Date: Wed, 25 Aug 1999 07:25:42 -0700 (PDT) From: "William L. Hamlin" <whamlin@connetsys.com> To: Michael Williams <sdynamic@xtra.co.nz> Cc: freebsd-security@freebsd.org, fwtk-users@lists.nai.com Subject: Re: IPBind patch for fwtk on freeBSD 3.2 Message-ID: <Pine.GSO.4.01.9908250715420.660-100000@fearless> In-Reply-To: <007501beeec6$e3de13f0$061ea8c0@sdk6.sd.co.nz>
next in thread | previous in thread | raw e-mail | index | archive | help
Michael, Which version of IPBind are you using? If you are using anything older than 1.2, get the newest one - that will probably be your problem. There are known issues with earlier versions attempting to bind specific IP addresses on some systems. My next suggestion would be to verify that the IP address you are specifying (172.16.30.4) is indeed the one that you want to use and that it is correctly configured on the local machine. I know this sounds basic, but most of the problem e-mails I get regarding the patch end up being this very problem. A good sign of a computer nut is that his eyes are almost completely blurry from working all night... If that doesn't work, I'm at a bit of a loss. I don't have access to a FreeBSD machine right now and thus can't bang on it. However, if you (or anyone) has such a system on the Internet on which they can give me a temporary login (and gcc, of course), I can take a look and see for myself. Or maybe someone else has already gotten it working? Actually, I've gotten very little response from people regarding the patch working on different operating systems. Since this is going out to the list, if any of you have gotten it working, could you please let me know what platform/OS and any changes you had to make? - Bill --- William L. Hamlin Systems Architect Convergent Networking Systems, Inc. On Wed, 25 Aug 1999, Michael Williams wrote: > [To be removed from this list send the message "unsubscribe fwtk-users" in the > BODY of a mail message to majordomo@ex.tis.com.] > > Has anyone used the really cool fwtk IPBind patch for daemon mode plug-gw > proxies with success on any of the freeBSD OS version's?. > > I have found it to work exactly as expected under RedHat Linux 6.0 as per > the syslog entries at the end of this mail. > > The documentation clearly states, > This patch has been tested and verified on the following systems: > > Solaris 2.5.1 (sparc) > Solaris 2.5 (x86) > > So I am not expecting to much as it does work on my test RedHat server just > not on the freeBSD 3.2 server which happens to be the gateway I want to use > this on (: > > However looking through the source code I can see that under freeBSD it > makes it through the create socket call, then the setsockopt call OK but > fails on the Bind seeming to not like the address. > I am not sure how to figure out if the problem is an access rights issue or > perhaps an address:port format issue. > > A point worth noting is that when configured to bind the port only, then > the bind is fine and in fact the proxy works as expected and when run in > daemon mode sets up a listener on *.port for all interfaces. > > I do have an IPFW rulebase loaded on the freeBSD server which does not seem > to interfere as the plug-gw behaves fine as bind to port only. > > Looking through my 4.4BSD books I can see that the bind call is quite happy > to bind the address of 0/ and decide on the fly the correct interface and > this made me wonder if it wanted to bind to an interface address rather than > an IP address?. > > I am starting the proxy with the following, > /usr/local/etc/plug-gw -daemon 192.168.30.3:80 -name plug-http > > Here are the syslog entries from both servers. > Hope they come through legible. > > redhat 6 linux 2.2.15-22 kernel. > Aug 23 18:26:17 xmailgate plug-gw[615]: Starting daemon mode on ip > 192.168.30.3(192.168.30.3), port 80 > . > . > Aug 25 05:10:54 xmailgate plug-gw[1139]: HERE!!! av[0] = 80 > Aug 25 05:10:54 xmailgate last message repeated 3 times > Aug 25 05:10:54 xmailgate plug-gw[1139]: YO!!! localip = 192.168.30.3 > Aug 25 05:10:54 xmailgate plug-gw[1139]: connect > host=sdakx0.xx.xx/192.168.30.10 destination=10.0.30.4/8080 > > > freebsd 3.2 kernel > Aug 24 06:13:19 sd172-lx52 plug-gw[1810]: Starting daemon mode on ip > 172.16.30.4 > (172.16.30.4), port 81 > Aug 24 06:13:19 sd172-lx52 plug-gw[1810]: Failed to bind port 81, Can't > assign requested address > > Any helpfull comment would be appreciated. > Thanks, > Mike. > > Michael Williams > Software Dynamics > mailto:sdynamic@xtra.co.nz > http://www.voyager.co.nz/~michaelw > cell ph: 025 995 914 > ph: +64 9 2744876 > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.01.9908250715420.660-100000>