Date: Thu, 16 Aug 2007 15:09:45 +0200 (CEST) From: Oliver Fromme <olli@secnetix.de> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Oliver Fromme <olli@secnetix.de>, Doug Barton <dougb@FreeBSD.org> Subject: conf/115573: Typo in default named.conf locks out Sun Message-ID: <200708161309.l7GD9jqq016275@pluto.secnetix.de> Resent-Message-ID: <200708161310.l7GDA241041425@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 115573 >Category: conf >Synopsis: Typo in default named.conf locks out Sun >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Aug 16 13:10:01 GMT 2007 >Closed-Date: >Last-Modified: >Originator: Oliver Fromme >Release: FreeBSD 6.2-STABLE-20070808 i386 >Organization: secnetix GmbH & Co. KG http://www.secnetix.de/bsd >Environment: System: FreeBSD pluto.secnetix.de 6.2-STABLE-20070808 FreeBSD 6.2-STABLE-20070808 #0: Wed Aug 8 14:35:59 CEST 2007 olli@pluto.secnetix.de:/usr/obj/usr/src/sys/PLUTO i386 The problem described here affects HEAD and RELENG_6. >Description: The current default configuration of BIND (named.conf) blocks the network 192.18/15. This network belongs to Sun Microsystems Inc., Medical Research Council and Agere Systems Inc. The comment in the file claims that the network block is reserved for router benchmark testing in accordance with RFC 2544. However, there's a typo in that RFC which has been corrected in an erratum: http://www.rfc-editor.org/cgi-bin/errataSearch.pl?rfc=2544 So the correct network block is 198.18/15. The correct network block is also mentioned in RFC 3330: http://www.rfc-editor.org/rfc/rfc3330.txt The error in the default named.conf file should be corrected ASAP. As it stands now, the 192.18/15 network which belongs to Sun and others is locked out by default on FreeBSD machines! >How-To-Repeat: whois 192.18 whois 198.18 >Fix: --- src/etc/namedb/named.conf.orig 2007-08-08 13:51:41.000000000 +0200 +++ src/etc/namedb/named.conf 2007-08-16 15:07:36.000000000 +0200 @@ -157,9 +157,9 @@ // TEST-NET for Documentation (RFC 3330) zone "2.0.192.in-addr.arpa" { type master; file "master/empty.db"; }; -// Router Benchmark Testing (RFC 2544) -zone "18.192.in-addr.arpa" { type master; file "master/empty.db"; }; -zone "19.192.in-addr.arpa" { type master; file "master/empty.db"; }; +// Router Benchmark Testing (RFC 2544 + erratum, RFC 3330) +zone "18.198.in-addr.arpa" { type master; file "master/empty.db"; }; +zone "19.198.in-addr.arpa" { type master; file "master/empty.db"; }; // IANA Reserved - Old Class E Space zone "240.in-addr.arpa" { type master; file "master/empty.db"; }; >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200708161309.l7GD9jqq016275>