From owner-freebsd-isp  Sun Feb  2 08:39:43 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA24612
          for isp-outgoing; Sun, 2 Feb 1997 08:39:43 -0800 (PST)
Received: from nimbus.superior.net (root@nimbus.superior.net [206.153.96.1])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA24607
          for <freebsd-isp@freebsd.org>; Sun, 2 Feb 1997 08:39:40 -0800 (PST)
Received: (from exidor@localhost)
	by nimbus.superior.net (8.8.5/8.8.5) id LAA25758;
	Sun, 2 Feb 1997 11:39:18 -0500 (EST)
Message-ID: <19970202113918.KQ21026@@>
Date: Sun, 2 Feb 1997 11:39:18 -0500
From: exidor@superior.net (Christopher Masto)
To: ernie@spooky.eis.net.au (Ernie Elu)
Cc: freebsd-isp@freebsd.org
Subject: Re: popassd
References: <199702020454.OAA29877@spooky.eis.net.au>
X-Mailer: Mutt 0.59.1
Mime-Version: 1.0
In-Reply-To: <199702020454.OAA29877@spooky.eis.net.au>; from Ernie Elu on Feb 2, 1997 14:54:43 +1000
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Ernie Elu writes:
> I am still trying out schemes to change passwords via a web page.

Oh, for the love of cheese.. this thread is getting waay to long.
Please hire a competent technical staff if you value your business.
There are a lot of things that are a LOT harder than this.

Brutally butchered because you don't need my HTML.

#!/usr/local/bin/suidperl -w

# We're running setuid, so some safety steps are required.
$ENV{PATH}="/bin:/usr/bin:/usr/local/bin";

# Import some utility functions that are needed by several scripts
BEGIN { require './home-lib.pl'; }

# A couple of optional modules
use English;
use CGI qw(:standard :html);
use POSIX;
use Time::Local;

# Get form input
$req = new CGI;
$req->cache('no');

$username = radius::whofrom($req->remote_host);
exit unless $username;

# Wacky characters for salt generation
@chars=("0".."9", "a".."z", "A".."Z");

print
  header(-expires => "now"),
  std_head("xxxyourispherexxx Password Tool"),
  std_toolbar;

if ($req->param("change")) {
  # Verify that the old password is correct
  # Get data from form submission
  $oldpass = $req->param("oldpass");
  $newpass = $req->param("newpass");
  # Get the user's old crypted password and extract the salt
  $realpw  = (getpwnam($username))[1];
  $realslt = substr($realpw, 0, 2);
  # Find out if they entered the correct old password
  if (crypt($oldpass, $realslt) ne $realpw) {
    print h1({-align => "center"}, "Old password incorrect - try again"), "\n";
    goto form;
  }
  # Make sure they got the new password right
  if ($newpass ne $req->param("verify")) {
    print h1({-align => "center"}, "New passwords do not match - try again");
    goto form;
  }
  # Crypt the requested new password
  srand;
  $newslt = $chars[rand @chars] . $chars[rand @chars];
  $newpw = crypt($newpass, $newslt);
  $< = $>;  # Rootify me
  if (not system "chpass", "-p", $newpw, $username) {
    print
      h1({-align => "center"}, "Password changed successfully"),

		Etc.

    goto finish;
  }
  else {
    print
      h1({-align => "center"}, "Error setting new password"),
      p("Your password has not been changed due to an error.  Please",
	"contact technical support for assistance.");
    goto finish;
  }
}
else {
  print h1({-align => "center"}, "Changing your password"), "\n";
}

form:
print
  p("Your password is the key to the security of your Internet account.",
		Etc.

Naturally, you'll have to obtain the username somehow.
-- 
Christopher Masto  .   .   .   .
chris@masto.com  .   .   .   .   . Masto Consulting:           info@masto.com

On Talking:
 If I wasn't talking, I wounldn't know what to say.
 - Chico Resch, New York Islanders goaltender

From owner-freebsd-isp  Sun Feb  2 16:49:40 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA26395
          for isp-outgoing; Sun, 2 Feb 1997 16:49:40 -0800 (PST)
Received: from uuspool.singnet.com.sg (bauhinia.singnet.com.sg [165.21.81.30])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA26382
          for <freebsd-isp@freebsd.org>; Sun, 2 Feb 1997 16:49:33 -0800 (PST)
Received: (from uucp@localhost)
	by uuspool.singnet.com.sg (8.8.5/8.8.5) id IAA32660
	for freebsd-isp@freebsd.org; Mon, 3 Feb 1997 08:49:03 +0800 (SST)
Message-Id: <199702030049.IAA32660@uuspool.singnet.com.sg>
Received: by fujitsu.com.sg (MG PM3->Waf 3.40),
          Mon, 3 Feb 97 08:50:04 GMT+0800
From: TANGJH@csdc.fujitsu.com.sg (Tang Jing Hong / CSDC)
Organization: CSDC, Fujitsu (Singapore) Pte Ltd
To: freebsd-isp@freebsd.org
Date: Mon, 3 Feb 1997 08:43:29 GMT+0800
MIME-Version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Subject: subscribe freebsd-isp
X-Confirm-Reading-To: TANGJH@csdc.fujitsu.com.sg (Tang Jing Hong / CSDC)
X-pmrqc: 1
X-mailer: Pegasus Mail for Windows (v2.23)
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

subscribe freebsd-isp
-------------------------------------------------------------------------------------
FUJITSU (Singapore) PTE Limited
Broadband Multimedia System Divison (BMS)

J.H.Tang (FHK member)
E-mail : tangjh@csdc.fujitsu.com.sg
Tel : (65) 771 5526 (Direct Line - FSL Singapore)
-------------------------------------------------------------------------------------

From owner-freebsd-isp  Sun Feb  2 18:50:54 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id SAA02730
          for isp-outgoing; Sun, 2 Feb 1997 18:50:54 -0800 (PST)
Received: from revelstone.jvm.com (revelstone.jvm.com [207.98.213.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA02710;
          Sun, 2 Feb 1997 18:50:50 -0800 (PST)
Received: (from fbsdlist@localhost) by revelstone.jvm.com (8.7.5/8.6.12) id VAA12132; Sun, 2 Feb 1997 21:50:49 -0500 (EST)
Date: Sun, 2 Feb 1997 21:50:48 -0500 (EST)
From: Cliff Addy <fbsdlist@revelstone.jvm.com>
To: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org
Subject: mailbot wars
Message-ID: <Pine.BSF.3.91.970202214405.11759A-100000@revelstone.jvm.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I was fiddling with creating a mail autoresponder and can't see how to solve
a problem.  I was using the .forward mechanism to pipe email into a perl
script and autorespond to the sender.  It works fine, but what happens if I
receive email from a person running an autoresponder themselves?  Then my
mailbot emails a confirmation to them, their mailbot responds to me, mine to
theirs, and all hell breaks loose. 

Is there any way to avoid this situation?  I thought of putting a particular
string in the response subject, then look for it and don't respond to email
that contains it.  However, an autoresponder could respond back to me with a
generic subject, then all hell breaks loose again. 

Any and all suggestions appreciated.  Well, maybe not *all* suggestions :)

Cliff


From owner-freebsd-isp  Sun Feb  2 19:16:24 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA04175
          for isp-outgoing; Sun, 2 Feb 1997 19:16:24 -0800 (PST)
Received: from narcissus.ml.org (root@brosenga.Pitzer.edu [134.173.120.201])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA04155;
          Sun, 2 Feb 1997 19:16:20 -0800 (PST)
Received: (from ben@localhost) by narcissus.ml.org (8.7.5/8.7.3) id TAA00733; Sun, 2 Feb 1997 19:11:48 -0800 (PST)
Date: Sun, 2 Feb 1997 19:11:48 -0800 (PST)
From: Stranger Bone <ben@narcissus.ml.org>
To: Cliff Addy <fbsdlist@revelstone.jvm.com>
cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org
Subject: Re: mailbot wars
In-Reply-To: <Pine.BSF.3.91.970202214405.11759A-100000@revelstone.jvm.com>
Message-ID: <Pine.BSF.3.91.970202190914.721A-100000@narcissus.ml.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Sun, 2 Feb 1997, Cliff Addy wrote:

> I was fiddling with creating a mail autoresponder and can't see how to solve
> a problem.  I was using the .forward mechanism to pipe email into a perl
> script and autorespond to the sender.  It works fine, but what happens if I
> receive email from a person running an autoresponder themselves?  Then my
> mailbot emails a confirmation to them, their mailbot responds to me, mine to
> theirs, and all hell breaks loose. 
> 
> Is there any way to avoid this situation?  I thought of putting a particular
> string in the response subject, then look for it and don't respond to email
> that contains it.  However, an autoresponder could respond back to me with a
> generic subject, then all hell breaks loose again. 

I don't know if this would work, but:

1) Have the perl script save the subject line and compare it with the last 
   subject line it saw.

2) If the two are the same, increment some counter by 1.

3) If the counter reaches 5, notify you and stop autoresponding to 
   messages with that subject until further notice (i.e. reset by hand).

Obviously there are cases where this wouldn't work, but it might be a 
good start.  Someone will probably have a better suggestion.

> Any and all suggestions appreciated.  Well, maybe not *all* suggestions :)
> 
> Cliff
> 
> 



 Ben

The views expressed above are not those of the Worker's Compensation 
Board of Queensland, Australia.



From owner-freebsd-isp  Sun Feb  2 19:17:19 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA04267
          for isp-outgoing; Sun, 2 Feb 1997 19:17:19 -0800 (PST)
Received: from mail.calweb.com (mail.calweb.com [208.131.56.11])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA04259;
          Sun, 2 Feb 1997 19:17:13 -0800 (PST)
Received: from hell.gigo.com (hell.gigo.com [207.173.133.59])
	by mail.calweb.com (8.8.5/8.8.5) with SMTP id TAA20256;
	Sun, 2 Feb 1997 19:16:33 -0800 (PST)
Message-Id: <3.0.32.19970202191733.006b6fa0@pop.calweb.com>
X-Sender: jfesler@pop.calweb.com
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Sun, 02 Feb 1997 19:19:24 -0800
To: Cliff Addy <fbsdlist@revelstone.jvm.com>, freebsd-questions@freebsd.org,
        freebsd-isp@freebsd.org
From: Jason Fesler <jfesler@calweb.com>
Subject: Re: mailbot wars
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 09:50 PM 2/2/97 -0500, Cliff Addy wrote:
>I was fiddling with creating a mail autoresponder and can't see how to solve
>a problem.  I was using the .forward mechanism to pipe email into a perl
>script and autorespond to the sender.  It works fine, but what happens if I
>receive email from a person running an autoresponder themselves?  Then my
>mailbot emails a confirmation to them, their mailbot responds to me, mine to
>theirs, and all hell breaks loose. 

:-)

1:  Don't ever respond when the "Precedence: Bulk" header exists :-)

2:  IT would be good to keep a history of recent people who mailed you,
and not double-respond.  Ie, keep an 8k or 16k or whatever-K cache of email
addresses.  If the address already exists, don't send to them again.  Make
sure your initial autoresponse states that fact.  An example of this via
procmail, is in the procmailex man page.

>Any and all suggestions appreciated.  Well, maybe not *all* suggestions :)

Be sure to put in a twit file ability :-)

Jason Fesler
owner of the now-dead  "infobot@infomania.com" autoresponder/service agent



From owner-freebsd-isp  Sun Feb  2 20:25:59 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA07056
          for isp-outgoing; Sun, 2 Feb 1997 20:25:59 -0800 (PST)
Received: from srv1.thuntek.net (root@srv1.thuntek.net [206.206.98.18])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA07051;
          Sun, 2 Feb 1997 20:25:53 -0800 (PST)
Received: from thor1.thuntek.net (ds1-d1.thuntek.net [206.206.98.132]) by srv1.thuntek.net (8.8.4/8.6.12) with SMTP id VAA25790; Sun, 2 Feb 1997 21:25:39 -0700 (MST)
Message-Id: <3.0.32.19970202212449.00a11b88@thuntek.net>
X-Sender: thor@thuntek.net
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Sun, 02 Feb 1997 21:25:12 -0700
To: Stranger Bone <ben@narcissus.ml.org>,
        Cliff Addy <fbsdlist@revelstone.jvm.com>
From: Scott Halbert <thor@thuntek.net>
Subject: Re: mailbot wars
Cc: freebsd-questions@freebsd.org, freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 07:11 PM 2/2/97 -0800, Stranger Bone wrote:
>On Sun, 2 Feb 1997, Cliff Addy wrote:
>
>> I was fiddling with creating a mail autoresponder and can't see how to
solve
>> a problem.  I was using the .forward mechanism to pipe email into a perl
>> script and autorespond to the sender.  It works fine, but what happens if I
>> receive email from a person running an autoresponder themselves?  Then my
>> mailbot emails a confirmation to them, their mailbot responds to me,
mine to
>> theirs, and all hell breaks loose. 
>> 
>> Is there any way to avoid this situation?  I thought of putting a
particular
>> string in the response subject, then look for it and don't respond to email
>> that contains it.  However, an autoresponder could respond back to me
with a
>> generic subject, then all hell breaks loose again. 
>
>I don't know if this would work, but:
>
>1) Have the perl script save the subject line and compare it with the last 
>   subject line it saw.
>
>2) If the two are the same, increment some counter by 1.
>
>3) If the counter reaches 5, notify you and stop autoresponding to 
>   messages with that subject until further notice (i.e. reset by hand).
>
>Obviously there are cases where this wouldn't work, but it might be a 
>good start.  Someone will probably have a better suggestion.
>
>> Any and all suggestions appreciated.  Well, maybe not *all* suggestions :)
>> 
>> Cliff

Another solution I've seen to this ('vacation' uses this) is to put
in your own header in the e-mail: 
	Precedence: bulk

And to never respond to mail with this header in it.  This has the
added benefit that you can keep from responding to majordomo mailing
lists or such (which really irritates the other list members).

Now, this might now work too well if other mailbots don't obey this
same rule, but many do.  You might need more features to really
block some mailbots.

---Scott Halbert
Thunder Network Technologies, Inc.

> Ben
>
>The views expressed above are not those of the Worker's Compensation 
>Board of Queensland, Australia.
>
>
>
>

From owner-freebsd-isp  Sun Feb  2 20:47:15 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA07826
          for isp-outgoing; Sun, 2 Feb 1997 20:47:15 -0800 (PST)
Received: from nanguo.chalmers.com.au (nanguo.chalmers.com.au [203.1.96.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA07818;
          Sun, 2 Feb 1997 20:47:07 -0800 (PST)
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id OAA02849; Mon, 3 Feb 1997 14:47:49 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702030447.OAA02849@nanguo.chalmers.com.au>
Subject: To people with Xylogics Annex's
To: freebsd-questions@freebsd.org (bsd)
Date: Mon, 3 Feb 1997 14:47:48 +1000 (EST)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi,
I'm trying to locate information on this annex I have. I can get no help
from Xylogics, nor Stallion Technologies in Oz. I am running a
model AXM-A-16-N-101. It has V9.2 software, and just doesn't cut the
mustard anymore.
I need to know if:	a) Upgrading to V10.1A or later will fix the
			   problems with not recognising rdc1323 packets

			b) It's possible to upgrade this thing anyway?
			
			c) The experience of others with Micro Annexs

cheers,
Robert



-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Sun Feb  2 21:26:52 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA09310
          for isp-outgoing; Sun, 2 Feb 1997 21:26:52 -0800 (PST)
Received: from nero.in-design.com (root@nero.in-design.com [204.157.146.146])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA09303
          for <freebsd-isp@FreeBSD.ORG>; Sun, 2 Feb 1997 21:26:49 -0800 (PST)
Received: from nero.in-design.com (info@localhost [127.0.0.1]) by nero.in-design.com (8.7.5/8.7.3) with SMTP id AAA01621 for <freebsd-isp@FreeBSD.ORG>; Mon, 3 Feb 1997 00:27:00 -0500 (EST)
Date: Mon, 3 Feb 1997 00:27:00 -0500 (EST)
From: Intuitive Design Info <info@in-design.com>
To: freebsd-isp@FreeBSD.ORG
Subject: stronghold or Zeus
Message-ID: <Pine.BSF.3.91.970203002437.1547B-100000@nero.in-design.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Hello all;

	Wondering if people out there are using stronghold or zeus for a 
ssl solution.  Any pros or cons?  Any other suggestions?  

		Thanks alot in advance.

			Tamer Ziady

PS: also about upgrades, how do most of you out there in ISP world, 
upgrade usually?  Just curious/ considering that 3.0 might be out 
sometime next month or so.



From owner-freebsd-isp  Sun Feb  2 22:46:00 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id WAA11700
          for isp-outgoing; Sun, 2 Feb 1997 22:46:00 -0800 (PST)
Received: from labs.usn.blaze.net.au (labs.usn.blaze.net.au [203.17.53.30])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA11695
          for <freebsd-isp@freebsd.org>; Sun, 2 Feb 1997 22:45:55 -0800 (PST)
Received: (from davidn@localhost)
	by labs.usn.blaze.net.au (8.8.5/8.8.5) id RAA17601;
	Mon, 3 Feb 1997 17:45:52 +1100 (EST)
Message-ID: <19970203174551.AC45857@usn.blaze.net.au>
Date: Mon, 3 Feb 1997 17:45:51 +1100
From: davidn@unique.usn.blaze.net.au (David Nugent)
To: freebsd-isp@freebsd.org
Subject: Re: pop server with virtual domains
References: <Mutt.19970106192040.davidn@labs.blaze.net.au>
X-Mailer: Mutt 0.59.1
Mime-Version: 1.0
In-Reply-To: <Mutt.19970106192040.davidn@labs.blaze.net.au>; from David Nugent on Jan 6, 1997 19:20:40 +1100
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Some weeks back, I wrote:
> I'm looking for a POP3 (preferably imap too) server that
> handles virtual domains. In particular, it needs to handle
> "virtual users" of those domains as well, which is essentially
> to avoid setting up user accounts on a box that needs to handle
> mail on behalf of anything up to 60 or so domains.

If anyone else happens to be looking for a solution to this, I
have hacked qpopper and derived a "virtual mail delivery agent"
from FreeBSD's mail.local and provided an example sendmail
configuration in a file available from the following URL:

	http://www.blaze.net.au/~davidn/vpop.tar.gz

This solution provides the capability of running multiple
virtual mail domains on a "sealed mail server", and works
with FreeBSD 2.1.5 through 3.0-current.

Comments and updates welcome.

Regards,

David Nugent - Unique Computing Pty Ltd - Melbourne, Australia
Voice +61-3-9791-9547  Data/BBS +61-3-9792-3507  3:632/348@fidonet
davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/

From owner-freebsd-isp  Mon Feb  3 03:46:58 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id DAA24564
          for isp-outgoing; Mon, 3 Feb 1997 03:46:58 -0800 (PST)
Received: from gatekeeper.tsc.tdk.com (root@gatekeeper.tsc.tdk.com [207.113.159.21])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id DAA24557;
          Mon, 3 Feb 1997 03:46:53 -0800 (PST)
Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191])
          by gatekeeper.tsc.tdk.com (8.8.4/8.8.4) with ESMTP
	  id DAA27579; Mon, 3 Feb 1997 03:46:38 -0800 (PST)
Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194])
          by sunrise.gv.tsc.tdk.com (8.8.4/8.8.4) with ESMTP
	  id DAA19497; Mon, 3 Feb 1997 03:46:37 -0800 (PST)
Received: (from gdonl@localhost)
          by salsa.gv.tsc.tdk.com (8.8.4/8.8.4)
	  id DAA01109; Mon, 3 Feb 1997 03:46:36 -0800 (PST)
From: Don Lewis <Don.Lewis@tsc.tdk.com>
Message-Id: <199702031146.DAA01109@salsa.gv.tsc.tdk.com>
Date: Mon, 3 Feb 1997 03:46:36 -0800
In-Reply-To: Cliff Addy <fbsdlist@revelstone.jvm.com>
       "mailbot wars" (Feb  2,  9:50pm)
X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95)
To: Cliff Addy <fbsdlist@revelstone.jvm.com>, freebsd-questions@FreeBSD.ORG,
        freebsd-isp@FreeBSD.ORG
Subject: Re: mailbot wars
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Feb 2,  9:50pm, Cliff Addy wrote:
} Subject: mailbot wars
} I was fiddling with creating a mail autoresponder and can't see how to solve
} a problem.  I was using the .forward mechanism to pipe email into a perl
} script and autorespond to the sender.  It works fine, but what happens if I
} receive email from a person running an autoresponder themselves?  Then my
} mailbot emails a confirmation to them, their mailbot responds to me, mine to
} theirs, and all hell breaks loose. 
} 
} Is there any way to avoid this situation?

Change the From: header and the envelope From address in your autoresponder's
reply to an address that does not point at the autoresponder.

			---  Truck

From owner-freebsd-isp  Mon Feb  3 06:08:37 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id GAA29756
          for isp-outgoing; Mon, 3 Feb 1997 06:08:37 -0800 (PST)
Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id GAA29736;
          Mon, 3 Feb 1997 06:08:26 -0800 (PST)
Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id JAA21573; Mon, 3 Feb 1997 09:08:54 -0500
Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa16198;
          3 Feb 97 9:08 EST
Date: Mon, 3 Feb 1997 09:08:16 -0500 (EST)
From: Steve <shovey@buffnet.net>
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: bsd <freebsd-questions@freebsd.org>, FreeBSD ISP <freebsd-isp@freebsd.org>
Subject: Re: To people with Xylogics Annex's
In-Reply-To: <199702030447.OAA02849@nanguo.chalmers.com.au>
Message-ID: <Pine.BSI.3.95.970203090715.3304Q-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 3 Feb 1997, Robert Chalmers wrote:

> Hi,
> I'm trying to locate information on this annex I have. I can get no help
> from Xylogics, nor Stallion Technologies in Oz. I am running a

I believe baynetworks now owns the annex stuff.

> model AXM-A-16-N-101. It has V9.2 software, and just doesn't cut the
> mustard anymore.
> I need to know if:	a) Upgrading to V10.1A or later will fix the
> 			   problems with not recognising rdc1323 packets
> 
> 			b) It's possible to upgrade this thing anyway?
> 			
> 			c) The experience of others with Micro Annexs

I have the 4000's - they are upgradable - they boot their OS over the net
via erpcd unless you have the boot proms.

I cant believe that calling baynetworks and asking for sales wouldnt get
you some answering on buying the upgrade.


From owner-freebsd-isp  Mon Feb  3 07:45:34 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id HAA03951
          for isp-outgoing; Mon, 3 Feb 1997 07:45:34 -0800 (PST)
Received: from jennifer.pernet.net (jennifer.pernet.net [205.229.0.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA03941
          for <isp@FreeBSD.ORG>; Mon, 3 Feb 1997 07:45:25 -0800 (PST)
Received: (from neal@localhost)
          by jennifer.pernet.net (8.8.4/8.8.4)
	  id JAA12925; Mon, 3 Feb 1997 09:45:30 -0600 (CST)
Date: Mon, 3 Feb 1997 09:45:30 -0600 (CST)
From: Neal Rigney <neal@pernet.net>
To: John Lind <john@dexter.starfire.mn.org>
cc: "Daniel O'Callaghan" <danny@panda.hilink.com.au>, isp@FreeBSD.ORG
Subject: Re: Architext Excite on FreeBSD?
In-Reply-To: <Mutt.19970201073259.john@dexter.starfire.mn.org>
Message-ID: <Pine.BSF.3.91.970203094444.12719C-100000@jennifer.pernet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


You need to make sure and replace its version of perl.  For some stupid 
reason, Architext includes a perl that consistantly core dumps.

I had quite a time getting it to install and work.  It tries multiple 
times to overwrite your existing perl.

On Sat, 1 Feb 1997, John Lind wrote:

> Daniel O'Callaghan writes:
> > On Fri, 31 Jan 1997, John Lind wrote:
> > > SkyPoint just tried to install Architext Excite and the BSDI binaries
> > > won't run, at least on FreeBSD 2.1.0-R(CD).  Is there a solution
> > > for this?
> > 
> > Yes.  Run 2.1.5 or higher.  Works fine, I believe.
> 
> Hmmm.  This is not my experience.  It instantly coredumps on 2.1.0-R(CD),
> 2.1.5, and 3.0-BETA.
> 
> Am I doing something wrong?
> 
> 		 John Lind, Starfire Consulting Services
> E-mail: john@starfire.MN.ORG	    USnail: PO Box 17247, Mpls MN  55417
> 

--
Neal Rigney, PERnet Communications, (409)729-4638
neal@mail.pernet.net



From owner-freebsd-isp  Mon Feb  3 09:21:27 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id JAA09077
          for isp-outgoing; Mon, 3 Feb 1997 09:21:27 -0800 (PST)
Received: from tarpon.exis.net (stefan@tarpon.exis.net [205.252.72.108])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA09071
          for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 09:21:24 -0800 (PST)
Received: (from stefan@localhost) by tarpon.exis.net (8.7.4/8.7.3) id MAA30137; Mon, 3 Feb 1997 12:24:13 -0500
Date: Mon, 3 Feb 1997 12:24:12 -0500 (EST)
From: Stefan Molnar <stefan@exis.net>
To: Intuitive Design Info <info@in-design.com>
cc: freebsd-isp@freebsd.org
Subject: Re: stronghold or Zeus
In-Reply-To: <Pine.BSF.3.91.970203002437.1547B-100000@nero.in-design.com>
Message-ID: <Pine.LNX.3.91.970203121945.29683B-100000@tarpon.exis.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


> 	Wondering if people out there are using stronghold or zeus for a 
> ssl solution.  Any pros or cons?  Any other suggestions?  
 
Go for stronghold.  It is a good program for ssl.  We use that
where I work.  Also I kinda know the CEO of c2, so that is another
plus on my side.

Stefan


--------------------------------------------
Stefan Molnar                  Team Exis.Net
stefan@exis.net                   Member EFF
Slightly Silly                     Team OS/2
east-coast-ambassador@soda.CSUA.Berkeley.EDU
"She turned me into a Newt!  A Newt?
I got better."     -Monty Python
--------------------------------------------



From owner-freebsd-isp  Mon Feb  3 10:10:54 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id KAA11770
          for isp-outgoing; Mon, 3 Feb 1997 10:10:54 -0800 (PST)
Received: from irvine.americasnet.com (ricardo@irvine.americasnet.com [208.145.128.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA11765
          for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 10:10:50 -0800 (PST)
Received: from localhost (ricardo@localhost) by irvine.americasnet.com (8.8.5/8.7.3) with SMTP id KAA17653 for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 10:12:08 -0800
Date: Mon, 3 Feb 1997 10:12:07 -0800 (PST)
From: Ricardo Kleemann <ricardo@americasnet.com>
To: FreeBSD ISP list <freebsd-isp@freebsd.org>
Subject: number of open files
Message-ID: <Pine.LNX.3.95.970203101118.17044A-100000@irvine.americasnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi,

how do I find out what my kernel is set up for as far as number of fd's
(MAX # open files).

Also, how do I go about increasing that?

Thanks
Ricardo


From owner-freebsd-isp  Mon Feb  3 16:59:41 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA03641
          for isp-outgoing; Mon, 3 Feb 1997 16:59:41 -0800 (PST)
Received: from alyssa.ai.net ([205.134.170.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id QAA03632
          for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 16:59:36 -0800 (PST)
Received: (from nc@localhost) by alyssa.ai.net (8.6.12/8.6.12) id TAA24471; Mon, 3 Feb 1997 19:39:42 -0500
Date: Mon, 3 Feb 1997 19:39:41 -0500 (EST)
From: Network Coordinator <nc@ai.net>
To: Ulf Zimmermann <ulf@Alameda.net>
cc: dg@root.com, rg@gds.de, freebsd-isp@freebsd.org
Subject: Re: 300 000 hits / day
In-Reply-To: <199702010000.QAA23599@bitch.Melmac.org>
Message-ID: <Pine.BSF.3.91.970203193608.21879B-100000@alyssa.ai.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Fri, 31 Jan 1997, Ulf Zimmermann wrote:

> > >Without getting into specifics, 300k/day on a web server with FreeBSD is 
> > >nothing. 
> > >
> > >We have boxes that are averaging over 40 million hits a day [average hit 
> > >954bytes] without blinking. (over 50 conns/sec)
> > 
> >    Wow! I think this is a stat we should remember. Would you be interested in
> > submitting something for the "FreeBSD Gallery"?
> > 
> > -DG
> > 
> > David Greenman
> > Core-team/Principal Architect, The FreeBSD Project
> > 
> 
> I would also talk with Gary Palmer, he is maxing out 250 httpds running.
> 
> Ulf.
> 
> --------------------------------------------------------------------------
> Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936
>            Alameda Networks, Inc. | http://www.Alameda.net
> 


We'd be more than happy to come up with something for the FreeBSD 
Gallery. What do you have in mind -- I think we are already listed on there.

As for the # of httpd's running--typical is about 1450 simultaneous.

Kyle Amon
AINet



From owner-freebsd-isp  Mon Feb  3 17:47:06 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA06807
          for isp-outgoing; Mon, 3 Feb 1997 17:47:06 -0800 (PST)
Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA06794
          for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 17:46:56 -0800 (PST)
Received: from current1.whistle.com (current1.whistle.com [207.76.205.22])
          by alpo.whistle.com (8.8.5/8.8.4) with SMTP
	  id RAA23577 for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 17:38:44 -0800 (PST)
Message-ID: <32F692BD.31DFF4F5@whistle.com>
Date: Mon, 03 Feb 1997 17:37:01 -0800
From: Julian Elischer <julian@whistle.com>
Organization: Whistle Communications
X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386)
MIME-Version: 1.0
To: freebsd-isp@freebsd.org
Subject: [Fwd: un-ethical isp]
Content-Type: message/rfc822
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Return-Path: <owner-freebsd-hackers@freefall.freebsd.org>
Received: from whistle.com (whistle.whistle.com [207.76.205.131])
          by alpo.whistle.com (8.8.5/8.8.4) with ESMTP
	  id DAA09000 for <julian@alpo.whistle.com>; Mon, 3 Feb 1997 03:15:55 -0800 (PST)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id DAA01275 for <julian@whistle.com>; Mon, 3 Feb 1997 03:15:37 -0800 (PST)
Received: from gatekeeper.whistle.com(207.76.204.2) by whistle.com via smap (V1.3)
	id sma001273; Mon Feb  3 03:15:33 1997
Received: (from smap@localhost) by gatekeeper.whistle.com (8.7.5/8.6.12) id DAA29238 for <julian@whistle.com>; Mon, 3 Feb 1997 03:15:33 -0800 (PST)
Received: from ns2.harborcom.net(206.158.4.4) by gatekeeper.whistle.com via smap (V1.3)
	id sma029236; Mon Feb  3 03:15:28 1997
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.18])
          by ns2.harborcom.net (8.8.5/8.8.4) with ESMTP
	  id GAA11821; Mon, 3 Feb 1997 06:15:18 -0500 (EST)
Received: from localhost (daemon@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id CAA22015;
          Mon, 3 Feb 1997 02:32:06 -0800 (PST)
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id CAA21898
          for hackers-outgoing; Mon, 3 Feb 1997 02:30:33 -0800 (PST)
Received: from calvino.alaska.net (ice@calvino.alaska.net [206.149.65.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id CAA21892
          for <Freebsd-Hackers@Freebsd.Org>; Mon, 3 Feb 1997 02:30:29 -0800 (PST)
Received: (from ice@localhost) by calvino.alaska.net (8.8.0/8.7.3) 
	id BAA01579 for Freebsd-Hackers@Freebsd.Org; Mon, 3 Feb 1997 01:30:26 -0900 (AKST)
X-Authentication-Warning: calvino.alaska.net: ice set sender to ice-bbs!steve.howe using -f
>Received: by ice-bbs.net (0.99.950303)
  id AA04021; 03 Feb 97 01:27:32 -0900
From: Steve.Howe@ice-bbs.net (Steve Howe)
Date: 03 Feb 97 01:26:43 -0900
Subject: un-ethical isp
Message-ID: <293_9702030127@ice-bbs.net>
Organization: ICE BBS Network Internet Gateway
To: Freebsd-Hackers@FreeBSD.ORG
Content-Type: text
Sender: owner-hackers@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


Dear FreeBSDers,

because of your excellent OS and superb knowledge, i/we decided to use
FreeBSD in projects for the government subcontracting starting about 2
years ago.  an associate and boss became upset due to their fear of
UNIX and a sort of conspiracy developed ...

anyway - unbeknownst to me, the owners of my isp (alaska.net) were former
associates this vengeful/ignorant co-worker and boss, and together
(as i came close to finishing a project way ahead of their NT
project) they (isp) engaged in ping flooding all my machines
on my networks, grinding all my work to a complete halt for
a week, and additionally, after tracing the source of the
pinging and sending some nasty email, my isp transferred
all my email i had ever written on my personal/private
account to my boss and co-worker for review, ie, they
were looking for some goodies to get rid of me.
they hired private investigators, etc. but i
was squeaky clean, although things have
become miserable enough to quit. :)

ANYWAY - my question is, although my lawyer says my isp may be
liable for slander, is there any other recourse i can take for
them giving 2 1/2 years of my email from my personal/private
account to my boss and co-workers?  i wouldn't want laws,
but i despise un-ethical behaviour such as this!

it included health information related to my family,
love letters :), thoughts, etc.  all kinds of stuff
you'd never want anyone to see!

(pgp? - well not everyone i wrote to can use it!)

thanks ...  please mail to hmmm@ice-bbs.net.
a friend/co-worker is allowing me use of this
account as i have no isp currently ...
--
| Standard disclaimer: The views of the users are strictly their own.
| ICE BBS Network  +1-907-346-2371 (ANSI, 28.8k, FREE E-MAIL!).



From owner-freebsd-isp  Mon Feb  3 18:48:27 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id SAA10776
          for isp-outgoing; Mon, 3 Feb 1997 18:48:27 -0800 (PST)
Received: from labs.usn.blaze.net.au (labs.usn.blaze.net.au [203.17.53.30])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA10764
          for <freebsd-isp@freebsd.org>; Mon, 3 Feb 1997 18:48:18 -0800 (PST)
Received: (from davidn@localhost)
	by labs.usn.blaze.net.au (8.8.5/8.8.5) id NAA20411;
	Tue, 4 Feb 1997 13:47:55 +1100 (EST)
Message-ID: <19970204134754.RT48025@labs.usn.blaze.net.au>
Date: Tue, 4 Feb 1997 13:47:54 +1100
From: davidn@labs.usn.blaze.net.au (David Nugent)
To: ricardo@americasnet.com (Ricardo Kleemann)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP list)
Subject: Re: number of open files
References: <Pine.LNX.3.95.970203101118.17044A-100000@irvine.americasnet.com>
X-Mailer: Mutt 0.60-PL0
Mime-Version: 1.0
In-Reply-To: <Pine.LNX.3.95.970203101118.17044A-100000@irvine.americasnet.com>; from Ricardo Kleemann on Feb 3, 1997 10:12:07 -0800
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Ricardo Kleemann writes:
> how do I find out what my kernel is set up for as far as number of fd's
> (MAX # open files).

Per process, or system-wide?

	sysctl kern.maxfiles

gives the number of global descriptors available.

	sysctl kern.maxfilesperproc

gives the maximum number of descriptors available per process.

With 2.2 and prior, you can adjust this upwards using the OPEN_MAX
option when compiling your kernel.

There are also settable resource limits you can use to decrease
this per-process limit. See man ulimit (sh) and man limit (csh).

Regards,

David Nugent - Unique Computing Pty Ltd - Melbourne, Australia
Voice +61-3-9791-9547  Data/BBS +61-3-9792-3507  3:632/348@fidonet
davidn@freebsd.org davidn@blaze.net.au http://www.blaze.net.au/~davidn/

From owner-freebsd-isp  Tue Feb  4 03:00:14 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id DAA09609
          for isp-outgoing; Tue, 4 Feb 1997 03:00:14 -0800 (PST)
Received: from marlin.com.br (blue.marlin.com.br [200.255.107.33])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id DAA09593
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 03:00:07 -0800 (PST)
Received: by marlin.com.br (8.6.12/SMI-4.1)
	id IAA20274; Tue, 4 Feb 1997 08:57:06 -0200
Date: Tue, 4 Feb 1997 08:57:06 -0200 (EDT)
From: "Alexsandro D. F. Correia" <acorreia@marlin.com.br>
To: Mike Tancsa <mike@sentex.net>
cc: Joe Mays - freebsd-isp <fbsd-isp@launchpad.win.net>,
        freebsd-isp@freebsd.org
Subject: Re: Radius 2.0 and FreeBSD.
In-Reply-To: <3.0.32.19970123090041.00aa8630@sentex.net>
Message-ID: <Pine.BSF.3.91.970204085509.20146C-100000@blue.marlin.com.br>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Hi Mike,

	I tried to compile Radius 2.0 as you said below, but it didn't work.
	I use FreeBSD 2.1.0 here and did the changes exactly like you said.
	Could you send me the changed Sources ?

	Thanx in advance.

Alexsandro Correia


On Thu, 23 Jan 1997, Mike Tancsa wrote:

> At 12:43 AM 1/23/97 -0400, Joe Mays - freebsd-isp wrote:
> >I was wondering who, if anyone, out there is running Radius 2.0
> >from Livingston.  I downloaded the source from Livingston, but they
> >said they don't support FreeBSD with it and I couldn't find any
> >"official" FreeBSD port for it.  With some changes to the Makefile
> >and a couple of .c files for the BSDOS source I was able to build
> >one that works just fine, but I am far from being an expert at
> >this stuff.  If anyone else has put together a working build I
> >would like to see it so I could compare changes.  If there is an
> >official FreeBSD port, better still.
> 
> 
> To get a clean compile there is not much that needs to be done... I made
> the following changes and compiled cleanly using gcc 2.6.3
> 
> In the BSDOS_2.0 Make directory, edit the Makefile and change the lines
> 
> CC=  cc
> to
> CC=  gcc
> 
> LIBS        =
> to
> LIBS        = -lcrypt  
> 
> 
> in ../radius/src/conf.h
> 
> add
> 
> #define bsdi
> 
> and delete
> 
> #include        <machine/inline.h>      
> 
> 
> do a 
> make
> then do the regular install stuff, and
> /etc/radiusd -b 
> 
> Works just fine....
> 
> 
> 	---Mike
> 

+-------------------------------------------------------------+
     Alexsandro Correia		E-mail: acorreia@marlin.com.br
 Analista de Suporte Internet   Tel : +55 21 224-9950
				      +55 21 253-2971
+-------------------------------------------------------------+
 Marlin Internet		http://www.marlin.com.br
 Rua 7 de Setembro 48/13 Andar  Tel: +55 21 224-9950
 Centro - Rio de Janeiro	Fax: +55 21 223-427
 RJ - Brasil
+-------------------------------------------------------------+


From owner-freebsd-isp  Tue Feb  4 07:59:36 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id HAA22873
          for isp-outgoing; Tue, 4 Feb 1997 07:59:36 -0800 (PST)
Received: from sand.sentex.ca (sand.sentex.ca [206.222.77.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA22867
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 07:59:30 -0800 (PST)
Received: from gravel (gravel.sentex.ca [205.211.165.210]) by sand.sentex.ca (8.8.3/8.8.3) with SMTP id LAA20903; Tue, 4 Feb 1997 11:04:50 -0500 (EST)
Message-Id: <3.0.32.19970204104918.009d38e0@sentex.net>
X-Sender: mdtancsa@sentex.net
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Tue, 04 Feb 1997 10:49:19 -0500
To: "Alexsandro D. F. Correia" <acorreia@marlin.com.br>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: Radius 2.0 and FreeBSD.
Cc: freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 08:57 AM 2/04/97 -0200, Alexsandro D. F. Correia wrote:
>
>Hi Mike,
>
>	I tried to compile Radius 2.0 as you said below, but it didn't work.
>	I use FreeBSD 2.1.0 here and did the changes exactly like you said.
>	Could you send me the changed Sources ?
>
>	Thanx in advance.

Hi,
	I would be happy to, but Livingston explicitly states that you are not
allowed to distribute the source code publically, and I would like the
respect that.   I did however, go and try a clean copy of the source code
and made the exact modifications that I described and it worked.  Perhaps
2.1.0 is different enough that it wont compile?  Do you not have a more
uptodate distribution that you can try and build it with?  What about gcc ?
 What errors do you get when you build it?


	---Mike

From owner-freebsd-isp  Tue Feb  4 08:45:38 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA27185
          for isp-outgoing; Tue, 4 Feb 1997 08:45:38 -0800 (PST)
Received: from main.netcorps.com (main.netcorps.com [205.149.1.66])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA27180
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 08:45:36 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by main.netcorps.com (8.7.1/8.6.12) with SMTP id IAA24898 for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 08:44:12 -0800 (PST)
Message-Id: <199702041644.IAA24898@main.netcorps.com>
X-Authentication-Warning: main.netcorps.com: Host localhost [127.0.0.1] didn't use HELO protocol
To: freebsd-isp@freebsd.org
Subject: FrontPage Extenstions
Date: Tue, 04 Feb 1997 08:44:12 -0800
From: Chris Bura <chris@main.Netcorps.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Hi,

I read from Ready-to-Run's frontpage section it isn't compatible with
BSD's encryption.  Does anyone know if that's still the case.  (You just
never know with Microsoft, if you're reading something that's current.)

Also, has anyone had trouble downloading the tar file extensions from the
same place?  It's coming out as garbage to me.

Thanks,

Chris


From owner-freebsd-isp  Tue Feb  4 09:42:13 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id JAA00797
          for isp-outgoing; Tue, 4 Feb 1997 09:42:13 -0800 (PST)
Received: from mail.calweb.com (mail.calweb.com [208.131.56.11])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA00787
          for <freebsd-isp@FreeBSD.ORG>; Tue, 4 Feb 1997 09:42:07 -0800 (PST)
Received: from devnull (devnull.calweb.com [208.131.56.69])
	by mail.calweb.com (8.8.5/8.8.5) with SMTP id JAA08418;
	Tue, 4 Feb 1997 09:41:40 -0800 (PST)
Message-Id: <3.0.32.19970204094038.00991bd0@pop.calweb.com>
Warning: Unsolicited Commercial Email (UCE) will be returned to send in bulk
X-Sender: jfesler@pop.calweb.com
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Tue, 04 Feb 1997 09:40:41 -0800
To: Chris Bura <chris@main.Netcorps.com>
From: Jason Fesler <jfesler@calweb.com>
Subject: Re: FrontPage Extenstions
Cc: freebsd-isp@FreeBSD.ORG
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

At 08:44 AM 2/4/97 -0800, you wrote:
>I read from Ready-to-Run's frontpage section it isn't compatible with
>BSD's encryption.  Does anyone know if that's still the case.  (You just
>never know with Microsoft, if you're reading something that's current.)

It handles DES just fine.  I have not personally tested FreeBSD's MD5
with FrontPage at all.

>Also, has anyone had trouble downloading the tar file extensions from the
>same place?  It's coming out as garbage to me.

If you want to trust my binaries as much as you trust  Microsoft's
(evil  grin) send me email, and I'll shoot over binaries from
a couple weeks ago.  If they have made changes, I have not been
around enough to notice them :-).  I have both the extensions
and the WPP kit.


--
           Jason Fesler  jfesler@calweb.com  Internic: 'whois jf319'   
            Admin, CalWeb Internet Services   http://www.calweb.com
  Junk email returned, in bulk, back to sender; w/copies to all postmasters.
 You got junk mail problems?  Use Eudora Pro, MSIE's mail, or 'man procmail'.

From owner-freebsd-isp  Tue Feb  4 10:47:39 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id KAA04279
          for isp-outgoing; Tue, 4 Feb 1997 10:47:39 -0800 (PST)
Received: from anacreon.sol.net (anacreon.sol.net [206.55.64.116])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id KAA04267
          for <freebsd-isp@FreeBSD.ORG>; Tue, 4 Feb 1997 10:47:25 -0800 (PST)
Received: from solaria.sol.net (solaria.sol.net [206.55.65.75]) by anacreon.sol.net (8.6.12/8.6.12) with ESMTP id MAA24172; Tue, 4 Feb 1997 12:47:21 -0600
Received: from localhost by solaria.sol.net (8.5/8.5)
	id MAA02065; Tue, 4 Feb 1997 12:47:19 -0600
From: Joe Greco <jgreco@solaria.sol.net>
Message-Id: <199702041847.MAA02065@solaria.sol.net>
Subject: Re: 300 000 hits / day
To: nc@ai.net (Network Coordinator)
Date: Tue, 4 Feb 97 12:47:16 CST
Cc: rg@gds.de, freebsd-isp@FreeBSD.ORG
In-Reply-To: <Pine.BSF.3.91.970131172915.28104B-100000@alyssa.ai.net> from "Network Coordinator" at Jan 31, 97 05:30:19 pm
X-Mailer: ELM [version 2.4dev PL65]
MIME-Version: 1.0
Content-Type: text
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> Without getting into specifics, 300k/day on a web server with FreeBSD is 
> nothing. 
> 
> We have boxes that are averaging over 40 million hits a day [average hit 
> 954bytes] without blinking. (over 50 conns/sec)

> > we are running a very haevy loaded www-server (300.000 hits per day, 
> > 45 MB data traffic per hour) on FreeBSD 2.2 (2.2 binaries, but 3.0 
> > kernel), AMD 133, 64 MB RAM, Apache 1.2.
> > 
> > The server has a lot of hits and especially amounts of CGIs running.

Is that 40 million hits per day _with_ or _without_ CGI's?

My PPro 200 moves a gigabyte of Usenet traffic every hour, is offered over 
80 articles per second, offers about that same number out, and actually 
sends about 20% of that.

But we have to bear in mind that an AMD 133 (assuming that's a "DX5/133"),
even on a very good motherboard, has nowhere near the CPU potential of a
PPro 200.

If I didn't actually have to _process_ the data, I am sure I could shovel
it around a heck of a lot faster.

(That's why it's sorta important to know, is that with or without CGI's,
and what kind of CPU)

... JG

From owner-freebsd-isp  Tue Feb  4 11:45:49 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA07747
          for isp-outgoing; Tue, 4 Feb 1997 11:45:49 -0800 (PST)
Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id LAA07742
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 11:45:40 -0800 (PST)
Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id OAA06062 for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 14:47:00 -0500
Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa01858;
          4 Feb 97 14:46 EST
Date: Tue, 4 Feb 1997 14:46:10 -0500 (EST)
From: Steve <shovey@buffnet.net>
To: Chris Bura <chris@main.netcorps.com>
cc: freebsd-isp@freebsd.org
Subject: Re: FrontPage Extenstions
In-Reply-To: <199702041644.IAA24898@main.netcorps.com>
Message-ID: <Pine.BSI.3.95.970204144552.22958A-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Tue, 4 Feb 1997, Chris Bura wrote:

> 
> Hi,
> 
> I read from Ready-to-Run's frontpage section it isn't compatible with
> BSD's encryption.  Does anyone know if that's still the case.  (You just
> never know with Microsoft, if you're reading something that's current.)

You a brave soul  - I personally wouldnt want that big a security hole.


From owner-freebsd-isp  Tue Feb  4 12:44:34 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA10828
          for isp-outgoing; Tue, 4 Feb 1997 12:44:34 -0800 (PST)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA10823
          for <freebsd-isp@FreeBSD.ORG>; Tue, 4 Feb 1997 12:44:31 -0800 (PST)
Received: from server.id.net (server.id.net [199.125.2.20]) by mail.id.net (8.7.5/ID-Net) with ESMTP id PAA27185; Tue, 4 Feb 1997 15:50:14 -0500 (EST)
From: Robert Shady <rls@mail.id.net>
Received: (from rls@localhost) by server.id.net (8.8.2/8.7.3) id PAA12070; Tue, 4 Feb 1997 15:45:03 -0500 (EST)
Message-Id: <199702042045.PAA12070@server.id.net>
Subject: Re: FrontPage Extenstions
In-Reply-To: <Pine.BSI.3.95.970204144552.22958A-100000@buffnet11.buffnet.net> from Steve at "Feb 4, 97 02:46:10 pm"
To: shovey@buffnet.net (Steve)
Date: Tue, 4 Feb 1997 15:45:03 -0500 (EST)
Cc: chris@main.netcorps.com, freebsd-isp@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> > I read from Ready-to-Run's frontpage section it isn't compatible with
> > BSD's encryption.  Does anyone know if that's still the case.  (You just
> > never know with Microsoft, if you're reading something that's current.)
>
> You a brave soul  - I personally wouldnt want that big a security hole.

Is that what you tell your customers who beg for Front Page extensions because
they have absolutely know idea how to "code" a web page otherwise?

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net

From owner-freebsd-isp  Tue Feb  4 12:55:45 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA11348
          for isp-outgoing; Tue, 4 Feb 1997 12:55:45 -0800 (PST)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA11342
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 12:55:41 -0800 (PST)
Received: from server.id.net (server.id.net [199.125.2.20]) by mail.id.net (8.7.5/ID-Net) with ESMTP id QAA27296; Tue, 4 Feb 1997 16:01:24 -0500 (EST)
From: Robert Shady <rls@mail.id.net>
Received: (from rls@localhost) by server.id.net (8.8.2/8.7.3) id PAA12161; Tue, 4 Feb 1997 15:56:14 -0500 (EST)
Message-Id: <199702042056.PAA12161@server.id.net>
Subject: Re: Radius 2.0 and FreeBSD.
In-Reply-To: <3.0.32.19970204104918.009d38e0@sentex.net> from Mike Tancsa at "Feb 4, 97 10:49:19 am"
To: mike@sentex.net (Mike Tancsa)
Date: Tue, 4 Feb 1997 15:56:14 -0500 (EST)
Cc: acorreia@marlin.com.br, freebsd-isp@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> >	I tried to compile Radius 2.0 as you said below, but it didn't work.
> >	I use FreeBSD 2.1.0 here and did the changes exactly like you said.
> >	Could you send me the changed Sources ?
>
> Hi,
> 	I would be happy to, but Livingston explicitly states that you are not
> allowed to distribute the source code publically, and I would like the
> respect that.   I did however, go and try a clean copy of the source code
> and made the exact modifications that I described and it worked.  Perhaps
> 2.1.0 is different enough that it wont compile?  Do you not have a more
> uptodate distribution that you can try and build it with?  What about gcc ?
>  What errors do you get when you build it?

Call me stupid, but I've been looking for this "Radius 2.0" since I first
saw mention of it on this list and haven't been able to find it anywhere...

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net

From owner-freebsd-isp  Tue Feb  4 12:56:27 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA11446
          for isp-outgoing; Tue, 4 Feb 1997 12:56:27 -0800 (PST)
Received: from mail.calweb.com (mail.calweb.com [208.131.56.11])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA11426
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 12:56:20 -0800 (PST)
Received: from devnull (devnull.calweb.com [208.131.56.69])
	by mail.calweb.com (8.8.5/8.8.5) with SMTP id MAA10927;
	Tue, 4 Feb 1997 12:55:53 -0800 (PST)
Message-Id: <3.0.32.19970204125219.009718e0@pop.calweb.com>
Warning: Unsolicited Commercial Email (UCE) will be returned to send in bulk
X-Sender: jfesler@pop.calweb.com
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Tue, 04 Feb 1997 12:54:54 -0800
To: Steve <shovey@buffnet.net>
From: Jason Fesler <jfesler@calweb.com>
Subject: Re: FrontPage Extenstions
Cc: freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 02:46 PM 2/4/97 -0500, you wrote:
>You a brave soul  - I personally wouldnt want that big a security hole.

Please research it before you say that again :-).

virtualdomains, at least, are secure.  Subwebs under a master domain,
I have my doubts about  - virtual domains, I'm perfectly happy with..

Note that the FrontPage extension stubs are marked SUID to the owner of the
given virtual domain.  Ie, when www.xyz.com uses FrontPage, xyz's user
account owns the entire process, files, etc - *NOT* root or http.


--
           Jason Fesler  jfesler@calweb.com  Internic: 'whois jf319'   
            Admin, CalWeb Internet Services   http://www.calweb.com
  Junk email returned, in bulk, back to sender; w/copies to all postmasters.
 You got junk mail problems?  Use Eudora Pro, MSIE's mail, or 'man procmail'.

From owner-freebsd-isp  Tue Feb  4 13:05:56 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA12195
          for isp-outgoing; Tue, 4 Feb 1997 13:05:56 -0800 (PST)
Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA12190
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 13:05:49 -0800 (PST)
Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id QAA06662 for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 16:07:40 -0500
Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa16867;
          4 Feb 97 16:06 EST
Date: Tue, 4 Feb 1997 16:06:36 -0500 (EST)
From: Steve <shovey@buffnet.net>
To: Robert Shady <rls@mail.id.net>
cc: chris@main.netcorps.com, freebsd-isp@freebsd.org
Subject: Re: FrontPage Extenstions
In-Reply-To: <199702042045.PAA12070@server.id.net>
Message-ID: <Pine.BSI.3.95.970204160424.24804D-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Tue, 4 Feb 1997, Robert Shady wrote:

> > > I read from Ready-to-Run's frontpage section it isn't compatible with
> > > BSD's encryption.  Does anyone know if that's still the case.  (You just
> > > never know with Microsoft, if you're reading something that's current.)
> >
> > You a brave soul  - I personally wouldnt want that big a security hole.
> 
> Is that what you tell your customers who beg for Front Page extensions because
> they have absolutely know idea how to "code" a web page otherwise?

Yes.  I say "Unless you want to rent an entire machine dedicated to YOUR
site, at $xxxx.00/mth, I cannot oblige you. What you want is not secure
and I cannot jeopardize other customers.  If you choose to rent an entire
machine to this purpose, We will not be hel responsible in the event of a
cracke incursion."

Or something very close.  Most people are thankful to know they are beeing
looked out for.

You can use front page to make pages, without using front page junk in
your web server.


From owner-freebsd-isp  Tue Feb  4 13:08:04 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA12327
          for isp-outgoing; Tue, 4 Feb 1997 13:08:04 -0800 (PST)
Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id NAA12307
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 13:07:57 -0800 (PST)
Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id QAA06697 for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 16:09:45 -0500
Received: from buffnet11.buffnet.net by buffnet1.buffnet.net id aa17193;
          4 Feb 97 16:09 EST
Date: Tue, 4 Feb 1997 16:08:58 -0500 (EST)
From: Steve <shovey@buffnet.net>
To: Jason Fesler <jfesler@calweb.com>
cc: freebsd-isp@freebsd.org
Subject: Re: FrontPage Extenstions
In-Reply-To: <3.0.32.19970204125219.009718e0@pop.calweb.com>
Message-ID: <Pine.BSI.3.95.970204160714.24804E-100000@buffnet11.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Tue, 4 Feb 1997, Jason Fesler wrote:

> At 02:46 PM 2/4/97 -0500, you wrote:
> >You a brave soul  - I personally wouldnt want that big a security hole.
> 
> Please research it before you say that again :-).

I would not profess to be able to - not being a cracker type I could not
be certain.  I have, in the course of being an admin seen some things
crackers do, and thought "who would have thought?" 




From owner-freebsd-isp  Tue Feb  4 13:43:11 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA14311
          for isp-outgoing; Tue, 4 Feb 1997 13:43:11 -0800 (PST)
Received: from sand.sentex.ca (sand.sentex.ca [206.222.77.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA14305
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 13:43:07 -0800 (PST)
Received: from gravel (gravel.sentex.ca [205.211.165.210]) by sand.sentex.ca (8.8.3/8.8.3) with SMTP id QAA21264; Tue, 4 Feb 1997 16:48:38 -0500 (EST)
Message-Id: <3.0.32.19970204163306.00a717c0@sentex.net>
X-Sender: mdtancsa@sentex.net
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Tue, 04 Feb 1997 16:33:07 -0500
To: Robert Shady <rls@mail.id.net>
From: Mike Tancsa <mike@sentex.net>
Subject: Re: Radius 2.0 and FreeBSD.
Cc: freebsd-isp@freebsd.org
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>Call me stupid, but I've been looking for this "Radius 2.0" since I first
>saw mention of it on this list and haven't been able to find it anywhere...

Just go to www.livingston.com... All you need to do is fill out an on-line
form, provide them with a serial # from one of your Livingston products,
and they will email you the file...

	---Mike

From owner-freebsd-isp  Tue Feb  4 13:50:17 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA14715
          for isp-outgoing; Tue, 4 Feb 1997 13:50:17 -0800 (PST)
Received: from nanguo.chalmers.com.au (chalmers.com.au [203.1.96.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA14692;
          Tue, 4 Feb 1997 13:50:09 -0800 (PST)
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id HAA06076; Wed, 5 Feb 1997 07:51:13 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702042151.HAA06076@nanguo.chalmers.com.au>
Subject: annex+sco, no worries, fbsd, yes
To: freebsd-questions@freebsd.org (bsd)
Date: Wed, 5 Feb 1997 07:51:13 +1000 (EST)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Here's an interesting one.

If I run SCO 3.2v4.2 + the Annex(V9.2), traffic flows now worries in both 
directions. No problems with rfc1323 or anything else.

Hook up the FreeBSD 2.2 + Annex(V9.2). Immediate problems. Anything that speaks
rfc 1323 has problems. (mostly Sun's and other FreeBSD machines it seems)

Why is this? Is there a technical reason for this that anyone knows about?

bc
-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Tue Feb  4 14:20:24 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA17516
          for isp-outgoing; Tue, 4 Feb 1997 14:20:24 -0800 (PST)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA17434;
          Tue, 4 Feb 1997 14:20:02 -0800 (PST)
Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id JAA01750; Wed, 5 Feb 1997 09:19:42 +1100 (EST)
Date: Wed, 5 Feb 1997 09:19:41 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: bsd <freebsd-questions@freebsd.org>, FreeBSD ISP <freebsd-isp@freebsd.org>
Subject: Re: annex+sco, no worries, fbsd, yes
In-Reply-To: <199702042151.HAA06076@nanguo.chalmers.com.au>
Message-ID: <Pine.BSF.3.91.970205091539.822E-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Wed, 5 Feb 1997, Robert Chalmers wrote:

> Here's an interesting one.
> 
> If I run SCO 3.2v4.2 + the Annex(V9.2), traffic flows now worries in both 
> directions. No problems with rfc1323 or anything else.
> 
> Hook up the FreeBSD 2.2 + Annex(V9.2). Immediate problems. Anything that speaks
> rfc 1323 has problems. (mostly Sun's and other FreeBSD machines it seems)
> 
> Why is this? Is there a technical reason for this that anyone knows about?

I thought we went through this.  RFC 1323 extension data streams have SYN 
packets with data in them, at the connection setup.  Annex OS v 9.x 
throws a fit when it sees a TCP packet with SYN set and actual data.  
Traditional TCP connections are setup using SYN/SYN-ACK packets with no 
data payload.

Does SCO support RFC 1323 TCP extensions?

Danny

From owner-freebsd-isp  Tue Feb  4 14:21:05 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA17629
          for isp-outgoing; Tue, 4 Feb 1997 14:21:05 -0800 (PST)
Received: from agora.rdrop.com (root@agora.rdrop.com [199.2.210.241])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id OAA17615
          for <isp@freebsd.org>; Tue, 4 Feb 1997 14:20:57 -0800 (PST)
Received: by agora.rdrop.com (Smail3.1.29.1 #17)
	id m0vrtER-0008xvC; Tue, 4 Feb 97 14:20 PST
Message-Id: <m0vrtER-0008xvC@agora.rdrop.com>
From: batie@agora.rdrop.com (Alan Batie)
Subject: Net connection guidelines
To: isp@freebsd.org
Date: Tue, 4 Feb 1997 14:20:51 -0800 (PST)
X-Mailer: ELM [version 2.4 PL24 ME8a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Recently, I saw a nice little summary of bandwidth guidelines, e.g. if
you're reselling T1's, you need one upstream T1 for every 4 downstream
T1's, plus something similar for end users (x 28.8's -> 56K, y 28.8's -> T1)
Of course, now that I've been asked about such metrics, I've lost the
reference.  Any ideas?  Thanks...
-- 
Alan Batie                   ______      It's not my fault!  It's some guy
batie@agora.rdrop.com        \    /      named "General Protection"!
+1 503 452-0960               \  /       --Ratbert
PGP FP: DE 3C 29 17 C0 49      \/        7A 27 40 A5 3C 37 4A DA 52 B9

It is my policy to avoid purchase of any products from companies which
use unrequested email advertisements or telephone solicitation.

From owner-freebsd-isp  Tue Feb  4 17:22:29 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA07083
          for isp-outgoing; Tue, 4 Feb 1997 17:22:29 -0800 (PST)
Received: from ns2.harborcom.net (root@ns2.harborcom.net [206.158.4.4])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA07073
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 17:22:26 -0800 (PST)
Received: from swoosh.dunn.org (swoosh.dunn.org [206.158.7.243])
          by ns2.harborcom.net (8.8.5/8.8.4) with SMTP
	  id UAA17583 for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 20:22:25 -0500 (EST)
Date: Tue, 4 Feb 1997 20:18:25 -0500 ()
From: Bradley Dunn <bradley@dunn.org>
To: freebsd-isp@freebsd.org
Subject: Tools in the War on Mail Loops
Message-ID: <Pine.WNT.3.95.970204201629.-435371C-100000@swoosh.dunn.org>
X-X-Sender: bradley@harborcom.net
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In light of the recent discussions on autoresponders and mail loops, maybe
some people will find this Internet Draft useful:

"Tools in the War on Mail Loops"
ftp://ds.internic.net/internet-drafts/draft-bernstein-mail-loops-war-02.txt


pbd


From owner-freebsd-isp  Tue Feb  4 20:50:09 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA00412
          for isp-outgoing; Tue, 4 Feb 1997 20:50:09 -0800 (PST)
Received: from databus.databus.com (databus.databus.com [198.186.154.34])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA00383;
          Tue, 4 Feb 1997 20:50:00 -0800 (PST)
From: Barney Wolff <barney@databus.com>
To: bsd <freebsd-questions@freebsd.org>, FreeBSD ISP <freebsd-isp@freebsd.org>
Date: Tue, 4 Feb 1997 23:45 EST
Subject: Re: annex+sco, no worries, fbsd, yes
Content-Type: text/plain
Message-ID: <32f811740.2bf3@databus.databus.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> Date: Wed, 5 Feb 1997 09:19:41 +1100 (EST)
> From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
> 
> I thought we went through this.  RFC 1323 extension data streams have SYN 
> packets with data in them, at the connection setup.  Annex OS v 9.x 
> throws a fit when it sees a TCP packet with SYN set and actual data.  
> Traditional TCP connections are setup using SYN/SYN-ACK packets with no 
> data payload.

Er, 1323 does not send data in the SYN seg, but some extra options in
every seg.  It's T/TCP that sends data in the SYN seg.  And it wasn't
the SYN seg that got lost.

Irix supports 1323, dunno about T/TCP, dunno about SCO.

Barney Wolff  <barney@databus.com>

From owner-freebsd-isp  Tue Feb  4 22:01:51 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id WAA06083
          for isp-outgoing; Tue, 4 Feb 1997 22:01:51 -0800 (PST)
Received: from pinky.junction.net (pinky.junction.net [199.166.227.12])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id VAA05817
          for <freebsd-isp@freebsd.org>; Tue, 4 Feb 1997 21:59:37 -0800 (PST)
Received: from sidhe.memra.com (sidhe.memra.com [199.166.227.105]) by pinky.junction.net (8.6.12/8.6.12) with ESMTP id VAA11076; Tue, 4 Feb 1997 21:45:48 -0800
Received: from localhost (michael@localhost) by sidhe.memra.com (8.6.12/8.6.12) with SMTP id VAA24840; Tue, 4 Feb 1997 21:41:01 -0800
Date: Tue, 4 Feb 1997 21:40:59 -0800 (PST)
From: Michael Dillon <michael@memra.com>
To: inet-access@earth.com
Subject: Press Release on IAHC Report 
Message-ID: <Pine.BSI.3.93.970204213918.22075I-100000@sidhe.memra.com>
Organization: Memra Software Inc. - Internet consulting
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

---------- Forwarded message ----------
Date: Tue, 04 Feb 1997 22:46:42 -0500
From: Don Heath <heath@linus.isoc.org>
To: iahc-discuss@iahc.org
Subject: Press Release on IAHC Report

Here's the press release announcing the IAHC report.  The report
will be out by midnight California time this evening.

Thank you for your valuable input, the debates, the insights, the
ideas, the humor, suggestions, criticisms, and your patience.

Now the work begins!

Don




            SEVEN NEW TOP LEVEL DOMAIN NAMES ARE ADDED FOR
        INTERNET ADDRESSES AND UP TO 28 NEW REGISTRARS PLANNED


             WASHINGTON, DC, February 4, 1997 -- The number of
names available to specify Internet locations, such as web sites
and email addresses, will increase and more firms will be allowed
to act as registrars for the names, under a plan announced today
by the International Ad Hoc Committee (IAHC).

             Internet users will have 7 new generic Top Level
Domains (gTLDs), in addition to the existing ones (.com, .net,
and .org), under which they may register Internet names, when
the plan is implemented.  The new gTLDs and the intended fields
of use are: 

     .firm     for businesses, or firms
     .store    for businesses offering goods to purchase
     .web      for entities emphasizing activities
               related to the WWW
     .arts     for entities emphasizing cultural and
               entertainment activities
     .rec      for entities emphasizing
               recreation/entertainment activities
     .info     for entities providing information
               services
     .nom      for those wishing individual or personal
               nomenclature

             In addition, up to 28 new registrars will be
established to grant registrations for second-level domain
names under the new gTLDs.  The new registrars will be selected
by lottery from applicants who fulfill specific requirements
established by the IAHC.  All the new gTLDs will be shared among
the new registrars, meaning that each registrar may effect registration
of second-level domain names under all the new gTLDs.  It is intended
that the three existing gTLDs (.com, .net, and .org) would also be
shared upon conclusion of the cooperative agreement between Network
Solutions, Inc. (NSI) and the United States National Science Foundation
(NSF), which allows NSI to act as the registrar for those gTLDs.

             The plan announced today is a result of efforts by
an international group named to resolve questions critical to the
current and future growth of the Internet.  The eleven-member
International Ad Hoc Committee, chaired by Donald M. Heath,
president and CEO of the Internet Society, received input from
individuals, organizations and government agencies from around
the world.

             To guide future registrar developments, an association
comprising all the registrars, the Council of Registrars (CORE), to
be established under Swiss law will create and enforce requirements
for registrar operations.  These requirements are spelled out in a
separate legal instrument to which each registrar must agree.

             The IAHC plan includes the establishment of a non-
regulatory policy framework in the form of a Memorandum of
Understanding (MoU) which both the public and private sector will
be invited to sign. The MoU will provide a mechanism for signatories
to advise on future policy evolution of the global Internet domain
name system.

             "I am pleased that the Secretary General of the
International Telecommunication Union (ITU) has agreed in principle
to act as the depository of the MoU and to periodically publish an
updated list of its signatories,"  Heath said in releasing the IAHC
report.  "The structure we have established for the operation and
oversight of domain name administration insures that we will have
stability and continuing input from a broad spectrum of organizations
and individuals."

             Heath pointed out that the IAHC will continue to
function for the period until the new registrars are named and the
MoU has entered into force.  At that time, the IAHC will change to
act as the committee to conduct oversight of CORE until a permanent
gTLD DNS Policy Oversight Committee (POC) is established to perform
that function.  The POC will determine, in consultation with CORE
and a gTLD DNS Policy Advisory Body (PAB), the evolution of gTLDs,
registrars, and any fees that CORE may collect from its members,
the registrars, for services it may perform.

             The POC and CORE will be advised by the gTLD DNS
Policy Advisory Body (PAB) that will consist of all of the
signatories to the MoU and will provide input and recommendations
for general policy matters relating to gTLDs and the Domain Name
System (DNS).  Signatories will include representatives from
governments, independent governmental organizations, non-government
organizations, and industry.

             An earlier draft proposal by the IAHC had recommended
a mandatory 60 day waiting period before activation of new domain
names, in order to alleviate what is considered to be a major
source of instability in the DNS, namely widespread piracy of
famous trademarks by certain domain name holders.  In the final
report, that recommendation has been replaced by a more comprehensive
solution that addresses the needs of all classes of stakeholders.  In
addition to making the 60 day waiting period optional for registrants,
the final report institutes a system for dispute settlement involving
on-line mediation, mandatory arbitration (if a domain name challenger
chooses to initiate arbitration), and a fast-track on-line
administrative domain name challenge procedure.

             The administrative domain name challenge procedure
would be conducted on-line, and would allow an intellectual
property right holder to petition a panel of international
experts to determine if a second-level domain name violates the
policy that a domain name which contains an internationally known
trademark may only be held by the trademark owner.  The dispute
settlement procedures would be administered under the aegis of the
World Intellectual Property Organization Arbitration and Mediation
Center, located in Geneva.

             "During the public comment period, we received over
4000 submissions from the interested public, including 100
submissions from organizations around the world and we are very
pleased with the acceptance and broad consensus that we have
achieved in this process," Heath stated.  "To attain its fullest
potential, the Internet requires true self-governance.  The
Internet Society's role is to facilitate that requirement," he
added.

             The IAHC is a coalition of participants from the
broad Internet community, working to satisfy the requirement for
enhancements to the Internet's global Domain Name System (DNS).
Organizations naming members to the committee include: Internet
Society (ISOC), Internet Assigned Numbers Authority (IANA), Internet
Architecture Board (IAB), Federal Networking Council (FNC),
International Telecommunication Union (ITU), International
Trademark Association (INTA), and World Intellectual Property
Organization (WIPO).  The full text of the IAHC report is being
published at the Internet site: http://www.iahc.org.

                       # # # # # # # # # 

Internet Society
12020 Sunrise Valley Drive
Reston, VA  20191-3429
TEL 703-648-9888
FAX 703-648-9887
E-mail info@isoc.org
http://www.isoc.org
http://www.iahc.org








From owner-freebsd-isp  Wed Feb  5 03:03:27 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id DAA07247
          for isp-outgoing; Wed, 5 Feb 1997 03:03:27 -0800 (PST)
Received: from marlin.com.br (blue.marlin.com.br [200.255.107.33])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id DAA07235
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 03:03:17 -0800 (PST)
Received: by marlin.com.br (8.6.12/SMI-4.1)
	id JAA01169; Wed, 5 Feb 1997 09:00:35 -0200
Date: Wed, 5 Feb 1997 09:00:35 -0200 (EDT)
From: "Alexsandro D. F. Correia" <acorreia@marlin.com.br>
To: Mike Tancsa <mike@sentex.net>
cc: freebsd-isp@freebsd.org
Subject: Re: Radius 2.0 and FreeBSD.
In-Reply-To: <3.0.32.19970204104918.009d38e0@sentex.net>
Message-ID: <Pine.BSF.3.91.970205084150.806A-100000@blue.marlin.com.br>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi Mike,

	I'm using gcc 2.6, and FreeBSD 2.1.0 as you know.
 That's the problem when i try to compile Radius 2.0 on FreeBSD 2.1.0 :

bash# make
gcc -c -O -I../radius/src -DNOSHADOW -DNDBM ../radius/src/dict.c -o dict.o
In file included from ../radius/src/radius.h:37,
                 from ../radius/src/dict.c:41:
../radius/src/conf.h:54: conflicting types for `sys_errlist'
/usr/include/stdio.h:244: previous declaration of `sys_errlist'
*** Error code 1

Stop.

Thanx in advance !

Alexsandro


On Tue, 4 Feb 1997, Mike Tancsa wrote:

> At 08:57 AM 2/04/97 -0200, Alexsandro D. F. Correia wrote:
> >
> >Hi Mike,
> >
> >	I tried to compile Radius 2.0 as you said below, but it didn't work.
> >	I use FreeBSD 2.1.0 here and did the changes exactly like you said.
> >	Could you send me the changed Sources ?
> >
> >	Thanx in advance.
> 
> Hi,
> 	I would be happy to, but Livingston explicitly states that you are not
> allowed to distribute the source code publically, and I would like the
> respect that.   I did however, go and try a clean copy of the source code
> and made the exact modifications that I described and it worked.  Perhaps
> 2.1.0 is different enough that it wont compile?  Do you not have a more
> uptodate distribution that you can try and build it with?  What about gcc ?
>  What errors do you get when you build it?
> 
> 
> 	---Mike
> 

+-------------------------------------------------------------+
     Alexsandro Correia		E-mail: acorreia@marlin.com.br
 Analista de Suporte Internet   Tel : +55 21 224-9950
				      +55 21 253-2971
+-------------------------------------------------------------+
 Marlin Internet		http://www.marlin.com.br
 Rua 7 de Setembro 48/13 Andar  Tel: +55 21 224-9950
 Centro - Rio de Janeiro	Fax: +55 21 223-427
 RJ - Brasil
+-------------------------------------------------------------+


From owner-freebsd-isp  Wed Feb  5 03:43:01 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id DAA08875
          for isp-outgoing; Wed, 5 Feb 1997 03:43:01 -0800 (PST)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id DAA08864
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 03:42:29 -0800 (PST)
Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id WAA07573; Wed, 5 Feb 1997 22:42:26 +1100 (EST)
Date: Wed, 5 Feb 1997 22:42:25 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: "Alexsandro D. F. Correia" <acorreia@marlin.com.br>
cc: Mike Tancsa <mike@sentex.net>, freebsd-isp@freebsd.org
Subject: Re: Radius 2.0 and FreeBSD.
In-Reply-To: <Pine.BSF.3.91.970205084150.806A-100000@blue.marlin.com.br>
Message-ID: <Pine.BSF.3.91.970205224040.822M-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Wed, 5 Feb 1997, Alexsandro D. F. Correia wrote:

> Hi Mike,
> 
> 	I'm using gcc 2.6, and FreeBSD 2.1.0 as you know.
>  That's the problem when i try to compile Radius 2.0 on FreeBSD 2.1.0 :
> 
> bash# make
> gcc -c -O -I../radius/src -DNOSHADOW -DNDBM ../radius/src/dict.c -o dict.o
> In file included from ../radius/src/radius.h:37,
>                  from ../radius/src/dict.c:41:
> ../radius/src/conf.h:54: conflicting types for `sys_errlist'
> /usr/include/stdio.h:244: previous declaration of `sys_errlist'
> *** Error code 1

Edit ../radius/src/conf.h at line 54 and place
#ifndef (__FreeBSD__)
...
#endif

around the syserrlist definition.

Danny 

From owner-freebsd-isp  Wed Feb  5 06:02:19 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id GAA15949
          for isp-outgoing; Wed, 5 Feb 1997 06:02:19 -0800 (PST)
Received: from nero.in-design.com (root@nero.in-design.com [204.157.146.146])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id GAA15941
          for <isp@freebsd.org>; Wed, 5 Feb 1997 06:02:15 -0800 (PST)
Received: from nero.in-design.com (info@localhost [127.0.0.1]) by nero.in-design.com (8.7.5/8.7.3) with SMTP id JAA03533 for <isp@freebsd.org>; Wed, 5 Feb 1997 09:02:33 -0500 (EST)
Date: Wed, 5 Feb 1997 09:02:33 -0500 (EST)
From: Intuitive Design Info <info@in-design.com>
To: isp@freebsd.org
Subject: senmail vs. qmail
Message-ID: <Pine.BSF.3.91.970205090118.3521A-100000@nero.in-design.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Sendmail holes are endless.
is there anyway to have qmail to do virtual emails?
if yes, how have others found it's stability, etc?

Thanks
Tamer Ziady

From owner-freebsd-isp  Wed Feb  5 07:28:07 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id HAA12036
          for isp-outgoing; Wed, 5 Feb 1997 07:28:07 -0800 (PST)
Received: from irvine.americasnet.com (ricardo@irvine.americasnet.com [208.145.128.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id HAA11946
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 07:28:03 -0800 (PST)
Received: from localhost (ricardo@localhost) by irvine.americasnet.com (8.8.5/8.7.3) with SMTP id HAA01161 for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 07:29:21 -0800
Date: Wed, 5 Feb 1997 07:29:21 -0800 (PST)
From: Ricardo Kleemann <ricardo@americasnet.com>
To: FreeBSD ISP list <freebsd-isp@freebsd.org>
Subject: hacking - help
Message-ID: <Pine.LNX.3.95.970205072232.1101A-100000@irvine.americasnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Hi,

Today I noticed someone was logged into my freebsd machine, as user ftp.
I immediately killed the shell and saw that soon he was back in.

I then just made sure ftp had no shell, in hopes he wont be able to get
in.

But, the real question is, what hole must I plug to prevent this? Is there
a known hole where someone can log in as ftp and gain root access?

Thank God, it seems no damage was done (I hope! I haven't noticed anything
other than wtmp was erased).

Also, does freebsd support host.allow and host.deny? I didn't see those
files in /etc and there was no man page

Thanks for any help!
Ricardo


From owner-freebsd-isp  Wed Feb  5 08:09:17 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA18878
          for isp-outgoing; Wed, 5 Feb 1997 08:09:17 -0800 (PST)
Received: from nwpros.com (root@nwpros.com [205.229.128.214])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA18645
          for <freebsd-isp@FreeBSD.ORG>; Wed, 5 Feb 1997 08:09:03 -0800 (PST)
Received: (from freebsd@localhost)
          by nwpros.com (8.8.4/8.8.4)
	  id KAA14434; Wed, 5 Feb 1997 10:11:04 GMT
Date: Wed, 5 Feb 1997 10:11:04 +0000 ()
From: "FreeBSD 2.2-BETA" <freebsd@nwpros.com>
To: Ricardo Kleemann <ricardo@americasnet.com>
cc: FreeBSD ISP list <freebsd-isp@FreeBSD.ORG>
Subject: Re: hacking - help
In-Reply-To: <Pine.LNX.3.95.970205072232.1101A-100000@irvine.americasnet.com>
Message-ID: <Pine.BSF.3.91.970205100920.14424B-100000@nwpros.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, Ricardo Kleemann wrote:
> 
> But, the real question is, what hole must I plug to prevent this? Is there
> a known hole where someone can log in as ftp and gain root access?
> 
> Also, does freebsd support host.allow and host.deny? I didn't see those
> files in /etc and there was no man page
> 
Do not allow anonymous FTP. That solves the problem of them logging in 
like that.  As for the hosts, yes it does.  Try 
feeding.frenzy.com...it very succesfully uses it (well at least 
against my efforts :P).

Sam

From owner-freebsd-isp  Wed Feb  5 08:13:55 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA26545
          for isp-outgoing; Wed, 5 Feb 1997 08:13:55 -0800 (PST)
Received: from gate-e10.syd.aussie.net (gate-e11.syd.aussie.net [203.30.4.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA26448
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 08:13:51 -0800 (PST)
Received: from zappa (andrew@zappa.aussie.net [203.17.14.69]) by gate-e10.syd.aussie.net (8.7.6/8.7.3) with SMTP id DAA18765 for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 03:13:43 +1100 (EST)
Message-Id: <3.0.1.32.19970206031354.0095b2e0@pop.aussie.net>
X-Sender: andrewk@pop.aussie.net
X-Mailer: Windows Eudora Light Version 3.0.1 beta 12 (32)
Date: Thu, 06 Feb 1997 03:13:54 +1100
To: freebsd-isp@freebsd.org
From: andrew khoo <andrew@aussie.net>
Subject: Re: hacking - help
In-Reply-To: <Pine.LNX.3.95.970205072232.1101A-100000@irvine.americasnet
 .com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

At 07:29 05/02/97 -0800, Ricardo Kleemann <ricardo@americasnet.com> wrote:

>Also, does freebsd support host.allow and host.deny? I didn't see those
>files in /etc and there was no man page

install tcp wrappers.

that's the inherent problem with some other eunices in that they install
optional components which the users then presume to be "standard" across
the board.






------------------------------------------------------------------------
 Andrew Khoo         |   aussie.net Pty Ltd    |   Voice: 1-300-30-4NET
 Net Facilitator     |   P O Box 333 Zetland   |   Fax: +61-2-9310-3362
 andrew@aussie.net   |   NSW 2017 AUSTRALIA    |   GSM: +61-41-616-1234
------------------------------------------------------------------------
 Providing premium connectivity services to ISPs in SYD, BNE, ADL & MEL
 >> If you are an ISP in BNE/MEL, email us to participate in our NAP <<

anyone doing anything special for NANOG? aussies going to NANOG pls email

From owner-freebsd-isp  Wed Feb  5 08:31:17 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA10105
          for isp-outgoing; Wed, 5 Feb 1997 08:31:17 -0800 (PST)
Received: from msn.globaldialog.com (root@msn.globaldialog.com [156.46.122.10])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA09966
          for <freebsd-isp@FreeBSD.ORG>; Wed, 5 Feb 1997 08:31:10 -0800 (PST)
Received: from br05 (br05.bentreality.com [156.46.122.253]) by msn.globaldialog.com (8.8.5/8.6.12) with SMTP id KAA06661 for <freebsd-isp@FreeBSD.ORG>; Wed, 5 Feb 1997 10:31:06 -0600 (CST)
Date: Wed, 5 Feb 1997 10:31:06 -0600 (CST)
Message-Id: <199702051631.KAA06661@msn.globaldialog.com>
X-Sender: jwenger@globaldialog.com
X-EUDORA-DEMO: NOT FOR RESALE - 90 DAY DEMONSTRATION COPY
X-Mailer: Windows Eudora Pro Version 2.1.2
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
To: FreeBSD ISP list <freebsd-isp@FreeBSD.ORG>
From: Jack Wenger <info@bentreality.com>
Subject: OFF:Upgrading OS
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Sorry for the off-topic post. :) I'm trying to find docs about upgrading
from 2.6 to 2.2. I know 2.2 is beta, but I need the Linux emulation. Is
there a safe way to do this without hosing my server?
Thanx...
|~~~~~~~~~~~~~~~~~~~~~'-*<oO^Oo>*-'~~~~~~~~~~~~~~~~~~~~~~~|	
| Jack Wenger, Owner                Bent Reality Graphics |
| info@bentreality.com      ^  http://www.bentreality.com |
|            "Consider it evolution in action"            |
|                     608-233-9571                        |
 ~~~~~~~~~~~~~~~~~~~~~'-*<oO*Oo>*-'~~~~~~~~~~~~~~~~~~~~~~~


From owner-freebsd-isp  Wed Feb  5 09:34:46 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id JAA29319
          for isp-outgoing; Wed, 5 Feb 1997 09:34:46 -0800 (PST)
Received: from smokey.prismnet.com (root@smokey.prismnet.com [205.166.246.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id JAA29279
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 09:34:43 -0800 (PST)
Received: (from greg@localhost) by smokey.prismnet.com (8.8.4/8.6.12) id LAA16629; Wed, 5 Feb 1997 11:45:44 -0600 (CST)
From: Greg Stringfellow <greg@smokey.prismnet.com>
Message-Id: <199702051745.LAA16629@smokey.prismnet.com>
Subject: Re: hacking - help
In-Reply-To: <Pine.BSF.3.91.970205100920.14424B-100000@nwpros.com> from "FreeBSD 2.2-BETA" at "Feb 5, 97 10:11:04 am"
To: freebsd@nwpros.com (FreeBSD 2.2-BETA)
Date: Wed, 5 Feb 1997 11:45:44 -0600 (CST)
Cc: freebsd-isp@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL30 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

FreeBSD 2.2-BETA said:
> On Wed, 5 Feb 1997, Ricardo Kleemann wrote:
> > 
> > But, the real question is, what hole must I plug to prevent this? Is there
> > a known hole where someone can log in as ftp and gain root access?
> > 
> > Also, does freebsd support host.allow and host.deny? I didn't see those
> > files in /etc and there was no man page
> > 
> Do not allow anonymous FTP. That solves the problem of them logging in 
> like that.  As for the hosts, yes it does.  Try 
> feeding.frenzy.com...it very succesfully uses it (well at least 
> against my efforts :P).

>From what is being described here, someone is trying to telnet in as the FTP
user. You could disallow anonymous FTP access, but if you need it there is a
way to patch the hole.

Just make sure than something like /nonexistent is the shell for the user
"ftp". That way, they cannot log in. Also, make sure that in your
master.passwd file you have an asterisk where their encrypted password
should be. Use "vipw" to edit your master.passwd file. I use both of these
methods and I run wuftpd.

For an even better anonymous FTP server use WUFTPD which is in the ports
directory. 

FreeBSD does not support the hosts.allow or hosts.deny out of the box. You
have to instal TCP Wrappers which, I believe, is also in the ports directory. 

Greg

-- 
    Greg Stringfellow	     	           PrismNet, Inc.	
  Network Administration	WWW Pages, ISDN, Telnet, Dialup Accounts
					Phone: (512)-418-1568

       "I used up all my sick days...so I'm calling in dead"

From owner-freebsd-isp  Wed Feb  5 11:14:02 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA02979
          for isp-outgoing; Wed, 5 Feb 1997 11:14:02 -0800 (PST)
Received: from mail.fasts.com (qmailr@server.fasts.com [199.125.215.66])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id LAA02973
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 11:13:48 -0800 (PST)
Received: (qmail 2263 invoked from network); 5 Feb 1997 21:13:12 -0000
Received: from unknown (HELO cabby.fasts.com) (unknown)
  by unknown with SMTP; 5 Feb 1997 21:13:12 -0000
Message-ID: <32F8DBF2.16A5@fasts.com>
Date: Wed, 05 Feb 1997 21:13:54 +0200
From: Victor Rotanov <vitjok@fasts.com>
X-Sender: Victor Rotanov <vitjok@fasts.com>
X-Mailer: Mozilla 4.0b1 (Win95; I)
MIME-Version: 1.0
To: freebsd-isp@freebsd.org
Subject: DirecPC, etc...
X-Priority: Normal
Content-Type: multipart/alternative; boundary="----------1D46E8116771"
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


------------1D46E8116771
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii

 Hi.

What asymmetrical satellite connection do you recommend?
Does DirecPC work with FreeBSD?

Thanks, bye.


------------1D46E8116771
Content-Transfer-Encoding: 7bit
Content-Type: text/html; charset=us-ascii

<HTML><BODY>

<DT>&nbsp;Hi.</DT>

<DT>&nbsp;</DT>

<DT>What asymmetrical satellite connection do you recommend?</DT>

<DT>Does DirecPC&nbsp;work with FreeBSD?</DT>

<DT>&nbsp;</DT>

<DT>Thanks, bye.</DT>

<DT>&nbsp;</DT>

</BODY>
</HTML>
------------1D46E8116771--


From owner-freebsd-isp  Wed Feb  5 12:43:25 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA10306
          for isp-outgoing; Wed, 5 Feb 1997 12:43:25 -0800 (PST)
Received: from mail.intercenter.net ([207.211.128.20])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id MAA10286
          for <isp@freebsd.org>; Wed, 5 Feb 1997 12:43:10 -0800 (PST)
Received: (qmail 24487 invoked from network); 5 Feb 1997 20:43:04 -0000
Received: from bigboy.intercenter.net (207.211.128.17)
  by mir.intercenter.net with SMTP; 5 Feb 1997 20:43:04 -0000
Date: Wed, 5 Feb 1997 15:43:03 -0500 (EST)
From: Ron Bickers <rbickers@intercenter.net>
To: Intuitive Design Info <info@in-design.com>
cc: isp@freebsd.org
Subject: Re: senmail vs. qmail
In-Reply-To: <Pine.BSF.3.91.970205090118.3521A-100000@nero.in-design.com>
Message-ID: <Pine.NEB.3.95.970205153846.8266A-100000@bigboy.intercenter.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, Intuitive Design Info wrote:

> Sendmail holes are endless.
> is there anyway to have qmail to do virtual emails?
> if yes, how have others found it's stability, etc?

I've been running qmail on FreeBSD and BSDI for many months now and have
had zero stability problems.

I'm using the qmsmac package for virtual domain email and once you get use
to the differences (and they are significant) qmail is a piece of cake to
maintain.

Ron



From owner-freebsd-isp  Wed Feb  5 20:26:25 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA04674
          for isp-outgoing; Wed, 5 Feb 1997 20:26:25 -0800 (PST)
Received: from nero.in-design.com (root@nero.in-design.com [204.157.146.146])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA04668
          for <isp@freebsd.org>; Wed, 5 Feb 1997 20:26:21 -0800 (PST)
Received: from nero.in-design.com (info@localhost [127.0.0.1]) by nero.in-design.com (8.7.5/8.7.3) with SMTP id XAA06618; Wed, 5 Feb 1997 23:26:39 -0500 (EST)
Date: Wed, 5 Feb 1997 23:26:39 -0500 (EST)
From: Intuitive Design Info <info@in-design.com>
To: Ron Bickers <rbickers@intercenter.net>
cc: isp@freebsd.org
Subject: Re: senmail vs. qmail
In-Reply-To: <Pine.NEB.3.95.970205153846.8266A-100000@bigboy.intercenter.net>
Message-ID: <Pine.BSF.3.91.970205232546.6612A-100000@nero.in-design.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, Ron Bickers wrote:

> Date: Wed, 5 Feb 1997 15:43:03 -0500 (EST)
> From: Ron Bickers <rbickers@intercenter.net>
> To: Intuitive Design Info <info@in-design.com>
> Cc: isp@freebsd.org
> Subject: Re: senmail vs. qmail
> 
> On Wed, 5 Feb 1997, Intuitive Design Info wrote:
> 
> > Sendmail holes are endless.
> > is there anyway to have qmail to do virtual emails?
> > if yes, how have others found it's stability, etc?
> 
> I've been running qmail on FreeBSD and BSDI for many months now and have
> had zero stability problems.
> 
> I'm using the qmsmac package for virtual domain email and once you get use
> to the differences (and they are significant) qmail is a piece of cake to
> maintain.


	I looked on cdrom, and I couldn't find either package.  Could you 
give me a location where I could find both by any chance.

	Thanks
		Tamer Ziady

From owner-freebsd-isp  Wed Feb  5 21:10:07 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA08231
          for isp-outgoing; Wed, 5 Feb 1997 21:10:07 -0800 (PST)
Received: from trogon.kiwi.net (trogon.kiwi.net [207.155.64.2])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA08180
          for <freebsd-isp@FreeBSD.ORG>; Wed, 5 Feb 1997 21:09:57 -0800 (PST)
Received: from localhost (freebsd@localhost)
	by trogon.kiwi.net (8.8.5/8.8.5) with SMTP id VAA13344;
	Wed, 5 Feb 1997 21:19:30 -0800 (PST)
Date: Wed, 5 Feb 1997 21:19:30 -0800 (PST)
From: "Christopher H. Taylor" <freebsd@trogon.kiwi.net>
To: "FreeBSD 2.2-BETA" <freebsd@nwpros.com>
cc: Ricardo Kleemann <ricardo@americasnet.com>,
        FreeBSD ISP list <freebsd-isp@FreeBSD.ORG>
Subject: Re: hacking - help
In-Reply-To: <Pine.BSF.3.91.970205100920.14424B-100000@nwpros.com>
Message-ID: <Pine.NEB.3.95.970205211820.13315B-100000@trogon.kiwi.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, FreeBSD 2.2-BETA wrote:

> Do not allow anonymous FTP. That solves the problem of them logging in 
> like that.  As for the hosts, yes it does.  Try 
> feeding.frenzy.com...it very succesfully uses it (well at least 
> against my efforts :P).

How would I echo a message to the screen when someone who is in host.deny,
tries to telnet into my box. Similar to feeding.frenzy.com's. TIA

				--------
Christopher Taylor	 Kiwi Internet Services		Best Rates Around!	
ctaylor@kiwi.net	  Phone: 909-274-7800!		$12.95/mo FLAT PPP!
BBS: SUCCESSBBS.COM    Visit: Http://Www.Kiwi.Net	Web Services!

    PGP Fingerprint:  0D 47 98 16 74 DC 3D 7E  1E 6E 6C 2B D9 A5 C7 1B
	      Finger 'ctaylor@kiwi.net' for Public Keyring!



From owner-freebsd-isp  Wed Feb  5 22:02:04 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id WAA14402
          for isp-outgoing; Wed, 5 Feb 1997 22:02:04 -0800 (PST)
Received: from absinthe.i3inc.com (Absinthe.stonos.washington.dc.us [206.27.237.33])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA14288
          for <freebsd-isp@freebsd.org>; Wed, 5 Feb 1997 22:01:44 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by absinthe.i3inc.com (8.7.2/8.7.2) with SMTP id AAA14627; Thu, 6 Feb 1997 00:59:30 -0500 (EST)
Message-Id: <199702060559.AAA14627@absinthe.i3inc.com>
X-Authentication-Warning: absinthe.i3inc.com: Host localhost [127.0.0.1] didn't use HELO protocol
To: freebsd@trogon.kiwi.net
Cc: freebsd@nwpros.com, ricardo@americasnet.com, freebsd-isp@freebsd.org
Subject: Re: hacking - help
In-Reply-To: Your message of "Wed, 5 Feb 1997 21:19:30 -0800 (PST)"
References: <Pine.NEB.3.95.970205211820.13315B-100000@trogon.kiwi.net>
X-Mailer: Mew version 1.03 on Emacs 19.34.1
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Date: Thu, 06 Feb 1997 00:59:29 -0500
From: Chris Shenton <chris@absinthe.i3inc.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997 21:19:30 -0800 (PST)
"Christopher H. Taylor" <freebsd@trogon.kiwi.net> wrote:

freebsd> How would I echo a message to the screen when someone who is
freebsd> in host.deny, tries to telnet into my box. 

I use tcp wrappers, and have failures send email to the alias
"security", which goes to our sysadms. Here's my
/usr/local/etc/hosts.deny; it captures all the variables tcpd knows --
probably overkill, but helps when the user and host name cannot be
determined:



# Deny everyone, unless they're explicitly allowed.

# Don't reverse finger on an incoming finger: avoid finger-wars.

fingerd: ALL

# Let the security geeks know about all other probes!

ALL: ALL: /usr/local/etc/safe_finger -l @%h | /usr/sbin/Mail -s "TCP_Wrapper Al
ert: `/usr/bsd/hostname` %s attacked by %u@%n [%a] (a=%a, A=%A, c=%c, d=%d, h=%
h, H=%H, n=%n, N=%N, p=%p, s=%s, u=%u)"  security@it



This one runs on an SGI, so the paths will be different than
FreeBSD. But all you should have to do is change them to where the
binaries run on your system...

Oh, here's one I do have running on a FreeBSD system. It must have
been pre-installed when I build the tcpd port -- which builds it
slightly differently than I do on other operating systems I use:

ftpd:   ALL
ALL:    ALL:    spawn (/usr/local/bin/safe_finger -l @%h | /usr/bin/Mail root) &

It's doing essentially the same thing.

From owner-freebsd-isp  Thu Feb  6 05:24:51 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id FAA02798
          for isp-outgoing; Thu, 6 Feb 1997 05:24:51 -0800 (PST)
Received: from mail.intercenter.net ([207.211.128.20])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id FAA02788
          for <isp@freebsd.org>; Thu, 6 Feb 1997 05:24:46 -0800 (PST)
Received: (qmail 20818 invoked from network); 6 Feb 1997 13:24:40 -0000
Received: from bigboy.intercenter.net (207.211.128.17)
  by mir.intercenter.net with SMTP; 6 Feb 1997 13:24:40 -0000
Date: Thu, 6 Feb 1997 08:24:40 -0500 (EST)
From: Ron Bickers <rbickers@intercenter.net>
To: Intuitive Design Info <info@in-design.com>
cc: isp@freebsd.org
Subject: Re: senmail vs. qmail
In-Reply-To: <Pine.BSF.3.91.970205232546.6612A-100000@nero.in-design.com>
Message-ID: <Pine.NEB.3.95.970206082251.9203A-100000@bigboy.intercenter.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, Intuitive Design Info wrote:

> > I've been running qmail on FreeBSD and BSDI for many months now and have
> > had zero stability problems.
> > 
> > I'm using the qmsmac package for virtual domain email and once you get use
> > to the differences (and they are significant) qmail is a piece of cake to
> > maintain.
>
> 	I looked on cdrom, and I couldn't find either package.  Could you 
> give me a location where I could find both by any chance.

Both are available at ftp.qmail.org/pub/software

Ron


From owner-freebsd-isp  Thu Feb  6 10:06:41 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id KAA19479
          for isp-outgoing; Thu, 6 Feb 1997 10:06:41 -0800 (PST)
Received: from buffnet4.buffnet.net (root@buffnet4.buffnet.net [205.246.19.13])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id KAA19474
          for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 10:06:37 -0800 (PST)
Received: from buffnet1.buffnet.net (mmdf@buffnet1.buffnet.net [205.246.19.10]) by buffnet4.buffnet.net (8.6.12/8.6.9) with SMTP id NAA02072 for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 13:08:34 -0500
Received: from buffnet7.buffnet.net by buffnet1.buffnet.net id aa21538;
          6 Feb 97 13:06 EST
Date: Thu, 6 Feb 1997 13:06:17 -0500 (EST)
From: Stephen Hovey <shovey@buffnet.net>
To: freebsd-isp@freebsd.org
Subject: modem connect speeds.
Message-ID: <Pine.BSI.3.95.970206130531.25606A-100000@buffnet7.buffnet.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Anyone have any favorite configs for the fastest connection over analog
lines on the following brands:

	USR courier
	hayes optima
	zoom




From owner-freebsd-isp  Thu Feb  6 11:14:08 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA22948
          for isp-outgoing; Thu, 6 Feb 1997 11:14:08 -0800 (PST)
Received: from news.interworld.net (news.interworld.net [206.124.224.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA22940;
          Thu, 6 Feb 1997 11:14:04 -0800 (PST)
Received: (from pete@localhost) by news.interworld.net (8.7.5/8.7.3) id LAA26773; Thu, 6 Feb 1997 11:14:03 -0800 (PST)
From: Peter Carah <pete@news.interworld.net>
Message-Id: <199702061914.LAA26773@news.interworld.net>
Subject: ENOBUF and netstat -m
To: questions@freebsd.org, isp@freebsd.org
Date: Thu, 6 Feb 1997 11:14:02 -0800 (PST)
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I'm persistently getting ENOBUF on the news machine, usually from
ctlinnd.  I haven't yet upgraded to 1.5.1; we're running unoff4.
netstat -m always has a comfortable number of clusters and also
always reports 0 requests delayed or denied.  This seems inconsistent :-)

A 1.5.1 upgrade is due today; it is a bit complicated by the change
to the file layout :-(

(this started when we added a feed that tends to open 6 streams at
a time; it apparently has to do with thenumber of sockets open
at once.  INND is indeed behind reading from the streams but since 
netstat -m always reports lots of free memory I can't figure out where 
the particular ENOBUF is coming from - there are about a hundred
occurences of this error in a quick grep of the kernel source.)

Is there a kernel tweak other than the listen count and nmbclusters 
that may apply here?  Both of those have been increased greatly.

Also, is active file mmap safe to use in 2.1.5 or do I need to use 
'read'?  I got burned once (in irix 4.0.5) where the innd config said 
to use mmap but innd cored a lot until I converted back to read.
This isn't happening here but innd is grossly behind, at only 1-2
articles/sec.

Thanks in advance,
-- Pete

From owner-freebsd-isp  Thu Feb  6 13:43:06 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id NAA08157
          for isp-outgoing; Thu, 6 Feb 1997 13:43:06 -0800 (PST)
Received: from www.trifecta.com (www.trifecta.com [206.245.150.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id NAA08120
          for <freebsd-isp@FreeBSD.ORG>; Thu, 6 Feb 1997 13:42:56 -0800 (PST)
Received: (from dev@localhost) by www.trifecta.com (8.7.5/8.6.12) id QAA18107; Thu, 6 Feb 1997 16:43:25 -0500 (EST)
Date: Thu, 6 Feb 1997 16:43:25 -0500 (EST)
From: Dev Chanchani <dev@trifecta.com>
To: Ricardo Kleemann <ricardo@americasnet.com>
cc: FreeBSD ISP list <freebsd-isp@FreeBSD.ORG>
Subject: Re: hacking - help
In-Reply-To: <Pine.LNX.3.95.970205072232.1101A-100000@irvine.americasnet.com>
Message-ID: <Pine.BSF.3.91.970206164208.18062B@www.trifecta.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

Ricardo,

Make sure your shell for the ftp users is set to something like 
/bin/date, etc so they cannot login to the account.

Also, make sure the ftp home directory is not writtable. Other than that, 
look for ftpd.core files (perhaps a buffer overflow in ftp allowing a 
user to get a shell through ftp)?

Did you notice any other details?

Regards,
Dev Chanchani
Trifecta Interactive

On Wed, 5 Feb 1997, Ricardo Kleemann wrote:

> Hi,
> 
> Today I noticed someone was logged into my freebsd machine, as user ftp.
> I immediately killed the shell and saw that soon he was back in.
> 
> I then just made sure ftp had no shell, in hopes he wont be able to get
> in.
> 
> But, the real question is, what hole must I plug to prevent this? Is there
> a known hole where someone can log in as ftp and gain root access?
> 
> Thank God, it seems no damage was done (I hope! I haven't noticed anything
> other than wtmp was erased).
> 
> Also, does freebsd support host.allow and host.deny? I didn't see those
> files in /etc and there was no man page
> 
> Thanks for any help!
> Ricardo
> 

From owner-freebsd-isp  Thu Feb  6 19:15:32 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA26638
          for isp-outgoing; Thu, 6 Feb 1997 19:15:32 -0800 (PST)
Received: from who.cdrom.com (who.cdrom.com [204.216.27.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA26603
          for <freebsd-isp@FreeBSD.ORG>; Thu, 6 Feb 1997 19:15:27 -0800 (PST)
Received: from al.imforei.apana.org.au (al.imforei.apana.org.au [202.12.89.41])
          by who.cdrom.com (8.7.5/8.6.11) with ESMTP id SAA19883
          for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 18:38:57 -0800 (PST)
Received: (from pjchilds@localhost) by al.imforei.apana.org.au (beBop) id MAA15689; Fri, 7 Feb 1997 12:41:48 +1030 (CST)
Date: Fri, 7 Feb 1997 12:41:48 +1030 (CST)
From: Peter Childs <pjchilds@imforei.apana.org.au>
Message-Id: <199702070211.MAA15689@al.imforei.apana.org.au>
To: ulf@Alameda.net, freebsd-isp@FreeBSD.ORG
Subject: Re: virtual domain ftpd with access control ?
X-Newsreader: TIN [UNIX 1.3 unoff BETA release 961020]
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

In article <5cm1dq$o7a$1@al.imforei.apana.org.au> you wrote:

: Hello.

 Gday!

: Does anyone has a ftpd, where you can set the access control for
: each virtual domain ? Like allowing anonymous, or not ?

 Yes.  Its called "wu-ftpd" and its found in the ports collection.
 It is very flexible and allows different access groups, login restrictions,
 virtual domaining etc..

 Regards,
   Peter

-- 
 Peter Childs  ---  http://www.imforei.apana.org.au/~pjchilds
  Finger pjchilds@al.imforei.apana.org.au for public PGP key
         Drag me, drop me, treat me like an object!

From owner-freebsd-isp  Thu Feb  6 19:42:56 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA28885
          for isp-outgoing; Thu, 6 Feb 1997 19:42:56 -0800 (PST)
Received: from DNS.Lamb.net (root@DNS.Lamb.net [207.90.181.1])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA28880
          for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 19:42:54 -0800 (PST)
Received: from bitch.Melmac.org (ulf@Bitch.Melmac.org [207.90.181.42]) by DNS.Lamb.net (8.8.5/20.74.3.14) with ESMTP id TAA14537; Thu, 6 Feb 1997 19:42:58 -0800 (PST)
Received: (from ulf@localhost) by bitch.Melmac.org (8.8.5/8.7.6) id TAA22167; Thu, 6 Feb 1997 19:42:51 -0800 (PST)
From: Ulf Zimmermann <ulf@Alameda.net>
Message-Id: <199702070342.TAA22167@bitch.Melmac.org>
Subject: Re: virtual domain ftpd with access control ?
In-Reply-To: <199702070211.MAA15689@al.imforei.apana.org.au> from Peter Childs at "Feb 7, 97 12:41:48 pm"
To: pjchilds@imforei.apana.org.au (Peter Childs)
Date: Thu, 6 Feb 1997 19:42:51 -0800 (PST)
Cc: ulf@Alameda.net, freebsd-isp@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL30 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> In article <5cm1dq$o7a$1@al.imforei.apana.org.au> you wrote:
> 
> : Hello.
> 
>  Gday!
> 
> : Does anyone has a ftpd, where you can set the access control for
> : each virtual domain ? Like allowing anonymous, or not ?
> 
>  Yes.  Its called "wu-ftpd" and its found in the ports collection.
>  It is very flexible and allows different access groups, login restrictions,
>  virtual domaining etc..

Then take a good look at it. Wu-Ftpd in the beta 12 still only supports
3 settings per virtual domain, all other settings are global. Also I was not
able to get it using virtual, even I used a config file from a site, which
works. getaclmembers seems to never return any virtual settings.


> 
>  Regards,
>    Peter
> 
> -- 
>  Peter Childs  ---  http://www.imforei.apana.org.au/~pjchilds
>   Finger pjchilds@al.imforei.apana.org.au for public PGP key
>          Drag me, drop me, treat me like an object!
> 

Ulf.

--------------------------------------------------------------------------
Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936
           Alameda Networks, Inc. | http://www.Alameda.net

From owner-freebsd-isp  Thu Feb  6 20:37:57 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA03315
          for isp-outgoing; Thu, 6 Feb 1997 20:37:57 -0800 (PST)
Received: from mail.crl.com (mail.crl.com [165.113.1.22])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA03295;
          Thu, 6 Feb 1997 20:37:53 -0800 (PST)
Received: from nanguo.chalmers.com.au by mail.crl.com with SMTP id AA23497
  (5.65c/IDA-1.5); Thu, 6 Feb 1997 20:37:06 -0800
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id OAA10174; Fri, 7 Feb 1997 14:21:11 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702070421.OAA10174@nanguo.chalmers.com.au>
Subject: livingston rfc answer (fwd)
To: freebsd-questions@freebsd.org (bsd)
Date: Fri, 7 Feb 1997 14:21:11 +1000 (EST)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

The result of an enquiry of mine to livingston, re rfc1323 complience;

Thought you all might be interested...
bc


----- Forwarded message from Billy Cobbe -----

>From bcobbe@lidcam.com.au Fri Feb  7 08:17:36 1997
Date: Fri, 7 Feb 1997 09:12:48 +1100 (EST)
X-Sender: bcobbe@pop.lidcam.com.au
Message-Id: <v03010d00af20a04c9d1f@[198.142.55.100]>
To: robert@chalmers.com.au
From: Billy Cobbe <bcobbe@lidcam.com.au>
Subject: livingston rfc answer

Robert,

Livingston tell me that they do not support RFC1323 at this stage nor
RFC1644 as it is experimental anyway.

However they will forward your request to engineering as a 'request for
enhancement' so that if there is sufficent demand for them, then they will
at look at supporting them in the future.

Hope this clears it up for you.

cheers
billy

------------------------------------------------------------------------------
                   On a clear disk you can seek forever.
------------------------------------------------------------------------------
Billy Cobbe - Technical Support                   Ph:- 61-2-9922 7066
Lidcam Technology Pty Ltd                         Fax:- 61-2-9900 5331
Level 12, 275 Alfred Street                       email:- bcobbe@lidcam.com.au
North Sydney 2060				  http://www.lidcam.com.au
Australia



----- End of forwarded message from Billy Cobbe -----

-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Thu Feb  6 20:57:23 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA04331
          for isp-outgoing; Thu, 6 Feb 1997 20:57:23 -0800 (PST)
Received: from al.imforei.apana.org.au (pjchilds@al.imforei.apana.org.au [202.12.89.41])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id UAA04325
          for <freebsd-isp@freebsd.org>; Thu, 6 Feb 1997 20:57:18 -0800 (PST)
Received: (from pjchilds@localhost) by al.imforei.apana.org.au (beBop) id PAA18850; Fri, 7 Feb 1997 15:26:50 +1030 (CST)
Message-ID: <19970207152649.XV33983@al.apana.org.au>
Date: Fri, 7 Feb 1997 15:26:49 +1030
From: pjchilds@imforei.apana.org.au (Peter Childs)
To: ulf@Alameda.net (Ulf Zimmermann)
Cc: freebsd-isp@freebsd.org
Subject: Re: virtual domain ftpd with access control ?
References: <199702070211.MAA15689@al.imforei.apana.org.au> <199702070342.TAA22167@bitch.Melmac.org>
X-Mailer: Mutt 0.60-PL0
Mime-Version: 1.0
In-Reply-To: <199702070342.TAA22167@bitch.Melmac.org>; from Ulf Zimmermann on Feb 6, 1997 19:42:51 -0800
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Ulf Zimmermann writes:
> 
> > : Does anyone has a ftpd, where you can set the access control for
> > : each virtual domain ? Like allowing anonymous, or not ?
> > 
> >  Yes.  Its called "wu-ftpd" and its found in the ports collection.
> >  It is very flexible and allows different access groups, login restrictions,
> >  virtual domaining etc..
> 
> Then take a good look at it. Wu-Ftpd in the beta 12 still only supports
> 3 settings per virtual domain, all other settings are global. Also I was not
> able to get it using virtual, even I used a config file from a site, which

 If your virtual domaining needs can't be met by using the standard wu-ftp 
 setup then you can use tcp-wrappers along with wu-ftp with different 
 configuration files for your different virtual sites for absolute 
 flexability.

 Regards,
  Peter


From owner-freebsd-isp  Thu Feb  6 23:35:20 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA10597
          for isp-outgoing; Thu, 6 Feb 1997 23:35:20 -0800 (PST)
Received: from mail.crl.com (mail.crl.com [165.113.1.22])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id XAA10580;
          Thu, 6 Feb 1997 23:35:12 -0800 (PST)
Received: from nanguo.chalmers.com.au (chalmers.com.au) by mail.crl.com with SMTP id AA25129
  (5.65c/IDA-1.5); Thu, 6 Feb 1997 23:34:24 -0800
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id RAA10472; Fri, 7 Feb 1997 17:22:47 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702070722.RAA10472@nanguo.chalmers.com.au>
Subject: can ppp work through virtual host?
To: freebsd-questions@freebsd.org (bsd)
Date: Fri, 7 Feb 1997 17:22:46 +1000 (EST)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Before I go trashing a whole system, does anyone know if the following
is possible.

	server, acting as a secondary for the Primary DNS. 
	  IP=203.1.96.5
	gateway=YES
	kernel gatewayforwarding enabled.

	virtual-host on that server
	  ifconfig blah blah 203.1.96.4

	pppd (kernel ppp), myaddr: 203.1.96.4


In other words, can I turn the server .5 into a machine that also
runs pppd, with pppd thinking its on .4, because I have ifconfig
setting up a virtual or alias host?

or...

Should I turn .5 into a Virtual-Server, and rename and re-IP the
physical, true machine to be .4, running pppd?

The PPPD _must_ run as .4. There is no option there.

any ideas if this will work.

Thanks,
Robert

-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Thu Feb  6 23:59:42 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA11362
          for isp-outgoing; Thu, 6 Feb 1997 23:59:42 -0800 (PST)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id XAA11334;
          Thu, 6 Feb 1997 23:59:31 -0800 (PST)
Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id TAA07759; Fri, 7 Feb 1997 19:00:02 +1100 (EST)
Date: Fri, 7 Feb 1997 19:00:02 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: bsd <freebsd-questions@freebsd.org>, FreeBSD ISP <freebsd-isp@freebsd.org>
Subject: Re: can ppp work through virtual host?
In-Reply-To: <199702070722.RAA10472@nanguo.chalmers.com.au>
Message-ID: <Pine.BSF.3.91.970207185635.427b-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Fri, 7 Feb 1997, Robert Chalmers wrote:

> In other words, can I turn the server .5 into a machine that also
> runs pppd, with pppd thinking its on .4, because I have ifconfig
> setting up a virtual or alias host?
> 
> or...
> 
> Should I turn .5 into a Virtual-Server, and rename and re-IP the
> physical, true machine to be .4, running pppd?
> 
> The PPPD _must_ run as .4. There is no option there.

Basically, just tell pppd that its local IP address is .4.

pppd a.b.c.4:x.x.x.x (substitute remote IP address)

pppd does not care about the status of the IP address w.r.t. other 
interfaces.  It can be used or not used by other interfaces, as aliases 
or not.  Just be careful running gated :-)

Danny

From owner-freebsd-isp  Fri Feb  7 10:36:09 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id KAA11472
          for isp-outgoing; Fri, 7 Feb 1997 10:36:09 -0800 (PST)
Received: from main.netcorps.com (main.netcorps.com [205.149.1.66])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id KAA11465
          for <isp@FreeBSD.ORG>; Fri, 7 Feb 1997 10:36:06 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by main.netcorps.com (8.7.1/8.6.12) with SMTP id KAA00856 for <isp@FreeBSD.ORG>; Fri, 7 Feb 1997 10:34:30 -0800 (PST)
Message-Id: <199702071834.KAA00856@main.netcorps.com>
X-Authentication-Warning: main.netcorps.com: Host localhost [127.0.0.1] didn't use HELO protocol
To: isp@FreeBSD.ORG
Subject: RAID ?
Date: Fri, 07 Feb 1997 10:34:30 -0800
From: Chris Bura <chris@MAIN.Netcorps.com>
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


I'm wondering if a) we can use the Adaptec 3985 RAID PCI/SCSI adapter
with FreeBSD and b) if so, if anyone has tried it.

We want to setup a simple 2-disk mirroring scenario.

Thanks,

CHris

From owner-freebsd-isp  Fri Feb  7 14:04:16 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA22849
          for isp-outgoing; Fri, 7 Feb 1997 14:04:16 -0800 (PST)
Received: from main.netcorps.com (main.netcorps.com [205.149.1.66])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA22842
          for <freebsd-isp@freebsd.org>; Fri, 7 Feb 1997 14:04:10 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by main.netcorps.com (8.7.1/8.6.12) with SMTP id OAA03484 for <freebsd-isp@freebsd.org>; Fri, 7 Feb 1997 14:02:34 -0800 (PST)
Message-Id: <199702072202.OAA03484@main.netcorps.com>
X-Authentication-Warning: main.netcorps.com: Host localhost [127.0.0.1] didn't use HELO protocol
To: freebsd-isp@freebsd.org
Subject: Re: RAID ? 
In-reply-to: Your message of "Fri, 07 Feb 1997 10:34:30 PST."
             <199702071834.KAA00856@main.netcorps.com> 
Date: Fri, 07 Feb 1997 14:02:34 -0800
From: Chris Bura <chris@MAIN.Netcorps.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Well after checking out Mylex's website I noticed a product called
the DAC960SUI which connects the a SCSI controller.  It's supposed to
just be seen as a hard drive as far as the OS is concerned.  
Have no idea what it costs.  Can't seem to find a retailer around with
enough IQ to figure out that if it's not in stock, it still may exist...

Chris
 
> I'm wondering if a) we can use the Adaptec 3985 RAID PCI/SCSI adapter
> with FreeBSD and b) if so, if anyone has tried it.
> 
> We want to setup a simple 2-disk mirroring scenario.
> 
> Thanks,
> 
> CHris





From owner-freebsd-isp  Fri Feb  7 14:42:48 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA28744
          for isp-outgoing; Fri, 7 Feb 1997 14:42:48 -0800 (PST)
Received: from nanguo.chalmers.com.au (nanguo.chalmers.com.au [203.1.96.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA28718;
          Fri, 7 Feb 1997 14:42:39 -0800 (PST)
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id IAA02694; Sat, 8 Feb 1997 08:43:13 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702072243.IAA02694@nanguo.chalmers.com.au>
Subject: ipforwarding no longer in GENERIC or LINT?
To: freebsd-questions@freebsd.org (bsd)
Date: Sat, 8 Feb 1997 08:43:12 +1000 (EST)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I don't see ipforwarding (gateway) in either LINT or GENERIC on
the 
2.2-961014-SNAP FreeBSD 2.2-961014-SNAP #0: 
kernel anymore ?

Do I presume that having gateway=YES in sysconfig is all thats needed now?

thanks
Robert


-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Fri Feb  7 15:26:49 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id PAA05478
          for isp-outgoing; Fri, 7 Feb 1997 15:26:49 -0800 (PST)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA05418;
          Fri, 7 Feb 1997 15:26:37 -0800 (PST)
Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id KAA13064; Sat, 8 Feb 1997 10:27:36 +1100 (EST)
Date: Sat, 8 Feb 1997 10:27:35 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: bsd <freebsd-questions@freebsd.org>, FreeBSD ISP <freebsd-isp@freebsd.org>
Subject: Re: ipforwarding no longer in GENERIC or LINT?
In-Reply-To: <199702072243.IAA02694@nanguo.chalmers.com.au>
Message-ID: <Pine.BSF.3.91.970208102352.427f-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Sat, 8 Feb 1997, Robert Chalmers wrote:

> I don't see ipforwarding (gateway) in either LINT or GENERIC on
> the 
> 2.2-961014-SNAP FreeBSD 2.2-961014-SNAP #0: 
> kernel anymore ?
> 
> Do I presume that having gateway=YES in sysconfig is all thats needed now?

The kernel option IPFORWARDING/GATEWAY is no longer available or 
required.  IP forwarding is controlled by the sysctl variable 
net.inet.ip.forwarding.

Setting "gateway=YES" in /etc/sysconfig makes /etc/netstart execute the 
command 'sysctl -w net.inet.ip.forwarding=1', which enables IP forwarding.
You can disable it at runtime, if you desire, with the command
# sysctl -w net.inet.ip.forwarding=0

Now to go back and answer your previous e-mail, which I read but did not 
have time to reply to... :-)

Danny

From owner-freebsd-isp  Fri Feb  7 16:51:22 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA14507
          for isp-outgoing; Fri, 7 Feb 1997 16:51:22 -0800 (PST)
Received: from po7.andrew.cmu.edu (PO7.ANDREW.CMU.EDU [128.2.10.107])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA14500
          for <freebsd-isp@freebsd.org>; Fri, 7 Feb 1997 16:51:17 -0800 (PST)
Received: (from postman@localhost) by po7.andrew.cmu.edu (8.8.2/8.8.2) id TAA16809; Fri, 7 Feb 1997 19:51:13 -0500
Received: via switchmail; Fri,  7 Feb 1997 19:51:12 -0500 (EST)
Received: from apriori.cc.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/service/mailqs/q001/QF.gmywqdG00YVpA0O39t>;
          Fri,  7 Feb 1997 19:49:45 -0500 (EST)
Received: from apriori.cc.cmu.edu via qmail
          ID </afs/andrew.cmu.edu/usr4/rnw/.Outgoing/QF.Imywqce00YVpQzFO9h>;
          Fri,  7 Feb 1997 19:49:44 -0500 (EST)
Received: from mms.4.60.Jun.27.1996.03.05.56.sun4.41.EzMail.2.0.CUILIB.3.45.SNAP.NOT.LINKED.apriori.cc.cmu.edu.sun4m.412
          via MS.5.6.apriori.cc.cmu.edu.sun4_41;
          Fri,  7 Feb 1997 19:49:43 -0500 (EST)
Message-ID: <Qmywqby00YVpMzFNxm@andrew.cmu.edu>
Date: Fri,  7 Feb 1997 19:49:43 -0500 (EST)
From: Robert N Watson <rnw+@andrew.cmu.edu>
To: freebsd-isp@freebsd.org, Chris Bura <chris@MAIN.Netcorps.com>
Subject: Re: RAID ?
In-Reply-To: <199702072202.OAA03484@main.netcorps.com>
References: <199702072202.OAA03484@main.netcorps.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Excerpts from internet.computing.freebsd-isp: 7-Feb-97 Re: RAID ?  by
Chris Bura@MAIN.Netcorps 
>Well after checking out Mylex's website I noticed a product called
>the DAC960SUI which connects the a SCSI controller.  It's supposed to
>just be seen as a hard drive as far as the OS is concerned.  
>Have no idea what it costs.  Can't seem to find a retailer around with
>enough IQ to figure out that if it's not in stock, it still may exist...

We use a Dell RAID 5 card that emulates an Adaptec at a Web Services
provider I work with.  This is under BSD/OS, but I imagine it would work
fine under FreeBSD also.  The RAID is all handled below the level of the
operating system, and the emulation seems very complete, and even allows
for an auto-rebuild on a Hot-swap.  I don't have chipset information
with me currently, though.  Speak to their server people and they should
be able to help you. 

From owner-freebsd-isp  Fri Feb  7 20:22:11 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id UAA22709
          for isp-outgoing; Fri, 7 Feb 1997 20:22:11 -0800 (PST)
Received: from scanners.tec.mn.us (scanners.Tec.MN.US [199.199.83.67])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id UAA22704;
          Fri, 7 Feb 1997 20:22:06 -0800 (PST)
Received: (from walth@localhost) by scanners.tec.mn.us (8.6.12/8.6.12) id WAA01698; Fri, 7 Feb 1997 22:21:51 -0600
Date: Fri, 7 Feb 1997 22:21:51 -0600 (CST)
From: Chris Walth <walth@scanners.tec.mn.us>
To: questions@freebsd.org
cc: isp@freebsd.org, security@freebsd.org
Subject: Problems? or denial of service attack?
Message-ID: <Pine.BSF.3.91.970207221333.1664A-100000@scanners.tec.mn.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Hello,

  I am running a server currently with FreeBSD 2.1.0-RELEASE.  Yes I know 
that it is outdated ;)

  What I have is someone connecting to port 25 and sending a lot of email 
messages from a dialup port.  I am currently tracing the dialup port.

  In the process of looking into this problem I noticed many pages of log 
entries that state the vm_???  has killed a process and also some about 
out of swap space.

  Here are a couple of the messages:

Feb  7 00:07:51 scanners /kernel: Process 26028 killed by vm_fault -- 
out of swap
Feb  7 00:07:51 scanners /kernel: swap_pager: out of space
Feb  7 00:07:52 scanners /kernel: Process 25867 killed by vm_pageout -- 
out of swap
Feb  7 00:07:52 scanners /kernel: swap_pager: out of space
Feb  7 00:07:52 scanners /kernel: Process 25811 killed by vm_fault -- out 
of swap
Feb  7 00:07:52 scanners /kernel: Process 26035 killed by vm_fault -- out 
of swap
Feb  7 00:07:52 scanners /kernel: Process 25979 killed by vm_fault -- out 
of swap
Feb  7 00:07:53 scanners /kernel: Process 25961 killed by vm_fault -- out 
of swap
Feb  7 00:07:53 scanners /kernel: Process 25986 killed by vm_fault -- out 
of swap


Any info about this would be greatly appreciated.  I am currently 
planning on upgrading the system to 2.2 when it is released, but I have 
to do the upgrade remotely or else wait until I can get to the machine.

  This problem is bugging me, and I do not know where to start on this one.

Thanks for your time..

  Chris Walth


............................................................................

Chris Walth

Scanners/netco UNIX System Administrator

email: walth@scanners.tec.mn.us
phone: 701-280-0922
finger walth@scanners.tec.mn.us to get PGP public Key.
............................................................................



From owner-freebsd-isp  Fri Feb  7 21:13:21 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA24403
          for isp-outgoing; Fri, 7 Feb 1997 21:13:21 -0800 (PST)
Received: from excel.tnet.com.au (excel.tnet.com.au [203.15.94.3])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA24380;
          Fri, 7 Feb 1997 21:13:06 -0800 (PST)
Received: (from slaterm@localhost) by excel.tnet.com.au (8.7.4/8.7.3) id NAA01187; Sat, 8 Feb 1997 13:18:00 +0800
Date: Sat, 8 Feb 1997 13:18:00 +0800 (WST)
From: Michael Slater <slaterm@excel.tnet.com.au>
To: Chris Walth <walth@scanners.tec.mn.us>
cc: questions@freebsd.org, isp@freebsd.org, security@freebsd.org
Subject: Re: Problems? or denial of service attack?
In-Reply-To: <Pine.BSF.3.91.970207221333.1664A-100000@scanners.tec.mn.us>
Message-ID: <Pine.LNX.3.91.970208131704.425A-100000@excel.tnet.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



>   I am running a server currently with FreeBSD 2.1.0-RELEASE.  Yes I know 
> that it is outdated ;)
> 
>   What I have is someone connecting to port 25 and sending a lot of email 
> messages from a dialup port.  I am currently tracing the dialup port.
> 
>   In the process of looking into this problem I noticed many pages of log 
> entries that state the vm_???  has killed a process and also some about 
> out of swap space.
> 
>   Here are a couple of the messages:
> 
> Feb  7 00:07:51 scanners /kernel: Process 26028 killed by vm_fault -- 
> out of swap
> Feb  7 00:07:51 scanners /kernel: swap_pager: out of space
> Feb  7 00:07:52 scanners /kernel: Process 25867 killed by vm_pageout -- 
> out of swap
> Feb  7 00:07:52 scanners /kernel: swap_pager: out of space

It looks like you are out of Swap space...

Michael Slater
slaterm@tnet.com.au

From owner-freebsd-isp  Fri Feb  7 21:35:45 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA25114
          for isp-outgoing; Fri, 7 Feb 1997 21:35:45 -0800 (PST)
Received: from mail.crl.com (mail.crl.com [165.113.1.22])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id VAA25090;
          Fri, 7 Feb 1997 21:35:36 -0800 (PST)
Received: from nanguo.chalmers.com.au (chalmers.com.au) by mail.crl.com with SMTP id AA13882
  (5.65c/IDA-1.5); Fri, 7 Feb 1997 21:34:51 -0800
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id PAA00214; Sat, 8 Feb 1997 15:16:27 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702080516.PAA00214@nanguo.chalmers.com.au>
Subject: The Grail Quest - Bypassing the Annex.
To: freebsd-questions@freebsd.org (bsd), freebsd-isp@freebsd.org (FreeBSD ISP)
Date: Sat, 8 Feb 1997 15:16:26 +1000 (EST)
Cc: bugs@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

After much traffic on the mail lists about the Annex not passing traffic,
I decided to by pass it. Here are the results.

The kernel Version: Pentium 120. SOYO board PCI.
FreeBSD nanguo.chalmers.com.au 2.2-961014-SNAP FreeBSD 2.2-961014-SNAP #0: Fri Jan 31 13:00:40 EST 1997     root@nanguo.chalmers.com.au:/usr/src/sys/compile/MYKERNEL  i386

I set up my Ethernet so that they all talk to one machine, acting as a
gateway through a kernel pppd link to the Internet provider. I finally
got the pppd link up, with much help from net folk, and talking to the
ethernet. Traffic flowed freely in all directions. Or so I thought.

To the best of my ability to sus it out, the original problem seems to
be persisting. Some folk can talk to me. Some can't. Some run so slow 
as to be useless. Yet others, some 5000 a month, have no problems.
I don't know if the other machine https://ruby.chalmers.com.au 
has similar problems. It's a trial SSL server. 486 2/66

So, next step. I swapped out the ethernet cable. 		nada.
	       I swapped out the ehternet card.			nada.

A helpful net person tells me that he can connect to my www pages 
with NO PROBLEMS so long as he uses FreeBSD 2.1.5.
If he uses 2.2, it wont connect!!!! Is there
a subtle message here I wonder.?

So, here I sit. Direct ppp link. No Annex. 

clueless in Mackay.

robert
-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Fri Feb  7 21:36:52 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA25226
          for isp-outgoing; Fri, 7 Feb 1997 21:36:52 -0800 (PST)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA25206;
          Fri, 7 Feb 1997 21:36:47 -0800 (PST)
Received: from server.id.net (server.id.net [199.125.2.20]) by mail.id.net (8.7.5/ID-Net) with ESMTP id AAA05749; Sat, 8 Feb 1997 00:43:53 -0500 (EST)
From: Robert Shady <rls@mail.id.net>
Received: (from rls@localhost) by server.id.net (8.8.2/8.7.3) id AAA24394; Sat, 8 Feb 1997 00:36:45 -0500 (EST)
Message-Id: <199702080536.AAA24394@server.id.net>
Subject: Re: ENOBUF and netstat -m
In-Reply-To: <199702061914.LAA26773@news.interworld.net> from Peter Carah at "Feb 6, 97 11:14:02 am"
To: pete@news.interworld.net (Peter Carah)
Date: Sat, 8 Feb 1997 00:36:45 -0500 (EST)
Cc: questions@freebsd.org, isp@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> I'm persistently getting ENOBUF on the news machine, usually from
> ctlinnd.  I haven't yet upgraded to 1.5.1; we're running unoff4.
> netstat -m always has a comfortable number of clusters and also
> always reports 0 requests delayed or denied.  This seems inconsistent :-)
> 
> A 1.5.1 upgrade is due today; it is a bit complicated by the change
> to the file layout :-(

Inn 1.5.1 made *HUGE* differences to our news machine, your results may
vary, but we carry 30,000+ newsgroups and receive nearly 6GB of news per
day...

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net

From owner-freebsd-isp  Sat Feb  8 07:34:19 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id HAA16835
          for isp-outgoing; Sat, 8 Feb 1997 07:34:19 -0800 (PST)
Received: from scanners.tec.mn.us (scanners.Tec.MN.US [199.199.83.67])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id HAA16776;
          Sat, 8 Feb 1997 07:34:11 -0800 (PST)
Received: (from walth@localhost) by scanners.tec.mn.us (8.6.12/8.6.12) id JAA05098; Sat, 8 Feb 1997 09:33:45 -0600
Date: Sat, 8 Feb 1997 09:33:45 -0600 (CST)
From: Chris Walth <walth@scanners.tec.mn.us>
To: Michael Slater <slaterm@excel.tnet.com.au>
cc: questions@freebsd.org, isp@freebsd.org, security@freebsd.org
Subject: Re: Problems? or denial of service attack?
In-Reply-To: <Pine.LNX.3.91.970208131704.425A-100000@excel.tnet.com.au>
Message-ID: <Pine.BSF.3.91.970208092657.5067A-100000@scanners.tec.mn.us>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Sat, 8 Feb 1997, Michael Slater wrote:

> 
> It looks like you are out of Swap space...
> 
> Michael Slater
> slaterm@tnet.com.au
> 

  This machine is a web server and email server.  There was nobody logged 
in at these times.  I have 32 megs of ram and 43 megs of swap.  There was 
also about 20 pages of messages having to do with sendmail.  Here are a 
few of those attached below.

  I have never had any problems before, and now when I was getting these 
sendmail problems I was getting all these messages.  I do not think that 
it is just a swap problem..

Feb  7 00:06:32 scanners sendmail[26007]: NOQUEUE: SYSERR: putoutmsg 
(dialup-1a.
co.net): error on output channel sending "451 entering initmaps: fd 1 not 
open:
Invalid argument": Broken pipe
Feb  7 00:06:32 scanners sendmail[26007]: NOQUEUE: SYSERR(root): entering 
initma
ps: fd 1 not open: Invalid argument
Feb  7 00:06:32 scanners sendmail[25996]: NOQUEUE: SYSERR: putoutmsg 
(dialup-1a.
co.net): error on output channel sending "451 entering initmaps: fd 1 not 
open:
Invalid argument": Broken pipe
Feb  7 00:06:32 scanners sendmail[25996]: NOQUEUE: SYSERR(root): entering 
initma
ps: fd 1 not open: Invalid argument
Feb  7 00:06:34 scanners sendmail[25867]: AAA25867: SYSERR: putoutmsg 
(dialup-1a
.co.net): error on output channel sending "354 Enter mail, end with "." 
on a lin
e by itself": Broken pipe
Feb  7 00:06:34 scanners sendmail[25867]: AAA25867: SYSERR(root): Out of 
memory!
!: Cannot allocate memory
Feb  7 00:06:30 scanners sendmail[25999]: NOQUEUE: SYSERR: putoutmsg 
(dialup-1a.
co.net): error on output channel sending "451 entering initmaps: fd 1 not 
open:
Invalid argument": Broken pipe
Feb  7 00:06:34 scanners sendmail[26012]: NOQUEUE: SYSERR: putoutmsg 
(dialup-1a.
co.net): error on output channel sending "451 entering initmaps: fd 1 not 
open:
Invalid argument": Broken pipe


What are these initmaps?  Did someone possiably gain access to the 
system?  I don't see any evidence.  Mail was generated and sent to one 
person.  He got about 200 messages from this person.

Thanks.

Chris

  
............................................................................

Chris Walth

Scanners/netco UNIX System Administrator

email: walth@scanners.tec.mn.us
phone: 701-280-0922
finger walth@scanners.tec.mn.us to get PGP public Key.
............................................................................



From owner-freebsd-isp  Sat Feb  8 08:56:25 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA19586
          for isp-outgoing; Sat, 8 Feb 1997 08:56:25 -0800 (PST)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA19556;
          Sat, 8 Feb 1997 08:56:19 -0800 (PST)
Received: from server.id.net (server.id.net [199.125.2.20]) by mail.id.net (8.7.5/ID-Net) with ESMTP id MAA08350; Sat, 8 Feb 1997 12:03:37 -0500 (EST)
From: Robert Shady <rls@mail.id.net>
Received: (from rls@localhost) by server.id.net (8.8.2/8.7.3) id LAA03084; Sat, 8 Feb 1997 11:56:42 -0500 (EST)
Message-Id: <199702081656.LAA03084@server.id.net>
Subject: Re: Problems? or denial of service attack?
In-Reply-To: <Pine.BSF.3.91.970208092657.5067A-100000@scanners.tec.mn.us> from Chris Walth at "Feb 8, 97 09:33:45 am"
To: walth@scanners.tec.mn.us (Chris Walth)
Date: Sat, 8 Feb 1997 11:56:42 -0500 (EST)
Cc: slaterm@excel.tnet.com.au, questions@freebsd.org, isp@freebsd.org,
        security@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> > It looks like you are out of Swap space...
> 
>   This machine is a web server and email server.  There was nobody logged 
> in at these times.  I have 32 megs of ram and 43 megs of swap.  There was 
> also about 20 pages of messages having to do with sendmail.  Here are a 
> few of those attached below.
> 
>   I have never had any problems before, and now when I was getting these 
> sendmail problems I was getting all these messages.  I do not think that 
> it is just a swap problem..

I thought the first poster was being sarcastic (He probably was), because
it's so obvious that your problem *IS* that your running out of memory.
I don't build a machine with less than 128MB of swap, 43 is nothing, 
especially for a machine that's acting as a web server/mail server...

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net

From owner-freebsd-isp  Sat Feb  8 11:09:03 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id LAA24654
          for isp-outgoing; Sat, 8 Feb 1997 11:09:03 -0800 (PST)
Received: from smtp.connectnet.com (smtp.connectnet.com [207.110.0.12])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id LAA24648;
          Sat, 8 Feb 1997 11:09:00 -0800 (PST)
Received: from wink.connectnet.com (Studded@wink.connectnet.com [206.251.156.23]) by smtp.connectnet.com (8.8.5/Connectnet-2.2) with SMTP id LAA11891; Sat, 8 Feb 1997 11:09:50 -0800 (PST)
Message-Id: <199702081909.LAA11891@smtp.connectnet.com>
From: "That Doug Guy" <tiller@connectnet.com>
To: "FreeBSD Questions" <FreeBSD-Questions@freebsd.org>
Cc: "FreeBSD-ISP@freebsd.org" <FreeBSD-ISP@freebsd.org>
Date: Sat, 08 Feb 97 11:08:55 -0800
Reply-To: "That Doug Guy" <tiller@connectnet.com>
Priority: Normal
X-Mailer: That Doug Guy's Registered PMMail 1.53 For OS/2
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Subject: Packet filtering help please
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Howdy,  :-)

	I (still, *cough*) need information on packet filtering.  I looked at 
LINT, and found this about bpf:

#  The `bpfilter' pseudo-device enables the Berkeley Packet Filter.  Be
#  aware of the legal and administrative consequences of enabling this
#  option.  The number of devices determines the maximum number of
#  simultaneous BPF clients programs runnable.

	The man page for bpf was helpful, but went over my head sooner 
than I would have liked. :)  Where can I find more information (starting at a 
less ethereal level :) regarding what bpf is good for, and exactly what the 
dangers are?  

	The last time I asked, the best info I got was that for my purposes 
(occasional filtering of nuisance hosts) enabling the firewall option in the 
kernel, and using ipfw would be my best bet.  This issue has become 
somewhat more urgent as our system is being attacked by a pesky (and 
persistent) 15 year old.  I never did receive an answer on how much 
overhead (cpu is the biggest consideration) this will add to my system.  Also, 
where can I find more info on how to construct rules?  (Beyond the man 
pages.)  I will be doing this all remotely, so getting it right the first time is 
essential.  

	I've heard that the O'Reilly book on TCP/IP Administration is really 
good.....is this kind of information included in it?  I have 2 of their books 
already, and really like them.  Please note that I'm willing to do the digging 
to get the info myself, but I've run out of places to look.

Thanks in advance for any help you can offer,

Doug


From owner-freebsd-isp  Sat Feb  8 12:56:44 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id MAA28758
          for isp-outgoing; Sat, 8 Feb 1997 12:56:44 -0800 (PST)
Received: from roundtable.cif.rochester.edu (sadmin@roundtable.cif.rochester.edu [128.151.220.14])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id MAA28738;
          Sat, 8 Feb 1997 12:56:37 -0800 (PST)
Received: (from sadmin@localhost) by roundtable.cif.rochester.edu (8.8.5/8.8.3) id PAA21546; Sat, 8 Feb 1997 15:55:41 -0500 (EST)
From: Security Administrator <sadmin@roundtable.cif.rochester.edu>
Message-Id: <199702082055.PAA21546@roundtable.cif.rochester.edu>
Subject: Re: Problems? or denial of service attack?
To: rls@mail.id.net (Robert Shady)
Date: Sat, 8 Feb 1997 15:55:41 -0500 (EST)
Cc: walth@scanners.tec.mn.us, slaterm@excel.tnet.com.au, questions@freebsd.org,
        isp@freebsd.org, security@freebsd.org
In-Reply-To: <199702081656.LAA03084@server.id.net> from "Robert Shady" at Feb 8, 97 11:56:42 am
X-Mailer: ELM [version 2.4 PL25]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

2-8-97

> 
> > > It looks like you are out of Swap space...
> > 
> >   This machine is a web server and email server.  There was nobody logged 
> > in at these times.  I have 32 megs of ram and 43 megs of swap.  There was 
> > also about 20 pages of messages having to do with sendmail.  Here are a 
> > few of those attached below.
> > 
> >   I have never had any problems before, and now when I was getting these 
> > sendmail problems I was getting all these messages.  I do not think that 
> > it is just a swap problem..
> 
> I thought the first poster was being sarcastic (He probably was), because
> it's so obvious that your problem *IS* that your running out of memory.
> I don't build a machine with less than 128MB of swap, 43 is nothing, 
> especially for a machine that's acting as a web server/mail server...
> 

We've got a machine with 128 Megs of on-board RAM.  We STILL decided to 
install twice the amount of cache (256 megs) split between two disks 
in the SCSI chain.  Splitting up the cache between the two disks should,
in theory, speed up your performance.

The conventional wisdom is to have at least twice your memory as swap.  In 
SunOS, for instance, it was hard to even get a machine to work unless you had 
an equal amount of swap and memory, no matter how much RAM was shoved into the
box.  

JP
-- 
System Security Administrator
Computer Interest Floor
University of Rochester
Rochester, NY 14627
sadmin@roundtable.cif.rochester.edu

From owner-freebsd-isp  Sat Feb  8 14:11:01 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id OAA03352
          for isp-outgoing; Sat, 8 Feb 1997 14:11:01 -0800 (PST)
Received: from whistle.com (s205m131.whistle.com [207.76.205.131])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA03309;
          Sat, 8 Feb 1997 14:10:30 -0800 (PST)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id OAA09670; Sat, 8 Feb 1997 14:09:59 -0800 (PST)
Received: from alpo.whistle.com(207.76.205.1) by whistle.com via smap (V1.3)
	id sma009666; Sat Feb  8 14:09:49 1997
Received: from current1.whistle.com (current1.whistle.com [207.76.205.22])
          by alpo.whistle.com (8.8.5/8.8.4) with SMTP
	  id OAA22065; Sat, 8 Feb 1997 14:07:57 -0800 (PST)
Message-ID: <32FCF895.59E2B600@whistle.com>
Date: Sat, 08 Feb 1997 14:05:09 -0800
From: Julian Elischer <julian@whistle.com>
Organization: Whistle Communications
X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386)
MIME-Version: 1.0
To: That Doug Guy <tiller@connectnet.com>
CC: FreeBSD Questions <FreeBSD-Questions@freebsd.org>,
        "FreeBSD-ISP@freebsd.org" <FreeBSD-ISP@freebsd.org>
Subject: Re: Packet filtering help please
References: <199702081909.LAA11891@smtp.connectnet.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

That Doug Guy wrote:
> 
> Howdy,  :-)
> 
>         I (still, *cough*) need information on packet filtering.  I looked at
> LINT, and found this about bpf:
> 
> #  The `bpfilter' pseudo-device enables the Berkeley Packet Filter.  Be
> #  aware of the legal and administrative consequences of enabling this
> #  option.  The number of devices determines the maximum number of
> #  simultaneous BPF clients programs runnable.


bpf is not what you want to do...
what you want is ipfw.

bpf is a debugging interface that allows packets to selectively be
transfered to a debugging process.

ipfw allows you to put filtering rules on interfaces for firewalling
purposes..



>  The last time I asked, the best info I got was that for my purposes
> (occasional filtering of nuisance hosts) enabling the firewall option in the
> kernel, and using ipfw would be my best bet.  This issue has become
> somewhat more urgent as our system is being attacked by a pesky (and
> persistent) 15 year old.  I never did receive an answer on how much
> overhead (cpu is the biggest consideration)

some but not too much

> this will add to my system.  Also,
> where can I find more info on how to construct rules? 
> (Beyond the man pages.)
> I will be doing this all remotely, so getting it right the first time is
> essential.

add the following code to the rc file 
ipfw add 10000  allow ip from all to all
ipfw add 1000   deny ip from {his address}



that should about do it..
remember that the default rule is:
ipfw add 65536 deny ip from any to any

so you need to add the allow rule above via /etc/rc
because you won't be able to get to the box to do it by hand :)



> 
>         I've heard that the O'Reilly book on TCP/IP Administration is really
> good.....is this kind of information included in it?  I have 2 of their books
> already, and really like them.  Please note that I'm willing to do the digging
> to get the info myself, but I've run out of places to look.
> 
> Thanks in advance for any help you can offer,
> 
> Doug

From owner-freebsd-isp  Sat Feb  8 15:30:30 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id PAA07092
          for isp-outgoing; Sat, 8 Feb 1997 15:30:30 -0800 (PST)
Received: from mail.crl.com (mail.crl.com [165.113.1.22])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id PAA07005;
          Sat, 8 Feb 1997 15:29:51 -0800 (PST)
Received: from nanguo.chalmers.com.au (chalmers.com.au) by mail.crl.com with SMTP id AA16901
  (5.65c/IDA-1.5); Sat, 8 Feb 1997 15:29:05 -0800
Received: (from robert@localhost) by nanguo.chalmers.com.au (8.7.6/8.7.3) id JAA00202; Sun, 9 Feb 1997 09:09:48 +1000 (EST)
From: Robert Chalmers <robert@nanguo.chalmers.com.au>
Message-Id: <199702082309.JAA00202@nanguo.chalmers.com.au>
Subject: I give up! no ideas left.
To: freebsd-questions@freebsd.org (bsd), freebsd-isp@freebsd.org (FreeBSD ISP),
        bugs@freebsd.org
Date: Sun, 9 Feb 1997 09:09:47 +1000 (EST)
X-Mailer: ELM [version 2.4ME+ PL22 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

The saga of failing connections to my web site. Some do, some dont.
2.1.5 will, 2.2 wont. Anything SUN based also seems to barf. I dont
know about the rest. Some connect and hang. 5000 a month on average
have no problems at all!!!

Well, I admit defeat on trying to get this ;
FreeBSD nanguo.chalmers.com.au 2.2-961014-SNAP FreeBSD 2.2-961014-SNAP #0: Sun Feb  9 08:52:21 EST 1997     robert@nanguo.chalmers.com.au:/usr/src/sys/compile/MYKERNEL  i386
;
working so that connections don't hang.

I have recompiled the kernel with lots of advice from the handbook;
This is my KERNEL config;

#
# GENERIC -- Generic machine with WD/AHx/NCR/BTx family disks
#
# For more information read the handbook part System Administration -> 
# Configuring the FreeBSD Kernel -> The Configuration File. 
# The handbook is available in /usr/share/doc/handbook or online as
# latest version from the FreeBSD World Wide Web server 
# <URL:http://www.FreeBSD.ORG/>
#
# An exhaustive list of options and more detailed explanations of the 
# device lines is present in the ./LINT configuration file. If you are 
# in doubt as to the purpose or necessity of a line, check first in LINT.
#
#	$Id: GENERIC,v 1.76 1996/09/11 19:53:28 phk Exp $

machine		"i386"
cpu		"I386_CPU"
cpu		"I486_CPU"
cpu		"I586_CPU"
cpu		"I686_CPU"
ident		MYKERNEL
maxusers	20

options		MATH_EMULATE		#Support for x87 emulation
options		INET			#InterNETworking
options		FFS			#Berkeley Fast Filesystem
options		NFS			#Network Filesystem
options		MSDOSFS			#MSDOS Filesystem
options		"CD9660"		#ISO 9660 Filesystem
options		PROCFS			#Process filesystem
options		"COMPAT_43"		#Compatible with BSD 4.3 [KEEP THIS!]
options		"TUNE_1542"		#Dynamic tune of DMA speed
options		SCSI_DELAY=5		#Be pessimistic about Joe SCSI device
options		BOUNCE_BUFFERS		#include support for DMA bounce buffers
options		UCONSOLE		#Allow users to grab the console
options		FAILSAFE		#Be conservative
options		USERCONFIG		#boot -c editor
options		VISUAL_USERCONFIG	#visual boot -c editor

#
# These three options provide support for System V Interface
# Definition-style interprocess communication, in the form of shared
# memory, semaphores, and message queues, respectively.
#
options		SYSVSHM
options		SYSVSEM
options		SYSVMSG

config		kernel	root on sd0

controller	isa0
controller	eisa0
controller	pci0

controller	fdc0	at isa? port "IO_FD1" bio irq 6 drq 2 vector fdintr
disk		fd0	at fdc0 drive 0
disk		fd1	at fdc0 drive 1
tape		ft0	at fdc0 drive 2

controller	wdc0	at isa? port "IO_WD1" bio irq 14 vector wdintr
disk		wd0	at wdc0 drive 0
disk		wd1	at wdc0 drive 1

controller	wdc1	at isa? port "IO_WD2" bio irq 15 vector wdintr
disk		wd2	at wdc1 drive 0
disk		wd3	at wdc1 drive 1

options		ATAPI		#Enable ATAPI support for IDE bus
options		ATAPI_STATIC	#Don't do it as an LKM
device		wcd0	#IDE CD-ROM

# A single entry for any of these controllers (ncr, ahb, ahc) is sufficient
# for any number of installed devices.
controller	ncr0
controller	ahb0
controller	ahc0

controller	bt0	at isa? port "IO_BT0" bio irq ? vector bt_isa_intr
controller	uha0	at isa? port "IO_UHA0" bio irq ? drq 5 vector uhaintr
controller	aha0	at isa? port "IO_AHA0" bio irq ? drq 5 vector ahaintr
controller	aic0	at isa? port 0x340 bio irq 11 vector aicintr
controller	nca0	at isa? port 0x1f88 bio irq 10 vector ncaintr
controller	nca1	at isa? port 0x350 bio irq 5 vector ncaintr
controller	sea0	at isa? bio irq 5 iomem 0xc8000 iosiz 0x2000 vector seaintr

controller	scbus0

device		sd0

device		od0	#See LINT for possible `od' options.

device		st0

device		cd0	#Only need one of these, the code dynamically grows

device		wt0	at isa? port 0x300 bio irq 5 drq 1 vector wtintr
device		mcd0	at isa? port 0x300 bio irq 10 vector mcdintr

controller	matcd0	at isa? port 0x230 bio

device		scd0	at isa? port 0x230 bio

# syscons is the default console driver, resembling an SCO console
device		sc0	at isa? port "IO_KBD" tty irq 1 vector scintr
# Enable this and PCVT_FREEBSD for pcvt vt220 compatible console driver
#device		vt0	at isa? port "IO_KBD" tty irq 1 vector pcrint
#options		PCVT_FREEBSD=210	# pcvt running on FreeBSD >= 2.0.5
#options		XSERVER			# include code for XFree86
#options		FAT_CURSOR		# start with block cursor
# If you have a ThinkPAD, uncomment this along with the rest of the PCVT lines
#options		PCVT_SCANSET=2		# IBM keyboards are non-std

# Mandatory, don't remove
device		npx0	at isa? port "IO_NPX" irq 13 vector npxintr

#
# Laptop support (see LINT for more options)
#
device		apm0    at isa?	disable	# Advanced Power Management
options		APM_BROKEN_STATCLOCK	# Workaround some buggy APM BIOS
# PCCARD (PCMCIA) support
#controller	crd0
#device		pcic0	at crd?
#device		pcic1	at crd?

device		sio0	at isa? port "IO_COM1" tty irq 4 vector siointr
device		sio1	at isa? port "IO_COM2" tty irq 3 vector siointr
device		sio2	at isa? disable port "IO_COM3" tty irq 5 vector siointr
device		sio3	at isa? disable port "IO_COM4" tty irq 9 vector siointr

device		lpt0	at isa? port? tty irq 7 vector lptintr
device		lpt1	at isa? port? tty
device		mse0	at isa? port 0x23c tty irq 5 vector mseintr

device		psm0	at isa? disable port "IO_KBD" conflicts tty irq 12 vector psmintr

# Order is important here due to intrusive probes, do *not* alphabetize
# this list of network interfaces until the probes have been fixed.
# Right now it appears that the ie0 must be probed before ep0. See
# revision 1.20 of this file.
device de0
device fxp0
device vx0

device ed0 at isa? port 0x280 net irq  5 iomem 0xd8000 vector edintr
device ed1 at isa? port 0x300 net irq  5 iomem 0xd8000 vector edintr
device ie0 at isa? port 0x360 net irq  7 iomem 0xd0000 vector ieintr
device ep0 at isa? port 0x300 net irq 10 vector epintr
device fe0 at isa? port 0x300 net irq ? vector feintr
device ix0 at isa? port 0x300 net irq 10 iomem 0xd0000 iosiz 32768 vector ixintr
device le0 at isa? port 0x300 net irq 5 iomem 0xd0000 vector le_intr
device lnc0 at isa? port 0x280 net irq 10 drq 0 vector lncintr
device ze0 at isa? port 0x300 net irq 5 iomem 0xd8000 vector zeintr
device zp0 at isa? port 0x300 net irq 10 iomem 0xd8000 vector zpintr

pseudo-device	loop
pseudo-device	ether
pseudo-device	log
pseudo-device	sl	1
# ijppp uses tun instead of ppp device
pseudo-device	ppp	1
pseudo-device	tun	1
pseudo-device	pty	16
pseudo-device	gzip		# Exec gzipped a.out's
pseudo-device	bpfilter 4

# KTRACE enables the system-call tracing facility ktrace(2).
# This adds 4 KB bloat to your kernel, and slightly increases
# the costs of each syscall.
options		KTRACE		#kernel tracing
=================================================

I have turned externel caching off. Set the DRAM chip speed to 70ns,
enabled BIOS caching, swapped out an in new ethernet cards, new cable,
enabled PPPD direct from the server. 

combed my hair a different way, held my mouth differently, and
made offerings to the Great God Intel... and not a few others as well.

NADA. NOTHING makes the slightest difference.

IF.... you have any constructive suggestions. I'd like to hear them.
I'd really hate to have to change OS's, as apart from this problem,
FBSD is a great system to work with. and I don't even know if the problem
is a FBSD problem.

cheers,
Bob

-- 
chalmers.com.au: P.O. Box 2003. Mackay. 4740   		   +61-0412-079025
robert@chalmers.com.au for Whirled Peas		http://www.chalmers.com.au
Location: The Great Australian Content Site.		21'7" S, 149'14" E.

From owner-freebsd-isp  Sat Feb  8 16:05:37 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA08775
          for isp-outgoing; Sat, 8 Feb 1997 16:05:37 -0800 (PST)
Received: from mail.id.net (mail.id.net [199.125.1.6])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id QAA08743;
          Sat, 8 Feb 1997 16:05:19 -0800 (PST)
Received: from server.id.net (server.id.net [199.125.2.20]) by mail.id.net (8.7.5/ID-Net) with ESMTP id TAA10286; Sat, 8 Feb 1997 19:12:44 -0500 (EST)
From: Robert Shady <rls@mail.id.net>
Received: (from rls@localhost) by server.id.net (8.8.2/8.7.3) id TAA06715; Sat, 8 Feb 1997 19:05:58 -0500 (EST)
Message-Id: <199702090005.TAA06715@server.id.net>
Subject: Re: Packet filtering help please
In-Reply-To: <32FCF895.59E2B600@whistle.com> from Julian Elischer at "Feb 8, 97 02:05:09 pm"
To: julian@whistle.com (Julian Elischer)
Date: Sat, 8 Feb 1997 19:05:57 -0500 (EST)
Cc: tiller@connectnet.com, FreeBSD-Questions@freebsd.org,
        FreeBSD-ISP@freebsd.org
X-Mailer: ELM [version 2.4ME+ PL25 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> > this will add to my system.  Also,
> > where can I find more info on how to construct rules? 
> > (Beyond the man pages.)
> > I will be doing this all remotely, so getting it right the first time is
> > essential.
> 
> add the following code to the rc file 
> ipfw add 10000  allow ip from all to all
> ipfw add 1000   deny ip from {his address}
> 
> 
> that should about do it..
> remember that the default rule is:
> ipfw add 65536 deny ip from any to any
> 
> so you need to add the allow rule above via /etc/rc
> because you won't be able to get to the box to do it by hand :)

Also remember that the numbers are the 'rules numbers', they are
parsed from highest to lowest, and everyone must be different.
In the above example, it starts our like this

RULE #
======
65536  deny ip from any to any  (Don't let ANYONE into this box by default)
10000  allow ip from all to all (Now allow EVERYONE into this box by default)
1000   deny ip from a.a.a.a     (Now just deny people from a.a.a.a)

And you could add...

999    deny ip from b.b.b.b     (Now deny people from a.a.a.a & b.b.b.b)

etc.

	-- Rob
===
      _/_/_/_/_/  _/_/_/_/               _/_/    _/  _/_/_/_/_/  _/_/_/_/_/
         _/      _/      _/    _/_/_/   _/  _/  _/  _/_/_/_/        _/
   _/_/_/_/_/  _/_/_/_/               _/      _/  _/_/_/_/_/      _/

                             Innovative Data Services 
                          Serving South-Eastern Michigan 
        Internet Service Provider / Hardware Sales / Consulting Services
       Voice: (810)855-0404 / Fax: (810)855-3268 / Web: http://www.id.net

From owner-freebsd-isp  Sat Feb  8 16:23:30 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id QAA10226
          for isp-outgoing; Sat, 8 Feb 1997 16:23:30 -0800 (PST)
Received: from sax.sax.de (sax.sax.de [193.175.26.33])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id QAA10126;
          Sat, 8 Feb 1997 16:22:35 -0800 (PST)
Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id BAA09838; Sun, 9 Feb 1997 01:21:46 +0100
Received: (from j@localhost) by uriah.heep.sax.de (8.8.5/8.6.9) id BAA29966; Sun, 9 Feb 1997 01:07:43 +0100 (MET)
Message-ID: <Mutt.19970209010742.j@uriah.heep.sax.de>
Date: Sun, 9 Feb 1997 01:07:42 +0100
From: j@uriah.heep.sax.de (J Wunsch)
To: robert@nanguo.chalmers.com.au (Robert Chalmers)
Cc: freebsd-isp@freebsd.org (FreeBSD ISP), bugs@freebsd.org
Subject: Re: I give up! no ideas left.
References: <199702082309.JAA00202@nanguo.chalmers.com.au>
X-Mailer: Mutt 0.55-PL10
Mime-Version: 1.0
X-Phone: +49-351-2012 669
X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F  93 21 E0 7D F9 12 D6 4E
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
In-Reply-To: <199702082309.JAA00202@nanguo.chalmers.com.au>; from Robert Chalmers on Feb 9, 1997 09:09:47 +1000
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

As Robert Chalmers wrote:

> The saga of failing connections to my web site. Some do, some dont.
> 2.1.5 will, 2.2 wont. Anything SUN based also seems to barf. I dont
> know about the rest. Some connect and hang. 5000 a month on average
> have no problems at all!!!

What does netstat say for these connections?

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)

From owner-freebsd-isp  Sat Feb  8 17:38:21 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA13847
          for isp-outgoing; Sat, 8 Feb 1997 17:38:21 -0800 (PST)
Received: from megazone.bigpanda.com (hac-nj2-05.ix.netcom.com [206.214.115.69])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA13830
          for <freebsd-isp@freebsd.org>; Sat, 8 Feb 1997 17:38:14 -0800 (PST)
Received: from localhost.bigpanda.com (localhost.bigpanda.com [127.0.0.1]) by megazone.bigpanda.com (8.7.5/8.6.12) with SMTP id UAA01887; Sat, 8 Feb 1997 20:37:38 -0500 (EST)
Message-Id: <199702090137.UAA01887@megazone.bigpanda.com>
X-Authentication-Warning: megazone.bigpanda.com: Host localhost.bigpanda.com [127.0.0.1] didn't use HELO protocol
To: Chris Bura <chris@MAIN.Netcorps.com>
cc: freebsd-isp@freebsd.org
Subject: SCSI-to-SCSI RAID controllers (was "RAID ? ")
In-reply-to: Your message of "Fri, 07 Feb 1997 14:02:34 PST."
             <199702072202.OAA03484@main.netcorps.com> 
Date: Sat, 08 Feb 1997 20:37:37 -0500
From: Richard Hwang <rhwang@bigpanda.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

There seems to be much interest in RAID for FreeBSD, but there doesn't
seem to be anything in the handbook nor FAQ regarding SCSI-to-SCSI
RAID controllers.  I would be more than happy to write something on
SCSI-to-SCSI RAID controllers, as I have been researching them for
awhile, and will be working with the CMD Daytona (see below) in the
next few weeks.

> Well after checking out Mylex's website I noticed a product called
> the DAC960SUI which connects the a SCSI controller.  It's supposed to
> just be seen as a hard drive as far as the OS is concerned.  
> Have no idea what it costs.  Can't seem to find a retailer around with
> enough IQ to figure out that if it's not in stock, it still may exist...

CMD Technology Inc. (http://www.cmd.com/) also makes SCSI-to-SCSI RAID
controllers.  They also have a turnkey system, the Daytona, which
includes a RAID controller and a drive enclosure with redundant power
supplies, hot-swappable drive canisters, and an extra slot for a tape
drive. 

The CMD CRD-5500 RAID controller is their top of the line product.  It
supports RAID levels 0, 1, 1+0, 4, and 5, and comes standard with 16MB
cache RAM (expandable to 512MB with 72-pin SIMMs).  It comes in the
standard 5.25" full-height form factor, so you can put it into any
standard case which has full-height bays.  This beast has 9 slots, in
which you can put the following SCSI interface modules:

CRD-5530 10MB/s single-ended FAST/SCSI-2 (disk channel only), $395
CRD-5540 20MB/s single-ended FAST/WIDE SCSI-2 (disk/host channel), $495
CRD-5560 20MB/s differential FAST/WIDE SCSI-2 (disk/host channel), $595
   **All prices are list prices

The CRD-5500 by itself (no modules) lists for $3,525.

The CRD-5500 controller supports any combination of interface modules,
with a maximum of 4 host channels and a maximum of 8 disk channels.
Yes, this means that this one RAID controller can be connected to
multiple FreeBSD machines.  I'm not exactly sure what the limitations
are with this, though.

CRD-550-015 CRD-5500 with 1 single-ended FAST/WIDE SCSI-2 host module
and 5 FAST SCSI-2 

The CRD-5500 can also be hooked up to another CRD-5500 using the
Failover kit (P/N: AAK-005500-000) for redundancy.

The Daytona contains a CMD CRD-5300 RAID controller and an enclosure
with support for either 4 3.5" half-height disks or 6 3.5" low profile
disks.  It comes with 16M cache, and has hot swappable redundant fans
and power supplies.  The following is a table of model numbers and
list prices for the Daytona:

HWS-005931-141  4 3.5" half-height canisters, single-ended FAST SCSI-2
list $5,995

HWS-005931-161  6 3.5" low profile canisters, single-ended FAST SCSI-2
list $5,995

HWS-005931-241  4 3.5" half-height canisters, single-ended FAST/WIDE SCSI-2
list $6,118

HWS-005931-261  6 3.5" low profile canisters, single-ended FAST/WIDE SCSI-2
list $6,118

HWS-005932-141  4 3.5" half-height canisters, differential FAST SCSI-2
list $6,395

HWS-005932-161  6 3.5" low profile canisters, differential FAST SCSI-2
list $6,395

HWS-005932-241  4 3.5" half-height canisters, differential FAST/WIDE SCSI-2
list $6,518

HWS-005932-261  6 3.5" low profile canisters, differential FAST/WIDE SCSI-2
list $6,518

  ** All Daytonas have 1 host port and 2 SCSI channels, and are
     expandable to 128M of cache

There will supposedly be a slave drive box (to be available soon) so
you can attach more drives to the Daytona.  No word on when that might
be available, though.

As for availability, CMD recently announced that it is distributing
the Daytona through Tech Data (large distributor), so it shouldn't be
*that* hard to find.

I apologize for the lengthy message, but some of this info isn't on
their web site (I had to get them to fax it to me).

---
Richard Hwang                                               rhwang@bigpanda.com
Big Panda House Consulting                              http://www.bigpanda.com

From owner-freebsd-isp  Sat Feb  8 17:41:46 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id RAA14266
          for isp-outgoing; Sat, 8 Feb 1997 17:41:46 -0800 (PST)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.2.144.5])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id RAA14225;
          Sat, 8 Feb 1997 17:41:31 -0800 (PST)
Received: (from danny@localhost) by panda.hilink.com.au (8.7.6/8.7.3) id MAA19061; Sun, 9 Feb 1997 12:43:06 +1100 (EST)
Date: Sun, 9 Feb 1997 12:43:05 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Robert Shady <rls@mail.id.net>
cc: Julian Elischer <julian@whistle.com>, tiller@connectnet.com,
        FreeBSD-Questions@freebsd.org, FreeBSD-ISP@freebsd.org
Subject: Re: Packet filtering help please
In-Reply-To: <199702090005.TAA06715@server.id.net>
Message-ID: <Pine.BSF.3.91.970209124130.427v-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk



On Sat, 8 Feb 1997, Robert Shady wrote:

> > 
> > add the following code to the rc file 
> > ipfw add 10000  allow ip from all to all
> > ipfw add 1000   deny ip from {his address}
> > 
> > 
> > that should about do it..
> > remember that the default rule is:
> > ipfw add 65536 deny ip from any to any
> > 
> > so you need to add the allow rule above via /etc/rc
> > because you won't be able to get to the box to do it by hand :)
> 
> Also remember that the numbers are the 'rules numbers', they are
> parsed from highest to lowest, and everyone must be different.
> In the above example, it starts our like this

No.  The rules are parsed in ascending rule number order.  Rules can have
the same number.  Rules with the same number are parsed in the order they
were added to the system (first come first parsed.)

Danny

From owner-freebsd-isp  Sat Feb  8 18:16:56 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id SAA16300
          for isp-outgoing; Sat, 8 Feb 1997 18:16:56 -0800 (PST)
Received: from alpha.xerox.com (alpha.Xerox.COM [13.1.64.93])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id SAA16278;
          Sat, 8 Feb 1997 18:16:45 -0800 (PST)
Received: from crevenia.parc.xerox.com ([13.2.116.11]) by alpha.xerox.com with SMTP id <18650(3)>; Sat, 8 Feb 1997 18:16:13 PST
Received: from localhost by crevenia.parc.xerox.com with SMTP id <177476>; Sat, 8 Feb 1997 18:16:07 -0800
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: freebsd-questions@freebsd.org (bsd), freebsd-isp@freebsd.org (FreeBSD ISP),
        bugs@freebsd.org
Subject: Re: I give up! no ideas left. 
In-reply-to: Your message of "Sat, 08 Feb 97 15:09:47 PST."
             <199702082309.JAA00202@nanguo.chalmers.com.au> 
Date: Sat, 8 Feb 1997 18:16:01 PST
From: Bill Fenner <fenner@parc.xerox.com>
Message-Id: <97Feb8.181607pst.177476@crevenia.parc.xerox.com>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

In message <199702082309.JAA00202@nanguo.chalmers.com.au> you write:
>IF.... you have any constructive suggestions. I'd like to hear them.

Find a pair of hosts between which the connections always fail.
Attempt to do a connection while running "tcpdump -w /tmp/foo tcp and
host host1 and host host2".  Make the resulting file available to
people who are interested in the problem.

  Bill

From owner-freebsd-isp  Sat Feb  8 18:41:44 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id SAA19054
          for isp-outgoing; Sat, 8 Feb 1997 18:41:44 -0800 (PST)
Received: from whistle.com (s205m131.whistle.com [207.76.205.131])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id SAA19026;
          Sat, 8 Feb 1997 18:41:38 -0800 (PST)
Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id SAA11408; Sat, 8 Feb 1997 18:41:06 -0800 (PST)
Received: from alpo.whistle.com(207.76.205.1) by whistle.com via smap (V1.3)
	id sma011406; Sat Feb  8 18:40:45 1997
Received: from current1.whistle.com (current1.whistle.com [207.76.205.22])
          by alpo.whistle.com (8.8.5/8.8.4) with SMTP
	  id SAA25835; Sat, 8 Feb 1997 18:37:28 -0800 (PST)
Message-ID: <32FD37FA.41C67EA6@whistle.com>
Date: Sat, 08 Feb 1997 18:35:38 -0800
From: Julian Elischer <julian@whistle.com>
Organization: Whistle Communications
X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386)
MIME-Version: 1.0
To: Robert Shady <rls@mail.id.net>
CC: tiller@connectnet.com, FreeBSD-Questions@freebsd.org,
        FreeBSD-ISP@freebsd.org
Subject: Re: Packet filtering help please
References: <199702090005.TAA06715@server.id.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Robert Shady wrote:
> 
> > > this will add to my system.  Also,
> > > where can I find more info on how to construct rules?
> > > (Beyond the man pages.)
> > > I will be doing this all remotely, so getting it right the first time is
> > > essential.
> >
> > add the following code to the rc file
> > ipfw add 10000  allow ip from all to all
> > ipfw add 1000   deny ip from {his address}
> >
> >
> > that should about do it..
> > remember that the default rule is:
> > ipfw add 65536 deny ip from any to any
> >
> > so you need to add the allow rule above via /etc/rc
> > because you won't be able to get to the box to do it by hand :)
> 
> Also remember that the numbers are the 'rules numbers', they are
> parsed from highest to lowest, and everyone must be different.
> In the above example, it starts our like this
> 
> RULE #
> ======
> 65536  deny ip from any to any  (Don't let ANYONE into this box by default)
> 10000  allow ip from all to all (Now allow EVERYONE into this box by default)
> 1000   deny ip from a.a.a.a     (Now just deny people from a.a.a.a)
> 
> And you could add...
> 
> 999    deny ip from b.b.b.b     (Now deny people from a.a.a.a & b.b.b.b)

Boy is that confusing!
1/ there can be more than one rule with ths same number.. ordering of
such rules is undefined.
2/ the rules are parsed LOWEST to HIGHEST..

the rules are interpretted with an implied  "OTHERWISE go on to the next
rule".

while (rules to do) {
	if (condition of next rule is true) {
		if (rule is deny)
			return FALSE;
		else	/* rule is accept */
			return TRUE;
	}
	rule++; /* move on to next rule */
}


in other words the set above are:


1000 If it's our pesky friend block it and go get the next packet.
otherwise, go on to the next rule.
10000 Allow all packets not already thrown out.
65535	*never reached *

From owner-freebsd-isp  Sat Feb  8 19:38:34 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id TAA22736
          for isp-outgoing; Sat, 8 Feb 1997 19:38:34 -0800 (PST)
Received: from spinner.DIALix.COM (spinner.DIALix.COM [192.203.228.67])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id TAA22712;
          Sat, 8 Feb 1997 19:38:23 -0800 (PST)
Received: from spinner.DIALix.COM (localhost.DIALix.oz.au [127.0.0.1])
          by spinner.DIALix.COM (8.8.4/8.8.4) with ESMTP id LAA05161;
          Sun, 9 Feb 1997 11:37:30 +0800 (WST)
Message-Id: <199702090337.LAA05161@spinner.DIALix.COM>
X-Mailer: exmh version 2.0gamma 1/27/96
To: Robert Chalmers <robert@nanguo.chalmers.com.au>
cc: freebsd-questions@freebsd.org (bsd), freebsd-isp@freebsd.org (FreeBSD ISP),
        bugs@freebsd.org
Subject: Re: I give up! no ideas left. 
In-reply-to: Your message of "Sun, 09 Feb 1997 09:09:47 +1000."
             <199702082309.JAA00202@nanguo.chalmers.com.au> 
Date: Sun, 09 Feb 1997 11:37:29 +0800
From: Peter Wemm <peter@spinner.DIALix.COM>
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Robert Chalmers wrote:
> The saga of failing connections to my web site. Some do, some dont.
> 2.1.5 will, 2.2 wont. Anything SUN based also seems to barf. I dont
> know about the rest. Some connect and hang. 5000 a month on average
> have no problems at all!!!

Have you tried turning off the transaction tcp code?  (see RFC1323 and RFC1644)

In /etc/sysconfig:
#
# Some broken implementations can't handle the RFC 1323 and RFC 1644
# TCP options.  If TCP connections randomly hang, try disabling this,
# and bug the vendor of the losing equipment.
#
tcp_extensions=YES

Changing YES to NO and rebooting is the permanent way.

Or, you can do this at run time without a reboot to test it:
sysctl -w net.inet.tcp.rfc1323=0
sysctl -w net.inet.tcp.rfc1644=0

Did you mention an Annex in the pathway?  I understand they are known to 
cause problems with T/TCP headers.

On http://www.noao.edu/~rstevens/ttcp.html I see:

Implementations that Interact Poorly with T/TCP
 * Solaris, through and including 2.5. See Section 3.7 of TCP/IP Illustrated,
   Volume 3 for details.  
 * AIX 4.1.2. Earlier versions, specifically 3.2.2, handled SYN/data/FIN
   segments correctly. 
 * Annex terminal servers. These don't like SYN segments with FIN or data.
   This botch extends to their SLIP/PPP implementation (perhaps only when
   doing VJ compression), so that T/TCP across an Annex acting as a dialup
   SLIP server fails even if both ends are capable. 
 * Linux. 
 * KA9Q. 

This page is from the author of the TCP/IP Illustrated series, 
W. Richard Stevens.

Cheers,
-Peter



From owner-freebsd-isp  Sat Feb  8 22:56:55 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id WAA02438
          for isp-outgoing; Sat, 8 Feb 1997 22:56:55 -0800 (PST)
Received: from saguaro.flyingfox.com (saguaro.flyingfox.com [204.188.109.253])
          by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id WAA02410;
          Sat, 8 Feb 1997 22:56:45 -0800 (PST)
Received: (from jas@localhost) by saguaro.flyingfox.com (8.6.12/8.6.10) id WAA07862; Sat, 8 Feb 1997 22:52:01 -0800
Date: Sat, 8 Feb 1997 22:52:01 -0800
From: Jim Shankland <jas@flyingfox.COM>
Message-Id: <199702090652.WAA07862@saguaro.flyingfox.com>
To: bugs@freebsd.org, freebsd-isp@freebsd.org, freebsd-questions@freebsd.org,
        robert@nanguo.chalmers.com.au
Subject: Re:  I give up! no ideas left.
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Never give up.  There's an answer out there somewhere.

Here's what I find when I connect to port 80 of your machine
(nanguo.chalmers.com.au) and do a "GET / HTTP/1.0":

>From SunOS 4.1.4:  everything works.

>From FreeBSD 2.2-BETA_A:  Connection hangs.  My end is ESTABLISHED.
A packet trace reveals that after the initial, 3-way TCP handshake,
I receive the *second* data packet from you (covering bytes
1440:2049, or something like that), but I never get the first
(bytes 1:1440).  Of course, my end immediately does an ACK 1
to signal that it got an out-of-sequence packet; but to no
avail.  That packet simply never arrives.

Same thing happens whether RFC1323 and RFC1644 are enabled or
not; so my tentative conclusion is that they are not a factor.

I can probably look into this further on Monday (Tuesday in Australia,
unfortunately), if it hasn't been resolved by that time.

Jim Shankland
Flying Fox Computer Systems, Inc.

From owner-freebsd-isp  Sat Feb  8 23:41:10 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id XAA04670
          for isp-outgoing; Sat, 8 Feb 1997 23:41:10 -0800 (PST)
Received: from mp.aha.ru (ns.aha.ru [194.135.22.36])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id XAA04650;
          Sat, 8 Feb 1997 23:41:04 -0800 (PST)
Received: by mp.aha.ru id KAA19046;
  (8.8.5/vak/1.8e) Sun, 9 Feb 1997 10:40:13 +0300 (MSK)
From: bvt@mp.aha.ru (Boris Tyshkiewitch)
Message-Id: <199702090740.KAA19046@mp.aha.ru>
Subject: Re: I give up! no ideas left.
To: jas@flyingfox.COM (Jim Shankland)
Date: Sun, 9 Feb 1997 10:40:12 +0300 (MSK)
Cc: bugs@freebsd.org, freebsd-isp@freebsd.org, freebsd-questions@freebsd.org,
        robert@nanguo.chalmers.com.au
In-Reply-To: <199702090652.WAA07862@saguaro.flyingfox.com> from "Jim Shankland" at Feb 8, 97 10:52:01 pm
X-Mailer: ELM [version 2.4 PL24alpha5]
MIME-Version: 1.0
Content-Type: text/plain; charset=KOI8-R
Content-Transfer-Encoding: 8bit
Sender: owner-isp@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

> 
> Here's what I find when I connect to port 80 of your machine
> (nanguo.chalmers.com.au) and do a "GET / HTTP/1.0":
> 
> >From SunOS 4.1.4:  everything works.
> 
> >From FreeBSD 2.2-BETA_A:  Connection hangs.  My end is ESTABLISHED.
> A packet trace reveals that after the initial, 3-way TCP handshake,
> I receive the *second* data packet from you (covering bytes
> 1440:2049, or something like that), but I never get the first
> (bytes 1:1440).  Of course, my end immediately does an ACK 1
> to signal that it got an out-of-sequence packet; but to no
> avail.  That packet simply never arrives.
> 
> Same thing happens whether RFC1323 and RFC1644 are enabled or
> not; so my tentative conclusion is that they are not a factor.
> 


 I have souch problem. squid cache works fine from FreeBSD 2.1.0 but
connections hungs from 2.2-BETA.  host in question was www.kenwoodusa.com


  After tricks with tcpdump I see picture like discribed above.

  I found differense. 2.1.0 begin session with mss 512, 2.2-BETA - with 1460.
After setting MTU 1006 or less on 2.2 box they work fine.

  When I do traceroute to  www.kenwoodusa.com, they failed (ping still ok).

  I think that some router in that place discard ICMP replayes, so MTU
discovery not working ....


  Why 2.1.0 begin session from smaller MSS values that 2.2-BETA?  Why 2.2-BETA
do that?  What is right way?



Boris.