RE: tcpwrappers
What is the RBL patch, and what are the consequences of not having it? Where can I get more information about it? Thanks, Dennis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ralf S. Engelschall Sent: Friday, October 31, 2003 3:48 PM To: [EMAIL PROTECTED] Subject: Re: tcpwrappers On Fri, Oct 31, 2003, Bill Campbell wrote: Is anybody working on tcpwrappers for Solaris ? I got it to compile, but it does not work as expected, so one needs to do some debugging. I'm going to do this, when nobody speeks up. I haven't tried it, but do know that there was a bigendian issue with the RBL patch to tcp_wrappers. For those and similar reasons I've not included the RBL patch in our tcpwrappers package for now. But anyway, what patches for Solaris are available? Perhaps we can already start including those... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED] __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers / openssh
On Wed, Dec 03, 2003, Dennis McRitchie wrote: Have Matthias' changes for openssh (below) been incorporated in openssh-3.7.1p2-20031125.src.rpm? No, they haven't. I've just rolled a new openssh package with the changes though. It will be uploaded as soon as I can verify that it is a necessary patch. -- [EMAIL PROTECTED] Development Team, Operations Northern Europe Cable Wireless Telecommunications Services GmbH pgp0.pgp Description: PGP signature
RE: tcpwrappers
Another question: will the OpenPKG team inform Steve Grubb about the problems found with and patches applied to his code? He indicates in his README file that he will continue to maintain the package until Wietse releases a new version (could be a while!), and that he'd like to know about bugs. My more general question is whether changes accepted by OpenPKG are routinely referred back to the Vendor (for incorporation into their next version), or whether the submitters of the changes need to do this? Thanks, Dennis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dennis McRitchie Sent: Wednesday, December 03, 2003 11:20 AM To: [EMAIL PROTECTED] Subject: RE: tcpwrappers What is the RBL patch, and what are the consequences of not having it? Where can I get more information about it? Thanks, Dennis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ralf S. Engelschall Sent: Friday, October 31, 2003 3:48 PM To: [EMAIL PROTECTED] Subject: Re: tcpwrappers On Fri, Oct 31, 2003, Bill Campbell wrote: Is anybody working on tcpwrappers for Solaris ? I got it to compile, but it does not work as expected, so one needs to do some debugging. I'm going to do this, when nobody speeks up. I haven't tried it, but do know that there was a bigendian issue with the RBL patch to tcp_wrappers. For those and similar reasons I've not included the RBL patch in our tcpwrappers package for now. But anyway, what patches for Solaris are available? Perhaps we can already start including those... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ The OpenPKG Project www.openpkg.org Developer Communication List [EMAIL PROTECTED] __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED] __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers
On Wed, Dec 03, 2003, Dennis McRitchie wrote: Another question: will the OpenPKG team inform Steve Grubb about the problems found with and patches applied to his code? He indicates in his README file that he will continue to maintain the package until Wietse releases a new version (could be a while!), and that he'd like to know about bugs. I won't promise this, but... My more general question is whether changes accepted by OpenPKG are routinely referred back to the Vendor (for incorporation into their next version), or whether the submitters of the changes need to do this? Yes, as a rule any patch code is sent to either the author(s) or development mailing list. That being said, there are exceptions, mainly human failure like forgetting to email the tenth patch you've made for the day. -- [EMAIL PROTECTED] Development Team, Operations Northern Europe Cable Wireless Telecommunications Services GmbH pgp0.pgp Description: PGP signature
Re: tcpwrappers
On Wed, Dec 03, 2003, Dennis McRitchie wrote: What is the RBL patch, and what are the consequences of not having it? Where can I get more information about it? The RBL patch allows one to specify dnsRBLs (Realtime Blackhole Lists) in the /etc/hosts.allow file. We used this extensively with smail-3.2 to block spam. Some entries from one of our servers: # this one allows anybody in our white hat list ALL: {RBL}.whl.celestial.net. : ALLOW # deny from our local database of people who've tried cracking # or abusing our ftp servers. ALL: {RBL}.guardian.celestial.net. : DENY sendmail,smtpd: {RBL}.dynablock.wirehub.net. : DENY sendmail,smtpd: {RBL}.sbl.spamhaus.org. : DENY ... Personally I find the RBL capabilities one of the most useful features of tcp_wrappers. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Systems, Inc. UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``The meek shall inherit the Earth, the rest of us will go to the stars...'' -Dr. Isaac Asimov __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
RE: tcpwrappers
Thanks for the info, Bill. I take it from your reply (and from not finding any references to RBL in the original code) that this patch actually creates this previously non-existing feature? Where can I find a copy of this patch, should I want to work on the big-endian problem? Thanks, Dennis -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bill Campbell Sent: Wednesday, December 03, 2003 2:03 PM To: [EMAIL PROTECTED] Subject: Re: tcpwrappers On Wed, Dec 03, 2003, Dennis McRitchie wrote: What is the RBL patch, and what are the consequences of not having it? Where can I get more information about it? The RBL patch allows one to specify dnsRBLs (Realtime Blackhole Lists) in the /etc/hosts.allow file. We used this extensively with smail-3.2 to block spam. Some entries from one of our servers: # this one allows anybody in our white hat list ALL: {RBL}.whl.celestial.net. : ALLOW # deny from our local database of people who've tried cracking # or abusing our ftp servers. ALL: {RBL}.guardian.celestial.net. : DENY sendmail,smtpd: {RBL}.dynablock.wirehub.net. : DENY sendmail,smtpd: {RBL}.sbl.spamhaus.org. : DENY ... Personally I find the RBL capabilities one of the most useful features of tcp_wrappers. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Systems, Inc. UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``The meek shall inherit the Earth, the rest of us will go to the stars...'' -Dr. Isaac Asimov __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED] __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers
On Wed, Dec 03, 2003, Dennis McRitchie wrote: Thanks for the info, Bill. I take it from your reply (and from not finding any references to RBL in the original code) that this patch actually creates this previously non-existing feature? Where can I find a copy of this patch, should I want to work on the big-endian problem? The version I'm using here is available on our anonymous ftp site. My spec file uses come macros I've taken from the Caldera version of RPM, and would probably drive speclint nuts, but the patches are there. ftp://ftp.celestial.com/private/ftp.openpkg.org/release/1.3/SRC/tcp_wrappers-7.6-20020510.src.rpm Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``When dealing with any spammer, one must always keep in mind that you are dealing with someone who makes their living through forgery, fraud, theft, subterfuge and obfuscation. Stated simply, spammers lie.'' David Ritz [EMAIL PROTECTED] __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers
On Fri, Oct 31, 2003, Matthias Kurz wrote: Hi. Is anybody working on tcpwrappers for Solaris ? I got it to compile, but it does not work as expected, so one needs to do some debugging. I'm going to do this, when nobody speeks up. I haven't tried it, but do know that there was a bigendian issue with the RBL patch to tcp_wrappers. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``We shouldn't elect a President; we should elect a magician.'' Will Rogers __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers
On Fri, Oct 31, 2003, Bill Campbell wrote: Is anybody working on tcpwrappers for Solaris ? I got it to compile, but it does not work as expected, so one needs to do some debugging. I'm going to do this, when nobody speeks up. I haven't tried it, but do know that there was a bigendian issue with the RBL patch to tcp_wrappers. For those and similar reasons I've not included the RBL patch in our tcpwrappers package for now. But anyway, what patches for Solaris are available? Perhaps we can already start including those... Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]
Re: tcpwrappers
On Fri, Oct 31, 2003, Bill Campbell wrote: On Fri, Oct 31, 2003, Matthias Kurz wrote: Hi. Is anybody working on tcpwrappers for Solaris ? I got it to compile, but it does not work as expected, so one needs to do some debugging. I'm going to do this, when nobody speeks up. I haven't tried it, but do know that there was a bigendian issue with the RBL patch to tcp_wrappers. Ahhh, thanks for the hint (something unusual). Actually, my problems seem to be related to IPv6. When i change the protocol in /etc/inetd.conf from tcp6 (IPv6) to tcp (IPv4) it works... Now i'm going to investigate what the real problem is... (mk) Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC UUCP: camco!bill PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 URL: http://www.celestial.com/ ``We shouldn't elect a President; we should elect a magician.'' Will Rogers -- Matthias Kurz; Fuldastr. 3; D-28199 Bremen; VOICE +49 421 53 600 47 `` GO ! Buy an american President. It pays back ! '' `` http://www.spiegel.de/wirtschaft/0,1518,271957,00.html '' __ The OpenPKG Projectwww.openpkg.org Developer Communication List [EMAIL PROTECTED]