Date: Sun, 1 Nov 1998 17:31:02 +0100 From: "Jonas Ericson" <dow489o@tninet.se> To: <aaron@csh.rit.edu> Cc: <questions@FreeBSD.ORG> Subject: SV: User PPP and Packetfiltering Message-ID: <01be05b5$041420c0$3b4aa3c3@nt1>
next in thread | raw e-mail | index | archive | help
-----Ursprungligt meddelande----- Från: Aaron Jeremias Luz <aaron@csh.rit.edu> Till: Jonas Ericson <dow489o@tninet.se> Kopia: questions@FreeBSD.ORG <questions@FreeBSD.ORG> Datum: den 30 oktober 1998 01:54 Ämne: Re: User PPP and Packetfiltering On Tue, Oct 27, 1998 at 04:54:17PM +0100, Jonas Ericson wrote: > Hi! > I have a question about packet filtering! > I use the 2.2.7 realese. I use my box as a Samba server aswell as a Gateway > for my win95 > machines (with user ppp ). Now for the question: When i want to access the > Samba server from > a win95 machine the -auto switch trigger the modem to dial and itīs nothing > strange about that! > but i donīt want it to be triggered when i want to connect to a Sambashare, > only when i want to > access the internet via http(80). I have tried to understand the syntax from > the man ppp but have > not succeded. > Many Thanks! > > > J.B.Ericson > dow486o@tninet.se I think you'll find that DNS lookups are being made on the SMB name of your Win95 machine, so a simple filtering approach won't work. Try defining REDUCE_ROOT_DNS_LOOKUPS when you build Samba. That did the trick for me when I was installing Samba on a 2.2.5R machine which also ran "ppp -auto -alias" for a number of Windows 95 machines. Here's the patch I used for the port of Samba 1.9.17p2 on FreeBSD 2.2.5R. *** Makefile.orig Thu Jul 2 13:32:24 1998 --- Makefile Thu Jul 2 13:32:38 1998 *************** *** 385,391 **** # This is for FreeBSD # contributed by kuku@acds.physik.rwth-aachen.de ! FLAGSM = -DFreeBSD -DFAST_SHARE_MODES LIBSM = -lcrypt --- 385,391 ---- # This is for FreeBSD # contributed by kuku@acds.physik.rwth-aachen.de ! FLAGSM = -DFreeBSD -DFAST_SHARE_MODES -DREDUCE_ROOT_DNS_LOOKUPS LIBSM = -lcrypt Good luck, Aaron Hi Aaron ! First of all i will thank you for your answer! I'm very sorry for bothering you whith questions you might think is trivial. I have tried to build 1.9.17p2 like you said with the -DREDUCE_ROOT_DNS_LOOKUPS LIBSM = -lcrypt defenition, but itīs still the same result, i think? Please could you get a litle more specific about your configuration! When i log tcp/ip in ppp, i can see that the win95 box sends DNS lookups packets wich not corresponds to the DNS port 53, why? they come in the range of 1025-1048 or something like that. Why do win95 use diffrent ports for the same service? So this is a paradox for me, as you said packet filtering isnīt the answer because you never know what port the DNS lookups arrives at. Am i right? Many thanks Jonas To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01be05b5$041420c0$3b4aa3c3>