From owner-freebsd-isp@FreeBSD.ORG Sun Jul 29 11:26:50 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A256E16A420 for ; Sun, 29 Jul 2007 11:26:50 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: from web54304.mail.re2.yahoo.com (web54304.mail.re2.yahoo.com [206.190.49.114]) by mx1.freebsd.org (Postfix) with SMTP id E670C13C4A3 for ; Sun, 29 Jul 2007 11:26:49 +0000 (UTC) (envelope-from patrick_dkt@yahoo.com.hk) Received: (qmail 67840 invoked by uid 60001); 29 Jul 2007 11:26:45 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com.hk; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=G/JjQlAezL2jloaa8fk6r0SDNYw53DL22L7Em5JlXQxuhAyLdpmzCdXhaW5hH5v36lKN3S0/1xw59/pgieVvvqUnENKeYe+CqrWW6+DW/WBMQd8LQYhgO3mjbB8ElmaeuBYv4+bMtbZqPaTYKi1MFX0uAshLD0mOudaR6QtRl0o=; X-YMail-OSG: 2cB1HaMVM1k4ktFa4eok8Dfu3ppv2mQd7da6IgLFhd36aRu1SXsKSs8U6s.OXSgyvKMZ5iRY.lFoCNBiZSCAOPS9tZizJg0M7qS2jp5bftUXMwY- Received: from [61.15.61.52] by web54304.mail.re2.yahoo.com via HTTP; Sun, 29 Jul 2007 04:26:44 PDT Date: Sun, 29 Jul 2007 04:26:44 -0700 (PDT) From: Patrick Dung To: Doug Barton In-Reply-To: <46AA6078.6020300@FreeBSD.org> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Message-ID: <8142.66621.qm@web54304.mail.re2.yahoo.com> Cc: freebsd-isp@freebsd.org, freebsd-questions@freebsd.org Subject: Re: ISC bind9 with dynamic DNS update (chroot problem) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jul 2007 11:26:50 -0000 Thanks for reply. Your suggestion solved my problem, thanks. Yes, /etc/init.d/named is a typo. Regards Patrick --- Doug Barton wrote: > Patrick Dung wrote: > > Hi > > > > I use FreeBSD 6.2 and the base bind9. > > For dynamic DNS update, bind9 automatically generate the journal > file > > (end in .jnl). > > The default config is to use chroot and the running user as 'bind'. > > > > The problem is that after named is started (/etc/init.d/named > start), > > Are you sure you're doing this on FreeBSD? We have rc.d, not initd. > Assuming that was just a typo ... > > > the default chroot directory /var/named/etc/named > > The default directory is /etc/namedb, which is a symlink to > /var/named/etc/namedb. > > > permission will be reset to own by root. So the named daemon (run > > as user 'bind') cannot create the journal file and complain: > > You shouldn't be creating journal files in the config directory > anyway. > > > One temp fix is to use chroot and run as root, any suggestions? > > Yeah, don't run named as root. Ever. :) > > Assuming that you are actually running FreeBSD, and that you have not > turned off the mtree option, you should have the following > directories > in /etc/namedb: > > drwxr-xr-x 2 bind wheel 512 Jul 23 00:47 dynamic/ > drwxr-xr-x 2 root wheel 512 Jul 13 22:33 master/ > drwxr-xr-x 2 bind wheel 512 Jul 27 14:05 slave/ > > The dynamic directory is obviously designed to hold dynamic zones, > and > it (like the slave directory) is chowned to user bind so that named > can write to it after it drops privileges. > > hth, > > Doug > > -- > > This .signature sanitized for your protection > ____________________________________________________________________________________ Get the free Yahoo! toolbar and rest assured with the added security of spyware protection. http://new.toolbar.yahoo.com/toolbar/features/norton/index.php From owner-freebsd-isp@FreeBSD.ORG Fri Aug 3 11:23:16 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7C67616A417 for ; Fri, 3 Aug 2007 11:23:16 +0000 (UTC) (envelope-from bfgcsautoresponse@bigfishgames.com) Received: from mx1.bigfishgames.com (mx1.bigfishgames.com [72.5.208.138]) by mx1.freebsd.org (Postfix) with ESMTP id 4EBFE13C46B for ; Fri, 3 Aug 2007 11:23:16 +0000 (UTC) (envelope-from bfgcsautoresponse@bigfishgames.com) Received: from mx1.bigfishgames.com (localhost [127.0.0.1]) by mx1.bigfishgames.com (Postfix) with ESMTP id 785F8FF8C4 for ; Fri, 3 Aug 2007 03:53:44 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; h=Received:X-MimeOLE:Content-class:MIME-Version:Content-Type:Subject:Date:Message-ID:X-MS-Has-Attach:X-MS-TNEF-Correlator:Thread-Topic:Thread-Index:From:To; b=sML1iFGuCK2a7gZ5hUdyFIzV8b99MMw4Eg0j63azvn3DyOVnVZHTXsY5Ak2639d0/d702Q8Up1FJOaru6bGQzV+AJtiV/kWQ8s8MriOa5W51TSy3drNOSUZr6x8Fo5cP; c=nofws; d=bigfishgames.com; q=dns; s=default Received: from bfg-exh01.bigfish.lan (bfg-exh01.bigfish.lan [10.42.4.2]) by mx1.bigfishgames.com (Postfix) with ESMTP id 75EA2FF8BB for ; Fri, 3 Aug 2007 03:53:44 -0700 (PDT) X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Date: Fri, 3 Aug 2007 03:53:44 -0700 Message-ID: <67D4D261CD844E40BA2955D4BBA58D1203C033CA@bfg-exh01.bigfish.lan> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: Message Thread-Index: AcfVvI+UTIPSd8RZReCZlmN65syuRQAAAABn From: "Big Fish Games Customer Service AutoResponse" To: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ******* Notification About Your Recent Big Fish Games Support Request ************ (Do not reply to this email) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 03 Aug 2007 11:23:16 -0000 =20 Thank you for choosing Big Fish Games! ( This email account it is not monitored; Please do not reply.) We have implemented an online knowledge base to most efficiently assist you with your inquiry. This email address is no longer a point of contact for our Customer Support department. Please visit our online help section for assistance: http://bigfishgames.custhelp.com/cgi-bin/bigfishgames.cfg/php/enduser/st d_alp.php If you are unable to resolve your issue using our online support center, you may submit a request through the 'Ask a Question' tab available at that location. Our Customer Support department will answer your message within one business day.=20 Thank you for your patience as we continue to improve our site.=20 Best regards, Big Fish Games www.bigfishgames.com =20 ***THIS MESSAGE WAS SENT FROM AN AUTOMATED SERVER. PLEASE DO NOT RESPOND TO THIS MESSAGE. THIS MAILBOX WILL NOT BE MONITORED FOR INQUIRIES.***=20 From owner-freebsd-isp@FreeBSD.ORG Sat Aug 4 17:43:26 2007 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7DD6916A494 for ; Sat, 4 Aug 2007 17:43:26 +0000 (UTC) (envelope-from freebsd@levsha.org.ua) Received: from expo.ukrweb.net (expo.ukrweb.net [193.125.78.116]) by mx1.freebsd.org (Postfix) with ESMTP id BECAC13C483 for ; Sat, 4 Aug 2007 17:43:25 +0000 (UTC) (envelope-from freebsd@levsha.org.ua) Received: from levsha by expo.ukrweb.net with local (Exim 4.52 (FreeBSD)) id 1IHMz3-000IcF-Qi; Sat, 04 Aug 2007 20:00:09 +0300 Date: Sat, 4 Aug 2007 20:00:09 +0300 From: Mykola Dzham To: Samit Message-ID: <20070804170009.GZ51375@expo.ukrweb.net> References: <46A63AF2.40405@wlink.com.np> <200707242124.35449.idiotbg@gmail.com> <46A6CC96.8020609@wlink.com.np> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <46A6CC96.8020609@wlink.com.np> X-Operating-System: FreeBSD/5.4-RELEASE-p6 (i386) User-Agent: Mutt/1.5.6i Cc: freebsd-isp@freebsd.org Subject: Re: changing ttl size of forwarding packet X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 04 Aug 2007 17:43:26 -0000 Samit wrote: > Momchil Ivanov wrote: > > ?? Tuesday 24 July 2007 19:46:26 Samit ??????: > >> Hi, > >> > >> iptables can easily do it via mangle table. Is there any way using ipfw2 > >> to change the ttl size of the forwarding packets? > >> > >> Samit > >> > >> _______________________________________________ > >> freebsd-isp@freebsd.org mailing list > >> http://lists.freebsd.org/mailman/listinfo/freebsd-isp > >> To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > As far as I know there is no way to manipulate TTL with ipfw. There is a way > > to manipulate TTL with pf: http://www.openbsd.org/faq/pf/ > > > Cannot migrate to pf as I am using dummynet. You can use both ipfw and pf on sigle host and use required features simultaneous: dummynet from ipfw and scrub from pf -- Mykola Dzham, LEFT-(UANIC|RIPE) JID: levsha@jabber.net.ua