From owner-freebsd-questions@FreeBSD.ORG Tue Aug 17 22:55:51 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE35F16A4CE for ; Tue, 17 Aug 2004 22:55:51 +0000 (GMT) Received: from ms-smtp-03.rdc-kc.rr.com (ms-smtp-03.rdc-kc.rr.com [24.94.166.129]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6A35643D39 for ; Tue, 17 Aug 2004 22:55:51 +0000 (GMT) (envelope-from mcabanatuan@wi.rr.com) Received: from [192.168.0.3] (CPE-65-31-156-223.wi.rr.com [65.31.156.223]) i7HMtljE010544; Tue, 17 Aug 2004 17:55:48 -0500 (CDT) Message-ID: <41228CF3.50709@wi.rr.com> Date: Tue, 17 Aug 2004 17:55:47 -0500 From: Marc Cabanatuan User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040814) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Marc Cabanatuan References: <412279F4.7040805@wi.rr.com> <41227CC2.7060303@mac.com> <41228B53.9080405@wi.rr.com> In-Reply-To: <41228B53.9080405@wi.rr.com> X-Enigmail-Version: 0.85.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: Symantec AntiVirus Scan Engine cc: freebsd-questions@freebsd.org Subject: Re: multi-homing and pf; removing user with uid 0 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Aug 2004 22:55:51 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oh also, when i connect to a service bound to the primary IP (say its a .2) and im connecting to a .6 to the SAME service (not bound to the address) it goes right to .2 eg, i can ssh to .6 and it allows me to get to the box. i would really like it to be completely seperate, or at least as seperate as possible. Marc Cabanatuan wrote: | so far ive got this along with the primary inet address with the | /27 subnet mask in /etc/rc.conf | | | ifconfig_rl0_alias*="inet 0.0.0.0 netmask 255.255.255.255" | (replacing 0's with ip address of course) Chuck Swiger wrote: | | | Marc Cabanatuan wrote: [ ... ] | |> Right now I've got a /27 and | I am attemtpting to add 5 addresses |> of that adress block (ipv4) | to the box as either seperate |> addreses (not aliases to the | primary interface) or seperate |> addresses bound to | sub-interfaces. So far I have been |> unsuccessful and the host | told me to use aliases. | | | FreeBSD doesn't let you configure | multiple IP addresses within the | same subnet. You will either | have to use different netmasks, or | else use aliases as | recommended. | |> I also wish for these settings to stay after | (re)boot. | | | See /etc/rc.conf, and add something like: | | # | Sample alias entry. #ifconfig_lo0_alias0="inet 127.0.0.254 | | netmask 0xffffffff" | |> Not to mention they say my firewall is the | problem and they |> couldn't get out to the internet from root | console (im using pf |> and have the rule of 'pass out all'. | | | | Hmm. | |> Next thing, a second account just 'showed up' on the box | with uid |> 0. |> |> toor:*:0:0:Bourne-again Superuser:/root: - | from |> /etc/master.passwd |> |> I suspect it was techs from the | host, but I want it off the |> machine. How do I do this? | | | | FreeBSD ships with a toor account available but disabled, which can | | be useful if someone breaks the shell used by the root account | | itself. If you want to get rid of it, run vipw. | | _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" - -- Marc Cabanatuan Network and Systems Administrator A+, Net+, Linux+, CCNA, MCP -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBIozzQXmDWC9ByjIRAspSAKC4btPRPk9M7PECUPznYrK+hCcGpQCgtyeY HBFN/sExTav5yPcF8lvWV9I= =6Z6W -----END PGP SIGNATURE-----