Hello, I'm having two problems relating to running a public Freenet
proxy that I was hoping that you folks could help me with. I'm running
build 650 under linux with the 1.3 JVM from IBM.
The first is that I can't seem to be able to get mainport/fproxy to be
consistently public. The mainport servlet is bound on 0.0.0.0:8888:
[danello at groovy ~/fred/dist]$ netstat -nlp | egrep ':8888 .*LIST'
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 3 2101/java
I have:
mainport.bindAddress=*
mainport.allowedHosts=0.0.0.0/0
mainport.port=8888
in freenet.conf, but I keep getting messages like this in my log file:
2003-01-15 11:06:30.601 (freenet.interfaces.LocalInterface, Interface #
tcp/8888):MINOR: Rejected connection: host not allowed: 192.107.146.2:33385
2003-01-15 11:20:46.688 (freenet.interfaces.LocalInterface, Interface #
tcp/8888):MINOR: Accepted connection: tcpconnection: 66.92.65.123:3317
2003-01-15 11:36:41.791 (freenet.interfaces.LocalInterface, Interface #
tcp/8888):MINOR: Accepted connection: tcpconnection: 66.196.72.53:48166
As you can see, it's definitely allowing external traffic, but some IPs
are inexplicably banned. I've also tried mainport.allowedHosts=* with
the same result.
The other question is:
Could fproxy/mainport be modified to return a robots.txt that excludes
all bots? I noticed my load was staying pegged at 100, so I ran a
tcpdump and it looks like I'm being spidered:
08:38:31.319040 66.196.65.24.43761 > groovy.danky.com.8888: P0:180(180)
ack 1 win 32850 (DF)
0x0000 4500 00dc 53aa 4000 ed06 fef5 42c4 4118 E...S. at .....B.A.
0x0010 422d 7472 aaf1 22b8 2972 1a52 119b f3dd B-tr..".)r.R....
0x0020 5018 8052 6be2 0000 4745 5420 2f72 6f62 P..Rk...GET./rob
0x0030 6f74 732e 7478 7420 4854 5450 2f31 2e30 ots.txt.HTTP/1.0
0x0040 0d0a 486f 7374 3a20 6772 6f6f 7679 2e64 ..Host:.groovy.d
0x0050 616e 6b79 2e63 6f6d 0d0a 4163 6365 7074 anky.com..Accept
0x0060 3a20 2a2f 2a0d 0a55 7365 722d 4167 656e :.*/*..User-Agen
0x0070 743a 204d 6f7a 696c 6c61 2f35 2e30 2028 t:.Mozilla/5.0.(
0x0080 536c 7572 702f 7369 3b20 736c 7572 7040 Slurp/si;.slurp@
0x0090 696e 6b74 6f6d 692e 636f 6d3b 2068 7474 inktomi.com;.htt
0x00a0 703a 2f2f 7777 772e 696e 6b74 6f6d 692e p://www.inktomi.
0x00b0 636f 6d2f 736c 7572 702e 6874 6d6c 290d com/slurp.html).
0x00c0 0a46 726f 6d3a 2073 6c75 7270 4069 6e6b .From:.slurp at ink
0x00d0 746f 6d69 2e63 6f6d 0d0a 0d0a tomi.com....
I could firewall them out individually, but it'd be nice if the
well-behaved ones could be automatically excluded.
Thanks for your attention,
-Dominic
--
Current soundtrack @ 01/15/03 08:37 'Alice In Chains - Dirt - 05 -
Sickman'
Freenet Ref: http://danky.com/groovy.danky.com.ref
Get Freenet: http://groovy.danky.com:8891/Fp13tdrsxZI/
PGP Key: http://danky.com/keys/danello.pgp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 882 bytes
Desc: not available
URL:
<https://emu.freenetproject.org/pipermail/devl/attachments/20030115/8cd5f436/attachment.pgp>
