Re: IPv6 and hosts.allow
On Tue, 16 May 2000 16:10:28 -0400 James Housley [EMAIL PROTECTED] said: jim Is inetd wrapping and hosts.allow supposed to support IPv6 addresses? jim Because it isn't for me. Not only that but added an IPv6 address to jim hosts.allow seems to prevent processing of IPv4 anddress on that line. jim If it should and is broken I will submit a PR. If not I will look and jim see if I can submit a PR with code. BTW this is 4.0 cvsupd and compile jim with cvs-cur-6351.gz of this morning (2000/5/16) Yes, I wrote IPv6 support code for tcp_wrappers. And, actually, I'm using it. How do you specify IPv6 address? IPv6 address has `:' in it and it conflict with tcp_wrappers's field separator. So, you need to wrap IPv6 address with `[' and `]'. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.imasy.org/~ume/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: IPv6 and hosts.allow
On Tue, 16 May 2000 16:37:07 -0400 James Housley [EMAIL PROTECTED] said: How do you specify IPv6 address? IPv6 address has `:' in it and it conflict with tcp_wrappers's field separator. So, you need to wrap IPv6 address with `[' and `]'. jim Like this? No. For example: ALL : [fe80::]/10 Please see manpage for host_access(5). jim Would you like me to submit a PR with this or can you commit jim the changes or better ones??? jim +# To use IPv6 addresses you must enclose them in []'s jim +ALL : [fe80::/10] To add example in /etc/hosts.allow is good idea. But, use of link-local address is not so good. Because, current IPv6 implementation of tcp_wrappers cannot treat scope-id. So, this means: allow any link-local connections from any neighbor networks It contains not only ethernet but also gif tunnel etc. Do you really need to allow link-local connection? I already rewrote tcp_wrappers to support scoped address and it is shipped as KAME ports. You can obtain it from: http://www.imasy.or.jp/~ume/ipv6/tcp_wrappers_7.6-ipv6-1.9.diff.gz By using this, you can specify: ALL : [fe80::%de0]/10 : allow But, this has some limitations. This is a patch to original tcp_wrappers. And, this doesn't work on 5.0-CURRENT nor 4.0-STABLE due to getaddrinfo() problem around treatment of IPv4 address obtained by specifying PF_UNSPEC. To work it on FreeBSD without additional KAME package, we should correct getaddrinfo(). The patch is ready and now in review. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.imasy.org/~ume/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: desire for ftp.internat.freebsd.org mirror
On Wed, 5 Apr 2000 18:08:33 -0700 "David O'Brien" [EMAIL PROTECTED] said: obrien Access to ftp.internat.freebsd.org from the USA (and presumably obrien elsewhere) is an abomination. Isn't there *anyone* with an permanate FTP obrien server that could officially mirror the crypto bits from obrien ftp.internat.freebsd.org? daemon.jp.freebsd.org has. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.imasy.org/~ume/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
Re: IPv6, IPv4 and /etc/resolv.conf problems
Hi, On Tue, 22 Feb 2000 13:24:51 +0100 (MET) Borja Marcos [EMAIL PROTECTED] said: borjam 1 - host.domain (following the "domain" or "search" directive) borjam 2 - host borjam 3 - A host.domain borjam 4 - A host Specifying `options no_tld_query' in /etc/resolv.conf may helps you. -- Hajimu UMEMOTO @ Internet Mutual Aid Society Yokohama, Japan [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.imasy.org/~ume/ To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
