:21 crotalus qmail: 973557021.936638 delivery 3: deferral: dot-forward:_not_found/ Nov 6 22:30:21 crotalus qmail: 973557021.937325 status: local 0/10 remote 0/20 Please help. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 3: 0:49 2000 Delivered-To: freebsd-isp@freebsd.org Received: from ns.internet.dk (ns.internet.dk [194.19.140.1]) by hub.freebsd.org (Postfix) with ESMTP id DC9D137B4C5 for ; Tue, 7 Nov 2000 03:00:45 -0800 (PST) Received: (from uucp@localhost) by ns.internet.dk (8.11.1/8.11.1) with UUCP id eA7B0hj16485 for freebsd-isp@freebsd.org; Tue, 7 Nov 2000 12:00:43 +0100 (CET) (envelope-from leifn@neland.dk) Received: from localhost (localhost [127.0.0.1]) by arnold.neland.dk (8.11.0/8.11.0) with ESMTP id eA7B0PU21953 for ; Tue, 7 Nov 2000 12:00:33 +0100 (CET) (envelope-from leifn@neland.dk) Date: Tue, 7 Nov 2000 12:00:25 +0100 (CET) From: Leif Neland To: freebsd-isp@freebsd.org Subject: non-existant MX Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org How can I in the dns specify there is no mailserver for a domain? I have domains where the domain itself has an ip-adress, for having www.this.dom = this.dom, but where there are no mailserver. I see some mailers trying to send the mail to the ip-adress of the webserver. Would some of these work? no.mailserver.for.this.domain. 0.0.0.0? 255.255.255.255? 127.0.0.1? Or are there any magic values? Leif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 5: 7:45 2000 Delivered-To: freebsd-isp@freebsd.org Received: from loops.nilpotent.org (loops.nilpotent.org [207.141.25.142]) by hub.freebsd.org (Postfix) with SMTP id A202737B479 for ; Tue, 7 Nov 2000 05:07:42 -0800 (PST) Received: (qmail 58256 invoked by uid 200); 7 Nov 2000 13:07:35 -0000 Date: Tue, 7 Nov 2000 05:07:35 -0800 From: Faried Nawaz To: justin_levine@yahoo.com Cc: freebsd-isp@freebsd.org Subject: tacacs plus. Message-ID: <20001107050735.D53363@nilpotent.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre2i Organization: Integral Domains Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Put #define O_SYNC 0x0080 in do_acct.c. This comes from /usr/include/fcntl.h -- look for the definition of O_FSYNC. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 5:39:51 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 8A01B37B479 for ; Tue, 7 Nov 2000 05:39:48 -0800 (PST) Received: (qmail 72538 invoked from network); 7 Nov 2000 13:39:46 -0000 Received: from abyss.dashit.net (HELO abyss) (209.100.22.250) by orion.psknet.com with SMTP; 7 Nov 2000 13:39:46 -0000 From: "Troy Settle" To: "Leif Neland" , Subject: RE: non-existant MX Date: Tue, 7 Nov 2000 08:41:13 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've never seen it documented, but 127.0.0.2 seems to be a common reject address. I'd give it a try and see who, if anyone, complains. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short. ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Leif Neland ** Sent: Tuesday, November 07, 2000 6:00 AM ** To: freebsd-isp@freebsd.org ** Subject: non-existant MX ** ** ** How can I in the dns specify there is no mailserver for a domain? ** ** I have domains where the domain itself has an ip-adress, for having ** www.this.dom = this.dom, but where there are no mailserver. ** ** I see some mailers trying to send the mail to the ip-adress of the ** webserver. ** ** Would some of these work? ** ** no.mailserver.for.this.domain. ** 0.0.0.0? ** 255.255.255.255? ** 127.0.0.1? ** ** Or are there any magic values? ** ** Leif ** ** ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 5:42:50 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.sai.co.za (ns1.amandla.co.za [196.33.40.1]) by hub.freebsd.org (Postfix) with ESMTP id 5683137B4E5 for ; Tue, 7 Nov 2000 05:42:45 -0800 (PST) Received: from fdisk (dave.sai.co.za [196.33.40.17]) by mail.sai.co.za (8.9.3/8.9.3) with SMTP id PAA79953 for ; Tue, 7 Nov 2000 15:43:13 +0200 (SAST) (envelope-from davew@sai.co.za) Message-ID: <049401c048c0$90e9dc60$112821c4@sai.co.za> From: "Dave Wilson" To: Subject: Re: Limited FTP accounts Date: Tue, 7 Nov 2000 15:42:26 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Thanks to all that helped ;-) Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is "General Failure", and what is he doing reading my hard disk ?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 5:44:52 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.sai.co.za (ns1.amandla.co.za [196.33.40.1]) by hub.freebsd.org (Postfix) with ESMTP id 6378C37B4F9 for ; Tue, 7 Nov 2000 05:44:48 -0800 (PST) Received: from fdisk (dave.sai.co.za [196.33.40.17]) by mail.sai.co.za (8.9.3/8.9.3) with SMTP id PAA80023 for ; Tue, 7 Nov 2000 15:45:22 +0200 (SAST) (envelope-from davew@sai.co.za) Message-ID: <04a001c048c0$dddc31d0$112821c4@sai.co.za> From: "Dave Wilson" To: Subject: Digi Sync 570/i card. Date: Tue, 7 Nov 2000 15:44:35 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi guys, howzit going ? Any one ever succesfully installed a Digi 570/i WAN (X.21) card in a FreeBSD box ? Please help me find where I can find some info on setting one up. Thanks. ;-) Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is "General Failure", and what is he doing reading my hard disk ?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 6:30:42 2000 Delivered-To: freebsd-isp@freebsd.org Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za [146.64.24.58]) by hub.freebsd.org (Postfix) with ESMTP id 5790D37B4C5 for ; Tue, 7 Nov 2000 06:30:36 -0800 (PST) Received: (from jhay@localhost) by zibbi.icomtek.csir.co.za (8.11.0/8.11.0) id eA7EUPO61715; Tue, 7 Nov 2000 16:30:25 +0200 (SAT) (envelope-from jhay) From: John Hay Message-Id: <200011071430.eA7EUPO61715@zibbi.icomtek.csir.co.za> Subject: Re: Digi Sync 570/i card. In-Reply-To: <04a001c048c0$dddc31d0$112821c4@sai.co.za> from Dave Wilson at "Nov 7, 2000 03:44:35 pm" To: davew@sai.co.za (Dave Wilson) Date: Tue, 7 Nov 2000 16:30:25 +0200 (SAT) Cc: freebsd-isp@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Any one ever succesfully installed a Digi 570/i WAN (X.21) card in a FreeBSD > box ? > Please help me find where I can find some info on setting one up. > Thanks. ;-) There is a man page, ar(4), for it. Just compile a kernel with it in and ifconfig it. John -- John Hay -- John.Hay@icomtek.csir.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 7:53:16 2000 Delivered-To: freebsd-isp@freebsd.org Received: from inu.net (mail.inu.net [63.151.4.24]) by hub.freebsd.org (Postfix) with ESMTP id A400537B4C5 for ; Tue, 7 Nov 2000 07:53:14 -0800 (PST) Received: from inu.net [63.151.3.239] by inu.net with ESMTP (SMTPD32-5.05) id A56822A7013E; Tue, 07 Nov 2000 09:53:12 -0600 Message-ID: <3A082566.A2E6E2BB@inu.net> Date: Tue, 07 Nov 2000 09:53:10 -0600 From: Bob Martin Organization: InterNet Unlimited X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.1.1-STABLE i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: ODBC Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Anyone know where I can get a good ODBC driver for FreeBSD? I need to connect to a MSSQL server. Thanks! -- Bob Martin, CTO InterNet Unlimited http://www.inu.net mailto:bob@inu.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 8: 2:47 2000 Delivered-To: freebsd-isp@freebsd.org Received: from cgi.sstar.com (cgi.sstar.com [209.205.176.12]) by hub.freebsd.org (Postfix) with ESMTP id 0A4D437B4C5 for ; Tue, 7 Nov 2000 08:02:44 -0800 (PST) Received: from bluto.jimking.net (root@bluto.jimking.net [216.54.255.8]) by cgi.sstar.com (8.11.0/8.9.3) with ESMTP id eA7G2gg45237; Tue, 7 Nov 2000 10:02:42 -0600 (CST) (envelope-from jim@jimking.net) Received: from jking (jking.lgc.com [134.132.76.82]) by bluto.jimking.net (8.11.1/8.11.1) with SMTP id eA7G2R736526 (using TLSv1/SSLv3 with cipher RC4-MD5 (128 bits) verified NO); Tue, 7 Nov 2000 10:02:40 -0600 (CST) (envelope-from jim@jimking.net) Message-ID: <003901c048d4$2869e8b0$524c8486@jking> From: "Jim King" To: "Bob Martin" , References: <3A082566.A2E6E2BB@inu.net> Subject: Re: ODBC Date: Tue, 7 Nov 2000 10:02:27 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Bob Martin wrote: > Anyone know where I can get a good ODBC driver for FreeBSD? I need to > connect to a MSSQL server. /usr/ports/databases/unixODBC More info at http://www.unixodbc.org/ Jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 13: 7:21 2000 Delivered-To: freebsd-isp@freebsd.org Received: from nx5.HRZ.Uni-Dortmund.DE (nx5.HRZ.Uni-Dortmund.DE [129.217.131.21]) by hub.freebsd.org (Postfix) with ESMTP id 8BCE937B479; Tue, 7 Nov 2000 13:07:09 -0800 (PST) Received: from luzi.e-technik.uni-dortmund.de by nx5.HRZ.Uni-Dortmund.DE via smtp-local with SMTP; Tue, 7 Nov 2000 22:07:08 +0100 Received: from luzi (luzi [129.217.180.22]) by luzi.e-technik.uni-dortmund.de (8.8.8+Sun/8.8.8) with SMTP id WAA21311; Tue, 7 Nov 2000 22:07:06 +0100 (MET) Message-Id: <200011072107.WAA21311@luzi.e-technik.uni-dortmund.de> Date: Tue, 7 Nov 2000 22:07:05 +0100 (MET) From: "\"Ulrich_Gruenebaum\"" Reply-To: "\"Ulrich_Gruenebaum\"" Subject: Vinum setup questions To: freebsd-scsi@freebsd.org, freebsd-isp@freebsd.org MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Content-MD5: UpSqrcBxbUgocv3sQlIYCQ== X-Mailer: dtmail 1.2.1 CDE Version 1.2.1 SunOS 5.6 sun4m sparc Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I am just setting up a 16GB mirrored volume (RAID-1) with vinum on FreeBSD 4.1.1 using two 16GB harddisks. Vinum is great and I think I got it to work after all, but I have still some questions remaining. Any comments are appreciated. By the way, is there a way to get vinum's own version number out of vinum? This would be helpful for reference purposes as in this text. I find the vinum man pages quite clear and helpful, but I was unsure about how to prepare the new disks, i.e. what to do exactly *before* putting them into the vinum configuration with "vinum create", and what exactly to do *afterwards* (when vinum finally provides them as a single volume). There was not much help on this topic from the vinum manpages; is there any further documentation on this topic available (except, of course, the manpages dedicated for "disklabel" and "newfs", which do not cover aspects of application order)? To set up the mirrored volume, I tried the following, based on the "mirror" example from vinum(8). The two 16GB disks are /dev/da1 and /dev/da2. Can anyone tell me, whether what I did is halfways reasonable (for my config file, see below)? 1. disklabel -w -r da1 auto disklabel -w -r da2 auto (to get the new disks labeled initially) 2. disklabel -e disklabel -e (to manually create a vinum partition on both disks, see below for "disklabel" output) 3. vinum: create -v init -v -w mirror.p0 init -v -w mirror.p1 start mirror start mirror.p1.s0 4. newfs -v /dev/vinum/mirror (to put a filesystem on the volume) Doing so, the following problems occured (any comments appreciated): In step 3: Before "start mirror.p1.s0" (starting the subdisk of the second plex explicitly), the first of the plexes was in state "up" (as should be), but the second was shown as "faulty", which I had not expected (see vinum(4): "faulty: a plex which has gone completely down because of I/O errors"); vinum(8) (section GOTCHAS) says, the state of all newly-created plexes except the first would be "stale". Nevertheless, following the "start mirror.p1.s0" command, the subdisk was revived and afterwards showed state "up" as wanted. In step 4: vinum(8) and vinum(4) tell to run "newfs" on the *raw* volume device, e.g. "/dev/vinum/rmirror". There was no such device in my case, nor could I find any directory named "/dev/rvinum" (as in the example directory listing in vinum(4), section OBJECT NAMING), instead the only device I found was "/dev/vinum/mirror". I tried a "newfs" command on it and it seems to work. Nevertheless, I don't know what happend exactly doing so and I don't feel very well with this. It would be helpful if vinum itself could list the created volume device name(s) with the "list" command. The vinum configuration file I used: # vinum config file drive d1 device /dev/da1a drive d2 device /dev/da2a volume mirror plex org concat sd length 0 drive d1 plex org concat sd length 0 drive d2 Output of "disklabel da1" command (same for da2): # /dev/da1c: type: SCSI disk: QUANTUM <--snip--> 8 partitions: # size offs. fstype ... a: 35861388 0 vinum # (Cyl. 0-17510*) c: 35861388 0 unused # (Cyl. 0-17510*) Some suggested man page improvements: - I didn't find a notice, what the device names of the volumes are, which I just created, i.e. on which device I had to run "newfs" and which to mount finally. It seems that for the mirror example a device "/dev/vinum/mirror" was created. This could be explained in more detail and the device names perhaps be listed in section FILES in vinum(8). - The default location for the vinum logfile (vinum(8), section "LOG FILE") seems to be /var/log/vinum_history, not /var/tmp/... . The logfile should also be mentioned in vinum(8), section FILES. - A small subsection and an example in vinum(8) regarding how and in which order to initialize new disks before they can be used from vinum (i.e. "disklabel" command) would be nice; and also an example of what to do until the new vinum volume can be mounted anywhere ("newfs" command). This could be inserted in vinum(8) in section HOW TO SET UP VINUM. In my case, I've already installed some hundreds of gigabytes of diskspace on Solaris, Linux and Windows systems, but the procedure for each system differs more or less completely from the others concerning the tools to use and the order in which to use them, therefore I had appreciated some information on this in the vinum context. Thanks a lot for your answers! Cheers Ulrich -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Ulrich Gruenebaum grueneba@luzi.e-technik.uni-dortmund.de ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 13:48:19 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hotmail.com (f6.pav0.hotmail.com [64.4.33.6]) by hub.freebsd.org (Postfix) with ESMTP id 8772537B479 for ; Tue, 7 Nov 2000 13:48:17 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Tue, 7 Nov 2000 13:48:17 -0800 Received: from 128.59.194.129 by pv0fd.pav0.hotmail.msn.com with HTTP; Tue, 07 Nov 2000 21:48:17 GMT X-Originating-IP: [128.59.194.129] From: "Jonathan M. Slivko" To: leifn@neland.dk, freebsd-isp@freebsd.org Subject: Re: non-existant MX Date: Tue, 07 Nov 2000 16:48:17 EST Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 07 Nov 2000 21:48:17.0318 (UTC) FILETIME=[6FF1AC60:01C04904] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I *think* that if you don't set up an MX line, one will not be used. So, if you don't put anything, I think you should be fine. -- Jonathan M. Slivko >From: Leif Neland >To: freebsd-isp@freebsd.org >Subject: non-existant MX >Date: Tue, 7 Nov 2000 12:00:25 +0100 (CET) > >How can I in the dns specify there is no mailserver for a domain? > >I have domains where the domain itself has an ip-adress, for having >www.this.dom = this.dom, but where there are no mailserver. > >I see some mailers trying to send the mail to the ip-adress of the >webserver. > >Would some of these work? > >no.mailserver.for.this.domain. >0.0.0.0? >255.255.255.255? >127.0.0.1? > >Or are there any magic values? > >Leif > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 13:53: 3 2000 Delivered-To: freebsd-isp@freebsd.org Received: from roam.home.net (idf7-17-207.adsl.proxad.net [213.228.17.207]) by hub.freebsd.org (Postfix) with ESMTP id 6478237B479 for ; Tue, 7 Nov 2000 13:52:54 -0800 (PST) Received: from free.fr (localhost [127.0.0.1]) by roam.home.net (8.9.3/8.9.3) with ESMTP id WAA00629; Tue, 7 Nov 2000 22:52:50 +0100 (CET) (envelope-from m.hallgren@free.fr) Message-ID: <3A0879B2.ECCCBDC7@free.fr> Date: Tue, 07 Nov 2000 22:52:50 +0100 From: Michael Hallgren Reply-To: m.hallgren@free.fr X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-STABLE i386) X-Accept-Language: en, sv, fr MIME-Version: 1.0 To: "Jonathan M. Slivko" Cc: leifn@neland.dk, freebsd-isp@freebsd.org Subject: Re: non-existant MX References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Jonathan M. Slivko" wrote: > > I *think* that if you don't set up an MX line, one will not be used. So, if > you don't put anything, I think you should be fine. -- Jonathan M. Slivko default mx - no specific mx that is - is host. mh > > >From: Leif Neland > >To: freebsd-isp@freebsd.org > >Subject: non-existant MX > >Date: Tue, 7 Nov 2000 12:00:25 +0100 (CET) > > > >How can I in the dns specify there is no mailserver for a domain? > > > >I have domains where the domain itself has an ip-adress, for having > >www.this.dom = this.dom, but where there are no mailserver. > > > >I see some mailers trying to send the mail to the ip-adress of the > >webserver. > > > >Would some of these work? > > > >no.mailserver.for.this.domain. > >0.0.0.0? > >255.255.255.255? > >127.0.0.1? > > > >Or are there any magic values? > > > >Leif > > > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-isp" in the body of the message > > > > _________________________________________________________________________ > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > Share information about yourself, create your own public profile at > http://profiles.msn.com. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Michael Hallgren, http://m.hallgren.free.fr/, MH2198-RIPE "Be careful what you sell. It may do exactly what the customer expects." - Ferengi #32 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 14: 8:27 2000 Delivered-To: freebsd-isp@freebsd.org Received: from genius.systems.pavilion.net (genesis.tao.org.uk [194.242.131.254]) by hub.freebsd.org (Postfix) with ESMTP id A0AE837B479 for ; Tue, 7 Nov 2000 14:08:21 -0800 (PST) Received: by genius.systems.pavilion.net (Postfix, from userid 100) id 14CF09B2D; Tue, 7 Nov 2000 22:11:53 +0000 (GMT) Date: Tue, 7 Nov 2000 22:11:52 +0000 From: Josef Karthauser To: "Michael R. Wayne" Cc: isp@FreeBSD.ORG Subject: Re: Interface alias accounting? Message-ID: <20001107221152.B60800@pavilion.net> References: <200001181742.JAA48615@gndrsh.dnsmgr.net> <038a01bfc041$83636640$213cd3cf@loop.com> <20000517173915.F77680@staff.msen.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000517173915.F77680@staff.msen.com>; from wayne@staff.msen.com on Wed, May 17, 2000 at 05:39:15PM -0400 X-NCC-RegID: uk.pavilion Organisation: Pavilion Internet plc, Lees House, 21-23 Dyke Road, Brighton, England Phone: +44-845-333-5000 Fax: +44-845-333-5001 Mobile: +44-403-596893 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, May 17, 2000 at 05:39:15PM -0400, Michael R. Wayne wrote: > On Wed, May 17, 2000 at 01:50:13PM -0700, D. W. Piper wrote: > > Hi folks, > > > > I'm trying to find out how to get IP accounting information for web > > hosting where multiple IPs are aliased to the same interface. I seem to > > recall seeing something about it a few weeks ago, but I've searched the > > archives, and can't seem to find the information I'm looking for. If I > > recall correctly, it involved compiling in some kernel option or other. > > Can anybody help out? > > BSD/OS does this per interface right on the box, FreeBSD seems not > to. We've been trying for several months to get a straight answer > regarding FreeBSD, nobody seems to know whether it's a bug, oversight > or what. This is in current now. I'm going to MFC it after the 4.2 release. Joe > > Reference information: > > BSD/OS % netstat -ins | egrep '^(Name|lo0)' | head -10 > Name Index Address Ipkts Ierrs Opkts Oerrs Coll Drop > lo0 2 825692 0 825692 0 0 0 > lo0 2 127.0.0.1 513811 486253 > lo0 2 148.59.14.8 934 1045 > lo0 2 148.59.14.33 943857 1217321 > lo0 2 148.59.14.20 655903 715413 > lo0 2 148.59.14.21 655256 828339 > lo0 2 148.59.14.22 30697 32327 > lo0 2 148.59.14.23 34691 43438 > lo0 2 148.59.14.24 108729 127598 > > > Freebsd % netstat -ins | egrep '^(Name|lo0)' | head -10 > Name Mtu Network Address Ipkts Ierrs Opkts Oerrs Coll > lo0 16384 287 0 287 0 0 > lo0 16384 127 127.0.0.1 287 0 287 0 0 > lo0 16384 139.171.3/32 139.171.3.0 287 0 287 0 0 > lo0 16384 139.171.3.1/3 139.171.3.1 287 0 287 0 0 > lo0 16384 139.171.3.2/3 139.171.3.2 287 0 287 0 0 > lo0 16384 139.171.3.3/3 139.171.3.3 287 0 287 0 0 > lo0 16384 139.171.3.4/3 139.171.3.4 287 0 287 0 0 > lo0 16384 139.171.3.5/3 139.171.3.5 287 0 287 0 0 > lo0 16384 139.171.3.6/3 139.171.3.6 287 0 287 0 0 > > /\/\ \/\/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Josef Karthauser FreeBSD: How many times have you booted today? Technical Manager Viagra for your server (http://www.uk.freebsd.org) Pavilion Internet plc. [joe@pavilion.net, joe@uk.freebsd.org, joe@tao.org.uk] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 14:10:54 2000 Delivered-To: freebsd-isp@freebsd.org Received: from donhost.co.uk (t1o315p25.teliauk.com [195.12.242.25]) by hub.freebsd.org (Postfix) with ESMTP id 314B237B479 for ; Tue, 7 Nov 2000 14:10:50 -0800 (PST) Received: from doncasterser1 [127.0.0.1] by 0risknames.net [127.0.0.1] with SMTP (MDaemon.v2.84.R) for ; Tue, 07 Nov 2000 22:11:23 +0000 From: "Daniel Conlon" To: "Jonathan M. Slivko" , Subject: RE: non-existant MX Date: Tue, 7 Nov 2000 22:11:23 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal X-MDaemon-Deliver-To: freebsd-isp@freebsd.org X-Return-Path: daniel@donhost.co.uk Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I *think* that if you don't set up an MX line, one will not be=20 > used. So, if=20 > you don't put anything, I think you should be fine. -- Jonathan M. = Slivko In my experience this is not the case, if no MX is listed, many mailers = will try to connect to the IP address specified under the A record for = that domain. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 14:20:15 2000 Delivered-To: freebsd-isp@freebsd.org Received: from roam.home.net (idf7-17-207.adsl.proxad.net [213.228.17.207]) by hub.freebsd.org (Postfix) with ESMTP id 4EBF937B4C5 for ; Tue, 7 Nov 2000 14:19:52 -0800 (PST) Received: from free.fr (localhost [127.0.0.1]) by roam.home.net (8.9.3/8.9.3) with ESMTP id XAA00714; Tue, 7 Nov 2000 23:19:39 +0100 (CET) (envelope-from m.hallgren@free.fr) Message-ID: <3A087FFB.700C47EB@free.fr> Date: Tue, 07 Nov 2000 23:19:39 +0100 From: Michael Hallgren Reply-To: m.hallgren@free.fr X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-STABLE i386) X-Accept-Language: en, sv, fr MIME-Version: 1.0 To: "Jonathan M. Slivko" , leifn@neland.dk, freebsd-isp@freebsd.org Subject: Re: non-existant MX References: <3A0879B2.ECCCBDC7@free.fr> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Michael Hallgren wrote: > > "Jonathan M. Slivko" wrote: > > > > I *think* that if you don't set up an MX line, one will not be used. So, if > > you don't put anything, I think you should be fine. -- Jonathan M. Slivko > > default mx - no specific mx that is - is host. which is the same as "if no specified MX, try A RR". mh > > mh > > > > > >From: Leif Neland > > >To: freebsd-isp@freebsd.org > > >Subject: non-existant MX > > >Date: Tue, 7 Nov 2000 12:00:25 +0100 (CET) > > > > > >How can I in the dns specify there is no mailserver for a domain? > > > > > >I have domains where the domain itself has an ip-adress, for having > > >www.this.dom = this.dom, but where there are no mailserver. > > > > > >I see some mailers trying to send the mail to the ip-adress of the > > >webserver. > > > > > >Would some of these work? > > > > > >no.mailserver.for.this.domain. > > >0.0.0.0? > > >255.255.255.255? > > >127.0.0.1? > > > > > >Or are there any magic values? > > > > > >Leif > > > > > > > > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > > >with "unsubscribe freebsd-isp" in the body of the message > > > > > > > _________________________________________________________________________ > > Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. > > > > Share information about yourself, create your own public profile at > > http://profiles.msn.com. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > -- > Michael Hallgren, http://m.hallgren.free.fr/, MH2198-RIPE > > "Be careful what you sell. It may do exactly > what the customer expects." - Ferengi #32 > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Michael Hallgren, http://m.hallgren.free.fr/, MH2198-RIPE "Be careful what you sell. It may do exactly what the customer expects." - Ferengi #32 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 14:53:40 2000 Delivered-To: freebsd-isp@freebsd.org Received: from ns.internet.dk (ns.internet.dk [194.19.140.1]) by hub.freebsd.org (Postfix) with ESMTP id 0B5BB37B479 for ; Tue, 7 Nov 2000 14:53:32 -0800 (PST) Received: (from uucp@localhost) by ns.internet.dk (8.11.1/8.11.1) with UUCP id eA7MrTE86541; Tue, 7 Nov 2000 23:53:29 +0100 (CET) (envelope-from leifn@neland.dk) Received: from gina (gina.neland.dk [192.168.0.14]) by arnold.neland.dk (8.11.0/8.11.0) with SMTP id eA7MrIU25250; Tue, 7 Nov 2000 23:53:22 +0100 (CET) (envelope-from leifn@neland.dk) Message-ID: <005101c0490d$b1288880$0e00a8c0@neland.dk> Reply-To: "Leif Neland" From: "Leif Neland" To: "Jonathan M. Slivko" , References: Subject: Re: non-existant MX Date: Tue, 7 Nov 2000 23:50:56 +0100 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ----- Original Message ----- From: "Jonathan M. Slivko" To: ; Sent: Tuesday, November 07, 2000 10:48 PM Subject: Re: non-existant MX > I *think* that if you don't set up an MX line, one will not be used. So, if > you don't put anything, I think you should be fine. -- Jonathan M. Slivko > > No, they use the A for the domain. I don't want any mail for that domain. Leif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 15: 0:26 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mgw1.MEIway.com (mgw1.meiway.com [212.73.210.75]) by hub.freebsd.org (Postfix) with ESMTP id E40F937B479 for ; Tue, 7 Nov 2000 15:00:22 -0800 (PST) Received: from mail.Go2France.com (ms1.meiway.com [212.73.210.73]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id 66A4C6A901 for ; Wed, 8 Nov 2000 00:00:21 +0100 (CET) Received: from sv.Go2France.com [212.73.210.79] by mail.Go2France.com with ESMTP (SMTPD32-6.04) id AAE46D9049E; Wed, 08 Nov 2000 00:06:12 +0100 Message-Id: <5.0.0.25.0.20001107235803.030b4eb0@mail.Go2France.com> X-Sender: lconrad%Go2France.com@mail.Go2France.com X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Wed, 08 Nov 2000 00:00:06 +0100 To: freebsd-isp@freebsd.org From: Len Conrad Subject: Re: non-existant MX In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >How can I in the dns specify there is no mailserver for a domain? > >I have domains where the domain itself has an ip-adress, for having >www.this.dom = this.dom, but where there are no mailserver. > >I see some mailers trying to send the mail to the ip-adress of the >webserver. > >Would some of these work? > >no.mailserver.for.this.domain. >0.0.0.0? >255.255.255.255? >127.0.0.1? > >Or are there any magic values? no, MTA's will look for a domain's MX(s), then the domain's A. You can't change their behaviour. "You build it, and they will mail to it" Len http://BIND8NT.MEIway.com: ISC BIND 8.2.2 p5 & 8.2.3 T6B for NT4 & W2K http://IMGate.MEIway.com: Build free, hi-perf, anti-spam mail gateways To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 15:31: 1 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.qcislands.net (mail.qcislands.net [209.53.238.6]) by hub.freebsd.org (Postfix) with ESMTP id B6CE737B479 for ; Tue, 7 Nov 2000 15:30:59 -0800 (PST) Received: from [209.53.238.7] (helo=auth.qcislands.net) by mail.qcislands.net with esmtp (Exim 3.14 #3) id 13tICj-0000qW-00 for freebsd-isp@freebsd.org; Tue, 07 Nov 2000 15:31:01 -0800 Received: from ccstore by auth.qcislands.net with local (Exim 3.13 #3) id 13tICj-000434-00 for freebsd-isp@freebsd.org; Tue, 07 Nov 2000 23:31:01 +0000 From: Jim Pazarena To: freebsd-isp@freebsd.org Subject: secure server X-Mailer: SCO Shell Date: Tue, 7 Nov 2000 15:22:04 -0800 (PST) Message-ID: <10011071522.aa07854@ccstores.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is it possible to have a plain 'unsecure' apache running on the server at the same time that a secure-server is also running? The reason I ask, is I'm confused why when you go to a site to buy something you are sometimes asked do you want 'the secure OR non-secure' purchase. Is there some reason why I would even _need_ a non-secure purchase? and to take this thought process to the next step, why not make your server 'secure' ALL the time? -- Jim Pazarena mailto:paz@ccstores.com http://www.qcislands.net/paz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 15:50: 7 2000 Delivered-To: freebsd-isp@freebsd.org Received: from donhost.co.uk (t3o317p101.teliauk.com [195.12.252.101]) by hub.freebsd.org (Postfix) with ESMTP id 7538D37B4C5 for ; Tue, 7 Nov 2000 15:50:03 -0800 (PST) Received: from doncasterser1 [127.0.0.1] by 0risknames.net [127.0.0.1] with SMTP (MDaemon.v2.84.R) for ; Tue, 07 Nov 2000 23:50:32 +0000 From: "Daniel Conlon" To: "Jim Pazarena" , Subject: RE: secure server Date: Tue, 7 Nov 2000 23:50:32 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <10011071522.aa07854@ccstores.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Importance: Normal X-MDaemon-Deliver-To: freebsd-isp@freebsd.org X-Return-Path: daniel@donhost.co.uk Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Is it possible to have a plain 'unsecure' apache running on the > server at the same time that a secure-server is also running? Yes, they run on different ports. Just set up a virtual host for each = port (80 & 443) > The reason I ask, is I'm confused why when you go to a site > to buy something you are sometimes asked do you want > 'the secure OR non-secure' purchase. Is there some reason why=20 > I would even _need_ a non-secure purchase? Yes, some older browsers don't support SSL.=20 and to take this > thought process to the next step, why not make your server > 'secure' ALL the time? Because SSL consumes massive amounts of processor and memory and is = slower. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 16: 0:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from sunny.fishnet.com (sunny.fishnet.com [209.150.200.6]) by hub.freebsd.org (Postfix) with ESMTP id 2C91537B479 for ; Tue, 7 Nov 2000 16:00:31 -0800 (PST) Received: from rhavenn (209.150.192.22) by sunny.fishnet.com (5.0.048) id 39FECC3200188D1E; Tue, 7 Nov 2000 18:00:30 -0600 Reply-To: From: "Henrik Hudson" To: "'Jim Pazarena'" Cc: Subject: RE: secure server Date: Tue, 7 Nov 2000 17:49:30 -0600 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit In-Reply-To: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello- My understanding is that the computation needed to generate all the SSL pages would bog a server down if there is a high traffic volume? and why bog it down for pages that don't need it? As for the non-secure / secure dilemma, some browsers don't handle the SSL encryption as of yet? Otherwise, I can't think of one either. Henrik > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jim Pazarena > Sent: Tuesday, November 07, 2000 17:22 > To: freebsd-isp@freebsd.org > Subject: secure server > > > Is it possible to have a plain 'unsecure' apache running on the > server at the same time that a secure-server is also running? > > The reason I ask, is I'm confused why when you go to a site > to buy something you are sometimes asked do you want > 'the secure OR non-secure' purchase. Is there some reason why > I would even _need_ a non-secure purchase? and to take this > thought process to the next step, why not make your server > 'secure' ALL the time? > > > -- > Jim Pazarena mailto:paz@ccstores.com > http://www.qcislands.net/paz > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 21:45:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from picalon.gun.de (picalon.gun.de [192.109.159.1]) by hub.freebsd.org (Postfix) with ESMTP id 63BFE37B479 for ; Tue, 7 Nov 2000 21:45:30 -0800 (PST) Received: (from uucp@localhost) by picalon.gun.de (8.9.3/8.9.3) id GAA24037 for freebsd-isp@freebsd.org; Wed, 8 Nov 2000 06:45:22 +0100 (MET) >Received: (from andreas@localhost) by klemm.gtn.com (8.11.1/8.11.1) id eA85Zs117242 for freebsd-isp@freebsd.org; Wed, 8 Nov 2000 06:35:54 +0100 (CET) (envelope-from andreas) Date: Wed, 8 Nov 2000 06:35:54 +0100 From: Andreas Klemm To: freebsd-isp@freebsd.org Subject: arts++ and cflowd, for cisco netflow analysis Message-ID: <20001108063553.A16896@titan.klemm.gtn.com> Mime-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Operating-System: FreeBSD 4.2-BETA SMP X-Disclaimer: A free society is one where it is safe to be unpopular Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi ! Just wanted to inform you that I just committed two software package from www.caida.org arts++ and cflowd that are possibly useful for your business... From the website: "cflowd is a flow analysis tool currently used for analyzing Cisco's NetFlow enabled switching method. The current release (described below) includes the collections, storage, and basic analysis modules for cflowd and for arts++ libraries. This analysis package permits data collection and analysis by ISPs and network engineers in support of capacity planning, trends analysis, and characterization of workloads in a network service provider environment. Other areas where cflowd may prove useful include usage tracking for Web hosting, accounting and billing, network planning and analysis, network monitoring, developing user profiles, data warehousing and mining, as well as security-related investigations." http://www.caida.org/tools/measurement/cflowd/ http://www.caida.org/tools/measurement/cflowd/design/design.html http://www.caida.org/tools/measurement/cflowd/configuration/configuration.html Currently I only ported the software but actually didn't test, because I'm pretty busy shortly before holidays. But maybe this software is useful for you... Andreas /// -- Andreas Klemm Powered by FreeBSD SMP Songs from our band >>64Bits<<............http://www.apsfilter.org/64bits.html My homepage................................ http://people.FreeBSD.ORG/~andreas Please note: Apsfilter got a NEW HOME................http://www.apsfilter.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 21:45:38 2000 Delivered-To: freebsd-isp@freebsd.org Received: from picalon.gun.de (picalon.gun.de [192.109.159.1]) by hub.freebsd.org (Postfix) with ESMTP id 46A4537B479 for ; Tue, 7 Nov 2000 21:45:36 -0800 (PST) Received: (from uucp@localhost) by picalon.gun.de (8.9.3/8.9.3) id GAA24042; Wed, 8 Nov 2000 06:45:23 +0100 (MET) >Received: (from andreas@localhost) by klemm.gtn.com (8.11.1/8.11.1) id eA85fPC17571; Wed, 8 Nov 2000 06:41:25 +0100 (CET) (envelope-from andreas) Date: Wed, 8 Nov 2000 06:41:24 +0100 From: Andreas Klemm To: Faried Nawaz Cc: justin_levine@yahoo.com, freebsd-isp@FreeBSD.ORG Subject: Re: tacacs plus. Message-ID: <20001108064124.A17507@titan.klemm.gtn.com> References: <20001107050735.D53363@nilpotent.org> Mime-Version: 1.0 Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001107050735.D53363@nilpotent.org>; from fn@hungry.org on Tue, Nov 07, 2000 at 05:07:35AM -0800 X-Operating-System: FreeBSD 4.2-BETA SMP X-Disclaimer: A free society is one where it is safe to be unpopular Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Nov 07, 2000 at 05:07:35AM -0800, Faried Nawaz wrote: > Put > > #define O_SYNC 0x0080 > > in do_acct.c. > > This comes from /usr/include/fcntl.h -- look for the definition of > O_FSYNC. Could you please tell me more concerning this issue ? If necessary I could commit a patch as maintainer of the tac_plus4 port. Best regards Andreas /// -- Andreas Klemm Powered by FreeBSD SMP Songs from our band >>64Bits<<............http://www.apsfilter.org/64bits.html My homepage................................ http://people.FreeBSD.ORG/~andreas Please note: Apsfilter got a NEW HOME................http://www.apsfilter.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 7 23:35:32 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by hub.freebsd.org (Postfix) with ESMTP id 36E7337B479 for ; Tue, 7 Nov 2000 23:35:29 -0800 (PST) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id JAA64604; Wed, 8 Nov 2000 09:35:14 +0200 Date: Wed, 8 Nov 2000 09:35:14 +0200 (WET) From: Evren Yurtesen To: "Scot W. Hetzel" Cc: freebsd-isp@FreeBSD.ORG Subject: Re:(2) sendmail and auth In-Reply-To: <020a01c0481d$4b93c200$7d7885c0@genroco.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have done that already but it actually doesnt work. I wonder if there is somebody who had very hard time making it work too. There are very little information in Sendmail and Cyrus SASL documents about how to configure each of them etc. On Mon, 6 Nov 2000, Scot W. Hetzel wrote: > From: "Evren Yurtesen" > > Well I ment if somebody is using Authentication with sendmail. > > You know in your mail client you can set your password and username > > so the server can authenticate you when you are sending email. > > I see this is available in the latest versions of sendmail. > > Sendmail now supports SMTP authentication I guess... > > Quote from the readme is below; > > > > +--------------------------------+ > > | SMTP AUTHENTICATION | > > +--------------------------------+ > > > : > > which checks whether a user has successfully authenticated using > > any available mechanism. Depending on the setup of the CYRUS SASL > > library, more sophisticated rulesets might be required, e.g., > > > : > > > > > > I just wondered if anybody configured this so far? > > This is quite handy when your customers do connect from a lot of > > different ISP's which doesnt offer SMTP service or the other ISP > > is also offering SMTP service to their customers only with SMTP > > authentication etc. > > > I believe several people are using SASL authentication with sendmail. > > All you need to do is Install the Cyrus SASL port, read the Sendmail.README > file for adding a few configuration variables to your /etc/make.conf file. > Then rebuild either sendmail, or rebuild FreeBSD. > > Scot > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 0:23:58 2000 Delivered-To: freebsd-isp@freebsd.org Received: from krell.webweaver.net (unknown [206.24.105.170]) by hub.freebsd.org (Postfix) with ESMTP id 12EF937B479 for ; Wed, 8 Nov 2000 00:23:57 -0800 (PST) Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10]) by krell.webweaver.net (Postfix) with ESMTP id F370F20F04 for ; Wed, 8 Nov 2000 00:09:49 -0800 (PST) Content-Length: 1273 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 Date: Wed, 08 Nov 2000 00:23:47 -0700 (PST) From: Nicole To: freebsd-isp@freebsd.org Subject: Program keeps crashing server Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi All OK I have a stupid question. Q> What allows a program to crash/reboot a server? I have a program that I am running to compute apache logs and on many occasions it will cash the server. It is being run by the apache server username. I have setup login.conf with process limits. Top running and freezing at the time of the death does not seem to show excessive memory use. Absolutly no swap use. Only that the CPU usage percentage is Very high. Load seems to stay at ~1.0 So.. What can I check or monitor? What kind of limits can I use without strangling the program? Any help much appreciatted Thanks! Nicole nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((----------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- Strong enough for a man - But made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! ----------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 0:29:52 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hitline.ch (unknown [195.129.74.66]) by hub.freebsd.org (Postfix) with ESMTP id 8B73837B479 for ; Wed, 8 Nov 2000 00:29:49 -0800 (PST) Received: from [195.129.74.2] (HELO [10.10.14.21]) by hitline.ch (CommuniGate Pro SMTP 3.3b9) with ESMTP id 2684831 for freebsd-isp@freebsd.org; Wed, 08 Nov 2000 09:33:53 +0100 Mime-Version: 1.0 X-Sender: moshea%tronic-group.com@mail.com4u.ch Message-Id: In-Reply-To: References: Date: Wed, 8 Nov 2000 09:29:38 +0100 To: freebsd-isp@freebsd.org From: Michael O Shea Subject: Re: Program keeps crashing server Content-Type: text/plain; charset="iso-8859-1" ; format="flowed" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 12:23 AM -0700 11/8/00, Nicole wrote: > Hi All > OK I have a stupid question. > > Q> What allows a program to crash/reboot a server? > > I have a program that I am running to compute apache logs and on many >occasions it will cash the server. It is being run by the apache server >username. I have setup login.conf with process limits. Top running >and freezing >at the time of the death does not seem to show excessive memory use. Absolu= tly >no swap use. Only that the CPU usage percentage is Very high. Load seems to >stay at ~1.0 > > So.. What can I check or monitor? What kind of limits can I use without >strangling the program? > > Any help much appreciatted > > > Thanks! > > Nicole > What Program is it ? -- Micheal O Shea ----------------------------------------------------- com-o-tronic ag Micheal O Shea, Systems Engineer Gewerbepark CH-5506 M=E4genwil E-Mail micheal@com4u.ch Voice: +41 62 887 3734 =46ax: +41 62 896 1133 Internet: http://www.com4u.ch http://www.ehitline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 0:42: 4 2000 Delivered-To: freebsd-isp@freebsd.org Received: from krell.webweaver.net (unknown [206.24.105.170]) by hub.freebsd.org (Postfix) with ESMTP id CCA9937B4C5 for ; Wed, 8 Nov 2000 00:42:00 -0800 (PST) Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10]) by krell.webweaver.net (Postfix) with ESMTP id 3990820F04; Wed, 8 Nov 2000 00:28:01 -0800 (PST) Content-Length: 1909 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Wed, 08 Nov 2000 00:41:59 -0700 (PST) From: Nicole To: Michael O Shea Subject: Re: Program keeps crashing server Cc: freebsd-isp@freebsd.org Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 08-Nov-00 Michael O Shea wrote: > At 12:23 AM -0700 11/8/00, Nicole wrote: >> Hi All >> OK I have a stupid question. >> >> Q> What allows a program to crash/reboot a server? >> >> I have a program that I am running to compute apache logs and on many >>occasions it will cash the server. It is being run by the apache server >>username. I have setup login.conf with process limits. Top running >>and freezing >>at the time of the death does not seem to show excessive memory use. >>Absolutly >>no swap use. Only that the CPU usage percentage is Very high. Load seems to >>stay at ~1.0 >> >> So.. What can I check or monitor? What kind of limits can I use without >>strangling the program? >> >> Any help much appreciatted >> >> >> Thanks! >> >> Nicole >> > What Program is it ? Nettracker www.sane.com Nicole > -- > > Micheal O Shea > > ----------------------------------------------------- > com-o-tronic ag > Micheal O Shea, Systems Engineer > Gewerbepark > CH-5506 Mägenwil > > E-Mail micheal@com4u.ch > > Voice: +41 62 887 3734 > Fax: +41 62 896 1133 > > Internet: http://www.com4u.ch http://www.ehitline.ch > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((----------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- Strong enough for a man - But made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! ----------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 1:15:51 2000 Delivered-To: freebsd-isp@freebsd.org Received: from krell.webweaver.net (unknown [206.24.105.170]) by hub.freebsd.org (Postfix) with ESMTP id 42F9637B479 for ; Wed, 8 Nov 2000 01:15:48 -0800 (PST) Received: from xwin.nmhtech.com (xwin.nmhtech.com [208.138.46.10]) by krell.webweaver.net (Postfix) with ESMTP id B40C220F04; Wed, 8 Nov 2000 01:01:49 -0800 (PST) Content-Length: 1880 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Wed, 08 Nov 2000 01:15:47 -0700 (PST) From: Nicole To: Adam Herzog Subject: RE: Limited FTP accounts Cc: freebsd-isp@FreeBSD.ORG, Dave Wilson Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 06-Nov-00 Adam Herzog wrote: > I'm doing that for my users, now... > > I followed the instructions here without any problem: > http://www.freebsddiary.org/ftpd-ls.html > > -Adam I still prefer Ncftpd. It has had a very good security history and is as configurable as proftpd. It costs money but not much considering. Nicole > > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Dave Wilson > Sent: Monday, November 06, 2000 7:19 AM > To: freebsd-isp@FreeBSD.ORG > Subject: Limited FTP accounts > > > Hi guys, howzit going ? > > Any one got any ideas on how to restrict an FTP user to only accessing his > home directory and nothing else ? > See I want a normal user to have access to nothing else other than his home > directory. > Thanks. > > Regards > Dave Wilson > The S.A. Internet > (033) 3456777 > 0825496159 > http://www.sai.co.za > "Who is "General Failure", and what is he doing reading my hard disk ?" > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message nicole@unixgirl.com |\ __ /| (`\ http://www.unixgirl.com/ webmistress@dangermouse.org | o_o |__ ) ) http://www.dangermouse.org/ nicole@deviantimages.com // \\ http://www.deviantimages.com/ ---------------------------(((---(((----------------------------------------- -- Powered by Coka-Cola and FreeBSD -- -- Strong as any man - made for a Woman -- -- "I drank WHAT ?!" - Socrates -- Hmm You seem better - "been giving myself shock treatments" Up the Voltage! ----------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 2:18:41 2000 Delivered-To: freebsd-isp@freebsd.org Received: from visi.gothic.net.au (visi.gothic.net.au [203.23.49.132]) by hub.freebsd.org (Postfix) with ESMTP id 9AB5D37B4C5 for ; Wed, 8 Nov 2000 02:18:38 -0800 (PST) Received: by visi.gothic.net.au (Postfix, from userid 605) id 110AB1F37; Wed, 8 Nov 2000 21:18:30 +1100 (EST) Received: from mysterious (mysterious.gothic.net.au [202.182.72.29]) by visi.gothic.net.au (Postfix) with SMTP id 291977C99; Wed, 8 Nov 2000 21:18:26 +1100 (EST) Message-ID: <003601c0496d$3b6bd740$1d48b6ca@mysterious> From: "Sean Winn" To: Cc: References: Subject: Re: secure server Date: Wed, 8 Nov 2000 20:05:18 +1100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 X-AntiVirus: scanned for viruses by AMaViS 0.2.1 (http://amavis.org/) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org SSL served web pages cannot be cached by a public proxy-cache, such as squid, or MS-Proxy; they can be proxied (there's a CONNECT method in HTTP for that purpose), but that just allows a connection, not a cacheable object. Only the browser sees the cacheable objects. Lynx in it's normal configuration cannot handle SSL; it has to be patched to do it; libwww under Perl requires add-ons to do SSL as well (so hand-tooled scripts need help); PHP cannot open https URLs, though it can open FTP or HTTP ones. fetch, wget, and others also don't support SSL... ----- Original Message ----- From: "Henrik Hudson" To: "'Jim Pazarena'" Cc: Sent: Wednesday, November 08, 2000 10:49 AM Subject: RE: secure server > Hello- > > My understanding is that the computation needed to generate all the SSL > pages would bog a server down if there is a high traffic volume? and why bog > it down for pages that don't need it? > > As for the non-secure / secure dilemma, some browsers don't handle the SSL > encryption as of yet? Otherwise, I can't think of one either. > > Henrik > > > -----Original Message----- > > From: owner-freebsd-isp@FreeBSD.ORG > > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jim Pazarena > > Sent: Tuesday, November 07, 2000 17:22 > > To: freebsd-isp@freebsd.org > > Subject: secure server > > > > > > Is it possible to have a plain 'unsecure' apache running on the > > server at the same time that a secure-server is also running? > > > > The reason I ask, is I'm confused why when you go to a site > > to buy something you are sometimes asked do you want > > 'the secure OR non-secure' purchase. Is there some reason why > > I would even _need_ a non-secure purchase? and to take this > > thought process to the next step, why not make your server > > 'secure' ALL the time? > > > > > > -- > > Jim Pazarena mailto:paz@ccstores.com > > http://www.qcislands.net/paz > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 4:13: 2 2000 Delivered-To: freebsd-isp@freebsd.org Received: from virtual.sysadmin-inc.com (lists.sysadmin-inc.com [209.16.228.140]) by hub.freebsd.org (Postfix) with ESMTP id 7153F37B479 for ; Wed, 8 Nov 2000 04:12:59 -0800 (PST) Received: from localhost (peter@localhost) by virtual.sysadmin-inc.com (8.9.1/8.9.1) with SMTP id HAA19156 for ; Wed, 8 Nov 2000 07:14:12 -0500 Date: Wed, 8 Nov 2000 07:14:11 -0500 (EST) From: To: freebsd-isp@freebsd.org Subject: odbc connection for ms access clients? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've got a few customers who want to publish their ms access database to their site. On an NT server, it's a mindless point and click. Do we have anything for freebsd that will create the same kind of end user experience, or at least make it possible to publish an access database and link it to a website? Thanks in advance. Peter Brezny SysAdmin Services Inc. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 4:57:22 2000 Delivered-To: freebsd-isp@freebsd.org Received: from colossus.invictanet.co.uk (colossus.invictanet.co.uk [62.232.18.118]) by hub.freebsd.org (Postfix) with ESMTP id 9821237B4CF for ; Wed, 8 Nov 2000 04:57:18 -0800 (PST) Received: from harryhome (modem282.netkonect.net [194.164.14.28]) by colossus.invictanet.co.uk (8.9.3/8.9.3) with SMTP id MAA26009 for ; Wed, 8 Nov 2000 12:57:16 GMT From: "InvictaNet Customer Support" To: "Freebsd-ISP" Subject: RE: non-existant MX Date: Wed, 8 Nov 2000 12:57:12 -0000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 In-Reply-To: Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The question that strikes me is "Why on earth would you not want to receive mail for a domain under your control" You could be missing out on "I think your domain name is cool, will you sell it for £1 million?" Martyn ----------------------------------------------------- InvictaNet - The Internet in Plain English, Guaranteed http://www.invictanet.co.uk mailto:info@invictanet.co.uk phone: 0870 7402252 fax: +44 (0)1233 334001 ------------------------------------------------------ -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Jonathan M. Slivko Sent: Tuesday, November 07, 2000 9:48 PM To: leifn@neland.dk; freebsd-isp@FreeBSD.ORG Subject: Re: non-existant MX I *think* that if you don't set up an MX line, one will not be used. So, if you don't put anything, I think you should be fine. -- Jonathan M. Slivko >From: Leif Neland >To: freebsd-isp@freebsd.org >Subject: non-existant MX >Date: Tue, 7 Nov 2000 12:00:25 +0100 (CET) > >How can I in the dns specify there is no mailserver for a domain? > >I have domains where the domain itself has an ip-adress, for having >www.this.dom = this.dom, but where there are no mailserver. > >I see some mailers trying to send the mail to the ip-adress of the >webserver. > >Would some of these work? > >no.mailserver.for.this.domain. >0.0.0.0? >255.255.255.255? >127.0.0.1? > >Or are there any magic values? > >Leif > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 5:35:40 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gizmo.internode.com.au (gizmo.internode.com.au [192.83.231.115]) by hub.freebsd.org (Postfix) with ESMTP id B55C037B479 for ; Wed, 8 Nov 2000 05:35:36 -0800 (PST) Received: (from newton@localhost) by gizmo.internode.com.au (8.11.0/8.9.3) id eA8DYY819285; Thu, 9 Nov 2000 00:04:34 +1030 (CST) (envelope-from newton) Date: Thu, 9 Nov 2000 00:04:33 +1030 From: Mark Newton To: peter@virtual.sysadmin-inc.com Cc: freebsd-isp@FreeBSD.ORG Subject: Re: odbc connection for ms access clients? Message-ID: <20001109000433.A19273@internode.com.au> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: X-PGP-Key: http://www.on.net/~newton/pgpkey.txt Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Nov 08, 2000 at 07:14:11AM -0500, peter@virtual.sysadmin-inc.com wrote: > I've got a few customers who want to publish their ms access database to > their site. On an NT server, it's a mindless point and click. Do we have > anything for freebsd that will create the same kind of end user > experience, or at least make it possible to publish an access database and > link it to a website? /usr/ports/databases/unixODBC There's also an ODBC DBD driver for Perl DBI on CPAN. - mark -- Mark Newton Email: newton@internode.com.au (W) Network Engineer Email: newton@atdot.dotat.org (H) Internode Systems Pty Ltd Desk: +61-8-82232999 "Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 5:40:49 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.sai.co.za (ns1.amandla.co.za [196.33.40.1]) by hub.freebsd.org (Postfix) with ESMTP id 427C737B479 for ; Wed, 8 Nov 2000 05:40:43 -0800 (PST) Received: from fdisk (dave.sai.co.za [196.33.40.17]) by mail.sai.co.za (8.9.3/8.9.3) with SMTP id PAA09835; Wed, 8 Nov 2000 15:41:06 +0200 (SAST) (envelope-from davew@sai.co.za) Message-ID: <01a901c04989$77100660$112821c4@sai.co.za> Reply-To: "Dave Wilson" From: "Dave Wilson" To: "John Hay" Cc: References: <200011071430.eA7EUPO61715@zibbi.icomtek.csir.co.za> Subject: Re: Digi Sync 570/i card. Date: Wed, 8 Nov 2000 15:40:31 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi John, In the kernel I see "dgb" and "dgm", these however seem to be for PC/Xi, PC/Xe and PC/Xem cards not for the Sync 570/i ?? Will those work for the 570/i ? Also how is "ar" going to help me ? ;-) Thanks. Regards Dave Wilson The S.A. Internet (033) 3456777 0825496159 http://www.sai.co.za "Who is "General Failure", and what is he doing reading my hard disk ?" ----- Original Message ----- From: "John Hay" To: "Dave Wilson" Cc: Sent: Tuesday, November 07, 2000 4:30 PM Subject: Re: Digi Sync 570/i card. > > > > Any one ever succesfully installed a Digi 570/i WAN (X.21) card in a FreeBSD > > box ? > > Please help me find where I can find some info on setting one up. > > Thanks. ;-) > > There is a man page, ar(4), for it. Just compile a kernel with it in and > ifconfig it. > > John > -- > John Hay -- John.Hay@icomtek.csir.co.za > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 5:57:38 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 51AC537B479 for ; Wed, 8 Nov 2000 05:57:35 -0800 (PST) Received: (qmail 2684 invoked from network); 8 Nov 2000 13:57:27 -0000 Received: from abyss.dashit.net (HELO abyss) (209.100.22.250) by orion.psknet.com with SMTP; 8 Nov 2000 13:57:27 -0000 From: "Troy Settle" To: "Mark Newton" , Cc: Subject: RE: odbc connection for ms access clients? Date: Wed, 8 Nov 2000 08:58:57 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-reply-to: <20001109000433.A19273@internode.com.au> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This would work if the customer's machine was up on the 'net all the time and easily accessable by the FreeBSD server. Somehow, I don't think the original poster had this in mind. What I've done in the past, was to create a MySQL database for the customer to use. Then, through MyODBC, the customer is able to manipulate their database from Access. If you are talking about publishing an Access database to frontpage under unix, you're SOL, it's not going to happen. If you have a lot of demand for frontpage/database sites, I'd reccomend that you invest in Windows2000 and MSSQL, or educate your users to use MySQL and Perl/PHP. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short. ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Mark Newton ** Sent: Wednesday, November 08, 2000 8:35 AM ** To: peter@virtual.sysadmin-inc.com ** Cc: freebsd-isp@FreeBSD.ORG ** Subject: Re: odbc connection for ms access clients? ** ** ** On Wed, Nov 08, 2000 at 07:14:11AM -0500, ** peter@virtual.sysadmin-inc.com wrote: ** ** > I've got a few customers who want to publish their ms ** access database to ** > their site. On an NT server, it's a mindless point and ** click. Do we have ** > anything for freebsd that will create the same kind of end user ** > experience, or at least make it possible to publish an ** access database and ** > link it to a website? ** ** /usr/ports/databases/unixODBC ** ** There's also an ODBC DBD driver for Perl DBI on CPAN. ** ** - mark ** ** -- ** Mark Newton Email: ** newton@internode.com.au (W) ** Network Engineer Email: ** newton@atdot.dotat.org (H) ** Internode Systems Pty Ltd Desk: +61-8-82232999 ** "Network Man" - Anagram of "Mark Newton" Mobile: +61-416-202-223 ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 6: 0:55 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 840F737B479 for ; Wed, 8 Nov 2000 06:00:52 -0800 (PST) Received: (qmail 4108 invoked from network); 8 Nov 2000 14:00:49 -0000 Received: from abyss.dashit.net (HELO abyss) (209.100.22.250) by orion.psknet.com with SMTP; 8 Nov 2000 14:00:49 -0000 From: "Troy Settle" To: "Bob Martin" , Subject: RE: ODBC Date: Wed, 8 Nov 2000 09:02:20 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-reply-to: <3A082566.A2E6E2BB@inu.net> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org It's not ODBC, but FreeTDS works great against MSSQL7. It seems to have a well defined C API, and PHP will build against it without issue (using /usr/ports/www/mod_php[3|4]). For perl, I don't know for sure, but I think the DBI module will give you access to MSSQL. Check your favorite source for perl documentation for details. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short. ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Bob Martin ** Sent: Tuesday, November 07, 2000 10:53 AM ** To: freebsd-isp@freebsd.org ** Subject: ODBC ** ** ** Anyone know where I can get a good ODBC driver for FreeBSD? I need to ** connect to a MSSQL server. ** ** Thanks! ** -- ** Bob Martin, CTO ** InterNet Unlimited ** http://www.inu.net ** mailto:bob@inu.net ** ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 6:15:18 2000 Delivered-To: freebsd-isp@freebsd.org Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za [146.64.24.58]) by hub.freebsd.org (Postfix) with ESMTP id 5189837B479 for ; Wed, 8 Nov 2000 06:15:11 -0800 (PST) Received: (from jhay@localhost) by zibbi.icomtek.csir.co.za (8.11.0/8.11.0) id eA8EEeT94845; Wed, 8 Nov 2000 16:14:40 +0200 (SAT) (envelope-from jhay) From: John Hay Message-Id: <200011081414.eA8EEeT94845@zibbi.icomtek.csir.co.za> Subject: Re: Digi Sync 570/i card. In-Reply-To: <01a901c04989$77100660$112821c4@sai.co.za> from Dave Wilson at "Nov 8, 2000 03:40:31 pm" To: dave@sai.co.za (Dave Wilson) Date: Wed, 8 Nov 2000 16:14:40 +0200 (SAT) Cc: jhay@icomtek.csir.co.za (John Hay), freebsd-isp@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > In the kernel I see "dgb" and "dgm", these however seem to be for PC/Xi, > PC/Xe and PC/Xem cards not for the Sync 570/i ?? > Will those work for the 570/i ? Nope, they won't. > Also how is "ar" going to help me ? ;-) Well there is a little confusion now that Soren calls his ATA Raid stuff ar and then there is ar(1), the archiving tool also. :-) The Digi 570i cards were made by Arnet a long time ago and then Digi bought them or merged or whatever and now the are called Digi. Do "man 4 ar" and you will get the man page for the Arnet/Digi 570i cards. BTW Do you have an ISA or PCI card? John -- John Hay -- John.Hay@icomtek.csir.co.za To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 6:41:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.o-yo.com (unknown [202.109.110.102]) by hub.freebsd.org (Postfix) with SMTP id DD32937B479 for ; Wed, 8 Nov 2000 06:41:29 -0800 (PST) Received: (qmail 988 invoked from network); 9 Nov 2000 06:40:43 -0000 Received: from unknown (HELO oneflower) (202.109.110.101) by 202.109.110.102 with SMTP; 9 Nov 2000 06:40:43 -0000 Message-ID: <001701c04991$87ea03c0$656e6dca@oneflower> From: "oneflower" To: , Subject: a problem about install freebsd 4.1.1 on HP Lpr? Date: Wed, 8 Nov 2000 22:38:16 +0800 MIME-Version: 1.0 Content-Type: text/plain; charset="gb2312" Content-Transfer-Encoding: base64 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4133.2400 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org SGVsbG8sZXZlcnkgb25lOg0KDQogIEkgaGF2ZSBtZWV0IGEgcHJvYmxlbSB3aGVuIEkgYW0gaW5z dGFsbGluZyBGcmVlQlNEIDQuMS4xIG9uIEhQIExQUi4NCg0KSFAgTFBSOg0KDQpjcHU6IFBJSUkg NjUwTUhaICoyDQptZW1vcnk6Mzg0TUINCkRpc2sgOiA5RyBzY3NpLTIgKjINClNjc2kgY2FyZDog IEhQIE5ldFJhaWQgMXNpDQogICAgICAgICAgICBzY3NpIGNhcmQgd2l0aG91dCByYWlkIChIUCkN Cg0KUGhvZW5peEJJT1MgNC4wNi4zNCBQUg0KU3ltYmlvcyxJbmMuU0RNUyAoVE0pIHY0LjAgUENJ IFNDU0kgQklPUyxQQ0kgUmV2LiAyLjAgLDIuMQ0KQ29weXJpZ2h0IDE5OTUgLDE5OTggU3ltYmlv cyxJbmMuDQpQQ0ktNC4xNC4wNA0KDQpTeW1iaW9zLEluYy5QY2kgYm9vdCBSb20gLG5vIHN1cHBv cnRlZCBkZXZpY2VzIGZvdW5kLg0KDQpIUCBOZXRSQUlEIEFkYXB0ZXIgQklPUyBWRVIgQi4wMi4w MiBBcHIgMDMsMjAwMA0KQ29weXJpZ2h0KGMpIEFtZXJpY2FuIE1lZ2FUcmVuZHMsSW5jLg0KDQoN Cg0KdGhlIGluc3RhbGwgcHJvY2VzcyBzdG9wIGF0IHRoaXMgc2NyZWVuOg0KDQoiLi4uLi4uLi4u Li4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uLi4uDQpmeHAwOjxJbnRlciBwcm8gMTAvMTAw Qi8xMDArIEV0aGVybmV0PiBwb3J0IDB4OTQwMC0weDk0M2YgbWVtIDB4ZmExMDAwMDAtMHhmYTFm ZmZmZiwNCjB4ZmEyMDAwMDAtMHhmYTJmZmZmZiAgaXJxIDExIGF0IGRldmljZSAzLjAgb24gcGNp MQ0KZnhwMDogRXRoZXJuZXQgYWRkcmVzcyAwMDpkMDpiNzo5MToyMDpkMg0Kc3ltMDogPDg5NT4g cG9ydCAweDkwMDAtMHg5MGZmIG1lbSAweGZhMjAxMDAwLTB4ZmEyMDFmZmYsMHhmYTIwMjAwMC0w eGZhMjAyMGZmIA0KaXJxIDE1IGF0IGRldmljZSA0LjAgb24gcGNpMSINCiAgDQoNCmFmdGVyIGEg bG9uZyB0aW1lICxpdCByZXBlYXRlZCBtZXNzYWdlcyBvbiBzY3JlZW4gbGlrZSA6DQoNCiIuLi4u Li4uDQoobm9wZXJpcGg6IHN5bTA6MDotMTotMSk6IFNDU0kgQlVTIG1vZGUgY2hhbmdlIGZyb20g U0UgdG8gU0UNCnN5bTA6MDppcGg6c3ltIE9VVCBwaGFzZSBhZnRlci4uLi4uLi4uLi4uIg0KDQoN Cg0KV2hhdCBwcm9ibGVtPyBXaG8gY2FuIGhlbHAgbWU/DQoNClRoZSBMcHIgY2FuIGJlIGluc3Rh bGxlZCB3aXRoIHdpbmRvd3MgMjAwMCBBZHYgU2VydmVyLHJ1biB3ZWxsIGJ1dCBib290IHdpbmRv d3MNCiBuZWVkcyBhIGxvdCBvZiB0aW1lLg0KSSBjYW4ndCBpbnN0YWxsICBSZWRoYXQgNy4wIG9u IGl0ICx0b28uDQpJdCBzdG9wZWQgYXQgbG9hZCBzY3NpIGRyaXZlci4NCg0KDQpCZXN0IFJlZ2Fy ZHMsDQoNCiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBGbG93ZXIN Cg== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 7:17:21 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gifw.genroco.com (genroco.com [205.254.195.202]) by hub.freebsd.org (Postfix) with ESMTP id 0272937B479 for ; Wed, 8 Nov 2000 07:17:19 -0800 (PST) Received: from gi2.genroco.com (IDENT:root@gi2.genroco.com [192.133.120.3]) by gifw.genroco.com (8.9.3/8.9.3) with ESMTP id JAA05262; Wed, 8 Nov 2000 09:17:17 -0600 Received: from scot.genroco.com (scot.genroco.com [192.133.120.125]) by gi2.genroco.com (8.9.3/8.9.3) with SMTP id JAA07340; Wed, 8 Nov 2000 09:17:17 -0600 Message-ID: <003501c04996$fb775e00$7d7885c0@genroco.com> From: "Scot W. Hetzel" To: "Evren Yurtesen" Cc: References: Subject: Re: Re:(2) sendmail and auth Date: Wed, 8 Nov 2000 09:17:16 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: "Evren Yurtesen" > I have done that already but it actually doesnt work. > I wonder if there is somebody who had very hard time > making it work too. There are very little information > in Sendmail and Cyrus SASL documents about how to configure > each of them etc. > Have a looked at: SMTP AUTH: http://www.sendmail.org/~ca/email/auth.html STARTTLS: http://www.sendmail.org/~ca/email/starttls.html Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 7:56: 9 2000 Delivered-To: freebsd-isp@freebsd.org Received: from kaon.intercom.com (kaon.intercom.com [198.143.3.30]) by hub.freebsd.org (Postfix) with ESMTP id 3EE6037B4C5; Wed, 8 Nov 2000 07:55:56 -0800 (PST) Received: from [198.143.3.26] (helo=intercom.com) by kaon.intercom.com with esmtp (Exim 3.16 #1) id 13tXZg-000HYP-00; Wed, 08 Nov 2000 10:55:44 -0500 Date: Wed, 8 Nov 2000 10:55:44 -0500 (EST) From: "Jason J. Horton" X-Sender: mail@kaon.intercom.com To: oneflower Cc: freebsd-hackers@freebsd.org, freebsd-isp@freebsd.org Subject: Re: a problem about install freebsd 4.1.1 on HP Lpr? In-Reply-To: <001701c04991$87ea03c0$656e6dca@oneflower> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've had no problems with my LPrs during installs, I have almost the same config as you (the diff being faster CPUs). Are you sure you properly terminated the built-in SCSI card when you installed the RAID card? The instructions that came with the RAID card are pretty detailed in what needs to be done. Also, if you dont have any drives attached to the built-in SCSI card, you may want to concider disabling it in the BIOS. > Hello,every one: > > I have meet a problem when I am installing FreeBSD 4.1.1 on HP LPR. > > HP LPR: > > cpu: PIII 650MHZ *2 > memory:384MB > Disk : 9G scsi-2 *2 > Scsi card: HP NetRaid 1si > scsi card without raid (HP) > > PhoenixBIOS 4.06.34 PR > Symbios,Inc.SDMS (TM) v4.0 PCI SCSI BIOS,PCI Rev. 2.0 ,2.1 > Copyright 1995 ,1998 Symbios,Inc. > PCI-4.14.04 > > Symbios,Inc.Pci boot Rom ,no supported devices found. > > HP NetRAID Adapter BIOS VER B.02.02 Apr 03,2000 > Copyright(c) American MegaTrends,Inc. > > > > the install process stop at this screen: > > ".......................................... > fxp0: port 0x9400-0x943f mem 0xfa100000-0xfa1fffff, > 0xfa200000-0xfa2fffff irq 11 at device 3.0 on pci1 > fxp0: Ethernet address 00:d0:b7:91:20:d2 > sym0: <895> port 0x9000-0x90ff mem 0xfa201000-0xfa201fff,0xfa202000-0xfa2020ff > irq 15 at device 4.0 on pci1" > > > after a long time ,it repeated messages on screen like : > > "....... > (noperiph: sym0:0:-1:-1): SCSI BUS mode change from SE to SE > sym0:0:iph:sym OUT phase after..........." > > > > What problem? Who can help me? > > The Lpr can be installed with windows 2000 Adv Server,run well but > boot windows needs a lot of time. > I can't install Redhat 7.0 on it ,too. > It stoped at load scsi driver. > > > Best Regards, > > Flower To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 10:59:38 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gate.trident-uk.co.uk (mail.trident-uk.co.uk [195.166.16.10]) by hub.freebsd.org (Postfix) with ESMTP id B62E537B479 for ; Wed, 8 Nov 2000 10:59:34 -0800 (PST) Received: from [194.207.93.139] by gate.trident-uk.co.uk for freebsd-isp@freebsd.org id SAA21018; Wed Nov 8 18:57:48 2000 Organization: Psi-Domain Ltd. Subject: BIND 8.2.2-P5 Possible DOS Date: Wed, 8 Nov 2000 19:02:24 +0000 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain MIME-Version: 1.0 Message-Id: <00110819041604.01782@freefire.psi-domain.co.uk> Content-Transfer-Encoding: 8bit To: freebsd-isp@freebsd.org From: Jamie Heckford Reply-To: heckfordj@psi-domain.co.uk Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Verified this earlier... make sure your nameservers are configured correctly!! Nov 8 19:00:47 atlas named-xfer[78583]: [x.x.x.x] no SOA found for xxx, SOA query got rcode 3, aa 1, ancount 0, auc ount 1 Nov 8 19:01:05 atlas named[276]: unsupported XFR (type ZXFR) of "xxx" (IN) to [x.x.x.x].1368 Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 Nov 8 19:01:21 atlas /kernel: pid 276 (named), uid 53: exited on signal 6 Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 ---------- Forwarded Message ---------- Subject: BIND 8.2.2-P5 Possible DOS Date: Tue, 7 Nov 2000 13:40:49 +0100 From: "Fabio Pietrosanti (naif)" Hi, playing with bind and ZXFR feature ( zone transfer compressed with a possible insecure execlp("gzip", "gzip", NULL); ), i discovered a Denial Of Service against Bind 8.2.2-P5 . By default Bind 8.2.2-P5 it's not compiled with ZXFR support unless you define it with #define BIND_ZXFR so it will refuse any ZXFR transfer, because it doesn't support it. But now what appens? Look here... ################################ zone to transfer: zone.pippo.com dns server: dns.pippo.com 192.168.1.1 me: naif.gatesux.com 10.10.10.10 I send a Zone Trasnfer request using "-Z" switch with means that i wish to use ZXFR. dns.pippo.com does'nt support ZXFR and have "allow-transfer{}" not configured, so everyone could ask him for *.zone.pippo.com ... [~/bind/src822p5/bin/named-xfer] $ ./named-xfer -z zone.pippo.com -d 9 -f pics -Z dns.pippo.com named-xfer[29297]: send AXFR query 0 to 192.168.1.1 named-xfer[29297]: premature EOF, fetching "zone.pippo.com" On the server's log: Nov 7 11:19:09 dns.pippo.com: named[188510]: approved ZXFR from [10.10.10.10].2284 for "zone.pippo.com" Nov 7 11:19:09 dns.pippo.com: named[188510]: unsupported XFR (type ZXFR) of "zone.pippo.com" (IN) to [10.10.10.10].2284 Then the server "*** CRASHED ***" . I should assume that bind 8.2.2-P5 it's vulnerable ( Please someone test and confirm this kind of dos) and bind-9.0.0 has no support for ZXFR . [~/bind] $ find src822p5/ -type f -exec grep -i zxfr \{\} ';' | wc -l 234 [~/bind] $ find bind-9.0.0/ -type f -exec grep -i zxfr \{\} ';' | wc -l 0 A lot of DNS Server are misconfigured, and allow zone-transfer to any, so they are dossable... naif naif@itapac.net ------------------------------------------------------- -- Jamie Heckford Chief Network Engineer Psi-Domain - Innovative Linux Solutions. Ask Us How. =================================== email: heckfordj@psi-domain.co.uk web: http://www.psi-domain.co.uk/ tel: +44 (0)1737 789 246 fax: +44 (0)1737 789 245 mobile: +44 (0)7779 646 529 =================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 12:34:50 2000 Delivered-To: freebsd-isp@freebsd.org Received: from loops.nilpotent.org (loops.nilpotent.org [207.141.25.142]) by hub.freebsd.org (Postfix) with SMTP id A733C37B479 for ; Wed, 8 Nov 2000 12:34:48 -0800 (PST) Received: (qmail 62932 invoked from network); 8 Nov 2000 20:34:47 -0000 Received: from fiber3-157.brain.net.pk (root@203.128.3.157) by loops.nilpotent.org with QMTP; 8 Nov 2000 20:34:47 -0000 Received: (qmail 7613 invoked by uid 500); 8 Nov 2000 20:35:04 -0000 To: freebsd-isp@FreeBSD.ORG Subject: Re: tacacs plus. References: <20001107050735.D53363@nilpotent.org> <20001108064124.A17507@titan.klemm.gtn.com> In-Reply-To: Andreas Klemm's message of "Wed, 8 Nov 2000 06:41:24 +0100" X-nil: X-Useless-info: System load is 1.28 with 83 processes active. X-Neuromancer: Smith told him. X-Linux-Version: I always recommend that people run 0.99p14 with gcc 2.7.2.1 on Jihad Linux! From: fn@hungry.org (Faried Nawaz) Organization: Integral Domains Date: 09 Nov 2000 01:35:04 +0500 Message-ID: Lines: 20 User-Agent: Gnus/5.0802 (Gnus v5.8.2) XEmacs/21.1 (Biscayne) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andreas Klemm writes: Could you please tell me more concerning this issue ? As I understand it, O_SYNC is not in POSIX. Apps should instead do fd = open(...); write(fd, ...); fsync(fd); I *think* FreeBSD does the right thing with open(...O_SYNC...), but I'm not sure. Faried. -- self name. "Jesus Christ!" "Not quite." -- Hellraiser III superstar! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 13:31:51 2000 Delivered-To: freebsd-isp@freebsd.org Received: from front3m.grolier.fr (front3m.grolier.fr [195.36.216.53]) by hub.freebsd.org (Postfix) with ESMTP id AB71E37B479; Wed, 8 Nov 2000 13:31:40 -0800 (PST) Received: from nas7-126.vlt.club-internet.fr (nas7-126.vlt.club-internet.fr [194.158.109.126]) by front3m.grolier.fr (8.9.3/No_Relay+No_Spam_MGC990224) with ESMTP id WAA02471; Wed, 8 Nov 2000 22:31:30 +0100 (MET) Date: Wed, 8 Nov 2000 21:31:58 +0100 (CET) From: =?ISO-8859-1?Q?G=E9rard_Roudier?= X-Sender: groudier@linux.local To: oneflower Cc: freebsd-hackers@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG, Pam Delaney Subject: Re: a problem about install freebsd 4.1.1 on HP Lpr? In-Reply-To: <001701c04991$87ea03c0$656e6dca@oneflower> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Looks like both the NetRaid firmware and the `sym' driver are in love with the 895. If I am right, such an evil competition obviously disallows both of them to succeed their aim. :-) Given this message, > Symbios,Inc.Pci boot Rom ,no supported devices found. The Symbios BIOS seems to detect the situation just fine and discard the 895. For now, I donnot know how it does, but may-be Pamela knows. G=E9rard. On Wed, 8 Nov 2000, oneflower wrote: > Hello,every one: >=20 > I have meet a problem when I am installing FreeBSD 4.1.1 on HP LPR. >=20 > HP LPR: >=20 > cpu: PIII 650MHZ *2 > memory:384MB > Disk : 9G scsi-2 *2 > Scsi card: HP NetRaid 1si > scsi card without raid (HP) >=20 > PhoenixBIOS 4.06.34 PR > Symbios,Inc.SDMS (TM) v4.0 PCI SCSI BIOS,PCI Rev. 2.0 ,2.1 > Copyright 1995 ,1998 Symbios,Inc. > PCI-4.14.04 >=20 > Symbios,Inc.Pci boot Rom ,no supported devices found. >=20 > HP NetRAID Adapter BIOS VER B.02.02 Apr 03,2000 > Copyright(c) American MegaTrends,Inc. >=20 >=20 >=20 > the install process stop at this screen: >=20 > ".......................................... > fxp0: port 0x9400-0x943f mem 0xfa100000-= 0xfa1fffff, > 0xfa200000-0xfa2fffff irq 11 at device 3.0 on pci1 > fxp0: Ethernet address 00:d0:b7:91:20:d2 > sym0: <895> port 0x9000-0x90ff mem 0xfa201000-0xfa201fff,0xfa202000-0xfa2= 020ff=20 > irq 15 at device 4.0 on pci1" > =20 >=20 > after a long time ,it repeated messages on screen like : >=20 > "....... > (noperiph: sym0:0:-1:-1): SCSI BUS mode change from SE to SE > sym0:0:iph:sym OUT phase after..........." >=20 >=20 >=20 > What problem? Who can help me? >=20 > The Lpr can be installed with windows 2000 Adv Server,run well but boot w= indows > needs a lot of time. > I can't install Redhat 7.0 on it ,too. > It stoped at load scsi driver. >=20 >=20 > Best Regards, >=20 > Flower > N=85'=B2=E6=ECr=B8=9B{=FB=1E=9D=D9=9A=8A[h=99=A8=E8=AD=DA&=A3=F1ky=E0R=0F= =FA+=83=08=AD=87=FB=A7=B2=E6=ECr=B8=9By=FA=DEy=BB=1D=FE=16=9C=91=EA=EC=FE)= =ED=85=E6=E8w*=1F=B6=17=A6z=CB=1A >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 17:40:28 2000 Delivered-To: freebsd-isp@freebsd.org Received: from velvet.sensation.net.au (serial1-2-velvet-brunswick.sensation.net.au [203.20.114.195]) by hub.freebsd.org (Postfix) with ESMTP id 3377337B479 for ; Wed, 8 Nov 2000 17:40:23 -0800 (PST) Received: from localhost (rowan@localhost) by velvet.sensation.net.au (8.9.3/8.9.3) with ESMTP id MAA55736 for ; Thu, 9 Nov 2000 12:40:08 +1100 (EST) (envelope-from rowan@sensation.net.au) X-Authentication-Warning: velvet.sensation.net.au: rowan owned process doing -bs Date: Thu, 9 Nov 2000 12:40:07 +1100 (EST) From: Rowan Crowe To: freebsd-isp@freebsd.org Subject: ipfw - log to somewhere else? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi all, With the ever increasing number of UDP 137 and TCP 139 scans, my logs are filling up fast... between 2,000-3,000 lines per day just from ipfw. My "email diff of denied packets every 20 minutes" script is almost useless since I'm receiving an email almost every single 20 minute run, and the ipfw denies are also causing /var/messages to be rotated a lot more frequently. While I still want those ports blocked and logged for reporting purposes, is there a way to divert the log entries to another file? Just to complicate things, most of the ipfw denies come from another machine and the log entries arrive via syslog... Cheers. -- Rowan Crowe http://www.rowan.sensation.net.au/ Sensation Internet Services http://info.sensation.net.au/ Melbourne, Australia Phone: +61-3-9388-9260 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 18:20: 9 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hotmail.com (oe28.pav0.hotmail.com [64.4.32.108]) by hub.freebsd.org (Postfix) with ESMTP id 037A237B479 for ; Wed, 8 Nov 2000 18:20:06 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Wed, 8 Nov 2000 18:20:05 -0800 X-Originating-IP: [209.187.200.84] From: "Jonathan M. Slivko" To: "Rowan Crowe" , "FreeBSD ISP Mailing List" Subject: Re: ipfw - log to somewhere else? Date: Wed, 8 Nov 2000 21:20:46 -0500 MIME-Version: 1.0 X-Mailer: MSN Explorer 6.00.0010.0900 Content-Type: multipart/alternative; boundary="----=_NextPart_001_0000_01C049C9.C2770CD0" Message-ID: X-OriginalArrivalTime: 09 Nov 2000 02:20:05.0826 (UTC) FILETIME=[92FC4220:01C049F3] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ------=_NextPart_001_0000_01C049C9.C2770CD0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have a similarly related question: =20 What about a machine that is on the Internet, but would like to route all= it's syslog operations to another, backup machine. What is needed to do = that successfully? So far, I haven't had any luck in producing the desire= d effect. -- Jonathan M. Slivko ----- Original Message ----- From: Rowan Crowe Sent: Wednesday, November 08, 2000 8:42 PM To: freebsd-isp@freebsd.org Subject: ipfw - log to somewhere else? Hi all, With the ever increasing number of UDP 137 and TCP 139 scans, my logs are filling up fast... between 2,000-3,000 lines per day just from ipfw. My "email diff of denied packets every 20 minutes" script is almost useless since I'm receiving an email almost every single 20 minute run, and the ipfw denies are also causing /var/messages to be rotated a lot more frequently. While I still want those ports blocked and logged for reporting purposes, is there a way to divert the log entries to another file? Just to complicate things, most of the ipfw denies come from another machine and the log entries arrive via syslog... Cheers. -- Rowan Crowe http://www.rowan.sensation.net.a= u/ Sensation Internet Services http://info.sensation.net.a= u/ Melbourne, Australia Phone: +61-3-9388-92= 60 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message ------=_NextPart_001_0000_01C049C9.C2770CD0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I have a simil= arly related question:
 
What about a machine= that is on the Internet, but would like to route all it's syslog operati= ons to another, backup machine. What is needed to do that successfully? S= o far, I haven't had any luck in producing the desired effect. -- Jonatha= n M. Slivko

----- Original Mess= age -----
From: Rowan Crowe
Sent: Wednesday, November 08, 2000 8:42 PM
To: freebsd-isp@freebsd.org
Subject: ipfw - log to som= ewhere else?

Hi all,

With the ever increasing= number of UDP 137 and TCP 139 scans, my logs are
filling up fast... b= etween 2,000-3,000 lines per day just from ipfw. My
"email diff of den= ied packets every 20 minutes" script is almost useless
since I'm recei= ving an email almost every single 20 minute run, and the
ipfw denies a= re also causing /var/messages to be rotated a lot more
frequently.
=
While I still want those ports blocked and logged for reporting purpo= ses,
is there a way to divert the log entries to another file?

= Just to complicate things, most of the ipfw denies come from another
m= achine and the log entries arrive via syslog...

Cheers.

--
Rowan Crowe         &= nbsp;           &n= bsp;        http://www.rowan.sensation= net.au/
Sensation Internet Services     &nbs= p;            = ; http://info.sensation.net.au/
Melbourne, Australia   =             &= nbsp;           &n= bsp;     Phone: +61-3-9388-9260



To Uns= ubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd= -isp" in the body of the message

<= /HTML> ------=_NextPart_001_0000_01C049C9.C2770CD0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 18:30:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from puck.firepipe.net (mcut-b-167.resnet.purdue.edu [128.211.209.167]) by hub.freebsd.org (Postfix) with ESMTP id E42A137B479 for ; Wed, 8 Nov 2000 18:30:30 -0800 (PST) Received: by puck.firepipe.net (Postfix, from userid 1000) id 325AF19DF; Wed, 8 Nov 2000 21:30:26 -0500 (EST) Date: Wed, 8 Nov 2000 21:30:26 -0500 From: Will Andrews To: Rowan Crowe Cc: freebsd-isp@FreeBSD.ORG Subject: Re: ipfw - log to somewhere else? Message-ID: <20001108213026.E12659@puck.firepipe.net> Reply-To: Will Andrews References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from rowan@sensation.net.au on Thu, Nov 09, 2000 at 12:40:07PM +1100 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Nov 09, 2000 at 12:40:07PM +1100, Rowan Crowe wrote: > While I still want those ports blocked and logged for reporting purposes, > is there a way to divert the log entries to another file? man syslog.conf -- wca To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 18:45:19 2000 Delivered-To: freebsd-isp@freebsd.org Received: from velvet.sensation.net.au (serial1-2-velvet-brunswick.sensation.net.au [203.20.114.195]) by hub.freebsd.org (Postfix) with ESMTP id 293BD37B4C5 for ; Wed, 8 Nov 2000 18:45:13 -0800 (PST) Received: from localhost (rowan@localhost) by velvet.sensation.net.au (8.9.3/8.9.3) with ESMTP id NAA55948 for ; Thu, 9 Nov 2000 13:45:07 +1100 (EST) (envelope-from rowan@sensation.net.au) X-Authentication-Warning: velvet.sensation.net.au: rowan owned process doing -bs Date: Thu, 9 Nov 2000 13:45:05 +1100 (EST) From: Rowan Crowe To: freebsd-isp@freebsd.org Subject: Re: ipfw - log to somewhere else? In-Reply-To: <20001108213026.E12659@puck.firepipe.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 8 Nov 2000, Will Andrews wrote: > On Thu, Nov 09, 2000 at 12:40:07PM +1100, Rowan Crowe wrote: > > While I still want those ports blocked and logged for reporting purposes, > > is there a way to divert the log entries to another file? > > man syslog.conf Uh thanks, but if you could be a little more verbose I'd appreciate it. I have tried: !ipfw *.* /var/log/ipfw.log This sort of works, ipfw log entries on that machine go to *both* ipfw.log and messages (which doesn't really solve the messages log bloat problem...), however remote ipfw log entries still go to messages only. Cheers. -- Rowan Crowe http://www.rowan.sensation.net.au/ Sensation Internet Services http://info.sensation.net.au/ Melbourne, Australia Phone: +61-3-9388-9260 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 8 19: 5:55 2000 Delivered-To: freebsd-isp@freebsd.org Received: from snake.supranet.net (snake.supranet.net [205.164.160.19]) by hub.freebsd.org (Postfix) with ESMTP id 931FF37B479; Wed, 8 Nov 2000 19:05:52 -0800 (PST) Received: from localhost (john@localhost) by snake.supranet.net (8.9.3/8.9.3) with ESMTP id VAA26943; Wed, 8 Nov 2000 21:05:34 -0600 (CST) (envelope-from john@snake.supranet.net) Date: Wed, 8 Nov 2000 21:05:34 -0600 (CST) From: John Heyer X-Sender: john@snake.supranet.net To: "Scot W. Hetzel" Cc: John Heyer , freebsd-isp@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: MOD_FP? (Was Frontpage, ScriptAlias, and .htaccess files) In-Reply-To: <009b01c04605$eb10c720$8dfee0d1@westbend.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Well I found the problem... LoadModule frontpage_module libexec/apache/mod_frontpage.so What does it take for MOD_FP to be true? I thought that's what "apachectl startfp" did. But in anycase it was false, because just commenting out the if statements cause everything to work out fine. -- Johh Heyer - john@personal.supranet.net - http://heyer.supranet.net "Me fail English? That's unpossible!" -- Ralph Wiggam To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 1:59:45 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.softclub.net (spider.softclub.net [195.68.136.18]) by hub.freebsd.org (Postfix) with ESMTP id 7A3CC37B479; Thu, 9 Nov 2000 01:59:32 -0800 (PST) Received: from ws08.hq.softclub.net ([192.168.10.8]) by mail.softclub.net with esmtp (SOFTCLUB #3) id 13toaI-000M2Q-00 ; Thu, 09 Nov 2000 13:05:30 +0300 Date: Thu, 9 Nov 2000 13:07:11 +0300 From: "Alexei V. Alexandrov" X-Mailer: The Bat! (v1.44) Reply-To: "Alexei V. Alexandrov" Organization: ElcomSoft Ltd. X-Priority: 3 (Normal) Message-ID: <1263184785.20001109130711@elcomsoft.com> To: John Heyer Cc: "Scot W. Hetzel" , freebsd-isp@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: MOD_FP? (Was Frontpage, ScriptAlias, and .htaccess files) In-reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello John, Thursday, November 09, 2000, 6:05:34 AM, you wrote: JH> Well I found the problem... JH> JH> LoadModule frontpage_module libexec/apache/mod_frontpage.so JH> JH> What does it take for MOD_FP to be true? I thought that's what "apachectl JH> startfp" did. But in anycase it was false, because just commenting out JH> the if statements cause everything to work out fine. start httpd with a -D swith like this: httpd -DMOD_FP then MOD_FP will be defined. Best regards, Alexei V. Alexandrov [AA4460, AVA32-RIPN, AA1829-RIPE] ------------------------------------------------------------------------ *** Alexei V. Alexandrov -- www.elcomsoft.com ---- ava@elcomsoft.com *** *** PGP Fingerprint: 9F23 7153 51D4 FD8F 4E7F D4DF E0FA E400 *** ------------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 4:50: 6 2000 Delivered-To: freebsd-isp@freebsd.org Received: from schafftgarnix.plusline.de (schafftgarnix.plusline.de [212.19.48.42]) by hub.freebsd.org (Postfix) with ESMTP id 5EA1537B479 for ; Thu, 9 Nov 2000 04:50:01 -0800 (PST) Received: from plusline.net (localhost.plusline.de [127.0.0.1]) by schafftgarnix.plusline.de (8.11.0/8.11.0) with ESMTP id eA9Cno055268 for ; Thu, 9 Nov 2000 13:49:50 +0100 (CET) (envelope-from rg@plusline.net) Message-ID: <3A0A9D6D.3BB7827F@plusline.net> Date: Thu, 09 Nov 2000 13:49:49 +0100 From: Richard Gresek Reply-To: rg@plusline.net Organization: Plus.line X-Mailer: Mozilla 4.76 [en] (X11; U; FreeBSD 4.1.1-RELEASE i386) X-Accept-Language: de, cs, en MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: NetFlow Accounting Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, does somebody know which software could be user for Cisco's NteFlow Accounting on a FreeBSD box? I have found 'arts++' at http://www.caida.org but would like to know if there are also some other packages? Thanks Richard Gresek -- ___________________________________________________ Plus.Line Systemhaus GmbH Tel.: +49 69 758915-0 Mainzer Landstr. 222-224 Fax : +49 69 758915-33 D-60327 Frankfurt http://www.plusline.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 5: 3: 0 2000 Delivered-To: freebsd-isp@freebsd.org Received: from www.caravan.ru (www.caravan.ru [212.24.52.9]) by hub.freebsd.org (Postfix) with ESMTP id 2B17237B479 for ; Thu, 9 Nov 2000 05:02:58 -0800 (PST) Received: from mag.caravan.ru ([217.23.130.98] helo=caravan.ru) by www.caravan.ru with esmtp (Exim 3.14 #1) id 13trLO-0003Vd-00; Thu, 09 Nov 2000 16:02:19 +0300 Message-ID: <3A0AA14F.E5A39C92@caravan.ru> Date: Thu, 09 Nov 2000 16:06:23 +0300 From: "Sergey V. Artjushkin" X-Mailer: Mozilla 4.76 [ru] (X11; U; FreeBSD 4.1.1-RELEASE i386) X-Accept-Language: ru, en MIME-Version: 1.0 To: rg@plusline.net Cc: freebsd-isp@FreeBSD.ORG Subject: Re: NetFlow Accounting References: <3A0A9D6D.3BB7827F@plusline.net> Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Hi, Hello > does somebody know which software could be user > for Cisco's NteFlow Accounting on a FreeBSD box? > > I have found 'arts++' at http://www.caida.org but > would like to know if there are also some other packages? I'm using Netramet. http://www.ipmeter.com/ It's can collect Netflow datagrams and beside this you can run Netramet meters on any of your FreeBSD box and collect traffic information on it. It's also working with flows like Netflow. -- ---------------------------------------------------------------- Sergey Artjushkin ISP Tel: +7 095 203-10-72 "CARAVAN" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 7:33:25 2000 Delivered-To: freebsd-isp@freebsd.org Received: from inago.swcp.com (inago.swcp.com [198.59.115.17]) by hub.freebsd.org (Postfix) with ESMTP id 5DB3A37B479 for ; Thu, 9 Nov 2000 07:33:21 -0800 (PST) Received: from localhost (deichert@localhost) by inago.swcp.com (8.8.7/8.8.7) with ESMTP id IAA01849; Thu, 9 Nov 2000 08:33:03 -0700 (MST) X-Authentication-Warning: inago.swcp.com: deichert owned process doing -bs Date: Thu, 9 Nov 2000 08:33:03 -0700 (MST) From: Diana Eichert X-Sender: deichert@inago.swcp.com To: "Sergey V. Artjushkin" Cc: rg@plusline.net, freebsd-isp@FreeBSD.ORG Subject: Re: NetFlow Accounting In-Reply-To: <3A0AA14F.E5A39C92@caravan.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org take a look at: http://www.caida.org/Tools/Cflowd/ AND http://ee-staff.ethz.ch/~oetiker/webtools/rrdtool/frontends/flowscan.html diana On Thu, 9 Nov 2000, Sergey V. Artjushkin wrote: > > Hi, > > Hello > > > does somebody know which software could be user > > for Cisco's NteFlow Accounting on a FreeBSD box? > > > > I have found 'arts++' at http://www.caida.org but > > would like to know if there are also some other packages? > > I'm using Netramet. > http://www.ipmeter.com/ > > It's can collect Netflow datagrams and beside this you can run > Netramet meters on any of your FreeBSD box and collect traffic > information on it. It's also working with flows like Netflow. > > > -- > ---------------------------------------------------------------- > Sergey Artjushkin ISP > Tel: +7 095 203-10-72 "CARAVAN" > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 9:52: 8 2000 Delivered-To: freebsd-isp@freebsd.org Received: from jade.chc-chimes.com (jade.chc-chimes.com [216.28.46.6]) by hub.freebsd.org (Postfix) with ESMTP id 0710937B479 for ; Thu, 9 Nov 2000 09:52:06 -0800 (PST) Received: by jade.chc-chimes.com (Postfix, from userid 1001) id 8145B1C76; Thu, 9 Nov 2000 12:52:05 -0500 (EST) Date: Thu, 9 Nov 2000 12:52:05 -0500 From: Bill Fumerola To: Richard Gresek Cc: freebsd-isp@FreeBSD.ORG Subject: Re: NetFlow Accounting Message-ID: <20001109125205.M37870@jade.chc-chimes.com> References: <3A0A9D6D.3BB7827F@plusline.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <3A0A9D6D.3BB7827F@plusline.net>; from rg@plusline.net on Thu, Nov 09, 2000 at 01:49:49PM +0100 X-Operating-System: FreeBSD 3.3-STABLE i386 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, Nov 09, 2000 at 01:49:49PM +0100, Richard Gresek wrote: > Hi, > > does somebody know which software could be user > for Cisco's NteFlow Accounting on a FreeBSD box? > > I have found 'arts++' at http://www.caida.org but > would like to know if there are also some other packages? Very recently, arts++ and a cisco netflow port were committed by andreas@freebsd.org, I believe. You might want to look at them. -- Bill Fumerola - Lame Duck, BOFH / Chimes, Inc. billf@chimesnet.com / billf@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 9:52:55 2000 Delivered-To: freebsd-isp@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id C1EED37B479 for ; Thu, 9 Nov 2000 09:52:51 -0800 (PST) Received: from FreeBSD.org (Studded@master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id JAA78669; Thu, 9 Nov 2000 09:52:38 -0800 (PST) (envelope-from DougB@FreeBSD.org) Message-ID: <3A0AE465.7825FF37@FreeBSD.org> Date: Thu, 09 Nov 2000 09:52:37 -0800 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: heckfordj@psi-domain.co.uk Cc: freebsd-isp@FreeBSD.org Subject: Re: BIND 8.2.2-P5 Possible DOS References: <00110819041604.01782@freefire.psi-domain.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The latest versions of -current and -stable both have BIND 8.2.3-T6b, which has this, and several other nasties fixed. I've been running that version of BIND on a highly visible, heavily loaded public ns for several months without problems. Doug Jamie Heckford wrote: > > Verified this earlier... make sure your nameservers are configured correctly!! > > Nov 8 19:00:47 atlas named-xfer[78583]: [x.x.x.x] no SOA found for xxx, SOA > query got rcode 3, aa 1, ancount 0, auc ount 1 > > Nov 8 19:01:05 atlas named[276]: unsupported XFR (type ZXFR) of "xxx" (IN) to > [x.x.x.x].1368 Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 > > Nov 8 19:01:21 atlas /kernel: pid 276 (named), uid 53: exited on signal 6 > > Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 > > ---------- Forwarded Message ---------- > Subject: BIND 8.2.2-P5 Possible DOS > Date: Tue, 7 Nov 2000 13:40:49 +0100 > From: "Fabio Pietrosanti (naif)" > > Hi, > playing with bind and ZXFR feature ( zone transfer compressed with a possible insecure > execlp("gzip", "gzip", NULL); ), i discovered a Denial Of Service against Bind 8.2.2-P5 . > > By default Bind 8.2.2-P5 it's not compiled with ZXFR support unless you define it with #define BIND_ZXFR > so it will refuse any ZXFR transfer, because it doesn't support it. > But now what appens? Look here... > > ################################ > zone to transfer: zone.pippo.com > dns server: dns.pippo.com 192.168.1.1 > me: naif.gatesux.com 10.10.10.10 > I send a Zone Trasnfer request using "-Z" switch with means that i wish to use ZXFR. > dns.pippo.com does'nt support ZXFR and have "allow-transfer{}" not configured, so everyone > could ask him for *.zone.pippo.com ... > > [~/bind/src822p5/bin/named-xfer] $ ./named-xfer -z zone.pippo.com -d 9 -f pics -Z dns.pippo.com > named-xfer[29297]: send AXFR query 0 to 192.168.1.1 > named-xfer[29297]: premature EOF, fetching "zone.pippo.com" > > On the server's log: > Nov 7 11:19:09 dns.pippo.com: named[188510]: approved ZXFR from [10.10.10.10].2284 for "zone.pippo.com" > Nov 7 11:19:09 dns.pippo.com: named[188510]: unsupported XFR (type ZXFR) of "zone.pippo.com" (IN) to [10.10.10.10].2284 > > Then the server "*** CRASHED ***" . > > I should assume that bind 8.2.2-P5 it's vulnerable ( Please someone test and confirm this kind of dos) > and bind-9.0.0 has no support for ZXFR . > > [~/bind] $ find src822p5/ -type f -exec grep -i zxfr \{\} ';' | wc -l > 234 > [~/bind] $ find bind-9.0.0/ -type f -exec grep -i zxfr \{\} ';' | wc -l > 0 > > A lot of DNS Server are misconfigured, and allow zone-transfer to any, so they are dossable... > > naif > naif@itapac.net > ------------------------------------------------------- > > -- > Jamie Heckford > Chief Network Engineer > Psi-Domain - Innovative Linux Solutions. Ask Us How. > > =================================== > email: heckfordj@psi-domain.co.uk > web: http://www.psi-domain.co.uk/ > > tel: +44 (0)1737 789 246 > fax: +44 (0)1737 789 245 > mobile: +44 (0)7779 646 529 > =================================== > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Life is an essay test. Long form. Spelling counts. Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 10:37:41 2000 Delivered-To: freebsd-isp@freebsd.org Received: from gifw.genroco.com (genroco.com [205.254.195.202]) by hub.freebsd.org (Postfix) with ESMTP id 1E5FD37B479; Thu, 9 Nov 2000 10:37:31 -0800 (PST) Received: from gi2.genroco.com (IDENT:root@gi2.genroco.com [192.133.120.3]) by gifw.genroco.com (8.9.3/8.9.3) with ESMTP id MAA12857; Thu, 9 Nov 2000 12:37:23 -0600 Received: from scot.genroco.com (scot.genroco.com [192.133.120.125]) by gi2.genroco.com (8.9.3/8.9.3) with SMTP id MAA15298; Thu, 9 Nov 2000 12:37:20 -0600 Message-ID: <023201c04a7c$1910b7a0$7d7885c0@genroco.com> From: "Scot W. Hetzel" To: "John Heyer" Cc: , References: <1263184785.20001109130711@elcomsoft.com> Subject: Re: MOD_FP? (Was Frontpage, ScriptAlias, and .htaccess files) Date: Thu, 9 Nov 2000 12:37:17 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6600 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: "Alexei V. Alexandrov" > Hello John, > > Thursday, November 09, 2000, 6:05:34 AM, you wrote: > JH> Well I found the problem... > > JH> > JH> LoadModule frontpage_module libexec/apache/mod_frontpage.so > JH> > > JH> What does it take for MOD_FP to be true? I thought that's what "apachectl > JH> startfp" did. But in anycase it was false, because just commenting out > JH> the if statements cause everything to work out fine. > > start httpd with a -D swith like this: > httpd -DMOD_FP > then MOD_FP will be defined. > The /usr/local/etc/rc.d/apache.sh is supposed to start the server with: /usr/local/sbin/apachectl start_FP in order to set -DMOD_FP. If you had a previous Apache server installed, and the /usr/local/etc/rc.d/apache.sh wasn't removed before installing this port, then this ports apache.sh script doesn't get installed. Compare your /usr/local/etc/rc.d/apache.sh with the ports files/apache.sh.tmpl, if they are not similar you may want to copy apache.sh.tmpl to /usr/local/etc/rc.d/apache.sh, and then replace PERL5 with the location of your systems perl (/usr/bin/perl), and PREFIX with the prefixed used to install this port (/usr/local by default). Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 13:29:21 2000 Delivered-To: freebsd-isp@freebsd.org Received: from vasta.saunalahti.fi (mail.sci.fi [195.197.53.226]) by hub.freebsd.org (Postfix) with ESMTP id 8EABA37B479 for ; Thu, 9 Nov 2000 13:29:18 -0800 (PST) Received: from turkuamk.fi (MMMDCCXVI.hdyn.saunalahti.fi [195.197.164.116]) by vasta.saunalahti.fi (8.10.1/8.10.1) with ESMTP id eA9LU5H14040 for ; Thu, 9 Nov 2000 23:30:05 +0200 (EET) Message-ID: <3A0B17C3.CBB48F2C@turkuamk.fi> Date: Thu, 09 Nov 2000 23:31:47 +0200 From: Evren Yurtesen X-Mailer: Mozilla 4.74 [en] (Win95; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: Is using dummynet and not loosing the firewall functionality possible? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have a little problem over here. I have searched the mailing list archives but couldnt find anything close... I made ipfw,dummynet etc. work perfectly but need a creative idea of the conf file I should use. I sent this to questions but somehow nobody knows the answer. I want to limit bandwidth over an interface but also I want to use ipfw's firewall capabilities but the search terminates when ipfw comes to a pipe command which has a match and firewall rules are not checked. Ok you might say that I can make ipfw continue search after pipe by setting a variable with sysctl and I did that then then problem is that I want users behind this firewall box to connect to X machine without the bandwidth limit and I put 2 rules first to match for the X machine and the second rule is to match anything else but however these users are caught by both of the bandwidth rules if the search doesnt terminate on the first rule. I can handle this if the ipfw terminates the search when it finds a rule though but then I cant use ipfw's firewall capabilities. Is this a kind of paradox? any creative ideas? Evren To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 13:57:43 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 7014237B479 for ; Thu, 9 Nov 2000 13:57:40 -0800 (PST) Received: (qmail 30933 invoked from network); 9 Nov 2000 21:57:34 -0000 Received: from arcadia.psknet.com (HELO arcadia) (207.198.61.250) by orion.psknet.com with SMTP; 9 Nov 2000 21:57:34 -0000 From: "Troy Settle" To: "Evren Yurtesen" , Subject: RE: Is using dummynet and not loosing the firewall functionality possible? Date: Thu, 9 Nov 2000 16:57:34 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <3A0B17C3.CBB48F2C@turkuamk.fi> X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Here's what I have set up and working perfectly: 00100 divert 8668 ip from any to any via ed0 00100 allow ip from any to any via lo0 00100 pipe 1000 ip from any to any via ed1 00200 deny ip from any to 127.0.0.0/8 65000 allow ip from any to any HTH, -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Evren Yurtesen > Sent: Thursday, November 09, 2000 4:32 PM > To: freebsd-isp@freebsd.org > Subject: Is using dummynet and not loosing the firewall functionality > possible? > > > I have a little problem over here. > I have searched the mailing list archives but couldnt find anything > close... I made ipfw,dummynet etc. work perfectly but need a creative > idea of the conf file I should use. I sent this to questions but > somehow nobody knows the answer. > > I want to limit bandwidth over an interface but also I want to use > ipfw's firewall capabilities but the search terminates when ipfw > comes to a pipe command which has a match and firewall rules are > not checked. > > Ok you might say that I can make ipfw continue search after pipe by > setting a variable with sysctl and I did that then then problem is that > I want users behind this firewall box to connect to X machine without > the > bandwidth limit and I put 2 rules first to match for the X machine and > the second rule is to match anything else but however these users are > caught by both of the bandwidth rules if the search doesnt terminate > on the first rule. I can handle this if the ipfw terminates the search > when it finds a rule though but then I cant use ipfw's firewall > capabilities. > > Is this a kind of paradox? any creative ideas? > > Evren > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 14:14:47 2000 Delivered-To: freebsd-isp@freebsd.org Received: from madness.secureworks.net (unknown [24.92.156.65]) by hub.freebsd.org (Postfix) with ESMTP id 9CA4437B4C5 for ; Thu, 9 Nov 2000 14:14:44 -0800 (PST) Received: from localhost (mdg@localhost) by madness.secureworks.net (8.11.0/8.11.1) with ESMTP id eA9METC00507; Thu, 9 Nov 2000 17:14:30 -0500 (EST) (envelope-from mdg@madness.secureworks.net) Date: Thu, 9 Nov 2000 17:14:29 -0500 (EST) From: mdg To: Evren Yurtesen Cc: freebsd-isp@freebsd.org Subject: Re: Is using dummynet and not loosing the firewall functionality possible? In-Reply-To: <3A0B17C3.CBB48F2C@turkuamk.fi> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org you need to set the following sysctl to 0: net.inet.ip.fw.one_pass this will keep the search from terminating. i sent in a pr to get this added to rc.conf many moons ago ... On Thu, 9 Nov 2000, Evren Yurtesen wrote: ::: Date: Thu, 09 Nov 2000 23:31:47 +0200 ::: From: Evren Yurtesen ::: To: freebsd-isp@freebsd.org ::: Subject: Is using dummynet and not loosing the firewall functionality ::: possible? ::: ::: I have a little problem over here. ::: I have searched the mailing list archives but couldnt find anything ::: close... I made ipfw,dummynet etc. work perfectly but need a creative ::: idea of the conf file I should use. I sent this to questions but ::: somehow nobody knows the answer. ::: ::: I want to limit bandwidth over an interface but also I want to use ::: ipfw's firewall capabilities but the search terminates when ipfw ::: comes to a pipe command which has a match and firewall rules are ::: not checked. ::: ::: Ok you might say that I can make ipfw continue search after pipe by ::: setting a variable with sysctl and I did that then then problem is that ::: I want users behind this firewall box to connect to X machine without ::: the ::: bandwidth limit and I put 2 rules first to match for the X machine and ::: the second rule is to match anything else but however these users are ::: caught by both of the bandwidth rules if the search doesnt terminate ::: on the first rule. I can handle this if the ipfw terminates the search ::: when it finds a rule though but then I cant use ipfw's firewall ::: capabilities. ::: ::: Is this a kind of paradox? any creative ideas? ::: ::: Evren ::: ::: ::: To Unsubscribe: send mail to majordomo@FreeBSD.org ::: with "unsubscribe freebsd-isp" in the body of the message ::: -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 21: 3:26 2000 Delivered-To: freebsd-isp@freebsd.org Received: from grok.example.net (cr479972-a.rct1.bc.wave.home.com [24.113.37.168]) by hub.freebsd.org (Postfix) with ESMTP id 5497D37B479 for ; Thu, 9 Nov 2000 21:03:24 -0800 (PST) Received: by grok.example.net (Postfix, from userid 1000) id A7C80212EA9; Thu, 9 Nov 2000 21:03:19 -0800 (PST) Date: Thu, 9 Nov 2000 21:03:19 -0800 From: Steve Reid To: Troy Settle Cc: Bob Martin , freebsd-isp@FreeBSD.ORG Subject: Re: ODBC Message-ID: <20001109210319.A25287@grok> References: <3A082566.A2E6E2BB@inu.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95.4i In-Reply-To: ; from Troy Settle on Wed, Nov 08, 2000 at 09:02:20AM -0500 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, Nov 08, 2000 at 09:02:20AM -0500, Troy Settle wrote: > It's not ODBC, but FreeTDS works great against MSSQL7. [snip] > For perl, I don't know for sure, but I think the DBI module will give > you access to MSSQL. I'm currently using FreeTDS with DBD::Sybase to connect to an MS-SQL server (don't know or care what version). I had some problems getting DBD::Sybase working initially. First I had to do some massaging to get it to compile (something related to perl internals; I don't recall details). Once compiled it gave "can't assign requested address" or something trying to connect to the database (it was looking for the "interfaces" config file in the wrong location (thank the gods for ktrace)). It's working fine for me now. However, I've noticed some superfluous \0 bytes in database responses that need to be filtered out. Nuking \0 is a good idea anyway (see Phrack #55). To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 9 22:43:50 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mail.psknet.com (orion.psknet.com [207.198.61.253]) by hub.freebsd.org (Postfix) with SMTP id 4112F37B479 for ; Thu, 9 Nov 2000 22:43:46 -0800 (PST) Received: (qmail 86638 invoked from network); 10 Nov 2000 06:43:42 -0000 Received: from abyss.dashit.net (HELO abyss) (209.100.22.250) by orion.psknet.com with SMTP; 10 Nov 2000 06:43:42 -0000 From: "Troy Settle" To: "Steve Reid" Cc: "Bob Martin" , Subject: RE: ODBC Date: Fri, 10 Nov 2000 01:45:18 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 In-Reply-To: <20001109210319.A25287@grok> X-AntiVirus: scanned for viruses by Pulaski Networks (http://www.psknet.com) using AMaViS (http://www.amavis.org) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Yeah, I've found a few things in FreeTDS that I've had to tip-toe around. I'm not quite sure what I'm looking at yet. It might just be me being stupid (but, the exact same queries work fine from other clients to the MSSQL database). For example, "select * from table" gives me grief when executed from PHP via FreeTDS to a MSSQL server. Haven't tracked that one down yet. I guess this is the price we pay for using software written by reverse-engineering a protocol. -- Troy Settle Pulaski Networks 540.994.4254 It's always a long day, 86400 doesn't fit into a short. ** -----Original Message----- ** From: Steve Reid [mailto:sreid@sea-to-sky.net] ** Sent: Friday, November 10, 2000 12:03 AM ** To: Troy Settle ** Cc: Bob Martin; freebsd-isp@FreeBSD.ORG ** Subject: Re: ODBC ** ** ** On Wed, Nov 08, 2000 at 09:02:20AM -0500, Troy Settle wrote: ** > It's not ODBC, but FreeTDS works great against MSSQL7. ** [snip] ** > For perl, I don't know for sure, but I think the DBI ** module will give ** > you access to MSSQL. ** ** I'm currently using FreeTDS with DBD::Sybase to connect to an MS-SQL ** server (don't know or care what version). ** ** I had some problems getting DBD::Sybase working initially. ** First I had ** to do some massaging to get it to compile (something related to perl ** internals; I don't recall details). Once compiled it gave ** "can't assign ** requested address" or something trying to connect to the database (it ** was looking for the "interfaces" config file in the wrong location ** (thank the gods for ktrace)). ** ** It's working fine for me now. However, I've noticed some ** superfluous \0 ** bytes in database responses that need to be filtered out. ** Nuking \0 is ** a good idea anyway (see Phrack #55). ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 10 0: 9:42 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by hub.freebsd.org (Postfix) with ESMTP id EF52E37B479 for ; Fri, 10 Nov 2000 00:09:37 -0800 (PST) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id KAA63112; Fri, 10 Nov 2000 10:09:32 +0200 Date: Fri, 10 Nov 2000 10:09:32 +0200 (WET) From: Evren Yurtesen To: Troy Settle Cc: freebsd-isp@freebsd.org Subject: RE: Is using dummynet and not loosing the firewall functionality possible? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org But you are not using any firewall functionality. I mean you normally allow everything to pass. I want just the things I specify to pass and the rest to be stopped. On Thu, 9 Nov 2000, Troy Settle wrote: > > Here's what I have set up and working perfectly: > > 00100 divert 8668 ip from any to any via ed0 > 00100 allow ip from any to any via lo0 > 00100 pipe 1000 ip from any to any via ed1 > 00200 deny ip from any to 127.0.0.0/8 > 65000 allow ip from any to any > > > HTH, > > -- > Troy Settle > Pulaski Networks > 540.994.4254 > > It's always a long day, 86400 doesn't fit into a short > > > > > -----Original Message----- > > From: owner-freebsd-isp@FreeBSD.ORG > > [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Evren Yurtesen > > Sent: Thursday, November 09, 2000 4:32 PM > > To: freebsd-isp@freebsd.org > > Subject: Is using dummynet and not loosing the firewall functionality > > possible? > > > > > > I have a little problem over here. > > I have searched the mailing list archives but couldnt find anything > > close... I made ipfw,dummynet etc. work perfectly but need a creative > > idea of the conf file I should use. I sent this to questions but > > somehow nobody knows the answer. > > > > I want to limit bandwidth over an interface but also I want to use > > ipfw's firewall capabilities but the search terminates when ipfw > > comes to a pipe command which has a match and firewall rules are > > not checked. > > > > Ok you might say that I can make ipfw continue search after pipe by > > setting a variable with sysctl and I did that then then problem is that > > I want users behind this firewall box to connect to X machine without > > the > > bandwidth limit and I put 2 rules first to match for the X machine and > > the second rule is to match anything else but however these users are > > caught by both of the bandwidth rules if the search doesnt terminate > > on the first rule. I can handle this if the ipfw terminates the search > > when it finds a rule though but then I cant use ipfw's firewall > > capabilities. > > > > Is this a kind of paradox? any creative ideas? > > > > Evren > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 10 0:21:46 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bessel.tekniikka.turkuamk.fi (bessel.tekniikka.turkuamk.fi [193.166.133.10]) by hub.freebsd.org (Postfix) with ESMTP id 7392037B479 for ; Fri, 10 Nov 2000 00:21:42 -0800 (PST) Received: from localhost (eyurtese@localhost) by bessel.tekniikka.turkuamk.fi (8.9.2/8.9.2) with ESMTP id KAA15148; Fri, 10 Nov 2000 10:21:34 +0200 Date: Fri, 10 Nov 2000 10:21:33 +0200 (WET) From: Evren Yurtesen To: mdg Cc: freebsd-isp@freebsd.org Subject: Re: Is using dummynet and not loosing the firewall functionality possible? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Yes but then the problem is little bit different. I want these people behind ed1 interface to connect everywhere through a pipe with 128Kbit/s but they should be able to reach the X machine with unlimited bandwidth. The solution I found was that I put a rule for X machine and then another rule for the rest of internet. But if I set net.inet.ip.fw.one_pass to 0 then they are caught by both of the pipes and they are always limited with 128Kbit/s pipe (the smaller one) So how can I use firewall rules and pipes and at the same time let my users to connect to some specific machine with unlimited bandwidth? Evren On Thu, 9 Nov 2000, mdg wrote: > you need to set the following sysctl to 0: > > net.inet.ip.fw.one_pass > > > this will keep the search from terminating. i sent in a pr to get this > added to rc.conf many moons ago ... > > > On Thu, 9 Nov 2000, Evren Yurtesen wrote: > > ::: Date: Thu, 09 Nov 2000 23:31:47 +0200 > ::: From: Evren Yurtesen > ::: To: freebsd-isp@freebsd.org > ::: Subject: Is using dummynet and not loosing the firewall functionality > ::: possible? > ::: > ::: I have a little problem over here. > ::: I have searched the mailing list archives but couldnt find anything > ::: close... I made ipfw,dummynet etc. work perfectly but need a creative > ::: idea of the conf file I should use. I sent this to questions but > ::: somehow nobody knows the answer. > ::: > ::: I want to limit bandwidth over an interface but also I want to use > ::: ipfw's firewall capabilities but the search terminates when ipfw > ::: comes to a pipe command which has a match and firewall rules are > ::: not checked. > ::: > ::: Ok you might say that I can make ipfw continue search after pipe by > ::: setting a variable with sysctl and I did that then then problem is that > ::: I want users behind this firewall box to connect to X machine without > ::: the > ::: bandwidth limit and I put 2 rules first to match for the X machine and > ::: the second rule is to match anything else but however these users are > ::: caught by both of the bandwidth rules if the search doesnt terminate > ::: on the first rule. I can handle this if the ipfw terminates the search > ::: when it finds a rule though but then I cant use ipfw's firewall > ::: capabilities. > ::: > ::: Is this a kind of paradox? any creative ideas? > ::: > ::: Evren > ::: > ::: > ::: To Unsubscribe: send mail to majordomo@FreeBSD.org > ::: with "unsubscribe freebsd-isp" in the body of the message > ::: > > -- > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 10 6:16: 2 2000 Delivered-To: freebsd-isp@freebsd.org Received: from madness.mdgnet.org (unknown [24.92.156.65]) by hub.freebsd.org (Postfix) with ESMTP id 8C3EC37B479 for ; Fri, 10 Nov 2000 06:15:58 -0800 (PST) Received: from localhost (mdg@localhost) by madness.mdgnet.org (8.11.0/8.11.1) with ESMTP id eAAEFpm01715; Fri, 10 Nov 2000 09:15:51 -0500 (EST) (envelope-from mdg@madness.mdgnet.org) Date: Fri, 10 Nov 2000 09:15:51 -0500 (EST) From: mdg To: Evren Yurtesen Cc: freebsd-isp@freebsd.org Subject: Re: Is using dummynet and not loosing the firewall functionality possible? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org you could use an ipfw skipto rule ... ipfw add 100 pipe (X) ipfw add 110 skipto 130 ip from any to xserver:port ipfw add 120 pipe (other) ipfw add 130 blah ... On Fri, 10 Nov 2000, Evren Yurtesen wrote: ::: Date: Fri, 10 Nov 2000 10:21:33 +0200 (WET) ::: From: Evren Yurtesen ::: To: mdg ::: Cc: freebsd-isp@freebsd.org ::: Subject: Re: Is using dummynet and not loosing the firewall ::: functionality possible? ::: ::: Yes but then the problem is little bit different. ::: I want these people behind ed1 interface to connect everywhere through a ::: pipe with 128Kbit/s but they should be able to reach the X machine with ::: unlimited bandwidth. ::: The solution I found was that I put a rule for X machine and then another ::: rule for the rest of internet. ::: But if I set net.inet.ip.fw.one_pass to 0 then they are caught by both ::: of the pipes and they are always limited with 128Kbit/s pipe (the smaller ::: one) ::: So how can I use firewall rules and pipes and at the same time let my ::: users to connect to some specific machine with unlimited bandwidth? ::: ::: Evren ::: ::: On Thu, 9 Nov 2000, mdg wrote: ::: ::: > you need to set the following sysctl to 0: ::: > ::: > net.inet.ip.fw.one_pass ::: > ::: > ::: > this will keep the search from terminating. i sent in a pr to get this ::: > added to rc.conf many moons ago ... ::: > ::: > ::: > On Thu, 9 Nov 2000, Evren Yurtesen wrote: ::: > ::: > ::: Date: Thu, 09 Nov 2000 23:31:47 +0200 ::: > ::: From: Evren Yurtesen ::: > ::: To: freebsd-isp@freebsd.org ::: > ::: Subject: Is using dummynet and not loosing the firewall functionality ::: > ::: possible? ::: > ::: ::: > ::: I have a little problem over here. ::: > ::: I have searched the mailing list archives but couldnt find anything ::: > ::: close... I made ipfw,dummynet etc. work perfectly but need a creative ::: > ::: idea of the conf file I should use. I sent this to questions but ::: > ::: somehow nobody knows the answer. ::: > ::: ::: > ::: I want to limit bandwidth over an interface but also I want to use ::: > ::: ipfw's firewall capabilities but the search terminates when ipfw ::: > ::: comes to a pipe command which has a match and firewall rules are ::: > ::: not checked. ::: > ::: ::: > ::: Ok you might say that I can make ipfw continue search after pipe by ::: > ::: setting a variable with sysctl and I did that then then problem is that ::: > ::: I want users behind this firewall box to connect to X machine without ::: > ::: the ::: > ::: bandwidth limit and I put 2 rules first to match for the X machine and ::: > ::: the second rule is to match anything else but however these users are ::: > ::: caught by both of the bandwidth rules if the search doesnt terminate ::: > ::: on the first rule. I can handle this if the ipfw terminates the search ::: > ::: when it finds a rule though but then I cant use ipfw's firewall ::: > ::: capabilities. ::: > ::: ::: > ::: Is this a kind of paradox? any creative ideas? ::: > ::: ::: > ::: Evren ::: > ::: ::: > ::: ::: > ::: To Unsubscribe: send mail to majordomo@FreeBSD.org ::: > ::: with "unsubscribe freebsd-isp" in the body of the message ::: > ::: ::: > ::: > -- ::: > ::: > ::: > ::: ::: -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 7:48:41 2000 Delivered-To: freebsd-isp@freebsd.org Received: from etinc.com (et-gw.etinc.com [207.252.1.2]) by hub.freebsd.org (Postfix) with ESMTP id 81B0C37B479 for ; Sat, 11 Nov 2000 07:48:39 -0800 (PST) Received: from dbsys.etinc.com (dbsys.etinc.com [207.252.1.18]) by etinc.com (8.9.3/8.9.3) with ESMTP id KAA16604; Sat, 11 Nov 2000 10:46:18 GMT (envelope-from dennis@etinc.com) Message-Id: <5.0.0.25.0.20001111104228.020b0c60@mail.etinc.com> X-Sender: dennis@mail.etinc.com X-Mailer: QUALCOMM Windows Eudora Version 5.0 Date: Sat, 11 Nov 2000 10:47:04 -0500 To: freebsd-isp@freebsd.org From: Dennis Subject: Motherboard help with Intel Ethernet onboard Cc: linux-net@vger.kernel.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Does anyone have info on an ATX or MATX MB with VGA and intel ethernet onboard other than Intel and Tyan? thanks, Dennis To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 7:56:16 2000 Delivered-To: freebsd-isp@freebsd.org Received: from omega.linkserve.com (unknown [195.166.230.3]) by hub.freebsd.org (Postfix) with ESMTP id 1F19237B479 for ; Sat, 11 Nov 2000 07:56:10 -0800 (PST) Received: from computer1 ([195.166.230.40]) by omega.linkserve.com (8.9.3/8.9.3) with SMTP id QAA24489 for ; Sat, 11 Nov 2000 16:56:46 +0100 Message-ID: <000201c04bf8$42f37d00$0100000a@computer1> From: "CREST INTERNATIONAL" To: Subject: Date: Sat, 11 Nov 2000 16:58:28 +0100 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0005_01C04C00.9D30B5A0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2314.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C04C00.9D30B5A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I want to operate to operate as an ISP around my county. I do not want = to use Windows stuff as my Web,dns,mail server after alot of reviews, to = which iam used to.=20 I prefer FreeBsd. But iam a complete Unix novice. as a first step I have = purchase FreeBSD from walnut.=20 Can any one help? Please. Oke ------=_NextPart_000_0005_01C04C00.9D30B5A0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I want to operate to operate as an ISP = around my=20 county. I do not want to use Windows stuff as my Web,dns,mail server = after alot=20 of reviews, to which iam used to.
 
I prefer FreeBsd. But iam a complete = Unix novice.=20 as a first step I have purchase FreeBSD from walnut.
 
Can any one help? Please.
 
 
Oke
------=_NextPart_000_0005_01C04C00.9D30B5A0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 8:16:30 2000 Delivered-To: freebsd-isp@freebsd.org Received: from mercury.ccmr.cornell.edu (mercury.ccmr.cornell.edu [128.84.231.97]) by hub.freebsd.org (Postfix) with ESMTP id 518CB37B479 for ; Sat, 11 Nov 2000 08:16:27 -0800 (PST) Received: from dragon.ccmr.cornell.edu (IDENT:0@dragon.ccmr.cornell.edu [128.84.231.182]) by mercury.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id LAA09790; Sat, 11 Nov 2000 11:16:18 -0500 Received: from localhost (mitch@localhost) by dragon.ccmr.cornell.edu (8.9.3/8.9.3) with ESMTP id LAA16549; Sat, 11 Nov 2000 11:16:16 -0500 X-Authentication-Warning: dragon.ccmr.cornell.edu: mitch owned process doing -bs Date: Sat, 11 Nov 2000 11:16:16 -0500 (EST) From: Mitch Collinsworth To: CREST INTERNATIONAL Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Wannabe ISP [was: no subject given] In-Reply-To: <000201c04bf8$42f37d00$0100000a@computer1> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I want to operate to operate as an ISP around my county. I do not want to use Windows stuff as my Web,dns,mail server after alot of reviews, to which iam used to. > > I prefer FreeBsd. But iam a complete Unix novice. as a first step I have purchase FreeBSD from walnut. > > Can any one help? Please. It sounds like you need a crash course in system administration. As a start I'd recommend, specific to the services you mentioned, - the FreeBSD book from Walnut Creek, hopefully you ordered that with the CD and from www.ora.com: - Apache - DNS and BIND - Sendmail but cruise around www.ora.com while you're there. There have plenty of other books you will need if you're going to succeed at this. -Mitch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 8:16:56 2000 Delivered-To: freebsd-isp@freebsd.org Received: from bsd.amplex.net (bsd.amplex.net [209.57.124.1]) by hub.freebsd.org (Postfix) with ESMTP id AA71137B4C5 for ; Sat, 11 Nov 2000 08:16:53 -0800 (PST) Received: from marklaptop (dhcp55.amplex.net [209.57.124.55]) by bsd.amplex.net (8.10.1/8.10.1) with SMTP id eABGGPT91365; Sat, 11 Nov 2000 11:16:25 -0500 (EST) From: "Mark Radabaugh" To: "CREST INTERNATIONAL" Cc: Subject: RE: Date: Sat, 11 Nov 2000 11:16:25 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <000201c04bf8$42f37d00$0100000a@computer1> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Please don't post in HTML - it's hard to read in Unix :-) Best Advice - buy at least the following books from O'Reilly: DNS and Bind - Liu, Albitz, Loukides <-- pretty much covers DNS Sendmail - Costales, Allman <-- everything you ever want to know about sendmail Apache: The Definitive Guide - Laurie <-- I have not read this one but I would buy it myself As far as getting BSD running the online guides are pretty good. Mark Radabaugh VP, Amplex (419)833-3635 mark@amplex.net -----Original Message----- From: owner-freebsd-isp@FreeBSD.ORG [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of CREST INTERNATIONAL Sent: Saturday, November 11, 2000 10:58 AM To: freebsd-isp@FreeBSD.ORG Subject: I want to operate to operate as an ISP around my county. I do not want to use Windows stuff as my Web,dns,mail server after alot of reviews, to which iam used to. I prefer FreeBsd. But iam a complete Unix novice. as a first step I have purchase FreeBSD from walnut. Can any one help? Please. Oke To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 10:28:32 2000 Delivered-To: freebsd-isp@freebsd.org Received: from hotmail.com (f4.pav0.hotmail.com [64.4.33.4]) by hub.freebsd.org (Postfix) with ESMTP id D553337B4D7 for ; Sat, 11 Nov 2000 10:27:44 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 11 Nov 2000 10:27:44 -0800 Received: from 209.187.169.127 by pv0fd.pav0.hotmail.msn.com with HTTP; Sat, 11 Nov 2000 18:27:44 GMT X-Originating-IP: [209.187.169.127] From: "Jonathan M. Slivko" To: crest@linkserve.com, freebsd-isp@freebsd.org Subject: Re: Date: Sat, 11 Nov 2000 13:27:44 EST Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 11 Nov 2000 18:27:44.0562 (UTC) FILETIME=[1583D120:01C04C0D] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I would suggest reading the Newbieized FAQ's on http://www.freebsd.org. -- Jonathan M. Slivko >From: "CREST INTERNATIONAL" >To: >Date: Sat, 11 Nov 2000 16:58:28 +0100 > >I want to operate to operate as an ISP around my county. I do not want to >use Windows stuff as my Web,dns,mail server after alot of reviews, to which >iam used to. > >I prefer FreeBsd. But iam a complete Unix novice. as a first step I have >purchase FreeBSD from walnut. > >Can any one help? Please. > > >Oke _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 13:15:20 2000 Delivered-To: freebsd-isp@freebsd.org Received: from sydney.worldwide.lemis.com (sydney.worldwide.lemis.com [192.109.197.167]) by hub.freebsd.org (Postfix) with ESMTP id D602437B479; Sat, 11 Nov 2000 13:15:09 -0800 (PST) Received: (from grog@localhost) by sydney.worldwide.lemis.com (8.11.0/8.9.3) id eAABZCZ02479; Fri, 10 Nov 2000 19:35:12 +0800 (SGT) (envelope-from grog) Date: Fri, 10 Nov 2000 19:35:12 +0800 From: Greg Lehey To: Doug Barton Cc: heckfordj@psi-domain.co.uk, freebsd-isp@FreeBSD.org, =?iso-8859-1?Q?Mathias_K=F6rber?= , FreeBSD Committers Subject: Re: BIND 8.2.2-P5 Possible DOS Message-ID: <20001110193512.I1686@sydney.worldwide.lemis.com> References: <00110819041604.01782@freefire.psi-domain.co.uk> <3A0AE465.7825FF37@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: Mutt 1.0i In-Reply-To: <3A0AE465.7825FF37@FreeBSD.org>; from DougB@FreeBSD.ORG on Thu, Nov 09, 2000 at 09:52:37AM -0800 Organization: LEMIS, PO Box 460, Echunga SA 5153, Australia Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.lemis.com/~grog X-PGP-Fingerprint: 6B 7B C3 8C 61 CD 54 AF 13 24 52 F8 6D A4 95 EF Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [originally sent to -ISP] On Thursday, 9 November 2000 at 9:52:37 -0800, Doug Barton wrote: > Jamie Heckford wrote: >> >> Verified this earlier... make sure your nameservers are configured correctly!! >> >> Nov 8 19:00:47 atlas named-xfer[78583]: [x.x.x.x] no SOA found for xxx, SOA >> query got rcode 3, aa 1, ancount 0, auc ount 1 >> >> Nov 8 19:01:05 atlas named[276]: unsupported XFR (type ZXFR) of "xxx" (IN) to >> [x.x.x.x].1368 Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 >> >> Nov 8 19:01:21 atlas /kernel: pid 276 (named), uid 53: exited on signal 6 >> >> Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 >> >> ---------- Forwarded Message ---------- >> Subject: BIND 8.2.2-P5 Possible DOS >> Date: Tue, 7 Nov 2000 13:40:49 +0100 >> From: "Fabio Pietrosanti (naif)" >> >> Hi, >> playing with bind and ZXFR feature ( zone transfer compressed with a possible insecure >> execlp("gzip", "gzip", NULL); ), i discovered a Denial Of Service against Bind 8.2.2-P5 . >> >> By default Bind 8.2.2-P5 it's not compiled with ZXFR support unless you define it with #define BIND_ZXFR >> so it will refuse any ZXFR transfer, because it doesn't support it. >> But now what appens? Look here... >> >> ################################ >> zone to transfer: zone.pippo.com >> dns server: dns.pippo.com 192.168.1.1 >> me: naif.gatesux.com 10.10.10.10 >> I send a Zone Trasnfer request using "-Z" switch with means that i wish to use ZXFR. >> dns.pippo.com does'nt support ZXFR and have "allow-transfer{}" not configured, so everyone >> could ask him for *.zone.pippo.com ... >> >> [~/bind/src822p5/bin/named-xfer] $ ./named-xfer -z zone.pippo.com -d 9 -f pics -Z dns.pippo.com >> named-xfer[29297]: send AXFR query 0 to 192.168.1.1 >> named-xfer[29297]: premature EOF, fetching "zone.pippo.com" >> >> On the server's log: >> Nov 7 11:19:09 dns.pippo.com: named[188510]: approved ZXFR from [10.10.10.10].2284 for "zone.pippo.com" >> Nov 7 11:19:09 dns.pippo.com: named[188510]: unsupported XFR (type ZXFR) of "zone.pippo.com" (IN) to [10.10.10.10].2284 >> >> Then the server "*** CRASHED ***" . >> >> I should assume that bind 8.2.2-P5 it's vulnerable ( Please someone test and confirm this kind of dos) >> and bind-9.0.0 has no support for ZXFR . >> >> [~/bind] $ find src822p5/ -type f -exec grep -i zxfr \{\} ';' | wc -l >> 234 >> [~/bind] $ find bind-9.0.0/ -type f -exec grep -i zxfr \{\} ';' | wc -l >> 0 >> >> A lot of DNS Server are misconfigured, and allow zone-transfer to any, so they are dossable... > > The latest versions of -current and -stable both have BIND 8.2.3-T6b, > which has this, and several other nasties fixed. I've been running that > version of BIND on a highly visible, heavily loaded public ns for > several months without problems. I'm currently in a Singapore Linux User group meeting, and we were discussing this matter. Mathias Körber of Nominum is of the opinion that it's wrong to use BIND 8.2.3-T6b in -STABLE. He also doubts that this particular bug is fixed in this version. I don't have enough knowledge of the issues to comment. Does anybody else? Greg -- Finger grog@lemis.com for PGP public key See complete headers for address and phone numbers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 13:42:59 2000 Delivered-To: freebsd-isp@freebsd.org Received: from lucifer.ninth-circle.org (lucifer.bart.nl [194.158.168.74]) by hub.freebsd.org (Postfix) with ESMTP id 932B837B479; Sat, 11 Nov 2000 13:42:53 -0800 (PST) Received: (from asmodai@localhost) by lucifer.ninth-circle.org (8.11.1/8.11.0) id eABLgau42899; Sat, 11 Nov 2000 22:42:36 +0100 (CET) (envelope-from asmodai) Date: Sat, 11 Nov 2000 22:42:36 +0100 From: Jeroen Ruigrok van der Werven To: Greg Lehey Cc: Doug Barton , heckfordj@psi-domain.co.uk, freebsd-isp@FreeBSD.org, =?iso-8859-1?Q?Mathias_K=F6rber?= , FreeBSD Committers Subject: Re: BIND 8.2.2-P5 Possible DOS Message-ID: <20001111224236.A42477@lucifer.bart.nl> References: <00110819041604.01782@freefire.psi-domain.co.uk> <3A0AE465.7825FF37@FreeBSD.org> <20001110193512.I1686@sydney.worldwide.lemis.com> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: <20001110193512.I1686@sydney.worldwide.lemis.com>; from grog@lemis.com on Fri, Nov 10, 2000 at 07:35:12PM +0800 Organisation: VIA Net.Works The Netherlands Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org [I think I really need to put a maintainer file somewhere since people seem to want to discuss everything associated with BIND and resolvers on any list except directly including me in the discussion.] -On [20001111 22:20], Greg Lehey (grog@lemis.com) wrote: >I'm currently in a Singapore Linux User group meeting, and we were >discussing this matter. Mathias Körber of Nominum is of the opinion >that it's wrong to use BIND 8.2.3-T6b in -STABLE. He also doubts that >this particular bug is fixed in this version. I don't have enough >knowledge of the issues to comment. Does anybody else? I have already informed the security-officer about everything and have reported some results back to the bugtraq list. Also, the issue of BIND 8.2.3-T5/6B has already been pointed out by Mark Andrews of Nominum way back when T5B got MFC'd by Paul Saab. I also worked on resolving the AA problem with T6B by hints and patches from Mark. After some testing I found that T5B and subsequently T6B don't have the ZXFR problem. Monitoring the BIND mailinglist and the ISC website I came to the conclusion that 8.2.3-T3B and onwards do not have any security issues. At least not the ones published on the website, and this, T6B at least, has at least been verified by Mark Andrews. 8.2.2-P5, however, does have a problem, and I am already working on preparing patches against the latest 3-STABLE in order to get the 8.2.2-P7 into the 3-STABLE sourcecode repository. -- Jeroen Ruigrok van der Werven Network- and systemadministrator VIA Net.Works The Netherlands BSD: Technical excellence at its best http://www.via-net-works.nl So take a look at me now, well there's just an empty space... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 13:56:59 2000 Delivered-To: freebsd-isp@freebsd.org Received: from dt051n37.san.rr.com (dt051n37.san.rr.com [204.210.32.55]) by hub.freebsd.org (Postfix) with ESMTP id 0B5C537B4C5; Sat, 11 Nov 2000 13:56:47 -0800 (PST) Received: from FreeBSD.org (Studded@master [10.0.0.2]) by dt051n37.san.rr.com (8.9.3/8.9.3) with ESMTP id NAA05137; Sat, 11 Nov 2000 13:55:00 -0800 (PST) (envelope-from DougB@FreeBSD.org) Message-ID: <3A0DC034.EA4CA536@FreeBSD.org> Date: Sat, 11 Nov 2000 13:55:00 -0800 From: Doug Barton Organization: Triborough Bridge & Tunnel Authority X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: Greg Lehey Cc: heckfordj@psi-domain.co.uk, freebsd-isp@FreeBSD.org, "Mathias =?iso-8859-1?Q?K=F6rber?=" , FreeBSD Committers Subject: Re: BIND 8.2.2-P5 Possible DOS References: <00110819041604.01782@freefire.psi-domain.co.uk> <3A0AE465.7825FF37@FreeBSD.org> <20001110193512.I1686@sydney.worldwide.lemis.com> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greg Lehey wrote: > > [originally sent to -ISP] > > On Thursday, 9 November 2000 at 9:52:37 -0800, Doug Barton wrote: > > Jamie Heckford wrote: > >> > >> Verified this earlier... make sure your nameservers are configured correctly!! > >> > >> Nov 8 19:00:47 atlas named-xfer[78583]: [x.x.x.x] no SOA found for xxx, SOA > >> query got rcode 3, aa 1, ancount 0, auc ount 1 > >> > >> Nov 8 19:01:05 atlas named[276]: unsupported XFR (type ZXFR) of "xxx" (IN) to > >> [x.x.x.x].1368 Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 > >> > >> Nov 8 19:01:21 atlas /kernel: pid 276 (named), uid 53: exited on signal 6 > >> > >> Nov 8 19:01:21 atlas named[276]: d_rcnt-- == 0 > >> > >> ---------- Forwarded Message ---------- > >> Subject: BIND 8.2.2-P5 Possible DOS > >> Date: Tue, 7 Nov 2000 13:40:49 +0100 > >> From: "Fabio Pietrosanti (naif)" > >> > >> Hi, > >> playing with bind and ZXFR feature ( zone transfer compressed with a possible insecure > >> execlp("gzip", "gzip", NULL); ), i discovered a Denial Of Service against Bind 8.2.2-P5 . > >> > >> By default Bind 8.2.2-P5 it's not compiled with ZXFR support unless you define it with #define BIND_ZXFR > >> so it will refuse any ZXFR transfer, because it doesn't support it. > >> But now what appens? Look here... > >> > >> ################################ > >> zone to transfer: zone.pippo.com > >> dns server: dns.pippo.com 192.168.1.1 > >> me: naif.gatesux.com 10.10.10.10 > >> I send a Zone Trasnfer request using "-Z" switch with means that i wish to use ZXFR. > >> dns.pippo.com does'nt support ZXFR and have "allow-transfer{}" not configured, so everyone > >> could ask him for *.zone.pippo.com ... > >> > >> [~/bind/src822p5/bin/named-xfer] $ ./named-xfer -z zone.pippo.com -d 9 -f pics -Z dns.pippo.com > >> named-xfer[29297]: send AXFR query 0 to 192.168.1.1 > >> named-xfer[29297]: premature EOF, fetching "zone.pippo.com" > >> > >> On the server's log: > >> Nov 7 11:19:09 dns.pippo.com: named[188510]: approved ZXFR from [10.10.10.10].2284 for "zone.pippo.com" > >> Nov 7 11:19:09 dns.pippo.com: named[188510]: unsupported XFR (type ZXFR) of "zone.pippo.com" (IN) to [10.10.10.10].2284 > >> > >> Then the server "*** CRASHED ***" . > >> > >> I should assume that bind 8.2.2-P5 it's vulnerable ( Please someone test and confirm this kind of dos) > >> and bind-9.0.0 has no support for ZXFR . > >> > >> [~/bind] $ find src822p5/ -type f -exec grep -i zxfr \{\} ';' | wc -l > >> 234 > >> [~/bind] $ find bind-9.0.0/ -type f -exec grep -i zxfr \{\} ';' | wc -l > >> 0 > >> > >> A lot of DNS Server are misconfigured, and allow zone-transfer to any, so they are dossable... > > > > The latest versions of -current and -stable both have BIND 8.2.3-T6b, > > which has this, and several other nasties fixed. I've been running that > > version of BIND on a highly visible, heavily loaded public ns for > > several months without problems. > > I'm currently in a Singapore Linux User group meeting, and we were > discussing this matter. Mathias Körber of Nominum is of the opinion > that it's wrong to use BIND 8.2.3-T6b in -STABLE. He also doubts that > this particular bug is fixed in this version. I don't have enough > knowledge of the issues to comment. Does anybody else? 8.2.3 starting with the very first alpha test release had the zxfr bug fixed. This branch also has all other known bugs from the 8.2.2 branch fixed, plus various other improvements. Up till the time that 8.2.2-P7 was released on Nov. 9, 8.2.3-T6B was unarguably the most stable, and least likely to be exploited version of BIND available. It has been well proven on many heavily loaded sites (including mine for the last two months) and Jeroen discussed this question at great length already. The only arguments (and I use that term loosely) I've seen against the use of 8.2.3-T6B in the tree have all boiled down to, "I don't like beta software in -Stable." While I have some sympathy with that notion, it comes down to the fact that we want the best possible version of the contributed products that we use in the tree, and this is it, regardless of the name of the current release. An extremely apt analogy would be our own use of the term "beta," as in, "FreeBSD 4.2-BETA." Our product doesn't magically get better the day the "4.2-RELEASE" tag is laid down. Substantive arguments in the terms of, "BIND 8.2.3-T6B does such-and-such under these conditions, which is bad because..." should be directed to freebsd-arch@freebsd.org (mainly because that's where Jeroen has held this same type of discussion in the past). It should be clear of course that I don't speak for Jeroen, but I have discussed this with him, and I fully support his decision. I've got years of experience in DNS administration, and I follow the state of BIND development pretty closely, so I feel confident in my opinion that this is the best choice at this point in the game. Doug -- Life is an essay test. Long form. Spelling counts. Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 17:32:10 2000 Delivered-To: freebsd-isp@freebsd.org Received: from rucus.ru.ac.za (rucus.ru.ac.za [146.231.29.2]) by hub.freebsd.org (Postfix) with SMTP id 19A0737B4C5 for ; Sat, 11 Nov 2000 17:32:05 -0800 (PST) Received: (qmail 44037 invoked by uid 1003); 12 Nov 2000 01:31:59 -0000 Date: Sun, 12 Nov 2000 03:31:59 +0200 From: Neil Blakey-Milner To: =?iso-8859-1?Q?Crist=F3v=E3o_B=2E_B=2E_Dalla_Costa?= Cc: freebsd-isp@freebsd.org Subject: Re: qmail not working Message-ID: <20001112033159.A40332@mithrandr.moria.org> References: <004301c0485c$1ed6ab30$02ffa8c0@terrificus> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i In-Reply-To: <004301c0485c$1ed6ab30$02ffa8c0@terrificus>; from cdallacosta@bigfoot.com on Mon, Nov 06, 2000 at 10:43:21PM -0300 X-Operating-System: FreeBSD 4.1-STABLE i386 X-URL: http://mithrandr.moria.org/nbm/ Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon 2000-11-06 (22:43), Cristóvão B. B. Dalla Costa wrote: > I installed qmail from ports, and, after disabling sendmail, copied > /var/qmail/boot/home+df to /var/qmail/rc , and then ran /var/qmail/rc. Now, > I'm stuck with a non-working mail system, since I can't get sendmail to work > either. I can't send local mail, but the mail command doesn't complain > either. > > I'm using FreeBSD 4.1 with the original qmail port, and I have previously > tried every file from /var/qmail/boot with no success. I also followed the > steps in the qmail INSTALL file. > > Here's what appear in the log when I send local mail ("mail cbraga"): > > Nov 6 22:23:40 crotalus qmail: 973556620.874708 delivery 1: deferral: > dot-forward:_not_found/ You need to install /usr/ports/mail/qmail-contrib to get fastforward and dot-forward. (I really should split those in two ports sometime) Neil -- Neil Blakey-Milner nbm@mithrandr.moria.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 11 18: 2:11 2000 Delivered-To: freebsd-isp@freebsd.org Received: from shell.nominum.com (shell.nominum.com [204.152.187.59]) by hub.freebsd.org (Postfix) with ESMTP id 1FBC837B479; Sat, 11 Nov 2000 18:02:07 -0800 (PST) Received: from vademecum (localhost [127.0.0.1]) by shell.nominum.com (Postfix) with SMTP id 0625C3190C; Sat, 11 Nov 2000 18:02:04 -0800 (PST) From: "Mathias Körber" To: "Greg Lehey" , "Doug Barton" Cc: , , "Mathias Körber" , "FreeBSD Committers" Subject: RE: BIND 8.2.2-P5 Possible DOS Date: Sun, 12 Nov 2000 10:02:02 +0800 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <20001110193512.I1686@sydney.worldwide.lemis.com> X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I'm currently in a Singapore Linux User group meeting, and we were > discussing this matter. Mathias K=F6rber of Nominum is of the opinion > that it's wrong to use BIND 8.2.3-T6b in -STABLE. He also doubts that > this particular bug is fixed in this version. I don't have enough > knowledge of the issues to comment. Does anybody else? Please note: I said I personally would not think using any -BETA product in a release is not so good a thing. I also said that I'm not sure whether it is fixed in 8.2.3, as a) the fix is new b) I'm not in the development cycle in Nominum It turns out that 8.2.3* whatever does not have the bug, so is safe, but that was not clear (to me) at that point. My opinions in this matter are not official opinions of Nominum in any case. Mathias >=20 > Greg > -- > Finger grog@lemis.com for PGP public key > See complete headers for address and phone numbers >=20 >=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message