From owner-freebsd-questions  Wed May 29 16:21:35 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from infinity.aesredfish.net (ns1.aesredfish.net [65.168.0.12])
	by hub.freebsd.org (Postfix) with ESMTP id 99C5037B409
	for <questions@freebsd.org>; Wed, 29 May 2002 16:21:28 -0700 (PDT)
Received: from potentialtech.com (mhope-dhcp-65-168-1-181.dashfast.com [65.168.1.181])
	by infinity.aesredfish.net (8.11.6/8.11.0) with ESMTP id g4TNKsU21956;
	Wed, 29 May 2002 19:20:56 -0400
Message-ID: <3CF563B1.4090207@potentialtech.com>
Date: Wed, 29 May 2002 19:26:41 -0400
From: Bill Moran <wmoran@potentialtech.com>
User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0rc1) Gecko/20020502
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Pete C <christie@idsi.net>
Cc: questions@freebsd.org
Subject: Re: User PPP and dial in ISP
References: <3CF55EC8.9030707@idsi.net>
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Pete C wrote:
> I recently started experimenting with FreeBSD PPP for use as a 
> router/gateway for my home network (just two machines right now, one 
> FreeBSD box and one Win98).
> I have it up and running, but am wondering about alot of what seem to be 
> 'random' attempts to connect.

Do you have any daemons running that might do DNS lookups?  I've seen
this from named mostly, but other daemons as well.  When things expire,
the daemon will try to refresh the information.  There are lots of
daemons that may periodically want to contact another computer on the
internet.  It's not really random, it's just that you aren't aware of
what's really happening.
One thing to do is to run tcpdump on the tun0 (or whatever) interface
and wait for the "random" dial-out to occur.  The port# may be enough
to tell you what's going on, or you may have to do a little more
digging if it's just a DNS query.
named has an option that tells it to batch it's DNS refreshes to avoid
extraneous dialouts.  Many other daemons will have similar options.  For
ones that don't, you may want to consider firewalling your system to
prevent them from contacting the Internet (NFS or SMB are good examples)

-- 
Bill Moran
Potential Technology
http://www.potentialtech.com


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message