From owner-freebsd-isp Sun Apr 14 3: 4:59 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mars-gw.morning.ru (ns.morning.ru [195.161.98.5]) by hub.freebsd.org (Postfix) with ESMTP id 188C037B400; Sun, 14 Apr 2002 03:04:50 -0700 (PDT) Received: (from root@localhost) by mars-gw.morning.ru (8.11.5/8.11.5) id g3EA4lC05175; Sun, 14 Apr 2002 18:04:47 +0800 (KRAST) Date: Sun, 14 Apr 2002 18:04:47 +0800 From: Igor M Podlesny To: net@FreeBSD.ORG Cc: freebsd-isp@FreeBSD.ORG Subject: patch -- An ingress filter (RFC2827) Message-ID: <20020414180447.A93954@mars-gw.morning.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello! I'd like to know your opinion about this patch http://www.morning.ru/~poige/patchzone/ingressfiltering.patch which is mine attempt to implement an ingress filter being inspired by RFC2827 "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing". (http://www.ietf.org/rfc/rfc2827.txt) It should be mentioned IMHO that this code makes another one in ip_input.c a kind of redundant -- I mean code checking/blocking the 127/8 network "on wire". BTW, I suggest if not removing it completely then adding (sys)logging into, -- 127/8-spoofing certainly should be logged. :) Another thing to pay an attention to: I deem it'd be better if a such filter was built-in into ip_fw.c, allowing such syntax for ipfw(8): deny log ip from any to any in via fxp0 spoofed But AFAIS in ip_fw.h: #define IP_FW_F_IN 0x00000100 ... #define IP_FW_F_DME 0x40000000 /* destination = me */ #define IP_FW_F_MASK 0x7FFFFFFF /* All possible flag bits mask */ and u_int32_t fw_flg; there is no free space for any additional flags... So, I was a bit unsure whether should I expand fw_flg to u_int64_t, and do any other extensions. For now I decided just to wrote something like a draft, test it (it seems to be working ;), and asking you, people, for your comments/ideas on it. P.S. A bit more info on this patch is at http://www.morning.ru/~poige/patchzone/ -- Igor M Podlesny a.k.a. Poige http://WwW.MorninG.RU/~poige To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Apr 14 14:25:50 2002 Delivered-To: freebsd-isp@freebsd.org Received: from iguana.icir.org (iguana.icir.org [192.150.187.36]) by hub.freebsd.org (Postfix) with ESMTP id EAE7C37B400; Sun, 14 Apr 2002 14:25:40 -0700 (PDT) Received: (from rizzo@localhost) by iguana.icir.org (8.11.6/8.11.3) id g3ELPRR19424; Sun, 14 Apr 2002 14:25:27 -0700 (PDT) (envelope-from rizzo) Date: Sun, 14 Apr 2002 14:25:27 -0700 From: Luigi Rizzo To: Igor M Podlesny Cc: net@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: patch -- An ingress filter (RFC2827) Message-ID: <20020414142527.B18991@iguana.icir.org> References: <20020414180447.A93954@mars-gw.morning.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020414180447.A93954@mars-gw.morning.ru> User-Agent: Mutt/1.3.23i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, this is more a comment on rfc2827 than on the patch (which seems to do basically what is in the RFC). This kind of filtering gives very little protection. For single-homed systems with a default route, basically the only packets that it can deny are those with a 127/8 source address on the wire. And even the case of multi-homed routers, in most cases it will likely protect only from attacks coming from the inside of your network. Finally, i agree that the place for this code is within ip_fw.c, definitely not ip_input.c cheers luigi > > Hello! > > I'd like to know your opinion about this patch > > http://www.morning.ru/~poige/patchzone/ingressfiltering.patch > > which is mine attempt to implement an ingress filter being inspired by > RFC2827 "Network Ingress Filtering: Defeating Denial of Service Attacks > which employ IP Source Address Spoofing". > > (http://www.ietf.org/rfc/rfc2827.txt) > > It should be mentioned IMHO that this code makes another one in ip_input.c a > kind of redundant -- I mean code checking/blocking the 127/8 network "on > wire". BTW, I suggest if not removing it completely then adding (sys)logging > into, -- 127/8-spoofing certainly should be logged. :) > > Another thing to pay an attention to: I deem it'd be better if a such filter > was built-in into ip_fw.c, allowing such syntax for ipfw(8): > > deny log ip from any to any in via fxp0 spoofed > > But AFAIS in ip_fw.h: > > #define IP_FW_F_IN 0x00000100 > ... > #define IP_FW_F_DME 0x40000000 /* destination = me */ > > #define IP_FW_F_MASK 0x7FFFFFFF /* All possible flag bits mask */ > > and u_int32_t fw_flg; > > there is no free space for any additional flags... > > So, I was a bit unsure whether should I expand fw_flg to u_int64_t, and do > any other extensions. For now I decided just to wrote something like a > draft, test it (it seems to be working ;), and asking you, people, for your > comments/ideas on it. > > P.S. A bit more info on this patch is at http://www.morning.ru/~poige/patchzone/ > > -- > Igor M Podlesny a.k.a. Poige > http://WwW.MorninG.RU/~poige > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Apr 14 19: 5:44 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mars-gw.morning.ru (ns.morning.ru [195.161.98.5]) by hub.freebsd.org (Postfix) with ESMTP id 018EF37B419; Sun, 14 Apr 2002 19:05:34 -0700 (PDT) Received: (from root@localhost) by mars-gw.morning.ru (8.11.5/8.11.5) id g3F252I26454; Mon, 15 Apr 2002 10:05:02 +0800 (KRAST) Date: Mon, 15 Apr 2002 10:05:01 +0800 From: Igor M Podlesny To: Richard A Steenbergen Cc: Luigi Rizzo , Igor M Podlesny , net@FreeBSD.ORG, freebsd-isp@FreeBSD.ORG Subject: Re: patch -- An ingress filter (RFC2827) Message-ID: <20020415100501.B93954@mars-gw.morning.ru> References: <20020414180447.A93954@mars-gw.morning.ru> <20020414142527.B18991@iguana.icir.org> <20020414225243.GW523@overlord.e-gerbil.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020414225243.GW523@overlord.e-gerbil.net>; from ras@e-gerbil.net on Sun, Apr 14, 2002 at 06:52:43PM -0400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sun, Apr 14, 2002 at 06:52:43PM -0400, Richard A Steenbergen wrote: > On Sun, Apr 14, 2002 at 02:25:27PM -0700, Luigi Rizzo wrote: > > > > Hi, > > this is more a comment on rfc2827 than on the patch (which seems to do > > basically what is in the RFC). > > This kind of filtering gives very little protection. For single-homed > > systems with a default route, basically the only packets that it > > can deny are those with a 127/8 source address on the wire. > > And even the case of multi-homed routers, in most cases it will likely > > protect only from attacks coming from the inside of your network. > > I do completely agree with Richard A Steenbergen who's saying: > The point of RFC2827 isn't to protect you from an attack by spoofing > source addresses it is to prevent you (and/or your downstream customers) > from being the source of address spoofing attacks against others. Of > course it was written from the router point of view, "ingress" refering to > the traffic you take in from your customers. > > Finally, i agree that the place for this code is within ip_fw.c, > > definitely not ip_input.c yeah, this'd be a better choice. > On a system level, this means preventing your server from being > compromised and used to attack others (or at least attack others with > spoofed source addresses). This would probably be most closely associated > with a securelevel, which drops packets sent through raw sockets with a > source address that you don't have on your system. Unfortunately, there is > nothing preventing an attacker from adding fake aliases to an interface > and then spoofing from those IPs, but it would certainly clamp down on > random source attacks. > Of course, you would have to adjust securelevel to prevent interface and > routing changes as well. But securelevel sucks, why not get rid of it. It > would be much better to have the ability to cut off specific capabilities > for the entire system (some simple sysctl's), without being forced into > setting things you don't want to when you only have a few "modes" of > operation. this refers to a host(router)-itself protection, IMHO... > After you do that, this filtering would actually be a fairly > useful feature. Great, any specific ideas? :) > -- > Richard A Steenbergen http://www.e-gerbil.net/ras -- Igor M Podlesny a.k.a. Poige http://WwW.MorninG.RU/~poige To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 3:31:32 2002 Delivered-To: freebsd-isp@freebsd.org Received: from webmail.emre.de (webmail.emre.de [194.8.203.50]) by hub.freebsd.org (Postfix) with ESMTP id DD23D37B405 for ; Mon, 15 Apr 2002 03:31:28 -0700 (PDT) Received: (from www@localhost) by webmail.emre.de (8.11.6/8.11.6) id g3FAVQt07132 for freebsd-isp@freebsd.org; Mon, 15 Apr 2002 12:31:27 +0200 (CEST) (envelope-from info@emre.de) X-Authentication-Warning: webmail.emre.de: www set sender to info@emre.de using -f Received: from 194.8.193.125 ( [194.8.193.125]) as user emre@webmail.emre.de by webmail.emre.de with HTTP; Mon, 15 Apr 2002 12:31:25 +0200 Message-ID: <1018866685.3cbaabfda3405@webmail.emre.de> Date: Mon, 15 Apr 2002 12:31:25 +0200 From: Emre Bastuz To: freebsd-isp@freebsd.org Subject: Wrong drive Geometry with IBM Deskstar + Tyan Mainboard ? MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit User-Agent: Internet Messaging Program (IMP) 3.0 X-Originating-IP: 194.8.193.125 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I´ve just been trying to setup FreeBSD 4.5 on hardware consisting of a Tyan Thunder LE-T mainboard and an IBM IDE harddisk with 40 GIG. When I boot off CD, I can do the installation and everything seems fine. When I do a reboot, the system hangs. Even if I do have a bootable CD inserted, the systems tries to boot from harddisk (first boot device is CD) and stops with no messages on the screen. No prompt. Nothing. Just something in the upper left corner of the monitor that resembles a cursor. Does anyone have an idea why: - the bootable CD is being ignored ? - why the installation works but the boot process does not even start ? - how I can fix this ? Maybe this has something to do with the drive geometry - when I start the installation, fdisk complains about "79780/16/63" being not a a valid geometry and choses to use "5005/255/63" instead. Hmmm ... Thanks and regards, Emre -- Emre Bastuz info@emre.de http://www.emre.de UIN: 561260 PGP Key ID: 0xAFAC77FD ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 9:54:48 2002 Delivered-To: freebsd-isp@freebsd.org Received: from relay.office.bezpeka.net (gw.office.bezpeka.net [193.108.112.118]) by hub.freebsd.org (Postfix) with ESMTP id EF62F37B404; Mon, 15 Apr 2002 09:54:38 -0700 (PDT) Received: from server1.office.bezpeka.net (localhost [127.0.0.1]) by relay.office.bezpeka.net (8.12.0/8.12.0) with ESMTP id g3FGr1P6051956; Mon, 15 Apr 2002 19:53:01 +0300 (EEST) Received: (from root@localhost) by server1.office.bezpeka.net (8.12.0/8.12.0/Submit) id g3FGr1Wb051955; Mon, 15 Apr 2002 19:53:01 +0300 (EEST) Date: Mon, 15 Apr 2002 19:53:01 +0300 (EEST) From: apache@ukr.net Message-Id: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net> To: isp@freebsd.org Subject: ipfw fwd to named Cc: hackers@freebsd.org Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi. I have network interface rl0 rl0: flags=8843 mtu 1500 inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 ether 00:60:52:0b:a3:0a media: Ethernet autoselect (100baseTX ) status: active In named.conf listen-on port 2053 { 192.168.10.26; }; Named works fine in JAIL dig -p 2053 @192.168.10.26 test.domain I want to forward all 192.168.10.22:53 queries to the jailed named. ifpw add 300 fwd 192.168.10.26,2053 udp from any to 192.168.10.22 53 ifpw add 310 fwd 192.168.10.26,2053 tcp from any to 192.168.10.22 53 When i launch dig without port options to the server 192.168.10.22 it says that connection refused. I did same this sshd (put it in jail and forward its port) and it works fine. What's wrong? -- e-mail: apache@ukr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 13: 9:28 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mailer.seidata.com (mail1.seidata.com [206.162.192.15]) by hub.freebsd.org (Postfix) with ESMTP id 3B1D737B404 for ; Mon, 15 Apr 2002 13:09:24 -0700 (PDT) Received: from wopr.seidata.com (wopr.seidata.com [206.162.192.54]) by mailer.seidata.com (8.12.2/8.12.2) with SMTP id g3FK9HeP097980 for ; Mon, 15 Apr 2002 16:09:17 -0400 (EDT) (envelope-from pboehmer@seidata.com) Date: Mon, 15 Apr 2002 16:09:31 -0400 From: Paul Boehmer To: isp@freebsd.org Subject: 4.5-STABLE, Sendmail 8.12.2 and SASL Message-Id: <20020415160931.5db28951.pboehmer@seidata.com> Organization: SEI Data, Inc. X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I cvsup'd a test box today, built world, etc and managed to lose SMTP Auth ability. There are no error messages from either maillog, nor messages. The Outlook Express simply states that the network connection has been dropped or timed out (this is an immediate error, no waiting for the error to come up). I have ran mergemaster to incorporate the Sendmail 8.12.2 changes per UPDATING. The only thing I could get to work was to set "sendmail_enable=none", build /usr/ports/mail/sendmail-sasl, and edit /etc/mail/mailer.conf to point to the sendmail-sasl binary. This works as advertised with my current mc file. Is this the prefered way to have SMTP AUTH now? I have the following in /etc/make.conf: SENDMAIL_CFLAGS+= -I/usr/local/include/sasl -DSASL -D_FFR_UNSAFE_SASL SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl I believe this was the documented way to incorporate SMTP AUTH into Sendmail 8.11.x code that was in core. I guess what I want to know is, is there a way to get SMTP AUTH working with the Sendmail in core, or disable sendmail and run the sendmail-sasl port? Thanks for any help. -- +--------------------------------------------------------+ | Paul Boehmer SEI Data, Inc. | | Systems Administrator 888-200-4392 [V] | | pboehmer@seidata.com 812-744-8000 [F] | +--------------------------------------------------------+ 5 out of 4 people have problems with fractions To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 14: 0:27 2002 Delivered-To: freebsd-isp@freebsd.org Received: from rwcrmhc54.attbi.com (rwcrmhc54.attbi.com [216.148.227.87]) by hub.freebsd.org (Postfix) with ESMTP id 6531537B419; Mon, 15 Apr 2002 14:00:19 -0700 (PDT) Received: from InterJet.elischer.org ([12.232.206.8]) by rwcrmhc54.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020415210019.ISMW15826.rwcrmhc54.attbi.com@InterJet.elischer.org>; Mon, 15 Apr 2002 21:00:19 +0000 Received: from localhost (localhost.elischer.org [127.0.0.1]) by InterJet.elischer.org (8.9.1a/8.9.1) with ESMTP id NAA88300; Mon, 15 Apr 2002 13:50:15 -0700 (PDT) Date: Mon, 15 Apr 2002 13:50:15 -0700 (PDT) From: Julian Elischer To: apache@ukr.net Cc: isp@freebsd.org, hackers@freebsd.org Subject: Re: ipfw fwd to named In-Reply-To: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm not sure the the forwarding code works for udp.. (In fact I'm pretty sure it is not fully implemented) On Mon, 15 Apr 2002 apache@ukr.net wrote: > Hi. > > I have network interface rl0 > > rl0: flags=8843 mtu 1500 > inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 > inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 > ether 00:60:52:0b:a3:0a > media: Ethernet autoselect (100baseTX ) > status: active > > In named.conf > > listen-on port 2053 { > 192.168.10.26; > }; > > Named works fine in JAIL > dig -p 2053 @192.168.10.26 test.domain > > I want to forward all 192.168.10.22:53 queries to the jailed named. > > ifpw add 300 fwd 192.168.10.26,2053 udp from any to 192.168.10.22 53 > ifpw add 310 fwd 192.168.10.26,2053 tcp from any to 192.168.10.22 53 > > When i launch dig without port options to the server 192.168.10.22 it says > that connection refused. > > I did same this sshd (put it in jail and forward its port) and > it works fine. > > What's wrong? > > -- > e-mail: apache@ukr.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 14: 6:25 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx-00.sil.at (mx-00.sil.at [62.116.68.196]) by hub.freebsd.org (Postfix) with ESMTP id EFFB837B41B for ; Mon, 15 Apr 2002 14:06:17 -0700 (PDT) Received: (qmail-ldap/ctrl 37786 invoked from network); 15 Apr 2002 21:06:13 -0000 Received: from unknown (HELO ikarus.sil.at) ([194.152.178.41]) (envelope-sender ) by mx-00.sil.at (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for ; 15 Apr 2002 21:06:13 -0000 Date: Mon, 15 Apr 2002 23:06:16 +0200 (MEST) From: Ingo Flaschberger X-X-Sender: chaoztc@ikarus.sil.at To: Julian Elischer Cc: apache@ukr.net, , Subject: Re: ipfw fwd to named In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi On Mon, 15 Apr 2002, Julian Elischer wrote: > I'm not sure the the forwarding code works for udp.. > (In fact I'm pretty sure it is not fully implemented) > > > On Mon, 15 Apr 2002 apache@ukr.net wrote: > > > Hi. > > > > I have network interface rl0 > > > > rl0: flags=8843 mtu 1500 > > inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 > > inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 > > ether 00:60:52:0b:a3:0a > > media: Ethernet autoselect (100baseTX ) > > status: active > > > > When i launch dig without port options to the server 192.168.10.22 it says > > that connection refused. > > > > I did same this sshd (put it in jail and forward its port) and > > it works fine. > > > > What's wrong? do you have a loopback route at the host environment like: 192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 at my side that was the problem (and this route is never mentioned at the jail-man page...( ) bye, Ingo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Apr 15 14:50:18 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx-00.sil.at (mx-00.sil.at [62.116.68.196]) by hub.freebsd.org (Postfix) with ESMTP id 86D0337B41A for ; Mon, 15 Apr 2002 14:50:09 -0700 (PDT) Received: (qmail-ldap/ctrl 38314 invoked from network); 15 Apr 2002 21:50:04 -0000 Received: from unknown (HELO ikarus.sil.at) ([194.152.178.41]) (envelope-sender ) by mx-00.sil.at (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for ; 15 Apr 2002 21:50:04 -0000 Date: Mon, 15 Apr 2002 23:50:08 +0200 (MEST) From: Ingo Flaschberger X-X-Sender: chaoztc@ikarus.sil.at To: apache@ukr.net Cc: isp@FreeBSD.ORG, Subject: Re: ipfw fwd to named (fwd) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > I'm not sure the the forwarding code works for udp.. > (In fact I'm pretty sure it is not fully implemented) > > > On Mon, 15 Apr 2002 apache@ukr.net wrote: > > > Hi. > > > > I have network interface rl0 > > > > rl0: flags=8843 mtu 1500 > > inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 > > inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 > > ether 00:60:52:0b:a3:0a > > media: Ethernet autoselect (100baseTX ) > > status: active > > > > When i launch dig without port options to the server 192.168.10.22 it says > > that connection refused. > > > > I did same this sshd (put it in jail and forward its port) and > > it works fine. > > > > What's wrong? >do you have a loopback route at the host environment like: >192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 sorry,... wrong ip... i meant the ip of the jailed host 192.168.10.22 should go to the loopback. bye, Ingo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 0:36: 6 2002 Delivered-To: freebsd-isp@freebsd.org Received: from relay.office.bezpeka.net (gw.office.bezpeka.net [193.108.112.118]) by hub.freebsd.org (Postfix) with ESMTP id DF9E937B404 for ; Tue, 16 Apr 2002 00:35:38 -0700 (PDT) Received: from server1.office.bezpeka.net (localhost [127.0.0.1]) by relay.office.bezpeka.net (8.12.0/8.12.0) with ESMTP id g3G7XbP6012913 for ; Tue, 16 Apr 2002 10:33:37 +0300 (EEST) Received: (from vatchenko@localhost) by server1.office.bezpeka.net (8.12.0/8.12.0/Submit) id g3G7Xb9Q012912; Tue, 16 Apr 2002 10:33:37 +0300 (EEST) Date: Tue, 16 Apr 2002 10:33:37 +0300 (EEST) Message-Id: <200204160733.g3G7Xb9Q012912@server1.office.bezpeka.net> From: apache@ukr.net To: isp@freebsd.org Cc: Subject: Re: ipfw fwd to named Reply-To: In-Reply-To: ; from if@sil.at on Mon, Apr 15, 2002 at 11:06:16PM +0200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > do you have a loopback route at the host environment like: > 192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 > > at my side that was the problem (and this route is never mentioned at the > jail-man page...( ) it didn't help. As i've told, i can ``dig -p 2053 ...'', but without port option forwarding doesn't work. -- e-mail: apache@ukr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 1: 9:12 2002 Delivered-To: freebsd-isp@freebsd.org Received: from relay.office.bezpeka.net (gw.office.bezpeka.net [193.108.112.118]) by hub.freebsd.org (Postfix) with ESMTP id D6AB337B404 for ; Tue, 16 Apr 2002 01:08:54 -0700 (PDT) Received: from server1.office.bezpeka.net (localhost [127.0.0.1]) by relay.office.bezpeka.net (8.12.0/8.12.0) with ESMTP id g3G87HP6015642 for ; Tue, 16 Apr 2002 11:07:17 +0300 (EEST) Received: (from vatchenko@localhost) by server1.office.bezpeka.net (8.12.0/8.12.0/Submit) id g3G87Hv9015641; Tue, 16 Apr 2002 11:07:17 +0300 (EEST) Date: Tue, 16 Apr 2002 11:07:17 +0300 (EEST) Message-Id: <200204160807.g3G87Hv9015641@server1.office.bezpeka.net> From: apache@ukr.net To: isp@freebsd.org Cc: Subject: Re: ipfw fwd to named (fwd) Reply-To: In-Reply-To: ; from if@sil.at on Mon, Apr 15, 2002 at 11:50:08PM +0200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > >do you have a loopback route at the host environment like: > >192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 > > sorry,... wrong ip... i meant the ip of the jailed host 192.168.10.22 > should go to the loopback. 192.168.10.26 is a jailed ip. But anyway its alias. -- e-mail: apache@ukr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 5:15:47 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by hub.freebsd.org (Postfix) with ESMTP id 1016037B404 for ; Tue, 16 Apr 2002 05:15:39 -0700 (PDT) Received: from wash by ns2.wananchi.com with local (Exim 3.35 #1 (FreeBSD)) id 16xRqa-000CEH-00; Tue, 16 Apr 2002 15:14:08 +0300 Date: Tue, 16 Apr 2002 15:14:08 +0300 From: Odhiambo Washington To: Tom Wiebe Cc: FBSD-ISP Subject: Re: Secondary Mail Server?? Message-ID: <20020416121408.GB89191@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , Tom Wiebe , FBSD-ISP References: <20020414023101.GB7840@lapdance.solheim> <1A050290-4F5C-11D6-BFAC-0030658FC1FC@mac.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1A050290-4F5C-11D6-BFAC-0030658FC1FC@mac.com> User-Agent: Mutt/1.3.25i X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Fortune: One thing the inventors can't seem to get the bugs out of is fresh paint. X-Operating-System: FreeBSD 4.5-STABLE i386 X-Best-Window-Manager: XFCE X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. X-Uptime: 3:12PM up 37 days, 23:03, 2 users, load averages: 0.25, 0.22, 0.22 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org * Tom Wiebe [20020414 07:00]: wrote: > Hi all, > > Wow, I just can't believe all the wonderful responses people have given on > this, on and off the list. > > There's a stereotype of Unix users being arrogant and ungiving that we > would often come up on the various Mac server lists I've been part of for > the last couple of years. > > It would appear that that stereotype did not start from the FreeBSD > community. I only wish I had joined sooner! > > I picked up my servers this afternoon and I can hardly wait to see how > FreeBSD will scream on modern hardware (PIII 1000), I've been pretty happy > farting around with it on my old 166 mhz Pentium. > > Thanks a lot to everyone!! Just before you go to bed, CommuniGate might be a candidate for you. I am currently evaluating it and seriously considering changing from the wonderful world of Exim. See http://www.stalker.com -Wash -- Odhiambo Washington "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) ++ Cabbage, n.: A familiar kitchen-garden vegetable about as large and wise as a man's head. -- Ambrose Bierce, "The Devil's Dictionary" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 6: 6:50 2002 Delivered-To: freebsd-isp@freebsd.org Received: from smtpout.mac.com (smtpout.mac.com [204.179.120.86]) by hub.freebsd.org (Postfix) with ESMTP id D5EAF37B417 for ; Tue, 16 Apr 2002 06:06:45 -0700 (PDT) Received: from smtp-relay01.mac.com (smtp-relay01-qfe3 [10.13.10.224]) by smtpout.mac.com (8.12.1/8.10.2/1.0) with ESMTP id g3GD6jW5021493 for ; Tue, 16 Apr 2002 06:06:45 -0700 (PDT) Received: from asmtp01.mac.com ([10.13.10.65]) by smtp-relay01.mac.com (Netscape Messaging Server 4.15 relay01 Jun 21 2001 23:53:48) with ESMTP id GUNWF300.QVO for ; Tue, 16 Apr 2002 06:06:39 -0700 Received: from localhost ([207.6.134.194]) by asmtp01.mac.com (Netscape Messaging Server 4.15 asmtp01 Jun 21 2001 23:53:48) with ESMTP id GUNWF300.0XH for ; Tue, 16 Apr 2002 06:06:39 -0700 Date: Tue, 16 Apr 2002 06:06:37 -0700 Subject: Re: Secondary Mail Server?? Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v481) From: Tom Wiebe To: isp@freebsd.org Content-Transfer-Encoding: 7bit In-Reply-To: <20020416121408.GB89191@ns2.wananchi.com> Message-Id: X-Mailer: Apple Mail (2.481) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Just before you go to bed, CommuniGate might be a candidate for you. I am > currently > evaluating it and seriously considering changing from the wonderful world > of Exim. > See http://www.stalker.com > I am very familiar with Communigate Pro. My current email server is Stalker's excellent SIMS (Stalker Internet Mail Server), which is free. Now, I'm not adverse in any way to paying for software, heck, I've got thousands of dollars worth of 4D database licenses. But, Stalker is definitely targetting a much higher end customer than I am with Communigate Pro. I don't need webmail, list management, IMAP or any of the dozens of other wonderful features that Communigate Pro offers and I just can't justify the $1500 or so CDN that the license I would need will cost. I hope and pray every day that Stalker will come out with a lite version of Communigate Pro. I'd love to give them my money, they are a fabulous company with great products. Just not the right product for my needs going forward, financially at least. For those of you that haven't heard of SIMS, it's a great little email server, offering POP and SMTP with really strong anti-spam features and a very powerful router that is incredibly easy to set up and administer. It runs only on Classic Mac OS and Stalker has no plans to upgrade it at this time to run on OS X or any other flavour of Unix. I'll continue to run it for the time being, until I feel brave enough to step my foot into the nasty, confusing world of Open source MTA's or Stalker releases a stripped down version of Communigate. Tom Wiebe The Image Foundation http://www.imagefoundation.com/ (604) 688-3124 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 12:48:28 2002 Delivered-To: freebsd-isp@freebsd.org Received: from stella.pyramus.com (stella.pyramus.com [206.129.206.3]) by hub.freebsd.org (Postfix) with ESMTP id BF16437B426 for ; Tue, 16 Apr 2002 12:48:10 -0700 (PDT) Received: from pyramus.com (dark-star.pyramus.com [206.129.206.6]) by stella.pyramus.com (8.11.6/8.9.3) with ESMTP id g3GJp2G75810 for ; Tue, 16 Apr 2002 12:51:03 -0700 (PDT) (envelope-from blake@pyramus.com) Message-ID: <3CBC819B.2ADF71B8@pyramus.com> Date: Tue, 16 Apr 2002 12:55:07 -0700 From: Blake Swensen X-Mailer: Mozilla 4.74 [en]C-DIAL (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: ISP LIST Subject: drweb -- error connecting to filter Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anyone using this excellent virus scanner w/ sendmail? Need help setting it up, and am finding the documentation a little ... shall we say ... thin. Sendmail (Xfilter) cannot connect to the filter (either in TCP or Unix Socket mode). /var/log/messages reports Apr 16 12:05:54 vtiserv drwebd: Invalid line in INI-file: 44 Apr 16 12:05:54 vtiserv drwebd: Invalid line in INI-file: 62 Apr 16 12:05:54 vtiserv drwebd: Invalid line in INI-file: 63 Apr 16 12:05:54 vtiserv drwebd: Invalid line in INI-file: 64 Apr 16 12:05:54 vtiserv drwebd: Daemon is installed, TCP socket created on port 3001 However, the lines are the default as (note line 44 is a remark!): 44: ;SocketMode = Unix 62: MaxCompressionRatio = 20 63: MaxChildren = 16 64: SyslogFacility = "Daemon" Particulars: drweb 4.2 FreeBSD 4.4 RELEASE sendmail 8.11.3 Thanks, Blake To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 22:39:30 2002 Delivered-To: freebsd-isp@freebsd.org Received: from rwcrmhc53.attbi.com (rwcrmhc53.attbi.com [204.127.198.39]) by hub.freebsd.org (Postfix) with ESMTP id 30C2737B404; Tue, 16 Apr 2002 22:39:23 -0700 (PDT) Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc53.attbi.com (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP id <20020417053922.QZMW1083.rwcrmhc53.attbi.com@blossom.cjclark.org>; Wed, 17 Apr 2002 05:39:22 +0000 Received: (from cjc@localhost) by blossom.cjclark.org (8.11.6/8.11.6) id g3H5dIS60416; Tue, 16 Apr 2002 22:39:18 -0700 (PDT) (envelope-from cjc) Date: Tue, 16 Apr 2002 22:39:18 -0700 From: "Crist J. Clark" To: apache@ukr.net Cc: isp@FreeBSD.ORG, hackers@FreeBSD.ORG Subject: Re: ipfw fwd to named Message-ID: <20020416223918.B59924@blossom.cjclark.org> References: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200204151653.g3FGr1Wb051955@server1.office.bezpeka.net>; from apache@ukr.net on Mon, Apr 15, 2002 at 07:53:01PM +0300 X-URL: http://people.freebsd.org/~cjc/ Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, Apr 15, 2002 at 07:53:01PM +0300, apache@ukr.net wrote: > Hi. > > I have network interface rl0 > > rl0: flags=8843 mtu 1500 > inet 192.168.10.22 netmask 0xffffff00 broadcast 192.168.10.255 > inet 192.168.10.26 netmask 0xffffffff broadcast 192.168.10.26 > ether 00:60:52:0b:a3:0a > media: Ethernet autoselect (100baseTX ) > status: active > > In named.conf > > listen-on port 2053 { > 192.168.10.26; > }; > > Named works fine in JAIL > dig -p 2053 @192.168.10.26 test.domain > > I want to forward all 192.168.10.22:53 queries to the jailed named. > > ifpw add 300 fwd 192.168.10.26,2053 udp from any to 192.168.10.22 53 > ifpw add 310 fwd 192.168.10.26,2053 tcp from any to 192.168.10.22 53 > > When i launch dig without port options to the server 192.168.10.22 it says > that connection refused. > > I did same this sshd (put it in jail and forward its port) and > it works fine. > > What's wrong? Have you done a tcpdump(1) on the loopback to see what is going on? # tcpdump -ni lo0 -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Apr 16 23:34: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by hub.freebsd.org (Postfix) with ESMTP id CCA8D37B417 for ; Tue, 16 Apr 2002 23:33:56 -0700 (PDT) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 16xiBu-00079x-00; Tue, 16 Apr 2002 22:41:14 -0700 Date: Tue, 16 Apr 2002 22:41:12 -0700 (PDT) From: Tom Samplonius To: apache@ukr.net Cc: isp@freebsd.org Subject: Re: ipfw fwd to named In-Reply-To: <200204160733.g3G7Xb9Q012912@server1.office.bezpeka.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 16 Apr 2002 apache@ukr.net wrote: > > do you have a loopback route at the host environment like: > > 192.168.10.26 127.0.0.1 UGHS 3 4497 lo0 > > > > at my side that was the problem (and this route is never mentioned at the > > jail-man page...( ) > > it didn't help. As i've told, i can ``dig -p 2053 ...'', > but without port option forwarding doesn't work. I'm not sure why you want to do this, but "fwd" simply directs the packet to a specific port. It doesn't alter the packet, so the application must understand what to do with it. named will simply drop packets coming from an IP that it didn't bind to. You probably want to do a form of NAT, so the source and destination IPs are translated prior to directing the packets to named. Basically, so the destination IP is translated to the IP you are forwarding it to, and reversed on reply traffic. However, that seems like a lot of overhead. Much better to get DNS traffic to go direct. Tom To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 7:12:22 2002 Delivered-To: freebsd-isp@freebsd.org Received: from h38n2fls34o1000.telia.com (h38n2fls34o1000.telia.com [213.64.210.38]) by hub.freebsd.org (Postfix) with ESMTP id E217537B405 for ; Wed, 17 Apr 2002 07:12:18 -0700 (PDT) Received: from veidit.net ([62.20.106.149]) (authenticated bits=0) by h38n2fls34o1000.telia.com (8.12.2/8.12.2) with ESMTP id g3HECGq5001981 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO) for ; Wed, 17 Apr 2002 16:12:17 +0200 (CEST) Message-ID: <3CBD82B9.2070408@veidit.net> Date: Wed, 17 Apr 2002 16:12:09 +0200 From: John Angelmo User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:0.9.9) Gecko/20020414 X-Accept-Language: en-us, en MIME-Version: 1.0 To: isp@freebsd.org Subject: Sniffer Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello I have a small problem. Some hosts at a campus are portsniffing or checking for unpatched windows boxes. I can place my little freebsd laptop on the switch and sniff. Are there any good tools for sniffing and getting OK reports, if they are in ports, that would be perfect. Free tools are OK to start with, I don't have more money to spend then $50-$200 on a sniffer. /John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 7:19: 0 2002 Delivered-To: freebsd-isp@freebsd.org Received: from smtp.kka.com (smtp.kka.com [63.141.65.2]) by hub.freebsd.org (Postfix) with ESMTP id 7D2E737B416 for ; Wed, 17 Apr 2002 07:18:51 -0700 (PDT) Subject: Re: Sniffer To: isp@freebsd.org X-Mailer: Lotus Notes Release 5.0.8 June 18, 2001 Message-ID: From: Eric_Stanfield@kenokozie.com Date: Wed, 17 Apr 2002 09:14:22 -0500 X-MIMETrack: Serialize by Router on Notes1st/Keno(Release 5.0.4 |June 8, 2000) at 04/17/2002 09:14:24 AM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Your budget relegates you to free sniffers only (haven't seen any in that price range though I could be mistaken). In ports is Ethereal which runs in X and does a pretty good job. Probably has enough functionality to tell you whatever it is you are trying to find out - which is hopefully how people are able to sniff across a switched network in the first place... -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eric Stanfield, K2Access Keno Kozie Associates 222 N LaSalle #1500 Chicago, IL 60606 (312) 332-3000 John Angelmo To: isp@freebsd.org Sent by: cc: owner-freebsd-isp@F Subject: Sniffer reeBSD.ORG 04/17/2002 09:12 AM Hello I have a small problem. Some hosts at a campus are portsniffing or checking for unpatched windows boxes. I can place my little freebsd laptop on the switch and sniff. Are there any good tools for sniffing and getting OK reports, if they are in ports, that would be perfect. Free tools are OK to start with, I don't have more money to spend then $50-$200 on a sniffer. /John To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 7:33:42 2002 Delivered-To: freebsd-isp@freebsd.org Received: from doc.metva.com.au (c16477.brasd1.vic.optusnet.com.au [210.49.152.96]) by hub.freebsd.org (Postfix) with ESMTP id A127837B420 for ; Wed, 17 Apr 2002 07:33:12 -0700 (PDT) Received: (from enno@localhost) by doc.metva.com.au (8.11.3/8.11.3) id g3HEX3S39289; Thu, 18 Apr 2002 00:33:03 +1000 (EST) (envelope-from enno) Date: Thu, 18 Apr 2002 00:33:02 +1000 From: Enno Davids To: John Angelmo Cc: isp@FreeBSD.ORG Subject: Re: Sniffer Message-ID: <20020418003302.K17567@doc.metva.com.au> References: <3CBD82B9.2070408@veidit.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3CBD82B9.2070408@veidit.net>; from john@veidit.net on Wed, Apr 17, 2002 at 04:12:09PM +0200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wed, Apr 17, 2002 at 04:12:09PM +0200, John Angelmo wrote: |Hello | |I have a small problem. | |Some hosts at a campus are portsniffing or checking for unpatched |windows boxes. | |I can place my little freebsd laptop on the switch and sniff. |Are there any good tools for sniffing and getting OK reports, if they You might have a look at 'snort'. Its actually a network IDS but its pretty much ideal for this sort of thing. Especially as the activity you're interested in is essentially the same sort of thing the bad guys do anyway. Enno. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 8: 9:26 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cutter.wantabe.com (cutter.wantabe.com [204.2.6.8]) by hub.freebsd.org (Postfix) with ESMTP id 5B7FC37B400 for ; Wed, 17 Apr 2002 08:09:21 -0700 (PDT) Received: from cutter.wantabe.com (cutter.wantabe.com [204.2.6.8]) by cutter.wantabe.com (8.10.1/8.10.1) with ESMTP id g3HF9At74750; Wed, 17 Apr 2002 10:09:10 -0500 (CDT) Date: Wed, 17 Apr 2002 10:09:10 -0500 (CDT) From: "Jeffrey J. Libman" To: John Angelmo Cc: isp@FreeBSD.ORG Subject: Re: Sniffer In-Reply-To: <3CBD82B9.2070408@veidit.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org nmap, found in the ports collection, does a good job of this. jeff -- | |\ +------------------------------+ Jeffrey J. Libman, ops. mgr. | \ | Wantabe Internet Services | Wantabe, Inc. |__\ +------------------------------+ jeffrl@wantabe.com <-----|------> (281) 345-0215 __,.-=\'`^`'~=-../__,.-= On Wed, 17 Apr 2002, John Angelmo wrote: > Hello > > I have a small problem. > > Some hosts at a campus are portsniffing or checking for unpatched > windows boxes. > > I can place my little freebsd laptop on the switch and sniff. > Are there any good tools for sniffing and getting OK reports, if they > are in ports, that would be perfect. > Free tools are OK to start with, I don't have more money to spend then > $50-$200 on a sniffer. > > /John > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 11: 9:56 2002 Delivered-To: freebsd-isp@freebsd.org Received: from webclan.com (webclan.com [216.149.213.2]) by hub.freebsd.org (Postfix) with SMTP id BA0AC37B405 for ; Wed, 17 Apr 2002 11:09:52 -0700 (PDT) Received: (qmail 21861 invoked from network); 17 Apr 2002 18:17:18 -0000 Received: from unknown (HELO MK4100) (134.71.135.5) by msquaredweb.net with SMTP; 17 Apr 2002 18:17:18 -0000 Message-ID: <00e801c1e63b$06cea730$05874786@MK4100> From: "Mike K" To: Subject: A cheap load-balancing?/backup/redundancy solution Date: Wed, 17 Apr 2002 11:09:32 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all.. I've got a few scenarios for you, and hopefully you can point me in the right direction... I've got 2 FreeBSD boxes, A and B, colo'd at different facilities. The main purposes of the servers is to provide web hosting, mail, and radius authentication. A serves the following purposes: --> Web hosting server --> Mail server (QMail + vpopmail) --> DNS (primary for all domains) --> FTP for Web Hosting users --> MySQL server for Hosting clients & radius B currently only does a couple of things: --> Mirrors the web hosting data tree (basically retrieves all web hosting client's files nightly via rsync+ssh) --> Mirrors MySQL in real-time A is a much higher allotment of bandwidth available than B, therefore I don't simply want to setup Apache on B and change the DNS entry for each domain to both an IP on A and B, as that would equally share the requests between the two servers, which is bad due to the bandwidth restrictions on B. Instead, what I want to accomplish, is a fairly automated system that will allow all web traffic and mail to be directed to B should A go offline for whatever reason. Here's what I had thought of..... (1) Setup apache on B (2) Change the ip (and ns listed on the domain) for the primary DNS domain to point to an ip on B (this should automagically update the ip address for the primary NS for all domains using it, correct?) (3) Setup qmail on B to catch all email and hold it until A comes back online (4) Setup some sort of cron'd script that tests to see if A is available every X minutes. If A is unreachable for X minutes, the script would change each domain's zone file to change the IN A entry to point to an ip on B, as well as the mail entry to an ip on B (5) A second script should then be available to change all zone files back to A, once A is available The issues I see with this method include cached dns entries, etc. Any ideas? Am I on the wrong track? Am I on the right track? Anyone have similar scripts they wouldn't mind sharing? Thanks much for your time. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 17:33: 6 2002 Delivered-To: freebsd-isp@freebsd.org Received: from squid.tznet.com (squid.tznet.com [66.170.64.7]) by hub.freebsd.org (Postfix) with ESMTP id 4804037B404; Wed, 17 Apr 2002 17:33:01 -0700 (PDT) Received: from mail.tznet.com (mail.tznet.com [66.170.64.2]) by squid.tznet.com (8.11.2/8.11.2) with ESMTP id g3I0Wsf24142; Wed, 17 Apr 2002 19:32:54 -0500 (CDT) Date: Wed, 17 Apr 2002 19:32:54 -0500 (CDT) From: Scott Pilz To: freebsd-questions@freebsd.org Cc: freebsd-isp@freebsd.org Subject: Secure Shell/FTP Questions Message-ID: <20020417192702.P43790-100000@mail.tznet.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have two questions that no one seems to be able to answer for me - nor can I find any straight forward answers over the internet. This is my last hope . . . #1: sshd is enabled, and works - however, to my understanding you cannot have secure ftp connections chrooted directly to the users home directory like you can on normal FTP by putting the username in /etc/ftpchroot. Can this be done? Is there another freeware program for BSD that supports SSH/FTP that can do this? #2: What are you using for secure shells? I am currently using the program chrsh which uses the chroot(8). It works well, but this comes to a problem. For every program that people want to use, it has to be copied into their bin directory. They cannot leave their chroot (their home directory) but if they require so many programs, it's nearly impossible to get many of them to work (for example, perl compiler which requires multiple dependents). Lastly, what are most ISP's doing as far as secure shells and what not? Is this the popular way of doing it, or is there a better way out there? thanks in advance, Scott To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 18:52:54 2002 Delivered-To: freebsd-isp@freebsd.org Received: from tron1.servetron.net (servtron.cei.net [204.117.117.241]) by hub.freebsd.org (Postfix) with ESMTP id 789AA37B417 for ; Wed, 17 Apr 2002 18:52:47 -0700 (PDT) Received: from abit (pcp458167pcs.7acres01.ar.comcast.net [68.51.13.85]) by tron1.servetron.net (Postfix) with SMTP id 2EB3014B749 for ; Wed, 17 Apr 2002 20:55:07 -0500 (CDT) Reply-To: From: "Don Reaves ServeTron Corp." To: Subject: RE: Secure Shell/FTP Questions Date: Wed, 17 Apr 2002 20:55:05 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 In-Reply-To: <20020417192702.P43790-100000@mail.tznet.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I manage a small ISP running on FreeBSD. My customers don't get *any* shell access. > Lastly, what are most ISP's doing as far as secure shells and what > not? Is this the popular way of doing it, or is there a better way out > there? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 20:37:22 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mail.day-light.net (day-light.net [64.37.72.2]) by hub.freebsd.org (Postfix) with ESMTP id E57EE37B404 for ; Wed, 17 Apr 2002 20:37:16 -0700 (PDT) Received: from w1 (118-203.bestdsl.net [216.162.118.203]) by mail.day-light.net (Postfix) with SMTP id 07E57350BA for ; Wed, 17 Apr 2002 22:37:16 -0500 (CDT) Reply-To: From: "John Brooks" To: Subject: RE: Secure Shell/FTP Questions Date: Wed, 17 Apr 2002 22:37:21 -0500 Message-ID: <000901c1e68a$599cad00$c905010a@daylight.net> MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 In-Reply-To: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org nor do mine... -- John Brooks john@stlbsd.org -----Original Message----- From: Don Reaves ServeTron Corp. I manage a small ISP running on FreeBSD. My customers don't get *any* shell access. > Lastly, what are most ISP's doing as far as secure shells and what > not? Is this the popular way of doing it, or is there a better way out > there? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Apr 17 21:35:34 2002 Delivered-To: freebsd-isp@freebsd.org Received: from pendragon.tacni.net (radius.tacni.net [64.247.218.2]) by hub.freebsd.org (Postfix) with SMTP id 4B1EE37B416 for ; Wed, 17 Apr 2002 21:35:31 -0700 (PDT) Received: (qmail 40571 invoked by alias); 18 Apr 2002 04:35:20 -0000 Received: from unknown (HELO tacni.com) (216.201.213.69) by tacni.net with SMTP; 18 Apr 2002 04:35:20 -0000 Message-ID: <3CBE4D0A.D275B63E@tacni.com> Date: Wed, 17 Apr 2002 23:35:22 -0500 From: Tom ONeil Reply-To: tom.oneil@tacni.com Organization: TACNI/ ColocateUSA X-Mailer: Mozilla 4.77 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: Free Subject: Re: Secure Shell/FTP Questions References: <000901c1e68a$599cad00$c905010a@daylight.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > > Lastly, what are most ISP's doing as far as secure shells and what > > not? Is this the popular way of doing it, or is there a better way out > > there? Refer them elsewhere. John Brooks wrote: > > nor do mine... > > -- > John Brooks > john@stlbsd.org > > -----Original Message----- > From: Don Reaves ServeTron Corp. > > I manage a small ISP running on FreeBSD. My customers don't get *any* shell > access. > > > Lastly, what are most ISP's doing as far as secure shells and what > > not? Is this the popular way of doing it, or is there a better way out > > there? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Thomas J. ONeil tom.oneil@tacni.net "For more than twenty years now I've dreamed of living in a whole world of software that doesn't suck --" ESR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 3:37:32 2002 Delivered-To: freebsd-isp@freebsd.org Received: from marvin.trident-uk.co.uk (mail.trident-uk.co.uk [195.166.16.10]) by hub.freebsd.org (Postfix) with ESMTP id 3C98937B405 for ; Thu, 18 Apr 2002 03:37:29 -0700 (PDT) Received: (from root@localhost) by marvin.trident-uk.co.uk (8.11.1/8.11.1) id g3IAKqf01634 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 11:20:52 +0100 (BST) Received: from trident-uk.co.uk (root@mufuf.trident-uk.co.uk [194.207.93.63]) by marvin.trident-uk.co.uk (8.11.1/8.11.1av) with ESMTP id g3IAKoO01625 for ; Thu, 18 Apr 2002 11:20:50 +0100 (BST) Received: (from jamie@localhost) by trident-uk.co.uk (8.11.6/8.11.6) id g3IAggP75098 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 11:42:42 +0100 (BST) (envelope-from jamie) Date: Thu, 18 Apr 2002 11:42:42 +0100 From: Jamie Heckford To: freebsd-isp@freebsd.org Subject: LDAP and MySQL Message-ID: <20020418114242.A75082@mufuf.trident-uk.co.uk> Reply-To: jamie@tridentmicrosystems.co.uk Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, Is it possible to have an LDAP server that uses MySQL as a backend to store all of its information? I've had a hunt around but it doesn't look like its easily done. Please let me know if anyone has had any success with the above or recommendations. Thanks :) -- +--------------------------------------------------------------+ | Jamie Heckford | t: +44(0)1737 780790 | | Network Manager | f: +44(0)1737 771908 | | Trident Microsystems Ltd. | w: www.tridentmicrosystems.co.uk | ---------------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 4:22:26 2002 Delivered-To: freebsd-isp@freebsd.org Received: from smtp06.retemail.es (smtp06.iddeo.es [62.81.186.16]) by hub.freebsd.org (Postfix) with ESMTP id 8EB6737B419 for ; Thu, 18 Apr 2002 04:22:12 -0700 (PDT) Received: from mailscan ([62.81.202.67]) by smtp06.retemail.es (InterMail vM.5.01.03.02 201-253-122-118-102-20010403) with SMTP id <20020418112211.IKJX15175.smtp06.retemail.es@mailscan> for ; Thu, 18 Apr 2002 13:22:11 +0200 Received: FROM svrtransito.sadiel.es BY mailscan ; Thu Apr 18 13:20:17 2002 +0200 Received: from CORREO.sadiel.es ([62.81.202.90]) by svrtransito.sadiel.es with Microsoft SMTPSVC(5.0.2195.2966); Thu, 18 Apr 2002 13:24:26 +0200 Received: from bsd.sadiel.es ([172.18.1.41]) by CORREO.sadiel.es with Microsoft SMTPSVC(5.0.2195.2966); Thu, 18 Apr 2002 13:24:26 +0200 Date: Thu, 18 Apr 2002 13:21:57 +0200 From: Jorge Bianquetti de las Heras To: jamie@tridentmicrosystems.co.uk Cc: freebsd-isp@freebsd.org Subject: Re: LDAP and MySQL Message-Id: <20020418132157.6377d0da.jbianquetti@sadiel.es> In-Reply-To: <20020418114242.A75082@mufuf.trident-uk.co.uk> References: <20020418114242.A75082@mufuf.trident-uk.co.uk> X-Mailer: Sylpheed version 0.7.4 (GTK+ 1.2.10; i386-portbld-freebsd4.5) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 18 Apr 2002 11:24:26.0281 (UTC) FILETIME=[9900F190:01C1E6CB] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, 18 Apr 2002 11:42:42 +0100 Jamie Heckford wrote: > Hi, > > Is it possible to have an LDAP server that uses MySQL as a backend > to store all of its information? > Yes, it's possible. In opeldap there is a backend for sql databases with ODBC, see openldap's tarball But this is not recomended, read sql-backend's README > I've had a hunt around but it doesn't look like its easily done. > > Please let me know if anyone has had any success with the above > or recommendations. > Use only ldap or use pam_mysql. > Thanks :) > Not at all :-) > -- > +--------------------------------------------------------------+ > | Jamie Heckford | t: +44(0)1737 780790 | > | Network Manager | f: +44(0)1737 771908 | > | Trident Microsystems Ltd. | w: www.tridentmicrosystems.co.uk | > ---------------------------------------------------------------+ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 12:35: 1 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lynx.syix.com (lynx.syix.com [205.171.72.20]) by hub.freebsd.org (Postfix) with ESMTP id C5CE637B416 for ; Thu, 18 Apr 2002 12:34:54 -0700 (PDT) Received: from leopard (leopard.syix.com [205.171.72.34]) by lynx.syix.com (8.11.6/8.11.6) with ESMTP id g3IJYqe37937 for ; Thu, 18 Apr 2002 12:34:52 -0700 (PDT) (envelope-from dave@syix.com) Reply-To: From: "Dave Overton" To: Subject: Sendmail - host name lookup failure Date: Thu, 18 Apr 2002 12:34:54 -0700 Organization: SYIX.COM Message-ID: <007b01c1e710$1dfd3130$2248abcd@leopard> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I need an education... Or at least some help anyway. I did all the tests I can think of, on the DNS server, and the mail server, to see if I can find the reason for this error message.... Nslookup and dig and even sendmail with debugging.... " ----- The following addresses had permanent fatal errors ----- ----- Transcript of session follows ----- ... Deferred: Name server: cboegwy01.boe.ca.gov.: host name lookup failure Message could not be delivered for 5 days Message will be deleted from queue " Everything I have tried shows this thing as "ok" but Sendmail flat says its bad. Any reason for it that perhaps anyone out there is aware of? And if you can show me why, so I can learn, I would appreciate it. Dave Overton SYIX.COM To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13: 8:35 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lynx.syix.com (lynx.syix.com [205.171.72.20]) by hub.freebsd.org (Postfix) with ESMTP id C519737B416 for ; Thu, 18 Apr 2002 13:08:31 -0700 (PDT) Received: from lynx.syix.com (localhost [127.0.0.1]) by lynx.syix.com (8.12.3/8.12.3) with ESMTP id g3IK8Uqs002240 for ; Thu, 18 Apr 2002 13:08:30 -0700 (PDT) (envelope-from dave@lynx.syix.com) Received: (from root@localhost) by lynx.syix.com (8.12.3/8.12.3/Submit) id g3IK8UhW002239 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 13:08:30 -0700 (PDT) Date: Thu, 18 Apr 2002 13:08:30 -0700 From: System Administrator To: freebsd-isp@freebsd.org Subject: Re: Sendmail - host name lookup failure Message-ID: <20020418130830.A1833@lynx.syix.com> References: <007b01c1e710$1dfd3130$2248abcd@leopard> <200204181949.g3IJn5e41088@lynx.syix.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200204181949.g3IJn5e41088@lynx.syix.com>; from simon@optinet.com on Thu, Apr 18, 2002 at 03:56:19PM -0400 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Apr 18, 2002 at 03:56:19PM -0400, Simon wrote: > > What happens when you do "nslookup cboegwy01.boe.ca.gov" > on that same box? > This: lynx:[/home/dave] > nslookup cboegwy01.boe.ca.gov Server: localhost.syix.com Address: 127.0.0.1 Non-authoritative answer: Name: cboegwy01.boe.ca.gov Address: 168.71.115.200 > >I need an education... Or at least some help anyway. > > > >I did all the tests I can think of, on the DNS server, and the mail > >server, to see if I can find the reason for this error message.... > >Nslookup and dig and even sendmail with debugging.... > >" > > ----- The following addresses had permanent fatal errors ----- > > > > > > ----- Transcript of session follows ----- > >... Deferred: Name server: > >cboegwy01.boe.ca.gov.: host name lookup failure > >Message could not be delivered for 5 days > >Message will be deleted from queue > >" > > > >Everything I have tried shows this thing as "ok" but Sendmail flat says > >its bad. Any reason for it that perhaps anyone out there is aware of? > >And if you can show me why, so I can learn, I would appreciate it. > > > > > >Dave Overton SYIX.COM -- Dave Overton www.syix.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13:13:51 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 7DFF037B404 for ; Thu, 18 Apr 2002 13:13:42 -0700 (PDT) Received: (qmail 96072 invoked by uid 106); 18 Apr 2002 20:15:16 -0000 Received: from 24-90-121-13.nyc.rr.com (HELO station1) (24.90.121.13) by cobra.acceleratedweb.net with SMTP; 18 Apr 2002 20:15:16 -0000 From: "Simon" To: "root@lynx.syix.com" , "freebsd-isp@freebsd.org" Date: Thu, 18 Apr 2002 16:20:57 -0400 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195;2) In-Reply-To: <20020418130830.A1833@lynx.syix.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Sendmail - host name lookup failure Message-Id: <20020418201342.7DFF037B404@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Was it always like this? is this happening with all emails you try to send or just this particular one? I'm not a sendmail guru and use qmail, so won't be able to help beyond the obvious. -Simon On Thu, 18 Apr 2002 13:08:30 -0700, System Administrator wrote: >On Thu, Apr 18, 2002 at 03:56:19PM -0400, Simon wrote: >> >> What happens when you do "nslookup cboegwy01.boe.ca.gov" >> on that same box? >> > >This: > >lynx:[/home/dave] > nslookup cboegwy01.boe.ca.gov >Server: localhost.syix.com >Address: 127.0.0.1 > >Non-authoritative answer: >Name: cboegwy01.boe.ca.gov >Address: 168.71.115.200 > > >> >I need an education... Or at least some help anyway. >> > >> >I did all the tests I can think of, on the DNS server, and the mail >> >server, to see if I can find the reason for this error message.... >> >Nslookup and dig and even sendmail with debugging.... >> >" >> > ----- The following addresses had permanent fatal errors ----- >> > >> > >> > ----- Transcript of session follows ----- >> >... Deferred: Name server: >> >cboegwy01.boe.ca.gov.: host name lookup failure >> >Message could not be delivered for 5 days >> >Message will be deleted from queue >> >" >> > >> >Everything I have tried shows this thing as "ok" but Sendmail flat says >> >its bad. Any reason for it that perhaps anyone out there is aware of? >> >And if you can show me why, so I can learn, I would appreciate it. >> > >> > >> >Dave Overton SYIX.COM > >-- >Dave Overton www.syix.com > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13:44: 9 2002 Delivered-To: freebsd-isp@freebsd.org Received: from dawgz.drak.com (julie.drak.com [64.81.163.89]) by hub.freebsd.org (Postfix) with ESMTP id 88A4237B416 for ; Thu, 18 Apr 2002 13:44:05 -0700 (PDT) Received: (from drak@localhost) by dawgz.drak.com (8.11.3/8.11.3) id g3IKdZM80818 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 13:39:35 -0700 (PDT) (envelope-from drak) Date: Thu, 18 Apr 2002 13:39:35 -0700 (PDT) Message-Id: <200204182039.g3IKdZM80818@dawgz.drak.com> From: Andrew Matheson To: freebsd-isp@freebsd.org Subject: Re: Sendmail - host name lookup failure Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I just attempted to dig for an mx record for cboegwy01.boe.ca.gov and didn't find a match. Try this from the machine in question: dig cboegwy01.boe.ca.gov MX This might be the cause of your problem. Sendmail doesn't know where to deliver the mail. Good Luck, Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13:48:26 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id EF31537B405 for ; Thu, 18 Apr 2002 13:48:10 -0700 (PDT) Received: (qmail 3999 invoked by uid 106); 18 Apr 2002 20:49:44 -0000 Received: from 24-90-121-13.nyc.rr.com (HELO station1) (24.90.121.13) by cobra.acceleratedweb.net with SMTP; 18 Apr 2002 20:49:44 -0000 From: "Simon" To: "Andrew Matheson" , "freebsd-isp@freebsd.org" Date: Thu, 18 Apr 2002 16:55:24 -0400 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195;2) In-Reply-To: <200204182039.g3IKdZM80818@dawgz.drak.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Sendmail - host name lookup failure Message-Id: <20020418204810.EF31537B405@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org If that's the case, why would it report: cboegwy01.boe.ca.gov.: host name lookup failure instead of no MX record found? -Simon On Thu, 18 Apr 2002 13:39:35 -0700 (PDT), Andrew Matheson wrote: >I just attempted to dig for an mx record for cboegwy01.boe.ca.gov and >didn't find a match. Try this from the machine in question: > >dig cboegwy01.boe.ca.gov MX > >This might be the cause of your problem. Sendmail >doesn't know where to deliver the mail. > >Good Luck, >Andrew > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13:52:43 2002 Delivered-To: freebsd-isp@freebsd.org Received: from sdf.lonestar.org (sdf.lonestar.org [207.202.214.132]) by hub.freebsd.org (Postfix) with ESMTP id 260AE37B421 for ; Thu, 18 Apr 2002 13:52:36 -0700 (PDT) Received: (from thursday@localhost) by sdf.lonestar.org (8.11.6/8.11.6) id g3IKqV227239 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 20:52:31 GMT Date: Thu, 18 Apr 2002 20:52:31 +0000 From: what To: freebsd-isp@freebsd.org Subject: a bit off-topic: machine inventory systems? Message-ID: <20020418205231.A20161@sdf.freeshell.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org It's a bit off topic, I know. What do you all use to keep track of hardware & IP addresses? I've been using a spreadsheet that I inherited, but I'd like to move to a webapp of somesort. I just looked at MID (found it on Freshmeat), but I'm hoping for a few more choices. Pointers, tips, faves? -- thursday@sdf.lonestar.org SDF Public Access UNIX System - http://sdf.lonestar.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 13:55:51 2002 Delivered-To: freebsd-isp@freebsd.org Received: from bilver.wjv.com (spdsl-033.wanlogistics.net [63.209.115.33]) by hub.freebsd.org (Postfix) with ESMTP id DD51237B417 for ; Thu, 18 Apr 2002 13:55:43 -0700 (PDT) Received: (from bv@localhost) by bilver.wjv.com (8.11.6/8.11.6) id g3IKthM74280 for freebsd-isp@freebsd.org; Thu, 18 Apr 2002 16:55:43 -0400 (EDT) (envelope-from bv) Date: Thu, 18 Apr 2002 15:55:43 -0500 From: Bill Vermillion To: freebsd-isp@freebsd.org Subject: Re: Sendmail - host name lookup failure Message-ID: <20020418205542.GA74173@wjv.com> Reply-To: bv@wjv.com References: <200204182039.g3IKdZM80818@dawgz.drak.com> <20020418204810.EF31537B405@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20020418204810.EF31537B405@hub.freebsd.org> User-Agent: Mutt/1.3.25i Organization: W.J.Vermillion / Orlando - Winter Park Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Putting quill to paper and scribbling furiously on Thu, Apr 18, 2002 at 16:55 , Simon missed achieving immortality when he said: > > If that's the case, why would it report: > cboegwy01.boe.ca.gov.: host name lookup failure > instead of no MX record found? From nslookup. Server: bilver.wjv.com Address: 192.168.95.95 boe.ca.gov preference = 5, mail exchanger = cboegwy01.boe.ca.gov boe.ca.gov nameserver = media.boe.ca.gov boe.ca.gov nameserver = nwmgmt.boe.ca.gov cboegwy01.boe.ca.gov internet address = 168.71.115.200 media.boe.ca.gov internet address = 168.71.5.200 nwmgmt.boe.ca.gov internet address = 168.71.5.202 Server: bilver.wjv.com Address: 192.168.95.95 Non-authoritative answer: Name: cboegwy01.boe.ca.gov Address: 168.71.115.200 So the MX for boe.ca.gov ic cboegwy01.boe.ca.gov according to my links. > -Simon > > On Thu, 18 Apr 2002 13:39:35 -0700 (PDT), Andrew Matheson wrote: > > >I just attempted to dig for an mx record for cboegwy01.boe.ca.gov and > >didn't find a match. Try this from the machine in question: > > > >dig cboegwy01.boe.ca.gov MX > > > >This might be the cause of your problem. Sendmail > >doesn't know where to deliver the mail. > > > >Good Luck, > >Andrew > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-isp" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > -- Bill Vermillion - bv @ wjv . com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 15:17:56 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lynx.syix.com (lynx.syix.com [205.171.72.20]) by hub.freebsd.org (Postfix) with ESMTP id 4EEC437B419 for ; Thu, 18 Apr 2002 15:17:48 -0700 (PDT) Received: from leopard (leopard.syix.com [205.171.72.34]) by lynx.syix.com (8.12.3/8.12.3) with ESMTP id g3IMHj6X022297 for ; Thu, 18 Apr 2002 15:17:45 -0700 (PDT) (envelope-from dave@syix.com) Reply-To: From: "Dave Overton" To: Subject: RE: Sendmail - host name lookup failure Date: Thu, 18 Apr 2002 15:17:48 -0700 Organization: SYIX.COM Message-ID: <008d01c1e726$dfc61a00$2248abcd@leopard> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.3416 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <20020418205542.GA74173@wjv.com> Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I see the MX records "normal" here also, but sendmail doesn't. That's the rub, why doesn't it work??? Send email to that address from your server, see if YOU can send him email! dave Dave Overton SYIX.COM > -----Original Message----- > From: owner-freebsd-isp@FreeBSD.ORG > [mailto:owner-freebsd-isp@FreeBSD.ORG] On Behalf Of Bill Vermillion > Sent: Thursday, April 18, 2002 1:56 PM > To: freebsd-isp@FreeBSD.ORG > Subject: Re: Sendmail - host name lookup failure > > > Putting quill to paper and scribbling furiously > on Thu, Apr 18, 2002 at 16:55 , Simon missed achieving > immortality when he said: > > > > > If that's the case, why would it report: > > > cboegwy01.boe.ca.gov.: host name lookup failure > > > instead of no MX record found? > > >From nslookup. > > Server: bilver.wjv.com > Address: 192.168.95.95 > > boe.ca.gov preference = 5, mail exchanger = cboegwy01.boe.ca.gov > boe.ca.gov nameserver = media.boe.ca.gov > boe.ca.gov nameserver = nwmgmt.boe.ca.gov > cboegwy01.boe.ca.gov internet address = 168.71.115.200 > media.boe.ca.gov internet address = 168.71.5.200 > nwmgmt.boe.ca.gov internet address = 168.71.5.202 > > > Server: bilver.wjv.com > Address: 192.168.95.95 > > Non-authoritative answer: > Name: cboegwy01.boe.ca.gov > Address: 168.71.115.200 > > So the MX for boe.ca.gov ic cboegwy01.boe.ca.gov according to > my links. > > > -Simon > > > > On Thu, 18 Apr 2002 13:39:35 -0700 (PDT), Andrew Matheson wrote: > > > > >I just attempted to dig for an mx record for > cboegwy01.boe.ca.gov and > > >didn't find a match. Try this from the machine in question: > > > > > >dig cboegwy01.boe.ca.gov MX > > > > > >This might be the cause of your problem. Sendmail > > >doesn't know where to deliver the mail. > > > > > >Good Luck, > > >Andrew > > > > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > > >with "unsubscribe freebsd-isp" in the body of the message > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > > -- > Bill Vermillion - bv @ wjv . com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 17: 5:35 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ksemat.co.ug (g-class.sanyutel.com [216.250.215.27]) by hub.freebsd.org (Postfix) with ESMTP id 0967637B404 for ; Thu, 18 Apr 2002 17:05:21 -0700 (PDT) Received: from localhost (localhost.sanyutel.com [127.0.0.1]) by ksemat.co.ug (Postfix) with ESMTP id 4998528C; Tue, 16 Apr 2002 16:22:03 +0300 (EAT) Date: Tue, 16 Apr 2002 16:22:03 +0300 (EAT) From: Sematimba Noah Kevin X-X-Sender: ksemat@delight.sanyutel.com To: Tom Wiebe Cc: isp@freebsd.org Subject: Re: Secondary Mail Server?? In-Reply-To: Message-ID: <20020416161914.M614-100000@delight.sanyutel.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > For those of you that haven't heard of SIMS, it's a great little email > server, offering POP and SMTP with really strong anti-spam features and a > very powerful router that is incredibly easy to set up and administer. It > runs only on Classic Mac OS and Stalker has no plans to upgrade it at this > time to run on OS X or any other flavour of Unix. All of which one can get with say Postfix or qmail running against an LDAP/MYSQL/POSTGRESQL etc database for authentication, courier-imap for pop3 and IMAP access or even qmail-pop3d etc and any one of the hundreds of php scripts avilable on freshmeat.net for managing your mail server not to mention the wonderful world of webmin for those who really prefer web based management. Personally I still love my old black and white screen. Noah. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Apr 18 19: 7:16 2002 Delivered-To: freebsd-isp@freebsd.org Received: from skyweb.ca (smtp-2.vancouver.ipapp.com [216.152.192.208]) by hub.freebsd.org (Postfix) with SMTP id 9466B37B400 for ; Thu, 18 Apr 2002 19:07:10 -0700 (PDT) Received: from mjohnston ([209.5.243.50]) by smtp-2.vancouver.ipapp.com ; Thu, 18 Apr 2002 13:36:54 -0700 From: "Mark Johnston" To: Subject: Re: Sendmail - host name lookup failure Date: Thu, 18 Apr 2002 15:36:46 -0500 Organization: SkyWeb Message-ID: <003801c1e718$c2561fa0$3e0fa8c0@skycable.int> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <20020418130830.A1833@lynx.syix.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6600 Importance: Normal Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org > This: > > lynx:[/home/dave] > nslookup cboegwy01.boe.ca.gov > Server: localhost.syix.com > Address: 127.0.0.1 > > Non-authoritative answer: > Name: cboegwy01.boe.ca.gov > Address: 168.71.115.200 I suspect the problem comes from a missing MX. > cboegwy01.boe.ca.gov Server: cache1.mb.skyweb.ca Address: 209.5.243.54 Non-authoritative answer: Name: cboegwy01.boe.ca.gov Address: 168.71.115.200 > set type=mx > cboegwy01.boe.ca.gov Server: cache1.mb.skyweb.ca Address: 209.5.243.54 *** cache1.mb.skyweb.ca can't find cboegwy01.boe.ca.gov: Server failed The host cboegwy01.boe.ca.gov has no MX record. The host itself is running SMTP, but I'm not sure whether sendmail will try the domain part of the address as an MX - maybe there's an option for that, buried in the murky depths of the cf file. The DNS lookup is failing because sendmail, I expect, is sending a query only for MX. Mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Apr 19 7:14:28 2002 Delivered-To: freebsd-isp@freebsd.org Received: from smtp1.amigo.net (smtp1.amigo.net [209.94.64.30]) by hub.freebsd.org (Postfix) with ESMTP id 2C2DF37B400 for ; Fri, 19 Apr 2002 07:14:24 -0700 (PDT) Received: from stalker.amigo.net (billing.amigo.net [209.94.67.250]) by smtp1.amigo.net (8.11.4/8.11.4) with ESMTP id g3JELXB21871; Fri, 19 Apr 2002 08:21:33 -0600 (MDT) (envelope-from randys@amigo.net) Date: Fri, 19 Apr 2002 08:14:47 -0600 (MDT) From: Randy Smith X-X-Sender: randy@stalker.amigo.net To: Andy Farkas Cc: freebsd-isp@freebsd.org Subject: Re: Clarification of kernel log in messages In-Reply-To: Message-ID: <20020419081023.K2170-100000@stalker.amigo.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andy, This machine has been in production for two and a half years. So, I would be surprised if it is the cable. -- Randy Smith Amigo.Net Systems Administrator 1-719-589-6100 x 4185 http://www.amigo.net/ On Fri, 19 Apr 2002, Andy Farkas wrote: > Date: Fri, 19 Apr 2002 12:27:42 +1000 (EST) > From: Andy Farkas > To: Randy Smith > Subject: Re: Clarification of kernel log in messages > > On Thu, 18 Apr 2002, Randy Smith wrote: > > > I would feel a bit unconfortable about it. Maybe even a _lot_ > > > unconfortable. It's a should-not-occur situation, and may be > > > your first inkling of an impending failure. That's me wearing > > > my 37-years-as-a-mainframe-system-programmer hat, but I think > > > the situation translates well from one arena to the other. > > > > What could cause that, other than impending hardware failure? What can I > > do to monitor this and/or track down the problem? (Hardware is not my thing, > > generally.) > > > > Thanks for the input. > > > > Randy > > > > It *could* be a flaky scsi cable. You never said if this was a new system > or an established one - if its new, you could just now be seeing cable > probs... > > -- > > :{ andyf@speednet.com.au > > Andy Farkas > System Administrator > Speednet Communications > http://www.speednet.com.au/ > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Apr 19 12:14:41 2002 Delivered-To: freebsd-isp@freebsd.org Received: from ox.techasia.com.ph (AP-203.167.24.10.sysads.com [203.167.24.10]) by hub.freebsd.org (Postfix) with ESMTP id 8CE2037B400; Fri, 19 Apr 2002 12:14:36 -0700 (PDT) Received: from tiger.techasia.com.ph (AP-203.167.24.9.sysads.com [203.167.24.9]) by ox.techasia.com.ph (Postfix) with ESMTP id C648B24D66; Sat, 20 Apr 2002 03:29:11 +0800 (PHT) Received: from techasia.com.ph (AP-203.167.24.4.sysads.com [203.167.24.4]) by tiger.techasia.com.ph (Postfix) with SMTP id 8D22BF81E; Fri, 19 Apr 2002 12:14:27 +0000 (GMT) From: jessie@techasia.com.ph Reply-To: jessie@techasia.com.ph To: freebsd-isp@freebsd.org Date: Sat, 20 Apr 2002 03:20:06 GMT Subject: alcatel speedtouch pc X-Mailer: DMailWeb Web to Mail Gateway 2.5e, http://netwinsite.com/top_mail.htm Message-id: <3cc0de66.868.0@techasia.com.ph> X-User-Info: 202.138.185.243 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org hi everyone, is there an available driver for alcatel speedtouch pc internal modem? will it work in freebsd? any links would be great... thanks! jessie Powered By: http://www.asiaallied.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Apr 19 17:25:25 2002 Delivered-To: freebsd-isp@freebsd.org Received: from russian-caravan.cloud9.net (russian-caravan.cloud9.net [168.100.1.4]) by hub.freebsd.org (Postfix) with ESMTP id 2660E37B41B; Fri, 19 Apr 2002 17:25:20 -0700 (PDT) Received: from earl-grey.cloud9.net (earl-grey.cloud9.net [168.100.1.1]) by russian-caravan.cloud9.net (Postfix) with ESMTP id E409128BB6; Fri, 19 Apr 2002 20:25:18 -0400 (EDT) Date: Fri, 19 Apr 2002 20:25:18 -0400 (EDT) From: Peter Leftwich X-X-Sender: To: Cc: , FreeBSD LIST Subject: Re: alcatel speedtouch pc In-Reply-To: <3cc0de66.868.0@techasia.com.ph> Message-ID: <20020419202358.G39174-100000@earl-grey.cloud9.net> Organization: Video2Video Services - http://Www.Video2Video.Com MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Sat, 20 Apr 2002 jessie@techasia.com.ph wrote: > hi everyone, is there an available driver for alcatel speedtouch pc internal modem? will it work in freebsd? any links would be great... thanks! > jessie > Powered By: http://www.asiaallied.com (Hm, I didn't know I was on the freebsd-isp list but heregoes...) What version of FreeBSD? Do you already have the OS installed and are troubleshooting? If so, please post the output (or edited output) from the command "dmesg -a" -- thanks. -- Peter Leftwich President & Founder Video2Video Services Box 13692, La Jolla, CA, 92039 USA +1-413-403-9555 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 10:39:53 2002 Delivered-To: freebsd-isp@freebsd.org Received: from jgj.org.uk (public1-leed1-4-cust166.leed.broadband.ntl.com [80.0.0.166]) by hub.freebsd.org (Postfix) with SMTP id A764837B416 for ; Sat, 20 Apr 2002 10:39:49 -0700 (PDT) Received: (qmail 98925 invoked from network); 20 Apr 2002 17:39:54 -0000 Received: from sean.jgj.org.uk (192.168.243.89) by rufus.jgj.org.uk with SMTP; 20 Apr 2002 17:39:54 -0000 Date: Sat, 20 Apr 2002 18:39:49 +0100 Mime-Version: 1.0 (Apple Message framework v481) Content-Type: text/plain; charset=US-ASCII; format=flowed Subject: Apache 2 MPMs From: James Jeffrey To: freebsd-isp@freebsd.org Content-Transfer-Encoding: 7bit Message-Id: <9D0D9274-5485-11D6-A332-003065A1F05E@jgj.org.uk> X-Mailer: Apple Mail (2.481) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I have just started a new job for an ISP currently using some Linux servers. I want to start to move them across to FreeBSD, but I'm concerned that Apache 2 will use the prefork MPM on our favourite platform rather than the newer prefork/thread combination one... Does anyone know: Why this is? When it will be fixed? What performance penalty this will cause against, for example, Linux? How good is the new MPM? thanks, James To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 12:10:19 2002 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by hub.freebsd.org (Postfix) with ESMTP id 6717C37B404 for ; Sat, 20 Apr 2002 12:10:15 -0700 (PDT) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 16yzP1-0006dt-00; Sat, 20 Apr 2002 11:16:03 -0700 Date: Sat, 20 Apr 2002 11:15:28 -0700 (PDT) From: Tom Samplonius To: James Jeffrey Cc: freebsd-isp@freebsd.org Subject: Re: Apache 2 MPMs In-Reply-To: <9D0D9274-5485-11D6-A332-003065A1F05E@jgj.org.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org First of all, how many of the modules you need will be threadsafe? Many of the PHP add-ons are not thread safe. Unless you have servers pushing out more than 500GB/month, I wouldn't worry about the difference between prefork and prefork/thread. Tom On Sat, 20 Apr 2002, James Jeffrey wrote: > Hello, > > I have just started a new job for an ISP currently using some Linux > servers. I want to start to move them across to FreeBSD, but I'm > concerned that Apache 2 will use the prefork MPM on our favourite > platform rather than the newer prefork/thread combination one... Does > anyone know: > > Why this is? > When it will be fixed? > What performance penalty this will cause against, for example, Linux? > How good is the new MPM? > > thanks, > > James > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 12:19:45 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 8F9BE37B41A for ; Sat, 20 Apr 2002 12:19:40 -0700 (PDT) Received: (qmail 51840 invoked by uid 106); 20 Apr 2002 19:21:25 -0000 Received: from 24-90-121-13.nyc.rr.com (HELO station1) (24.90.121.13) by cobra.acceleratedweb.net with SMTP; 20 Apr 2002 19:21:25 -0000 From: "Simon" To: "James Jeffrey" , "Tom Samplonius" Cc: "freebsd-isp@freebsd.org" Date: Sat, 20 Apr 2002 15:26:56 -0400 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195;2) In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Apache 2 MPMs Message-Id: <20020420191940.8F9BE37B41A@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Some of our servers do over 1.3TB a month, avg request is 8kB I can't wait for FBSD 5.x, hopefully threads are much better then. 1.3.x Apache eats way too much RAM, but oh well, it's free :-) -Simon On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: > > First of all, how many of the modules you need will be threadsafe? Many >of the PHP add-ons are not thread safe. > > Unless you have servers pushing out more than 500GB/month, I wouldn't >worry about the difference between prefork and prefork/thread. > >Tom > >On Sat, 20 Apr 2002, James Jeffrey wrote: > >> Hello, >> >> I have just started a new job for an ISP currently using some Linux >> servers. I want to start to move them across to FreeBSD, but I'm >> concerned that Apache 2 will use the prefork MPM on our favourite >> platform rather than the newer prefork/thread combination one... Does >> anyone know: >> >> Why this is? >> When it will be fixed? >> What performance penalty this will cause against, for example, Linux? >> How good is the new MPM? >> >> thanks, >> >> James >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> >> > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 13:10:10 2002 Delivered-To: freebsd-isp@freebsd.org Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (Postfix) with ESMTP id CAF2A37B416 for ; Sat, 20 Apr 2002 13:09:59 -0700 (PDT) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id PAA14030; Sat, 20 Apr 2002 15:09:54 -0500 (CDT) (envelope-from jeff-ml@mountin.net) Received: from mke-65-29-139-162.wi.rr.com(65.29.139.162) by peak.mountin.net via smap (V1.3) id sma014026; Sat Apr 20 15:09:53 2002 Message-Id: <4.3.2.20020420141054.00dbac90@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Sat, 20 Apr 2002 15:09:10 -0500 To: James Jeffrey From: "Jeffrey J. Mountin" Subject: Re: Apache 2 MPMs Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <9D0D9274-5485-11D6-A332-003065A1F05E@jgj.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 06:39 PM 4/20/02 +0100, James Jeffrey wrote: >Hello, > >I have just started a new job for an ISP currently using some Linux >servers. I want to start to move them across to FreeBSD, but I'm concerned >that Apache 2 will use the prefork MPM on our favourite platform rather >than the newer prefork/thread combination one... Does anyone know: > >Why this is? >When it will be fixed? >What performance penalty this will cause against, for example, Linux? How >good is the new MPM? The performance difference only matters for the thread creation vs child forking. By tuning the config the difference would only show when a large number of requests are sent and there are not enough child processes to handle all of them. Even then the difference is minimal, since once the thread or child is created the code execution times are basically the same. There are other factors (mentioned in perf-tuning.html), but am unsure of their impact and the main one I've mentioned is what most hear about. AFAICR spinning off a thread is 10 times faster than forking. Unless these servers are *real* busy, I see no reason to bother and there are other things to tune regardless that can have much more impact. Not that I wouldn't mind hearing of any clear advantages using the hybrid and at what level it would be of an advantage (ie # requests per second). Have one doing about 3 rps on average (haven't bothered checking peak, but it's no where near the limit). Long time back I pushed a 486 to about 75% of the theoretical limit on *average*. Imagine the hybrid prefork/thread would have helped in that case during peak hours, but it did well without it. Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 13:24: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from peak.mountin.net (peak.mountin.net [207.227.119.2]) by hub.freebsd.org (Postfix) with ESMTP id 5CA4437B404 for ; Sat, 20 Apr 2002 13:23:59 -0700 (PDT) Received: (from daemon@localhost) by peak.mountin.net (8.9.1/8.9.1) id PAA14132; Sat, 20 Apr 2002 15:23:58 -0500 (CDT) (envelope-from jeff-ml@mountin.net) Received: from mke-65-29-139-162.wi.rr.com(65.29.139.162) by peak.mountin.net via smap (V1.3) id sma014130; Sat Apr 20 15:23:34 2002 Message-Id: <4.3.2.20020420151229.0330ddb0@207.227.119.2> X-Sender: jeff-ml@207.227.119.2 X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Sat, 20 Apr 2002 15:22:51 -0500 To: "Simon" From: "Jeffrey J. Mountin" Subject: Re: Apache 2 MPMs Cc: freebsd-isp@FreeBSD.ORG In-Reply-To: <20020420191940.8F9BE37B41A@hub.freebsd.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 03:26 PM 4/20/02 -0400, Simon wrote: >Some of our servers do over 1.3TB a month, avg request is 8kB >I can't wait for FBSD 5.x, hopefully threads are much better then. >1.3.x Apache eats way too much RAM, but oh well, it's free :-) So about 162 million requests/mon. Whee! I'd be curious how much RAM would be saved. Wonder if there is anyone running -current and Apache 2.x that can comment. While I'm musing, anyone know if there are any gains using 2.x vs 1.3.x when both prefork? I see mod_ssl is now a part of the distribution and wonder how it compares. One less port to deal with then. 8-) (realizing I should have been checking out 2.x a while ago) Jeff Mountin - jeff@mountin.net Systems/Network Administrator FreeBSD - the power to serve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 14: 3:58 2002 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by hub.freebsd.org (Postfix) with ESMTP id 2895C37B41B for ; Sat, 20 Apr 2002 14:03:53 -0700 (PDT) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 16z1CF-0006pq-00; Sat, 20 Apr 2002 13:10:59 -0700 Date: Sat, 20 Apr 2002 13:10:56 -0700 (PDT) From: Tom Samplonius To: Simon Cc: James Jeffrey , "freebsd-isp@freebsd.org" Subject: Re: Apache 2 MPMs In-Reply-To: <20020420191940.8F9BE37B41A@hub.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org And you expect Apache 2.x to use less RAM? I really doubt it. Tom On Sat, 20 Apr 2002, Simon wrote: > > Some of our servers do over 1.3TB a month, avg request is 8kB > I can't wait for FBSD 5.x, hopefully threads are much better then. > 1.3.x Apache eats way too much RAM, but oh well, it's free :-) > > -Simon > > On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: > > > > > First of all, how many of the modules you need will be threadsafe? Many > >of the PHP add-ons are not thread safe. > > > > Unless you have servers pushing out more than 500GB/month, I wouldn't > >worry about the difference between prefork and prefork/thread. > > > >Tom > > > >On Sat, 20 Apr 2002, James Jeffrey wrote: > > > >> Hello, > >> > >> I have just started a new job for an ISP currently using some Linux > >> servers. I want to start to move them across to FreeBSD, but I'm > >> concerned that Apache 2 will use the prefork MPM on our favourite > >> platform rather than the newer prefork/thread combination one... Does > >> anyone know: > >> > >> Why this is? > >> When it will be fixed? > >> What performance penalty this will cause against, for example, Linux? > >> How good is the new MPM? > >> > >> thanks, > >> > >> James > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-isp" in the body of the message > >> > >> > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org > >with "unsubscribe freebsd-isp" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 14: 7:41 2002 Delivered-To: freebsd-isp@freebsd.org Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by hub.freebsd.org (Postfix) with SMTP id 4D10D37B417 for ; Sat, 20 Apr 2002 14:07:33 -0700 (PDT) Received: (qmail 74963 invoked by uid 106); 20 Apr 2002 21:09:18 -0000 Received: from 24-90-121-13.nyc.rr.com (HELO station1) (24.90.121.13) by cobra.acceleratedweb.net with SMTP; 20 Apr 2002 21:09:18 -0000 From: "Simon" To: "Tom Samplonius" Cc: "freebsd-isp@freebsd.org" , "James Jeffrey" Date: Sat, 20 Apr 2002 17:14:48 -0400 Reply-To: "Simon" X-Mailer: PMMail 2000 Professional (2.10.2010) For Windows 2000 (5.0.2195;2) In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Re: Apache 2 MPMs Message-Id: <20020420210733.4D10D37B417@hub.freebsd.org> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm not sure exactly what they rewrote, but you never know. I've yet to try and see, I sure hope it uses less. -Simon On Sat, 20 Apr 2002 13:10:56 -0700 (PDT), Tom Samplonius wrote: > > And you expect Apache 2.x to use less RAM? I really doubt it. > >Tom > >On Sat, 20 Apr 2002, Simon wrote: > >> >> Some of our servers do over 1.3TB a month, avg request is 8kB >> I can't wait for FBSD 5.x, hopefully threads are much better then. >> 1.3.x Apache eats way too much RAM, but oh well, it's free :-) >> >> -Simon >> >> On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: >> >> > >> > First of all, how many of the modules you need will be threadsafe? Many >> >of the PHP add-ons are not thread safe. >> > >> > Unless you have servers pushing out more than 500GB/month, I wouldn't >> >worry about the difference between prefork and prefork/thread. >> > >> >Tom >> > >> >On Sat, 20 Apr 2002, James Jeffrey wrote: >> > >> >> Hello, >> >> >> >> I have just started a new job for an ISP currently using some Linux >> >> servers. I want to start to move them across to FreeBSD, but I'm >> >> concerned that Apache 2 will use the prefork MPM on our favourite >> >> platform rather than the newer prefork/thread combination one... Does >> >> anyone know: >> >> >> >> Why this is? >> >> When it will be fixed? >> >> What performance penalty this will cause against, for example, Linux? >> >> How good is the new MPM? >> >> >> >> thanks, >> >> >> >> James >> >> >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> >> with "unsubscribe freebsd-isp" in the body of the message >> >> >> >> >> > >> > >> >To Unsubscribe: send mail to majordomo@FreeBSD.org >> >with "unsubscribe freebsd-isp" in the body of the message >> > >> >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> >> > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 14:12:26 2002 Delivered-To: freebsd-isp@freebsd.org Received: from jgj.org.uk (public1-leed1-4-cust166.leed.broadband.ntl.com [80.0.0.166]) by hub.freebsd.org (Postfix) with SMTP id 1CE4337B405 for ; Sat, 20 Apr 2002 14:12:19 -0700 (PDT) Received: (qmail 99670 invoked from network); 20 Apr 2002 21:12:22 -0000 Received: from sean.jgj.org.uk (192.168.243.89) by rufus.jgj.org.uk with SMTP; 20 Apr 2002 21:12:22 -0000 Date: Sat, 20 Apr 2002 22:12:16 +0100 Subject: Re: Apache 2 MPMs Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v481) Cc: Simon , "freebsd-isp@freebsd.org" To: Tom Samplonius From: James Jeffrey In-Reply-To: Message-Id: <4A8DCD48-54A3-11D6-A332-003065A1F05E@jgj.org.uk> Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.481) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org My understanding may be flawed (and I am interested in learning...) but I though one of the advantages of using threads over forking was that multiple threads can share the same memory resident copy of the binary and that only data memory had to be allocated for each thread, where as forked processes each need there own resident copy of the program. Therefore threads use less memory and theoretically so can Apache 2 except, sadly, on FreeBSD... James. On Saturday, April 20, 2002, at 09:10 PM, Tom Samplonius wrote: > > And you expect Apache 2.x to use less RAM? I really doubt it. > > Tom > > On Sat, 20 Apr 2002, Simon wrote: > >> >> Some of our servers do over 1.3TB a month, avg request is 8kB >> I can't wait for FBSD 5.x, hopefully threads are much better then. >> 1.3.x Apache eats way too much RAM, but oh well, it's free :-) >> >> -Simon >> >> On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: >> >>> >>> First of all, how many of the modules you need will be threadsafe? >>> Many >>> of the PHP add-ons are not thread safe. >>> >>> Unless you have servers pushing out more than 500GB/month, I wouldn't >>> worry about the difference between prefork and prefork/thread. >>> >>> Tom >>> >>> On Sat, 20 Apr 2002, James Jeffrey wrote: >>> >>>> Hello, >>>> >>>> I have just started a new job for an ISP currently using some Linux >>>> servers. I want to start to move them across to FreeBSD, but I'm >>>> concerned that Apache 2 will use the prefork MPM on our favourite >>>> platform rather than the newer prefork/thread combination one... Does >>>> anyone know: >>>> >>>> Why this is? >>>> When it will be fixed? >>>> What performance penalty this will cause against, for example, Linux? >>>> How good is the new MPM? >>>> >>>> thanks, >>>> >>>> James >>>> >>>> >>>> To Unsubscribe: send mail to majordomo@FreeBSD.org >>>> with "unsubscribe freebsd-isp" in the body of the message >>>> >>>> >>> >>> >>> To Unsubscribe: send mail to majordomo@FreeBSD.org >>> with "unsubscribe freebsd-isp" in the body of the message >>> >> >> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message >> >> > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 14:16:37 2002 Delivered-To: freebsd-isp@freebsd.org Received: from jgj.org.uk (public1-leed1-4-cust166.leed.broadband.ntl.com [80.0.0.166]) by hub.freebsd.org (Postfix) with SMTP id D98E537B41F for ; Sat, 20 Apr 2002 14:16:28 -0700 (PDT) Received: (qmail 99710 invoked from network); 20 Apr 2002 21:16:32 -0000 Received: from sean.jgj.org.uk (192.168.243.89) by rufus.jgj.org.uk with SMTP; 20 Apr 2002 21:16:32 -0000 Date: Sat, 20 Apr 2002 22:16:25 +0100 Subject: Re: Apache 2 MPMs Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v481) Cc: Tom Samplonius , Simon , "freebsd-isp@freebsd.org" To: James Jeffrey From: James Jeffrey In-Reply-To: <4A8DCD48-54A3-11D6-A332-003065A1F05E@jgj.org.uk> Message-Id: Content-Transfer-Encoding: 7bit X-Mailer: Apple Mail (2.481) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Of course having said that I do realise that most of the memory usage is data memory... :) James On Saturday, April 20, 2002, at 10:12 PM, James Jeffrey wrote: > My understanding may be flawed (and I am interested in learning...) but > I though one of the advantages of using threads over forking was that > multiple threads can share the same memory resident copy of the binary > and that only data memory had to be allocated for each thread, where as > forked processes each need there own resident copy of the program. > Therefore threads use less memory and theoretically so can Apache 2 > except, sadly, on FreeBSD... > > James. > > On Saturday, April 20, 2002, at 09:10 PM, Tom Samplonius wrote: > >> >> And you expect Apache 2.x to use less RAM? I really doubt it. >> >> Tom >> >> On Sat, 20 Apr 2002, Simon wrote: >> >>> >>> Some of our servers do over 1.3TB a month, avg request is 8kB >>> I can't wait for FBSD 5.x, hopefully threads are much better then. >>> 1.3.x Apache eats way too much RAM, but oh well, it's free :-) >>> >>> -Simon >>> >>> On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: >>> >>>> >>>> First of all, how many of the modules you need will be threadsafe? >>>> Many >>>> of the PHP add-ons are not thread safe. >>>> >>>> Unless you have servers pushing out more than 500GB/month, I >>>> wouldn't >>>> worry about the difference between prefork and prefork/thread. >>>> >>>> Tom >>>> >>>> On Sat, 20 Apr 2002, James Jeffrey wrote: >>>> >>>>> Hello, >>>>> >>>>> I have just started a new job for an ISP currently using some Linux >>>>> servers. I want to start to move them across to FreeBSD, but I'm >>>>> concerned that Apache 2 will use the prefork MPM on our favourite >>>>> platform rather than the newer prefork/thread combination one... >>>>> Does >>>>> anyone know: >>>>> >>>>> Why this is? >>>>> When it will be fixed? >>>>> What performance penalty this will cause against, for example, >>>>> Linux? >>>>> How good is the new MPM? >>>>> >>>>> thanks, >>>>> >>>>> James >>>>> >>>>> >>>>> To Unsubscribe: send mail to majordomo@FreeBSD.org >>>>> with "unsubscribe freebsd-isp" in the body of the message >>>>> >>>>> >>>> >>>> >>>> To Unsubscribe: send mail to majordomo@FreeBSD.org >>>> with "unsubscribe freebsd-isp" in the body of the message >>>> >>> >>> >>> >>> >>> To Unsubscribe: send mail to majordomo@FreeBSD.org >>> with "unsubscribe freebsd-isp" in the body of the message >>> >>> >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-isp" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 14:55: 2 2002 Delivered-To: freebsd-isp@freebsd.org Received: from apollo.pwhsnet.com (adsl-64-164-36-226.dsl.scrm01.pacbell.net [64.164.36.226]) by hub.freebsd.org (Postfix) with ESMTP id A246C37B41A for ; Sat, 20 Apr 2002 14:54:58 -0700 (PDT) Received: from zeus (patrick@zeus.pwhsnet.com [192.168.0.3]) by apollo.pwhsnet.com (8.12.2/8.11.6) with SMTP id g3KM17Ls045166 for ; Sat, 20 Apr 2002 15:01:07 -0700 (PDT) (envelope-from patrick@pwhsnet.com) Message-ID: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> From: "Patrick O. Fish" To: Subject: sendmail virus scanning Date: Sat, 20 Apr 2002 14:53:40 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm looking for a sendmail addon to scan each e-mail (at least incoming, but incoming and outgoing preferred) for virii's. I've heard that they don't work well on FreeBSD? any ideas welcome. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 16:34: 7 2002 Delivered-To: freebsd-isp@freebsd.org Received: from lily.ezo.net (lily.ezo.net [206.102.130.13]) by hub.freebsd.org (Postfix) with ESMTP id CCB8637B400 for ; Sat, 20 Apr 2002 16:34:01 -0700 (PDT) Received: from peony.ezo.net (peony.ezo.net [206.102.130.11]) by lily.ezo.net (8.11.6/8.11.6) with ESMTP id g3KNY1Z15830; Sat, 20 Apr 2002 19:34:01 -0400 (EDT) (envelope-from jflowers@ezo.net) From: "Jim Flowers" To: "Patrick O. Fish" , Subject: Re: sendmail virus scanning Date: Sat, 20 Apr 2002 19:34:23 -0400 Message-Id: <20020420193423.M82516@ezo.net> In-Reply-To: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> References: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> X-Mailer: Open WebMail 1.60 20020130 X-OriginatingIP: 24.93.230.119 (jflowers) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I'm currently looking at the inflex and drweb ports but other than having installed them both I haven't done much testing yet. Inflex does reject emails with .exe attachments but for much more I have to add someting that looks at signatures. Don't have any viruses at the moment to test drweb with. Inflex is both in and out. > I'm looking for a sendmail addon to scan each e-mail (at least > incoming, but incoming and outgoing preferred) for virii's. > I've heard that they don't work well on FreeBSD? any ideas > welcome. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Jim Flowers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 17:18:56 2002 Delivered-To: freebsd-isp@freebsd.org Received: from apollo.pwhsnet.com (adsl-64-164-36-226.dsl.scrm01.pacbell.net [64.164.36.226]) by hub.freebsd.org (Postfix) with ESMTP id 8770537B41B for ; Sat, 20 Apr 2002 17:18:40 -0700 (PDT) Received: from zeus (patrick@zeus.pwhsnet.com [192.168.0.3]) by apollo.pwhsnet.com (8.12.2/8.11.6) with SMTP id g3L0OlLs082140; Sat, 20 Apr 2002 17:24:47 -0700 (PDT) (envelope-from patrick@pwhsnet.com) Message-ID: <016101c1e8c9$e73a6940$0300a8c0@zeus> From: "Patrick O. Fish" To: "Jim Flowers" , References: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> <20020420193423.M82516@ezo.net> Subject: Re: sendmail virus scanning Date: Sat, 20 Apr 2002 17:17:20 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org - I went to go install inflex, but it depends on XFree86...any idea WHY? I'm going to try out drweb right now. ----- Original Message ----- From: "Jim Flowers" To: "Patrick O. Fish" ; Sent: Saturday, April 20, 2002 4:34 PM Subject: Re: sendmail virus scanning > I'm currently looking at the inflex and drweb ports but other than having > installed them both I haven't done much testing yet. Inflex does reject > emails with .exe attachments but for much more I have to add someting that > looks at signatures. Don't have any viruses at the moment to test drweb > with. Inflex is both in and out. > > > I'm looking for a sendmail addon to scan each e-mail (at least > > incoming, but incoming and outgoing preferred) for virii's. > > I've heard that they don't work well on FreeBSD? any ideas > > welcome. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > -- > Jim Flowers > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 17:53:25 2002 Delivered-To: freebsd-isp@freebsd.org Received: from misery.sdf.com (misery.sdf.com [207.200.153.226]) by hub.freebsd.org (Postfix) with ESMTP id BC19E37B41C for ; Sat, 20 Apr 2002 17:53:17 -0700 (PDT) Received: from tom (helo=localhost) by misery.sdf.com with local-esmtp (Exim 2.12 #1) id 16z4mL-0007Dq-00; Sat, 20 Apr 2002 17:00:29 -0700 Date: Sat, 20 Apr 2002 17:00:27 -0700 (PDT) From: Tom Samplonius To: James Jeffrey Cc: Simon , "freebsd-isp@freebsd.org" Subject: Re: Apache 2 MPMs In-Reply-To: <4A8DCD48-54A3-11D6-A332-003065A1F05E@jgj.org.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The FreeBSD VM system allows all unmodified pages to be shared between forked processes. This is one of the reasons why I really doubt that Apache 2.x will require less memory than 1.3. Not to mention that Apache 2.x is undergoing feature bloat. About the only advantage of the thread architecture is that context switching overhead should be lower than with processes. However, process context switching has been optimized so much that a good process implementation performs faster than a bad thread implementation. Tom On Sat, 20 Apr 2002, James Jeffrey wrote: > My understanding may be flawed (and I am interested in learning...) but > I though one of the advantages of using threads over forking was that > multiple threads can share the same memory resident copy of the binary > and that only data memory had to be allocated for each thread, where as > forked processes each need there own resident copy of the program. > Therefore threads use less memory and theoretically so can Apache 2 > except, sadly, on FreeBSD... > > James. > > On Saturday, April 20, 2002, at 09:10 PM, Tom Samplonius wrote: > > > > > And you expect Apache 2.x to use less RAM? I really doubt it. > > > > Tom > > > > On Sat, 20 Apr 2002, Simon wrote: > > > >> > >> Some of our servers do over 1.3TB a month, avg request is 8kB > >> I can't wait for FBSD 5.x, hopefully threads are much better then. > >> 1.3.x Apache eats way too much RAM, but oh well, it's free :-) > >> > >> -Simon > >> > >> On Sat, 20 Apr 2002 11:15:28 -0700 (PDT), Tom Samplonius wrote: > >> > >>> > >>> First of all, how many of the modules you need will be threadsafe? > >>> Many > >>> of the PHP add-ons are not thread safe. > >>> > >>> Unless you have servers pushing out more than 500GB/month, I wouldn't > >>> worry about the difference between prefork and prefork/thread. > >>> > >>> Tom > >>> > >>> On Sat, 20 Apr 2002, James Jeffrey wrote: > >>> > >>>> Hello, > >>>> > >>>> I have just started a new job for an ISP currently using some Linux > >>>> servers. I want to start to move them across to FreeBSD, but I'm > >>>> concerned that Apache 2 will use the prefork MPM on our favourite > >>>> platform rather than the newer prefork/thread combination one... Does > >>>> anyone know: > >>>> > >>>> Why this is? > >>>> When it will be fixed? > >>>> What performance penalty this will cause against, for example, Linux? > >>>> How good is the new MPM? > >>>> > >>>> thanks, > >>>> > >>>> James > >>>> > >>>> > >>>> To Unsubscribe: send mail to majordomo@FreeBSD.org > >>>> with "unsubscribe freebsd-isp" in the body of the message > >>>> > >>>> > >>> > >>> > >>> To Unsubscribe: send mail to majordomo@FreeBSD.org > >>> with "unsubscribe freebsd-isp" in the body of the message > >>> > >> > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-isp" in the body of the message > >> > >> > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Apr 20 23: 0:42 2002 Delivered-To: freebsd-isp@freebsd.org Received: from smtp1.sentex.ca (smtp1.sentex.ca [199.212.134.4]) by hub.freebsd.org (Postfix) with ESMTP id 9EC7337B417 for ; Sat, 20 Apr 2002 23:00:38 -0700 (PDT) Received: from house (cage.simianscience.com [64.7.134.1]) by smtp1.sentex.ca (8.12.3/8.12.3) with SMTP id g3L60agt042867; Sun, 21 Apr 2002 02:00:37 -0400 (EDT) (envelope-from mike@sentex.net) From: Mike Tancsa To: "Patrick O. Fish" Cc: freebsd-isp@freebsd.org Subject: Re: sendmail virus scanning Date: Sun, 21 Apr 2002 02:00:49 -0400 Message-ID: References: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> In-Reply-To: <012f01c1e8b5$d56b2ce0$0300a8c0@zeus> X-Mailer: Forte Agent 1.8/32.548 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Amavis works very well with FreeBSD under sendmail and postfix. A mostly easy way to install it is from the ports. However, the milter version works very well. Install the port version first (as it will take care of all the dependencies) and then install the milter version and use it instead. The cvs snapshot from www.amavis.org on Feb20th works very = well. ---Mike On Sat, 20 Apr 2002 14:53:40 -0700, in sentex.lists.freebsd.isp you = wrote: >I'm looking for a sendmail addon to scan each e-mail (at least incoming,= but >incoming and outgoing preferred) for virii's. I've heard that they = don't >work well on FreeBSD? any ideas welcome. > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message Mike Tancsa (mdtancsa@sentex.net) =09 Sentex Communications Corp, =09 Waterloo, Ontario, Canada "Given enough time, 100 monkeys on 100 routers=20 could setup a national IP network." (KDW2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message