From owner-freebsd-isp Sun Nov 24 7:41:57 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 686A537B401 for ; Sun, 24 Nov 2002 07:41:56 -0800 (PST) Received: from pendragon.tacni.net (radius.tacni.net [64.247.218.2]) by mx1.FreeBSD.org (Postfix) with SMTP id B02BE43EA9 for ; Sun, 24 Nov 2002 07:41:55 -0800 (PST) (envelope-from tom.oneil@tacni.com) Received: (qmail 38563 invoked by uid 85); 24 Nov 2002 15:41:42 -0000 Received: from tom.oneil@tacni.com by arthur.tacni.net by uid 81 with qmail-scanner-1.11 (uvscan: v4.1.60/v4200. . Clear:. Processed in 0.681783 secs); 24 Nov 2002 15:41:42 -0000 Received: from unknown (HELO tacni.com) (66.169.172.133) by pendragon.tacni.net with SMTP; 24 Nov 2002 15:41:41 -0000 Message-ID: <3DE0F34F.3060104@tacni.com> Date: Sun, 24 Nov 2002 09:42:07 -0600 From: Tom ONeil User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.1) Gecko/20020826 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Free Subject: Firewall/ IPFW question - somewhat urgent Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm in a bind for a number of reasons, mostly because I am not local to the firewall. In order to block a port for all systems inside the firewall using ipfw, the man page indicates the syntax is ${fwcmd} add deny all from all to all ${fwcmd} add deny all to all from all Specifically, ${fwcmd} add deny all from all to all 1337 ${fwcmd} add deny all to all from all 1337 But I am not 100% positive. (Yes, were getting DOS'd.) Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 8:14: 4 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8C55437B404 for ; Sun, 24 Nov 2002 08:14:03 -0800 (PST) Received: from infiniteloop.ca (infiniteloop.ca [216.126.86.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 614D443EA9 for ; Sun, 24 Nov 2002 08:14:00 -0800 (PST) (envelope-from dev@samurai.com) Received: from localhost (localhost [127.0.0.1]) by infiniteloop.ca (Postfix) with ESMTP id CB4BD6414 for ; Sun, 24 Nov 2002 11:13:04 -0500 (EST) Received: from infiniteloop.ca ([127.0.0.1]) by localhost (infiniteloop.ca [127.0.0.1]) (amavisd-new) with ESMTP id 86944-10 for ; Sun, 24 Nov 2002 11:13:03 -0000 (EST) Received: from mia.samurai.com (mia.cbc.ca [159.33.1.104]) (using SSLv3 with cipher DES-CBC3-SHA (168/168 bits)) (Client did not present a certificate) by infiniteloop.ca (Postfix) with ESMTP id 5753E6474 for ; Sun, 24 Nov 2002 11:13:03 -0500 (EST) Message-Id: <5.1.1.6.2.20021124111332.02b57508@wheresmymailserver.com> X-Sender: (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.1.1 Date: Sun, 24 Nov 2002 11:13:41 -0500 To: freebsd-isp@freebsd.org From: Blake Crosby Subject: Re: Firewall/ IPFW question - somewhat urgent Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by amavisd-new using Mcafee VirusScan X-Razor-id: 7d7d495a4ddc33402ccdd2b66ac3c5709946763a Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yup that will block all incoming and outgoing traffic on port 1337 (both tcp and udp) Blake At 09:42 AM 24/11/2002 -0600, you wrote: >I'm in a bind for a number of reasons, mostly because I am not local to >the firewall. > > In order to block a port for all systems inside the firewall using ipfw, > the man page indicates the syntax is >${fwcmd} add deny all from all to all >${fwcmd} add deny all to all from all > >Specifically, > >${fwcmd} add deny all from all to all 1337 >${fwcmd} add deny all to all from all 1337 > > But I am not 100% positive. > >(Yes, were getting DOS'd.) > > Tom > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 17:52:15 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE13637B401 for ; Sun, 24 Nov 2002 17:52:14 -0800 (PST) Received: from fire.org.nz (firewall.fire.org.nz [203.97.144.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 63E1843E4A for ; Sun, 24 Nov 2002 17:52:13 -0800 (PST) (envelope-from andy@fud.org.nz) Received: by homer.fire.org.nz id <119050>; Mon, 25 Nov 2002 14:51:55 +1300 Subject: 150 VLANS?? From: Andrew Thompson To: freebsd-isp@freebsd.org Content-Type: text/plain Organization: Message-Id: <02Nov25.145155nzdt.119050@homer.fire.org.nz> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.0 Date: 25 Nov 2002 14:51:27 +1300 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I have been given the task of providing broadband Internet for a new apartment building. There are about 150 apartments and I am trying to think of the best way to tackle this one. The one condition is that I am able to track usage for billing purposes (simple byte count will do). The first option that sprung to mind was to just have one big lan with router, but there are concerns about security. My next idea was to buy four cisco 48-port switches and have each port on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw or ipf to count the bytes on each vlan device. Can anyone tell me if this is feasable? or am I doomed to fail? thanks Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 18: 6:19 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 887C437B401 for ; Sun, 24 Nov 2002 18:06:18 -0800 (PST) Received: from buck.Hughes.com.au (ns1.Hughes.com.au [203.16.25.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1796C43EA9 for ; Sun, 24 Nov 2002 18:06:17 -0800 (PST) (envelope-from bambi@Hughes.com.au) Received: from fawn (szpp-p-144-139-27-216.prem.tmns.net.au [144.139.27.216]) by buck.Hughes.com.au (8.12.1/8.11.1) with SMTP id gAP1xBk2086173 for ; Mon, 25 Nov 2002 11:59:12 +1000 (EST) (envelope-from bambi@Hughes.com.au) From: "David J. Hughes" To: Subject: RE: 150 VLANS?? Date: Mon, 25 Nov 2002 12:04:31 +1000 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Importance: Normal In-reply-to: <02Nov25.145155nzdt.119050@homer.fire.org.nz> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > My next idea was to buy four cisco 48-port switches and have each port > on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw > or ipf to count the bytes on each vlan device. Or use an SNMP based tool to monitor traffic that flows in/out the individual switch ports. (e.g. TraffAcct available from www.hughes.com.au - shameless plug ;-) > Can anyone tell me if this is feasable? or am I doomed to fail? Sounds perfectly normal to me. Bambi ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 18:39: 5 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 32D4937B401 for ; Sun, 24 Nov 2002 18:39:03 -0800 (PST) Received: from exchange.wan.no (exchange.wan.no [80.86.128.88]) by mx1.FreeBSD.org (Postfix) with ESMTP id 17E2943E3B for ; Sun, 24 Nov 2002 18:39:02 -0800 (PST) (envelope-from sten.daniel.sorsdal@wan.no) content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Subject: RE: 150 VLANS?? Date: Mon, 25 Nov 2002 03:39:15 +0100 X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F07DDEE@exchange.wan.no> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: 150 VLANS?? Thread-Index: AcKUJW4Mxotkaa/RQUKo7ljfxeRNCAAA6Byw From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= To: "Andrew Thompson" , Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I would go for the 150 VLANs thing, it might get you if you're supplying = public IP addresses to each apartment Ie (that could be solved with for example PPPoE). With 150 vlans you can more easily stop spoofing and do accounting in = one rule=20 (spoofing is something im very concerned with regarding any network = structure). With 150 VLANs you can also do forms of load balancing (say 20 vlans of = the group constantly use the net) you could shift The vlans over to a second or third interface. Making it very easy to = expand. With VLANs you can also make sure no one is "cheating" by using the next = apartments ratio/quota (if you are/will apply this). Most VLAN switches have options to make sure no one with a vlan able = adapter is able to make their own tagged packets as if it was the = neighbour. The network would go somewhat faster, especially for users as Windows = (for example) slow down noticebly from network chatter.=20 And the users wont copy between eachother without you getting your cut = (you are after all supplying the infrastructure). The FreeBSD router can have backup systems making sure readings arent = lost (as switches can easily be rebooted etc). And if the FreeBSD router cant cope with the traffic you can always put = in two without doing network gymnastics. I can recommend FXP (Intel) network cards for VLANing, it doesn't do = hardware vlaning but with polling added I would Say that it would make up for it. I run 100 vlans on a mere Celeron 500mhz ( okay, it has specially = designed hardware - WAN Access Gateway - a product im charge of = developing - shameless plug!) and it has no trouble in keeping up with = the demands (on average 50 mbit intervlan traffic and peaks of 300mbit)=20 ---------------------------------- Med vennlig hilsen / Best regards Sten Daniel S=F8rsdal Wireless Systems Manager WAN Norway AS sten.daniel.sordal@wan.no http://www.wan.no | http://www.wan-international.com Tel: +47 69 21 13 00 Fax: +47 69 21 13 01 Dir: +47 69 21 13 06 Mobile: +47 40 80 03 06 ------------------------------------ -----Original Message----- From: Andrew Thompson [mailto:andy@fud.org.nz]=20 Sent: 25. november 2002 02:51 To: freebsd-isp@freebsd.org Subject: 150 VLANS?? Hi, I have been given the task of providing broadband Internet for a new = apartment building. There are about 150 apartments and I am trying to = think of the best way to tackle this one. The one condition is that I = am able to track usage for billing purposes (simple byte count will do). The first option that sprung to mind was to just have one big lan with = router, but there are concerns about security. =20 My next idea was to buy four cisco 48-port switches and have each port = on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw = or ipf to count the bytes on each vlan device. Can anyone tell me if this is feasable? or am I doomed to fail? thanks Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 21: 7: 4 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF9F537B401 for ; Sun, 24 Nov 2002 21:07:02 -0800 (PST) Received: from smtp2.sentex.ca (smtp2.sentex.ca [199.212.134.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1872843EB3 for ; Sun, 24 Nov 2002 21:07:02 -0800 (PST) (envelope-from mike@sentex.net) Received: from house (cage.simianscience.com [64.7.134.1]) by smtp2.sentex.ca (8.12.6/8.12.6) with SMTP id gAP56sNo084690; Mon, 25 Nov 2002 00:06:55 -0500 (EST) (envelope-from mike@sentex.net) From: Mike Tancsa To: Andrew Thompson Cc: freebsd-isp@freebsd.org Subject: Re: 150 VLANS?? Date: Mon, 25 Nov 2002 00:06:54 -0500 Message-ID: References: In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Go the vlan route for sure. Dont be afraid of 150 interfaces as the lookups are hashed. You can simulate and test it fairly easily to make sure it matches your expectations. Also, Ciscos are of course nice, but if cost is an issue, check out some = of the non cisco 802.1q switches on ebay. There are Nortel Centillions with 100 port densitys going for under $1,000. Just make sure you get = software with it. ---Mike On 25 Nov 2002 14:51:27 +1300, in sentex.lists.freebsd.isp you wrote: >Hi, > > >I have been given the task of providing broadband Internet for a new >apartment building. There are about 150 apartments and I am trying to >think of the best way to tackle this one. The one condition is that I >am able to track usage for billing purposes (simple byte count will do). > >The first option that sprung to mind was to just have one big lan with >router, but there are concerns about security. =20 > >My next idea was to buy four cisco 48-port switches and have each port >on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw >or ipf to count the bytes on each vlan device. > >Can anyone tell me if this is feasable? or am I doomed to fail? > > >thanks > >Andrew > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message Mike Tancsa (mike@sentex.net)=09 http://www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Nov 24 21:26:36 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A558637B404 for ; Sun, 24 Nov 2002 21:26:34 -0800 (PST) Received: from yama.geminisolutions.com (yama.geminisolutions.com [216.57.214.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF78543E4A for ; Sun, 24 Nov 2002 21:26:30 -0800 (PST) (envelope-from michael@staff.openaccess.org) Received: from [10.0.1.3] (0-1pool22-155.nas8.bellevue1.wa.us.da.qwest.net [67.3.22.155]) by yama.geminisolutions.com (8.12.3/8.11.6) with ESMTP id gAP5IJX2047016; Sun, 24 Nov 2002 21:18:19 -0800 (PST) (envelope-from michael@staff.openaccess.org) User-Agent: Microsoft-Entourage/10.0.0.1309 Date: Sun, 24 Nov 2002 21:26:29 -0800 Subject: Re: 150 VLANS?? From: Michael DeMan To: Andrew Thompson , Message-ID: In-Reply-To: <02Nov25.145155nzdt.119050@homer.fire.org.nz> Mime-version: 1.0 Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org We do this with a FreeBSD VLAN trunk and switches, I would definitely not try to do one large LAN. There are too many problems with security, people trying to hack each other's machines, etc. We run 64 VLANs on 486 class gear and have great throughput. Intel (fxp) and (sis) drivers work well since the 802.1q VLAN header is stripped in hardware. On 11/24/02 5:51 PM, "Andrew Thompson" wrote: > Hi, > > > I have been given the task of providing broadband Internet for a new > apartment building. There are about 150 apartments and I am trying to > think of the best way to tackle this one. The one condition is that I > am able to track usage for billing purposes (simple byte count will do). > > The first option that sprung to mind was to just have one big lan with > router, but there are concerns about security. > > My next idea was to buy four cisco 48-port switches and have each port > on a seperate vlan, then create 150 vlan devices on FreeBSD and use ipfw > or ipf to count the bytes on each vlan device. > > Can anyone tell me if this is feasable? or am I doomed to fail? > > > thanks > > Andrew > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > Michael F. DeMan Director of Technology OpenAccess Internet Services 1305 11th St., 3rd Floor Bellingham, WA 98225 Tel 360-647-0785 x204 Fax 360-738-9785 michael@staff.openaccess.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 25 1:23:41 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0198737B401 for ; Mon, 25 Nov 2002 01:23:40 -0800 (PST) Received: from opium.co.za (opium.co.za [196.34.165.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4062A43ED4 for ; Mon, 25 Nov 2002 01:23:38 -0800 (PST) (envelope-from mark@opium.co.za) Received: from mark (helo=localhost) by opium.co.za with local-esmtp (Exim 3.36 #1) id 18GFSj-0001ah-00 for freebsd-isp@freebsd.org; Mon, 25 Nov 2002 11:23:29 +0200 Date: Mon, 25 Nov 2002 11:23:29 +0200 (SAST) From: Mark Bojara X-X-Sender: mark@opium.co.za To: freebsd-isp@freebsd.org Subject: exim setup Message-ID: <20021125111716.N6040-100000@opium.co.za> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I require some help on a solution with exim 4. Basically I will have 2 smtp servers.. The one is hosted onsite the other offsite.. Both SMTP servers serve mics.co.za. (MX goes to offsite server). All mail for that specific domain (domainlist stored in a mysql db.. dont worry about mysql parts). Will first be checked if it can do a local delivery. If it fails it must automatically route to a specific smtp server (if the domain is in a domainlist). Then only if that server fails it must sent the reciepient the error message. Basically a quick drawing: [incoming email] | | [check if it can deliver locally -- possibly end of delivery] | | [if not, smart route email to a single remote smtp server.. if reciepient domain is in mysql database] | | [end of delivery] Any help would be very appreciated. Thanks, Mark ---------------------------------------------------------------- Data/Spock '96 the Logical Choice! ---------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 25 10:55:57 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7E5D937B401 for ; Mon, 25 Nov 2002 10:55:56 -0800 (PST) Received: from web1.nexusinternetsolutions.net (web1.nexusinternetsolutions.net [206.47.131.12]) by mx1.FreeBSD.org (Postfix) with SMTP id D477C43E4A for ; Mon, 25 Nov 2002 10:55:55 -0800 (PST) (envelope-from dave@hawk-systems.com) Received: (qmail 7810 invoked from network); 25 Nov 2002 18:55:53 -0000 Received: from unknown (HELO ws1) (24.157.103.51) by web1.nexusinternetsolutions.net with SMTP; 25 Nov 2002 18:55:53 -0000 From: "Dave [Hawk-Systems]" To: Subject: OT: looking for Intel ISP1100 Date: Mon, 25 Nov 2002 13:55:52 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Slightly OT... looking to pick up a few more ISP1100s, in posting a question regarding them previously to this list, a few people indicated they had units they were trying to move... please email off list with details(with/without cput, HDD, etc...). We are already looking at ebay listings in the USA and Canada so please don't forward links to these. Thanks Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 25 11:12:47 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F30B37B401 for ; Mon, 25 Nov 2002 11:12:46 -0800 (PST) Received: from stud_2.unisg.ch (stud2.unisg.ch [130.82.110.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 50E6443E88 for ; Mon, 25 Nov 2002 11:12:34 -0800 (PST) (envelope-from Arie.Gerszt@student.unisg.ch) Subject: ipfilter To: freebsd-isp@FreeBSD.ORG X-Mailer: Lotus Notes Release 5.0.6a January 17, 2001 Message-ID: From: Arie.Gerszt@student.unisg.ch Date: Mon, 25 Nov 2002 20:12:23 +0100 X-MIMETrack: Serialize by Router on Stud_2/student/UNISG/CH(Release 5.0.6a |January 17, 2001) at 25.11.2002 20:12:45 MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hi everybody i am looking for a sample configuration for ipfilter running on a web, ssh, ftpserver. the server should be fairly open. i'd like to limit the connection in-bound into ssh and filter some icmp types (which one are suggested?) the machine itself is a webserver, therefor http and ftp should be completely open, aswell as smtp, pop3 and imap4. further on i'd like to open some specific ports, such as 8080 for other web services. thank you for any help or resources pointed, regards arie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 11:58:12 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1F20C37B401 for ; Tue, 26 Nov 2002 11:58:10 -0800 (PST) Received: from loops.nilpotent.org (loops.nilpotent.org [12.17.163.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 2128E43EA9 for ; Tue, 26 Nov 2002 11:58:09 -0800 (PST) (envelope-from fn@hungry.org) Received: (qmail 13761 invoked from network); 26 Nov 2002 19:57:54 -0000 Received: from unknown (202.125.140.146) by loops.nilpotent.org with QMTP; 26 Nov 2002 19:57:54 -0000 Received: (qmail 503 invoked by uid 500); 26 Nov 2002 19:58:05 -0000 To: freebsd-isp@freebsd.org Subject: Re: ipfilter References: X-nil: X-Useless-info: System load is 1.25 with 75 processes active. X-Neuromancer: At 12:05:00, the mirror-sheathed nexus of the Sense/Net consortium held just over three thousand employees. From: Faried Nawaz Organization: Integral Domains Date: Wed, 27 Nov 2002 00:58:05 +0500 Message-ID: Lines: 82 User-Agent: Gnus/5.090008 (Oort Gnus v0.08) XEmacs/21.4 (Artificial Intelligence, i386-unknown-freebsd4.6) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Here's a simple ruleset for your /etc/ipf.rules. Assumptions: - eth0 is your ethernet interface with the ip address aaa.bbb.ccc.ddd - your broadcast address is aaa.bbb.ccc.255 - your network address is aaa.bbb.ccc.0 - you want to log some traffic. if you don't, strip the "log" keyword from the lines below - sysctl -a says net.inet.ip.portrange.hifirst: 49152 net.inet.ip.portrange.hilast: 65535 these values are used by ftpd. man ftpd and search for the "-U" parameter - icmp isn't filtered out. - you've read http://www.obfuscation.org/ipf/ (or one of its mirrors). ### allow loopback traffic pass in quick on lo0 pass out quick on lo0 ### block certain incoming netblocks # you may need to adjust this for your own network # if you use private addressing block in log quick on eth0 from 172.16.0.0/12 to any block in log quick on eth0 from 10.0.0.0/8 to any block in log quick on eth0 from 127.0.0.0/8 to any block in log quick on eth0 from 192.168.0.0/16 to any block in log quick on eth0 from 0.0.0.0/8 to any block in log quick on eth0 from 169.254.0.0/16 to any block in log quick on eth0 from 192.0.2.0/24 to any block in log quick on eth0 from any to aaa.bbb.ccc.255/32 block in log quick on eth0 from any to aaa.bbb.ccc.0/32 ### default in policy block in on eth0 all ### default out policy pass out quick on eth0 proto udp from aaa.bbb.ccc.ddd/32 to any keep state pass out quick on eth0 proto tcp from aaa.bbb.ccc.ddd/32 to any flags S keep state pass out quick on eth0 proto icmp from aaa.bbb.ccc.ddd/32 to any keep state ### now for the stuff we let in. # web pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 80 flags S keep state # ssh pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 22 flags S keep state # ftp pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 20 flags S keep state pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 21 flags S keep state # passive ftp pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port 49151 >< 65535 flags S keep state # smtp pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 25 flags S keep state # pop3 pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 110 flags S keep state # imap4 pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 143 flags S keep state # misc web pass in quick on eth0 proto tcp from any to aaa.bbb.ccc.ddd/32 port = 8080 flags S keep state # icmp pass in quick on eth0 proto icmp from any to aaa.bbb.ccc.ddd/32 keep state ### finally block return-rst in log on eth0 proto tcp all block return-icmp-as-dest(port-unr) in log on eth0 proto udp all ### eof If you're going to perform outbound ftp from the machine, place this in /etc/ipnat.rules: map eth0 0/0 -> 0/32 proxy port 21 ftp/tcp Faried. -- The Great GNU has arrived, infidels, behold his wrath ! "If a MOO runs on a port no one accesses, does it run?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 13:16:43 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1419837B401 for ; Tue, 26 Nov 2002 13:16:37 -0800 (PST) Received: from smtp.ericx.net (ethel.ericx.net [204.128.227.33]) by mx1.FreeBSD.org (Postfix) with SMTP id 5DEDD43EB2 for ; Tue, 26 Nov 2002 13:16:35 -0800 (PST) (envelope-from ericx@vineyard.net) Received: from fortiva (FORTIVA.VINEYARD.NET [204.17.195.104]) by smtp.ericx.net (Postfix) with SMTP id C7A1C161D8; Tue, 26 Nov 2002 16:16:28 -0500 (EST) Message-ID: <06f701c29591$033fbae0$68c311cc@vineyard.net> From: "Eric W. Bates" To: "Marcin Jessa" Cc: References: <20021118231031.GA74664@yazzy.org> Subject: Re: Dynamic DNS Server Date: Tue, 26 Nov 2002 16:15:57 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- From: "Marcin M. Jessa" To: Sent: Monday, November 18, 2002 6:10 PM Subject: Dynamic DNS Server > Hi guys. > > I would like to set up a dynamic dns server. > Do you know of any? > The perfect sollution would be to make it to authenticate users from a LDAP server but this it not nessesary. > I'd also need windows and bsd/linux dyndns client apps that could talk to my server as well. > > Thanks in advance. > YazzY > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > This isn't overly generic; it's a client script; and I haven't finished testing it; however, you might find this handy as a starting point. This script hits a URL to determine it's IP address (this presumes the machine is behind NAT and has no other way to find out the assigned IP). If the IP has changed, it composes a TSIG signed update message and sends it off to the named server. What's wrong: I have to do some reading and experimentation about bind9 RR's. I'm not sure what is a reasonable TTL to submit with the A record with the new IP. I don't know whether the name server will delete the record when the TTL expires (in which case, the logic has to keep track of the expiry and push updates out when they are due as well as when there is a change). The client doesn't have any way to know when the lease (if it is dhcp... does PPPoE provide expiry data?) is due to expire. Also: when ISC's dhcpd performs dynamic updates, it submits TXT records along with the A and PTR records. The script still needs to be daemonized (probably a 5 minute wait loop). Probably should have some logging. The whole thing probably ought to be 180'ed and be re-written as a mod_perl handler. After which, the remote simply needs to query an authenticated URL. Let me know if this appears to have any value to you; I have to finish it in the next week or so. #!/bin/sh # File: whats-my-line # Author: Charlie Root, ericx@vineyard.net # Date: Thu Nov 21 18:49:12 2002 # Time-stamp: <2002-11-21 19:32:58 ericx> # Description: Simple CGI to announce IP address of remote host # # $Id: whats-my-line,v 1.2 2002/11/22 00:33:36 ericx Exp $ # $Log: whats-my-line,v $ # Revision 1.2 2002/11/22 00:33:36 ericx # Switched from perl to shell # # Revision 1.1 2002/11/22 00:00:21 ericx # Hey! It works! # echo "Content-type: text/plain" echo echo "Remote IP = '${REMOTE_ADDR}'" #!/usr/bin/perl5 # File: dyn-dns-vni # Author: Charlie Root, ericx@vineyard.net # Date: Wed Nov 20 10:34:52 2002 # Time-stamp: <2002-11-26 15:13:09 ericx> # Description: DDNS (RFC 2136) script to push IP to VNI # # $Id: dyn-dns-vni,v 1.3 2002/11/22 03:16:23 ericx Exp ericx $ # $Log: dyn-dns-vni,v $ # Revision 1.3 2002/11/22 03:16:23 ericx # Gathering the IP works # # Revision 1.2 2002/11/21 23:43:45 ericx # &read_key works. # # Revision 1.1 2002/11/20 15:38:14 ericx # Initial revision # use strict; use Carp; use Data::Dumper; use LWP::UserAgent; use File::Basename; use Net::DNS; use constant DEBUG => 1; use constant GET_URI => 'https://www.your.host/cgi-bin/whats-my-line'; use constant LAST_IP_PATH => '/usr/local/share/dyn-dns-vni/last-ip'; use constant DOMAIN => 'somedomain.com'; use constant NS => 'ns1.your.host'; use constant TSIG_DIR => '/etc/namedb/keys'; use constant TSIG_NAME => 'some-ddns-key'; use vars qw($VERSION $PROG_NAME); # Set up $VERSION from RCS marker my @r = (q$Revision: 1.3 $ =~ /\d+/g); $VERSION = sprintf "%d."."%02d" x $#r, @r; { &main(); exit 0; } sub main { my $my_ip; # IP as reported by VNI CGI $my_ip = &get_ip(); &carp("My IP appears to be: '$my_ip'") if DEBUG; # compare IP with stored IP exit 0 if &is_same_ip($my_ip); # if different, submit an update and exit with error condition if # not successful. exit 1 unless &submit_update($my_ip); # Ok, we're all good. Write out the IP just successfully pushed # out for the next run. open(LAST_IP, '>'. LAST_IP_PATH) or &croak("Can't open ", LAST_IP_PATH, " for write."); } # Submit a GET requst to the VNI CGI and extract the IP number from # the response as a dotted quad. sub get_ip { my $useragent; # LWP UserAgent my $response; # response to GET request my $my_ip; # IP as reported by VNI CGI # submit a GET request to whats-my-line $useragent = LWP::UserAgent->new; $useragent->agent(&basename($0). "/$VERSION"); $response = $useragent->get(GET_URI); # confirm we got an answer &croak("GET of ". GET_URI. "failed:\n". $response->as_string()) if ($response->is_error); # extract the VNI response and strip the string out of the # response $my_ip = $response->content(); chomp $my_ip; &croak("Response content, '$my_ip', does not match regexp") unless $my_ip =~ s/^.+'([\d\.]+)'$/$1/; return $my_ip; } # Given an IP as a param, compare it with the saved version on # disk. Return true if the IP is the same. sub is_same_ip { my $my_ip = shift; my $last_ip; # if we can't open the file, then the comparison is a failure open(LAST_IP, LAST_IP_PATH) or return undef; $last_ip = ; chomp $last_ip; close LAST_IP; return $my_ip eq $last_ip; } # Push out a signed update request to the primary server at VNI. Spew # errors on failure; but return only a success/fail boolean. sub submit_update { my $new_ip = shift; my $key; # TSIG key for DNSSec my $update; # DNS Update object my $res; # DNS Resolver object my $reply; # DNS Reply object $key = &read_key(TSIG_NAME) or &croak("Can't read the key named: '". TSIG_NAME. "'."); &carp("key = '$key'") if DEBUG; # Create the update packet. $update = Net::DNS::Update->new(DOMAIN); # Add an A record for this host. # Have to suss the TTL data. 86400 = 24 hr. $update->push("update", rr_add("fw.some.host. 86400 A $new_ip")); $update->push("update", rr_add("mail.some.host. 86400 A $new_ip")); # not clear whether pushing an MX is appropriate (probably unnecessary) $update->push("update", rr_add(DOMAIN. " MX 10 mail.some.host")); # Sign the update $update->sign_tsig(TSIG_NAME, $key); # Send the update to the zone's primary master. $res = Net::DNS::Resolver->new(); $res->nameservers(NS); $reply = $res->send($update); # Did it work? if (defined $reply) { if ($reply->header->rcode eq "NOERROR") { return 1; } else { &carp("DNS Update failed: ". $reply->header->rcode); } } else { &carp("Update failed: ", $res->errorstring); } } # open up one of the 2 files created by dnskeygen in the TSIG # dir. This is a little krufty in that the file name algorithm inserts # digits in a way which I do not know how to reproduce. At this # location the digits are '+157+00000' consistently; but I have seen # other patterns. sub read_key { my $key_name = shift; # name of key my $key_file_name; # name of private file listing key # Find the key file corresponding to the keyname opendir(KEY_DIR, TSIG_DIR) or &croak("Cannot open TSIG directory."); $key_file_name = (grep {/^K$key_name\.\+\d{3}\+\d{5}\.private$/} readdir(KEY_DIR))[0]; closedir(KEY_DIR); open(KEY_FILE, TSIG_DIR. "/$key_file_name") or &croak("Cannot open key file, '$key_file_name'."); while () { next unless /^Key: (.*)$/; return $1; # success } return undef; # failure } =head1 VERSION $Id: dyn-dns-vni,v 1.3 2002/11/22 03:16:23 ericx Exp ericx $ =head1 AUTHOR Eric W. Bates =cut To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 17:36:25 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C98F37B401 for ; Tue, 26 Nov 2002 17:36:24 -0800 (PST) Received: from blue.centerone.com (blue.centerone.com [204.133.183.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86BC043E88 for ; Tue, 26 Nov 2002 17:36:23 -0800 (PST) (envelope-from rf-list@centerone.com) Received: from DELIVERANCE-XP.centerone.com (hs5-ifw.wiaas.org [65.102.239.61]) by blue.centerone.com (8.9.3/8.9.3) with ESMTP id SAA03473 for ; Tue, 26 Nov 2002 18:55:12 -0700 Message-Id: <5.1.0.14.2.20021126183345.0190a880@mail.centerone.com> X-Sender: rf-list@mail.centerone.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Tue, 26 Nov 2002 18:36:20 -0700 To: freebsd-isp@freebsd.org From: Ralph Forsythe Subject: Compiling BIND9 with SDB (LDAP) - help! Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Here is a copy of the email I sent to the author of the SDB LDAP addon for BIND9. I wouldn't post here except I need to get this working ASAP so I'm trying all possible avenues. If anyone has built this on FreeBSD and can offer some pointers, I'd be most grateful! -------------------------- I'm trying to install SDB into BIND 9.2.1, and am following your instructions. I have modified main.c, and Makefile.in, copied the ldapdb.c/h files as required, etc. In the bind source dir, I run: ./configure --with-openssl make depend (<-- recommended by the BIND docs if using outside code) make It runs for a while, then gives me this: ------------------------------ gcc -g -O2 -I/usr/home/rforsythe/bind-9.2.1 -I./include -I./unix/include -I/usr/home/rforsythe/bind-9.2.1/lib/lwres/include -I../../lib/lwres/unix/include -I../../lib/lwres/include -I/usr/home/rforsythe/bind-9.2.1/lib/dns/include -I../../lib/dns/include -I../../lib/dns/sec/dst/include -I/usr/home/rforsythe/bind-9.2.1/lib/isccfg/include -I../../lib/isccfg/include -I/usr/home/rforsythe/bind-9.2.1/lib/isccc/include -I../../lib/isccc/include -I/usr/home/rforsythe/bind-9.2.1/lib/isc/include -I../../lib/isc -I../../lib/isc/include -I../../lib/isc/unix/include -I../../lib/isc/nothreads/include -I/usr/local/include -W -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -c ldapdb.c ldapdb.c: In function `ldapdb_search': ldapdb.c:194: warning: `names' might be used uninitialized in this function gcc -g -O2 -o named aclconf.o client.o config.o control.o controlconf.o interfacemgr.o listenlist.o log.o logconf.o main.o notify.o query.o server.o sortlist.o tkeyconf.o tsigconf.o update.o xfrout.o zoneconf.o lwaddr.o lwresd.o lwdclient.o lwderror.o lwdgabn.o lwdgnba.o lwdgrbn.o lwdnoop.o lwsearch.o ldapdb.o unix/os.o ../../lib/lwres/liblwres.a ../../lib/dns/libdns.a -L/usr/lib -lcrypto ../../lib/isccfg/libisccfg.a ../../lib/isccc/libisccc.a ../../lib/isc/libisc.a -L/usr/local/lib -lldap -llber -lresolv /usr/libexec/elf/ld: cannot find -lresolv *** Error code 1 Stop in /usr/home/rforsythe/bind-9.2.1/bin/named. *** Error code 1 Stop in /usr/home/rforsythe/bind-9.2.1/bin. *** Error code 1 Stop in /usr/home/rforsythe/bind-9.2.1. --------------------------- I am attempting this on a FreeBSD 4.7 box (running current -STABLE binaries), with OpenLDAP2 as my LDAP server. I have ISPMAN (where I found out about your code) running against LDAP successfully, but nothing had to compile there either... When I look in /usr/local/include I see ldap.h and lber.h, but no lresolv.h so I assume this is my problem, but I'm not sure how to correct it, or change the SDB code to let me compile this. I tried removing the -lresolv word from the DBDRIVER_LIBS= line but the results did not change. I appreciate any help you can give me on this! Thanks, Ralph Forsythe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 18:13:54 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4654E37B401 for ; Tue, 26 Nov 2002 18:13:52 -0800 (PST) Received: from proverbs.outreachnetworks.com (proverbs.outreachnetworks.com [65.196.249.4]) by mx1.FreeBSD.org (Postfix) with SMTP id 7BC3943EB2 for ; Tue, 26 Nov 2002 18:13:51 -0800 (PST) (envelope-from elh@outreachnetworks.com) Received: (qmail 97136 invoked from network); 27 Nov 2002 02:13:50 -0000 Received: from adsl-66-73-187-215.dsl.sfldmi.ameritech.net (HELO preacher.outreachnetworks.com) (66.73.187.215) by proverbs.outreachnetworks.com with SMTP; 27 Nov 2002 02:13:50 -0000 Received: (qmail 999 invoked by uid 1000); 27 Nov 2002 02:13:49 -0000 Date: Tue, 26 Nov 2002 21:13:49 -0500 From: "Eric L. Howard" To: freebsd-isp@FreeBSD.ORG Subject: Re: ipfilter & webserver Message-ID: <20021127021349.GB936@outreachnetworks.com> Mail-Followup-To: freebsd-isp@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i X-Favorite-Scripture: Romans 8:18 X-Theocratic-Rule-Advocate: http://www.crossmovement.com X-Registered-Secret-Agent: Agent Double-Naught Seven X-Operating-System: Linux 2.4.18-bf2.4 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At a certain time, now past, Arie J. Gerszt spake thusly: > hi everybody > > i am looking for a sample configuration for ipfilter running on a web, ssh, > ftp > server. the server should be fairly open. i'd like to limit the connection > in- > bound into ssh and filter some icmp types (which one are suggested?) Did you start @ /usr/share/examples/ipfilter ? bash-2.05a$ ls /usr/share/examples/ipfilter/* /usr/share/examples/ipfilter/BASIC.NAT /usr/share/examples/ipfilter/BASIC_1.FW /usr/share/examples/ipfilter/BASIC_2.FW /usr/share/examples/ipfilter/README /usr/share/examples/ipfilter/example.1 /usr/share/examples/ipfilter/example.10 /usr/share/examples/ipfilter/example.11 /usr/share/examples/ipfilter/example.12 /usr/share/examples/ipfilter/example.13 /usr/share/examples/ipfilter/example.14 /usr/share/examples/ipfilter/example.2 /usr/share/examples/ipfilter/example.3 /usr/share/examples/ipfilter/example.4 /usr/share/examples/ipfilter/example.5 /usr/share/examples/ipfilter/example.6 /usr/share/examples/ipfilter/example.7 /usr/share/examples/ipfilter/example.8 /usr/share/examples/ipfilter/example.9 /usr/share/examples/ipfilter/example.sr /usr/share/examples/ipfilter/examples.txt /usr/share/examples/ipfilter/firewall /usr/share/examples/ipfilter/firewall.1 /usr/share/examples/ipfilter/firewall.2 /usr/share/examples/ipfilter/ftp-proxy /usr/share/examples/ipfilter/ftppxy /usr/share/examples/ipfilter/ipf-howto.txt /usr/share/examples/ipfilter/ipf.conf.permissive /usr/share/examples/ipfilter/ipf.conf.restrictive /usr/share/examples/ipfilter/ipf.conf.sample /usr/share/examples/ipfilter/ipnat.conf.sample /usr/share/examples/ipfilter/nat-setup /usr/share/examples/ipfilter/nat.eg /usr/share/examples/ipfilter/rules.txt /usr/share/examples/ipfilter/server /usr/share/examples/ipfilter/tcpstate ~elh -- Eric L. Howard e l h @ o u t r e a c h n e t w o r k s . c o m ------------------------------------------------------------------------ www.OutreachNetworks.com 313.297.9900 ------------------------------------------------------------------------ JabberID: elh@jabber.org Advocate of the Theocratic Rule To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 21:27: 7 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 87B5F37B401 for ; Tue, 26 Nov 2002 21:27:05 -0800 (PST) Received: from rhid.com (rhid.com [64.49.215.200]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2013C43E9C for ; Tue, 26 Nov 2002 21:27:05 -0800 (PST) (envelope-from jwp@rhid.com) Received: from mail.rhid.com (0-1pool218-242.nas34.tempe1.az.us.da.qwest.net [67.3.218.242]) by rhid.com (Postfix) with ESMTP id 368E63568A6 for ; Wed, 27 Nov 2002 05:26:50 +0000 (GMT) Received: by mail.rhid.com (Postfix, from userid 1000) id 872A42C94F; Tue, 26 Nov 2002 22:27:26 -0700 (MST) Date: Tue, 26 Nov 2002 22:27:26 -0700 From: James Pye To: freebsd-isp@freebsd.org Subject: Re: Dynamic DNS Server Message-ID: <20021127052726.GB1806@void> References: <20021118231031.GA74664@yazzy.org> <06f701c29591$033fbae0$68c311cc@vineyard.net> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="rJwd6BRFiFCcLxzm" Content-Disposition: inline In-Reply-To: <06f701c29591$033fbae0$68c311cc@vineyard.net> User-Agent: Mutt/1.4i Organization: rhid development Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --rJwd6BRFiFCcLxzm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable greetings, if dns updates alone are not satisfying, i would suggest bind-dlz(ports/ne= t/bind9-dlz). i don't think it supports dns "updates"(cant remember the rfc= #..) with the database backend, but you can update/add/delete RRs whatever = way you can interface with the database(pgsql,mysql,filesystem drivers are = supported right now, more on the way, i think)..(i've been playing with a p= gsql backend, and it seems to work quite well) as far as authenticating users, you could have a php script ref an ldap db= (or pgsql, or whatever), and anyone with a browser could update their RRs... i dunno about windows(without cygwin at least), but you could VERY easily = make an sh script call curl with some post data(user,pass,IP(optional, over= loads client IP address :)).. if a web interface isn't the style you're looking for, you could write a s= imple client/server script with your favorite scripting language, tho this = would kinda be a pain ;).. -james | ----- Original Message ----- | From: "Marcin M. Jessa" | To: | Sent: Monday, November 18, 2002 6:10 PM | Subject: Dynamic DNS Server |=20 |=20 | > Hi guys. | > | > I would like to set up a dynamic dns server. | > Do you know of any? | > The perfect sollution would be to make it to authenticate users from a | LDAP server but this it not nessesary. | > I'd also need windows and bsd/linux dyndns client apps that could talk = to | my server as well. | > | > Thanks in advance. | > YazzY | > | > To Unsubscribe: send mail to majordomo@FreeBSD.org | > with "unsubscribe freebsd-isp" in the body of the message | > --rJwd6BRFiFCcLxzm Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQE95Fe+nbjJW1rXbm8RAoEHAKDG6CHUsFikJyKAxF8badNTfYirjACfdEuT 1LjSpeEf79fbQ3qYT+oH7xc= =DQBp -----END PGP SIGNATURE----- --rJwd6BRFiFCcLxzm-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 26 23: 6:11 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 90CBA37B408 for ; Tue, 26 Nov 2002 23:06:10 -0800 (PST) Received: from smtp.internet.dk (smtp.internet.dk [194.19.140.25]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2B78E43E88 for ; Tue, 26 Nov 2002 23:06:09 -0800 (PST) (envelope-from leifn@neland.dk) Received: from gina (0x50c48aec.adsl-fixed.tele.dk [80.196.138.236]) (authenticated) by smtp.internet.dk (8.11.6/8.11.6/Debian/GNU) with ESMTP id gAR762r04864 for ; Wed, 27 Nov 2002 08:06:02 +0100 Message-ID: <00a001c295e3$782aa250$6d05a8c0@gina> From: "Leif Neland" To: References: <20021118231031.GA74664@yazzy.org> <06f701c29591$033fbae0$68c311cc@vineyard.net> Subject: Re: Dynamic DNS Server Date: Wed, 27 Nov 2002 08:06:07 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ----- Original Message ----- From: "Eric W. Bates" To: "Marcin Jessa" Cc: Sent: Tuesday, November 26, 2002 10:15 PM Subject: Re: Dynamic DNS Server >. > > What's wrong: > I have to do some reading and experimentation about bind9 RR's. I'm not > sure what is a reasonable TTL to submit with the A record with the new IP. > I don't know whether the name server will delete the record when the TTL > expires I've seen TTL's between 60 and 300 seconds for ddns. The nameserver does not delete information it is authoritative for; ttl is just used to tell when non-authoritative systems are supposed to fetch an update from an authoritative system. If you use dig against a non-authoritive server, you will notice the ttl decrements, while from an authoritive server it doesn't. Leif To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 1:12:32 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1781937B404 for ; Wed, 27 Nov 2002 01:12:31 -0800 (PST) Received: from adsl-ayalon-oc-112-153.inter.net.il (adsl-ayalon-oc-112-153.inter.net.il [213.8.112.153]) by mx1.FreeBSD.org (Postfix) with SMTP id 0493243EA9 for ; Wed, 27 Nov 2002 01:12:28 -0800 (PST) (envelope-from happypal@netvision.net.il) From: "The Associations for security and Prosperity in the Middle East" To: freebsd-isp@FreeBSD.org Subject: =?windows-1255?B?8O7g8SDs6iDu5ODs6e7l+iDl5+Xx+CDk8eXh7PDl+j8=?= Date: Wed, 27 Nov 2002 02:42:25 +0200 Message-ID: <002001c295ad$db673490$0101c80a@arad> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1255" Content-Transfer-Encoding: base64 X-Priority: 1 (Highest) X-MSMail-Priority: High X-Mailer: Microsoft Outlook, Build 10.0.4024 Importance: High X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org DQrw7uDxIOzqIO7k4Ozp7uX6IOXn5fH4IOTx5eHs8OX6Pw0KDQrg8OUg+e7n6e0g7OH5+CDs6iDr 6SDk5+Xh+PogIuTj+Oog4Owg5ODl+fgiIJYg7uP46eog5OLp5fDpIOzn6entIOjl4entDQrp5fr4 IJYg+ufl7Pcg6+768OQg7Pfl+ODpIO735e7l8Okg+Pn6IPnl9+8g6efjIPLtIOTy6frl7yDh7uTs 6iDk+eHl8uX6DQrk9/jl4entLCDr7vLoIOHr7CDk4Pj1Lg0KDQrk5+Xh+PogIuTj+Oog4Owg5ODl +fgiIOv65eHkIOH25fjkIPT55ejkIOXu5PDkIOz3+Ong5Cwg5e7k5eXkIPH0+OXvDQrk4/jr5CDn +eXhIOzn6entIPLtIPTn5fog4Ozp7uX6IOXp5fr4IOTh8OQg4envIODw+entLg0KDQrk5+Xh+Pog 5uv65CDs4en35fjl+iDw7OTh5fog4evsIPjn4ekg5OD49SDl4fLl7O0sIOXk5fT25CDh7uDl+iDg 7PTpDQry5fr36e0g4e7k7Oog+vfl9OX6IPf55fog+eT64PTp6fDlIOHx6/Hl6+ntIOfu5fjp7SDl 4eDs6e7l+jog4eP45e0NCuD0+On35CDh+vfl9Pog5OD0+Ojk6enjLCDh8un4IPDp5S3p5fj3IO7p 6eMg7ODn+CDg8eXvIOT64OXu6e0sDQrh7OXxLeDw4ifs8SDh5u7vIOTu5OXu5fog5OHp7y3i5vLp 5fog5O705fjx7uX6IOH65+ns+iD58OX6IOT6+fLp7Swg5fLl4y4NCg0K4evsIPTy7SDl9PLtIOTi 6fLlIODsIOTu4Pji8OntIPri5eHl+iDw+OL55fog7uT35fjg6e0g+ePp5eXn5SDy7CD65+X5+g0K +vfl5eQg7PL66eMg6OXhIOnl+vgg4ebr5fog6en55e0g5PL3+OXw5fog5O705fjo6e0g4efl4fj6 Lg0KDQrh4Pj1IO706fbkIOD6IOTn5eH4+iAi5PLu5frkIOz54vnl4iDl4ejn5e8g4e7m+Ocg5Prp 6+XvIiwg6+fs9yDu+uXr8On6DQrn6fDl6+n6IO7p5efj+iDs5PTn+vog5ODs6e7l+iDh7uPp8OQu IO768OPh6SDk8u7l+uQg5On5+ODs6fog5O0g4PD56Q0K8vH36e0sIODw+ekg5+nw5eosIOXr7yD2 8un46e0g5fHo5ePw6OntLg0KDQrh8vfh5fog5Pru6evkIOTw+Ofh+iDs5CDm6/rkIOTn5eH4+iDh 9/jhIOPu5enl+iD26eHl+Onl+iDl5Pfk7CDk+OfhLA0K5Ofs6ejkIOTy7uX65CDs5+z3IODl+uQg 4e768OQg7Pfl+ODpIO735e7l8Okg+Pn6IPnl9+8g6+7y6CDh6+wg5OD49S4NCg0K+Pnp7vog5O73 5e7l8OntIOHk7SD65fT1IOTn5eH4+jog5PLp+Cwg8vjp7Swg6+wg5PLp+Cwg6+zh5SAo5+n05Cks IOTjDQrk9/jp5fosIPbl7vog5Pn45e8sIPb05e8gMSwg+frpIPL46e0sIO7s4OHxLCDr4O8g4/jl 7Swg5+P55fog8Prw6eQsDQrn4/nl+iDn4/jkLCDp4+ny5fog5OLs6ewsIPL46SDu5ePp8unvLg0K DQrk6eUg8un48Onp7SDh+eHl8uX6IOT3+OXh6e0g5ef0+eUg4Pog5Ofl4fj6IOHu9+Xu5e8g+ezr 7S4NCg0KDQrh4fjr5CwNCvLu5fEg4Ozp4OENCuPl4fgg5PLu5frkDQoNCirg7SD36eHs+iDg6e7p 6ewg5uQg4ejy5fog4OUg+eDp8Oog+OX25CDs9+HsIODp7unp7OntIPDl8fTp7Q0K8OAg5PnhIOzg 6e7p6ewg5uQg5fj55e0gICDkIPEgIPggICDh+eX4+iDk8OX54C4gDQoNCg== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 4:43: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABBEE37B438 for ; Wed, 27 Nov 2002 04:42:59 -0800 (PST) Received: from rockwelldatacorp.com (108.Red-80-33-216.pooles.rima-tde.net [80.33.216.108]) by mx1.FreeBSD.org (Postfix) with SMTP id DE86343E88 for ; Wed, 27 Nov 2002 04:42:57 -0800 (PST) (envelope-from j.schroeder@rockwelldatacorp.com) From: "J Schroeder" To: Subject: Urgent Unix Support Requirement for Frankfurt Mime-Version: 1.0 Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: 8bit Date: Wed, 27 Nov 2002 13:42:26 +0100 Reply-To: "J Schroeder" Message-Id: <20021127124257.DE86343E88@mx1.FreeBSD.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi. If any of you guys are looking (or know of anyone looking) for a new position in Frankfurt, I have a colleague looking for several Unix Support people there. Please drop me a mail if interested and I will forward details The rquirement involves: Knowledge of UNIX, SQL or programming languages, Standard Microsoft software, Native German speaker (also good knowledge of English) Best regards, J. Schroeder To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 8: 9:38 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 13EA837B401 for ; Wed, 27 Nov 2002 08:09:37 -0800 (PST) Received: from digitaldaemon.com (digitaldaemon.com [63.105.9.34]) by mx1.FreeBSD.org (Postfix) with SMTP id 3F51C43EBE for ; Wed, 27 Nov 2002 08:09:36 -0800 (PST) (envelope-from jan@digitaldaemon.com) Received: (qmail 8249 invoked from network); 27 Nov 2002 16:07:39 -0000 Received: from unknown (HELO digitaldaemon.com) (192.168.0.220) by digitaldaemon.com with SMTP; 27 Nov 2002 16:07:39 -0000 Message-ID: <3DE4EEF2.1000209@digitaldaemon.com> Date: Wed, 27 Nov 2002 11:12:34 -0500 From: Jan Knepper Organization: http://www.digitaldaemon.com/ User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.2a) Gecko/20020910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: FreeBSD Questions , FreeBSD ISP , firebird-announce@digitaldaemon.com, k7net@k7-net.net Subject: firebird-1.0.5 has been released. Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi! For those interested/using firebird, just released version 1.0.5! I did not make any changes to the FreeBSD, OpenBSD, NetBSD, Linux version. However, since (ignorant) Windows users seem to be bothered by messages boxed popping up the last couple of weeks I figured that since these are probably also the onces that keep Nimda going I might as well put something like that in firebird and give an intruder a message on their computer as soon as it hits. Unfortunately this is Windows functionality and I have not gotten into how to do this from non-Windows yet. Check: http://www.digitaldaemon.com/firebird/ for more information. Thanks! Jan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 11:56:14 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F70B37B401 for ; Wed, 27 Nov 2002 11:56:13 -0800 (PST) Received: from usenet.isot.com (usenet.isot.com [63.161.224.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA7F043E9C for ; Wed, 27 Nov 2002 11:56:12 -0800 (PST) (envelope-from freebsd@isot.com) Received: (from www@localhost) by usenet.isot.com (8.11.6/8.11.6) id gARK06026131 for FreeBSD-ISP@FreeBSD.ORG; Wed, 27 Nov 2002 14:00:06 -0600 (CST) (envelope-from freebsd@isot.com) X-Authentication-Warning: usenet.isot.com: www set sender to freebsd@isot.com using -f Received: from 63.161.238.1 ( [63.161.238.1]) as user freebsd@isot.com by webmail.isot.com with HTTP; Wed, 27 Nov 2002 14:00:06 -0600 Message-ID: <1038427206.3de5244617783@webmail.isot.com> Date: Wed, 27 Nov 2002 14:00:06 -0600 From: itchibahn To: FreeBSD ISP Subject: Fatal trap 12: page fault MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1-cvs X-Originating-IP: 63.161.238.1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Help. I'm trying to fresh install FreeBSD from floppy images. I'm installing on DFI motherboard w/ P4 1.7GHz, 3C905TX-A, 20GB IDE drive, and 512MB RAM. These 2 Kern and Root floppies worked fine on other machines but on this particular machine I get following error messages on Root floppy and then hangs: Fatal trap 12: page fault while in kernel mode fault virtual address = 0x30 fault code = supervisor read, page not present instruction pointer = 0x8:0xc02c5404 stack pointer = 0x10:0xc083ef58 frame pointer = 0x10:0xc083ef60 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, press 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = Idle interrupt mask = net tty bio cam trap number = 12 panic: page fault Uptime: 0s ------------------------------------------------- This mail sent through ISOT. To find out more about ISOT, visit http://isot.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 15:43:58 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7399337B401 for ; Wed, 27 Nov 2002 15:43:56 -0800 (PST) Received: from traven.uol.com.br (traven.uol.com.br [200.221.4.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 44F0643EB2 for ; Wed, 27 Nov 2002 15:43:54 -0800 (PST) (envelope-from antonio.torres@newspace.net.br) Received: from thinkpad.newspace.net.br ([200.221.55.15]) by traven.uol.com.br (8.9.1/8.9.1) with SMTP id VAA19873 for ; Wed, 27 Nov 2002 21:29:48 -0200 (BRST) Date: Wed, 27 Nov 2002 21:43:37 -0200 From: Antonio Torres To: FreeBSD-ISP@FreeBSD.ORG Subject: Re: Fatal trap 12: page fault Message-Id: <20021127214337.2e8d4fd7.antonio.torres@newspace.net.br> In-Reply-To: <1038427206.3de5244617783@webmail.isot.com> References: <1038427206.3de5244617783@webmail.isot.com> Organization: Newspace Telecom. X-Mailer: Sylpheed version 0.8.6 (GTK+ 1.2.10; i386-portbld-freebsd5.0) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, 27 Nov 2002 14:00:06 -0600 itchibahn wrote: > Help. I'm trying to fresh install FreeBSD from floppy images. I'm installing > on DFI motherboard w/ P4 1.7GHz, 3C905TX-A, 20GB IDE drive, and 512MB RAM. > These 2 Kern and Root floppies worked fine on other machines but on this > particular machine I get following error messages on Root floppy and then hangs: > > Fatal trap 12: page fault while in kernel mode .... > fault virtual address = 0x30 what version ? (4.7, 5.0?) Is the first S.O. install on this machine ? []s -- Antonio Torres antonio.torres@newspace.net.br To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 27 15:50:37 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 834CD37B401 for ; Wed, 27 Nov 2002 15:50:36 -0800 (PST) Received: from inet03.citec.qld.gov.au (inet03.citec.qld.gov.au [203.5.10.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA35143EAF for ; Wed, 27 Nov 2002 15:50:34 -0800 (PST) (envelope-from hawkie@powerup.com.au) Received: by inet03.citec.qld.gov.au; id gARNoSt80987; Thu, 28 Nov 2002 09:50:28 +1000 (EST) Received: from citecub.citec.qld.gov.au( 131.242.4.98) by inet03.citec.qld.gov.au via smap (V2.0) id xma080355; Thu, 28 Nov 02 09:50:04 +1000 Received: from guru.citec.qld.gov.au by citecub.citec.qld.gov.au (SMI-8.6/SMI-SVR4) id JAA00138; Thu, 28 Nov 2002 09:49:51 +1000 Received: from guru.citec.qld.gov.au (localhost.citec.qld.gov.au [127.0.0.1]) by guru.citec.qld.gov.au (Postfix) with SMTP id D2FC8D96A; Thu, 28 Nov 2002 09:49:50 +1000 (EST) Date: Thu, 28 Nov 2002 09:49:50 +1000 From: Colin Campbell To: itchibahn Cc: FreeBSD-ISP@FreeBSD.ORG Subject: Re: Fatal trap 12: page fault Message-Id: <20021128094950.0463ee6d.hawkie@powerup.com.au> In-Reply-To: <1038427206.3de5244617783@webmail.isot.com> References: <1038427206.3de5244617783@webmail.isot.com> Organization: None X-Mailer: Sylpheed version 0.8.6 (GTK+ 1.2.10; i386-unknown-freebsd4.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I'm guessing it's bad RAM. Is the 512MB in multiple sticks? If so try removing/swapping them around until you identify the bad one. On Wed, 27 Nov 2002 14:00:06-0600 itchibahn wrote: > Help. I'm trying to fresh install FreeBSD from floppy images. I'm installing > > on DFI motherboard w/ P4 1.7GHz, 3C905TX-A, 20GB IDE drive, and 512MB RAM. > These 2 Kern and Root floppies worked fine on other machines but on this > particular machine I get following error messages on Root floppy and then > hangs: > > Fatal trap 12: page fault while in kernel mode Colin -- Colin Campbell Unix Support/Postmaster/Hostmaster CITEC +61 7 3227 6334 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 12:31:37 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 97C2A37B401 for ; Thu, 28 Nov 2002 12:31:36 -0800 (PST) Received: from mx1.purplecat.net (mx1.purplecat.net [208.133.44.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id F1B2743E88 for ; Thu, 28 Nov 2002 12:31:35 -0800 (PST) (envelope-from peter@skyrunner.net) Received: (qmail 76488 invoked from network); 28 Nov 2002 20:31:42 -0000 Received: from unknown (HELO micron) (208.150.25.130) by mx1.skyrunner.net with SMTP; 28 Nov 2002 20:31:42 -0000 From: "Peter Brezny" To: Subject: Freebsd as vlan trunk controller. Date: Thu, 28 Nov 2002 15:31:34 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm looking for pointers/tips/stories on configuring freebsd for use as a vlan trunk controller for connecting to a cisco 2624 switch. Any pointers to docs/how to's or personal experience is appreciated. TIA Peter Brezny Skyrunner.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 17:23:32 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E3BA37B404 for ; Thu, 28 Nov 2002 17:23:31 -0800 (PST) Received: from zephir.primus.ca (mail.tor.primus.ca [216.254.136.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C33AB43E4A for ; Thu, 28 Nov 2002 17:23:30 -0800 (PST) (envelope-from leth@primus.ca) Received: from dialin-156-109.tor.primus.ca ([216.254.156.109]) by zephir.primus.ca with esmtp (Exim 3.33 #16) id 18HZsI-0005Ov-0A; Thu, 28 Nov 2002 20:23:22 -0500 Date: Thu, 28 Nov 2002 20:23:23 -0500 (EST) From: Jason Hunt X-X-Sender: leth@lethargic.dyndns.org To: Peter Brezny Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Freebsd as vlan trunk controller. In-Reply-To: Message-ID: <20021128195559.I82419-100000@lethargic.dyndns.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 28 Nov 2002, Peter Brezny wrote: > I'm looking for pointers/tips/stories on configuring freebsd for use as a > vlan trunk controller for connecting to a cisco 2624 switch. > > Any pointers to docs/how to's or personal experience is appreciated. > Are you referring to the VLAN Trunking Protocol? If so, then from what I can tell, the 2624 does not support VTP. It doesn't even seem to support actual VLAN tagging. (And, if it supports one it should support the other.) Instead, this switch just allows you to create multiple broadcast domains within itself, not actual VLANs. Also, I think you might be referring to doing a "router on a stick" configuration. That is, every VLAN can talk to a single port. This requires the NIC support either ISL (Inter-Switch Links) or 802.1Q trunking. As far as that goes, I've not looked into anything like that before. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 18:18:50 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8BAEF37B401 for ; Thu, 28 Nov 2002 18:18:49 -0800 (PST) Received: from mordrede.visionsix.com (mordrede.visionsix.com [65.202.119.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F58C43E4A for ; Thu, 28 Nov 2002 18:18:45 -0800 (PST) (envelope-from lists@visionsix.com) Received: from yogi (unverified [65.202.119.169]) by mordrede.visionsix.com (Vircom SMTPRS 1.4.232) with SMTP id for ; Thu, 28 Nov 2002 20:18:39 -0600 Message-ID: <000f01c2974d$2a36b6e0$a977ca41@yogi> From: "Lewis Watson" To: Subject: Routing with BSD Question Date: Thu, 28 Nov 2002 20:15:19 -0600 MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I am currently trying to add another /24 network to my existing network with a FreeBSD machine as the gateway to it. Currently, I have a /24 network connected to the Internet w/ a cisco router. I have specified to the cisco router that the new /24 network is connected to 192.168.0.14, which is the external ip address of the bsd gateway machine. The internal ip address for that machine is 192.168.1.1. which is what I have specified to all systems as the gateway on the new network. I thought I had everything exactly the way it should be, except that specifically my Linux machines on the old network cannot find the new network at all. My windows machines on the old network can find the new network. The bsd machines on the old network can find the new network. Other non-Linux machines on the Internet can find the new network. The machines on the new network can find everything but the linux machines on the old network. It appears that only Linux machines cannot figure out where the new network is and I am not so sure that I have set up the bsd gateway properly. Can someone please tell me what I need other than to specify enable_gateway="YES". I have tried enable_firewall="YES" and set it to "open" but yet I still am having these problems. What do I need to add here to get this going? Thanks. Lewis To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 19:35:57 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4597E37B401 for ; Thu, 28 Nov 2002 19:35:54 -0800 (PST) Received: from mx1.purplecat.net (mx1.purplecat.net [208.133.44.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98FED43E9C for ; Thu, 28 Nov 2002 19:35:53 -0800 (PST) (envelope-from peter@skyrunner.net) Received: (qmail 4585 invoked from network); 29 Nov 2002 03:35:59 -0000 Received: from unknown (HELO micron) (208.150.25.130) by mx1.skyrunner.net with SMTP; 29 Nov 2002 03:35:59 -0000 From: "Peter Brezny" To: "Jason Hunt" Cc: Subject: RE: Freebsd as vlan trunk controller. Date: Thu, 28 Nov 2002 22:35:50 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <20021128195559.I82419-100000@lethargic.dyndns.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Jason, I had a typo, it's a 2924m-xl Thanks for the tips however... My main problem here is that I don't really know what I'm talking about. I'm just now looking into configuring vlans with freebsd and literally know very little more than about a half hours flip through the man pages. I want a freebsd box with 2 fast Ethernet adapters to act as a router, and instead of putting several multiport cards into that box, I want one of the fast Ethernet adapters to go into a switch, which will have vlans. I want the bsd system to send the traffic to the appropriate vlan, so that if I desire, I could have the equivalent of 24 nic's in one freebsd box. I believe what I am after is something that can handle the 802.1q Any help on clearing up terminology and pointers to good hardware to use, whether or not this Cisco 2924m-xl or another Cisco 1900. I've got a lot of reading to do, i've only scraped the tip of the iceburg. Any tips would be appreciated. Peter Brezny Skyrunner.net -----Original Message----- From: Jason Hunt [mailto:leth@primus.ca] Sent: Thursday, November 28, 2002 8:23 PM To: Peter Brezny Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Freebsd as vlan trunk controller. On Thu, 28 Nov 2002, Peter Brezny wrote: > I'm looking for pointers/tips/stories on configuring freebsd for use as a > vlan trunk controller for connecting to a cisco 2624 switch. > > Any pointers to docs/how to's or personal experience is appreciated. > Are you referring to the VLAN Trunking Protocol? If so, then from what I can tell, the 2624 does not support VTP. It doesn't even seem to support actual VLAN tagging. (And, if it supports one it should support the other.) Instead, this switch just allows you to create multiple broadcast domains within itself, not actual VLANs. Also, I think you might be referring to doing a "router on a stick" configuration. That is, every VLAN can talk to a single port. This requires the NIC support either ISL (Inter-Switch Links) or 802.1Q trunking. As far as that goes, I've not looked into anything like that before. -----Original Message----- From: Jason Hunt [mailto:leth@primus.ca] Sent: Thursday, November 28, 2002 8:23 PM To: Peter Brezny Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Freebsd as vlan trunk controller. On Thu, 28 Nov 2002, Peter Brezny wrote: > I'm looking for pointers/tips/stories on configuring freebsd for use as a > vlan trunk controller for connecting to a cisco 2624 switch. > > Any pointers to docs/how to's or personal experience is appreciated. > Are you referring to the VLAN Trunking Protocol? If so, then from what I can tell, the 2624 does not support VTP. It doesn't even seem to support actual VLAN tagging. (And, if it supports one it should support the other.) Instead, this switch just allows you to create multiple broadcast domains within itself, not actual VLANs. Also, I think you might be referring to doing a "router on a stick" configuration. That is, every VLAN can talk to a single port. This requires the NIC support either ISL (Inter-Switch Links) or 802.1Q trunking. As far as that goes, I've not looked into anything like that before. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 20:57:20 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C9AC37B401 for ; Thu, 28 Nov 2002 20:57:17 -0800 (PST) Received: from seahorse.island.net.au (seahorse.island.net.au [203.28.142.35]) by mx1.FreeBSD.org (Postfix) with ESMTP id E167643EB2 for ; Thu, 28 Nov 2002 20:57:15 -0800 (PST) (envelope-from hugh@island.net.au) Received: from r2d2 (rc.island.net.au [203.28.142.167]) by seahorse.island.net.au (8.11.3/8.11.3) with SMTP id gAT4ute93961; Fri, 29 Nov 2002 15:56:55 +1100 (EST) (envelope-from hugh@island.net.au) Message-ID: <007b01c29763$8b1a2c60$0ddea8c0@island.net.au> From: "Hugh Blandford" To: "Peter Brezny" , "Jason Hunt" Cc: References: Subject: Re: Freebsd as vlan trunk controller. Date: Fri, 29 Nov 2002 15:55:27 +1100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi Peter, well hopefully this will be helpful. Yes FreeBSD will be able to handle this. You will definately be looking to use 802.1q as ISL is a Cisco proprietary standard and requires special hardware. The 2924 will do this and 802.1q depending upon the software version.... Doing VLAN trunking you will tell the switch which VLANs you want sent to the port the FreeBSD computer is on (this might be all of them). At the trunk end (FreeBSD computer) you will have a NIC. This will be the parent (will not have an IP address) and for each VLAN that you want to connect to define a what is known as a sub-interface or a cloned interface. On the interface front I believe that the fxp driver is supposed to be the best for most things. man vlan man ifconfig contain a lot of info for what you are trying to do, also there is a nice article here: http://www.arved.de/bsd/vlan_en.html that should hopefully sort out all the syntax for you. Regards, Hugh ----- Original Message ----- From: "Peter Brezny" To: "Jason Hunt" Cc: Sent: Friday, November 29, 2002 2:35 PM Subject: RE: Freebsd as vlan trunk controller. > Jason, > I had a typo, it's a 2924m-xl > > Thanks for the tips however... > > My main problem here is that I don't really know what I'm talking about. > I'm just now looking into configuring vlans with freebsd and literally know > very little more than about a half hours flip through the man pages. > > I want a freebsd box with 2 fast Ethernet adapters to act as a router, and > instead of putting several multiport cards into that box, I want one of the > fast Ethernet adapters to go into a switch, which will have vlans. I want > the bsd system to send the traffic to the appropriate vlan, so that if I > desire, I could have the equivalent of 24 nic's in one freebsd box. > > I believe what I am after is something that can handle the 802.1q > > Any help on clearing up terminology and pointers to good hardware to use, > whether or not this Cisco 2924m-xl or another Cisco 1900. > > I've got a lot of reading to do, i've only scraped the tip of the iceburg. > Any tips would be appreciated. > > > Peter Brezny > Skyrunner.net > > > -----Original Message----- > From: Jason Hunt [mailto:leth@primus.ca] > Sent: Thursday, November 28, 2002 8:23 PM > To: Peter Brezny > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: Freebsd as vlan trunk controller. > > > On Thu, 28 Nov 2002, Peter Brezny wrote: > > > I'm looking for pointers/tips/stories on configuring freebsd for use as a > > vlan trunk controller for connecting to a cisco 2624 switch. > > > > Any pointers to docs/how to's or personal experience is appreciated. > > > > Are you referring to the VLAN Trunking Protocol? If so, then from what I > can tell, the 2624 does not support VTP. It doesn't even seem to support > actual VLAN tagging. (And, if it supports one it should support the > other.) Instead, this switch just allows you to create multiple broadcast > domains within itself, not actual VLANs. > > Also, I think you might be referring to doing a "router on a stick" > configuration. That is, every VLAN can talk to a single port. This > requires the NIC support either ISL (Inter-Switch Links) or 802.1Q > trunking. As far as that goes, I've not looked into anything like that > before. > > > -----Original Message----- > From: Jason Hunt [mailto:leth@primus.ca] > Sent: Thursday, November 28, 2002 8:23 PM > To: Peter Brezny > Cc: freebsd-isp@FreeBSD.ORG > Subject: Re: Freebsd as vlan trunk controller. > > > On Thu, 28 Nov 2002, Peter Brezny wrote: > > > I'm looking for pointers/tips/stories on configuring freebsd for use as a > > vlan trunk controller for connecting to a cisco 2624 switch. > > > > Any pointers to docs/how to's or personal experience is appreciated. > > > > Are you referring to the VLAN Trunking Protocol? If so, then from what I > can tell, the 2624 does not support VTP. It doesn't even seem to support > actual VLAN tagging. (And, if it supports one it should support the > other.) Instead, this switch just allows you to create multiple broadcast > domains within itself, not actual VLANs. > > Also, I think you might be referring to doing a "router on a stick" > configuration. That is, every VLAN can talk to a single port. This > requires the NIC support either ISL (Inter-Switch Links) or 802.1Q > trunking. As far as that goes, I've not looked into anything like that > before. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 21:17:23 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF89937B404 for ; Thu, 28 Nov 2002 21:17:22 -0800 (PST) Received: from ws1-9.us4.outblaze.com (205-158-62-37.outblaze.com [205.158.62.37]) by mx1.FreeBSD.org (Postfix) with SMTP id C638C43E4A for ; Thu, 28 Nov 2002 21:17:21 -0800 (PST) (envelope-from berez@techie.com) Received: (qmail 52168 invoked by uid 1001); 29 Nov 2002 05:17:21 -0000 Message-ID: <20021129051721.52167.qmail@mail.com> Content-Type: text/plain; charset="iso-8859-1" Content-Disposition: inline Content-Transfer-Encoding: 7bit MIME-Version: 1.0 X-Mailer: MIME-tools 5.41 (Entity 5.404) Received: from [12.164.45.65] by ws1-9.us4.outblaze.com with http for berez@techie.com; Fri, 29 Nov 2002 00:17:21 -0500 From: "Ber Ez" To: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org Date: Fri, 29 Nov 2002 00:17:21 -0500 Subject: Mail Server Advice X-Originating-Ip: 12.164.45.65 X-Originating-Server: ws1-9.us4.outblaze.com Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi to all, I need to build a mail server , I have won the battle of weather to use FreeBSD or Linux or M$ . now i'm facing a new battle ,postfix vs qmail. I need your advice . which of the two would be faster on freebsd ? any optimaization tips ? the system will handle a few mailing lists of 30,000+ subscribers ( news letters ,not a discussion list ) and over 20,000 users. I am thinking of load balancing this between three servers and am looking for info on that as well. thanks Ber . -- __________________________________________________________ Sign-up for your own FREE Personalized E-mail at Mail.com http://www.mail.com/?sr=signup One click access to the Top Search Engines http://www.exactsearchbar.com/mailcom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 28 21:24: 9 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5A10A37B404 for ; Thu, 28 Nov 2002 21:24:08 -0800 (PST) Received: from ns3.unixmexico.net (ns3.unixmexico.net [64.141.69.184]) by mx1.FreeBSD.org (Postfix) with SMTP id 559F543E4A for ; Thu, 28 Nov 2002 21:24:07 -0800 (PST) (envelope-from nbari@unixmexico.com) Received: (qmail 45655 invoked by uid 85); 29 Nov 2002 05:24:14 -0000 Received: from nbari@unixmexico.com by ns3.unixmexico.net by uid 82 with qmail-scanner-1.15 (hbedv: 6.16.0.0/6.16.0.17. Clear:. Processed in 0.208066 secs); 29 Nov 2002 05:24:14 -0000 Received: from unknown (HELO unixmexico.com) (127.0.0.1) by localhost.unixmexico.net with SMTP; 29 Nov 2002 05:24:14 -0000 Received: from 148.243.211.6 (SquirrelMail authenticated user nbari@unixmexico.com) by mail.unixmexico.com with HTTP; Thu, 28 Nov 2002 23:24:14 -0600 (CST) Message-ID: <33462.148.243.211.6.1038547454.squirrel@mail.unixmexico.com> Date: Thu, 28 Nov 2002 23:24:14 -0600 (CST) Subject: Re: Mail Server Advice From: To: In-Reply-To: <20021129051721.52167.qmail@mail.com> References: <20021129051721.52167.qmail@mail.com> X-Priority: 3 Importance: Normal Cc: , X-Mailer: SquirrelMail (version 1.2.9) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org qmail + vpopmail is a good idea if you want some virtual host too > Hi to all, > I need to build a mail server , I have won the battle of weather to use > FreeBSD or Linux or M$ . now i'm facing a new battle ,postfix vs qmail. > I need your advice . > which of the two would be faster on freebsd ? > any optimaization tips ? > the system will handle a few mailing lists of 30,000+ subscribers ( news > letters ,not a discussion list ) and over 20,000 users. I am thinking of > load balancing this between three servers and am looking for info on > that as well. thanks > Ber . > -- > __________________________________________________________ > Sign-up for your own FREE Personalized E-mail at Mail.com > http://www.mail.com/?sr=signup > > One click access to the Top Search Engines > http://www.exactsearchbar.com/mailcom > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 0:10: 5 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A6B6237B401 for ; Fri, 29 Nov 2002 00:10:04 -0800 (PST) Received: from usenet.isot.com (usenet.isot.com [63.161.224.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id DC71A43EC2 for ; Fri, 29 Nov 2002 00:10:03 -0800 (PST) (envelope-from freebsd@isot.com) Received: (from www@localhost) by usenet.isot.com (8.11.6/8.11.6) id gAT8DuG28898 for freebsd-isp@FreeBSD.ORG; Fri, 29 Nov 2002 02:13:56 -0600 (CST) (envelope-from freebsd@isot.com) X-Authentication-Warning: usenet.isot.com: www set sender to freebsd@isot.com using -f Received: from 66.196.2.71 ( [66.196.2.71]) as user freebsd@isot.com by webmail.isot.com with HTTP; Fri, 29 Nov 2002 02:13:55 -0600 Message-ID: <1038557635.3de721c3b24f7@webmail.isot.com> Date: Fri, 29 Nov 2002 02:13:55 -0600 From: itchibahn To: freebsd-isp@FreeBSD.ORG Subject: DNS changes not take effect MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.1-cvs X-Originating-IP: 66.196.2.71 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm using FreeBSD 4.6.2 and BIND 9.2.1. Whenever I add a record, the reverse resolves fine, but the forward does not on the host. It's like the cache is not being refreshed, after restarting the 'named' or restarting the entire server. But then, why does it resolve fine on reverse but not forward? ------------------------------------------------- This mail sent through ISOT. To find out more about ISOT, visit http://isot.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 0:32:26 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 042AA37B401 for ; Fri, 29 Nov 2002 00:32:26 -0800 (PST) Received: from blue.centerone.com (blue.centerone.com [204.133.183.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8873D43E4A for ; Fri, 29 Nov 2002 00:32:25 -0800 (PST) (envelope-from rf-list@centerone.com) Received: from DELIVERANCE-XP.centerone.com (hs5-ifw.wiaas.org [65.102.239.61]) by blue.centerone.com (8.9.3/8.9.3) with ESMTP id BAA14689; Fri, 29 Nov 2002 01:50:57 -0700 Message-Id: <5.1.0.14.2.20021129013152.01915570@mail.centerone.com> X-Sender: rf-list@mail.centerone.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Fri, 29 Nov 2002 01:32:10 -0700 To: itchibahn , freebsd-isp@FreeBSD.ORG From: Ralph Forsythe Subject: Re: DNS changes not take effect In-Reply-To: <1038557635.3de721c3b24f7@webmail.isot.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org You increasing the serial on the zone file? At 02:13 AM 11/29/2002 -0600, itchibahn wrote: >I'm using FreeBSD 4.6.2 and BIND 9.2.1. > >Whenever I add a record, the reverse resolves fine, but the forward does >not on >the host. It's like the cache is not being refreshed, after restarting >the 'named' or restarting the entire server. > >But then, why does it resolve fine on reverse but not forward? > >------------------------------------------------- >This mail sent through ISOT. To find out more >about ISOT, visit http://isot.com > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 2:22:53 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3278237B401 for ; Fri, 29 Nov 2002 02:22:52 -0800 (PST) Received: from lbs.tik.net.ua (lbs.tik.net.ua [212.42.86.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C93343E4A for ; Fri, 29 Nov 2002 02:22:50 -0800 (PST) (envelope-from erlis@lbs.tik.net.ua) Received: from lbs.tik.net.ua (localhost [127.0.0.1]) by lbs.tik.net.ua (8.12.6/8.12.6) with ESMTP id gATAMhPA093659 for ; Fri, 29 Nov 2002 12:22:43 +0200 (EET) (envelope-from erlis@lbs.tik.net.ua) Received: (from erlis@localhost) by lbs.tik.net.ua (8.12.6/8.12.6/Submit) id gATAMgie093658 for freebsd-isp@freebsd.org; Fri, 29 Nov 2002 12:22:42 +0200 (EET) Date: Fri, 29 Nov 2002 12:22:42 +0200 From: Andrew Scherbachenko To: freebsd-isp@freebsd.org Subject: standalone pop3 daemon Message-ID: <20021129102242.GB91480@engineer.com> Reply-To: erlis@engineer.com Mail-Followup-To: freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5I6of5zJg18YgZEa" Content-Disposition: inline User-Agent: Mutt/1.3.99i Organization: Teleinform-Krym, Simferopol, Crimea, Ukraine Rank: System Administrator X-Operating-System: FreeBSD Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --5I6of5zJg18YgZEa Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Qpopper can work with LDAP via PAM but it require fake records in /etc/master.passwd 8-( Does anyone know subj that can work with LDAP without any additional requirements like records in /etc/master.passwd or so? --=20 Sincerely yours, Andrew Scherbachenko. ISP Teleinform-Krym Phones: +380-652- 486191,518690,518692,518693 Simferopol, Crimea,= Ukraine ICQ#: 58539719, mailto: erlis@tik.com.ua Web: http://tik.com= .ua/ --5I6of5zJg18YgZEa Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE95z/ybic93/Asz7URAuWCAJsG9TwsfiiRmHS+hR1FJ6zyTwZ5/ACaAgKV ktVvOaZAD99GJBv9ZJbub1E= =OlPN -----END PGP SIGNATURE----- --5I6of5zJg18YgZEa-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 5: 1:14 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9EE6737B401 for ; Fri, 29 Nov 2002 05:01:10 -0800 (PST) Received: from smtp2.sentex.ca (smtp2.sentex.ca [199.212.134.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id 00DA243E4A for ; Fri, 29 Nov 2002 05:01:10 -0800 (PST) (envelope-from mike@sentex.net) Received: from house (cage.simianscience.com [64.7.134.1]) by smtp2.sentex.ca (8.12.6/8.12.6) with SMTP id gATD13oJ054013; Fri, 29 Nov 2002 08:01:03 -0500 (EST) (envelope-from mike@sentex.net) From: Mike Tancsa To: "Peter Brezny" Cc: freebsd-isp@freebsd.org Subject: Re: Freebsd as vlan trunk controller. Date: Fri, 29 Nov 2002 08:01:10 -0500 Message-ID: References: <20021128195559.I82419-100000@lethargic.dyndns.org> In-Reply-To: X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org There have been many examples of this posted to the various FreeBSD = lists. a quick search via google groups should bring up further examples and discussions. While other cards supposedly work, I only have experience with the fxp (intel) cards. e.g. on the cisco side, interface FastEthernet0/2 description accounting network duplex full speed 100 switchport access vlan 151 no cdp enable interface FastEthernet0/3 description the 192.168.135.0/24 network duplex full speed 100 switchport access vlan 100 no cdp enable interface FastEthernet0/4 description trunk to my FreeBSD box duplex full speed 100 switchport trunk encapsulation dot1q switchport trunk allowed vlan 1,80,81,92,95,98,100,102-160,1000-1005 switchport mode trunk no cdp enable On the FreeBSD side fxp0 is plugged into fa0/4 #10.255.255.254 is an address not used anywhere in our network ifconfig fxp0 10.255.255.254 netmask 255.255.255.255 media 100baseTX mediaopt full-duplex #this will join the vlan/collision domain on port fa0/3 /sbin/ifconfig vlan0 192.168.135.202 netmask 255.255.255.240 vlan 100 vlandev fxp0 mtu 1500 up #if we defined only 1 vlan in the kernel, lets clone/create a new #interface via the create command #join the accounting vlan on fa0/2 ifconfig vlan1 create /sbin/ifconfig vlan1 192.168.199.1 netmask 255.255.255.240 vlan 151 = vlandev fxp0 mtu 1500 up ---Mike On Thu, 28 Nov 2002 22:35:50 -0500, in sentex.lists.freebsd.isp you = wrote: >Jason, >I had a typo, it's a 2924m-xl > >Thanks for the tips however... > >My main problem here is that I don't really know what I'm talking about. >I'm just now looking into configuring vlans with freebsd and literally = know >very little more than about a half hours flip through the man pages. > >I want a freebsd box with 2 fast Ethernet adapters to act as a router, = and >instead of putting several multiport cards into that box, I want one of = the >fast Ethernet adapters to go into a switch, which will have vlans. I = want >the bsd system to send the traffic to the appropriate vlan, so that if I >desire, I could have the equivalent of 24 nic's in one freebsd box. > >I believe what I am after is something that can handle the 802.1q > >Any help on clearing up terminology and pointers to good hardware to = use, >whether or not this Cisco 2924m-xl or another Cisco 1900. > >I've got a lot of reading to do, i've only scraped the tip of the = iceburg. >Any tips would be appreciated. > > >Peter Brezny >Skyrunner.net > > >-----Original Message----- >From: Jason Hunt [mailto:leth@primus.ca] >Sent: Thursday, November 28, 2002 8:23 PM >To: Peter Brezny >Cc: freebsd-isp@FreeBSD.ORG >Subject: Re: Freebsd as vlan trunk controller. > > >On Thu, 28 Nov 2002, Peter Brezny wrote: > >> I'm looking for pointers/tips/stories on configuring freebsd for use = as a >> vlan trunk controller for connecting to a cisco 2624 switch. >> >> Any pointers to docs/how to's or personal experience is appreciated. >> > >Are you referring to the VLAN Trunking Protocol? If so, then from what = I >can tell, the 2624 does not support VTP. It doesn't even seem to = support >actual VLAN tagging. (And, if it supports one it should support the >other.) Instead, this switch just allows you to create multiple = broadcast >domains within itself, not actual VLANs. > >Also, I think you might be referring to doing a "router on a stick" >configuration. That is, every VLAN can talk to a single port. This >requires the NIC support either ISL (Inter-Switch Links) or 802.1Q >trunking. As far as that goes, I've not looked into anything like that >before. > > >-----Original Message----- >From: Jason Hunt [mailto:leth@primus.ca] >Sent: Thursday, November 28, 2002 8:23 PM >To: Peter Brezny >Cc: freebsd-isp@FreeBSD.ORG >Subject: Re: Freebsd as vlan trunk controller. > > >On Thu, 28 Nov 2002, Peter Brezny wrote: > >> I'm looking for pointers/tips/stories on configuring freebsd for use = as a >> vlan trunk controller for connecting to a cisco 2624 switch. >> >> Any pointers to docs/how to's or personal experience is appreciated. >> > >Are you referring to the VLAN Trunking Protocol? If so, then from what = I >can tell, the 2624 does not support VTP. It doesn't even seem to = support >actual VLAN tagging. (And, if it supports one it should support the >other.) Instead, this switch just allows you to create multiple = broadcast >domains within itself, not actual VLANs. > >Also, I think you might be referring to doing a "router on a stick" >configuration. That is, every VLAN can talk to a single port. This >requires the NIC support either ISL (Inter-Switch Links) or 802.1Q >trunking. As far as that goes, I've not looked into anything like that >before. > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message Mike Tancsa (mike@sentex.net)=09 http://www.sentex.net/mike To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 6: 7:36 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4907837B404 for ; Fri, 29 Nov 2002 06:07:34 -0800 (PST) Received: from scan.pnc.com.au (scan.pnc.com.au [203.13.174.123]) by mx1.FreeBSD.org (Postfix) with SMTP id F13FC43EC2 for ; Fri, 29 Nov 2002 06:07:32 -0800 (PST) (envelope-from peterh@ripewithdecay.com) Received: (qmail 24331 invoked by uid 84); 30 Nov 2002 01:17:47 +1100 Received: from unknown (HELO dialup-24.128.221.203.acc02-high-pen.comindico.com.au) (203.13.174.1) by scan.pnc.com.au with SMTP; 30 Nov 2002 01:17:45 +1100 Date: Fri, 29 Nov 2002 14:07:12 +0000 (GMT) From: Peter Hoskin X-X-Sender: peterh@extortion.peterh.dropbear.id.au To: nbari@unixmexico.com Cc: berez@techie.com, , Subject: Re: Mail Server Advice In-Reply-To: <33462.148.243.211.6.1038547454.squirrel@mail.unixmexico.com> Message-ID: <20021129140654.F381-100000@extortion.peterh.dropbear.id.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org postfix on freebsd is apparently more efficient than qmail, though. Regards, Peter Hoskin On Thu, 28 Nov 2002 nbari@unixmexico.com wrote: > Date: Thu, 28 Nov 2002 23:24:14 -0600 (CST) > From: nbari@unixmexico.com > To: berez@techie.com > Cc: freebsd-questions@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG > Subject: Re: Mail Server Advice > > qmail + vpopmail is a good idea if you want some virtual host too > > > Hi to all, > > I need to build a mail server , I have won the battle of weather to use > > FreeBSD or Linux or M$ . now i'm facing a new battle ,postfix vs qmail. > > I need your advice . > > which of the two would be faster on freebsd ? > > any optimaization tips ? > > the system will handle a few mailing lists of 30,000+ subscribers ( news > > letters ,not a discussion list ) and over 20,000 users. I am thinking of > > load balancing this between three servers and am looking for info on > > that as well. thanks > > Ber . > > -- > > __________________________________________________________ > > Sign-up for your own FREE Personalized E-mail at Mail.com > > http://www.mail.com/?sr=signup > > > > One click access to the Top Search Engines > > http://www.exactsearchbar.com/mailcom > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 6:38:17 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8908537B401 for ; Fri, 29 Nov 2002 06:38:15 -0800 (PST) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2500C43EB2 for ; Fri, 29 Nov 2002 06:38:13 -0800 (PST) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com (Exim 4.10.11 #2 (FreeBSD)) protocol: local id 18HmGH-0005Ix-00 ; Fri, 29 Nov 2002 17:36:57 +0300 Date: Fri, 29 Nov 2002 17:36:57 +0300 From: Odhiambo Washington To: Andrew Scherbachenko Cc: FBSD-ISP Subject: Re: standalone pop3 daemon Message-ID: <20021129143657.GB7875@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Andrew Scherbachenko , FBSD-ISP References: <20021129102242.GB91480@engineer.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH" Content-Disposition: inline In-Reply-To: <20021129102242.GB91480@engineer.com> User-Agent: Mutt/1.4i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: Xerox does it again and again and again and ... X-Operating-System: FreeBSD 4.7-STABLE i386 X-Best-Window-Manager: Blackbox X-Mailer: Mutt 1.4i (2002-05-29) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 5:36PM up 9 days, 8:30, 3 users, load averages: 0.29, 0.40, 0.44 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --7JfCtLOvnd9MIVvH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Andrew Scherbachenko [20021129 13:22]: wrote: > Qpopper can work with LDAP via PAM but it require fake records in > /etc/master.passwd 8-( > Does anyone know subj that can work with LDAP without any additional > requirements like records in /etc/master.passwd or so? Yes, I do. ;-) http://www.ex-parrot.com/~chris/tpop3d/ -Wash --=20 Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: +254 2 313985-9 +254 2 313922 so I installed FreeBSD." =20 GSM: +254 72 743223 +254 733 744121 This sig is McQ! :-) Reality is for people who lack imagination. --7JfCtLOvnd9MIVvH Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE953uJn7LIsuxjem8RAupeAJ9rAv3rYJkeKT1bfrRX8BX3RSL6+wCgmLj7 Q3IPrG2xxPBnn79eD6vDcLE= =3L7I -----END PGP SIGNATURE----- --7JfCtLOvnd9MIVvH-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 6:40:16 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 833D537B401; Fri, 29 Nov 2002 06:40:15 -0800 (PST) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id F1E1943EAF; Fri, 29 Nov 2002 06:40:13 -0800 (PST) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com (Exim 4.10.11 #2 (FreeBSD)) protocol: local id 18HmIK-0005hp-00 ; Fri, 29 Nov 2002 17:39:04 +0300 Date: Fri, 29 Nov 2002 17:39:04 +0300 From: Odhiambo Washington To: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org Cc: berez@techie.com Subject: Re: Mail Server Advice Message-ID: <20021129143904.GC7875@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , freebsd-questions@freebsd.org, freebsd-isp@freebsd.org, berez@techie.com References: <20021129051721.52167.qmail@mail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021129051721.52167.qmail@mail.com> User-Agent: Mutt/1.4i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: Xerox does it again and again and again and ... X-Operating-System: FreeBSD 4.7-STABLE i386 X-Best-Window-Manager: Blackbox X-Mailer: Mutt 1.4i (2002-05-29) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 5:38PM up 9 days, 8:32, 3 users, load averages: 0.70, 0.50, 0.47 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Ber Ez [20021129 08:16]: wrote: > Hi to all, > I need to build a mail server , I have won the battle of weather to use FreeBSD or Linux or M$ . > now i'm facing a new battle ,postfix vs qmail. > I need your advice . > which of the two would be faster on freebsd ? > any optimaization tips ? > the system will handle a few mailing lists of 30,000+ subscribers ( news letters ,not a discussion list ) > and over 20,000 users. > I am thinking of load balancing this between three servers and am looking for info on that as well. > thanks Exim (www.exim.org) + Mailman (www.list.org) -Wash -- Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: +254 2 313985-9 +254 2 313922 so I installed FreeBSD." GSM: +254 72 743223 +254 733 744121 This sig is McQ! :-) New members urgently required for SUICIDE CLUB, Watford area. -- Monty Python's Big Red Book To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 8:55:29 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADD1437B401 for ; Fri, 29 Nov 2002 08:55:25 -0800 (PST) Received: from fork.computel.sk (fork.computel.sk [195.28.96.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 069BB43EBE for ; Fri, 29 Nov 2002 08:55:21 -0800 (PST) (envelope-from lk@tempest.sk) Received: from lk.tempest.sk (lk.tempest.sk [195.28.100.47]) by fork.computel.sk with ESMTP id gATGt4K28243; Fri, 29 Nov 2002 17:55:04 +0100 Received: from lk.tempest.sk (localhost [127.0.0.1]) by lk.tempest.sk (8.12.5/8.12.5) with ESMTP id gATGswWJ094661; Fri, 29 Nov 2002 17:54:58 +0100 (CET) (envelope-from koren@lk.tempest.sk) Received: (from koren@localhost) by lk.tempest.sk (8.12.5/8.12.5/Submit) id gATGsw4F094658; Fri, 29 Nov 2002 17:54:58 +0100 (CET) Date: Fri, 29 Nov 2002 17:54:58 +0100 (CET) Message-Id: <200211291654.gATGsw4F094658@lk.tempest.sk> From: Ludo Koren To: erlis@engineer.com Cc: freebsd-isp@FreeBSD.ORG In-reply-to: <20021129102242.GB91480@engineer.com> (message from Andrew Scherbachenko on Fri, 29 Nov 2002 12:22:42 +0200) Subject: Re: standalone pop3 daemon Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > Qpopper can work with LDAP via PAM but it require fake records > in /etc/master.passwd 8-( Does anyone know subj that can work > with LDAP without any additional requirements like records in > /etc/master.passwd or so? I did it a while ago. Try to apply the following patches. I assume, you have sources of sendmail in /usr/src/contrib/sendmail and sendmail library in /usr/obj/usr/src/lib/libsm. Regards, ludo *** Makefile.patched Thu Oct 17 12:20:46 2002 --- Makefile Thu Oct 17 11:56:39 2002 *************** *** 151,157 **** ${common_dir}/string_util.h ! CFLAGS = -O -pipe -freg-struct-return CDEFS = OS_DEFS = -DSETPROCTITLE -DFREEBSD -DUNIX DEFS = -DHAVE_CONFIG_H --- 151,157 ---- ${common_dir}/string_util.h ! CFLAGS = -O -pipe -freg-struct-return -I/usr/src/contrib/sendmail/include -I/usr/obj/usr/src/lib/libsm CDEFS = OS_DEFS = -DSETPROCTITLE -DFREEBSD -DUNIX DEFS = -DHAVE_CONFIG_H *************** *** 161,167 **** NETWORK_LIBS = KERBEROS_LIBS = DBM_LIBS = ! LIBS = -lmd -lutil -L/usr/local/lib -lpam -L/usr/lib -lssl -lcrypto AR_FLAG = -r RANLIB_CMD = --- 161,167 ---- NETWORK_LIBS = KERBEROS_LIBS = DBM_LIBS = ! LIBS = -lmd -lutil -L/usr/local/lib -lpam -L/usr/lib -lssl -lcrypto /usr/obj/usr/src/lib/libsm/libsm.a -lldap -llber AR_FLAG = -r RANLIB_CMD = ------------------ cut here ---------------------------------- *** pop_pass.c.patched Thu Oct 17 10:54:32 2002 --- pop_pass.c Thu Oct 17 12:09:06 2002 *************** *** 135,140 **** --- 135,141 ---- #endif /* KERBEROS */ #include "snprintf.h" + #include #define SLEEP_SECONDS 10 *************** *** 440,445 **** --- 441,447 ---- int pamerror = 0; int erc = 0; const char *errmsg = NULL; + SM_MBDB_T user; /* * Let conv function access POP structure *************** *** 479,484 **** --- 481,492 ---- return ( pop_msg ( p, POP_FAILURE, HERE, GP_ERRSTRING, p->user, errmsg, erc ) ); } + sm_mbdb_initialize ("ldap"); + sm_mbdb_lookup ( p->user, &user ); + (&p->pw)->pw_name = strdup ( p->user ); + (&p->pw)->pw_uid = user.mbdb_uid; + (&p->pw)->pw_gid = user.mbdb_gid; + sm_mbdb_terminate (); pamerror = pam_acct_mgmt ( pamh, 0 ); DEBUG_LOG1 ( p, "pam_acct_mgmt returned %i", pamerror ); if ( pamerror != PAM_SUCCESS ) { *************** *** 1275,1280 **** --- 1283,1289 ---- *secretkey = '\0'; #endif /* SECURENISPLUS */ + SM_MBDB_T user; /* * Is the user not authorized to use POP? *************** *** 1296,1301 **** --- 1305,1317 ---- * Verify user known by system. */ pwp = &p->pw; + sm_mbdb_initialize ("ldap"); + sm_mbdb_lookup ( p->user, &user ); + pwp->pw_name = strdup ( p->user ); + pwp->pw_uid = user.mbdb_uid; + pwp->pw_gid = user.mbdb_gid; + sm_mbdb_terminate (); + if ( pwp->pw_name == NULL ) { DEBUG_LOG1 ( p, "User %.128s not known by system", p->user ); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 14: 5:19 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D547337B401 for ; Fri, 29 Nov 2002 14:05:18 -0800 (PST) Received: from mx1.purplecat.net (mx1.purplecat.net [208.133.44.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21AAC43EAF for ; Fri, 29 Nov 2002 14:05:18 -0800 (PST) (envelope-from peter@skyrunner.net) Received: (qmail 88945 invoked from network); 29 Nov 2002 22:05:19 -0000 Received: from unknown (HELO micron) (208.150.25.130) by mx1.skyrunner.net with SMTP; 29 Nov 2002 22:05:19 -0000 From: "Peter Brezny" To: Subject: traffic prioritization. Date: Fri, 29 Nov 2002 17:05:11 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org How do you prioritize traffic with freebsd. I've started fooling around with dummynet and figured out how to limit usage to specific amounts by ip or protocol etc, but how do you say, give specific traffic higher priority than other specific traffic? I feel sure that it can be done with it. I'm vuagely familiar with the etinc.com's bwmgr package which seems to do traffic prioritization. But i want to know how to do it using just freebsd and ipfw (or what ever else that comes stock is needed). Any ideas? TIA Peter Brezny Skyrunner.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 29 14:27: 8 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F74E37B401 for ; Fri, 29 Nov 2002 14:27:07 -0800 (PST) Received: from mx1.purplecat.net (mx1.purplecat.net [208.133.44.46]) by mx1.FreeBSD.org (Postfix) with ESMTP id 87A0343E9C for ; Fri, 29 Nov 2002 14:27:06 -0800 (PST) (envelope-from peter@skyrunner.net) Received: (qmail 90405 invoked from network); 29 Nov 2002 22:27:08 -0000 Received: from unknown (HELO micron) (208.150.25.130) by mx1.skyrunner.net with SMTP; 29 Nov 2002 22:27:08 -0000 From: "Peter Brezny" To: Subject: bandwidth management package. Date: Fri, 29 Nov 2002 17:27:00 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org What are you guys using for bandwidth management. I've been looking at the etinc.com bwmgr package, but that's really all i've looked at. Are there other bsd based competitors out there, better or worse, or different? is it a huge deal to roll your own with ipfw2? TIA Peter Brezny Skyrunner.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Nov 30 13:22: 3 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7368A37B411 for ; Sat, 30 Nov 2002 13:22:01 -0800 (PST) Received: from nostromo.brian-jackson.net (pool-64-223-151-72.man.east.verizon.net [64.223.151.72]) by mx1.FreeBSD.org (Postfix) with SMTP id 8E4BA43ECD for ; Sat, 30 Nov 2002 13:22:00 -0800 (PST) (envelope-from b.k.jackson@verizon.net) Received: (qmail 86029 invoked from network); 30 Nov 2002 21:21:49 -0000 Received: from unknown (HELO verizon.net) (192.168.1.97) by 0 with SMTP; 30 Nov 2002 21:21:49 -0000 Date: Sat, 30 Nov 2002 16:21:49 -0500 Subject: Re: Mail Server Advice Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v548) Cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org To: "Ber Ez" From: Brian Jackson In-Reply-To: <20021129051721.52167.qmail@mail.com> Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.548) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Friday, November 29, 2002, at 12:17 AM, Ber Ez wrote: > Hi to all, > I need to build a mail server , I have won the battle of weather to > use FreeBSD or Linux or M$ . > now i'm facing a new battle ,postfix vs qmail. > I need your advice . > which of the two would be faster on freebsd ? > any optimaization tips ? > the system will handle a few mailing lists of 30,000+ subscribers ( > news letters ,not a discussion list ) and over 20,000 users. > I am thinking of load balancing this between three servers and am > looking for info on that as well. > thanks > Ber . > -- qmail (http://www.qmail.org) with ezmlm (http://www.ezmlm.org) and the ezmlm-idx patch (also on http://www.ezmlm.org) make an excellent, easy to administer, and secure mailing list solution. (note that ezmlm-idx will also give you the ability to create html archives) Inter7 has a brilliant virtual hosting and web mail platform for qmail as well (http://www.inter7.com). With all that said, I have no experience with postfix - but I have had much success with qmail and its addons. Brian -- Brian Jackson b.k.jackson@verizon.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message