Date: Tue, 19 Jun 2001 13:14:07 -0400 From: Dan Armstrong <dan@beanfield.com> To: evilfry@sg.freebsd.org Cc: Tony Wells <tony@camel.kdsi.net>, freebsd-questions@freebsd.org Subject: Re: Urgent help with Reverse Lookups and FTPD Message-ID: <3B2F885F.75CADFC5@beanfield.com> References: <3B2F74D7.C057B32F@beanfield.com> <3B2F820B.4147E4E8@camel.kdsi.net> <3B2F84CE.608E7F75@beanfield.com> <01062001044603.44515@evilfry.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I already had that commented out.... without that, they cannot connect at all. With that out, it still tries to do the reverse, and lags for a LLOONNGG time and intermittantly, some timeout and some don't. Dan. James Lim wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi > > Are you using the normal ftpd? Does commenting out the following in > your /etc/host.allow works? > > # Prevent those with no reverse DNS from connecting. > #ALL : PARANOID : RFC931 20 : deny > > Hope this helps. > > On the last episode Wednesday 20 June 2001 00:58, Dan Armstrong wrote: > > Well, we have almost 1000 stub-bridged Ethernet LANs each on it's > > own private subnet tunneled over an ATM network back to a router. > > The long and the short of it is that we just cannot possibly manage > > reverse info for the entire network. > > > > Dan. > > > > Tony Wells wrote: > > > Do you really need thousands of addresses for your customers? > > > I'm making an assumption , but if you're assigning addresses > > > using DHCP, can you limit the range of addresses assigned to a > > > reasonable amount? If you only have say, 100 modems/xdsl/isdn or > > > whatever connections, you don't need ~64,000 IP's available. > > > > > > I would try looking into limiting the addresses assigned, and > > > then using /etc/hosts or reverse dns to resolve the IP's. > > > (Unless of course, you really need all those IP's.) > > > > > > Dan Armstrong wrote: > > > > We are a small ISP, and just turned up a new webserver running > > > > Free4.3 > > > > > > > > Most of our customers live on private (192.168) addresses and I > > > > am getting slaughtered with phone calls that they cannot ftp > > > > into their sites, and it is because their ftp programs don't > > > > necessarily wait for Free's ftpd to timeout doing the reverse > > > > lookup, for an address that of course does not have any reverse > > > > information for it. If I add their IP to the /etc/hosts BOOM > > > > they get in instantly. These thousands of addresses are all > > > > dynamically assigned, so the hosts file fix is not possible on > > > > this scale. Is there a way I can get it to stop? HELP! > > > > > > > > Dan. > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > - -- > Regards, > James Lim > http://sg.freebsd.org | http://www.bsd-geeks.org > -----BEGIN PGP SIGNATURE----- > Version: PGP 6.5.8 > > iQA/AwUBOy+GLppTakonTMbIEQLRawCghDlBMaOCON42Ph+eDyw603V9xJwAoPOa > Zk8EEVolF8KC84QoLxU44Cw8 > =2/HN > -----END PGP SIGNATURE----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3B2F885F.75CADFC5>