From owner-freebsd-isp Sun Jun 7 02:09:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA27225 for freebsd-isp-outgoing; Sun, 7 Jun 1998 02:09:29 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gjp.erols.com (root@alex-va-n008c079.moon.jic.com [206.156.18.89]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA27218 for ; Sun, 7 Jun 1998 02:09:23 -0700 (PDT) (envelope-from gjp@gjp.erols.com) Received: from gjp.erols.com (gjp@localhost.erols.com [127.0.0.1]) by gjp.erols.com (8.8.8/8.8.7) with ESMTP id FAA26732; Sun, 7 Jun 1998 05:09:22 -0400 (EDT) (envelope-from gjp@gjp.erols.com) To: "Bryan Bunch" cc: freebsd-isp@FreeBSD.ORG From: "Gary Palmer" Subject: Re: Sendmail Question In-reply-to: Your message of "Fri, 05 Jun 1998 09:03:39 CDT." <006901bd908a$bd958020$3671060c@ntwksbry.walls-media.com> Date: Sun, 07 Jun 1998 05:09:22 -0400 Message-ID: <26728.897210562@gjp.erols.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Bryan Bunch" wrote in message ID <006901bd908a$bd958020$3671060c@ntwksbry.walls-media.com>: > What am I missing here? Have you looked in the log files to see if there is a problem contacting one of the addresses? Are you running any sort of anti-relaying rules which could interefere with the processing of .forward files? Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 03:11:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA03385 for freebsd-isp-outgoing; Sun, 7 Jun 1998 03:11:48 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ovbis01.ovb.ch (ovbis01.ovb.ch [195.65.24.144]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id DAA03358 for ; Sun, 7 Jun 1998 03:11:11 -0700 (PDT) (envelope-from 310@ovb.ch) Received: from zhwbs-e1-01.limmat.ch [194.191.121.201] by ovbis01.ovb.ch with smtp (Exim 1.82 #1) id 0yicPq-0005b8-00; Sun, 7 Jun 1998 12:11:08 +0200 From: 310@ovb.ch (Oliver von Bueren) To: freebsd-isp@FreeBSD.ORG Subject: Re: US West and RADSL (fwd) Date: Sun, 07 Jun 1998 10:11:16 GMT Organization: private Message-ID: <357b633b.220372328@mail.ovb.ch> References: <3579976D.6974D1FA@comsys.com> In-Reply-To: <3579976D.6974D1FA@comsys.com> X-Mailer: Forte Agent 1.5/32.452 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id DAA03366 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 06 Jun 1998 12:24:29 -0700, you wrote: >I don't agree. "Let the phone companies...." has little meaning. What you >suggest.. is >that the phone company monopoly is a good thing. That the on-ramp to the >Internet >is a better serviced by the telephone company, and that the telephone company >really should collect the local loop charges for access to all networks of the >future. Hey, I don't see it that way, beside I don't live in the USA. What you say about the equipment in the COs to be installed by the individual ISP doesn't make sense either. That's about the same as if you'd say lets install the equipment to make ISDN connections from the COs to the customers by some ISP to have their customer have ISDN access to the pop. xDSL, which flavor will be a future standard is IMHO not very clear by know, should become a standard like ISDN, which in turn is very much one here in Europe. In terms of ISDN this means that you have a digital end-to-end dialup connection, error corrected and constant in its data rate, with a very fast connect process (oposite to V90, aka x2/k56flex, which is doesn't has all these features, is slower, has no constant data rate and is much more error prone). That is what the goal of xDSL should be too, with the small difference, it's faster! So the approach that the telcos should pay to upgrade their COs is not wrong, the only other thing is that the customer who gets such a line should have the freedom to connect to anyone he likes with this line, like ISDN but faster. This means that the COs have to route the traffic through a net, say an ATM, to the desired ISP. Conclusion: In the end the customer needs a xDSL enabled connection to the COs and the ISP is probably connected through say an ATM link to the telcos net. This doesn't make it a monopoly for the telcos but gives the customer the freedom to connect to the ISP he wants and lets him switch when he wants. Another thing, which is at least here in Switzerland at the current time an option to connect to an ISP, is to get a cooper 2wire leased line to an ISP and use one of the xDSL technologies to connect. This is used as our telco(s) are still testing the new technology and didn't deploy it up till now. But as a final solution, this isn't very satisfying, as you're bound to one ISP and can't change without rerouting the leased line by the telco to another destination, which always cost you money. Cheers, Oliver To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 04:50:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA17817 for freebsd-isp-outgoing; Sun, 7 Jun 1998 04:50:58 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from copper.singnet.com.sg (copper.singnet.com.sg [165.21.7.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA17760 for ; Sun, 7 Jun 1998 04:50:39 -0700 (PDT) (envelope-from annex@thing.annexgrp.org) Received: from thing.annexgrp.org (root@[203.127.137.254]) by copper.singnet.com.sg (8.8.7/8.8.7) with ESMTP id TAA22416; Sun, 7 Jun 1998 19:50:23 +0800 (SGT) Received: from localhost (annex@localhost) by thing.annexgrp.org (8.9.0/8.9.0) with SMTP id MAA29506; Sun, 7 Jun 1998 12:39:26 +0600 Date: Sun, 7 Jun 1998 12:39:25 +0600 (BGT) From: Annex To: Michael Dillon cc: inet-access@earth.com, linuxisp@friendly.jeffnet.org, freebsd-isp@FreeBSD.ORG, iap@vma.cc.nd.edu Subject: Re: US West and RADSL (fwd) In-Reply-To: Message-ID: Organization: Annex Group (Bangladesh) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 6 Jun 1998, Michael Dillon wrote: | If a DSL customer uses the telco as their ISP then the telco routes their | packets through their own Internet connection. But if the customer chooses But isn't DSL supposed to be working over POTS? --- Annex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 07:21:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA03939 for freebsd-isp-outgoing; Sun, 7 Jun 1998 07:21:38 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (intranet.pipeline.ch [195.134.128.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA03933 for ; Sun, 7 Jun 1998 07:21:34 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA220; Sun, 7 Jun 1998 16:20:39 +0200 Message-ID: <357AA1B7.E4CD1BA8@pipeline.ch> Date: Sun, 07 Jun 1998 16:20:39 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: Oliver von Bueren <310@ovb.ch> CC: freebsd-isp@FreeBSD.ORG Subject: Re: US West and RADSL (fwd) References: <3579976D.6974D1FA@comsys.com> <357b633b.220372328@mail.ovb.ch> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Oliver von Bueren wrote: -snip- > Hey, I don't see it that way, beside I don't live in the USA. What you > say about the equipment in the COs to be installed by the individual > ISP doesn't make sense either. That's about the same as if you'd say > lets install the equipment to make ISDN connections from the COs to > the customers by some ISP to have their customer have ISDN access to > the pop. xDSL, which flavor will be a future standard is IMHO not very > clear by know, should become a standard like ISDN, which in turn is > very much one here in Europe. Yea, ISDN is very common. The european Telcos did some sort of standard called Euro-ISDN, whereas the US Telcos have all their own standards. > In terms of ISDN this means that you have a digital end-to-end dialup > connection, error corrected and constant in its data rate, with a very > fast connect process (oposite to V90, aka x2/k56flex, which is doesn't > has all these features, is slower, has no constant data rate and is > much more error prone). That is what the goal of xDSL should be too, > with the small difference, it's faster! And unmetered 'always connected'. > So the approach that the telcos should pay to upgrade their COs is not > wrong, the only other thing is that the customer who gets such a line > should have the freedom to connect to anyone he likes with this line, > like ISDN but faster. This means that the COs have to route the > traffic through a net, say an ATM, to the desired ISP. Yes, that the key point IMO. The ISP should have the same conditions and prices as the Telco Internet division, everthing else is unfair. > Conclusion: In the end the customer needs a xDSL enabled connection to > the COs and the ISP is probably connected through say an ATM link to > the telcos net. Exactly. > This doesn't make it a monopoly for the telcos but gives the customer > the freedom to connect to the ISP he wants and lets him switch when he > wants. Should be the same with the cable networks. > Another thing, which is at least here in Switzerland at the current > time an option to connect to an ISP, is to get a cooper 2wire leased > line to an ISP and use one of the xDSL technologies to connect. This They tried to prohibit that. First they doubled the setup charges for plain copper lines, then they told their sales people they should deny every request for copper lines with the argument 'we dont have unused copper lines anymore'... After a friend inside Swisscom told me that, I complained and still get copper lines. Dont know about the other ISP's. > is used as our telco(s) are still testing the new technology and > didn't deploy it up till now. But as a final solution, this isn't very At least Swisscom is using HDSL for two or three years now for (fractional) E1 and PRI lines from the CO to the customer. > satisfying, as you're bound to one ISP and can't change without > rerouting the leased line by the telco to another destination, which > always cost you money. The prices are very high over here: a 34Meg leased line from Zurich to Geneva (~220km/~140mi) costs $35,500/month, a 2Meg costs $6,000/mo. The other point are the phone tariffs: We have here 'local' and 'long distance'. Local is within a radius of ~10km (6.25mi) from your home, long distance is everthing else. The customer has to pay $2.66/hr for local calls and $10.66/hr for long distance (the only good thing is that they have the same tariff for POTS and ISDN). Now one should imagine that Switzerland is 300mi by 200mi, a little bit bigger than i.e. Los Angeles, but has fewer people (~6m). More disturbing is the fact that the average Internet user (20hrs/mo) pays more money to the Telco ($50/mo, plus the monthly fee for the phone line of $17) for Internet access than for the ISP ($20/mo). Back in my pre-ISP days I used to get phone bills of $500 to $700/mo (long distance) only for Internet access. -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 08:46:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA18228 for freebsd-isp-outgoing; Sun, 7 Jun 1998 08:46:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from tweetie.online.barbour-index.co.uk (tweetie-vbc.online.barbour-index.co.uk [194.207.51.252]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA18168 for ; Sun, 7 Jun 1998 08:46:01 -0700 (PDT) (envelope-from scot@poptart.org) Received: from localhost (scot@localhost) by tweetie.online.barbour-index.co.uk (8.8.8/8.8.8) with SMTP id QAA10553 for ; Sun, 7 Jun 1998 16:45:58 +0100 (BST) (envelope-from scot@poptart.org) X-Authentication-Warning: tweetie.online.barbour-index.co.uk: scot owned process doing -bs Date: Sun, 7 Jun 1998 16:45:58 +0100 (BST) From: Scot Elliott X-Sender: scot@tweetie.online.barbour-index.co.uk To: freebsd-isp@FreeBSD.ORG Subject: Apache and open file descriptors Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I've just been playing with fstat. Most processes seem to have a reasonable number of files open - stdin, stdout, log files, internet streams etc. But Apache currently has 420 open files which seems a tad excessive. 20 of these are internet streams, which makes sense for the number of virtual hosts we have. Each host has it's own log files (three per host - access, error and agent). So I'd expect around one hundred open files - not four hundred. Has anyone got any ideas why this is happening or weather it is normal? Thanks. Scot. ----------------------------------------------------------------------------- Scot Elliott (scot@poptart.org) | Work: +44 (0)171 7046777 PGP fingerprint: FCAE9ED3A234FEB59F8C7F9DDD112D | Home: +44 (0)181 8961019 ----------------------------------------------------------------------------- Public key available by finger at: finger scot@poptart.org or at: http://www.poptart.org/pgpkey.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 09:42:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA27666 for freebsd-isp-outgoing; Sun, 7 Jun 1998 09:42:58 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from bmccane.maxbaud.net (bmccane-ppp.maxbaud.net [208.155.166.81]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA27645 for ; Sun, 7 Jun 1998 09:42:50 -0700 (PDT) (envelope-from root@bmccane.maxbaud.net) Received: from localhost (root@localhost) by bmccane.maxbaud.net (8.8.8/8.8.8) with SMTP id LAA10202 for ; Sun, 7 Jun 1998 11:42:48 -0500 (CDT) (envelope-from root@bmccane.maxbaud.net) Date: Sun, 7 Jun 1998 11:42:47 -0500 (CDT) From: Wm Brian McCane To: isp@FreeBSD.ORG Subject: nightly security run Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greetings, I have noticed that the security run in FreeBSD goes through my entire news spool directory (about 10GB). Has anyone figured out a quick/simple way to avoid this? It slows down my system (and probably yours) dramatically every night. brian +-----------------------------------+------------------------------------------+ He rides a cycle of mighty days, and \ Wm Brian and Lori McCane represents the last great schizm among\ McCane Consulting the gods. Evil though he obviously is, \ root@bmccane.cavtech.com he is a mighty figure, this father of \ http://bmccane.cavtech.com/ my spirit, and I respect him as the sons \ http://bmccane.cavtech.com/~pictures/ of old did the fathers of their bodies. \ http://bmccane.cavtech.com/~bmccane/ Roger Zelazny - "Lord of Light" \ +-------------------------------------------+----------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 11:19:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA13159 for freebsd-isp-outgoing; Sun, 7 Jun 1998 11:19:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mailb.telia.com (mailb.telia.com [194.22.194.6]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA13147 for ; Sun, 7 Jun 1998 11:19:21 -0700 (PDT) (envelope-from girgen@partitur.se) Received: from d1o29.telia.com (root@d1o29.telia.com [194.236.214.241]) by mailb.telia.com (8.8.8/8.8.8) with ESMTP id UAA29262; Sun, 7 Jun 1998 20:19:20 +0200 (CEST) Received: from partitur.se (t1o29p63.telia.com [194.236.214.63]) by d1o29.telia.com (8.8.8/8.8.5) with ESMTP id UAA28350; Sun, 7 Jun 1998 20:19:00 +0200 (MET DST) Message-ID: <357AD97B.43A50C2E@partitur.se> Date: Sun, 07 Jun 1998 20:18:35 +0200 From: Palle Girgensohn Organization: Partitur X-Mailer: Mozilla 4.05 [en] (X11; I; FreeBSD 2.2.6-STABLE i386) MIME-Version: 1.0 To: Wm Brian McCane CC: isp@FreeBSD.ORG Subject: Re: nightly security run References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello Brian, Check out /etc/security. In there, there is a code snippet thar runs the find command: MP=`mount -t ufs | grep -v " nosuid" | sed 's;/dev/;&r;' | awk '{ print $3 }'` set $MP while test $# -ge 1; do mount=$1 shift find $mount -xdev -type f \ \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ \( -perm -u+s -or -perm -g+s \) -print0 done | xargs -0 -n 20 ls -lTd | sort +9 > $TMP I suggest adding | grep -v "mount point of news..." to the first line if you have news on it's own partition, which I suppose you do, considering the size... :) I guess there are a bunch of ways to do it. Regards, Palle Wm Brian McCane wrote: > > Greetings, > I have noticed that the security run in FreeBSD goes through my > entire news spool directory (about 10GB). Has anyone figured out a > quick/simple way to avoid this? It slows down my system (and probably > yours) dramatically every night. > > brian > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 11:42:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA16167 for freebsd-isp-outgoing; Sun, 7 Jun 1998 11:42:22 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ha1.rdc1.sdca.home.com (siteadm@ha1.rdc1.sdca.home.com [24.0.3.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA16156 for ; Sun, 7 Jun 1998 11:42:20 -0700 (PDT) (envelope-from kahn@home.com) Received: from ERIN.UNET.TM ([24.0.171.37]) by ha1.rdc1.sdca.home.com (Netscape Mail Server v2.02) with SMTP id AAB7316; Sun, 7 Jun 1998 10:59:12 -0700 Message-ID: <005601bd923e$1d5b6b00$4700a8c0@ERIN.UNET.TM> From: "Kahn" To: "Annex" Cc: , , , Subject: Re: US West and RADSL (fwd) Date: Sun, 7 Jun 1998 10:58:08 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >On Sat, 6 Jun 1998, Michael Dillon wrote: >| If a DSL customer uses the telco as their ISP then the telco routes their >| packets through their own Internet connection. But if the customer chooses > >But isn't DSL supposed to be working over POTS? > >From what I understand, It works over pots only to the end user. Once it gets back to the source isp its transfered to a dedicated connection (i.e. T1, T3, OC3, OC12). Erin >--- >Annex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sun Jun 7 11:53:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA17616 for freebsd-isp-outgoing; Sun, 7 Jun 1998 11:53:26 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from marta.arcom.spb.su (marta.arcom.spb.su [195.190.100.18]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA17586 for ; Sun, 7 Jun 1998 11:53:12 -0700 (PDT) (envelope-from snar@marta.arcom.spb.su) Received: (from snar@localhost) by marta.arcom.spb.su (8.8.8/t/97-Mar-14) id WAA12188; Sun, 7 Jun 1998 22:49:19 +0400 (MSD) Message-ID: <19980607224919.20498@nevalink.ru> Date: Sun, 7 Jun 1998 22:49:19 +0400 From: Alexandre Snarskii To: Palle Girgensohn , Wm Brian McCane Cc: isp@FreeBSD.ORG Subject: Re: nightly security run References: <357AD97B.43A50C2E@partitur.se> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89i In-Reply-To: <357AD97B.43A50C2E@partitur.se>; from Palle Girgensohn on Sun, Jun 07, 1998 at 08:18:35PM +0200 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sun, Jun 07, 1998 at 08:18:35PM +0200, Palle Girgensohn wrote: > Hello Brian, > > Check out /etc/security. In there, there is a code snippet thar runs the > find command: > > MP=`mount -t ufs | grep -v " nosuid" | sed 's;/dev/;&r;' | awk '{ print > $3 }'` > set $MP > while test $# -ge 1; do > mount=$1 > shift > find $mount -xdev -type f \ > \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ > \( -perm -u+s -or -perm -g+s \) -print0 > done | xargs -0 -n 20 ls -lTd | sort +9 > $TMP > > > I suggest adding | grep -v "mount point of news..." to the first line if > you have news on it's own partition, which I suppose you do, considering > the size... :) > I guess there are a bunch of ways to do it. More easiest way is to mark newsspool mountpoint as nosuid, as newsspool should be anyway (noexec and nodev can be used too - if you dont expect executable articles in alt/2600 :) ) :) -- Alexandre Snarskii the source code is included To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 02:56:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA07042 for freebsd-isp-outgoing; Mon, 8 Jun 1998 02:56:14 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from sun-test.hightek.com ([194.74.141.100]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA07037 for ; Mon, 8 Jun 1998 02:56:11 -0700 (PDT) (envelope-from andreas@klemm2.hightek.com) Received: from klemm2.hightek.com ([195.90.203.76]) by sun-test.hightek.com (Netscape Mail Server v1.1) with ESMTP id AAA7369; Mon, 8 Jun 1998 11:56:06 +0200 Received: (from andreas@localhost) by klemm2.hightek.com (8.8.8/8.8.8) id LAA21307; Mon, 8 Jun 1998 11:56:05 +0200 (CEST) (envelope-from andreas) Message-ID: <19980608115605.21479@hightek.com> Date: Mon, 8 Jun 1998 11:56:05 +0200 From: Andreas Klemm To: isp@FreeBSD.ORG Cc: IBS / Andre Oppermann Subject: how does PPP CHAP work ? Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89.1i X-Operating-System: FreeBSD 2.2.6-STABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi ! I need some quick advice about PPP CHAP, hope you can help. I have an USR TC Access Router. We only use PAP authentication. A typical Radius entry looks like this: username password, etc ... and then User-Service-Type = Framed-User, Framed-Protocol = PPP, Port-Limit = 1, Framed-IP-Address = 195.90.205.247, Framed-Netmask = 255.255.255.0, Framed-Routing = None, Framed-Compression = None, Framed-MTU = 1500 Would that PAP client be able to authenticate via CHAP with the same RADIUS authentication entry ? I heard from USR tech support, that both pap and chp is supported. A collegue of mine claims, that it would'nt be possible, because CHAP would use a two way handshake, that means, our access router would have to authenticate itself with username and password on the client access router. On the other hand I didn't find any hint in the official radius 2.0.1 manual, that there is a switch/token, what authentication to use (PAP or CHAP) and no config tokens, where I could set the login and password we'd user to authenticate us on the client. My own experiences told me, that I have to login myself on Cisco's using CHAP and on the cisco client router I don't provide a special entry for the Access Server (Cisco Router at the ISP). Somebody so kind to make things clear ? -- B&K Gruppe - Wuppertal phone +49 202 7399 - 170 fax +49 202 7399 - 100 http://www.FreeBSD.ORG/~andreas/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 03:12:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA10132 for freebsd-isp-outgoing; Mon, 8 Jun 1998 03:12:02 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (intranet.pipeline.ch [195.134.128.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA10093 for ; Mon, 8 Jun 1998 03:11:52 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA352; Mon, 8 Jun 1998 12:10:53 +0200 Message-ID: <357BB8B1.55C43D5@pipeline.ch> Date: Mon, 08 Jun 1998 12:10:57 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: Andreas Klemm CC: isp@FreeBSD.ORG Subject: Re: how does PPP CHAP work ? References: <19980608115605.21479@hightek.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andreas Klemm wrote: > > Hi ! > > I need some quick advice about PPP CHAP, hope you can help. Yes 8-) > I have an USR TC Access Router. We only use PAP authentication. > A typical Radius entry looks like this: > > username password, etc ... and then > User-Service-Type = Framed-User, > Framed-Protocol = PPP, > Port-Limit = 1, > Framed-IP-Address = 195.90.205.247, > Framed-Netmask = 255.255.255.0, > Framed-Routing = None, > Framed-Compression = None, > Framed-MTU = 1500 > > Would that PAP client be able to authenticate via CHAP with the > same RADIUS authentication entry ? I heard from USR tech support, > that both pap and chp is supported. No. You have two problems: 1. PAP passwords are in clear text 2. CHAP is not CHAP, there is one CHAP standard and MS-CHAP Please read the discussion in Brians newest userland-ppp 3. CHAP passwords need special handling on the RADIUS server (Challenge Handshake Auth Protocol) > A collegue of mine claims, that it would'nt be possible, because > CHAP would use a two way handshake, that means, our access router > would have to authenticate itself with username and password on > the client access router. No, that depends on your configuration. > On the other hand I didn't find any hint in the official radius > 2.0.1 manual, that there is a switch/token, what authentication > to use (PAP or CHAP) and no config tokens, where I could set the > login and password we'd user to authenticate us on the client. Well, I allow only PAP at the moment because of those problems but I think you need a CHAP password entry with an special encrypted password (with the RFC CHAP or MS-CHAP). But that depends IMO on the RADIUS client/Dial-In server. > My own experiences told me, that I have to login myself on > Cisco's using CHAP and on the cisco client router I don't > provide a special entry for the Access Server (Cisco Router at > the ISP). -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 03:50:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA14947 for freebsd-isp-outgoing; Mon, 8 Jun 1998 03:50:47 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from sun-test.hightek.com ([194.74.141.100]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA14933 for ; Mon, 8 Jun 1998 03:50:34 -0700 (PDT) (envelope-from andreas@klemm2.hightek.com) Received: from klemm2.hightek.com ([195.90.203.76]) by sun-test.hightek.com (Netscape Mail Server v1.1) with ESMTP id AAA8057; Mon, 8 Jun 1998 12:50:32 +0200 Received: (from andreas@localhost) by klemm2.hightek.com (8.8.8/8.8.8) id MAA21564; Mon, 8 Jun 1998 12:50:31 +0200 (CEST) (envelope-from andreas) Message-ID: <19980608125031.00463@hightek.com> Date: Mon, 8 Jun 1998 12:50:31 +0200 From: Andreas Klemm To: IBS / Andre Oppermann Cc: isp@FreeBSD.ORG Subject: Re: how does PPP CHAP work ? References: <19980608115605.21479@hightek.com> <357BB8B1.55C43D5@pipeline.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89.1i In-Reply-To: <357BB8B1.55C43D5@pipeline.ch>; from IBS / Andre Oppermann on Mon, Jun 08, 1998 at 12:10:57PM +0200 X-Operating-System: FreeBSD 2.2.6-STABLE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jun 08, 1998 at 12:10:57PM +0200, IBS / Andre Oppermann wrote: > Andreas Klemm wrote: > No. You have two problems: Three ? ;-) > 1. PAP passwords are in clear text > > 2. CHAP is not CHAP, there is one CHAP standard and MS-CHAP > Please read the discussion in Brians newest userland-ppp > > 3. CHAP passwords need special handling on the RADIUS server > (Challenge Handshake Auth Protocol) Which special handling on the Radius Server ? Could you please be more verbose on this ? > > A collegue of mine claims, that it would'nt be possible, because > > CHAP would use a two way handshake, that means, our access router > > would have to authenticate itself with username and password on > > the client access router. > > No, that depends on your configuration. On the access server or radius or both ? -- B&K Gruppe - Wuppertal phone +49 202 7399 - 170 fax +49 202 7399 - 100 http://www.FreeBSD.ORG/~andreas/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 04:26:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA23768 for freebsd-isp-outgoing; Mon, 8 Jun 1998 04:26:06 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (intranet.pipeline.ch [195.134.128.66]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA23694 for ; Mon, 8 Jun 1998 04:25:52 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA215; Mon, 8 Jun 1998 13:24:45 +0200 Message-ID: <357BCA02.2F008019@pipeline.ch> Date: Mon, 08 Jun 1998 13:24:50 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: Andreas Klemm CC: isp@FreeBSD.ORG Subject: Re: how does PPP CHAP work ? References: <19980608115605.21479@hightek.com> <357BB8B1.55C43D5@pipeline.ch> <19980608125031.00463@hightek.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andreas Klemm wrote: > > On Mon, Jun 08, 1998 at 12:10:57PM +0200, IBS / Andre Oppermann wrote: > > Andreas Klemm wrote: > > No. You have two problems: > > Three ? ;-) Hmm... sometimes I'm a sales person... > > 1. PAP passwords are in clear text > > > > 2. CHAP is not CHAP, there is one CHAP standard and MS-CHAP > > Please read the discussion in Brians newest userland-ppp > > > > 3. CHAP passwords need special handling on the RADIUS server > > (Challenge Handshake Auth Protocol) > > Which special handling on the Radius Server ? Could you please > be more verbose on this ? http://www.merit.edu/aaa/docs/radius-desc.txt http://www.merit.edu/aaa/docs/rfc2138.txt @2.2 > > > A collegue of mine claims, that it would'nt be possible, because > > > CHAP would use a two way handshake, that means, our access router > > > would have to authenticate itself with username and password on > > > the client access router. > > > > No, that depends on your configuration. > > On the access server or radius or both ? On the RADIUS server. -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 04:45:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA27263 for freebsd-isp-outgoing; Mon, 8 Jun 1998 04:45:39 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from piggy.kharkiv.net (piggy.kharkiv.net [194.44.156.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA26942 for ; Mon, 8 Jun 1998 04:43:56 -0700 (PDT) (envelope-from news@piggy.kharkiv.net) Received: (from news@localhost) by piggy.kharkiv.net (8.8.8-MVC/8.8.8/piggy) id OAA20166; Mon, 8 Jun 1998 14:43:02 +0300 (EEST) (envelope-from news) To: freebsd-isp@FreeBSD.ORG Subject: Re: UUCP and rnews Date: Mon, 08 Jun 1998 14:43:01 +0300 Message-ID: <357BCE45.3359@kharkiv.net> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 7bit X-Mailer: Mozilla 3.01 (X11; I; AIX 2) X-Via: News-To-Mail v1.0 From: "Vadim V. Chepkov" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Dave Smith wrote: > > > Has anyone already solved this problem, and if so how? > Hi! I made chmod g+s /usr/libexec/uucp/uuxqt and all works fine. -- Kind regards, Vadim V. Chepkov Kharkiv Online ISP ------------------------------------------------------ Vadim V. Chepkov, Kharkiv State Polytechnic University 21 Frunze Str., Kharkiv, Ukraine, 310002 Tel: +380 572 400279 Fax: +380 572 400592 e-mail: vvc@kharkiv.net http://www.kharkiv.net/~vvc ------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 06:04:26 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA08037 for freebsd-isp-outgoing; Mon, 8 Jun 1998 06:04:26 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from unix.kawartha.com (unix.kawartha.com [204.101.15.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA08021 for ; Mon, 8 Jun 1998 06:04:19 -0700 (PDT) (envelope-from paul@kawartha.com) Received: from shell.kawartha.com (shell.kawartha.com [204.101.15.43]) by unix.kawartha.com (8.8.8/8.8.7) with SMTP id JAA22215 for ; Mon, 8 Jun 1998 09:06:05 -0400 (EDT) Date: Mon, 8 Jun 1998 09:18:43 -0400 (EDT) From: Paul Stewart To: freebsd-isp@FreeBSD.ORG Subject: Thank you: routing questions Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org HI there.. just wanted to thank Mike Jenkins and the rest of the people here on the list for helping me with some routing questions I had while trying to connect some NT boxes to FreeBSD boxes using subnetting etc.. This list is great and everyone should get a BIG thank you every so often. I received so much help I couldn't find the time to respond to each one individually...:) Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 08:06:46 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA28152 for freebsd-isp-outgoing; Mon, 8 Jun 1998 08:06:46 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA28139 for ; Mon, 8 Jun 1998 08:06:37 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id QAA02688 for ; Mon, 8 Jun 1998 16:06:17 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <357BFDE8.90EE32A5@tdx.co.uk> Date: Mon, 08 Jun 1998 16:06:16 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: PPPd concurrancy / auto logout on aging 2.2.2... Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, Is there a 'simple' way of setting the kernel mode pppd to kick people off after a certain amount of time? - and to stop concurrent pppd connections (i.e. 1 user can only log in once?) I have a horrible feeling I've heard of something called idled? - which does this - I've also heard horible things about it though :-( Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 08:51:33 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA05484 for freebsd-isp-outgoing; Mon, 8 Jun 1998 08:51:33 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ns0.fast.net.uk (ns0.fast.net.uk [194.207.104.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA05455 for ; Mon, 8 Jun 1998 08:51:24 -0700 (PDT) (envelope-from netadmin@fastnet.co.uk) Received: from install.fast.net.uk (bofh.fast.net.uk [194.207.104.22]) by ns0.fast.net.uk (8.8.8/8.8.7) with ESMTP id QAA10262 for ; Mon, 8 Jun 1998 16:46:53 +0100 (BST) Received: from localhost (localhost [127.0.0.1]) by install.fast.net.uk (8.8.5/8.8.5) with SMTP id QAA10351 for ; Mon, 8 Jun 1998 16:51:18 +0100 (BST) Date: Mon, 8 Jun 1998 16:51:18 +0100 (BST) From: Jay Tribick X-Sender: netadmin@install.fast.net.uk To: freebsd-isp@FreeBSD.ORG Subject: Squid problems Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Anyone experienced this problem before with Squid (proxy server)? If so, what is it!?! If not, how do I fix it anyway!!?!: Jun 8 16:46:52 kaos squid[5482]: xmalloc: Unable to allocate 4096 bytes! Jun 8 16:47:14 kaos /kernel: pid 5482 (squid), uid 1041: exited on signal 6 Jun 8 16:47:14 kaos root: **WARNING** : Squid has died - restarting Regards, Jay Tribick [| Network Administrator | FastNet International | http://fast.net.uk/ |] [| Finger netadmin@fastnet.co.uk for contact information |] [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 09:06:49 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA08500 for freebsd-isp-outgoing; Mon, 8 Jun 1998 09:06:49 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from unix.kawartha.com (unix.kawartha.com [204.101.15.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA08476 for ; Mon, 8 Jun 1998 09:06:44 -0700 (PDT) (envelope-from paul@kawartha.com) Received: from shell.kawartha.com (shell.kawartha.com [204.101.15.43]) by unix.kawartha.com (8.8.8/8.8.7) with SMTP id MAA28936 for ; Mon, 8 Jun 1998 12:08:28 -0400 (EDT) Date: Mon, 8 Jun 1998 12:21:07 -0400 (EDT) From: Paul Stewart To: freebsd-isp@FreeBSD.ORG Subject: Configuring FreeBSD to Accept Dial-In ISDN Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi there... i have a freebsd 2.2.6 box and at this point I can get the USR Courier I-modem (ISDN 128K) to accept a dial-in call. However everytime I dial via a 33.6 Sportster to this line it answers, connects at 33.6 and then dumps a bunch of garbage onto the screen and disconnects. I did have it dial up once where I could actually log in. Help! :) My overall objective is to accept 2b channel ISDN *AND* analog connections to this modem. I've starting configuring PPP but need a regular dial-up shell account first...:) Thanks for any help, Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 09:28:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA14265 for freebsd-isp-outgoing; Mon, 8 Jun 1998 09:28:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from imap.ncsa.es (correo.nexus.es [194.179.50.6]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA14155 for ; Mon, 8 Jun 1998 09:28:07 -0700 (PDT) (envelope-from jesusr@ncsa.es) Received: from jesus.nexus.es (piolin.ncsa.es [194.179.50.134]) by imap.ncsa.es (8.8.8/8.8.8) with SMTP id SAA22846; Mon, 8 Jun 1998 18:24:01 +0200 (CEST) Reply-To: "Jesus Rodriguez" From: "Jesus Rodriguez" To: "Jay Tribick" Cc: Subject: RE: Squid problems Date: Mon, 8 Jun 1998 18:25:20 +0200 Message-ID: <01bd92fa$07bc4460$8632b3c2@jesus.nexus.es> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.71.1712.3 X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Anyone experienced this problem before with Squid (proxy server)? If so, >what is it!?! If not, how do I fix it anyway!!?!: > >Jun 8 16:46:52 kaos squid[5482]: xmalloc: Unable to allocate 4096 bytes! >Jun 8 16:47:14 kaos /kernel: pid 5482 (squid), uid 1041: exited on signal >6 >Jun 8 16:47:14 kaos root: **WARNING** : Squid has died - restarting Look at /etc/login.conf in daemon section. It's a problem in limit memory for daemons. --------------------------------------------------------- Jesus Rodriguez (jesusr@ncsa.es) Dpto. Tecnico Nexus Comunicaciones, S.A. Telf. 902-466664 --------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 09:37:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA16452 for freebsd-isp-outgoing; Mon, 8 Jun 1998 09:37:23 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from comanche.cbn.net.id (comanche.cbn.net.id [202.158.2.137]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id JAA16413 for ; Mon, 8 Jun 1998 09:37:07 -0700 (PDT) (envelope-from engel@cbn.net.id) Received: (qmail 21992 invoked from network); 8 Jun 1998 23:36:16 -0000 Received: from tomahawk.cbn.net.id (HELO cbn.net.id) (engel@202.158.2.132) by comanche.cbn.net.id with SMTP; 8 Jun 1998 23:36:16 -0000 Message-ID: <357C146F.C1EA743D@cbn.net.id> Date: Mon, 08 Jun 1998 16:42:23 +0000 From: Engelhard Reply-To: engel@cbn.net.id X-Mailer: Mozilla 4.04 [en] (X11; I; Linux 2.0.33 i586) MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: Re: Squid problems References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Jay Tribick wrote: ... > Jun 8 16:46:52 kaos squid[5482]: xmalloc: Unable to allocate 4096 bytes! > Jun 8 16:47:14 kaos /kernel: pid 5482 (squid), uid 1041: exited on signal > 6 > Jun 8 16:47:14 kaos root: **WARNING** : Squid has died - restarting > See, http://squid.nlanr.net/Squid/FAQ/FAQ-8.html#ss8.7 regards, engel. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 10:54:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA03086 for freebsd-isp-outgoing; Mon, 8 Jun 1998 10:54:48 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from kremvax.demos.su (kremvax.demos.su [194.87.0.20]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id KAA03032 for ; Mon, 8 Jun 1998 10:54:37 -0700 (PDT) (envelope-from sinbin.demos.su!bag@kremvax.demos.su) Received: by kremvax.demos.su (8.6.13/D) from 0@sinbin.demos.su [194.87.5.31] with ESMTP id VAA08052; Mon, 8 Jun 1998 21:54:04 +0400 Received: by sinbin.demos.su id VAA27173; (8.6.12/D) Mon, 8 Jun 1998 21:53:50 +0400 From: bag@sinbin.demos.su (Alex G. Bulushev) Message-Id: <199806081753.VAA27173@sinbin.demos.su> Subject: Re: Squid problems In-Reply-To: from "Jay Tribick" at "Jun 8, 98 04:51:18 pm" X-ELM-OSV: (Our standard violations) no-mime=1; no-hdr-encoding=1 To: netadmin@fastnet.co.uk (Jay Tribick) Date: Mon, 8 Jun 1998 21:53:50 +0400 (MSD) Cc: freebsd-isp@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] Content-Type: text Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Hi > > Anyone experienced this problem before with Squid (proxy server)? If so, > what is it!?! If not, how do I fix it anyway!!?!: > > Jun 8 16:46:52 kaos squid[5482]: xmalloc: Unable to allocate 4096 bytes! edit limits in /etc/login.conf for squid owner class > Jun 8 16:47:14 kaos /kernel: pid 5482 (squid), uid 1041: exited on signal > 6 > Jun 8 16:47:14 kaos root: **WARNING** : Squid has died - restarting > > Regards, > > Jay Tribick > > [| Network Administrator | FastNet International | http://fast.net.uk/ |] > [| Finger netadmin@fastnet.co.uk for contact information |] > [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 11:12:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA08436 for freebsd-isp-outgoing; Mon, 8 Jun 1998 11:12:48 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from bmccane.maxbaud.net (bmccane-ppp.maxbaud.net [208.155.166.81]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA08382 for ; Mon, 8 Jun 1998 11:12:41 -0700 (PDT) (envelope-from root@bmccane.maxbaud.net) Received: from localhost (root@localhost) by bmccane.maxbaud.net (8.8.8/8.8.8) with SMTP id NAA10668 for ; Mon, 8 Jun 1998 13:12:33 -0500 (CDT) (envelope-from root@bmccane.maxbaud.net) Date: Mon, 8 Jun 1998 13:12:29 -0500 (CDT) From: Wm Brian McCane To: isp@FreeBSD.ORG Subject: apache configuration Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greetings, I have looked at the apache documentation, but I guess I just don't see it. How do I set up apache to have a shared directory '/global/cgi-bin' that all of my customers can use, with generic functions for counters, etc. My attempts have only succeeded in disabling cgi scripts in '/cgi-bin/' for everyone so far 8). brian +-----------------------------------+------------------------------------------+ He rides a cycle of mighty days, and \ Wm Brian and Lori McCane represents the last great schizm among\ McCane Consulting the gods. Evil though he obviously is, \ root@bmccane.cavtech.com he is a mighty figure, this father of \ http://bmccane.cavtech.com/ my spirit, and I respect him as the sons \ http://bmccane.cavtech.com/~pictures/ of old did the fathers of their bodies. \ http://bmccane.cavtech.com/~bmccane/ Roger Zelazny - "Lord of Light" \ +-------------------------------------------+----------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 11:42:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA15022 for freebsd-isp-outgoing; Mon, 8 Jun 1998 11:42:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ravel.n2.net (dsmith@ravel.n2.net [207.113.132.20]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA14861 for ; Mon, 8 Jun 1998 11:42:04 -0700 (PDT) (envelope-from dsmith@ravel.n2.net) Received: (from dsmith@localhost) by ravel.n2.net (8.8.6/8.8.6) id LAA22014; Mon, 8 Jun 1998 11:37:59 -0700 (PDT) Message-ID: <19980608113759.26033@n2.net> Date: Mon, 8 Jun 1998 11:37:59 -0700 From: Dave Smith To: "Vadim V. Chepkov" Cc: freebsd-isp@FreeBSD.ORG Subject: Re: UUCP and rnews Reply-To: support@n2.net References: <357BCE45.3359@kharkiv.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.76 In-Reply-To: <357BCE45.3359@kharkiv.net>; from Vadim V. Chepkov on Mon, Jun 08, 1998 at 02:43:01PM +0300 X-Organization: N2 Networking Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, Jun 08, 1998 at 02:43:01PM +0300, Vadim V. Chepkov wrote: > Dave Smith wrote: > > > > Has anyone already solved this problem, and if so how? > > > Hi! > > I made > > chmod g+s /usr/libexec/uucp/uuxqt > > and all works fine. > > -- > > Kind regards, > Vadim V. Chepkov > Kharkiv Online ISP I don't quite understand how this could fix the problem. If the group on the uuxqt file is uucp, then this would make the program a member of the "uucp" group. I am willing to try it, but I am skeptical about whether this can solve this problem. The problem as I see it is that the rnews program is running as a separate process as user "news" and group "news" which does not have permission to read the file. What user, group, and permissions are on the uuxqt file? What user, group, and permissions are on the rnews file? What are the entries in the group file for uucp and news? Thanks, Dave -- -------------------------------------------------------------------------- Dave Smith e-mail: dsmith@n2.net Voice: (619)694-8540 N2 Networking FAX: (619)694-0220 -------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 12:14:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA22023 for freebsd-isp-outgoing; Mon, 8 Jun 1998 12:14:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from marlin.corp.gulf.net (root@marlin.corp.gulf.net [198.69.72.17]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA21992 for ; Mon, 8 Jun 1998 12:14:28 -0700 (PDT) (envelope-from tbackman@corp.gulf.net) Received: from marlin.corp.gulf.net (tbackman@marlin.corp.gulf.net [206.105.61.2]) by marlin.corp.gulf.net (8.8.8/8.8.5) with SMTP id OAA17862 for ; Mon, 8 Jun 1998 14:12:22 -0500 (CDT) Date: Mon, 8 Jun 1998 14:12:22 -0500 (CDT) From: Todd Backman To: freebsd-isp@FreeBSD.ORG Subject: Transition from BSDI Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Anyone have any experience porting to FreeBSD from BSDI? Just looking out for "GOTCHAS" experienced during the transition. Thanks in advance. ===================================================================== Todd Backman (tbackman@corp.gulf.net) Network Engineering Team Leader Systems/POP Administration Gulf Coast Internet Company 1-800-444-INET To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 14:38:10 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA13644 for freebsd-isp-outgoing; Mon, 8 Jun 1998 14:38:10 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from databus.databus.com (databus.databus.com [198.186.154.34]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id OAA13587 for ; Mon, 8 Jun 1998 14:37:52 -0700 (PDT) (envelope-from barney@databus.databus.com) From: Barney Wolff To: freebsd-isp@FreeBSD.ORG Date: Mon, 8 Jun 1998 17:23 EDT Subject: Re: how does PPP CHAP work ? Content-Type: text/plain Message-ID: <357c59a20.6c5d@databus.databus.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org There is much confusion here. If Radius server's user file contains the user's actual password, either in clear text or in reversably encrypted form, CHAP will work fine. If you are using the Unix passwd file to authenticate, CHAP will not work, because the server needs the actual password to check the CHAP response. In the freely available Livingston-based (1.16) Radius server, there is no distinction in the users file for PAP or CHAP authentication, and a given user can be authenticated either way (not recommended, but sometimes convenient). Quite separate from this, some cisco routers do bidirectional authentication when connecting. Nothing in standard Radius gives any way to specify how the NAS should respond if the caller wants to authenticate the NAS. By the time a Radius request comes to the server, the decision of PAP/CHAP has already been made, by LCP negotiation between the NAS and the caller. Microsoft clients can use either standard CHAP or MS-CHAP. RAS, as a dialin server, uses MS-CHAP by default and will not work with a standard Radius server. That's changed in NT 5 (some service pack) so that NT can be configured to proxy to a standard Radius server, provided the server is right up-to-date. For example, NT sends the CHAP challenge as a Radius attribute rather than in the Authenticator. Legal, but an old Radius server won't like it. Barney Wolff To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 14:55:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA16776 for freebsd-isp-outgoing; Mon, 8 Jun 1998 14:55:29 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smack.my.bitch.up.fast.net.uk (smack.my.bitch.up.fast.net.uk [194.207.104.143]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA16739 for ; Mon, 8 Jun 1998 14:55:12 -0700 (PDT) (envelope-from netadmin@fastnet.co.uk) Received: from localhost (localhost [127.0.0.1]) by smack.my.bitch.up.fast.net.uk (8.8.8/8.8.8) with SMTP id WAA10251 for ; Mon, 8 Jun 1998 22:49:57 GMT (envelope-from netadmin@fastnet.co.uk) Date: Mon, 8 Jun 1998 22:49:40 +0000 (GMT) From: Jay Tribick X-Sender: netadmin@smack.my.bitch.up.fast.net.uk To: freebsd-isp@FreeBSD.ORG Subject: NFS Lockups Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hi First machine Pentium II 266mhz 128meg RAM FreeBSD 2.2.5 DPT RAID Cacheing Controller Card (SMART) - 64meg Cache RAM DPT RAID 5 Array (20gig, 16.4gig Useable) FreeBSD 2.2.5 NFS Server Second machine & Third machine Pentium II 266mhz 128meg RAM FreeBSD 2.2.6 NFS client Every so often the first machine seems to lock up, it's generally down to when I'm playing with something like quota's etc. but it has happened on it's own once or twice. Has anyone else experienced similar? The system locks up and because the drive is exported and mounted on many different machines those machines fall over as well. It's bloody annoying :-/ I realise mounting the drive as soft on the NFS client machines would stop /those/ falling over but I'd prefer to stop it crashing all together. I'm having a hard time getting the first machine to have an uptime in excess of 14days! There's quite a bit of traffic going between the machines but they are on their own switched 100mbps hub, the above machines act as squid proxy servers with all the cache information stored on the array in seperate directories and linked as a sibling hierarchy to a parent upstream from us. Regards, Jay Tribick [| Network Administrator | FastNet International | http://fast.net.uk/ |] [| PGPv5 RSA Key Available [2047bit] | Finger netadmin@fastnet.co.uk |] [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] [| ----={ PGPv5 Fingerprint := FA690E7762F0E62F38C6052CC387FFF3 }=---- |] -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i Charset: noconv iQEVAwUBNXxqkKzkshzbRjpTAQEjBwf+J0HXHhn3DYmsBQiVqFKd7jwWmTAA/nWa SHnZPdjoSjvRD6ixNgcEVYrqh+P4ju9GmSw46EjwU128hMNDXNi6YfIjMR5miUg4 8Acvuk8bAIz4vaRLYztSbBw+o+AEYPvM5hk9Psb9z4jCrBBPfZ6C47jMvonEwtQp 1+YlSFtbMNmysDfO3UJ+Poa1/K3yLFKhw5cE12Hr2Vm0WNzUhv9HrIN/r1na7UEs hX1hrmCBOtY/9BIDuYe9UK1abXKFQZW42UnvmWe8E+lG5Q3E7Tf5q5sw9AP5aIim EeIg7rAgyyNMwO0vfZ0emZhgfxGe0/IRDRtPCHI0YUwWB7UI+oQxlA== =lVI6 -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 15:23:06 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA22861 for freebsd-isp-outgoing; Mon, 8 Jun 1998 15:23:06 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from db1.icorp.net ([204.107.221.100]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA22849 for ; Mon, 8 Jun 1998 15:23:02 -0700 (PDT) (envelope-from mlistbsd@icorp.net) Received: from m (p319.accesscom.net [204.181.189.19]) by db1.icorp.net (8.8.6/8.8.6) with SMTP id WAA10521; Mon, 8 Jun 1998 22:21:54 GMT Message-Id: <3.0.1.32.19980608172131.006dcac8@icorp.net> X-Sender: mlistbsd@icorp.net X-Mailer: Windows Eudora Pro Version 3.0.1 (32) Date: Mon, 08 Jun 1998 17:21:31 -0500 To: Wm Brian McCane , isp@FreeBSD.ORG From: MP Subject: Re: apache configuration In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:12 PM 6/8/98 -0500, Wm Brian McCane wrote: >Greetings, > > I have looked at the apache documentation, but I guess I just >don't see it. How do I set up apache to have a shared directory >'/global/cgi-bin' that all of my customers can use, with generic >functions for counters, etc. My attempts have only succeeded in disabling >cgi scripts in '/cgi-bin/' for everyone so far 8). 1. Put the ScriptAlias directive outside of any constraint so it's global. 2. Make sure there is no filename conflict - you likely can't have: /cgi-bin and /global/cgi-bin coexist in the same configuration without problems, so I'd recommend using a different ScriptAlias such as: ScriptAlias /run/ /global/cgi-bin/ and tell your users to specify "/run/" as the cgi-bin directory for global scripts. Alternatively, you might be able to get away with something like: ScriptAlias /global /global/cgi-bin then create a subdirectory in global called "cgi-bin" and place your scripts there, but this is problemmatic, and may not work (haven't tested it). Hope this helps. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 16:36:43 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA06413 for freebsd-isp-outgoing; Mon, 8 Jun 1998 16:36:43 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ra.nilenet.com (mtd@ra.nilenet.com [204.227.31.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA06406 for ; Mon, 8 Jun 1998 16:36:39 -0700 (PDT) (envelope-from mtd@ra.nilenet.com) Received: from localhost (mtd@localhost) by ra.nilenet.com (8.8.8/8.6.12) with SMTP id RAA18846 for ; Mon, 8 Jun 1998 17:35:26 -0600 (MDT) Date: Mon, 8 Jun 1998 17:35:18 -0600 (MDT) From: Mitch Dailey To: freebsd-isp@FreeBSD.ORG Subject: Routing help? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We just recently added a second backbone connection for a customer, but are having some problems with the routing. Here's how it's setup. T1A comes from provider 1 and is connected to a Cisco 2501 which is inturn connected to a switch. T1B comes from provider 2 and is connected to a Livingston OR-HS. T1A is the default route for all machines on the network. The trouble is that we've got a FreeBSD box with 2 10BT ethernet ports on it. the first port is connected to the switch that the 2501 is connected to. the second port is connected via a crossconnect cable to the Livingston OR-HS. When we try to ping the 2nd ethernet interface (via T1B) we don't get a response. I assume that the problem is caused by packets coming in on the 2nd interface, but that the default route on the box points to the 1st interface and that's where the packets are going out of to get back to the originating host. Am I right? Is there a way to get around this, or do I just need to setup another box dedicated to this one T1? Thanks in advance... ---------------------------+------------------------+--------------------------- Mitch Dailey | mtd@nilenet.com |UNIX System Administration Vice President | voice: (303) 825-1950 |Network Administration NileNet, Ltd. | fax: (303) 893-0579 |Technical Support ---------------------------+------------------------+--------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 18:12:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA18966 for freebsd-isp-outgoing; Mon, 8 Jun 1998 18:12:23 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gatekeeper.tsc.tdk.com (root@gatekeeper.tsc.tdk.com [207.113.159.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA18889 for ; Mon, 8 Jun 1998 18:12:15 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from sunrise.gv.tsc.tdk.com (root@sunrise.gv.tsc.tdk.com [192.168.241.191]) by gatekeeper.tsc.tdk.com (8.8.8/8.8.8) with ESMTP id SAA16467; Mon, 8 Jun 1998 18:10:01 -0700 (PDT) (envelope-from gdonl@tsc.tdk.com) Received: from salsa.gv.tsc.tdk.com (salsa.gv.tsc.tdk.com [192.168.241.194]) by sunrise.gv.tsc.tdk.com (8.8.5/8.8.5) with ESMTP id SAA25882; Mon, 8 Jun 1998 18:10:00 -0700 (PDT) Received: (from gdonl@localhost) by salsa.gv.tsc.tdk.com (8.8.5/8.8.5) id SAA19811; Mon, 8 Jun 1998 18:09:59 -0700 (PDT) From: Don Lewis Message-Id: <199806090109.SAA19811@salsa.gv.tsc.tdk.com> Date: Mon, 8 Jun 1998 18:09:58 -0700 In-Reply-To: Palle Girgensohn "Re: nightly security run" (Jun 7, 8:18pm) X-Mailer: Mail User's Shell (7.2.6 alpha(3) 7/19/95) To: Palle Girgensohn , Wm Brian McCane Subject: Re: nightly security run Cc: isp@FreeBSD.ORG Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Jun 7, 8:18pm, Palle Girgensohn wrote: } Subject: Re: nightly security run } Hello Brian, } } Check out /etc/security. In there, there is a code snippet thar runs the } find command: } } MP=`mount -t ufs | grep -v " nosuid" | sed 's;/dev/;&r;' | awk '{ print } $3 }'` } set $MP } while test $# -ge 1; do } mount=$1 } shift } find $mount -xdev -type f \ } \( -perm -u+x -or -perm -g+x -or -perm -o+x \) \ } \( -perm -u+s -or -perm -g+s \) -print0 } done | xargs -0 -n 20 ls -lTd | sort +9 > $TMP } } } I suggest adding | grep -v "mount point of news..." to the first line if } you have news on it's own partition, which I suppose you do, considering } the size... :) } I guess there are a bunch of ways to do it. I'd recommend mounting that filesystem (and any other filesystems that shouldn't contain suid executables) nosuid. Then you don't have to tweak /etc/security and the security of your system is enhanced because crackers have fewer places to hide suid executables. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 18:55:57 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA28659 for freebsd-isp-outgoing; Mon, 8 Jun 1998 18:55:57 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gate.gateway.net.hk (qmailr@home.gateway.net.hk [202.76.19.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id SAA28629 for ; Mon, 8 Jun 1998 18:55:53 -0700 (PDT) (envelope-from bmf@gate.gateway.net.hk) Received: (qmail 9859 invoked by uid 653); 9 Jun 1998 01:55:51 -0000 Date: Tue, 9 Jun 1998 09:55:51 +0800 (CST) From: Bo Fussing To: IBS / Andre Oppermann cc: Andreas Klemm , isp@FreeBSD.ORG Subject: Re: how does PPP CHAP work ? In-Reply-To: <357BCA02.2F008019@pipeline.ch> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, If you are thinking of using CHAP because it is more secure - this is not really warranted unless you are worried that people are monitoring your phone lines. All terminal servers that support PAP will encrypt at least the password when transmitting a request to a RADIUS server, version 2.x of RADIUS does both user ID and password. If you are paranoid you can filter out the port that RADIUS runs on so only your terminal and RADIUS servers can talk to each other. Another point of note, having worked on dial-in scripts for global roaming through hundreds of different POPs of various ISPs, I think it was only one provider that supported CHAP, the rest PAP. I think it is only the corporate world that uses CHAP and then there are more secure methods than that e.g. one time password generators.... Regards, Bo Fussing To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Jun 8 23:06:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA09176 for freebsd-isp-outgoing; Mon, 8 Jun 1998 23:06:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ravel.n2.net (dsmith@ravel.n2.net [207.113.132.20]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA09156 for ; Mon, 8 Jun 1998 23:06:22 -0700 (PDT) (envelope-from dsmith@ravel.n2.net) Received: (from dsmith@localhost) by ravel.n2.net (8.8.6/8.8.6) id XAA06576; Mon, 8 Jun 1998 23:05:02 -0700 (PDT) From: Dave Smith Message-Id: <199806090605.XAA06576@ravel.n2.net> Subject: Re: UUCP and rnews In-Reply-To: <19980608113759.26033@n2.net> from Dave Smith at "Jun 8, 98 11:37:59 am" To: vvc@kharkiv.net Date: Mon, 8 Jun 1998 23:05:02 -0700 (PDT) Cc: freebsd-isp@FreeBSD.ORG Reply-To: support@n2.net X-Mailer: ELM [version 2.4ME+ PL31H (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have made the change you suggested and it does not work. I suspect your answers to the other questions may help me figure out the proper solution to the problem. Thanks, Dave Smith > On Mon, Jun 08, 1998 at 02:43:01PM +0300, Vadim V. Chepkov wrote: > > Dave Smith wrote: > > > > > > Has anyone already solved this problem, and if so how? > > > > > Hi! > > > > I made > > > > chmod g+s /usr/libexec/uucp/uuxqt > > > > and all works fine. > > > > -- > > > > Kind regards, > > Vadim V. Chepkov > > Kharkiv Online ISP > > > I don't quite understand how this could fix the problem. If the > group on the uuxqt file is uucp, then this would make the program a > member of the "uucp" group. I am willing to try it, but I am skeptical > about whether this can solve this problem. > > The problem as I see it is that the rnews program is running as a > separate process as user "news" and group "news" which does not > have permission to read the file. > > What user, group, and permissions are on the uuxqt file? > > What user, group, and permissions are on the rnews file? > > What are the entries in the group file for uucp and news? > > Thanks, > Dave > > -- > -------------------------------------------------------------------------- > Dave Smith e-mail: dsmith@n2.net > Voice: (619)694-8540 > N2 Networking FAX: (619)694-0220 > -------------------------------------------------------------------------- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 01:55:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id BAA28880 for freebsd-isp-outgoing; Tue, 9 Jun 1998 01:55:09 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ms.lawton.com.cn ([202.96.242.129]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA28822; Tue, 9 Jun 1998 01:55:00 -0700 (PDT) (envelope-from haifeng@ms.lawton.com.cn) Received: from jianping ([202.96.242.251]) by ms.lawton.com.cn (8.8.7/8.8.7) with SMTP id QAA03462; Tue, 9 Jun 1998 16:57:14 +0800 (CST) (envelope-from haifeng@ms.lawton.com.cn) Message-ID: <000901bd937b$c4d44cb0$fbf260ca@jianping.lawton.com.cn> From: "Haifeng" To: Cc: Subject: how about the Five-In-A-Row server Date: Tue, 9 Jun 1998 16:54:02 +0900 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0006_01BD93C7.34A8E1E0" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0006_01BD93C7.34A8E1E0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Hi guys: where can I get a five in a row server or named renju server for = freebsd. ------=_NextPart_000_0006_01BD93C7.34A8E1E0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hi guys:
 
where can I get a five in a row server or named = renju server=20 for freebsd.
------=_NextPart_000_0006_01BD93C7.34A8E1E0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 05:36:50 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA06632 for freebsd-isp-outgoing; Tue, 9 Jun 1998 05:36:50 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from cominter.comliet.lt ([193.219.244.194]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA06523 for ; Tue, 9 Jun 1998 05:36:36 -0700 (PDT) (envelope-from art@comliet.lt) Received: from comliet.lt (localhost.comliet.lt [127.0.0.1]) by cominter.comliet.lt (8.8.8/8.8.7) with ESMTP id OAA08807 for ; Tue, 9 Jun 1998 14:37:02 +0300 (EEST) (envelope-from art@comliet.lt) Message-ID: <357D1E5D.8991B05B@comliet.lt> Date: Tue, 09 Jun 1998 11:37:02 +0000 From: Arturas Sileikis X-Mailer: Mozilla 4.04 [en] (X11; I; FreeBSD 2.2.5-STABLE i386) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: maillog file question Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I find this error in maillog file: Jun 9 09:09:31 servername mail.local: temporary file write error Can anybody describe it. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 05:42:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA09074 for freebsd-isp-outgoing; Tue, 9 Jun 1998 05:42:29 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from magicnet.magicnet.net (root@magicnet.magicnet.net [204.96.116.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA09034 for ; Tue, 9 Jun 1998 05:42:23 -0700 (PDT) (envelope-from bill@bilver.magicnet.net) Received: from bilver.magicnet.net (uucp@localhost) by magicnet.magicnet.net (8.8.6/8.8.8) with UUCP id IAA09445 for freebsd-isp@freebsd.org; Tue, 9 Jun 1998 08:38:29 -0400 (EDT) Received: (from bill@localhost) by bilver.magicnet.net (8.8.5/8.7.3) id IAA12528 for freebsd-isp@freebsd.org; Tue, 9 Jun 1998 08:20:10 -0400 (EDT) From: Bill Vermillion Message-Id: <199806091220.IAA12528@bilver.magicnet.net> Subject: Re: UUCP and rnews In-Reply-To: <199806090605.XAA06576@ravel.n2.net> from Dave Smith at "Jun 8, 98 11:05:02 pm" To: freebsd-isp@FreeBSD.ORG Date: Tue, 9 Jun 1998 08:20:09 -0400 (EDT) X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Recently Dave Smith said: > > I have made the change you suggested and it does not work. > > I suspect your answers to the other questions may help me figure > out the proper solution to the problem. > > Thanks, > Dave Smith > > > On Mon, Jun 08, 1998 at 02:43:01PM +0300, Vadim V. Chepkov wrote: > > > Dave Smith wrote: > > > > Has anyone already solved this problem, and if so how? I didn't recall the orignal question but I stared with 'b' news in 1986, move to 'c' news in 1980, and put it up on FreeBSD after the old Esix system died after 7 years. Someone else said: > > > I made > > > chmod g+s /usr/libexec/uucp/uuxqt > > > and all works fine. That's only one thing. Someone else said this - and the part of the message is refers to is gone. > > I don't quite understand how this could fix the problem. If the > > group on the uuxqt file is uucp, then this would make the program a > > member of the "uucp" group. I am willing to try it, but I am skeptical > > about whether this can solve this problem. uuqxt is supposed to have these permissions. -r-sr-x--- 1 uucp uucp 90112 Apr 1 1997 /usr/libexec/uucp/uuxqt It is supposed to run 'suid' as uucp - which is more of the key to the story than group ownership > > The problem as I see it is that the rnews program is running as a > > separate process as user "news" and group "news" which does not > > have permission to read the file. That is where your system an mine differ. lrwxr-xr-x 1 bin bin 36 Mar 15 11:28 /usr/local/bin/rnews -> /usr/local/news/cnewsbin/input/rnews -rwxr-xr-x 1 bin bin 1987 Mar 13 1997 /usr/local/news/cnewsbin/input/rnews As you will note this is set to 'bin' on this system. In the cnewsbin/input file the only file 'not' set to bin is 'newspool' which is set to news. It's been quite a while since I've installed all of this but there are choices to be made during the compile on what users run what. I also recall there were about 3 steps after compile that set proper permissions. There are tests that are there that can be run after compilation to check on proper operation. Gawd - I remeber 3 HOUR compiles in the days of 6MHz 68000s. Now if you make a mistake you can redo everything in a fairly short time. > > What are the entries in the group file for uucp and news? uucp is 66, news is 8 Bill -- bill@bilver.magicnet.net | bill@bilver.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 07:49:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA09065 for freebsd-isp-outgoing; Tue, 9 Jun 1998 07:49:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from bmccane.maxbaud.net (ppp.maxbaud.net [208.155.166.81] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA08921; Tue, 9 Jun 1998 07:48:37 -0700 (PDT) (envelope-from root@bmccane.maxbaud.net) Received: from localhost (root@localhost) by bmccane.maxbaud.net (8.8.8/8.8.8) with SMTP id JAA11253; Tue, 9 Jun 1998 09:48:19 -0500 (CDT) (envelope-from root@bmccane.maxbaud.net) Date: Tue, 9 Jun 1998 09:48:17 -0500 (CDT) From: Wm Brian McCane To: isp@FreeBSD.ORG cc: current@FreeBSD.ORG Subject: Radius login via getty Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Greetings, Sorry for the cross post, but this seems to apply to both groups. I seem to remember that someone was working on a radius compliant version of getty or mgetty for building small TAs. Has that ever been finished? brian +-----------------------------------+------------------------------------------+ He rides a cycle of mighty days, and \ Wm Brian and Lori McCane represents the last great schizm among\ McCane Consulting the gods. Evil though he obviously is, \ root@bmccane.cavtech.com he is a mighty figure, this father of \ http://bmccane.cavtech.com/ my spirit, and I respect him as the sons \ http://bmccane.cavtech.com/~pictures/ of old did the fathers of their bodies. \ http://bmccane.cavtech.com/~bmccane/ Roger Zelazny - "Lord of Light" \ +-------------------------------------------+----------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 08:42:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA21838 for freebsd-isp-outgoing; Tue, 9 Jun 1998 08:42:22 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from hub.org (hub.org [209.47.148.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA21714; Tue, 9 Jun 1998 08:41:36 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by hub.org (8.8.8/8.7.5) with SMTP id LAA12403; Tue, 9 Jun 1998 11:41:28 -0400 (EDT) Date: Tue, 9 Jun 1998 11:41:28 -0400 (EDT) From: The Hermit Hacker To: Wm Brian McCane cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 9 Jun 1998, Wm Brian McCane wrote: > Greetings, > > Sorry for the cross post, but this seems to apply to both groups. > I seem to remember that someone was working on a radius compliant > version of getty or mgetty for building small TAs. Has that ever been > finished? There is a pam_radius module out there, if you get the PAM stuff installed on your system. I'm running it successfully under Solaris 2.6 ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 11:07:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA26776 for freebsd-isp-outgoing; Tue, 9 Jun 1998 11:07:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from skyserv.med.osd.mil (skyserv.med.osd.mil [199.209.8.144]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id LAA26757 for ; Tue, 9 Jun 1998 11:07:37 -0700 (PDT) (envelope-from rpotts@med.osd.mil) Received: from 161.14.168.22 (ae1970.med.osd.mil [161.14.168.22]) by skyserv.med.osd.mil (8.6.8.1/SCA-6.6) with SMTP id OAA22726 for ; Tue, 9 Jun 1998 14:07:26 -0400 From: "Ross Potts, CON, EDS/D-SIDDOMS" Message-Id: <9806091404.ZM-17311@161.14.168.22> Date: Tue, 9 Jun 1998 14:04:09 -0700 X-Mailer: ZM-Win (3.2.1 11Sep94) To: FreeBSD-ISP@FreeBSD.ORG Subject: Tracking Downloads Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I want to track downloads of installation software that my group is distributing through ftp links on the web. I am running FreeBSD 2.2.6-R with the included Apache server. Are there CGIs available to gather info(like registration stuff). How difficult is it to write a CGI? I'd be distributing to a few really clueless folks, so, if there is also a way to push the files directly to a floppy without user interference, I'd appreciate tossing a bone my way. -- Potts, Ross A. Internet : Ross.Potts@med.osd.mil EDS-D/SIDDOMS Phone : (703) 824-7601 Skyline Two, Suite 1200 Beeper : (888) 687-2709 5113 Leesburg Pike, FAX : (703) 824-4155 Falls Church, VA 22041 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 13:25:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA26482 for freebsd-isp-outgoing; Tue, 9 Jun 1998 13:25:20 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from sasami.jurai.net (winter@sasami.jurai.net [207.153.65.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA26416; Tue, 9 Jun 1998 13:25:03 -0700 (PDT) (envelope-from winter@jurai.net) Received: from localhost (winter@localhost) by sasami.jurai.net (8.8.8/8.8.7) with SMTP id QAA27541; Tue, 9 Jun 1998 16:24:22 -0400 (EDT) Date: Tue, 9 Jun 1998 16:24:21 -0400 (EDT) From: "Matthew N. Dodd" To: The Hermit Hacker cc: Wm Brian McCane , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 9 Jun 1998, The Hermit Hacker wrote: > There is a pam_radius module out there, if you get the PAM stuff > installed on your system. I'm running it successfully under Solaris 2.6 Touching on this subject was a previous discussion of policy based login handeling. (when/where/method based restrictions) Was there ever a design proposal submited? We have a number of different combinations to resolve and a solution that is configurable not unlike IPFW (rule chains) might be a win. Time based restrictions: window access - logins are allowed during specified 'windows' ie: 9am to 5pm metered access - sessions debit against a 'units of time' over 'units of time' quota ie: 40 hours a week, or 2 hours a day or 10 hours a week and no more than 3 hours a day. This sort of limitation will probably be low on the list of things to address as it is fairly complex and requires keeping track of state (and requires tools to manage that state). Local/remote login restrictions: Local - devices local to this system. Where local may or may not be an arbitrary qualifier ie: directly attached (console, serial ttys.), this imediate network, these specific IP addresses etc. Remote - devices remote to this system. Again arbitrary but may be implicately those devices that are not covered by the 'local' case. Secure/insecure restrictions: secure - method is 'secure'. May be arbitrary or not. Probably denotes that traffic may be difficult to impossible to intercept. insecure - method is 'insecure' . Again arbitrary but may be implicately cases not covered by the 'secure' case. We've got a number of different authentication systems to choose from as well (and must take into account their needs.) - flatfile username/password (normal, default fallback etc) - YP/NIS - NIS+ - S/Key - .rhosts - RSA (via ssh) - Kerberos 4 - Kerberos 5 - Radius - LDAP? - External database/flatfile etc? - ACE/SecureID and others I'm probably forgetting. We've got a number of authentication consumers as well: login SSH ftp pop3 imap httpd XDM xlock etc... again others that I'm probably forgetting. If anyone with VMS or Novell Netware experience would like to add their opinions about tho options provided by those systems for this sort of thing I'm sure it would benefit this discussion. I think the only thing we really agree on is the ability to authenticat against /etc/passwd (well, however you hash it) is a must. This allows access under single user mode and as a fallback for local logins. Using shared libraries for implementing this should not be a problem so long as we are able to dlopen() them from static binaries. (Or we simply not reference /bin and /sbin once the system is multiuser and rely on dynamic versions of the programs in /bin and /sbin to be installed in /usr/sbin and /usr/bin). Comments? How do we configure it? How do we manage it? How do we audit it? What interfaces must be defined? Will those interfaces allow for arbitrary challenge/response? ... /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 18:56:42 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA23323 for freebsd-isp-outgoing; Tue, 9 Jun 1998 18:56:42 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from lily.ezo.net (root@lily.ezo.net [206.102.130.13]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA23306 for ; Tue, 9 Jun 1998 18:56:38 -0700 (PDT) (envelope-from jflowers@ezo.net) Received: from violet.eznets.canton.oh.us (p123.ezo.net [206.102.130.55]) by lily.ezo.net (8.8.7/8.8.7) with SMTP id VAA05202; Tue, 9 Jun 1998 21:53:10 -0400 (EDT) From: "Jim Flowers" To: "Bernie Doehner" , Subject: Re: 900 MHz. ISA full height wavelan cards. Date: Tue, 9 Jun 1998 21:53:57 -0400 Message-ID: <01bd9412$a1e05e00$8a8266ce@violet.eznets.canton.oh.us> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.71.1712.3 X-MimeOLE: Produced By Microsoft MimeOLE V4.71.1712.3 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'll buy these if they're still for sale. Please contact me at jflowers@ezo.net with payment method, etc. -----Original Message----- From: Bernie Doehner To: isp@FreeBSD.ORG Date: Thursday, June 04, 1998 10:42 PM Subject: 900 MHz. ISA full height wavelan cards. >Is there anyone interested in the old 900 MHz. NCR Wavelan cards? > >I am selling 3 for $100 each. > >Bernie > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 19:37:02 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA29909 for freebsd-isp-outgoing; Tue, 9 Jun 1998 19:37:02 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gate.gateway.net.hk (qmailr@home.gateway.net.hk [202.76.19.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA29887 for ; Tue, 9 Jun 1998 19:36:55 -0700 (PDT) (envelope-from bmf@gate.gateway.net.hk) Received: (qmail 11313 invoked by uid 653); 10 Jun 1998 02:36:52 -0000 Date: Wed, 10 Jun 1998 10:36:52 +0800 (CST) From: Bo Fussing To: Wm Brian McCane cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Brian, On Tue, 9 Jun 1998, Wm Brian McCane wrote: > Greetings, > > Sorry for the cross post, but this seems to apply to both groups. > I seem to remember that someone was working on a radius compliant > version of getty or mgetty for building small TAs. Has that ever been > finished? I think you are looking for portslave which is a getty using RADIUS for authentication. You can find it at: http://portslave.mnic.net/ Regards, Bo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Jun 9 22:52:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA00419 for freebsd-isp-outgoing; Tue, 9 Jun 1998 22:52:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ca2.saca.net (ca2.saca.net [196.36.60.40]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id WAA00413 for ; Tue, 9 Jun 1998 22:52:36 -0700 (PDT) (envelope-from bertus@saca.net) Received: from saca.net by ca2.saca.net (SMI-8.6/SMI-SVR4) id HAA25481; Wed, 10 Jun 1998 07:52:02 +0200 Message-ID: <357E20BB.FC6CE3CB@saca.net> Date: Wed, 10 Jun 1998 07:59:23 +0200 From: Bertus Pretorius Organization: SACA X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: Looking for a commandline S/MIME client Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I'm looking for a commandline S/MIME client. Searches only yielded non-freeware USA only non-FreeBSD applications with many more features. Thanx -- These are my biased opinions and do not represent SACA nor PQ Holdings Bertus Pretorius, 083 303-1812, bertus@saca.net The South African Certification Agency, www.saca.net SACA is part of Persetel Q-Data Holdings, www.pqholdings.com ----------- A smile is the same in all languages ----------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 02:37:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA08293 for freebsd-isp-outgoing; Wed, 10 Jun 1998 02:37:13 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from noc.icn.gov.ru ([194.226.94.9]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA08258 for ; Wed, 10 Jun 1998 02:37:04 -0700 (PDT) (envelope-from root@noc.icn.gov.ru) Received: from noc.icn.gov.ru (localhost.icn.gov.ru [127.0.0.1]) by noc.icn.gov.ru (8.8.7/8.8.7) with SMTP id NAA01221 for ; Wed, 10 Jun 1998 13:35:37 +0400 (MSD) (envelope-from root@noc.icn.gov.ru) Message-ID: <357E5369.41C67EA6@noc.icn.gov.ru> Date: Wed, 10 Jun 1998 09:35:37 +0000 From: ICN administrator X-Mailer: Mozilla 3.01 (X11; I; FreeBSD 2.2.5-RELEASE i386) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: Sorry, but it concerns NT Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Sorry for non-FreeBSD question, but it seems to be ISP-related one. And i like FreeBSD people. I need to connect two LANs (say two class C networks 192.168.1.0 and 192.168.2.0 ) through corporate IP crowd. There is no problem of routing, security ,etc. The problem is : those LANs are NT domains (say Domain1 and Domain2) . And though there are trusted relations between the domains, and any machine in Domain1 can find and connect to any machine in Domain2, the former machine cannot get the list of Domain2 in its neighbourhood and vice versa. And what stroke me most - the Microsoft people in my location can not resolve the problem, i thought it would be a snap for them. FreeBSD crowd is my last hope. Igor Travkin ICN adminstrator To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 03:28:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA21644 for freebsd-isp-outgoing; Wed, 10 Jun 1998 03:28:38 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gate.gateway.net.hk (qmailr@home.gateway.net.hk [202.76.19.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id DAA21639 for ; Wed, 10 Jun 1998 03:28:36 -0700 (PDT) (envelope-from bmf@gate.gateway.net.hk) Received: (qmail 19390 invoked by uid 653); 10 Jun 1998 10:28:34 -0000 Date: Wed, 10 Jun 1998 18:28:34 +0800 (CST) From: Bo Fussing To: ICN administrator cc: isp@FreeBSD.ORG Subject: Re: Sorry, but it concerns NT In-Reply-To: <357E5369.41C67EA6@noc.icn.gov.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Igor, > Sorry for non-FreeBSD question, but it seems to be ISP-related one. And > i like FreeBSD people. Oh dear me, sounds like you should convince your boss to ditch the NT systems and run FreeBSD - perhaps with SAMBA for NT like file and printer sharing. > I need to connect two LANs (say two class C networks 192.168.1.0 and > 192.168.2.0 ) through corporate IP crowd. There is no problem of > routing, security ,etc. The problem is : those LANs are NT domains (say > Domain1 and Domain2) . And though there are trusted relations between > the domains, and any machine in Domain1 can find and connect to any > machine in Domain2, the former machine cannot get the list of Domain2 in > its neighbourhood and vice versa. You need to use WINS since the standard brain dead way for NT/Windows to discover other hosts on the network is to broadcast over the local subnet. Anything on other subnets is therefore unknown. Use the online documentation provided with NT to work out how this is set up. > And what stroke me most - the Microsoft people in my location can not > resolve the problem, i thought it would be a snap for them. Frightening thing is they call themselves system/network engineers. Regards, Bo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 03:57:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA27487 for freebsd-isp-outgoing; Wed, 10 Jun 1998 03:57:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA27473 for ; Wed, 10 Jun 1998 03:57:23 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id LAA21447; Wed, 10 Jun 1998 11:54:52 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <357E65FC.99BBBA98@tdx.co.uk> Date: Wed, 10 Jun 1998 11:54:52 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: ICN administrator CC: isp@FreeBSD.ORG Subject: Re: Sorry, but it concerns NT References: <357E5369.41C67EA6@noc.icn.gov.ru> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ICN administrator wrote: > I need to connect two LANs (say two class C networks 192.168.1.0 and > 192.168.2.0 ) through corporate IP crowd. There is no problem of > routing, security ,etc. The problem is : those LANs are NT domains (say > Domain1 and Domain2) . And though there are trusted relations between > the domains, and any machine in Domain1 can find and connect to any > machine in Domain2, the former machine cannot get the list of Domain2 in > its neighbourhood and vice versa. > And what stroke me most - the Microsoft people in my location can not > resolve the problem, i thought it would be a snap for them. It might not be possible ;-) > FreeBSD crowd is my last hope. Hmmm, I'm not too impressed by that line... ;-) If you look at SAMBA on FreeBSD you can set it up to send 'remote announcements' to let browsing cross subnets (we use it here to let our Internet machines show up on our Intranet machines browse lists)... You should be able to achieve the same with NT, but I've no idea how... (something springs to mind about netbios name propagation?) Maybe someone who's more up on NT will offer something better... Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 04:11:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA01565 for freebsd-isp-outgoing; Wed, 10 Jun 1998 04:11:11 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from esimene.cynet.net.au (root@esimene.cynet.net.au [203.24.16.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA01396 for ; Wed, 10 Jun 1998 04:10:15 -0700 (PDT) (envelope-from mikel@cynet.net.au) Received: from whiney (smurf.org [203.33.20.1]) by esimene.cynet.net.au (8.8.8/8.6.12) with SMTP id VAA13892; Wed, 10 Jun 1998 21:09:02 +1000 (EST) Message-Id: <3.0.3.32.19980610210709.0116e530@cynet.net.au> X-Sender: mlmail@cynet.net.au X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.3 (32) Date: Wed, 10 Jun 1998 21:07:09 +1000 To: Bo Fussing From: Mikel Subject: VPN in FreeBSD & Re: Sorry, but it concerns NT Cc: isp@FreeBSD.ORG In-Reply-To: References: <357E5369.41C67EA6@noc.icn.gov.ru> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 06:28 PM 6/10/98 +0800, you wrote: >Anything on other subnets is therefore unknown. Use the online >documentation provided with NT to work out how this is set up. Unfortunatley the online help for WINS is this side of useless. It is incomplete and doesn't explain anything more complex than a local subnet scenario (having had to figure out the same sort of nt problem accross an ISDN link). Get a good NT ORielly book or even the Microsoft Network Administration kit for more info on how to do this. Or call up a local network support company and ask to speak to their MCSE or someone who understands WINS. Of course, you could put routers at each border and run a Virtual Private Network through the IP crowd, then both subnets are more "local" and you can run your WINS through it without too much fear (although the idea of running WINS through the Internet really scares me). Does FreeBSD have any VPN implementation that could pull this off? (Mikel asks desparately trying to pull the thread back on topic *8-] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 06:20:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA25613 for freebsd-isp-outgoing; Wed, 10 Jun 1998 06:20:37 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA25568 for ; Wed, 10 Jun 1998 06:20:30 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id OAA24368 for ; Wed, 10 Jun 1998 14:20:28 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <357E881C.8061DFA6@tdx.co.uk> Date: Wed, 10 Jun 1998 14:20:28 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: wu-ftpd problems? Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm running wu-ftpd from the ports collection on a 2.2.2 box... (wu-ftpd version 'wu-2.4.2-academ[BETA-13](1)'. I've just noticed that the following file: -rw-r--r-- root bin index.html Can be renamed by someone logging into the ftp server as 'wwwadmin' (group wwwadmin) - and doing a rename from CuteFTP - they can rename the file to something like: -rw-r--r-- root bin youstink.html The directory the file is in is: -rwxr-xr-x wwwadmin bin Am I doing something funny - is there something I've missed - or is it more likely to be a misconfigured wu-ftpd? We've also been looking at switching back to the regular (i.e. ships with FreeBSD ftpd) - as it will support nice things like internal 'ls' etc... Anyone got any comments on this? Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 06:52:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA03038 for freebsd-isp-outgoing; Wed, 10 Jun 1998 06:52:14 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from caladan.tdx.co.uk (caladan.tdx.co.uk [195.188.177.4]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA03032 for ; Wed, 10 Jun 1998 06:52:11 -0700 (PDT) (envelope-from kpielorz@tdx.co.uk) Received: from tdx.co.uk (lorca-tx.tdx.co.uk [195.188.177.242]) by caladan.tdx.co.uk (8.8.8/8.8.8) with ESMTP id OAA24738 for ; Wed, 10 Jun 1998 14:52:08 +0100 (BST) (envelope-from kpielorz@tdx.co.uk) Message-ID: <357E8F87.2B4144DE@tdx.co.uk> Date: Wed, 10 Jun 1998 14:52:07 +0100 From: Karl Pielorz Organization: TDX X-Mailer: Mozilla 4.05 [en] (WinNT; I) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: re: wu-ftpd problems? - followup... Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi All, Hmmm, the earlier post I made seemed to be wrong, and mostly done in panic... What I have discovered (but probably never really thought about) is that a user can apparently rename files in their 'own' directory - even if they don't own them... I guess this is a little strange? - And certainly not what I'd expected I guess... :-) Regards, Karl Pielorz To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 06:54:40 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA03874 for freebsd-isp-outgoing; Wed, 10 Jun 1998 06:54:40 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from thorin.hway.ru (thorin.hway.ru [195.170.38.130]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA03850 for ; Wed, 10 Jun 1998 06:54:30 -0700 (PDT) (envelope-from flash@intech.hway.ru) Received: from balin.intech.hway.ru (balin.intech.hway.ru [192.168.1.25]) by thorin.hway.ru (8.8.8/8.8.8) with ESMTP id RAA29736; Wed, 10 Jun 1998 17:53:38 +0400 (MSD) Received: from localhost (flash@localhost) by balin.intech.hway.ru (8.8.8/8.8.8) with SMTP id RAA05339; Wed, 10 Jun 1998 17:53:38 +0400 (MSD) Date: Wed, 10 Jun 1998 17:53:38 +0400 (MSD) From: "Alexander V. Tischenko" To: Karl Pielorz cc: isp@FreeBSD.ORG Subject: Re: wu-ftpd problems? In-Reply-To: <357E881C.8061DFA6@tdx.co.uk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I see no problems here, as soon as directory is writable by wwwadmin everything is in line with standard Unix protections. On Wed, 10 Jun 1998, Karl Pielorz wrote: > I'm running wu-ftpd from the ports collection on a 2.2.2 box... (wu-ftpd > version 'wu-2.4.2-academ[BETA-13](1)'. > > I've just noticed that the following file: > > -rw-r--r-- root bin index.html > > Can be renamed by someone logging into the ftp server as 'wwwadmin' (group > wwwadmin) - and doing a rename from CuteFTP - they can rename the file to > something like: > > -rw-r--r-- root bin youstink.html > > The directory the file is in is: > > -rwxr-xr-x wwwadmin bin > > Am I doing something funny - is there something I've missed - or is it more > likely to be a misconfigured wu-ftpd? > > We've also been looking at switching back to the regular (i.e. ships with > FreeBSD ftpd) - as it will support nice things like internal 'ls' etc... > Anyone got any comments on this? > > Regards, > > Karl Pielorz > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > Alexander V. Tischenko ------------------------------------------------------------------------------ Integrated Network Technologies | Tel: +7 095 978-47-37 7, Miusskaya sq., Moscow, 125047 Russia | Fax: +7 095 978-47-37 Internet: flash@hway.ru | NIC: AT55-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 07:52:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA15789 for freebsd-isp-outgoing; Wed, 10 Jun 1998 07:52:11 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from thecore.com (shaun@guardian.thecore.com [206.136.149.11]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA15750 for ; Wed, 10 Jun 1998 07:52:06 -0700 (PDT) (envelope-from shaun@thecore.com) Received: from localhost (shaun@localhost) by thecore.com (8.8.8/8.8.8) with SMTP id KAA05555 for ; Wed, 10 Jun 1998 10:51:42 -0400 (EDT) Date: Wed, 10 Jun 1998 10:51:42 -0400 (EDT) From: Shaun To: isp@FreeBSD.ORG Subject: limiting # of connects w/wu-ftp Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Is there any way to limit the number of simultaneous connections from each client host with wu-ftp? I have read through the man page on ftpaccess and don't see anything regarding this, just limiting the total number of ftp connections from a particular class with the "limit" directive. Any help would be appreciated. +-- http://www.download.net ------------- http://www.thecore.com --+ | Shaun M. Finn TechnoCore Communications, Inc. | | shaun@thecore.com Internet Web Services & Access | | VOICE: (732)928-7400 P.O. Box 106 | | FAX: (732)928-7402 Jackson, NJ 08527-0106 | +----- ICQ 3842675 ------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 11:26:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA06973 for freebsd-isp-outgoing; Wed, 10 Jun 1998 11:26:00 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from skyserv.med.osd.mil (skyserv.med.osd.mil [199.209.8.144]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id LAA06946 for ; Wed, 10 Jun 1998 11:25:56 -0700 (PDT) (envelope-from rpotts@med.osd.mil) Received: from 161.14.168.22 (ae1970.med.osd.mil [161.14.168.22]) by skyserv.med.osd.mil (8.6.8.1/SCA-6.6) with SMTP id OAA16351 for ; Wed, 10 Jun 1998 14:25:41 -0400 From: "Ross Potts, CON, EDS/D-SIDDOMS" Message-Id: <9806101422.ZM-94443@161.14.168.22> Date: Wed, 10 Jun 1998 14:22:19 -0700 X-Mailer: ZM-Win (3.2.1 11Sep94) To: FreeBSD-ISP@FreeBSD.ORG Subject: Firewall Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Has anyone had any experience with GNAT box firewalls? What are some of the better ones? Which ones support proxy? -- Potts, Ross A. Internet : Ross.Potts@med.osd.mil EDS-D/SIDDOMS Phone : (703) 824-7601 Skyline Two, Suite 1200 Beeper : (888) 687-2709 5113 Leesburg Pike, FAX : (703) 824-4155 Falls Church, VA 22041 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 12:43:33 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA24571 for freebsd-isp-outgoing; Wed, 10 Jun 1998 12:43:33 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from myrddin.demon.co.uk (exim@myrddin.demon.co.uk [158.152.54.180]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id MAA24462; Wed, 10 Jun 1998 12:43:05 -0700 (PDT) (envelope-from dom@myrddin.demon.co.uk) Received: from dom by myrddin.demon.co.uk with local (Exim 1.80 #1) id 0yjqRl-0000I9-00; Wed, 10 Jun 1998 20:22:09 +0100 To: "Matthew N. Dodd" Cc: The Hermit Hacker , Wm Brian McCane , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty References: From: Dom Mitchell In-Reply-To: "Matthew N. Dodd"'s message of "Tue, 9 Jun 1998 16:24:21 -0400 (EDT)" X-Mailer: Gnus v5.5/XEmacs 20.4 - "Emerald" Date: Wed, 10 Jun 1998 20:22:09 +0100 Message-Id: Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org "Matthew N. Dodd" writes: > Touching on this subject was a previous discussion of policy based login > handeling. (when/where/method based restrictions) > > Was there ever a design proposal submited? > > We have a number of different combinations to resolve and a solution that > is configurable not unlike IPFW (rule chains) might be a win. [snip] > We've got a number of different authentication systems to choose from as > well (and must take into account their needs.) > > - flatfile username/password (normal, default fallback etc) > - YP/NIS > - NIS+ > - S/Key > - .rhosts > - RSA (via ssh) > - Kerberos 4 > - Kerberos 5 > - Radius > - LDAP? > - External database/flatfile etc? > - ACE/SecureID Really, what we're looking at here, is something like Solaris' /etc/nsswitch.conf. However, that does bring a whole baggage of shared library gumph with it, even though it is highly configurable. It's probably something that is worth having, regardless. -- "Every minute there's a UNIX system crashing somewhere." -- DJB To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 12:54:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA27213 for freebsd-isp-outgoing; Wed, 10 Jun 1998 12:54:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smack.my.bitch.up.fast.net.uk (smack.my.bitch.up.fast.net.uk [194.207.104.143]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA27164 for ; Wed, 10 Jun 1998 12:54:18 -0700 (PDT) (envelope-from netadmin@fastnet.co.uk) Received: from localhost (localhost [127.0.0.1]) by smack.my.bitch.up.fast.net.uk (8.8.8/8.8.8) with SMTP id TAA00493 for ; Wed, 10 Jun 1998 19:11:57 GMT (envelope-from netadmin@fastnet.co.uk) Date: Wed, 10 Jun 1998 19:11:45 +0000 (GMT) From: Jay Tribick X-Sender: netadmin@smack.my.bitch.up.fast.net.uk To: freebsd-isp@FreeBSD.ORG Subject: Andrew File System (AFS) Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org -----BEGIN PGP SIGNED MESSAGE----- Hi Is an implementation of AFS (Andrew File System) available for FreeBSD, I can only find versions for Solaris etc.. If not, are there other alternatives to NFS? Regards, Jay Tribick [| Network Administrator | FastNet International | http://fast.net.uk/ |] [| PGPv5 RSA Key Available [2047bit] | Finger netadmin@fastnet.co.uk |] [| T: +44 (0)1273 677633 F: +44 (0)1273 621631 e: netadmin@fast.net.uk |] [| ----={ PGPv5 Fingerprint := FA690E7762F0E62F38C6052CC387FFF3 }=---- |] -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQEVAwUBNX7aeKzkshzbRjpTAQHjlwf9E/ia9ZQrD4DtVtCBn3k4tJ+NpLc5qKCX 6ZdFjEw9mhOTgsaWT8GuxZ6DnxnZ5y2EhSYUJ3PhkVuwYD8xCeRyddSJ2EQzxg/m +D3DIhsoeg8X9Q1eD/Ly57HnSC3uxAUeDKC4Ye3Pz/fuOy0N6jNtM/Sq5jJv3H4o Ad1C0xbiTJZaAcBnCznG6KHO0BcF4xUYj9QdBNG73W6FslSgh+pKAkLSt/z+D0vj X5loa1tkgxDMC17ovDBpk3f6tDKHaqgYT1erD61o4jjDXYSGVhnNY6wn0iN1kkGI n8jGX5CyGhvxg2jyGfTTYzMoauFxk5sAFPvX5LvdrPM2QCwBqCbcMw== =bTmU -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 13:16:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA03279 for freebsd-isp-outgoing; Wed, 10 Jun 1998 13:16:17 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from sasami.jurai.net (winter@sasami.jurai.net [207.153.65.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA03245; Wed, 10 Jun 1998 13:16:12 -0700 (PDT) (envelope-from winter@jurai.net) Received: from localhost (winter@localhost) by sasami.jurai.net (8.8.8/8.8.7) with SMTP id QAA12352; Wed, 10 Jun 1998 16:15:11 -0400 (EDT) Date: Wed, 10 Jun 1998 16:15:11 -0400 (EDT) From: "Matthew N. Dodd" To: Dom Mitchell cc: The Hermit Hacker , Wm Brian McCane , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 10 Jun 1998, Dom Mitchell wrote: > Really, what we're looking at here, is something like Solaris' > /etc/nsswitch.conf. However, that does bring a whole baggage of shared > library gumph with it, even though it is highly configurable. It's > probably something that is worth having, regardless. I doubt we're looking for nsswitch.conf but in spirit you are correct. One central location for the configuration of all things relating to user logins. nsswitch.conf has a broader scope and fewer options than the contents of my my post implies. /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 13:27:07 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA05844 for freebsd-isp-outgoing; Wed, 10 Jun 1998 13:27:07 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from darla.swimsuit.internet.dk (Modem1220.internet.dk [194.255.12.84]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA05820 for ; Wed, 10 Jun 1998 13:27:00 -0700 (PDT) (envelope-from leifn@internet.dk) Received: from darla.swimsuit.internet.dk (darla.swimsuit.internet.dk [192.168.0.10]) by darla.swimsuit.internet.dk (8.8.8/8.8.8) with SMTP id WAA00784 for ; Wed, 10 Jun 1998 22:26:49 +0200 (CEST) (envelope-from leifn@internet.dk) Date: Wed, 10 Jun 1998 22:26:49 +0200 (CEST) From: Leif Neland Reply-To: leifn@internet.dk To: isp@FreeBSD.ORG Subject: Only allow delivery of mail to users in aliases Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We have pre-created a /etc/passwd with plenty of users with names like u0001,u0002 etc. When customers buy an account, this userid gets an "real email-adress" (like leifn) in a MySql base. A script then creates /etc/aliases, radius database and a passwordfile for popd. (Users get internet access and a pop3-account). Two questions: 1: Do these users need to be in /etc/passwd, or can qpopper use its own password file? 2: If users need to be in /etc/passwd, how can we stop mail from being delivered to users only in /etc/passwd, not in /etc/aliases? Leif Neland leifn@internet.dk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 13:49:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA11574 for freebsd-isp-outgoing; Wed, 10 Jun 1998 13:49:38 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from whistle.com (s205m131.whistle.com [207.76.205.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA11533 for ; Wed, 10 Jun 1998 13:49:27 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from smap@localhost) by whistle.com (8.7.5/8.6.12) id NAA16940; Wed, 10 Jun 1998 13:48:50 -0700 (PDT) Received: from bubba.whistle.com(207.76.205.7) by whistle.com via smap (V1.3) id sma016928; Wed Jun 10 13:48:48 1998 Received: (from archie@localhost) by bubba.whistle.com (8.8.7/8.6.12) id NAA06972; Wed, 10 Jun 1998 13:48:48 -0700 (PDT) From: Archie Cobbs Message-Id: <199806102048.NAA06972@bubba.whistle.com> Subject: Re: VPN in FreeBSD & Re: Sorry, but it concerns NT In-Reply-To: <3.0.3.32.19980610210709.0116e530@cynet.net.au> from Mikel at "Jun 10, 98 09:07:09 pm" To: mikel@cynet.net.au (Mikel) Date: Wed, 10 Jun 1998 13:48:48 -0700 (PDT) Cc: bmf@gateway.net.hk, isp@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL31 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Mikel writes: > Of course, you could put routers at each border and run a Virtual Private > Network through the IP crowd, then both subnets are more "local" and you > can run your WINS through it without too much fear (although the idea of > running WINS through the Internet really scares me). Does FreeBSD have any > VPN implementation that could pull this off? (Mikel asks desparately > trying to pull the thread back on topic *8-] Check out the skip port .. /usr/ports/security/skip. It's kindof complicated, but it works. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 13:58:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA14047 for freebsd-isp-outgoing; Wed, 10 Jun 1998 13:58:37 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from thelab.hub.org (tc-31.acadiau.ca [131.162.2.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA13881; Wed, 10 Jun 1998 13:58:14 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by thelab.hub.org (8.8.8/8.8.2) with SMTP id RAA22290; Wed, 10 Jun 1998 17:57:43 -0300 (ADT) X-Authentication-Warning: thelab.hub.org: scrappy owned process doing -bs Date: Wed, 10 Jun 1998 17:57:42 -0300 (ADT) From: The Hermit Hacker To: Dom Mitchell cc: "Matthew N. Dodd" , Wm Brian McCane , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 10 Jun 1998, Dom Mitchell wrote: > "Matthew N. Dodd" writes: > > Touching on this subject was a previous discussion of policy based login > > handeling. (when/where/method based restrictions) > > > > Was there ever a design proposal submited? > > > > We have a number of different combinations to resolve and a solution that > > is configurable not unlike IPFW (rule chains) might be a win. > > [snip] > > > We've got a number of different authentication systems to choose from as > > well (and must take into account their needs.) > > > > - flatfile username/password (normal, default fallback etc) > > - YP/NIS > > - NIS+ > > - S/Key > > - .rhosts > > - RSA (via ssh) > > - Kerberos 4 > > - Kerberos 5 > > - Radius > > - LDAP? > > - External database/flatfile etc? > > - ACE/SecureID > > Really, what we're looking at here, is something like Solaris' > /etc/nsswitch.conf. However, that does bring a whole baggage of Actually, I believe that solaris is moving towards using PAM for all this too...each of the above, I believe, already has a pam module out there for it... Marc G. Fournier Systems Administrator @ hub.org primary: scrappy@hub.org secondary: scrappy@{freebsd|postgresql}.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 15:00:13 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA00651 for freebsd-isp-outgoing; Wed, 10 Jun 1998 15:00:13 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ntserver.computronic.hu (ntserver.computronic.hu [194.149.43.67]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA00448 for ; Wed, 10 Jun 1998 14:59:56 -0700 (PDT) (envelope-from andras.tudos@computronic.hu) Received: from gericom-nt (ip1.c3.hu [194.38.96.1]) by ntserver.computronic.hu (Post.Office MTA v3.1.2 release (PO205-101c) ID# 0-44403U100L100S0) with SMTP id AAA421; Wed, 10 Jun 1998 23:59:42 +0200 Message-Id: <3.0.5.32.19980611000210.00a868b0@computronic.hu> X-Sender: andras.tudos@computronic.hu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 11 Jun 1998 00:02:10 +0200 To: isp@FreeBSD.ORG From: "Andras Tudos - Computronic, C3" Subject: file system performance Cc: marci@c3.hu Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org We are setting up a largish qmail based mail server. We are using 3 frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp mail and to service pop3 user requests. The mailboxes are on the backend machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) and are shared via NFS. All PCs are on a 100Mbps switched LAN. The problem: file system performance (either measured over NFS or on the local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the former is too low. We tried almost all options (sync and async mode), but couldn't get it higher. With this performance the server can deliver about 700,000 messages per day (measured with simulated mail load), which is less than required (on long term). Any ideas how to improve performance? Andras Tudos C3, Budapest To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 16:08:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA15520 for freebsd-isp-outgoing; Wed, 10 Jun 1998 16:08:00 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ns1.lex.gob.gt (ns1.lex.gob.gt [168.234.110.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA15477 for ; Wed, 10 Jun 1998 16:07:43 -0700 (PDT) (envelope-from victor@mp.lex.gob.gt) Received: from mp-dbs.mp.intralex (mp-dbs.mp.intralex [192.168.1.3]) by ns1.lex.gob.gt (8.8.7/8.8.7) with ESMTP id RAA04092 for ; Wed, 10 Jun 1998 17:07:33 -0600 (CST) (envelope-from victor@mp.lex.gob.gt) Received: from localhost (victor@localhost) by mp-dbs.mp.intralex (8.8.7/8.8.7) with SMTP id RAA04477 for ; Wed, 10 Jun 1998 17:07:32 -0600 (CST) (envelope-from victor@mp.lex.gob.gt) X-Authentication-Warning: mp-dbs.mp.intralex: victor owned process doing -bs Date: Wed, 10 Jun 1998 17:07:31 -0600 (CST) From: "Victor M. Carranza G." X-Sender: victor@mp-dbs.mp.intralex To: isp@FreeBSD.ORG Subject: Router substitution Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi! I want to build a router upon a FreeBSD box, in substitution of a CISCO 2501 router which went dead. The CISCO was connected to the external network by means of a Tellabs Crossnet/240 NTU, using one of the serial ports. What kind of (FreeBSD supported) serial card can provide the same type of serial port? What software, besides routed or gated, will I need to accomplish the task? Anyone tried this already? Is it a good idea? Thanks in advance for your help! Best regards, Victor M. Carranza G. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 16:30:56 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA19300 for freebsd-isp-outgoing; Wed, 10 Jun 1998 16:30:56 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ns1.lex.gob.gt (ns1.lex.gob.gt [168.234.110.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA19229; Wed, 10 Jun 1998 16:30:27 -0700 (PDT) (envelope-from victor@mp.lex.gob.gt) Received: from mp-dbs.mp.intralex (mp-dbs.mp.intralex [192.168.1.3]) by ns1.lex.gob.gt (8.8.7/8.8.7) with ESMTP id RAA04143; Wed, 10 Jun 1998 17:30:20 -0600 (CST) (envelope-from victor@mp.lex.gob.gt) Received: from localhost (victor@localhost) by mp-dbs.mp.intralex (8.8.7/8.8.7) with SMTP id RAA04534; Wed, 10 Jun 1998 17:30:13 -0600 (CST) (envelope-from victor@mp.lex.gob.gt) X-Authentication-Warning: mp-dbs.mp.intralex: victor owned process doing -bs Date: Wed, 10 Jun 1998 17:30:13 -0600 (CST) From: "Victor M. Carranza G." X-Sender: victor@mp-dbs.mp.intralex To: FreeBSD Questions mailing list cc: isp@FreeBSD.ORG Subject: IP Aliases / DNS round-robbin ... how? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I am trying to set up several IP addresses (same subnet) in one of my ethernet interfaces. I have a Squid http proxy and socks5 proxy in this machine, which work very well... but some problems arise when a site does not allow more than one concurrent connection from the same IP address... so, I was thinking about assigning several addresses to the outside interface and use DNS to sequentially assign them to outgoing connections. My problem is: When I try to assign more than three IP addresses (netmask 0xfffffff8) to the same interface, the fourth attempt (and the subsequent ones) produces a "ifconfig: ioctl (SIOCAIFADDR): File exists" error. The address appears assigned, but it does not respond to ping. Reading the handbook, I found that the "correct" method is to assign the IP aliases using a 0xffffffff netmask. Doing so effectively permits adding several aliases, but then, DNS ignores all of them and returns only the original (non-alias) address :( What am I doing wrong? Is there another procedure to accomplish the same task (besides using several ethernet cards)? Thanks in advance for your help. Best regards, Victor M. Carranza G. P.S. The ethernet card is an ISA one. My FreeBSD version is 3.0-971006-SNAP. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 17:55:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA05894 for freebsd-isp-outgoing; Wed, 10 Jun 1998 17:55:00 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mail.westbend.net (ns1.westbend.net [207.217.224.194]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA05734 for ; Wed, 10 Jun 1998 17:54:10 -0700 (PDT) (envelope-from hetzels@westbend.net) Received: from admin (admin.westbend.net [207.217.224.195]) by mail.westbend.net (8.8.8/8.8.8) with SMTP id TAA16499; Wed, 10 Jun 1998 19:51:29 -0500 (CDT) (envelope-from hetzels@westbend.net) Message-ID: <060d01bd94d3$13fb79a0$c3e0d9cf@admin.westbend.net> From: "Scot W. Hetzel" To: , Subject: Re: Only allow delivery of mail to users in aliases Date: Wed, 10 Jun 1998 19:51:29 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: Leif Neland >Two questions: > >1: Do these users need to be in /etc/passwd, or can qpopper use its own >password file? > You'll need to modify both sendmail & qpopper to use an alternate passwd file. >2: If users need to be in /etc/passwd, how can we stop mail from being >delivered to users only in /etc/passwd, not in /etc/aliases? > You could put all these users into a file, and then use sendmail rules to deny mail to these users. I don't know how to implement either answer, but I do know that it can be done. Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 18:21:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA10452 for freebsd-isp-outgoing; Wed, 10 Jun 1998 18:21:00 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from bsd.tcc-comp.com.au (tcccom.lnk.telstra.net [139.130.60.203]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA10358 for ; Wed, 10 Jun 1998 18:20:25 -0700 (PDT) (envelope-from curl@tcc-comp.com.au) From: curl@tcc-comp.com.au Received: from bbs.tcc-comp.com.au (bbs.tcc-comp.com.au [203.36.225.10]) by bsd.tcc-comp.com.au (8.8.8/8.8.5) with SMTP id LAA02097 for ; Thu, 11 Jun 1998 11:22:49 +1000 (EST) Message-Id: <199806110122.LAA02097@bsd.tcc-comp.com.au> Date: Thu, 11 Jun 98 11:04:26 +1100 To: freebsd-isp@FreeBSD.ORG Subject: FreeBSD 2.2.6 & Highspeed Serial cards X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.40 (Unregistered) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hello, I need to configure our FreeBSD 2.2.6 machine to work with a serial card that has a 7.3728Mhz clock, and a serialport speed of 230400bps. Here's the info about the card from the manual (excuse the japenglish): The clock can setting to 1.8432Mhz (CLK * 1, 14.4KBPs), 3.6864MHZ (CLK * 2, 28.8KBPS) and 7.3728MHZ (CLK * 4, 57.6KBPs). The 4032 its install with two 16C650 Chip, so we offer the 4032 two serial ports with 32 Byte Transmitter and 32 Byte Receiver-Register (FIFO) up to 460,800 Baud. That is suggestive for a faster serial Data-Transfer-Rate and relieve the processor from computer system. Any User-Software recognize the FIFO Chip automatical and use this function. If you want to use the CLK x2 or x 4, your software utility must offer the clock initation. The only software that came with this card is for Win95/3.1. I have tryed a number of the settings (CLK 1 & 2) on my win95 machine and the onyl time i could get any response out of the serial card was in the clock1 settings and a baud rate of 115200 to our TA. (The TA autobauds from 300-115200bps and manual at 230400).. Can anyone offer any help or some serial port code (I'm not a programmer) to use this card. At the moment we can only safely use one B channel of our 128K isdn connection. Btw: the card is made by a company called Sun-??? (I used to have the web address, but have lost it) ---- Stephen Walsh - TCC Computers http://www.tcc-comp.com.au Ph: (BH) +61-3-53334699 Mobile: +61-17-849641 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 19:25:41 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA22307 for freebsd-isp-outgoing; Wed, 10 Jun 1998 19:25:41 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mailgw02.execpc.com (mailgw02.execpc.com [169.207.3.78]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA22278; Wed, 10 Jun 1998 19:25:18 -0700 (PDT) (envelope-from fpawlak@execpc.com) Received: from darkstar.connect.com (xeros-2-63.mdm.mke.execpc.com [169.207.94.191]) by mailgw02.execpc.com (8.9.0) id VAA26195; Wed, 10 Jun 1998 21:25:08 -0500 (CDT) Received: (from fpawlak@localhost) by darkstar.connect.com (8.9.0/8.9.0) id VAA06931; Wed, 10 Jun 1998 21:25:12 -0500 (CDT) From: "Frank Pawlak" Message-Id: <980611022511.ZM6930@darkstar.connect.com> Date: Thu, 11 Jun 1998 02:25:10 +0000 In-Reply-To: "Victor M. Carranza G." "IP Aliases / DNS round-robbin ... how?" (Jun 10, 5:30pm) References: X-Mailer: Z-Mail (5.0.0 30July97) To: "Victor M. Carranza G." , FreeBSD Questions mailing list Subject: Re: IP Aliases / DNS round-robbin ... how? Cc: isp@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Do a search on the questions archives. I posted an answer to this very question about two or three weeks ago. It is answered in a recent issues of Web Techniques, if I remember correctly. If I can find the URL, I'll post it. The article was written by one of the FreeBSD development team. Don't understand why this is not linked from the FreeBSD web page. Frank On Jun 10, 5:30pm, Victor M. Carranza G. wrote: > Subject: IP Aliases / DNS round-robbin ... how? > I am trying to set up several IP addresses (same subnet) in one of my > ethernet interfaces. I have a Squid http proxy and socks5 proxy in this > machine, which work very well... but some problems arise when a site does > not allow more than one concurrent connection from the same IP address... > so, I was thinking about assigning several addresses to the outside > interface and use DNS to sequentially assign them to outgoing connections. > > My problem is: When I try to assign more than three IP addresses (netmask > 0xfffffff8) to the same interface, the fourth attempt (and the subsequent > ones) produces a "ifconfig: ioctl (SIOCAIFADDR): File exists" error. The > address appears assigned, but it does not respond to ping. Reading the > handbook, I found that the "correct" method is to assign the IP aliases > using a 0xffffffff netmask. Doing so effectively permits adding several > aliases, but then, DNS ignores all of them and returns only the original > (non-alias) address :( > > What am I doing wrong? Is there another procedure to accomplish the same > task (besides using several ethernet cards)? > > Thanks in advance for your help. > > Best regards, > > Victor M. Carranza G. > > P.S. The ethernet card is an ISA one. My FreeBSD version is > 3.0-971006-SNAP. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >-- End of excerpt from Victor M. Carranza G. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 19:55:11 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA28591 for freebsd-isp-outgoing; Wed, 10 Jun 1998 19:55:11 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gate.gateway.net.hk (home.gateway.net.hk [202.76.19.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA28578 for ; Wed, 10 Jun 1998 19:55:06 -0700 (PDT) (envelope-from bmf@gate.gateway.net.hk) Received: (qmail 29222 invoked by uid 653); 11 Jun 1998 02:49:39 -0000 Date: Thu, 11 Jun 1998 10:49:39 +0800 (CST) From: Bo Fussing To: "Victor M. Carranza G." cc: isp@FreeBSD.ORG Subject: Re: Router substitution In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Victor, Both SDL RISCom (http://www.sdlcomm.com/) and Etinc (http://www.etinc.com/) and Cronyx (http://www.cronyx.com/) have drivers for FreeBSD. Do a search on the mailing archive on this topic to find out more. And please do not ask which is best - this list has had extensive discussion on this topic in the past. Regards, Bo On Wed, 10 Jun 1998, Victor M. Carranza G. wrote: > Hi! > > I want to build a router upon a FreeBSD box, in substitution of a CISCO > 2501 router which went dead. The CISCO was connected to the external > network by means of a Tellabs Crossnet/240 NTU, using one of the serial > ports. What kind of (FreeBSD supported) serial card can provide the same > type of serial port? What software, besides routed or gated, will I need > to accomplish the task? Anyone tried this already? Is it a good idea? > > Thanks in advance for your help! > > Best regards, > > Victor M. Carranza G. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 20:00:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA29484 for freebsd-isp-outgoing; Wed, 10 Jun 1998 20:00:52 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from bsd.tcc-comp.com.au (tcccom.lnk.telstra.net [139.130.60.203]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA29448 for ; Wed, 10 Jun 1998 20:00:42 -0700 (PDT) (envelope-from curl@tcc-comp.com.au) From: curl@tcc-comp.com.au Received: from bbs.tcc-comp.com.au (bbs.tcc-comp.com.au [203.36.225.10]) by bsd.tcc-comp.com.au (8.8.8/8.8.5) with SMTP id NAA02336 for ; Thu, 11 Jun 1998 13:03:10 +1000 (EST) Message-Id: <199806110303.NAA02336@bsd.tcc-comp.com.au> Date: Thu, 11 Jun 98 12:44:46 +1100 To: freebsd-isp@FreeBSD.ORG Subject: sendmail V8.9.0 X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v1.40 (Unregistered) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Has anyone on the list had any trouble getting sendmail v8.9.0 going ok under freebsd 2.2.6. I've unpacked it and done a sh build and have been going through the info.. I'm yet to install this new version. are there any traps I should look out for? Can anyone also give me some tips/config's for doing virtual email hosting with sendmail... ---- Stephen Walsh - TCC Computers (Internet Services) http://www.tcc-comp.com.au Ph: (BH) +61-3-53334699 Mobile: +61-17-849641 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Jun 10 20:10:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA01353 for freebsd-isp-outgoing; Wed, 10 Jun 1998 20:10:14 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mailgw00.execpc.com (mailgw00.execpc.com [169.207.1.78]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA01204; Wed, 10 Jun 1998 20:09:28 -0700 (PDT) (envelope-from fpawlak@execpc.com) Received: from darkstar.connect.com (ferengal-1-136.mdm.mke.execpc.com [169.207.130.10]) by mailgw00.execpc.com (8.9.0) id WAA20009; Wed, 10 Jun 1998 22:09:22 -0500 (CDT) Received: (from fpawlak@localhost) by darkstar.connect.com (8.9.0/8.9.0) id WAA07071; Wed, 10 Jun 1998 22:09:23 -0500 (CDT) From: "Frank Pawlak" Message-Id: <980611030922.ZM7070@darkstar.connect.com> Date: Thu, 11 Jun 1998 03:09:22 +0000 In-Reply-To: "Victor M. Carranza G." "IP Aliases / DNS round-robbin ... how?" (Jun 10, 5:30pm) References: X-Mailer: Z-Mail (5.0.0 30July97) To: "Victor M. Carranza G." , FreeBSD Questions mailing list Subject: Re: IP Aliases / DNS round-robbin ... how? Cc: isp@FreeBSD.ORG MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Check this URL http://www.webtechniques.com/features/1998/05/engelschall/engelschall.shtml Hope this helps. Frank On Jun 10, 5:30pm, Victor M. Carranza G. wrote: > Subject: IP Aliases / DNS round-robbin ... how? > I am trying to set up several IP addresses (same subnet) in one of my > ethernet interfaces. I have a Squid http proxy and socks5 proxy in this > machine, which work very well... but some problems arise when a site does > not allow more than one concurrent connection from the same IP address... > so, I was thinking about assigning several addresses to the outside > interface and use DNS to sequentially assign them to outgoing connections. > > My problem is: When I try to assign more than three IP addresses (netmask > 0xfffffff8) to the same interface, the fourth attempt (and the subsequent > ones) produces a "ifconfig: ioctl (SIOCAIFADDR): File exists" error. The > address appears assigned, but it does not respond to ping. Reading the > handbook, I found that the "correct" method is to assign the IP aliases > using a 0xffffffff netmask. Doing so effectively permits adding several > aliases, but then, DNS ignores all of them and returns only the original > (non-alias) address :( > > What am I doing wrong? Is there another procedure to accomplish the same > task (besides using several ethernet cards)? > > Thanks in advance for your help. > > Best regards, > > Victor M. Carranza G. > > P.S. The ethernet card is an ISA one. My FreeBSD version is > 3.0-971006-SNAP. > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >-- End of excerpt from Victor M. Carranza G. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 02:51:54 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA01919 for freebsd-isp-outgoing; Thu, 11 Jun 1998 02:51:54 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (freefall.pipeline.ch [195.134.128.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA01845 for ; Thu, 11 Jun 1998 02:51:38 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA194; Thu, 11 Jun 1998 11:50:19 +0200 Message-ID: <357FA86E.96CB3D00@pipeline.ch> Date: Thu, 11 Jun 1998 11:50:38 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: "Andras Tudos - Computronic, C3" CC: isp@FreeBSD.ORG, marci@c3.hu Subject: Re: file system performance References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andras Tudos - Computronic, C3 wrote: > > We are setting up a largish qmail based mail server. We are using 3 > frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp > mail and to service pop3 user requests. The mailboxes are on the backend > machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) > and are shared via NFS. All PCs are on a 100Mbps switched LAN. > > The problem: file system performance (either measured over NFS or on the > local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files > and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the > former is too low. We tried almost all options (sync and async mode), but > couldn't get it higher. With this performance the server can deliver about > 700,000 messages per day (measured with simulated mail load), which is less > than required (on long term). Get rid of NFS for incoming mail. NFS IMO does writes syncronously. > Any ideas how to improve performance? Let the front-end boxes accept incoming SMTP mail and then use QMQP to deliver all that stuff to the mailstore box which does local delivery. The other point is POP3 access... I think there's no way around NFS but that should'nt be so problematic since POP3 does only read and delete which is not so bad over NFS. Please report (at least to me, I'm very interested in it) back your experiences. PS: I'm doing an LDAP inplementation for qmail, might be interesting for you. -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 02:55:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA03043 for freebsd-isp-outgoing; Thu, 11 Jun 1998 02:55:39 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from stingray.ivision.co.uk (stingray.ivision.co.uk [195.50.91.40]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id CAA02179 for ; Thu, 11 Jun 1998 02:52:52 -0700 (PDT) (envelope-from manar@ivision.co.uk) Received: from pretender.ivision.co.uk [195.50.91.43] by stingray.ivision.co.uk with smtp (Exim 1.62 #2) id 0yk427-0001wi-00; Thu, 11 Jun 1998 10:52:36 +0100 Message-Id: <3.0.5.32.19980611105129.00881530@stingray.ivision.co.uk> X-Sender: manarpop@stingray.ivision.co.uk X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 11 Jun 1998 10:51:29 +0100 To: "Andras Tudos - Computronic, C3" From: Manar Hussain Subject: Re: file system performance Cc: isp@FreeBSD.ORG, marci@c3.hu In-Reply-To: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 00:02 11/06/98 +0200, Andras Tudos - Computronic, C3 wrote: >We are setting up a largish qmail based mail server. We are using 3 >frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp >mail and to service pop3 user requests. The mailboxes are on the backend >machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) >and are shared via NFS. All PCs are on a 100Mbps switched LAN. > >The problem: file system performance (either measured over NFS or on the >local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files >and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the >former is too low. We tried almost all options (sync and async mode), but >couldn't get it higher. With this performance the server can deliver about >700,000 messages per day (measured with simulated mail load), which is less >than required (on long term). > >Any ideas how to improve performance? http://www.netapp.com - *very* cool boxes - very fast, very professional with lots of nice feaures. Manar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 03:47:14 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA15183 for freebsd-isp-outgoing; Thu, 11 Jun 1998 03:47:14 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ntserver.computronic.hu (ntserver.computronic.hu [194.149.43.67]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA15158 for ; Thu, 11 Jun 1998 03:47:05 -0700 (PDT) (envelope-from andras.tudos@computronic.hu) Received: from andras-pc (andras-pc.computronic.hu [194.149.43.68]) by ntserver.computronic.hu (Post.Office MTA v3.1.2 release (PO205-101c) ID# 0-44403U100L100S0) with SMTP id AAA420; Thu, 11 Jun 1998 12:46:54 +0200 Message-Id: <3.0.5.32.19980611124654.00aad210@computronic.hu> X-Sender: andras.tudos@computronic.hu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 11 Jun 1998 12:46:54 +0200 To: "IBS / Andre Oppermann" From: "Andras Tudos - Computronic, C3" Subject: Re: file system performance Cc: isp@FreeBSD.ORG, marci@c3.hu In-Reply-To: <357FA86E.96CB3D00@pipeline.ch> References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:50 98.06.11 +0200, IBS / Andre Oppermann wrote: >Andras Tudos - Computronic, C3 wrote: >> >> We are setting up a largish qmail based mail server. We are using 3 >> frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp >> mail and to service pop3 user requests. The mailboxes are on the backend >> machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) >> and are shared via NFS. All PCs are on a 100Mbps switched LAN. >> >> The problem: file system performance (either measured over NFS or on the >> local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files >> and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the >> former is too low. We tried almost all options (sync and async mode), but >> couldn't get it higher. With this performance the server can deliver about >> 700,000 messages per day (measured with simulated mail load), which is less >> than required (on long term). > >Get rid of NFS for incoming mail. NFS IMO does writes syncronously. > But as I pointed out, we see practically NO difference in the performance whether /home is mounted over NFS or used locally. The problem is that there seems to be a upper limit which we reach when we're doing small file copies (actually copying real mail sample taken from /home) to the RAID array. Today we will experiment with fine tuning of the ext. RAID controller (CMD5440). >> Any ideas how to improve performance? > >Let the front-end boxes accept incoming SMTP mail and then use QMQP to >deliver all that stuff to the mailstore box which does local delivery. > It could help, if we could get much better local delivery performance on the backend... >The other point is POP3 access... I think there's no way around NFS but >that should'nt be so problematic since POP3 does only read and delete >which is not so bad over NFS. > Yes, POP3 load is not that bad. The big problem is the periodic huge incoming load caused by user subscriptions to various mailing lists (we have ~60000 mailboxes at the moment and it is linearly growing by ~7500 each month). We have to reach a better peak local delivery performance than the current one to keep the "sitting in the queue" time at an acceptable level. Andras Tudos C3, Budapest To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 03:52:04 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA16076 for freebsd-isp-outgoing; Thu, 11 Jun 1998 03:52:04 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ntserver.computronic.hu (ntserver.computronic.hu [194.149.43.67]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA15972 for ; Thu, 11 Jun 1998 03:51:51 -0700 (PDT) (envelope-from andras.tudos@computronic.hu) Received: from andras-pc (andras-pc.computronic.hu [194.149.43.68]) by ntserver.computronic.hu (Post.Office MTA v3.1.2 release (PO205-101c) ID# 0-44403U100L100S0) with SMTP id AAA454; Thu, 11 Jun 1998 12:51:47 +0200 Message-Id: <3.0.5.32.19980611125147.00ab3630@computronic.hu> X-Sender: andras.tudos@computronic.hu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 11 Jun 1998 12:51:47 +0200 To: Manar Hussain From: "Andras Tudos - Computronic, C3" Subject: Re: file system performance Cc: isp@FreeBSD.ORG, marci@c3.hu In-Reply-To: <3.0.5.32.19980611105129.00881530@stingray.ivision.co.uk> References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 10:51 98.06.11 +0100, you wrote: >At 00:02 11/06/98 +0200, Andras Tudos - Computronic, C3 wrote: >>We are setting up a largish qmail based mail server. We are using 3 >>frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp >>mail and to service pop3 user requests. The mailboxes are on the backend >>machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) >>and are shared via NFS. All PCs are on a 100Mbps switched LAN. >> >>The problem: file system performance (either measured over NFS or on the >>local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files >>and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the >>former is too low. We tried almost all options (sync and async mode), but >>couldn't get it higher. With this performance the server can deliver about >>700,000 messages per day (measured with simulated mail load), which is less >>than required (on long term). >> >>Any ideas how to improve performance? > >http://www.netapp.com - *very* cool boxes - very fast, very professional >with lots of nice feaures. > But extremely expensive compared to our budget as far as I know... :( How do they compare to a self built PII-400, UW SCSI, 45 Gb ext. RAID with CMD controller? Andras Tudos C3, Budapest To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 04:05:42 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA19688 for freebsd-isp-outgoing; Thu, 11 Jun 1998 04:05:42 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from uranus.planet-three.com (homer.duff-beer.com [194.207.51.241] (may be forged)) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA19679 for ; Thu, 11 Jun 1998 04:05:35 -0700 (PDT) (envelope-from scot@planet-three.com) Received: from localhost (scot@localhost) by uranus.planet-three.com (8.8.8/8.8.8) with SMTP id MAA20562; Thu, 11 Jun 1998 12:05:24 +0100 (BST) (envelope-from scot@poptart.org) Date: Thu, 11 Jun 1998 12:05:23 +0100 (BST) From: Scot Elliott X-Sender: scot@uranus.planet-three.com To: Leif Neland cc: isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org You might want to look at the Cyrus pop server in the ports. I installed it once to have a play, and seem to remember it keeping its' users seperate from /etc/passwd. I'd be interested in knowing how well this works. Yours. Scot. On Wed, 10 Jun 1998, Leif Neland wrote: > We have pre-created a /etc/passwd with plenty of users with names like > u0001,u0002 etc. > > When customers buy an account, this userid gets an "real email-adress" > (like leifn) in a MySql base. > > A script then creates /etc/aliases, radius database and a passwordfile for > popd. (Users get internet access and a pop3-account). > > Two questions: > > 1: Do these users need to be in /etc/passwd, or can qpopper use its own > password file? > > 2: If users need to be in /etc/passwd, how can we stop mail from being > delivered to users only in /etc/passwd, not in /etc/aliases? > > Leif Neland > leifn@internet.dk > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > ----------------------------------------------------------------------------- Scot Elliott (scot@poptart.org) | Work: +44 (0)171 7046777 PGP fingerprint: FCAE9ED3A234FEB59F8C7F9DDD112D | Home: +44 (0)181 8961019 ----------------------------------------------------------------------------- Public key available by finger at: finger scot@poptart.org or at: http://www.poptart.org/pgpkey.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 04:18:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA23322 for freebsd-isp-outgoing; Thu, 11 Jun 1998 04:18:29 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (freefall.pipeline.ch [195.134.128.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA23312 for ; Thu, 11 Jun 1998 04:18:22 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA212; Thu, 11 Jun 1998 13:17:05 +0200 Message-ID: <357FBCC5.BBB836FE@pipeline.ch> Date: Thu, 11 Jun 1998 13:17:25 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: "Andras Tudos - Computronic, C3" CC: isp@FreeBSD.ORG, marci@c3.hu Subject: Re: file system performance References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> <3.0.5.32.19980611124654.00aad210@computronic.hu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andras Tudos - Computronic, C3 wrote: > > At 11:50 98.06.11 +0200, IBS / Andre Oppermann wrote: > >Andras Tudos - Computronic, C3 wrote: > >> > >> We are setting up a largish qmail based mail server. We are using 3 > >> frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp > >> mail and to service pop3 user requests. The mailboxes are on the backend > >> machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) > >> and are shared via NFS. All PCs are on a 100Mbps switched LAN. > >> > >> The problem: file system performance (either measured over NFS or on the > >> local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files > >> and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the > >> former is too low. We tried almost all options (sync and async mode), but > >> couldn't get it higher. With this performance the server can deliver about > >> 700,000 messages per day (measured with simulated mail load), which is less > >> than required (on long term). > > > >Get rid of NFS for incoming mail. NFS IMO does writes syncronously. > > > > But as I pointed out, we see practically NO difference in the performance > whether /home is mounted over NFS or used locally. The problem is that > there seems to be a upper limit which we reach when we're doing small file > copies (actually copying real mail sample taken from /home) to the RAID > array. Today we will experiment with fine tuning of the ext. RAID > controller (CMD5440). What type of RAID do you have (I assume RAID 5)? Is the CMD5440 an external RAID controller or internal? > >> Any ideas how to improve performance? > > > >Let the front-end boxes accept incoming SMTP mail and then use QMQP to > >deliver all that stuff to the mailstore box which does local delivery. > > > It could help, if we could get much better local delivery performance on > the backend... I see. > >The other point is POP3 access... I think there's no way around NFS but > >that should'nt be so problematic since POP3 does only read and delete > >which is not so bad over NFS. > > > Yes, POP3 load is not that bad. The big problem is the periodic huge > incoming load caused by user subscriptions to various mailing lists (we > have ~60000 mailboxes at the moment and it is linearly growing by ~7500 > each month). We have to reach a better peak local delivery performance than > the current one to keep the "sitting in the queue" time at an acceptable > level. What sits in the queue? Incoming mail? -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 04:51:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA27832 for freebsd-isp-outgoing; Thu, 11 Jun 1998 04:51:38 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ntserver.computronic.hu (ntserver.computronic.hu [194.149.43.67]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA27821 for ; Thu, 11 Jun 1998 04:51:32 -0700 (PDT) (envelope-from andras.tudos@computronic.hu) Received: from andras-pc (andras-pc.computronic.hu [194.149.43.68]) by ntserver.computronic.hu (Post.Office MTA v3.1.2 release (PO205-101c) ID# 0-44403U100L100S0) with SMTP id AAA514; Thu, 11 Jun 1998 13:51:25 +0200 Message-Id: <3.0.5.32.19980611135125.00a36240@computronic.hu> X-Sender: andras.tudos@computronic.hu X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 11 Jun 1998 13:51:25 +0200 To: "IBS / Andre Oppermann" From: "Andras Tudos - Computronic, C3" Subject: Re: file system performance Cc: isp@FreeBSD.ORG, marci@c3.hu In-Reply-To: <357FBCC5.BBB836FE@pipeline.ch> References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> <3.0.5.32.19980611124654.00aad210@computronic.hu> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 13:17 98.06.11 +0200, you wrote: > >What type of RAID do you have (I assume RAID 5)? >Is the CMD5440 an external RAID controller or internal? > RAID5. External. (Backend PC has an Adaptec UW SCSI controller connected to the CMD RAID controller with 16Mb of cache, it has 3 UW channels each with 2x 9Gb IBM UW 7200 drives.) >> >The other point is POP3 access... I think there's no way around NFS but >> >that should'nt be so problematic since POP3 does only read and delete >> >which is not so bad over NFS. >> > >> Yes, POP3 load is not that bad. The big problem is the periodic huge >> incoming load caused by user subscriptions to various mailing lists (we >> have ~60000 mailboxes at the moment and it is linearly growing by ~7500 >> each month). We have to reach a better peak local delivery performance than >> the current one to keep the "sitting in the queue" time at an acceptable >> level. > >What sits in the queue? Incoming mail? > Yes. The local deliveries cannot keep up with the smtp-accept rate at peak periods. There are lists with hundreds of subscribers from our system and they generate a huge amount of mail traffic. The problems occur on the current single server system, but we want the new system to have at least ten times more performance than the current overloaded server to have spares for the continuosly increasing traffic (and we would like to develop other projects instead of having to upgrade our system each month :). Andras To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 05:10:36 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA00621 for freebsd-isp-outgoing; Thu, 11 Jun 1998 05:10:36 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (freefall.pipeline.ch [195.134.128.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA00592 for ; Thu, 11 Jun 1998 05:10:16 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA233; Thu, 11 Jun 1998 14:08:59 +0200 Message-ID: <357FC8EF.C5B5CD8F@pipeline.ch> Date: Thu, 11 Jun 1998 14:09:19 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: "Andras Tudos - Computronic, C3" CC: isp@FreeBSD.ORG, marci@c3.hu Subject: Re: file system performance References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> <3.0.5.32.19980611124654.00aad210@computronic.hu> <3.0.5.32.19980611135125.00a36240@computronic.hu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andras Tudos - Computronic, C3 wrote: > > At 13:17 98.06.11 +0200, you wrote: > > > >What type of RAID do you have (I assume RAID 5)? > >Is the CMD5440 an external RAID controller or internal? > > > RAID5. External. (Backend PC has an Adaptec UW SCSI controller connected to > the CMD RAID controller with 16Mb of cache, it has 3 UW channels each with > 2x 9Gb IBM UW 7200 drives.) Check out if the CMD controller does write-through (for security reasons, power failure). RAID5 is in general slower on writes than reads. -snip- > >What sits in the queue? Incoming mail? > > > Yes. The local deliveries cannot keep up with the smtp-accept rate at peak > periods. There are lists with hundreds of subscribers from our system and > they generate a huge amount of mail traffic. The problems occur on the > current single server system, but we want the new system to have at least > ten times more performance than the current overloaded server to have > spares for the continuosly increasing traffic (and we would like to develop > other projects instead of having to upgrade our system each month :). Yea ;-) -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 05:17:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA01687 for freebsd-isp-outgoing; Thu, 11 Jun 1998 05:17:55 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (freefall.pipeline.ch [195.134.128.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA01678 for ; Thu, 11 Jun 1998 05:17:47 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA309; Thu, 11 Jun 1998 14:16:29 +0200 Message-ID: <357FCAB2.C9E7D958@pipeline.ch> Date: Thu, 11 Jun 1998 14:16:50 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: "Andras Tudos - Computronic, C3" CC: isp@FreeBSD.ORG, marci@c3.hu Subject: Re: file system performance References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> <3.0.5.32.19980611124654.00aad210@computronic.hu> <3.0.5.32.19980611135125.00a36240@computronic.hu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andras Tudos - Computronic, C3 wrote: > > At 13:17 98.06.11 +0200, you wrote: > > > >What type of RAID do you have (I assume RAID 5)? > >Is the CMD5440 an external RAID controller or internal? > > > RAID5. External. (Backend PC has an Adaptec UW SCSI controller connected to > the CMD RAID controller with 16Mb of cache, it has 3 UW channels each with > 2x 9Gb IBM UW 7200 drives.) Did you install the new Firmware? Look for Item 6: (http://www.cmd.com/storage/support/docs/raid/relnotes/c1-2release.cfm) -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 05:46:34 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA05931 for freebsd-isp-outgoing; Thu, 11 Jun 1998 05:46:34 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from kremvax.demos.su (kremvax.demos.su [194.87.0.20]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id FAA05926 for ; Thu, 11 Jun 1998 05:46:32 -0700 (PDT) (envelope-from sinbin.demos.su!bag@kremvax.demos.su) Received: by kremvax.demos.su (8.6.13/D) from 0@sinbin.demos.su [194.87.5.31] with ESMTP id QAA11381; Thu, 11 Jun 1998 16:37:35 +0400 Received: by sinbin.demos.su id QAA24876; (8.6.12/D) Thu, 11 Jun 1998 16:36:31 +0400 From: bag@sinbin.demos.su (Alex G. Bulushev) Message-Id: <199806111236.QAA24876@sinbin.demos.su> Subject: Re: file system performance In-Reply-To: <3.0.5.32.19980611135125.00a36240@computronic.hu> from "Andras Tudos - Computronic, C3" at "Jun 11, 98 01:51:25 pm" X-ELM-OSV: (Our standard violations) no-mime=1; no-hdr-encoding=1 To: andras.tudos@computronic.hu (Andras Tudos - Computronic, C3) Date: Thu, 11 Jun 1998 16:36:31 +0400 (MSD) Cc: andre@pipeline.ch, isp@FreeBSD.ORG, marci@c3.hu X-Mailer: ELM [version 2.4ME+ PL32 (25)] Content-Type: text Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > At 13:17 98.06.11 +0200, you wrote: > > > >What type of RAID do you have (I assume RAID 5)? > >Is the CMD5440 an external RAID controller or internal? > > > RAID5. External. (Backend PC has an Adaptec UW SCSI controller connected to > the CMD RAID controller with 16Mb of cache, it has 3 UW channels each with > 2x 9Gb IBM UW 7200 drives.) RAID5 is not good choice for high performance, we use RAID1+0 there on similar system for users catalog's and mbox'es for small block's operation raid cache very usefull (64-128MB) Alex. > > >> >The other point is POP3 access... I think there's no way around NFS but > >> >that should'nt be so problematic since POP3 does only read and delete > >> >which is not so bad over NFS. > >> > > >> Yes, POP3 load is not that bad. The big problem is the periodic huge > >> incoming load caused by user subscriptions to various mailing lists (we > >> have ~60000 mailboxes at the moment and it is linearly growing by ~7500 > >> each month). We have to reach a better peak local delivery performance than > >> the current one to keep the "sitting in the queue" time at an acceptable > >> level. > > > >What sits in the queue? Incoming mail? > > > Yes. The local deliveries cannot keep up with the smtp-accept rate at peak > periods. There are lists with hundreds of subscribers from our system and > they generate a huge amount of mail traffic. The problems occur on the > current single server system, but we want the new system to have at least > ten times more performance than the current overloaded server to have > spares for the continuosly increasing traffic (and we would like to develop > other projects instead of having to upgrade our system each month :). > > Andras > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 08:45:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA13984 for freebsd-isp-outgoing; Thu, 11 Jun 1998 08:45:23 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from wpmail.gbr.epa.gov (wpmail.gbr.epa.gov [204.46.159.160]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id IAA13959 for ; Thu, 11 Jun 1998 08:45:12 -0700 (PDT) (envelope-from jenkins.mike@epamail.epa.gov) Received: from gbdomain-Message_Server by wpmail.gbr.epa.gov with Novell_GroupWise; Thu, 11 Jun 1998 10:41:59 -0500 Message-Id: X-Mailer: Novell GroupWise 4.1 Date: Thu, 11 Jun 1998 10:41:20 -0500 From: MIKE JENKINS To: curl@tcc-comp.com.au Cc: freebsd-isp@FreeBSD.ORG Subject: Re: sendmail V8.9.0 Mime-Version: 1.0 Content-Type: text/plain Content-Disposition: inline Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Can anyone also give me some tips/config's for doing virtual email hosting >with sendmail... www.sendmail.org/virtual-hosting.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 11:23:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA19135 for freebsd-isp-outgoing; Thu, 11 Jun 1998 11:23:01 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA19124 for ; Thu, 11 Jun 1998 11:22:57 -0700 (PDT) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id LAA05452; Thu, 11 Jun 1998 11:18:35 -0700 (PDT) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpd005444; Thu Jun 11 18:18:26 1998 Message-ID: <35801F6A.1CFBAE39@whistle.com> Date: Thu, 11 Jun 1998 11:18:18 -0700 From: Julian Elischer Organization: Whistle Communications X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2.5-RELEASE i386) MIME-Version: 1.0 To: "Andras Tudos - Computronic, C3" CC: isp@FreeBSD.ORG Subject: Re: file system performance References: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Andras Tudos - Computronic, C3 wrote: > > We are setting up a largish qmail based mail server. We are using 3 > frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp > mail and to service pop3 user requests. The mailboxes are on the backend > machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) > and are shared via NFS. All PCs are on a 100Mbps switched LAN. > > The problem: file system performance (either measured over NFS or on the > local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files > and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the > former is too low. We tried almost all options (sync and async mode), but > couldn't get it higher. With this performance the server can deliver about > 700,000 messages per day (measured with simulated mail load), which is less > than required (on long term). > > Any ideas how to improve performance? When there is a trustable snapsot of -current, you should look at usign that, as the new "soft updates" features will make this sort of thing much faster. (this will mainly be of interest for your "future plans" because -current is not really ready yet) The main thing you should do is do profiling of the amount of time spent for each mail item in each part of the system. You may find that you are forking processes in ways that are not needed.. try the following: get a quiet system with KTRACE compiled in the system torn on ktrace for the entire system: cd /var/tmp ktrace -d -i -p 1 -tcnisw send a single mail item to the machine. wait for delivery to complete.. (do NOT log in or do anything else) turn ktrace off ktrace -C (as root) examine the ktrace kdump -R -tcnisw >realdump vi realdump you should from this, get a real undertanding of what it takes to deliver a mail item This will allow you to find out what the real innefficienacies are. > > Andras Tudos > C3, Budapest > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 12:09:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA29492 for freebsd-isp-outgoing; Thu, 11 Jun 1998 12:09:37 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from wicked.eaznet.com (wicked.eaznet.com [209.75.156.5]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA29451 for ; Thu, 11 Jun 1998 12:09:28 -0700 (PDT) (envelope-from eddie@eaznet.com) Received: from eaznet.com (admin.eaznet.com [209.75.156.16]) by wicked.eaznet.com (8.8.7/8.8.5) with ESMTP id MAA09081 for ; Thu, 11 Jun 1998 12:11:09 -0700 (MST) Message-ID: <35802C61.3858207B@eaznet.com> Date: Thu, 11 Jun 1998 12:13:37 -0700 From: Eddie Fry X-Mailer: Mozilla 4.05 [en] (Win95; I) MIME-Version: 1.0 To: isp@FreeBSD.ORG Subject: routing to NT Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This may not be a FreeBSD problem, but I'm not sure. I have a customer with an NT server running as a proxy server/gateway. They connect to us via wireless bridges as shown below: I /--------------\ /----------------\ /-------------\ N-| Our Network |-Ia- FBSD 2.2.2 -Ib- | Wireless subnet | -Ic-NT-Id | customer Net| E \--------------/ \----------------/ \-------------/ T FBSD is running Gated. NT is NT Server 4.0. Ix is ethernet interface. The problem is kind of strange... Whenever the wireless link goes down and comes back up, the customer can ping everything up to and including the ehternet card on our network (Ia). However, they cannot ping anything on our network (besides Ia) or on the internet. When I goto FBSD, I can ping NT. When I goto another box on our network, I can ping NT with the side effect of everything starting to work again. I've checked my gated setup and had a couple of others check it. It looks like everything is ok there. However, I do not have access to the NT box. Does anyone have any ideas on what could cause this to happen? I'm working on getting the radio problems resolved, but I'd like to know that if there is a problem with the radios, the whole link doesn't stay down until someone sends them an email or something. Thanks, Eddie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 14:09:22 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA01201 for freebsd-isp-outgoing; Thu, 11 Jun 1998 14:09:22 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from unix.kawartha.com (unix.kawartha.com [204.101.15.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA01181 for ; Thu, 11 Jun 1998 14:09:14 -0700 (PDT) (envelope-from paul@kawartha.com) Received: from shell.kawartha.com (shell.kawartha.com [204.101.15.43]) by unix.kawartha.com (8.8.8/8.8.7) with SMTP id RAA08314 for ; Thu, 11 Jun 1998 17:11:00 -0400 (EDT) Date: Thu, 11 Jun 1998 17:24:07 -0400 (EDT) From: Paul Stewart To: freebsd-isp@FreeBSD.ORG Subject: nntpcache?? Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Anyone here know what's happened to nntpcache.org? We are looking at installing 2.3.2 of nntpcache from the ports collection and are having problems when the FreeBSD patches are installed. So, I was going to go to their site and download from them to see what's up and I haven't been able to get them for almost a week now. Anyone know what's up and/or know of another piece of software that does the same thing? Thanks very much, Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 17:39:58 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA14495 for freebsd-isp-outgoing; Thu, 11 Jun 1998 17:39:58 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mail.westbend.net (ns1.westbend.net [207.217.224.194]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA14466 for ; Thu, 11 Jun 1998 17:39:48 -0700 (PDT) (envelope-from hetzels@westbend.net) Received: from admin (admin.westbend.net [207.217.224.195]) by mail.westbend.net (8.8.8/8.8.8) with SMTP id TAA20765; Thu, 11 Jun 1998 19:39:22 -0500 (CDT) (envelope-from hetzels@westbend.net) Message-ID: <007f01bd959a$8af29da0$c3e0d9cf@admin.westbend.net> From: "Scot W. Hetzel" To: "Paul Stewart" Cc: Subject: Re: nntpcache?? Date: Thu, 11 Jun 1998 19:39:21 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.5 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org From: Paul Stewart >Anyone here know what's happened to nntpcache.org? We are looking at >installing 2.3.2 of nntpcache from the ports collection and are having >problems when the FreeBSD patches are installed. > >So, I was going to go to their site and download from them to see what's >up and I haven't been able to get them for almost a week now. > I just went to there web & ftp site and had no problems accessing it from any of the locations listed below: http://nntpcache.org ftp://nntpcache.org/pub/nntpcache ftp://ftp.nntpcache.org/pub/nntpcache ftp://suburbia.net/pub/nntpcache/ Scot To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 17:56:25 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA18650 for freebsd-isp-outgoing; Thu, 11 Jun 1998 17:56:25 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from unix.kawartha.com (unix.kawartha.com [204.101.15.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA18644 for ; Thu, 11 Jun 1998 17:56:22 -0700 (PDT) (envelope-from paul@kawartha.com) Received: from shell.kawartha.com (shell.kawartha.com [204.101.15.43]) by unix.kawartha.com (8.8.8/8.8.7) with SMTP id UAA16430; Thu, 11 Jun 1998 20:58:05 -0400 (EDT) Date: Thu, 11 Jun 1998 21:11:12 -0400 (EDT) From: Paul Stewart To: "Scot W. Hetzel" cc: freebsd-isp@FreeBSD.ORG Subject: Re: nntpcache?? In-Reply-To: <007f01bd959a$8af29da0$c3e0d9cf@admin.westbend.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Wow.. that's strange.. now, I just got through.. sorry about that...:) Paul On Thu, 11 Jun 1998, Scot W. Hetzel wrote: > From: Paul Stewart > > >Anyone here know what's happened to nntpcache.org? We are looking at > >installing 2.3.2 of nntpcache from the ports collection and are having > >problems when the FreeBSD patches are installed. > > > >So, I was going to go to their site and download from them to see what's > >up and I haven't been able to get them for almost a week now. > > > I just went to there web & ftp site and had no problems accessing it from > any of the locations listed below: > > http://nntpcache.org > ftp://nntpcache.org/pub/nntpcache > ftp://ftp.nntpcache.org/pub/nntpcache > ftp://suburbia.net/pub/nntpcache/ > > Scot > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 18:34:35 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA26499 for freebsd-isp-outgoing; Thu, 11 Jun 1998 18:34:35 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from x10.boston.juno.com (x10.boston.juno.com [205.231.101.25]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA26487 for ; Thu, 11 Jun 1998 18:34:30 -0700 (PDT) (envelope-from egravel@juno.com) Received: (from egravel@juno.com) by x10.boston.juno.com (queuemail) id DFHPB9VL; Thu, 11 Jun 1998 21:28:21 EDT To: isp@FreeBSD.ORG Date: Thu, 11 Jun 1998 18:30:45 -0700 Subject: Setting up a server on the net Message-ID: <19980611.183055.3526.1.egravel@juno.com> X-Mailer: Juno 1.49 X-Juno-Line-Breaks: 1,3,5,7,9,11-13,15-21 From: egravel@juno.com (Emmanuel Gravel) Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I'm starting to gather info on how to set up a server on the net for webhosting. I've been looking slowly into the matter for a short while now, and FreeBSD seems my best bet for this task. However I'm lacking quite a bit of info on how to get myself setup with the connection, get a block of IP addresses, get a DNS server up and running (for multiple, virtual domain names from my future machine) and any and all info pertaining to these subjects. I'm starting from quite far back as you can see, but I want to do this and I want to do it right. I was wondering if any of you could give me info on this subject, or direct me to the proper sources for this info. Thanks in advance, Emmanuel Gravel egravel@juno.com _____________________________________________________________________ You don't need to buy Internet access to use free Internet e-mail. Get completely free e-mail from Juno at http://www.juno.com Or call Juno at (800) 654-JUNO [654-5866] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 18:37:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id SAA27050 for freebsd-isp-outgoing; Thu, 11 Jun 1998 18:37:16 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smtp01.primenet.com (daemon@smtp01.primenet.com [206.165.6.131]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id SAA27022; Thu, 11 Jun 1998 18:37:04 -0700 (PDT) (envelope-from tlambert@usr09.primenet.com) Received: (from daemon@localhost) by smtp01.primenet.com (8.8.8/8.8.8) id SAA04464; Thu, 11 Jun 1998 18:36:58 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp01.primenet.com, id smtpd004441; Thu Jun 11 18:36:57 1998 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id SAA07321; Thu, 11 Jun 1998 18:36:55 -0700 (MST) From: Terry Lambert Message-Id: <199806120136.SAA07321@usr09.primenet.com> Subject: Re: Radius login via getty To: isp@FreeBSD.ORG, current@FreeBSD.ORG Date: Fri, 12 Jun 1998 01:36:55 +0000 (GMT) In-Reply-To: from "The Hermit Hacker" at Jun 10, 98 05:57:42 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Really, what we're looking at here, is something like Solaris' > > /etc/nsswitch.conf. However, that does bring a whole baggage of > > Actually, I believe that solaris is moving towards using PAM for > all this too...each of the above, I believe, already has a pam module out > there for it... PAM has a number of known problems. Use SASL instead. Unlike PAM, thee is an RFC for SASL. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 19:12:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA04417 for freebsd-isp-outgoing; Thu, 11 Jun 1998 19:12:24 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from gate.gateway.net.hk (home.gateway.net.hk [202.76.19.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA04349 for ; Thu, 11 Jun 1998 19:12:12 -0700 (PDT) (envelope-from bmf@gate.gateway.net.hk) Received: (qmail 6221 invoked by uid 653); 12 Jun 1998 02:09:24 -0000 Date: Fri, 12 Jun 1998 10:09:24 +0800 (CST) From: Bo Fussing To: Emmanuel Gravel cc: isp@FreeBSD.ORG Subject: Re: Setting up a server on the net In-Reply-To: <19980611.183055.3526.1.egravel@juno.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Emmanuel, You might want to check out the Internet Access FAQ at http://www.netaxs.com/internet/faq.html which covers most of the information you are looking for. Regards, Bo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 19:31:31 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA07708 for freebsd-isp-outgoing; Thu, 11 Jun 1998 19:31:31 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from hub.org (hub.org [209.47.148.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA07637; Thu, 11 Jun 1998 19:30:52 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by hub.org (8.8.8/8.7.5) with SMTP id WAA01519; Thu, 11 Jun 1998 22:30:45 -0400 (EDT) Date: Thu, 11 Jun 1998 22:30:45 -0400 (EDT) From: The Hermit Hacker To: Terry Lambert cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: <199806120136.SAA07321@usr09.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 12 Jun 1998, Terry Lambert wrote: > > > Really, what we're looking at here, is something like Solaris' > > > /etc/nsswitch.conf. However, that does bring a whole baggage of > > > > Actually, I believe that solaris is moving towards using PAM for > > all this too...each of the above, I believe, already has a pam module out > > there for it... > > PAM has a number of known problems. > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. Boy, does that ever make alot of sense...both Solaris and Linux are adopting PAM as their authentication schemes, and are designing various modules for it, but let's adopt something because, hey, it has an RFC? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 20:11:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA14776 for freebsd-isp-outgoing; Thu, 11 Jun 1998 20:11:27 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smtp03.primenet.com (daemon@smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA14757; Thu, 11 Jun 1998 20:11:20 -0700 (PDT) (envelope-from tlambert@usr09.primenet.com) Received: (from daemon@localhost) by smtp03.primenet.com (8.8.8/8.8.8) id UAA12163; Thu, 11 Jun 1998 20:11:13 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp03.primenet.com, id smtpd012077; Thu Jun 11 20:11:03 1998 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id UAA11298; Thu, 11 Jun 1998 20:11:00 -0700 (MST) From: Terry Lambert Message-Id: <199806120311.UAA11298@usr09.primenet.com> Subject: Re: Radius login via getty To: scrappy@hub.org (The Hermit Hacker) Date: Fri, 12 Jun 1998 03:10:59 +0000 (GMT) Cc: tlambert@primenet.com, isp@FreeBSD.ORG, current@FreeBSD.ORG In-Reply-To: from "The Hermit Hacker" at Jun 11, 98 10:30:45 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > PAM has a number of known problems. > > > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > Boy, does that ever make alot of sense...both Solaris and Linux > are adopting PAM as their authentication schemes, and are designing > various modules for it, but let's adopt something because, hey, it has an > RFC? Check www.sun.com, "PAM-boy"; Sun's "adoption" of PAM is anecdotal. 8-) 8-). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 22:03:47 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id WAA00553 for freebsd-isp-outgoing; Thu, 11 Jun 1998 22:03:47 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from xwin.webweaver.net (xwin.webweaver.net [208.138.29.35]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA00535 for ; Thu, 11 Jun 1998 22:03:43 -0700 (PDT) (envelope-from nicole@xwin.webweaver.net) Received: (from nicole@localhost) by xwin.webweaver.net (8.8.8/8.8.7) id WAA09069; Thu, 11 Jun 1998 22:09:20 -0700 (PDT) (envelope-from nicole) Message-ID: X-Mailer: XFMail 1.2 [p0] on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii MIME-Version: 1.0 In-Reply-To: <3.0.5.32.19980611000210.00a868b0@computronic.hu> Date: Thu, 11 Jun 1998 22:09:20 -0700 (PDT) From: Nicole Harrington To: "Andras Tudos - Computronic, C3" Subject: RE: file system performance Cc: marci@c3.hu, isp@FreeBSD.ORG Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by hub.freebsd.org id WAA00543 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On 10-Jun-98 Andras Tudos - Computronic, C3 wisely wrote: > We are setting up a largish qmail based mail server. We are using 3 > frontend machines (PII-233, 128Mb, FreeBSD 2.2.6) to accept incoming smtp > mail and to service pop3 user requests. The mailboxes are on the backend > machine (PII-400, 128Mb, FreeBSD 2.2.6, external HW RAID array on UW SCSI) > and are shared via NFS. All PCs are on a 100Mbps switched LAN. > > The problem: file system performance (either measured over NFS or on the > local RAID array). We can get 1.6Mbps when continuosly copying 1-2K files > and 44Mbps when copying (dd) /dev/zero. The later is perfect, but the > former is too low. We tried almost all options (sync and async mode), but > couldn't get it higher. With this performance the server can deliver about > 700,000 messages per day (measured with simulated mail load), which is less > than required (on long term). > > Any ideas how to improve performance? > I am setting up a very similiar arrangement, except I have the machines mounting a network appliance device. To improve performance I am using a Packetengines G igabit nic cards and Hub to connect to the Netapp filer Their are drives availab le for FreeBSD. Glad to see someone else choosing qmail for it's abilities to work well over an NFS mounted environment. Nicole nicole@webweaver.net - http://www.webweaver.net/ webmistress@dangermouse.org - http://www.dangermouse.org/ ------------------------------------------------- -- Powered by Coka Cola and FreeBSD -- -- Stong enough for a man - But made for a Woman -- -- Microsoft: What bug would you like today? -- -- I tried an internal modem once, but it hurt when I walked -- --------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 23:07:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA08464 for freebsd-isp-outgoing; Thu, 11 Jun 1998 23:07:48 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from rheingold.reed.edu (wcooley@c029h021.ipdorm.reed.edu [134.10.29.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA08447 for ; Thu, 11 Jun 1998 23:07:43 -0700 (PDT) (envelope-from wcooley@nakedape.ml.org) Received: from localhost (wcooley@localhost) by rheingold.reed.edu (8.8.7/8.8.7) with SMTP id XAA18243; Thu, 11 Jun 1998 23:05:15 -0700 Date: Thu, 11 Jun 1998 23:05:12 -0700 (PDT) From: "W. Reilly Cooley, Esq." X-Sender: wcooley@rheingold.reed.edu To: The Hermit Hacker cc: Terry Lambert , isp@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 11 Jun 1998, The Hermit Hacker wrote: > > PAM has a number of known problems. > > > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > Boy, does that ever make alot of sense...both Solaris and Linux > are adopting PAM as their authentication schemes, and are designing > various modules for it, but let's adopt something because, hey, it has an > RFC? I'm not sure if it counts, but there *is* an RFC for PAM--it's just not an IETF RFC, but rather an OSF RFC. http://www.redhat.com/linux-info/pam/rfc86.0.txt Dein Wil -- ------------------------------------------------------------- W. Reilly Cooley, Esq. Naked Ape Consulting wcooley@nakedape.ml.org http://www.nakedape.ml.org Links page ----> http://www.nakedape.ml.org/links To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 23:43:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA14384 for freebsd-isp-outgoing; Thu, 11 Jun 1998 23:43:05 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from antipodes.cdrom.com (castles357.castles.com [208.214.167.57]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA14350; Thu, 11 Jun 1998 23:42:57 -0700 (PDT) (envelope-from mike@antipodes.cdrom.com) Received: from antipodes.cdrom.com (localhost [127.0.0.1]) by antipodes.cdrom.com (8.8.8/8.8.5) with ESMTP id WAA00405; Thu, 11 Jun 1998 22:38:11 -0700 (PDT) Message-Id: <199806120538.WAA00405@antipodes.cdrom.com> X-Mailer: exmh version 2.0zeta 7/24/97 To: The Hermit Hacker cc: Terry Lambert , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-reply-to: Your message of "Thu, 11 Jun 1998 22:30:45 EDT." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 11 Jun 1998 22:38:11 -0700 From: Mike Smith Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > On Fri, 12 Jun 1998, Terry Lambert wrote: > > > Actually, I believe that solaris is moving towards using PAM for > > > all this too...each of the above, I believe, already has a pam module out > > > there for it... > > > > PAM has a number of known problems. > > > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > Boy, does that ever make alot of sense...both Solaris and Linux > are adopting PAM as their authentication schemes, and are designing > various modules for it, but let's adopt something because, hey, it has an > RFC? This is the "20 million flies" argument. PAM is broken as designed; implementing it might be expedient, but will never be "right". -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Jun 11 23:44:59 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA14909 for freebsd-isp-outgoing; Thu, 11 Jun 1998 23:44:59 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from antipodes.cdrom.com (castles357.castles.com [208.214.167.57]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA14855; Thu, 11 Jun 1998 23:44:50 -0700 (PDT) (envelope-from mike@antipodes.cdrom.com) Received: from antipodes.cdrom.com (localhost [127.0.0.1]) by antipodes.cdrom.com (8.8.8/8.8.5) with ESMTP id WAA00424; Thu, 11 Jun 1998 22:40:08 -0700 (PDT) Message-Id: <199806120540.WAA00424@antipodes.cdrom.com> X-Mailer: exmh version 2.0zeta 7/24/97 To: Terry Lambert cc: scrappy@hub.org (The Hermit Hacker), isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-reply-to: Your message of "Fri, 12 Jun 1998 03:10:59 -0000." <199806120311.UAA11298@usr09.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 11 Jun 1998 22:40:07 -0700 From: Mike Smith Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > > PAM has a number of known problems. > > > > > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > > > Boy, does that ever make alot of sense...both Solaris and Linux > > are adopting PAM as their authentication schemes, and are designing > > various modules for it, but let's adopt something because, hey, it has an > > RFC? > > Check www.sun.com, "PAM-boy"; Sun's "adoption" of PAM is anecdotal. Check your friendly local Solaris 2.5-or-later system for non-anecdotal evidence of their implementation of PAM. -- \\ Sometimes you're ahead, \\ Mike Smith \\ sometimes you're behind. \\ mike@smith.net.au \\ The race is long, and in the \\ msmith@freebsd.org \\ end it's only with yourself. \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 00:46:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA27462 for freebsd-isp-outgoing; Fri, 12 Jun 1998 00:46:17 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from sasami.jurai.net (winter@sasami.jurai.net [207.153.65.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA27375; Fri, 12 Jun 1998 00:46:02 -0700 (PDT) (envelope-from winter@jurai.net) Received: from localhost (winter@localhost) by sasami.jurai.net (8.8.8/8.8.7) with SMTP id DAA08077; Fri, 12 Jun 1998 03:45:49 -0400 (EDT) Date: Fri, 12 Jun 1998 03:45:49 -0400 (EDT) From: "Matthew N. Dodd" To: Mike Smith cc: The Hermit Hacker , Terry Lambert , isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: <199806120538.WAA00405@antipodes.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 11 Jun 1998, Mike Smith wrote: > This is the "20 million flies" argument. PAM is broken as designed; > implementing it might be expedient, but will never be "right". Amen. /* Matthew N. Dodd | A memory retaining a love you had for life winter@jurai.net | As cruel as it seems nothing ever seems to http://www.jurai.net/~winter | go right - FLA M 3.1:53 */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 00:54:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA29042 for freebsd-isp-outgoing; Fri, 12 Jun 1998 00:54:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from dove.peace.com.my (peace.com.my [202.184.153.15]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA28955 for ; Fri, 12 Jun 1998 00:53:49 -0700 (PDT) (envelope-from panda@peace.com.my) Received: from lovebox (love.com.my [202.184.153.17]) by dove.peace.com.my (8.8.5/8.8.5) with SMTP id PAA16666; Fri, 12 Jun 1998 15:33:58 +0800 (SGT) Date: Fri, 12 Jun 1998 15:33:58 +0800 (SGT) Message-Id: <3.0.32.19980612155552.0093b100@peace.com.my> X-Sender: panda@peace.com.my (Unverified) X-Mailer: Windows Eudora Pro Version 3.0 (32) To: "Scot W. Hetzel" , , From: chas Subject: Re: Only allow delivery of mail to users in aliases Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>Two questions: >> >>1: Do these users need to be in /etc/passwd, or can qpopper use its own >>password file? >> >You'll need to modify both sendmail & qpopper to use an alternate passwd >file. > >>2: If users need to be in /etc/passwd, how can we stop mail from being >>delivered to users only in /etc/passwd, not in /etc/aliases? >> >You could put all these users into a file, and then use sendmail rules to >deny mail to these users. > >I don't know how to implement either answer, but I do know that it can be >done. Cyrus IMAPd does not necessarily require users in /etc/passwd in order for them to have a mailbox. (and plus you can offer IMAP mailboxes - more value add for customers perhaps). Cyrus is distributed with a choice of 2 authentication methods : 1) Using the unix passwd file (which you have said that you do not wish to do) 2) Using Kerberos (which is, for some of us, more hassle that we can do without). However, the authentication is done via a small program called pwcheck. This seems easily hackable (though I've made a total balls up of it over the past 2 weeks) to use any of the following : 1) Radius authentication (i know a guy on a linux list who has the mods for this) 2) A different password file (look at getpwnam) 3) A mysql database (someone on the FBSD-questions list mentioned this - i haven't seen the mods myself though. anyone else ?) 4) LDAP. Check http://www.wwa.com/~donley/ Yes, I know that LDAP is not an authentication protocol per se... but you can use it as such. I've been trying (4) above but keep crapping out on the compile. If anyone has got this working, please could they let me know ? It seems pretty straightforward but my C knowledge has atrophied to less than nothing. Bottomline, Cyrus is a seriously cool piece of software and I suspect your solution lies there - especially since the you mentioned the use of mysql. http://andrew2.andrew.cmu.edu/cyrus/imapd/ chas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 03:53:29 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA12236 for freebsd-isp-outgoing; Fri, 12 Jun 1998 03:53:29 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from stingray.ivision.co.uk (stingray.ivision.co.uk [195.50.91.40]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id DAA12205 for ; Fri, 12 Jun 1998 03:53:13 -0700 (PDT) (envelope-from manar@ivision.co.uk) Received: from pretender.ivision.co.uk [195.50.91.43] by stingray.ivision.co.uk with smtp (Exim 1.62 #2) id 0ykRSI-0002xe-00; Fri, 12 Jun 1998 11:53:10 +0100 Message-Id: <3.0.5.32.19980612115207.008a57a0@stingray.ivision.co.uk> X-Sender: manarpop@stingray.ivision.co.uk X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Fri, 12 Jun 1998 11:52:07 +0100 To: isp@FreeBSD.ORG From: Manar Hussain Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: <3.0.32.19980612155552.0093b100@peace.com.my> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >4) LDAP. Check http://www.wwa.com/~donley/ > Yes, I know that LDAP is not an authentication protocol per se... > but you can use it as such. > >I've been trying (4) above but keep crapping out on the compile. >If anyone has got this working, please could they let me know ? >It seems pretty straightforward but my C knowledge has atrophied >to less than nothing. Haven't really followed the thread but if people are interested in LDAP for IMAP then they would probably be interested in the fact that Exim and I believe qmail (public domain - better than - sendmail replacements) support hooking into LDAP. Manar To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 05:48:38 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA02420 for freebsd-isp-outgoing; Fri, 12 Jun 1998 05:48:38 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from freefall.pipeline.ch (freefall.pipeline.ch [195.134.128.40]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA02357 for ; Fri, 12 Jun 1998 05:48:23 -0700 (PDT) (envelope-from andre@pipeline.ch) Received: from pipeline.ch ([195.134.128.41]) by freefall.pipeline.ch (Netscape Mail Server v2.02) with ESMTP id AAA375; Fri, 12 Jun 1998 14:46:52 +0200 Message-ID: <35812356.8BC5B5@pipeline.ch> Date: Fri, 12 Jun 1998 14:47:18 +0200 From: "IBS / Andre Oppermann" Organization: Internet Business Solutions Ltd. (AG) X-Mailer: Mozilla 4.03 [en] (WinNT; U) MIME-Version: 1.0 To: Manar Hussain CC: isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases References: <3.0.5.32.19980612115207.008a57a0@stingray.ivision.co.uk> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Manar Hussain wrote: > > >4) LDAP. Check http://www.wwa.com/~donley/ > > Yes, I know that LDAP is not an authentication protocol per se... > > but you can use it as such. > > > >I've been trying (4) above but keep crapping out on the compile. > >If anyone has got this working, please could they let me know ? > >It seems pretty straightforward but my C knowledge has atrophied > >to less than nothing. > > Haven't really followed the thread but if people are interested in LDAP for > IMAP then they would probably be interested in the fact that Exim and I > believe qmail (public domain - better than - sendmail replacements) support > hooking into LDAP. Not yet, *smile*. I'm working on LDAP for qmail... -- Andre Oppermann CEO / Geschaeftsfuehrer Internet Business Solutions Ltd. (AG) Hardstrasse 235, 8005 Zurich, Switzerland Fon +41 1 277 75 75 / Fax +41 1 277 75 77 http://www.pipeline.ch ibs@pipeline.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 07:29:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA19259 for freebsd-isp-outgoing; Fri, 12 Jun 1998 07:29:55 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smtp04.primenet.com (daemon@smtp04.primenet.com [206.165.6.134]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA19227; Fri, 12 Jun 1998 07:29:45 -0700 (PDT) (envelope-from tlambert@usr09.primenet.com) Received: (from daemon@localhost) by smtp04.primenet.com (8.8.8/8.8.8) id HAA14213; Fri, 12 Jun 1998 07:29:41 -0700 (MST) Received: from usr09.primenet.com(206.165.6.209) via SMTP by smtp04.primenet.com, id smtpd014170; Fri Jun 12 07:29:39 1998 Received: (from tlambert@localhost) by usr09.primenet.com (8.8.5/8.8.5) id HAA06651; Fri, 12 Jun 1998 07:29:12 -0700 (MST) From: Terry Lambert Message-Id: <199806121429.HAA06651@usr09.primenet.com> Subject: Re: Radius login via getty To: mike@smith.net.au (Mike Smith) Date: Fri, 12 Jun 1998 14:29:12 +0000 (GMT) Cc: tlambert@primenet.com, scrappy@hub.org, isp@FreeBSD.ORG, current@FreeBSD.ORG In-Reply-To: <199806120540.WAA00424@antipodes.cdrom.com> from "Mike Smith" at Jun 11, 98 10:40:07 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > Check www.sun.com, "PAM-boy"; Sun's "adoption" of PAM is anecdotal. > > Check your friendly local Solaris 2.5-or-later system for non-anecdotal > evidence of their implementation of PAM. You shouldn't have removed the "smiley"; it was important context. The reason for the check of sun.com is to determine not whether the current version of Solaris has PAM (it does), but whether future versions will have PAM. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 08:36:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA01022 for freebsd-isp-outgoing; Fri, 12 Jun 1998 08:36:15 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ve7tcp.ampr.org (ve7tcp.ampr.org [198.161.92.132]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA00999; Fri, 12 Jun 1998 08:36:08 -0700 (PDT) (envelope-from lyndon@ve7tcp.ampr.org) Received: from ve7tcp.ampr.org (localhost.ampr.org [127.0.0.1]) by ve7tcp.ampr.org (8.9.0/8.9.0) with ESMTP id JAA01665; Fri, 12 Jun 1998 09:35:22 -0600 (MDT) Message-Id: <199806121535.JAA01665@ve7tcp.ampr.org> To: The Hermit Hacker cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-reply-to: Your message of "Thu, 11 Jun 1998 22:30:45 EDT." Date: Fri, 12 Jun 1998 09:35:21 -0600 From: Lyndon Nerenberg Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> "The" == The Hermit Hacker writes: >> Use SASL instead. Unlike PAM, thee is an RFC for SASL. The> Boy, does that ever make alot of sense...both Solaris The> and Linux are adopting PAM as their authentication schemes, The> and are designing various modules for it, but let's adopt The> something because, hey, it has an RFC? IMAP4 and ACAP already use SASL. SMTP will shortly. You're going to have to install the infrastructure anyway, so you might as well use it. PAM is an adhoc bunch of gunk. I will take an RFC defined protocol any day over PAM, just because I want to know that my applications will be able to authenticate when I need them to. Anointment by Solaris or Linux does not an IETF standard make. --lyndon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 08:51:09 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id IAA04683 for freebsd-isp-outgoing; Fri, 12 Jun 1998 08:51:09 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from hub.org (hub.org [209.47.148.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA04410; Fri, 12 Jun 1998 08:49:35 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by hub.org (8.8.8/8.7.5) with SMTP id LAA13334; Fri, 12 Jun 1998 11:49:24 -0400 (EDT) Date: Fri, 12 Jun 1998 11:49:24 -0400 (EDT) From: The Hermit Hacker To: Lyndon Nerenberg cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: <199806121535.JAA01665@ve7tcp.ampr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 12 Jun 1998, Lyndon Nerenberg wrote: > >>>>> "The" == The Hermit Hacker writes: > >> Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > The> Boy, does that ever make alot of sense...both Solaris > The> and Linux are adopting PAM as their authentication schemes, > The> and are designing various modules for it, but let's adopt > The> something because, hey, it has an RFC? > > IMAP4 and ACAP already use SASL. SMTP will shortly. You're going to > have to install the infrastructure anyway, so you might as well use it. Well, this is the first time I even hear about SASL, and I tend to follow the cyrus/IMAP4/ACAP mailing list quite closely...what is SASL and where can I read more up on it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 10:21:44 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA24881 for freebsd-isp-outgoing; Fri, 12 Jun 1998 10:21:44 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from phoenix.volant.org (phoenix.volant.org [205.179.79.193]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id KAA24873 for ; Fri, 12 Jun 1998 10:21:40 -0700 (PDT) (envelope-from patl@phoenix.volant.org) From: patl@phoenix.volant.org Received: from asimov.phoenix.volant.org [205.179.79.65] by phoenix.volant.org with smtp (Exim 1.62 #1) id 0ykXW7-0005ub-00; Fri, 12 Jun 1998 10:21:31 -0700 Received: from localhost by asimov.phoenix.volant.org (SMI-8.6/SMI-SVR4) id KAA09604; Fri, 12 Jun 1998 10:19:33 -0700 Date: Fri, 12 Jun 1998 10:19:33 -0700 (PDT) Reply-To: patl@phoenix.volant.org Subject: Re: Only allow delivery of mail to users in aliases To: chas cc: "Scot W. Hetzel" , leifn@internet.dk, isp@FreeBSD.ORG In-Reply-To: <3.0.32.19980612155552.0093b100@peace.com.my> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; CHARSET=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > ... > Cyrus IMAPd does not necessarily require users in /etc/passwd in > order for them to have a mailbox. (and plus you can offer IMAP > mailboxes - more value add for customers perhaps). And it comes with support for POP3 access into the IMAP mailboxes. (NOTE that some of the IMAP features are not available through the POP protocol. This is a protocol restriction, not implementation.) > Cyrus is distributed with a choice of 2 authentication methods : > 1) Using the unix passwd file (which you have said that you do not > wish to do) > 2) Using Kerberos (which is, for some of us, more hassle that we can > do without). > > However, the authentication is done via a small program called > pwcheck. This seems easily hackable (though I've made a total > balls up of it over the past 2 weeks) to use any of the following : > 1) Radius authentication (i know a guy on a linux list who has > the mods for this) > 2) A different password file (look at getpwnam) Another easy way to do this is to simply run pwcheck in a chrooted environment. No source hacking required. > 3) A mysql database (someone on the FBSD-questions list mentioned > this - i haven't seen the mods myself though. anyone else ?) > 4) LDAP. Check http://www.wwa.com/~donley/ > Yes, I know that LDAP is not an authentication protocol per se... > but you can use it as such. > > ... > > Bottomline, Cyrus is a seriously cool piece of software > and I suspect your solution lies there - especially since the > you mentioned the use of mysql. Absolutely. IMHO one of the biggest wins is that except for the pwcheck daemon, the rest of the cyrus system, runs as an unprivileged user. -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 11:47:57 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA12616 for freebsd-isp-outgoing; Fri, 12 Jun 1998 11:47:57 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ve7tcp.ampr.org (ve7tcp.ampr.org [198.161.92.132]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA12374; Fri, 12 Jun 1998 11:46:40 -0700 (PDT) (envelope-from lyndon@ve7tcp.ampr.org) Received: from ve7tcp.ampr.org (localhost.ampr.org [127.0.0.1]) by ve7tcp.ampr.org (8.9.0/8.9.0) with ESMTP id MAA15378; Fri, 12 Jun 1998 12:46:21 -0600 (MDT) Message-Id: <199806121846.MAA15378@ve7tcp.ampr.org> To: The Hermit Hacker cc: freebsd-isp@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: SASL References In-reply-to: Your message of "Fri, 12 Jun 1998 11:49:24 EDT." Date: Fri, 12 Jun 1998 12:46:20 -0600 From: Lyndon Nerenberg Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> "The" == The Hermit Hacker writes: The> Well, this is the first time I even hear about SASL, The> and I tend to follow the cyrus/IMAP4/ACAP mailing list quite The> closely...what is SASL and where can I read more up on it? RFC2222 defines the framework and the KERBEROS_V4, SKEY, and EXTERNAL mechanisms. RFC2060 defines how SASL works with IMAP4rev1 (i.e. the AUTHENTICATE command). I don't have the ACAP references handy. The proposed SMTP SASL interface (AUTH command) is described in the I-D draft-myers-smtp-auth-*.txt. The CRAM-MD5 SASL mechanism, along with profiles for IMAP and POP, are described in RFC2195. RFC2245 describes the SASL ANONYMOUS mechanism. --lyndon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 11:54:23 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA14309 for freebsd-isp-outgoing; Fri, 12 Jun 1998 11:54:23 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from hub.org (hub.org [209.47.148.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA14042; Fri, 12 Jun 1998 11:53:01 -0700 (PDT) (envelope-from scrappy@hub.org) Received: from localhost (scrappy@localhost) by hub.org (8.8.8/8.7.5) with SMTP id OAA15476; Fri, 12 Jun 1998 14:52:47 -0400 (EDT) Date: Fri, 12 Jun 1998 14:52:47 -0400 (EDT) From: The Hermit Hacker To: Lyndon Nerenberg cc: freebsd-isp@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: SASL References In-Reply-To: <199806121846.MAA15378@ve7tcp.ampr.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, 12 Jun 1998, Lyndon Nerenberg wrote: > >>>>> "The" == The Hermit Hacker writes: > > The> Well, this is the first time I even hear about SASL, > The> and I tend to follow the cyrus/IMAP4/ACAP mailing list quite > The> closely...what is SASL and where can I read more up on it? > > RFC2222 defines the framework and the KERBEROS_V4, SKEY, and EXTERNAL > mechanisms. RFC2060 defines how SASL works with IMAP4rev1 (i.e. the > AUTHENTICATE command). I don't have the ACAP references handy. The > proposed SMTP SASL interface (AUTH command) is described in the I-D > draft-myers-smtp-auth-*.txt. > > The CRAM-MD5 SASL mechanism, along with profiles for IMAP and POP, are > described in RFC2195. RFC2245 describes the SASL ANONYMOUS mechanism. Has anyone actually *done* anything other then talk about it? (talk includes creating the RFC) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 12:18:28 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA21122 for freebsd-isp-outgoing; Fri, 12 Jun 1998 12:18:28 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from ve7tcp.ampr.org (ve7tcp.ampr.org [198.161.92.132]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA20976; Fri, 12 Jun 1998 12:17:48 -0700 (PDT) (envelope-from lyndon@ve7tcp.ampr.org) Received: from ve7tcp.ampr.org (localhost.ampr.org [127.0.0.1]) by ve7tcp.ampr.org (8.9.0/8.9.0) with ESMTP id NAA17521; Fri, 12 Jun 1998 13:17:39 -0600 (MDT) Message-Id: <199806121917.NAA17521@ve7tcp.ampr.org> To: The Hermit Hacker cc: freebsd-isp@FreeBSD.ORG, freebsd-current@FreeBSD.ORG Subject: Re: SASL References In-reply-to: Your message of "Fri, 12 Jun 1998 14:52:47 EDT." Date: Fri, 12 Jun 1998 13:17:38 -0600 From: Lyndon Nerenberg Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >>>>> "The" == The Hermit Hacker writes: The> Has anyone actually *done* anything other then talk The> about it? (talk includes creating the RFC) Well, here are a few IMAP servers that implement SASL: Cyrus KERBEROS_V4 Simeon KERBEROS_V4, CRAM-MD5, ANONYMOUS, PLAIN PMDF CRAM-MD5 * U-Wash ANONYMOUS, GSSAPI, KERBEROS_V4 * Netscape LOGIN (non-standard mechanism) Eudora CRAM-MD5 * * indicates the list is from memory and might be wrong/incomplete. In the Simeon Message Service product line we also support SASL in our IMSP server, and are adding support for it to our SMTP server. In release 2.1 of the server set (shipping Q4) we will have support for the GSSAPI mechanism. In ACAP, SASL is used exclusively for authentication. On the client side, Simeon, Mulberry, Netscape, and Pine (4) all support at least one SASL mechanism. I'm fairly certain newer versions of Eudora use it as well. --lyndon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 12:52:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA28016 for freebsd-isp-outgoing; Fri, 12 Jun 1998 12:52:30 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from rheingold.reed.edu (wcooley@c029h021.ipdorm.reed.edu [134.10.29.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA27971 for ; Fri, 12 Jun 1998 12:52:16 -0700 (PDT) (envelope-from wcooley@nakedape.ml.org) Received: from localhost (wcooley@localhost) by rheingold.reed.edu (8.8.7/8.8.7) with SMTP id MAA19784 for ; Fri, 12 Jun 1998 12:49:45 -0700 Date: Fri, 12 Jun 1998 12:49:45 -0700 (PDT) From: "W. Reilly Cooley, Esq." X-Sender: wcooley@rheingold.reed.edu To: isp@FreeBSD.ORG Subject: Re: Radius login via getty In-Reply-To: <199806120538.WAA00405@antipodes.cdrom.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Thu, 11 Jun 1998, Mike Smith wrote: > This is the "20 million flies" argument. PAM is broken as designed; > implementing it might be expedient, but will never be "right". How is PAM broken? How is the other better? Dein Wil -- ------------------------------------------------------------- W. Reilly Cooley, Esq. Naked Ape Consulting wcooley@nakedape.ml.org http://www.nakedape.ml.org Links page ----> http://www.nakedape.ml.org/links To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 15:53:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id PAA05824 for freebsd-isp-outgoing; Fri, 12 Jun 1998 15:53:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smtp03.primenet.com (daemon@smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA05815; Fri, 12 Jun 1998 15:53:04 -0700 (PDT) (envelope-from tlambert@usr01.primenet.com) Received: (from daemon@localhost) by smtp03.primenet.com (8.8.8/8.8.8) id PAA22271; Fri, 12 Jun 1998 15:52:59 -0700 (MST) Received: from usr01.primenet.com(206.165.6.201) via SMTP by smtp03.primenet.com, id smtpd022255; Fri Jun 12 15:52:55 1998 Received: (from tlambert@localhost) by usr01.primenet.com (8.8.5/8.8.5) id PAA23412; Fri, 12 Jun 1998 15:52:51 -0700 (MST) From: Terry Lambert Message-Id: <199806122252.PAA23412@usr01.primenet.com> Subject: Re: SASL References To: lyndon@ve7tcp.ampr.org (Lyndon Nerenberg) Date: Fri, 12 Jun 1998 22:52:50 +0000 (GMT) Cc: scrappy@hub.org, freebsd-isp@FreeBSD.ORG, freebsd-current@FreeBSD.ORG In-Reply-To: <199806121846.MAA15378@ve7tcp.ampr.org> from "Lyndon Nerenberg" at Jun 12, 98 12:46:20 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I don't have the ACAP references handy. The > proposed SMTP SASL interface (AUTH command) is described in the I-D > draft-myers-smtp-auth-*.txt. I like this (a bit), but I hate the use to which it is supposedly going to be put by Qualcomm: http://www.imc.org/draft-gellens-on-demand Which is basically a workaround for ISP brain damage that can only be implemented by non-brain-damaged ISPs. It's a tautology. This a very annoying. The same functionality for dynamic IP addresses polling a server for queued mail is available through a correctly configured split dynamic DNS and the existing ETRN verb. The real pain here is that the ISP will have to correctly configure things in both instances, and the draft suggests a kludge for an authenticated method for turning the connection around ("ATRN") to no real benefit beyond what a competent ISP would provide in the non-kludged case. Either they have a clue or they don't; it's a binary value in this case. 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( 8-( I would be much happier if they just documented best known practice, instead of complicating the hell out of SMTP for no good reason. If they have to complicate the hell out of SMTP, the least they could do is not use the semantics they've chosen. Why add a new verb, ATRN, instead of using the existing verb, TURN? To get the additional (and optional and ill-thought-out) domain argument(s)? The semantics of TURN can be redefined in the presence of the AUTH to get this behaviour (should someone want to bogify their SMTP server unnecessarily). Everyone denies TURN as it is, anyway, so it's a non-verb. And the brain damage of domain arguments themselves: why require the 450 response if there is no mail queued for the domain(s)? The 450 response dictates implementation, or it dictates a very large amount of work, depending on how queues are stored. It's stupid, and it's going to take as much time anyway, so the server might as well just turn around immediately, and if it has no mail for the domain(s), as a client it can send a "QUIT" verb to the client-cum-server. At the very least, they should redefine the response: "450 shove off you compute intensive PIG!" So that I can say that I'm not going to traverse my whole queue for another hour (insert configurable interval here) if I didn't find anything the last time you bothered me to run my whole queue for no good reason. I sent mail to Randy a long time ago on this, but haven't heard anything back. I was much more polite in that mail. 8-(. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Jun 12 23:52:42 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id XAA08936 for freebsd-isp-outgoing; Fri, 12 Jun 1998 23:52:42 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from smtp03.primenet.com (daemon@smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA08931; Fri, 12 Jun 1998 23:52:40 -0700 (PDT) (envelope-from tlambert@usr04.primenet.com) Received: (from daemon@localhost) by smtp03.primenet.com (8.8.8/8.8.8) id XAA20660; Fri, 12 Jun 1998 23:52:39 -0700 (MST) Received: from usr04.primenet.com(206.165.6.204) via SMTP by smtp03.primenet.com, id smtpd020654; Fri Jun 12 23:52:35 1998 Received: (from tlambert@localhost) by usr04.primenet.com (8.8.5/8.8.5) id XAA29599; Fri, 12 Jun 1998 23:52:21 -0700 (MST) From: Terry Lambert Message-Id: <199806130652.XAA29599@usr04.primenet.com> Subject: Re: SASL References To: tlambert@primenet.com (Terry Lambert) Date: Sat, 13 Jun 1998 06:52:21 +0000 (GMT) Cc: lyndon@ve7tcp.ampr.org, scrappy@hub.org, freebsd-isp@FreeBSD.ORG, freebsd-current@FreeBSD.ORG In-Reply-To: <199806122252.PAA23412@usr01.primenet.com> from "Terry Lambert" at Jun 12, 98 10:52:50 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > I sent mail to Randy a long time ago on this, but haven't heard > anything back. I was much more polite in that mail. 8-(. Well, if nothing else, saying that I hvent gotten a response on a public list is the surest way to guarantee a response is waiting for me after I hit "send". 8-). Most of the issues were resolved how I expected them to be; the one remaining problem is the namespace pollution, but that's somewhat excusable by assuming that the implementation is seperate from sendmail. I still think that if you are expecting an ISP to have a clue, you should expect exactly one kind of clue, instead of one of several, but I'm willing to agree to disagree. 8-). Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 00:52:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id AAA14038 for freebsd-isp-outgoing; Sat, 13 Jun 1998 00:52:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from dnamail.dnanet.com ([204.216.40.12]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id AAA14018 for ; Sat, 13 Jun 1998 00:52:09 -0700 (PDT) (envelope-from tmiller@pangeatech.com) Received: from PC48 (PC48 [207.218.85.175]) by dnamail.dnanet.com (NTMail 3.02.10) with ESMTP id na242905 for ; Sat, 13 Jun 1998 00:52:08 -0700 Message-ID: <000901bd96a0$139668c0$af55dacf@Allegro.primenet.com> From: "Tracy Miller" To: Subject: subscribe Date: Sat, 13 Jun 1998 00:51:25 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0005_01BD9665.64C2E740" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.3110.1 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.1 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org This is a multi-part message in MIME format. ------=_NextPart_000_0005_01BD9665.64C2E740 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit subscribe Tracy Miller MCSE/CNE/A+ tmiller@pangeatech.com ------=_NextPart_000_0005_01BD9665.64C2E740 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
subscribe
 
Tracy Miller
MCSE/CNE/A+
tmiller@pangeatech.com
------=_NextPart_000_0005_01BD9665.64C2E740-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 04:43:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA08589 for freebsd-isp-outgoing; Sat, 13 Jun 1998 04:43:39 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from darla.swimsuit.internet.dk (mail.swimsuit.internet.dk [194.255.12.232]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA08583 for ; Sat, 13 Jun 1998 04:43:36 -0700 (PDT) (envelope-from root@internet.dk) Received: from localhost (localhost.swimsuit.internet.dk [127.0.0.1]) by darla.swimsuit.internet.dk (8.8.8/8.8.8) with SMTP id NAA00830 for ; Sat, 13 Jun 1998 13:43:13 +0200 (CEST) (envelope-from root@internet.dk) Date: Sat, 13 Jun 1998 13:43:12 +0200 (CEST) From: Leif Neland X-Sender: root@darla.swimsuit.internet.dk To: isp@FreeBSD.ORG Subject: split maildirs Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I have seen references to splitting the user/maildirs after the first letter in the username, i.e. /usr/mail/j/johndoe, /usr/mail/p/peterpan However, our usernames are numerical, so I'd like to split by last letter, i.e. /usr/mail/2/u01342, /usr/mail/3/u01343. Can sendmail and qpopper/cyrus handle this? Leif Neland To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 04:43:46 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id EAA08606 for freebsd-isp-outgoing; Sat, 13 Jun 1998 04:43:46 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from darla.swimsuit.internet.dk (mail.swimsuit.internet.dk [194.255.12.232]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id EAA08601 for ; Sat, 13 Jun 1998 04:43:43 -0700 (PDT) (envelope-from root@internet.dk) Received: from localhost (localhost.swimsuit.internet.dk [127.0.0.1]) by darla.swimsuit.internet.dk (8.8.8/8.8.8) with SMTP id NAA00814 for ; Sat, 13 Jun 1998 13:39:43 +0200 (CEST) (envelope-from root@internet.dk) Date: Sat, 13 Jun 1998 13:39:43 +0200 (CEST) From: Leif Neland X-Sender: root@darla.swimsuit.internet.dk To: isp@FreeBSD.ORG Subject: how make sendmail just queue local mail, not deliver. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I need to put the maildrop dir on another disk, because of space requirements. It has to be done almost on the fly, because it is the main mailserver and radius autenticator. So I'll shut down, install the new (already fdisk, mkfs'ed) disk and reboot. While the system is online I'll move the users mailfiles, and then mount the new disk on top of the old /var/spool/mail. So I'll need to disable sendmail from delivering local mail while I'm copying, it should just accept and queue it. How do I do this? The pop-3 daemon will just get an empty maildir and a bulletin. Leif Neland To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 05:52:44 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id FAA13715 for freebsd-isp-outgoing; Sat, 13 Jun 1998 05:52:44 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from news1.gtn.com (news1.gtn.com [194.77.0.15]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id FAA13710; Sat, 13 Jun 1998 05:52:40 -0700 (PDT) (envelope-from andreas@klemm.gtn.com) Received: (from uucp@localhost) by news1.gtn.com (8.8.6/8.8.6) with UUCP id OAA20988; Sat, 13 Jun 1998 14:45:16 +0200 (MET DST) Received: (from andreas@localhost) by klemm.gtn.com (8.8.8/8.8.8) id OAA12035; Sat, 13 Jun 1998 14:26:36 +0200 (CEST) (envelope-from andreas) Message-ID: <19980613142636.A5623@klemm.gtn.com> Date: Sat, 13 Jun 1998 14:26:36 +0200 From: Andreas Klemm To: Terry Lambert , The Hermit Hacker Cc: isp@FreeBSD.ORG, current@FreeBSD.ORG Subject: Re: Radius login via getty References: <199806120311.UAA11298@usr09.primenet.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: <199806120311.UAA11298@usr09.primenet.com>; from Terry Lambert on Fri, Jun 12, 1998 at 03:10:59AM +0000 X-Disclaimer: A free society is one where it is safe to be unpopular X-Operating-System: FreeBSD 3.0-CURRENT SMP Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Jun 12, 1998 at 03:10:59AM +0000, Terry Lambert wrote: > > > PAM has a number of known problems. > > > > > > Use SASL instead. Unlike PAM, thee is an RFC for SASL. > > > > Boy, does that ever make alot of sense...both Solaris and Linux > > are adopting PAM as their authentication schemes, and are designing > > various modules for it, but let's adopt something because, hey, it has an > > RFC? > > Check www.sun.com, "PAM-boy"; Sun's "adoption" of PAM is anecdotal. And Linux strikes again ;-) http://www.sun.com/software/solaris/datasheets/pam.html PAM is also available on other favors of UNIX, especially the CDE vendors. However, it was the team of volunteers from the Red Hat LINUX team that really got the maximum out of PAM! They have developed many more (25+) modules using PAM. http://www.kernel.org/pub/linux/libs/pam/modules.html Look, not bad. -- Andreas Klemm http://www.FreeBSD.ORG/~andreas What gives you 90% more speed, for example, in kernel compilation ? http://www.FreeBSD.ORG/~fsmp/SMP/akgraph-a/graph1.html "NT = Not Today" (Maggie Biggs) ``powered by FreeBSD SMP'' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 09:34:37 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA06442 for freebsd-isp-outgoing; Sat, 13 Jun 1998 09:34:37 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from rheingold.reed.edu (wcooley@c029h021.ipdorm.reed.edu [134.10.29.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA06436 for ; Sat, 13 Jun 1998 09:34:33 -0700 (PDT) (envelope-from wcooley@nakedape.ml.org) Received: from localhost (wcooley@localhost) by rheingold.reed.edu (8.8.7/8.8.7) with SMTP id JAA25643; Sat, 13 Jun 1998 09:31:54 -0700 Date: Sat, 13 Jun 1998 09:31:53 -0700 (PDT) From: "W. Reilly Cooley, Esq." X-Sender: wcooley@rheingold.reed.edu To: Leif Neland cc: isp@FreeBSD.ORG Subject: Re: how make sendmail just queue local mail, not deliver. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 13 Jun 1998, Leif Neland wrote: > So I'll need to disable sendmail from delivering local mail while I'm > copying, it should just accept and queue it. > > How do I do this? 'sendmail -bd -O DeliveryMode=q' You might also have to use '-qTIME', I'm not sure. See 'man sendmail'. Dein Wil -- ------------------------------------------------------------- W. Reilly Cooley, Esq. Naked Ape Consulting wcooley@nakedape.ml.org http://www.nakedape.ml.org Links page ----> http://www.nakedape.ml.org/links To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 09:37:45 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA06840 for freebsd-isp-outgoing; Sat, 13 Jun 1998 09:37:45 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from axe.cablenet.net (axe.cablenet.net [195.248.96.20]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA06830 for ; Sat, 13 Jun 1998 09:37:37 -0700 (PDT) (envelope-from damian@axe.cablenet.net) Received: from cablenet.net (localhost [127.0.0.1]) by axe.cablenet.net (8.9.0.Beta3/8.6.9) with ESMTP id RAA07506 for ; Sat, 13 Jun 1998 17:21:37 +0100 (BST) Message-ID: <3582A710.246378BE@cablenet.net> Date: Sat, 13 Jun 1998 17:21:36 +0100 From: Damian Hamill Organization: CableNet Ltd X-Mailer: Mozilla 4.05 [en] (X11; I; SunOS 4.1.4 sun4m) MIME-Version: 1.0 To: freebsd-isp@FreeBSD.ORG Subject: Server Co-location Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org One of my clients has a web server situated in the US, served by a T1 from UUnet. However he has big problem in that he doesn't really have anyone to look after it for him, other than his support contracts from his suppliers. I'm trying to find out if he can get a better deal from a US based ISP, either by co-locating his server in an ISP's PoP (with 24x7 management of the server by the ISP) or by renting web space (about 20GB). His server is a Sun Netra and it could become available as part of the deal. Any offers ? regards damian -- * Damian Hamill M.D. damian@cablenet.net * CableNet & The Landscape Channel * http://www.cablenet.net/ http://www.landscapetv.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 11:36:12 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id LAA19531 for freebsd-isp-outgoing; Sat, 13 Jun 1998 11:36:12 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from darla.swimsuit.internet.dk (mail.swimsuit.internet.dk [194.255.12.232]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA19526 for ; Sat, 13 Jun 1998 11:36:09 -0700 (PDT) (envelope-from root@internet.dk) Received: from localhost (localhost.swimsuit.internet.dk [127.0.0.1]) by darla.swimsuit.internet.dk (8.8.8/8.8.8) with SMTP id UAA00396; Sat, 13 Jun 1998 20:34:54 +0200 (CEST) (envelope-from root@internet.dk) Date: Sat, 13 Jun 1998 20:34:54 +0200 (CEST) From: Leif Neland X-Sender: root@darla.swimsuit.internet.dk To: chas cc: "Scot W. Hetzel" , leifn@internet.dk, isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: <3.0.32.19980612155552.0093b100@peace.com.my> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Cyrus IMAPd does not necessarily require users in /etc/passwd in > order for them to have a mailbox. (and plus you can offer IMAP > mailboxes - more value add for customers perhaps). > IMAP? No thanks. The only place for the customers mail is on their harddisk; I have enough trouble with people who leave mail on the server with pop3 already. Most people wouldn't understand IMAP anyway. Leif Neland To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 12:55:52 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA28980 for freebsd-isp-outgoing; Sat, 13 Jun 1998 12:55:52 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from Gatekeeper.Alameda.net (ulf@gatekeeper.Alameda.net [207.90.181.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA28974 for ; Sat, 13 Jun 1998 12:55:50 -0700 (PDT) (envelope-from ulf@Gatekeeper.Alameda.net) Received: by Gatekeeper.Alameda.net (8.9.0/8.8.6) id MAA17647; Sat, 13 Jun 1998 12:55:53 -0700 (PDT) Message-ID: <19980613125552.A9859@Alameda.net> Date: Sat, 13 Jun 1998 12:55:52 -0700 From: Ulf Zimmermann To: Damian Hamill , freebsd-isp@FreeBSD.ORG Subject: Re: Server Co-location Reply-To: ulf@Alameda.net References: <3582A710.246378BE@cablenet.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.91.1i In-Reply-To: <3582A710.246378BE@cablenet.net>; from Damian Hamill on Sat, Jun 13, 1998 at 05:21:36PM +0100 Organization: Alameda Networks, Inc. X-Operating-System: FreeBSD 2.2.2-RELEASE Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, Jun 13, 1998 at 05:21:36PM +0100, Damian Hamill wrote: > One of my clients has a web server situated in the US, served by a T1 > from UUnet. However he has big problem in that he doesn't really > have anyone to look after it for him, other than his support contracts > from his suppliers. > > I'm trying to find out if he can get a better deal from a US based ISP, > either by co-locating his server in an ISP's PoP (with 24x7 management > of the server by the ISP) or by renting web space (about 20GB). > > His server is a Sun Netra and it could become available as part of > the deal. > > Any offers ? We offer colocation and we can also look after machines if needed. We could also host the web pages on our servers. See http://www.Alameda.net/ > > regards > damian > > -- > * Damian Hamill M.D. damian@cablenet.net > * CableNet & The Landscape Channel > * http://www.cablenet.net/ http://www.landscapetv.com/ > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message -- Regards, Ulf. --------------------------------------------------------------------- Ulf Zimmermann, 1525 Pacific Ave., Alameda, CA-94501, #: 510-769-2936 Alameda Networks, Inc. | http://www.Alameda.net | Fax#: 510-521-5073 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 14:00:24 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id OAA07713 for freebsd-isp-outgoing; Sat, 13 Jun 1998 14:00:24 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mfisher.harborcom.net (root@mfisher.harborcom.net [206.158.4.221]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA07692 for ; Sat, 13 Jun 1998 14:00:09 -0700 (PDT) (envelope-from mfisher@harborcom.net) Received: from mfisher (helo=localhost) by mfisher.harborcom.net with local-smtp (Exim 1.92 #1) id 0ykxNx-0000Lp-00; Sat, 13 Jun 1998 16:58:49 -0400 Date: Sat, 13 Jun 1998 16:58:48 -0400 (EDT) From: Mike Fisher Reply-To: Mike Fisher To: Leif Neland cc: isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 13 Jun 1998, Leif Neland wrote: > IMAP? No thanks. The only place for the customers mail is on their > harddisk; I have enough trouble with people who leave mail on the server > with pop3 already. Most people wouldn't understand IMAP anyway. That's a good philosophy. Customers should not be allowed to manage their email from two locations (i.e. home and work). Are you familiar with the IMAP protocol's advantages over POP3 at all? http://www.imap.org/imap.vs.pop.brief.html Just install Cyrus and set up reasonable disk quotas. Your customers should appreciate it. If not now, then later when IMAP4 mail clients become more prevalent (or the possibly the default from the big boys). -- Mike "I swear - by my life and by my love of it - that I will never live for the sake of another man, nor ask another man to live for mine." --Ayn Rand, _Atlas Shrugged_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 17:52:00 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA29499 for freebsd-isp-outgoing; Sat, 13 Jun 1998 17:52:00 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from rheingold.reed.edu (wcooley@c029h021.ipdorm.reed.edu [134.10.29.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA29492 for ; Sat, 13 Jun 1998 17:51:59 -0700 (PDT) (envelope-from wcooley@nakedape.ml.org) Received: from localhost (wcooley@localhost) by rheingold.reed.edu (8.8.7/8.8.7) with SMTP id RAA26961 for ; Sat, 13 Jun 1998 17:49:00 -0700 Date: Sat, 13 Jun 1998 17:49:00 -0700 (PDT) From: "W. Reilly Cooley, Esq." X-Sender: wcooley@rheingold.reed.edu To: isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 13 Jun 1998, Mike Fisher wrote: > Just install Cyrus and set up reasonable disk quotas. Your customers > should appreciate it. If not now, then later when IMAP4 mail clients > become more prevalent (or the possibly the default from the big boys). Where can one get Cyrus and read more about it? Dein Wil -- ------------------------------------------------------------- W. Reilly Cooley, Esq. Naked Ape Consulting wcooley@nakedape.ml.org http://www.nakedape.ml.org Links page ----> http://www.nakedape.ml.org/links To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 20:45:44 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA12931 for freebsd-isp-outgoing; Sat, 13 Jun 1998 20:45:44 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from mfisher.harborcom.net (root@mfisher.harborcom.net [206.158.4.221]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA12922 for ; Sat, 13 Jun 1998 20:45:40 -0700 (PDT) (envelope-from mfisher@harborcom.net) Received: from mfisher (helo=localhost) by mfisher.harborcom.net with local-smtp (Exim 1.92 #1) id 0yl3jU-0000Wy-00; Sat, 13 Jun 1998 23:45:28 -0400 Date: Sat, 13 Jun 1998 23:45:27 -0400 (EDT) From: Mike Fisher To: "W. Reilly Cooley, Esq." cc: isp@FreeBSD.ORG Subject: Re: Only allow delivery of mail to users in aliases In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 13 Jun 1998, W. Reilly Cooley, Esq. wrote: > Where can one get Cyrus and read more about it? Get Cyrus: /usr/ports/mail/cyrus Read more about it: http://andrew2.andrew.cmu.edu/cyrus/imapd -- Mike "I swear - by my life and by my love of it - that I will never live for the sake of another man, nor ask another man to live for mine." --Ayn Rand, _Atlas Shrugged_ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Sat Jun 13 20:55:15 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA13963 for freebsd-isp-outgoing; Sat, 13 Jun 1998 20:55:15 -0700 (PDT) (envelope-from owner-freebsd-isp@FreeBSD.ORG) Received: from aniwa.sky (aniwa.actrix.gen.nz [203.96.56.186]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA13952 for ; Sat, 13 Jun 1998 20:55:03 -0700 (PDT) (envelope-from andrew@squiz.co.nz) Received: from localhost (andrew@localhost) by aniwa.sky (8.8.7/8.8.7) with SMTP id PAA19769 for ; Sun, 14 Jun 1998 15:54:40 +1200 (NZST) (envelope-from andrew@squiz.co.nz) X-Authentication-Warning: aniwa.sky: andrew owned process doing -bs Date: Sun, 14 Jun 1998 15:54:40 +1200 (NZST) From: Andrew McNaughton X-Sender: andrew@aniwa.sky Reply-To: andrew@squiz.co.nz To: isp@FreeBSD.ORG Subject: Re: how make sendmail just queue local mail, not deliver. In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 13 Jun 1998, W. Reilly Cooley, Esq. wrote: > On Sat, 13 Jun 1998, Leif Neland wrote: > > > So I'll need to disable sendmail from delivering local mail while I'm > > copying, it should just accept and queue it. > > > > How do I do this? I've got the reverse problem. I want to disable all external delivery, and just queue stuff so I can look at what would be delivered. Any suggestions? Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message