From owner-freebsd-net  Tue Jul 25 22:31:37 2000
Delivered-To: freebsd-net@freebsd.org
Received: from obie.softweyr.com (obie.softweyr.com [204.68.178.33])
	by hub.freebsd.org (Postfix) with ESMTP
	id B324137BE4A; Tue, 25 Jul 2000 22:31:29 -0700 (PDT)
	(envelope-from wes@softweyr.com)
Received: from softweyr.com (Foolstrustident!@homer.softweyr.com [204.68.178.39])
	by obie.softweyr.com (8.8.8/8.8.8) with ESMTP id XAA04440;
	Tue, 25 Jul 2000 23:31:27 -0600 (MDT)
	(envelope-from wes@softweyr.com)
Message-ID: <397E78B1.BDE3A622@softweyr.com>
Date: Tue, 25 Jul 2000 23:35:45 -0600
From: Wes Peters <wes@softweyr.com>
Organization: Softweyr LLC
X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.1-RC i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Robert Watson <rwatson@FreeBSD.ORG>
Cc: "Roberto Nunnari, AGIE" <roberto.Nunnari@agie.ch>,
	Nick Rogness <nick@rapidnet.com>, net@FreeBSD.ORG
Subject: Re: gateway strange behaviour for telnet and ftp
References: <Pine.NEB.3.96L.1000724125838.41604H-100000@fledge.watson.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Robert Watson wrote:
> 
> On Mon, 24 Jul 2000, Wes Peters wrote:
> 
> > Because the server daemones for each of those do the reverse lookup, for
> > logging and/or authentication purposes.  Ping never gets out of the IP
> > stack; one of the reasons it is preferred for testing connectivity is the
> > minimal load it imposes on the target being pinged.
> 
> This has gotten worse recently (well, relatively recently) with inclusion
> of TCP wrappers in standard binaries, including inetd, et al.  Introducing
> DNS lookups is actually fairly irritating, especially given that most of
> the checks there are somewhat bogus, as easily spoofed :-).  I don't
> believe our default wrapper rules should require DNS lookups; it would be
> nice if they didn't do them.
> 
> Would also be nice if we logged IPs as well as hostnames in wtmp all of
> the time.

It would be better to just log the IP address and make who et al smart
enough to do the reverse lookup at display time.

-- 
            "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                         Softweyr LLC
wes@softweyr.com                                           http://softweyr.com/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message