From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 04:51:38 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1835516A4CE for ; Mon, 21 Jun 2004 04:51:38 +0000 (GMT) Received: from smtp2.Stanford.EDU (smtp2.Stanford.EDU [171.67.16.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id E6F5443D1F for ; Mon, 21 Jun 2004 04:51:37 +0000 (GMT) (envelope-from help@networking.Stanford.EDU) Received: from networking.Stanford.EDU (networking.Stanford.EDU [171.64.20.23]) by smtp2.Stanford.EDU (8.12.11/8.12.11) with ESMTP id i5L4pbcO021747; Sun, 20 Jun 2004 21:51:37 -0700 Received: (from help@localhost) by networking.Stanford.EDU (8.11.7/8.11.6) id i5L4pbo25424; Sun, 20 Jun 2004 21:51:37 -0700 (PDT) Date: Sun, 20 Jun 2004 21:51:37 -0700 (PDT) From: Network Help Message-Id: <200406210451.i5L4pbo25424@networking.Stanford.EDU> To: freebsd-isp@freebsd.org References: <65afe37c80f4db.51438.qmail@freebsd.org> In-Reply-To: <65afe37c80f4db.51438.qmail@freebsd.org> X-Loop: help@networking.stanford.edu Precedence: junk Subject: Re: [SPAM:###] Libanesen in Berlin '8003' X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 04:51:38 -0000 ***************************************************************************** The email address you submitted your request to is no longer in service -- *** your email request will not be read or responded to. *** ITSS is using the HelpSU system to receive and track all requests. Please use http://helpsu.stanford.edu/helpsu.cgi to submit your requests and questions. If you were directed to "help@networking" by a web page, please let us know by submitting the referring URL via HelpSU, and we will attempt to contact the maintainer and correct the problem. ***************************************************************************** From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 06:02:22 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D0B3616A4CE for ; Mon, 21 Jun 2004 06:02:22 +0000 (GMT) Received: from itonami.pair.com (itonami.pair.com [209.68.2.178]) by mx1.FreeBSD.org (Postfix) with SMTP id 8B61D43D31 for ; Mon, 21 Jun 2004 06:02:22 +0000 (GMT) (envelope-from bink@radgametools.com) Received: (qmail 66176 invoked by uid 3055); 21 Jun 2004 06:02:22 -0000 Message-ID: <20040621060221.66175.qmail@itonami.pair.com> From: Autoresponder To: freebsd-isp@freebsd.org Date: 21 Jun 2004 02:02:21 EDT Precedence: junk X-Loop: bink@radgametools.com Subject: Please update your email address... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: Autoresponder List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 06:02:23 -0000 We're sorry, but the RAD general email addresses have changed recently (to slow the flood of spam ). Please use one of these addresses instead: Sales: sales2@radgametools.com RAD Video Tools Support: support2@radgametools.com Bink SDK Support: bink2@radgametools.com Miles SDK Support: miles2@radgametools.com Granny SDK Support: granny2@radgametools.com Pixomatic SDK Support: pixo2@radgametools.com Smacker SDK Support: smack2@radgametools.com Webmaster: webmaster2@radgametools.com Sorry for the inconvenience and thanks for your support! RAD Game Tools From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 08:52:06 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A301916A4CF for ; Mon, 21 Jun 2004 08:52:06 +0000 (GMT) Received: from mail.vtec.ipme.de (naen-d9b80aca.pool.mediaWays.net [217.184.10.202]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECCD443D46 for ; Mon, 21 Jun 2004 08:52:00 +0000 (GMT) (envelope-from volker@vwsoft.com) Received: by bellona.sz.vwsoft.com (Postfix, from userid 9002) id 22D721072C; Fri, 18 Jun 2004 23:02:10 +0200 (CEST) X-Scanned-By: clam-av using AMaViS-ng at bellona.sz.vwsoft.com Received: from [192.168.16.24] (unknown [192.168.16.24]) by bellona.sz.vwsoft.com (Postfix) with ESMTP id 349EA1072A for ; Fri, 18 Jun 2004 23:01:58 +0200 (CEST) Message-ID: <40D35845.1050200@vwsoft.com> Date: Fri, 18 Jun 2004 23:01:57 +0200 From: Volker User-Agent: Mozilla Thunderbird 0.7 (Windows/20040616) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org X-Enigmail-Version: 0.84.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 08:52:06 -0000 Hi! Does anybody know if it's possible to have a user scp'ing only on a FreeBSD machine and deny ssh access? I've got an sshd running and want one user only use scp but disallow ssh access. I've tried to set the shell to /bin/false but then even scp won't be accessible (does anybody know why??). This machine does not have an ftpd installed (and I don't want to). Is there a way to restrict an ssh user to scp only? Thx, Volker From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 09:03:17 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8146716A4CE for ; Mon, 21 Jun 2004 09:03:17 +0000 (GMT) Received: from mx0.estimese.net (finom.estimese.net [195.168.3.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id B20F043D5D for ; Mon, 21 Jun 2004 09:03:16 +0000 (GMT) (envelope-from robert@bopko.com) Received: from wendy.in.nextra.sk (fw.nextra.sk [195.168.29.2]) (AUTH: LOGIN zero, SSL: TLSv1/SSLv3,256bits,AES256-SHA) by mx0.estimese.net with esmtp; Mon, 21 Jun 2004 11:03:13 +0200 From: Robert Bopko To: Volker In-Reply-To: <40D35845.1050200@vwsoft.com> References: <40D35845.1050200@vwsoft.com> Message-Id: <1087808591.6302.5.camel@localhost> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.4.6 Date: Mon, 21 Jun 2004 11:03:11 +0200 cc: freebsd-isp@freebsd.org Subject: Re: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 09:03:17 -0000 Hey Volker, take a look at /usr/ports/shells/scponly port, it should satisfy your needs. Kind regards, Robert On Fri, 2004-06-18 at 23:01, Volker wrote: > Hi! > > Does anybody know if it's possible to have a user scp'ing only on a > FreeBSD machine and deny ssh access? > > I've got an sshd running and want one user only use scp but disallow ssh > access. I've tried to set the shell to /bin/false but then even scp > won't be accessible (does anybody know why??). > > This machine does not have an ftpd installed (and I don't want to). > > Is there a way to restrict an ssh user to scp only? > > Thx, > > Volker From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 09:03:21 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7575616A4D6 for ; Mon, 21 Jun 2004 09:03:21 +0000 (GMT) Received: from smtp803.mail.ukl.yahoo.com (smtp803.mail.ukl.yahoo.com [217.12.12.140]) by mx1.FreeBSD.org (Postfix) with SMTP id 9382C43D58 for ; Mon, 21 Jun 2004 09:03:20 +0000 (GMT) (envelope-from nick@freebsd.cx) Received: from unknown (HELO faraquet.dischord.org) (freebsd-isp@freebsd.org@217.44.241.152 with poptime) by smtp803.mail.ukl.yahoo.com with SMTP; 21 Jun 2004 09:03:16 -0000 Received: (qmail 18813 invoked by uid 1000); 21 Jun 2004 09:03:12 -0000 Date: Mon, 21 Jun 2004 10:03:12 +0100 From: Nick Jones To: Volker Message-ID: <20040621090312.GA24420@dischord.org> References: <40D35845.1050200@vwsoft.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <40D35845.1050200@vwsoft.com> X-Operating-System: OpenBSD/3.5 (i386) X-Uptime: 10:00AM up 35 days, 14:25, 1 user, load averages: 1.77, 1.54, 1.47 User-Agent: Mutt/1.5.6i cc: freebsd-isp@freebsd.org Subject: Re: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 09:03:21 -0000 Volker (volker@vwsoft.com) wrote: > Is there a way to restrict an ssh user to scp only? Yep, using (funnily enough) a piece of software called 'scponly': http://www.sublimation.org/scponly/ I've used it in the past on a couple of occasions, and it seems to work well enough. -- --Nick From owner-freebsd-isp@FreeBSD.ORG Mon Jun 21 09:10:36 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 885C616A4DD for ; Mon, 21 Jun 2004 09:10:36 +0000 (GMT) Received: from pd5mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 35A4C43D58 for ; Mon, 21 Jun 2004 09:10:36 +0000 (GMT) (envelope-from peepstein@canada.com) Received: from pd5mr4so.prod.shaw.ca (pd5mr4so-qfe3.prod.shaw.ca [10.0.141.168]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZN005KDIHQ24@l-daemon> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:26 -0600 (MDT) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd5mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZN00M9LIHR8W91@pd5mr4so.prod.shaw.ca> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:27 -0600 (MDT) Received: from interface.larch.local (S01060060670810b9.vc.shawcable.net [24.80.23.243]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZN00K2QIHQGQ@l-daemon> for freebsd-isp@freebsd.org; Mon, 21 Jun 2004 03:03:26 -0600 (MDT) Date: Mon, 21 Jun 2004 02:03:30 -0700 From: Edward Epstein In-reply-to: <40D35845.1050200@vwsoft.com> To: freebsd-isp@freebsd.org Message-id: <200406210203.30379.peepstein@canada.com> MIME-version: 1.0 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit Content-disposition: inline User-Agent: KMail/1.6.2 References: <40D35845.1050200@vwsoft.com> Subject: Re: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: peepstein@canada.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Jun 2004 09:10:36 -0000 Hi Volker, there is a program called scponly that will do what you want. I believe that it is in the ports, but the URL is http://www.sublimation.org/scponly/ Cheers, Ed Thus spake Volker: >Hi! > >Does anybody know if it's possible to have a user scp'ing only on a >FreeBSD machine and deny ssh access? > >I've got an sshd running and want one user only use scp but disallow ssh >access. I've tried to set the shell to /bin/false but then even scp >won't be accessible (does anybody know why??). > >This machine does not have an ftpd installed (and I don't want to). > >Is there a way to restrict an ssh user to scp only? > >Thx, > >Volker > >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- "There are people who cheat on their spouse but not at cards, and vice versa, and both and neither. Reputation is not necessarily portable from one situation to another, and it's not easily expressed." --Clay Shirkey. (http://www.shirky.com/writings/group_enemy.html) "It has been said that man is a rational animal. All my life I have been searching for evidence which could support this." --Bertrand Russell. "The American empire is ideological, not territorial. We are the most ideological people in the world, and we are so united in our view that we don't understand there can be other views." --Lt. Gen. William Odom, ret. (Former Director of NSA). From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 05:58:41 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F62416A4CE for ; Tue, 22 Jun 2004 05:58:41 +0000 (GMT) Received: from mail.arc.net.my (nagano.arc.net.my [203.115.225.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 407C043D39 for ; Tue, 22 Jun 2004 05:58:40 +0000 (GMT) (envelope-from nick@arc.net.my) Received: from [203.115.225.83] (roppongi.arc.net.my [203.115.225.83]) by mail.arc.net.my (iPlanet Messaging Server 5.1 Patch 1 (built Jun 6 2002)) with ESMTP id <0HZP00F0F4LMBK@mail.arc.net.my> for freebsd-isp@freebsd.org; Tue, 22 Jun 2004 13:58:34 +0800 (SGT) Date: Tue, 22 Jun 2004 13:53:55 +0800 From: Nick Kraal To: freebsd-isp@freebsd.org Message-id: <40D7C973.4050404@arc.net.my> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7BIT X-Accept-Language: en-us, en User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.7) Gecko/20040608 Subject: Update to 4.10 error X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: nick@arc.net.my List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 05:58:41 -0000 I am trying to update my 4.9 release to 4.10 and have done the following: [1] cvsup [2] 'make buildworld' in /usr/src but get the following error message: Any ideas on why or advice? Thanks in advance. -nick/ -------------------------------------------------------------- >>> stage 1: bootstrap tools -------------------------------------------------------------- cd /usr/src; MAKEOBJDIRPREFIX=/usr/obj/usr/src/i386 DESTDIR= INSTALL="sh /usr/src/tools/install.sh" make -f Makefile.inc1 -DBOOTSTRAPPING -DNOHTML -DNOINFO -DNOMAN -DNOPIC -DNOPROFILE -DNOSHARED -DNO_WERROR bootstrap-tools echo "===> usr.bin/yacc"; cd /usr/src/usr.bin/yacc; make DIRPRFX=usr.bin/yacc/ obj; make DIRPRFX=usr.bin/yacc/ depend; make DIRPRFX=usr.bin/yacc/ all; make DIRPRFX=usr.bin/yacc/ DESTDIR=/usr/obj/usr/src/i386 install ===> usr.bin/yacc cd: can't cd to /usr/src/usr.bin/yacc *** Error code 2 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 10:38:33 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 988A116A4CF for ; Tue, 22 Jun 2004 10:38:33 +0000 (GMT) Received: from mail.vtec.ipme.de (naen-d9b80b10.pool.mediaWays.net [217.184.11.16]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9EE2343D5E for ; Tue, 22 Jun 2004 10:38:32 +0000 (GMT) (envelope-from volker@vwsoft.com) Received: by bellona.sz.vwsoft.com (Postfix, from userid 9002) id 2A2311083A; Tue, 22 Jun 2004 10:36:22 +0200 (CEST) X-Scanned-By: clam-av using AMaViS-ng at bellona.sz.vwsoft.com Received: from [192.168.16.24] (unknown [192.168.16.24]) by bellona.sz.vwsoft.com (Postfix) with ESMTP id A113810836; Tue, 22 Jun 2004 10:36:12 +0200 (CEST) Message-ID: <40D7EF7B.1000803@vwsoft.com> Date: Tue, 22 Jun 2004 10:36:11 +0200 From: Volker User-Agent: Mozilla Thunderbird 0.7 (Windows/20040616) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Nick Jones , peepstein@canada.com, robert@bopko.com References: <40D35845.1050200@vwsoft.com> <20040621090312.GA24420@dischord.org> In-Reply-To: <20040621090312.GA24420@dischord.org> X-Enigmail-Version: 0.84.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: scp only connection X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 10:38:33 -0000 Hi Nick, Ed, Rob! Thank you (all) for your reply. Well, I've googled for that scp-only problem (wrong search phrase?) but I never thought the answer to my problem lies in the ports (one more time). Even I've overlooked the port scponly several times (how stupid one might be). > Yep, using (funnily enough) a piece of software called 'scponly': Perhaps the name is too easy as being recognized as a useful piece of software. scponly does everything I need and in a way I was expecting a solution to that problem. I promise: The next time, I'll search the ports tree first, then try a search engine and after that bother you! ;) Greetings, Volker On 2004-06-21 11:03, Nick Jones wrote: > Volker (volker@vwsoft.com) wrote: > >>Is there a way to restrict an ssh user to scp only? > > > Yep, using (funnily enough) a piece of software called 'scponly': > > http://www.sublimation.org/scponly/ > > I've used it in the past on a couple of occasions, and it seems to work > well enough. > -- GPG/PGP fingerprint: FF93 13A1 2477 B631 E953 06DF 4C49 ADD9 E4BF 79B1 From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 15:40:51 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A35B816A4CE for ; Tue, 22 Jun 2004 15:40:51 +0000 (GMT) Received: from mproxy.gmail.com (mproxy.gmail.com [216.239.56.249]) by mx1.FreeBSD.org (Postfix) with SMTP id 901F743D49 for ; Tue, 22 Jun 2004 15:40:51 +0000 (GMT) (envelope-from nethead@gmail.com) Received: by mproxy.gmail.com with SMTP id r65so69262cwc for ; Tue, 22 Jun 2004 08:40:31 -0700 (PDT) Received: by 10.11.117.65 with SMTP id p65mr458706cwc; Tue, 22 Jun 2004 08:40:31 -0700 (PDT) Message-ID: <79db6ae0406220840344faaa0@mail.gmail.com> Date: Tue, 22 Jun 2004 08:40:31 -0700 From: Joe Hamelin To: nick@arc.net.my, freebsd-isp@freebsd.org In-Reply-To: <40D7CBB9.6010606@arc.net.my> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <40D7C973.4050404@arc.net.my> <79db6ae04062123022401bc57@mail.gmail.com> <40D7CBB9.6010606@arc.net.my> Subject: Re: Update to 4.10 error X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 15:40:51 -0000 You'll want something like this for your cvs-supfile. Don't forget the . at the end of the last line. -Joe # cvsup -g -L 2 ~/cvs-supfile *default host=cvsup2.freebsd.org *default base=/usr/local/etc/cvsup *default prefix=/usr *default release=cvs delete use-rel-suffix compress src-all tag=RELENG_4_10 ports-all tag=. On Tue, 22 Jun 2004 14:03:37 +0800, Nick Kraal wrote: > > It is not there. Even did a 'mkdir -p /usr/src/usr.bin/yacc' but still > got an error message. Should there be this line in the cvsup conf file: > > *default release=cvs tag-RELENG_5_2 (for example) > > Thanks. > > -nick/ > > > > > Joe Hamelin wrote: > > > Did you try to cd to usr/src/usr.bin/yacc to make sure it's there? > > > > On Tue, 22 Jun 2004 13:53:55 +0800, Nick Kraal wrote: > > > > > >>cd: can't cd to /usr/src/usr.bin/yacc > >>*** Error code 2 > > > > > -- Joe Hamelin <nethead@gmail.com> From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 18:01:24 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A82BC16A4CF for ; Tue, 22 Jun 2004 18:01:24 +0000 (GMT) Received: from web60206.mail.yahoo.com (web60206.mail.yahoo.com [216.109.118.101]) by mx1.FreeBSD.org (Postfix) with SMTP id 4AD9043D4C for ; Tue, 22 Jun 2004 18:01:24 +0000 (GMT) (envelope-from freebsder51@yahoo.com) Message-ID: <20040622180120.10499.qmail@web60206.mail.yahoo.com> Received: from [67.69.62.157] by web60206.mail.yahoo.com via HTTP; Tue, 22 Jun 2004 11:01:20 PDT Date: Tue, 22 Jun 2004 11:01:20 -0700 (PDT) From: freebsder To: freebsd-newbies@freebsd.org, freebsd-isp@freebsd.org, freebsd-questions@freebsd.org, freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: FreeBSD 5.1 DSL:Bellnet HS Network Connection Set-up Problems X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 18:01:24 -0000 <><><><>NETWORK CONFIG/SETUP: <><><><> +++ISP -> DSL(high-speed) -> Modem> FreeBSD51 server machine in at Gateway "vr0" (192.168.0.1) +++Freebsd machine LAN Interface at "ed0" (192.168.0.3) -> HUB +++HUB> 1) 192.168.0.2 - WinXP #1 machine 2) 192.168.0.3 - Freebsd machine in at "ed0" 3) 192.168.0.4 - Winxp #2 machine At the moment, I've just got the HUB connected to the freebsdmachine at "ed0" and will connect the others as soon as I get the server online. <><><><><>The PROBLEM:<><><><> I cannot get my server connected to the internet through the gateway. What am I doing wrong? <><><><><>RC.CONF:<><><><><><> font8x14="NO" font8x16="swiss-8x16" font8x8="swiss-8x8" inetd_enable="YES" linux_enable="YES" moused_enable="YES" moused_port="/dev/psm0" moused_type="auto" nfs_client_enable="YES" nfs_server_enable="YES" rpcbind_enable="YES" saver="rain" scrnmap="NO" usbd_enable="YES" ifconfig_vr0="DHCP" ifconfig_ed0="DHCP" ##initialise NIC network_interfaces="vr0 ed0 lo0 tun0" ifconfig tun0 ifconfig vr0= "media 10baseT/UTP up" ifconfig_ed0="inet 192.168.0.3 netmask 255.255.0.0" #ifconfig_vr0="inet 192.168.0.1 netmask 255.255.0.0" #sendmail_enable="YES" hostname="myhostname" ##User ppp configuration ppp_enable="YES" ppp_mode="ddial" ppp_nat="NO" ppp_profile="bellnet" #ppp_user="root" ## Firewall gateway_enable="YES" firewall_enable="YES" firewall_type="SIMPLE" #firewall_quiet="NO" firewall_script="/etc/rc/firewall" natd_enable="YES" natd_interface="vr0" natd_flags="redirect_port tcp 192.168.0.3:80 80" rpc_statd_enable="YES" tcp_extensions="YES" <><><><><><>PPP.CONF:<><><><><><> default: # PPP over Ethernet set device PPPoE:vr0:bellnet set speed sync set mru 1492 set mtu 1492 set crtscts off # Monitor Line Quality disable lqr set log phase tun #ident user-ppp VERSION (built COMPILATIONDATE) #set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.255 0.0.0.0 #set ifaddr 10.0.0.1/0 10.0.0.2/0 #set accmap on #enable lqr #set timeout 0 #set redial 0 0 #NAT #nat enable yes #nat log yes #nat same_ports yes #nat unregistered_only yes #enable dns bellnet: set device PPPoE:vr0 set authname myauthname set authkey myauthkey set dial set login set mtu 1492 disable lqr set socket /tmp/ppp.sock 1234 add default HISADDR <><><><><>SHELL DIALOGS: <><><><><> <>1<> # ppp -ddial -quiet bellnet Warning: Local: bind: Address already in use Warning: set socket: Failed 2 <>2<> #ifconfig ed0: flags=8843 mtu 1500 inet 192.168.0.3 netmask 0xffff0000 broadcast 192.168.255.255 inet6 fe80::280:c8ff:fede:c937%ed0 prefixlen 64 scopeid 0x1 ether 00:80:c8:de:c9:37 vr0: flags=8843 mtu 1500 inet6 fe80::20e:a6ff:fe9c:c81d%vr0 prefixlen 64 scopeid 0x2 ether 00:0e:a6:9c:c8:1d media: Ethernet autoselect (100baseTX ) status: active lp0: flags=8810 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff000000 tun0: flags=8051 mtu 1492 inet 65.92.***.*** --> 64.230.***.*** netmask 0xffffffff Opened by PID 250 tun1: flags=8051 mtu 1500 Opened by PID 741 ppp0: flags=8010 mtu 1500 tun2: flags=8051 mtu 1500 Opened by PID 807 tun3: flags=8051 mtu 1500 Opened by PID 954 <>3<> # netstat -rn Routing tables Internet: Destination Gateway Flags Refs Use Netif Expire default 64.230.***.*** UGSc 2 27 tun0 64.230.***.*** 65.92.***.*** UH 3 15 tun0 127.0.0.1 127.0.0.1 UH 0 135 lo0 192.168.0/16 link#1 UC 0 0 ed0 Internet6: Destination Gateway Flags Netif Expire ::1 ::1 UH lo0 fe80::%ed0/64 link#1 UC ed0 fe80::280:c8ff:fede:c937%ed0 00:80:c8:de:c9:37 UHL lo0 fe80::%vr0/64 link#2 UC vr0 fe80::20e:a6ff:fe9c:c81d%vr0 00:0e:a6:9c:c8:1d UHL lo0 fe80::%lo0/64 fe80::1%lo0 Uc lo0 fe80::1%lo0 link#4 UHL lo0 ff01::/32 ::1 U lo0 ff02::%ed0/32 link#1 UC ed0 ff02::%vr0/32 link#2 UC vr0 ff02::%lo0/32 ::1 UC lo0 ff02::%tun0/32 fe80::280:c8ff:fede:c937%tun0 UC tun0 ff02::%tun1/32 fe80::280:c8ff:fede:c937%tun1 UC tun1 ff02::%tun2/32 fe80::280:c8ff:fede:c937%tun2 UC tun2 ff02::%tun3/32 fe80::280:c8ff:fede:c937%tun3 UGS tun3 <>4<> # ppp Working in interactive mode Using interface: tun4 ppp ON thor> show physical Name: deflink State: closed Device: N/A Link Type: interactive Connect Count: 0 Queued Packets: 0 Phone Number: N/A Defaults: Device List: "PPPoE:vr0:bellnet" Characteristics: sync, cs8, no parity, CTS/RTS off CD check delay: device specific Connect time: 0:00:00 0 octets in, 0 octets out 0 packets in, 0 packets out Overall 0 bytes/sec ppp ON thor> dial ppp ON thor> Warning: Sending empty PAP authname! Ppp ON thor> Warning: Sending empty PAP authname! Warning: Sending empty PAP authname! ppp ON thor> dial bellnet Warning: Local: bind: Address already in use Warning: set socket: Failed 2 ppp ON thor> Ppp ON thor> PPp ON thor> Warning: iface add: ioctl(SIOCAIFADDR, 67.70.89.*** -> 64.230.254.***): File exists Error: ipcp_InterfaceUp: unable to set ip address <><><><><><> OTHER TWEAKS <><><><><>: <>1<> Some one who was trying to help me earlier mentioned that for a network setup I need the following: in /usr/local/etc/rc.d/natd.sh !#/bin/sh sbin/natd -u -m -s -n tun0 -redirect_address 192.168.x.x public_address in order for someone to get to my boxes from outside my local network. So I have a file called natd.sh in my system but I have not put in values for -redirect_address or public_address yet as I am not sure what they are suppose to mean. <>2<> Someone told me to change rc.firewall but I don't think the set-up it correct. I'm not sure if I should be using "tun0" or "vr0" and I think that my onet and inet are not configured properly ... how should this be configured given my topology? ############ # This is a prototype setup for a simple firewall. Configure this # machine as a named server and ntp server, and point all the machines # on the inside at this machine for those services. ############ # set these to your outside interface network and netmask and ip #oif="ed0" #onet="192.0.2.0" #omask="255.255.255.240" #oip="192.0.2.1" #THE ABOVE FOUR LINES ARE THE ORIGINAL #THE FOUR LINES BELOW ARE NEW oif="tun0" onet="192.168.0.3" omask="255.255.255.x" oip="" # set these to your inside interface network and netmask and ip #iif="ed1" #inet="192.0.2.16" #imask="255.255.255.240" #iip="192.0.2.17" #THE ABOVE FOUR LINES ARE THE ORIGINAL #THE FOUR LINES BELOW ARE NEW iif="ed0" inet="192.168.0.0" imask="255.255.255.0" iip="192.168.0.1" setup_loopback <><><><><> Help! Thanks in advance. <><><><><> --------------------------------- Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 22:41:01 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C4DC316A4CE for ; Tue, 22 Jun 2004 22:41:01 +0000 (GMT) Received: from master4.yvr1.superb.net (master4.yvr1.superb.net [209.90.166.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id E7A1A43D45 for ; Tue, 22 Jun 2004 22:41:00 +0000 (GMT) (envelope-from gbaratto@superb.net) Received: from chivas (fw.yvr1.superb.net [209.90.166.2]) by master4.yvr1.superb.net (8.12.9/8.12.8) with SMTP id i5MMeNu0024279 for ; Tue, 22 Jun 2004 15:40:23 -0700 (PDT) Message-ID: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> From: "Gustavo A. Baratto" To: Date: Tue, 22 Jun 2004 15:40:07 -0700 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: updating lots of servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 22:41:02 -0000 Hello all, Is there any other simple way to track many freebsd boxes other than the = one in the handbook? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/small-lan.html I want to be able to push the changes from a development boxes to the = other boxes... like In openbsd we can just make a big tarball in the = development server, copy it to the orher boxes and untar it. I don't really like the idea of using nfs in the development server that = has all the source code for many servers. Any ideas? thanks :) From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 23:02:18 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD56F16A4CE for ; Tue, 22 Jun 2004 23:02:18 +0000 (GMT) Received: from util.inch.com (shellutil.inch.com [216.223.208.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id 477AB43D39 for ; Tue, 22 Jun 2004 23:02:18 +0000 (GMT) (envelope-from spork@inch.com) Received: from shell.inch.com (www.inch.com [216.223.192.20]) i5MN2PXm018580; Tue, 22 Jun 2004 19:02:25 -0400 (EDT) (envelope-from spork@inch.com) Received: from shell.inch.com (localhost [127.0.0.1]) by shell.inch.com (8.12.8p2/8.12.8) with ESMTP id i5MN0Em1088945; Tue, 22 Jun 2004 19:00:54 -0400 (EDT) (envelope-from spork@inch.com) Received: from localhost (spork@localhost)i5MN0EwB088942; Tue, 22 Jun 2004 19:00:14 -0400 (EDT) X-Authentication-Warning: shell.inch.com: spork owned process doing -bs Date: Tue, 22 Jun 2004 19:00:14 -0400 (EDT) From: Charles Sprickman To: "Gustavo A. Baratto" In-Reply-To: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> Message-ID: <20040622185705.E75864@shell.inch.com> References: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: updating lots of servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 23:02:18 -0000 On Tue, 22 Jun 2004, Gustavo A. Baratto wrote: > Hello all, > > I want to be able to push the changes from a development boxes to the > other boxes... like In openbsd we can just make a big tarball in the > development server, copy it to the orher boxes and untar it. > > I don't really like the idea of using nfs in the development server that > has all the source code for many servers. Me neither, but then I noticed most new servers come with two NICs, so I put a cheap-ish 10/100 switch in and put all the boxes on a private network not accessible from the internet. You can run NFS on only those inside interfaces and nfs mount your /usr/src, /usr/obj, and /usr/ports through the private network. It's very very handy, and very fast; build once on one server then do your "make installkernel" and "make installworld" on each machine. Works very well... Thanks, Charles > Any ideas? > > thanks :) > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 23:05:36 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8191F16A4D8 for ; Tue, 22 Jun 2004 23:05:36 +0000 (GMT) Received: from bigass1.bitblock.com (ns1.bitblock.com [66.199.170.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id E640D43D5F for ; Tue, 22 Jun 2004 23:05:19 +0000 (GMT) (envelope-from mitch@bitblock.com) Received: from a1200 ([24.83.187.201]) (AUTH: LOGIN mitch@bitblock.com) by bigass1.bitblock.com with esmtp; Tue, 22 Jun 2004 23:05:15 +0000 X-Abuse-Reports: Visit http://www.bitblock.com/abuse.php X-Abuse-Reports: and submit a copy of the message headers X-Abuse-Reports: or review our policies and procedures X-Abuse-Reports: ID= 40D8BB2B.0000B62F.bigass1.bitblock.com,dns; a1200 ([24.83.187.201]),AUTH: LOGIN mitch@bitblock.com From: "Mitch (bitblock)" To: "Gustavo A. Baratto" , freebsd-isp@freebsd.org Date: Tue, 22 Jun 2004 16:05:15 -0700 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> Importance: Normal Subject: RE: updating lots of servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 23:05:36 -0000 I would think you can use rsync to acheive the same effect. m/ > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Gustavo A. Baratto > Sent: Tuesday, June 22, 2004 3:40 PM > To: freebsd-isp@freebsd.org > Subject: updating lots of servers > > > Hello all, > > Is there any other simple way to track many freebsd boxes other > than the one in the handbook? > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/small-lan.html > > I want to be able to push the changes from a development boxes to > the other boxes... like In openbsd we can just make a big tarball > in the development server, copy it to the orher boxes and untar it. > > I don't really like the idea of using nfs in the development > server that has all the source code for many servers. > > Any ideas? > > thanks :) > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Tue Jun 22 23:53:50 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F1CD116A4CE for ; Tue, 22 Jun 2004 23:53:50 +0000 (GMT) Received: from smtp1.netcologne.de (smtp1.netcologne.de [194.8.194.112]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3455C43D54 for ; Tue, 22 Jun 2004 23:53:50 +0000 (GMT) (envelope-from info@emre.de) Received: from localhost (netmail2.netcologne.de [194.8.194.22]) by smtp1.netcologne.de (Postfix) with ESMTP id 6992738FE2; Wed, 23 Jun 2004 01:53:36 +0200 (MEST) Received: from webmail.emre.de (webmail.emre.de [194.8.203.50]) by netmail2.netcologne.de (IMP) with HTTP; Wed, 23 Jun 2004 01:53:37 +0200 Message-ID: <1087948417.40d8c681c458f@netmail2.netcologne.de> Date: Wed, 23 Jun 2004 01:53:37 +0200 From: Emre Bastuz To: freebsd-isp@freebsd.org References: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> In-Reply-To: <01d201c458a9$de9d3ae0$9c01a8c0@chivas> MIME-Version: 1.0 Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: NetCologne NetMail (IMP) 4.0-cvs cc: gbaratto@superb.net Subject: Re: updating lots of servers X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Jun 2004 23:53:51 -0000 Hi, Zitat von "Gustavo A. Baratto" : > Is there any other simple way to track many freebsd boxes other than the one > in the handbook? quite some time ago I read this article from the guys att xs4all.nl who describe how they do keep their farm up to date with a combined PXE/Rsync/TFTP/etc. environment: http://www.pix.net/software/pxeboot/archive/SANE.pdf http://www.xs4all.nl/~scorpio/sane2002/ Hope this helps. Cheers, Emre -- http://www.emre.de UIN: 561260 PGP Key ID: 0xAFAC77FD I don't see why some people even HAVE cars. -- Calvin From owner-freebsd-isp@FreeBSD.ORG Wed Jun 23 05:36:36 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA93016A4CE for ; Wed, 23 Jun 2004 05:36:36 +0000 (GMT) Received: from ns2.wananchi.com (ns2.wananchi.com [62.8.64.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 53BD243D58 for ; Wed, 23 Jun 2004 05:36:35 +0000 (GMT) (envelope-from wash@wananchi.com) Received: from wash by ns2.wananchi.com with local (Exim 4.34 #0 (FreeBSD 4.10-STABLE)) id 1Bd0Qb-00052r-SV by authid for ; Wed, 23 Jun 2004 08:36:09 +0300 Date: Wed, 23 Jun 2004 08:36:09 +0300 From: Odhiambo Washington To: FBSD-ISP Message-ID: <20040623053609.GA91865@ns2.wananchi.com> Mail-Followup-To: Odhiambo Washington , FBSD-ISP Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Disclaimer: Any views expressed in this message,where not explicitly attributed otherwise, are mine alone!. X-Mailer: Mutt 1.5.6i (2004-02-01) X-Designation: Systems Administrator, Wananchi Online Ltd. X-Location: Nairobi, KE, East Africa. User-Agent: Mutt/1.5.6i Subject: Registry Services X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2004 05:36:36 -0000 Hello people, I am working in an ISP setup to start with and we offer domain registration services to clients, because we have a reseller account with OpenSRS. It is this reseller position that I want to extend... I am thinking about offering domain registration services to some organizations around me. I am currently using OpenSRS to register domain names. Does anyone know what it would take, either via another method, or by using the OpenSRS system (their client application) to offer other people registration services. Basically what I am looking at is a way to get people registering domains via my own an interface (think of the OpenSRS client) then the registration is submitted to OpenSRS using my account. The issues I'd face are mostly accounting, but I am thinking that I could authenticate users via some DB and even allocate them some credit that they can use. Any advise/clues most welcome. -Wash http://www.netmeister.org/news/learn2quote.html -- +======================================================================+ |\ _,,,---,,_ | Odhiambo Washington Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +======================================================================+ Art is anything you can get away with. -- Marshall McLuhan. From owner-freebsd-isp@FreeBSD.ORG Thu Jun 24 13:08:31 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8B60416A4CE for ; Thu, 24 Jun 2004 13:08:31 +0000 (GMT) Received: from frink.w3.org (frink.w3.org [18.29.1.71]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6531743D5D for ; Thu, 24 Jun 2004 13:08:29 +0000 (GMT) (envelope-from aa-sender@w3.org) Received: by frink.w3.org (Postfix, from userid 59936) id 5EB27A217E; Thu, 24 Jun 2004 09:07:37 -0400 (EDT) To: freebsd-isp@freebsd.org From: W3C List Manager In-Reply-To: Precedence: bulk Message-Id: <20040624130737.5EB27A217E@frink.w3.org> Date: Thu, 24 Jun 2004 09:07:37 -0400 (EDT) Subject: IMPORTANT: your message to uri X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2004 13:08:31 -0000 This is a response to a message apparently sent from your address to uri@w3.org: Subject: EU Beitritt der Tuerkei ? From: freebsd-isp@freebsd.org Date: Thu, 24 Jun 2004 12:58:12 GMT Your message has NOT been distributed to the list; before we distribute it, we need your permission to include your message in our Web archive of all messages distributed to this list. Please visit: http://www.w3.org/Mail/review?id=aeb96561ebe249e559ccdcb58f2a560444f97dd6 and follow the simple procedure listed to give us permission to include your message in our Web archives. It should take less than one minute of your time, and only needs to be done once. If you do not give us this permission by Thu Jul 1 13:07:37 UTC 2004, your message will be deleted from our systems without being distributed to the list. Please do not reply to this message; for more information on this system, including information on how to provide feedback, please see: http://www.w3.org/2002/09/aa/ Note: W3C's mailing lists may not be used for unsolicited bulk email of any kind! -- W3C Postmaster, http://www.w3.org/Mail/ From owner-freebsd-isp@FreeBSD.ORG Thu Jun 24 16:47:31 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CD09416A4CE for ; Thu, 24 Jun 2004 16:47:31 +0000 (GMT) Received: from smtp2.Stanford.EDU (smtp2.Stanford.EDU [171.67.16.125]) by mx1.FreeBSD.org (Postfix) with ESMTP id A045443D46 for ; Thu, 24 Jun 2004 16:47:31 +0000 (GMT) (envelope-from help@networking.Stanford.EDU) Received: from networking.Stanford.EDU (networking.Stanford.EDU [171.64.20.23]) by smtp2.Stanford.EDU (8.12.11/8.12.11) with ESMTP id i5OGlEdi006242; Thu, 24 Jun 2004 09:47:14 -0700 Received: (from help@localhost) by networking.Stanford.EDU (8.11.7/8.11.6) id i5OGlDq01541; Thu, 24 Jun 2004 09:47:13 -0700 (PDT) Date: Thu, 24 Jun 2004 09:47:13 -0700 (PDT) From: Network Help Message-Id: <200406241647.i5OGlDq01541@networking.Stanford.EDU> To: freebsd-isp@freebsd.org References: <2cc7de8288040b.23b7b.qmail@freebsd.org> In-Reply-To: <2cc7de8288040b.23b7b.qmail@freebsd.org> X-Loop: help@networking.stanford.edu Precedence: junk Subject: Re: [SPAM:###] Geschrieben von Margrit am 07. April 2004 [5606] X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2004 16:47:31 -0000 ***************************************************************************** The email address you submitted your request to is no longer in service -- *** your email request will not be read or responded to. *** ITSS is using the HelpSU system to receive and track all requests. Please use http://helpsu.stanford.edu/helpsu.cgi to submit your requests and questions. If you were directed to "help@networking" by a web page, please let us know by submitting the referring URL via HelpSU, and we will attempt to contact the maintainer and correct the problem. ***************************************************************************** From owner-freebsd-isp@FreeBSD.ORG Thu Jun 24 21:41:46 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 86D7E16A4CE for ; Thu, 24 Jun 2004 21:41:46 +0000 (GMT) Received: from telcommail.net (mail.telcom.net [200.80.13.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id CEC4E43D5F for ; Thu, 24 Jun 2004 21:41:45 +0000 (GMT) (envelope-from akachler@telcom.net) Received: from arie (host203.216.22.121.telcom.net [216.22.121.203] (may be forged)) by telcommail.net (8.12.10/8.12.10) with ESMTP id i5OLedGv000485 for ; Thu, 24 Jun 2004 17:40:40 -0400 (EDT) Message-Id: <200406242140.i5OLedGv000485@telcommail.net> From: "Arie Kachler" To: Date: Thu, 24 Jun 2004 17:39:27 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcRaM7lqcCK69X8fQFmr+A7sQ1eZ7Q== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: Postfix + maildir quotas X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 Jun 2004 21:41:46 -0000 Hello, I'm doing testing of a mail system composed of Postfix + Mysql + VDA quota patch + courier-imap. I'm using maildirs so the mailstore can be accessed by many servers through nfs such that the system can be more or less scalable. The system works very well, with the exception of the quotas. When a maildir grows, the delivery of each message starts taking up more and more cpu up to a point where the server starts having trouble keeping up. Anybody has come across this situation and ways around it? Thanks for any pointers you can give me. Arie Kachler From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 15:05:36 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0421416A4CE for ; Fri, 25 Jun 2004 15:05:36 +0000 (GMT) Received: from anchor-post-37.mail.demon.net (anchor-post-36.mail.demon.net [194.217.242.86]) by mx1.FreeBSD.org (Postfix) with ESMTP id 66BF643D2D for ; Fri, 25 Jun 2004 15:05:35 +0000 (GMT) (envelope-from postmaster@calibreuk.com) Received: from mailgate.calibreuk.com ([62.49.99.38] helo=calibreuk.com) by anchor-post-37.mail.demon.net with esmtp (Exim 3.35 #1) id 1BdsGW-0006tv-8r for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 16:05:21 +0100 From: Mailer_Daemon@calibreuk.com To: freebsd-isp@freebsd.org Date: Fri, 25 Jun 2004 16:06:56 +0100 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_VPOP3Boundary-5E428D34000000BB" Message-Id: X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Message Delivery Failure - due to attachments X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: postmaster@calibreuk.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 15:05:36 -0000 ------=_VPOP3Boundary-5E428D34000000BB Content-Type: text/plain Content-Transfer-Encoding: 7bit The message below (subject: "Re: Your archive") that you sent was not delivered because it contained one or more prohibited attachments. The prohibited attachment filenames are below: - "your_archive.pif" was prohibited --------------------------------------- ------=_VPOP3Boundary-5E428D34000000BB-- From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 15:11:07 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C5BA916A4CF for ; Fri, 25 Jun 2004 15:11:07 +0000 (GMT) Received: from ns.aces.pt (ns.aces.pt [195.22.10.40]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB8DA43D48 for ; Fri, 25 Jun 2004 15:11:04 +0000 (GMT) (envelope-from marco.goncalves@aces.pt) Received: from marco (adslsapo-b4-129-236.telepac.pt [81.193.129.236]) by ns.aces.pt (8.11.6/8.11.6) with SMTP id i5PF8KS08093 for ; Fri, 25 Jun 2004 16:08:23 +0100 Message-ID: <006e01c45ac6$945f3b30$82026b83@marco> From: =?iso-8859-1?Q?Marco_Gon=E7alves?= To: Date: Fri, 25 Jun 2004 16:10:05 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Subject: Software RAID1 with 2 IDE disks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 15:11:07 -0000 Hi list! I have a server with two 80GB 7200RPM IDE hard drive disks. Is it possible to have a software mirror RAID1 runing with FreeBSD? I mean a full disk mirror (inlcuding system files and so on). So if i have a big problem in one disk, everything runs the same, with minimum human intervention... Is there a tool can wich i accomplish this? CCD? Vinum? What would be the trade-offs in access disk speed, cpu load, etc... Any tought would be welcome. Best regards Marco Gonçalves www.aces.pt From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 15:18:54 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4573D16A4CE for ; Fri, 25 Jun 2004 15:18:54 +0000 (GMT) Received: from mutare.noc.clara.net (mutare.noc.clara.net [195.8.70.95]) by mx1.FreeBSD.org (Postfix) with ESMTP id 074EE43D54 for ; Fri, 25 Jun 2004 15:18:54 +0000 (GMT) (envelope-from ollie@mutare.noc.clara.net) Received: from ollie by mutare.noc.clara.net with local (Exim 4.34) id 1BdsTN-000POz-Ea for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 16:18:37 +0100 Date: Fri, 25 Jun 2004 16:18:37 +0100 From: Ollie Cook To: freebsd-isp@freebsd.org Message-ID: <20040625151837.GS54116@mutare.noc.clara.net> References: <006e01c45ac6$945f3b30$82026b83@marco> Mime-Version: 1.0 Content-Type: text/plain; charset=unknown-8bit Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <006e01c45ac6$945f3b30$82026b83@marco> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 4.10-STABLE i386 X-NCC-RegID: uk.claranet Sender: Ollie Cook Subject: Re: Software RAID1 with 2 IDE disks X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 15:18:54 -0000 On Fri, Jun 25, 2004 at 04:10:05PM +0100, Marco Gonçalves wrote: > Hi list! > > I have a server with two 80GB 7200RPM IDE hard drive disks. > Is it possible to have a software mirror RAID1 runing with FreeBSD? I mean a > full disk mirror (inlcuding system files and so on). So if i have a big > problem in one disk, everything runs the same, with minimum human > intervention... Is there a tool can wich i accomplish this? CCD? Vinum? > What would be the trade-offs in access disk speed, cpu load, etc... Vinum can do what you want. In particular if you want to use it as the root volume, there's a section in the handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/vinum-root.html A general discussion of vinum is here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/vinum-vinum.html Ollie -- Oliver Cook Systems Administrator, Claranet UK ollie@uk.clara.net +44 20 7903 3065 From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 18:01:48 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A49C16A4CE for ; Fri, 25 Jun 2004 18:01:48 +0000 (GMT) Received: from pd5mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id E8CD043D41 for ; Fri, 25 Jun 2004 18:01:47 +0000 (GMT) (envelope-from gbaratto@superb.net) Received: from pd2mr2so.prod.shaw.ca (pd2mr2so-ser.prod.shaw.ca [10.0.141.109])2003)) with ESMTP id <0HZV0088LM2MFY@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:01:34 -0600 (MDT) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd2mr2so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZV007QEM2MWDK0@pd2mr2so.prod.shaw.ca> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:01:34 -0600 (MDT) Received: from chivas (S01060080c8118809.vc.shawcable.net [24.85.89.252]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with SMTP id <0HZV00A0MM2LIA@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:01:34 -0600 (MDT) Date: Fri, 25 Jun 2004 11:00:23 -0700 From: "Gustavo A. Baratto" To: freebsd-isp@freebsd.org Message-id: <028201c45ade$5a6b2f70$6400a8c0@chivas> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 X-Mailer: Microsoft Outlook Express 6.00.2800.1409 X-Priority: 3 X-MSMail-priority: Normal Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 18:01:48 -0000 Hello guys, some of our users' ISPs don't allow them to use port 25, so they cannot = use out mail server. I want to open a new port (2525) and forward all packets from 2525 to 25 = so, they can use mail. I tried this in IPFW: 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state 0200 0 0 divert 25 ip from any to me dst-port 2525 = keep-state 0300 103075 35531648 allow ip from me to any keep-state 0400 60 4530 deny log ip from any to any If I telnet directly to port 25, I can get the prompt, but if I telnet = to port 2525, I get a connection refused. What should I do in ipfw to forward port 2525 to port 25 tranparently? Thanks From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 18:11:18 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A0BE416A4CE for ; Fri, 25 Jun 2004 18:11:18 +0000 (GMT) Received: from smtp-out4.iol.cz (smtp-out4.iol.cz [194.228.2.92]) by mx1.FreeBSD.org (Postfix) with ESMTP id 614EE43D48 for ; Fri, 25 Jun 2004 18:11:18 +0000 (GMT) (envelope-from bln@bln.no-ip.org) Received: from 172.16.1.2 (unknown [83.208.18.168])610AC31620 for ; Fri, 25 Jun 2004 19:10:24 +0200 (CEST) To: freebsd-isp@freebsd.org Date: Fri, 25 Jun 2004 20:10:30 +0200 User-Agent: KMail/1.5.4 References: <028201c45ade$5a6b2f70$6400a8c0@chivas> In-Reply-To: <028201c45ade$5a6b2f70$6400a8c0@chivas> MIME-Version: 1.0 Content-Disposition: inline Message-Id: <200406252009.07593.> From: Ondra Holecek Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 18:11:18 -0000 On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote: > Hello guys, > > some of our users' ISPs don't allow them to use port 25, so they cannot use > out mail server. > > I want to open a new port (2525) and forward all packets from 2525 to 25 > so, they can use mail. > > I tried this in IPFW: > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > 0200 0 0 divert 25 ip from any to me dst-port 2525 keep-state ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ this line does something other try to use this: ipfw delete 200 ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > 0300 103075 35531648 allow ip from me to any keep-state > 0400 60 4530 deny log ip from any to any > > > If I telnet directly to port 25, I can get the prompt, but if I telnet to > port 2525, I get a connection refused. > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > > Thanks > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 18:24:26 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF59016A4CE for ; Fri, 25 Jun 2004 18:24:26 +0000 (GMT) Received: from pd5mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9E1B243D45 for ; Fri, 25 Jun 2004 18:24:26 +0000 (GMT) (envelope-from gbaratto@superb.net) Received: from pd2mr6so.prod.shaw.ca (pd2mr6so-qfe3.prod.shaw.ca [10.0.141.9]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZV00C6ON1BN7@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:22:23 -0600 (MDT) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd2mr6so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZV00G5AN1BGG50@pd2mr6so.prod.shaw.ca> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:22:23 -0600 (MDT) Received: from chivas (S01060080c8118809.vc.shawcable.net [24.85.89.252]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with SMTP id <0HZV00E4AN1AR8@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:22:23 -0600 (MDT) Date: Fri, 25 Jun 2004 11:21:38 -0700 From: "Gustavo A. Baratto" To: freebsd-isp@freebsd.org, Ondra Holecek Message-id: <029601c45ae1$41f25b00$6400a8c0@chivas> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 X-Mailer: Microsoft Outlook Express 6.00.2800.1409 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7bit X-Priority: 3 X-MSMail-priority: Normal References: <028201c45ade$5a6b2f70$6400a8c0@chivas> Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 18:24:26 -0000 Thank you very much... but I think it doesnt work :( umail7# ipfw delete 200 umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state umail7# telnet 207.228.225.128 2525 Trying 207.228.225.128... telnet: connect to address 207.228.225.128: Connection refused telnet: Unable to connect to remote host I tried the IP as well, instead of localhost... it doesnt work. look the telnet response from port 25: -bash-2.05b$ telnet 207.228.225.128 25 Trying 207.228.225.128... Connected to smtp3.superb.net. Escape character is '^]'. 220 smtp3.superb.net ESMTP thanks :) ----- Original Message ----- From: "Ondra Holecek" To: Sent: Friday, June 25, 2004 11:10 AM Subject: Re: ipfw and mail > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote: > > Hello guys, > > > > some of our users' ISPs don't allow them to use port 25, so they cannot use > > out mail server. > > > > I want to open a new port (2525) and forward all packets from 2525 to 25 > > so, they can use mail. > > > > I tried this in IPFW: > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > > 0200 0 0 divert 25 ip from any to me dst-port 2525 keep-state > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > this line does something other > try to use this: > ipfw delete 200 > ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > > > 0300 103075 35531648 allow ip from me to any keep-state > > 0400 60 4530 deny log ip from any to any > > > > > > If I telnet directly to port 25, I can get the prompt, but if I telnet to > > port 2525, I get a connection refused. > > > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > > > > Thanks > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 18:31:22 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F62A16A4CE for ; Fri, 25 Jun 2004 18:31:22 +0000 (GMT) Received: from smtp-out4.iol.cz (smtp-out4.iol.cz [194.228.2.92]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA32843D2F for ; Fri, 25 Jun 2004 18:31:21 +0000 (GMT) (envelope-from bln@bln.no-ip.org) Received: from 172.16.1.2 (unknown [83.208.18.168]) by smtp-out4.iol.cz (Internet on Line ESMTP server) with ESMTP id 42D7E30C3E; Fri, 25 Jun 2004 19:30:52 +0200 (CEST) From: Ondra Holecek To: "Gustavo A. Baratto" , freebsd-isp@freebsd.org Date: Fri, 25 Jun 2004 20:30:58 +0200 User-Agent: KMail/1.5.4 References: <028201c45ade$5a6b2f70$6400a8c0@chivas> <029601c45ae1$41f25b00$6400a8c0@chivas> In-Reply-To: <029601c45ae1$41f25b00$6400a8c0@chivas> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200406252030.58892.bln@bln.no-ip.org> Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 18:31:22 -0000 On Friday 25 June 2004 20:21, Gustavo A. Baratto wrote: > Thank you very much... but I think it doesnt work :( > > umail7# ipfw delete 200 > umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state for me it is working.. does this rule really have number 1400? It is import= ant=20 to have it before any other matching rule if you have rule 0400 =A0 =A0 60 =A0 =A0 4530 deny log ip from any to any you are always blocked at 400 and never go to 1400 > umail7# telnet 207.228.225.128 2525 > Trying 207.228.225.128... > telnet: connect to address 207.228.225.128: Connection refused > telnet: Unable to connect to remote host > > I tried the IP as well, instead of localhost... it doesnt work. > > look the telnet response from port 25: > -bash-2.05b$ telnet 207.228.225.128 25 > Trying 207.228.225.128... > Connected to smtp3.superb.net. > Escape character is '^]'. > 220 smtp3.superb.net ESMTP > > thanks :) > > ----- Original Message ----- > From: "Ondra Holecek" > To: > Sent: Friday, June 25, 2004 11:10 AM > Subject: Re: ipfw and mail > > > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote: > > > Hello guys, > > > > > > some of our users' ISPs don't allow them to use port 25, so they cann= ot > > use > > > > out mail server. > > > > > > I want to open a new port (2525) and forward all packets from 2525 to > > > 25 so, they can use mail. > > > > > > I tried this in IPFW: > > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > > > 0200 0 0 divert 25 ip from any to me dst-port 2525 > > keep-state > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > this line does something other > > try to use this: > > ipfw delete 200 > > ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > > > > 0300 103075 35531648 allow ip from me to any keep-state > > > 0400 60 4530 deny log ip from any to any > > > > > > > > > If I telnet directly to port 25, I can get the prompt, but if I telnet > > to > > > > port 2525, I get a connection refused. > > > > > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > > > > > > Thanks > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 19:32:26 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE70E16A4CE for ; Fri, 25 Jun 2004 19:32:26 +0000 (GMT) Received: from thehousleys.net (frenchknot.ne.client2.attbi.com [24.34.30.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1273643D67 for ; Fri, 25 Jun 2004 19:32:26 +0000 (GMT) (envelope-from jim@thehousleys.net) Received: from localhost (localhost [127.0.0.1]) by thehousleys.net (8.12.11/8.12.11) with ESMTP id i5PJUKXD059124; Fri, 25 Jun 2004 15:30:20 -0400 (EDT) (envelope-from jim@thehousleys.net) Received: from thehousleys.net ([127.0.0.1]) by localhost (cat.int.thehousleys.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 58688-06; Fri, 25 Jun 2004 15:30:17 -0400 (EDT) Received: from [192.168.0.105] (pied.int.thehousleys.net [192.168.0.105]) (authenticated bits=0) by thehousleys.net (8.12.11/8.12.11) with ESMTP id i5PJUCBN059115; Fri, 25 Jun 2004 15:30:12 -0400 (EDT) (envelope-from jim@thehousleys.net) In-Reply-To: <028201c45ade$5a6b2f70$6400a8c0@chivas> References: <028201c45ade$5a6b2f70$6400a8c0@chivas> Mime-Version: 1.0 (Apple Message framework v618) Content-Type: multipart/signed; micalg=sha1; boundary=Apple-Mail-3-362945887; protocol="application/pkcs7-signature" Message-Id: <13740EED-C6DE-11D8-9698-000393C28CD4@thehousleys.net> From: James Housley Date: Fri, 25 Jun 2004 15:30:11 -0400 To: "Gustavo A. Baratto" X-Mailer: Apple Mail (2.618) X-Virus-Scanned: by amavisd-new at thehousleys.net X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: freebsd-isp@freebsd.org Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 19:32:26 -0000 --Apple-Mail-3-362945887 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed On Jun 25, 2004, at 2:00 PM, Gustavo A. Baratto wrote: > Hello guys, > > some of our users' ISPs don't allow them to use port 25, so they > cannot use out mail server. > > I want to open a new port (2525) and forward all packets from 2525 to > 25 so, they can use mail. > > I tried this in IPFW: > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > 0200 0 0 divert 25 ip from any to me dst-port 2525 > keep-state > 0300 103075 35531648 allow ip from me to any keep-state > 0400 60 4530 deny log ip from any to any > > > If I telnet directly to port 25, I can get the prompt, but if I telnet > to port 2525, I get a connection refused. > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > I have done that with natd and ipfw. I think you want a forward rule instead of divert Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net --------------------------------------------------------------------- Do not meddle in the affairs of dragons, for you are crunchy and taste good with ketchup. --Apple-Mail-3-362945887-- From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 21:40:35 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7489516A4CE for ; Fri, 25 Jun 2004 21:40:35 +0000 (GMT) Received: from whitehall.lin-tech.net (whitehall.lin-tech.net [66.118.35.201]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C19D43D46 for ; Fri, 25 Jun 2004 21:40:35 +0000 (GMT) (envelope-from bob@buckhorn.net) Received: from [209.34.61.145] (lfkn-adsl-dhcp-62-145.txucom.net [209.34.61.145]) by whitehall.lin-tech.net (Postfix) with ESMTP id 2542DFE1B; Fri, 25 Jun 2004 16:39:35 -0500 (CDT) Message-ID: <40DC9B4D.8010207@buckhorn.net> Date: Fri, 25 Jun 2004 16:38:21 -0500 From: Bob Martin User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7) Gecko/20040614 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Gustavo A. Baratto" References: <028201c45ade$5a6b2f70$6400a8c0@chivas> In-Reply-To: <028201c45ade$5a6b2f70$6400a8c0@chivas> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd and fprot cc: freebsd-isp@freebsd.org Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 21:40:35 -0000 We don't redirect the mail. We just have the mail server listen on both ports. Much easier that way. Bob Martin Gustavo A. Baratto wrote: >Hello guys, > >some of our users' ISPs don't allow them to use port 25, so they cannot use out mail server. > >I want to open a new port (2525) and forward all packets from 2525 to 25 so, they can use mail. > >I tried this in IPFW: >0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state >0200 0 0 divert 25 ip from any to me dst-port 2525 keep-state >0300 103075 35531648 allow ip from me to any keep-state >0400 60 4530 deny log ip from any to any > > >If I telnet directly to port 25, I can get the prompt, but if I telnet to port 2525, I get a connection refused. > >What should I do in ipfw to forward port 2525 to port 25 tranparently? > >Thanks >_______________________________________________ >freebsd-isp@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-isp >To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Fri Jun 25 22:05:48 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4285916A4CE for ; Fri, 25 Jun 2004 22:05:48 +0000 (GMT) Received: from mgw1.MEIway.com (mgw1.meiway.com [81.255.84.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8330743D48 for ; Fri, 25 Jun 2004 22:05:47 +0000 (GMT) (envelope-from LConrad@Go2France.com) Received: from VirusGate.MEIway.com (virusgate.meiway.com [81.255.84.76]) by mgw1.MEIway.com (Postfix Relay Hub) with ESMTP id D6EDD47194D for ; Sat, 26 Jun 2004 00:07:28 +0200 (CEST) (envelope-from LConrad@Go2France.com) Received: from localhost (localhost.MEIWay.com [127.0.0.1]) by VirusGate.MEIway.com (Postfix) with SMTP id 4D569386701 for ; Sat, 26 Jun 2004 00:11:03 +0200 (CEST) (envelope-from LConrad@Go2France.com) X-AV-Checked: Sat Jun 26 00:11:03 2004 virusgate.meiway.com Received: from mail.Go2France.com (ms1.meiway.com [81.255.84.73]) by VirusGate.MEIway.com (Postfix) with ESMTP id 2E8E13866F9 for ; Sat, 26 Jun 2004 00:11:03 +0200 (CEST) (envelope-from LConrad@Go2France.com) Received: from tx2.Go2France.com [24.227.147.227] by mail.Go2France.com with ESMTP (SMTPD32-7.07) id A0C11F7204BA; Sat, 26 Jun 2004 00:01:37 +0200 Message-Id: <6.1.1.1.2.20040625170024.16c50ec0@81.255.84.73> X-Sender: LConrad@Go2France.com@81.255.84.73 X-Mailer: QUALCOMM Windows Eudora Version 6.1.1.1 Date: Fri, 25 Jun 2004 17:04:55 -0500 To: freebsd-isp@freebsd.org From: Len Conrad In-Reply-To: <028201c45ade$5a6b2f70$6400a8c0@chivas> References: <028201c45ade$5a6b2f70$6400a8c0@chivas> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jun 2004 22:05:48 -0000 >I want to open a new port (2525) and forward all packets from 2525 to 25 >so, they can use mail. try to fit into "well known ports/services", where port 587 is the "mail submission service" (SMTP client/MUA submitting to an MTA for relay/injection into the SMTP network of MTAs). Many think that all mail submitted to port 587 should require authentication. Just have your MTA listen on port 25 and port 587, keep the firewall out of the picture. Port 25 is the mail relay port (MTA relays to MTA), ab/used as the mail submission port. Len _____________________________________________________________________ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites From owner-freebsd-isp@FreeBSD.ORG Sat Jun 26 09:00:39 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DD01416A4CF for ; Sat, 26 Jun 2004 09:00:39 +0000 (GMT) Received: from pd2mq1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id B18D043D5A for ; Sat, 26 Jun 2004 09:00:39 +0000 (GMT) (envelope-from gbaratto@superb.net) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HZV001GWP6LA6@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 13:08:45 -0600 (MDT) Received: from pd2mr3so.prod.shaw.ca (pd2mr3so-ser.prod.shaw.ca [10.0.141.108])2003)) with ESMTP id <0HZV007RYOMTHD@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Received: from pn2ml4so.prod.shaw.ca ([10.0.121.148]) by pd2mr3so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0HZV00I5KOMT0D00@pd2mr3so.prod.shaw.ca> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Received: from chivas (S01060080c8118809.vc.shawcable.net [24.85.89.252]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with SMTP id <0HZV0056OOMT9F@l-daemon> for freebsd-isp@freebsd.org; Fri, 25 Jun 2004 12:56:53 -0600 (MDT) Date: Fri, 25 Jun 2004 11:56:07 -0700 From: "Gustavo A. Baratto" To: freebsd-isp@freebsd.org Message-id: <02b501c45ae6$12b8dee0$6400a8c0@chivas> MIME-version: 1.0 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 X-Mailer: Microsoft Outlook Express 6.00.2800.1409 Content-type: text/plain; charset=iso-8859-1 Content-transfer-encoding: 7BIT X-Priority: 3 X-MSMail-priority: Normal References: <028201c45ade$5a6b2f70$6400a8c0@chivas> <200406252030.58892.bln@bln.no-ip.org> Subject: Re: ipfw and mail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Jun 2004 09:00:40 -0000 yes, sorry my bad... I put that after a deny... it works like a charm Thank you very much!! ----- Original Message ----- From: "Ondra Holecek" To: "Gustavo A. Baratto" ; Sent: Friday, June 25, 2004 11:30 AM Subject: Re: ipfw and mail > On Friday 25 June 2004 20:21, Gustavo A. Baratto wrote: > > Thank you very much... but I think it doesnt work :( > > > > umail7# ipfw delete 200 > > umail7# ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > 01400 fwd 127.0.0.1,25 tcp from any to me dst-port 2525 keep-state > > for me it is working.. does this rule really have number 1400? It is important > to have it before any other matching rule > > if you have rule > 0400 60 4530 deny log ip from any to any > > you are always blocked at 400 and never go to 1400 > > > umail7# telnet 207.228.225.128 2525 > > Trying 207.228.225.128... > > telnet: connect to address 207.228.225.128: Connection refused > > telnet: Unable to connect to remote host > > > > I tried the IP as well, instead of localhost... it doesnt work. > > > > look the telnet response from port 25: > > -bash-2.05b$ telnet 207.228.225.128 25 > > Trying 207.228.225.128... > > Connected to smtp3.superb.net. > > Escape character is '^]'. > > 220 smtp3.superb.net ESMTP > > > > thanks :) > > > > ----- Original Message ----- > > From: "Ondra Holecek" > > To: > > Sent: Friday, June 25, 2004 11:10 AM > > Subject: Re: ipfw and mail > > > > > On Friday 25 June 2004 20:00, Gustavo A. Baratto wrote: > > > > Hello guys, > > > > > > > > some of our users' ISPs don't allow them to use port 25, so they cannot > > > > use > > > > > > out mail server. > > > > > > > > I want to open a new port (2525) and forward all packets from 2525 to > > > > 25 so, they can use mail. > > > > > > > > I tried this in IPFW: > > > > 0100 119649 44772439 allow tcp from any to me dst-port 25 keep-state > > > > 0200 0 0 divert 25 ip from any to me dst-port 2525 > > > > keep-state > > > > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > > this line does something other > > > try to use this: > > > ipfw delete 200 > > > ipfw add 200 fwd localhost:25 tcp from any to me 2525 keep-state > > > > > > > 0300 103075 35531648 allow ip from me to any keep-state > > > > 0400 60 4530 deny log ip from any to any > > > > > > > > > > > > If I telnet directly to port 25, I can get the prompt, but if I telnet > > > > to > > > > > > port 2525, I get a connection refused. > > > > > > > > What should I do in ipfw to forward port 2525 to port 25 tranparently? > > > > > > > > Thanks > > > > _______________________________________________ > > > > freebsd-isp@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" >