subject:"services\(5\)\: more cleanup"

Re: services(5): more cleanup

2021-05-17 Thread Craig Skinner

On Sun, 16 May 2021 01:11:51 + Aisha Tammy wrote:
> I have a few machines which use something to the effect of `pass in on
> egress proto tcp to port smtps ...`.
> A quick question, does this mean that the port in pf.conf will also
> have to be renamed?

From experience doing the same Aisha, # pfctl -nf /etc/pf.conf will
complain if there are unknown port or host names.

These can be checked with getent(1)

As pf starts before unbound when booting, any hostnames used by pf
need to be in /etc/hosts & kept current.

Cheers,
Craig.

Re: services(5): more cleanup

2021-05-16 Thread Jeremie Courreges-Anglas

On Sat, May 15 2021, Aisha Tammy  wrote:
> On 5/11/21 9:04 PM, Kurt Mosiejczuk wrote:
>> On Wed, May 12, 2021 at 01:13:55AM +0200, Jeremie Courreges-Anglas wrote:
>>
>>> I'd like to drop SWAT, unofficial and dropped by the samba project
>>> around the switch to samba4.
 - moved smtps/465 to the standards section (rfc8314)
>>> The new service was named "submissions".  I guess we should use both
>>> that and the "smtps" alias.
>>> https://datatracker.ietf.org/doc/html/rfc8314#section-7.3
>>> ok?
> A quick question, does this mean that the port in pf.conf will also have
> to be renamed?
> I have a few machines which use something to the effect of `pass in on
> egress proto tcp to port smtps ...`.
> Will that be broken by this? Similarly smtpd.conf? Or do they do this
> port-name translation separately?

I'd suggest you do a quick test. ;)

> Best,
> Aisha
>
>> ok kmos
>>
>> --Kurt
>>
>>> Index: services
>>> ===
>>> RCS file: /d/cvs/src/etc/services,v
>>> retrieving revision 1.100
>>> diff -u -p -p -u -r1.100 services
>>> --- services5 May 2021 11:49:17 -   1.100
>>> +++ services11 May 2021 23:03:12 -
>>> @@ -123,7 +123,7 @@ microsoft-ds445/tcp # 
>>> Microsoft-DS
>>>   microsoft-ds  445/udp # Microsoft-DS
>>>   kpasswd   464/tcp # Kerberos 5 password 
>>> changing
>>>   kpasswd   464/udp # Kerberos 5 password 
>>> changing
>>> -smtps  465/tcp # mail message 
>>> submission (TLS)
>>> +submissions465/tcp smtps   # mail message 
>>> submission (TLS)
>>>   photuris  468/tcp # Photuris Key Management
>>>   photuris  468/udp
>>>   isakmp500/udp # ISAKMP key management
>>> @@ -296,7 +296,6 @@ kerberos_master 751/udp # 
>>> Kerberos 4
>>>   kerberos_master   751/tcp # Kerberos 4 kadmin
>>>   krb_prop  754/tcp hprop   # Kerberos slave propagation
>>>   krbupdate 760/tcp kreg# BSD Kerberos registration
>>> -swat   901/tcp # Samba Web 
>>> Administration Tool
>>>   datametrics   1645/udp
>>>   ekshell2  2106/tcp# Encrypted kshell - UColorado, 
>>> Boulder
>>>   webster   2627/tcp# Network dictionary
>>>
>>> -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE
>>> 1524 E7EE
>>>
>

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: services(5): more cleanup

2021-05-15 Thread Aisha Tammy





On 5/11/21 9:04 PM, Kurt Mosiejczuk wrote:

On Wed, May 12, 2021 at 01:13:55AM +0200, Jeremie Courreges-Anglas wrote:


I'd like to drop SWAT, unofficial and dropped by the samba project
around the switch to samba4.

- moved smtps/465 to the standards section (rfc8314)

The new service was named "submissions".  I guess we should use both
that and the "smtps" alias.
https://datatracker.ietf.org/doc/html/rfc8314#section-7.3
ok?
A quick question, does this mean that the port in pf.conf will also have 
to be renamed?
I have a few machines which use something to the effect of `pass in on 
egress proto tcp to port smtps ...`.
Will that be broken by this? Similarly smtpd.conf? Or do they do this 
port-name translation separately?


Best,
Aisha


ok kmos

--Kurt


Index: services
===
RCS file: /d/cvs/src/etc/services,v
retrieving revision 1.100
diff -u -p -p -u -r1.100 services
--- services5 May 2021 11:49:17 -   1.100
+++ services11 May 2021 23:03:12 -
@@ -123,7 +123,7 @@ microsoft-ds445/tcp # 
Microsoft-DS
  microsoft-ds  445/udp # Microsoft-DS
  kpasswd   464/tcp # Kerberos 5 password 
changing
  kpasswd   464/udp # Kerberos 5 password 
changing
-smtps  465/tcp # mail message submission (TLS)
+submissions465/tcp smtps   # mail message submission (TLS)
  photuris  468/tcp # Photuris Key Management
  photuris  468/udp
  isakmp500/udp # ISAKMP key management
@@ -296,7 +296,6 @@ kerberos_master 751/udp # 
Kerberos 4
  kerberos_master   751/tcp # Kerberos 4 kadmin
  krb_prop  754/tcp hprop   # Kerberos slave propagation
  krbupdate 760/tcp kreg# BSD Kerberos registration
-swat   901/tcp # Samba Web Administration Tool
  datametrics   1645/udp
  ekshell2  2106/tcp# Encrypted kshell - UColorado, 
Boulder
  webster   2627/tcp# Network dictionary

--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: services(5): more cleanup

2021-05-11 Thread Kurt Mosiejczuk

On Wed, May 12, 2021 at 01:13:55AM +0200, Jeremie Courreges-Anglas wrote:

> I'd like to drop SWAT, unofficial and dropped by the samba project
> around the switch to samba4.

> > - moved smtps/465 to the standards section (rfc8314)

> The new service was named "submissions".  I guess we should use both
> that and the "smtps" alias.
> https://datatracker.ietf.org/doc/html/rfc8314#section-7.3

> ok?

ok kmos

--Kurt

> 
> Index: services
> ===
> RCS file: /d/cvs/src/etc/services,v
> retrieving revision 1.100
> diff -u -p -p -u -r1.100 services
> --- services  5 May 2021 11:49:17 -   1.100
> +++ services  11 May 2021 23:03:12 -
> @@ -123,7 +123,7 @@ microsoft-ds  445/tcp # 
> Microsoft-DS
>  microsoft-ds 445/udp # Microsoft-DS
>  kpasswd  464/tcp # Kerberos 5 password 
> changing
>  kpasswd  464/udp # Kerberos 5 password 
> changing
> -smtps465/tcp # mail message 
> submission (TLS)
> +submissions  465/tcp smtps   # mail message submission (TLS)
>  photuris 468/tcp # Photuris Key Management
>  photuris 468/udp
>  isakmp   500/udp # ISAKMP key management
> @@ -296,7 +296,6 @@ kerberos_master   751/udp # 
> Kerberos 4 
>  kerberos_master  751/tcp # Kerberos 4 kadmin
>  krb_prop 754/tcp hprop   # Kerberos slave propagation
>  krbupdate760/tcp kreg# BSD Kerberos registration
> -swat 901/tcp # Samba Web Administration Tool
>  datametrics  1645/udp
>  ekshell2 2106/tcp# Encrypted kshell - UColorado, 
> Boulder
>  webster  2627/tcp# Network dictionary
> 
> -- 
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE
>

services(5): more cleanup

2021-05-11 Thread Jeremie Courreges-Anglas

On Wed, May 05 2021, Stuart Henderson  wrote:
> On 2021/05/04 12:07, Jan Klemkow wrote:
>> Hi,
>> 
>> Add missing ftps defaults ports to servies(5).
>> 
>> OK?
>> 
>> bye,
>> Jan
>> 
>> Index: services
>> ===
>> RCS file: /cvs/src/etc/services,v
>> retrieving revision 1.99
>> diff -u -p -r1.99 services
>> --- services 18 Feb 2021 02:30:29 -  1.99
>> +++ services 4 May 2021 10:01:35 -
>> @@ -318,6 +318,10 @@ krb_prop754/tcp hprop   # 
>> Kerberos slav
>>  krbupdate   760/tcp kreg# BSD Kerberos registration
>>  supfilesrv  871/tcp # SUP server
>>  swat901/tcp # Samba Web 
>> Administration Tool
>> +ftps-data   989/tcp # ftp data over TLS/SSL
>> +ftps-data   989/udp # ftp data over TLS/SSL
>> +ftps990/tcp # ftp control over 
>> TLS/SSL
>> +ftps990/udp # ftp control over 
>> TLS/SSL
>
> I'm OK with adding the TCP ones (though ftp-over-tls always makes me
> want to rant...). It's not going to run on UDP though so I think those
> should not be added.

+2

> Every new entry in this file reduces the range available for dynamic
> port selection, so it would seem a good idea to cull a few if we're
> adding some. Here are some likely candidates;
>
> - removed a few UDP entries for protocols that won't use it
>
> - dropped some obsolete protocols

I'd like to drop SWAT, unofficial and dropped by the samba project
around the switch to samba4.

> - moved smtps/465 to the standards section (rfc8314)

The new service was named "submissions".  I guess we should use both
that and the "smtps" alias.
https://datatracker.ietf.org/doc/html/rfc8314#section-7.3

ok?


Index: services
===
RCS file: /d/cvs/src/etc/services,v
retrieving revision 1.100
diff -u -p -p -u -r1.100 services
--- services5 May 2021 11:49:17 -   1.100
+++ services11 May 2021 23:03:12 -
@@ -123,7 +123,7 @@ microsoft-ds445/tcp # 
Microsoft-DS
 microsoft-ds   445/udp # Microsoft-DS
 kpasswd464/tcp # Kerberos 5 password 
changing
 kpasswd464/udp # Kerberos 5 password 
changing
-smtps  465/tcp # mail message submission (TLS)
+submissions465/tcp smtps   # mail message submission (TLS)
 photuris   468/tcp # Photuris Key Management
 photuris   468/udp
 isakmp 500/udp # ISAKMP key management
@@ -296,7 +296,6 @@ kerberos_master 751/udp # 
Kerberos 4 
 kerberos_master751/tcp # Kerberos 4 kadmin
 krb_prop   754/tcp hprop   # Kerberos slave propagation
 krbupdate  760/tcp kreg# BSD Kerberos registration
-swat   901/tcp # Samba Web Administration Tool
 datametrics1645/udp
 ekshell2   2106/tcp# Encrypted kshell - UColorado, 
Boulder
 webster2627/tcp# Network dictionary

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: services(5): more cleanup

Re: services(5): more cleanup

Re: services(5): more cleanup

Re: services(5): more cleanup

services(5): more cleanup

5 matches

Site Navigation

Mail list logo

Footer information