Re: Light GeoIP support dropped?
On 1/6/20 6:04 PM, Kevin Oberman wrote:
On Mon, Jan 6, 2020 at 1:17 PM Alexander Koeppe wrote:
Hi,
since I've upgraded to FreeBSD 12, I don't find a package providing the
lightweight geoip database API incl. GeoIP.h and libGeoIP.so.
I only find `geoipupdate` which is the non-free variant of the API.
Has the package been renamed?
Thanks
- Alex
GeoIP and the GeoIP 1 database were discontinued early last year. They were
replaced by net/libmaxminddb and GeoIP 2 database. I have no idea if any
form of free data is available.
there is a partial alternative in ports...
https://www.freshports.org/search.php?query=ipdbtools=go=10=name=match=excludedeleted=1=caseinsensitive
It uses the official national registrations for country enumeration,
and can generate firewall tables directly.
Here's the cron script I use to generate a table in ipfw that only
allows australian and US addresses (for example):
#!/bin/sh
ALLOWFILE=/root/AU+USA-GEOIPS.ipfw
MAILTABLE=20
ALT_MAILTABLE=21
AU_VAL=1
US_VAL=10200
#fetch latest geo-ip ranges and set AU and USA into table ${MAILTABLE}
ipdb-update.sh
ipup -t AU=${AU_VAL}:US=${US_VAL} -n ${ALT_MAILTABLE} > ${ALLOWFILE}
ipfw table ${ALT_MAILTABLE} flush
ipfw -q -f ${ALLOWFILE}
ipfw table ${MAILTABLE} swap ${ALT_MAILTABLE}
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
___
freebsd-stable@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Fwd: Re: session mgmt: does POSIX indeed prohibit NOOP execution?
> Not much room to argue? Why that? This is not about laws you have to follow blindly whether you understand them or not, this is all about an Outcome - a working machine that should properly function. "Not much to argue about what behaviour is required by the standard". The standard could have been written to require different behaviour and most probably still make sense, but it wasn't; but at least it's unambiguous. After that, the discussion is rather... philosophical. It is not the standard that concerns me, it is *failure* that concerns me. When I try to run a daemon from the base OS (in the orderly way, via daemon command), and it just DOES NOT WORK, and I need to find out and look into it what's actually wrong, then for me that's not philosophy, that's a failure that needs some effort to fix. And I dont want such issues, and, more important, I don't want other people to run into the same issue again! (Not sure what is so difficult to understand with that.) In any case, either the base system has a flaw, or the syscall has a flaw, or the Posix has a flaw. I don't care which, You're free to choose, But if you instead think that flaws are not allowed to exist because Posix is perfect, and therefore the much better solution is to just bully the people who happen to run into the flaws, well, thats also okay. rgds, PMc ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Light GeoIP support dropped?
On Mon, Jan 6, 2020 at 1:17 PM Alexander Koeppe wrote: > Hi, > > since I've upgraded to FreeBSD 12, I don't find a package providing the > lightweight geoip database API incl. GeoIP.h and libGeoIP.so. > > I only find `geoipupdate` which is the non-free variant of the API. > > Has the package been renamed? > > Thanks > >- Alex GeoIP and the GeoIP 1 database were discontinued early last year. They were replaced by net/libmaxminddb and GeoIP 2 database. I have no idea if any form of free data is available. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: session mgmt: does POSIX indeed prohibit NOOP execution?
## Peter (pe...@citylink.dinoex.sub.org): > > Not much room to argue? > > Why that? This is not about laws you have to follow blindly whether > you understand them or not, this is all about an Outcome - a working > machine that should properly function. "Not much to argue about what behaviour is required by the standard". The standard could have been written to require different behaviour and most probably still make sense, but it wasn't; but at least it's unambiguous. After that, the discussion is rather... philosophical. Regards, Christoph -- Spare Space ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Light GeoIP support dropped?
## Alexander Koeppe (forma...@online.de): > since I've upgraded to FreeBSD 12, I don't find a package providing > the lightweight geoip database API incl. GeoIP.h and libGeoIP.so. The so-called "legacy" database format used by libGeoIP has been discontinued by MaxMind, and is only available for paying customers: https://blog.maxmind.com/2018/01/02/discontinuation-of-the-geolite-legacy-databases/ For that reason, net/GeoIP has been removed quite some time ago: https://svnweb.freebsd.org/ports?view=revision=493168 And the free (as in no payment required) GeoLite2 databases have seen some licensing/handling changes, too: https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/ Regards, Christoph -- Spare Space ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Light GeoIP support dropped?
Alexander, Unfortunately maxmind have changed their rules and as per AdamW's notification in the geoipupdate message for version 4.1.5_1, https://svnweb.freebsd.org/ports/head/net/geoipupdate/files/pkg-message.in?view=markup advises to go to https://www.maxmind.com/en/geolite2/signup to create an account, then you will need to go to (I think it was) "My Licence" where you provide a key description (you enter text) and then you will need to generate a key. Adam advises to go to https://www.maxmind.com/en/accounts/155743/license-key for the licence, but that is actually his account number (155743), which I would suggest is inappropriate. (Adam!) ;) I have walked through the steps, and the account setup involves providing you email address, to which additional details are sent for the account creation process. Once done, you acquire the key. Once you login to your account, you will notice a number at the end of the url, after accounts/ (see above) that is your account information that you plug into your geoipupdate.conf file, and you'll need your licence key as well. Its a little convoluted, but it also provides a config file segment which you can conveniently cut/paste. Regards, Dewayne. PS our version of geoipupdate doesn't provide a version number, but the current version is 4.1.5_1, anything after 3.1.1 should work as described, if earlier, the account creation process will advise. So it continues to work. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Light GeoIP support dropped?
Hi Ed, thanks for your answer. Am 06.01.20 um 22:23 schrieb Ed Maste: On Mon, 6 Jan 2020 at 16:17, Alexander Koeppe wrote: It appears both free and paid access is available with API v2. Do you know how to use the v2 API? Do you know of any documentation? Thanks - Alex ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: Light GeoIP support dropped?
On Mon, 6 Jan 2020 at 16:17, Alexander Koeppe wrote: > > Hi, > > since I've upgraded to FreeBSD 12, I don't find a package providing the > lightweight geoip database API incl. GeoIP.h and libGeoIP.so. > > I only find `geoipupdate` which is the non-free variant of the API. Looking at ports history it seems the database it relied on is no longer available. It appears both free and paid access is available with API v2. ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Light GeoIP support dropped?
Hi, since I've upgraded to FreeBSD 12, I don't find a package providing the lightweight geoip database API incl. GeoIP.h and libGeoIP.so. I only find `geoipupdate` which is the non-free variant of the API. Has the package been renamed? Thanks - Alex ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
Re: session mgmt: does POSIX indeed prohibit NOOP execution?
On Mon, 06 Jan 2020 01:10:57 +0100, Christoph Moench-Tegeder wrote: When a program is invoked via /usr/sbin/daemon, it should already be session leader AND group leader, and then the above code WOULD be a NOOP, unless POSIX would require the setpgid() to fail and thereby the program to abort - which, btw, is NOT a NOOP :( https://pubs.opengroup.org/onlinepubs/9699919799/ "The setpgid() function shall fail if: [...] The process indicated by the pid argument is a session leader." Okay, so, what You are saying is that I got correct information insofar that POSIX indeed demands the perceived behaviour. Thanks for that confirmation. Not much room to argue? Why that? This is not about laws you have to follow blindly whether you understand them or not, this is all about an Outcome - a working machine that should properly function. So either there are other positive aspects in this behaviour that weight against the perceived malfunction, or the requirement is simply wrong. And the latter case should be all the argument that is needed. I do not say disobey Posix. I only say that one of the involved parts must certainly be wrong, and that should be fixed. So if You are saying, the problem is in Posix, but we are in the role of blind monkeys who have to follow that alien commandment by all means no matter the outcome, then this does not seem acceptable to me. Actually, as it seems to me, this whole session thing came originally out of Kirk McKusick's kitchen and made its way from there into Posix, so if there is indeed a flaw in it, it should well be possible to fix it going the same way. In any case, this here (to be found in /etc/rc,d/kadmind) is a crappy workaround and not acceptable style: command_args="$command_args &" We aren't slaves, or, are we? I for my part came just accidentially across this matter, and as my stance is, 1. the code has to be solid enough to stand the Jupiter mission, and therefore 2. do a rootcause Always, on Every misbehaviour (and then fix it once and for all), so I figured that thing out. rgds, PMc ___ freebsd-stable@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "freebsd-stable-unsubscr...@freebsd.org"
