Reverse DNS won't generally get the interesting DNS addresses.. [EMAIL PROTECTED]:~# host amphibian.dyndns.org
amphibian.dyndns.org A 82.32.18.233
[EMAIL PROTECTED]:~# host 82.32.18.233
Name: 82-32-18-233.cable.ubr03.azte.blueyonder.co.uk
Address: 82.32.18.233
You're right.
connections! TheCurrently the node uses *all* IP-adresses for outgoingdifferent portsproblem is not solvable using the firewall, because theanyway.it uses on every connection - and it would not be the nicest way
One firewall-based solution would be the user match support inlinux'sfirewalling tools... if you are running the firewall on a separate machine you'd have to label the packets on the one running the node, after recognizing them from the user match module...
I'll take a look at it. But i don't like the firewall solution, because of negative effects on the node. The node would keep trying to build up unwanted connections, until drop/reject. There would be a high error count of no real errors and it would consume a hight amount of useless working threads thought....
Eh? You don't have to obstruct the node's access. It needs to be able to make outgoing connections to any IP on any port, and accept incoming connections on the listenPort. What's the problem?
To *any port* at *any ip* and to *listen port*, that's fine with me.
But i've noticed the use of *all local available ip adresses* for *outgoing* connections.
Thought you've got that. You've said to avoid any unwanted connections i should use firewall rules using the ownership to label the packets. Dropping the packets at the output table would be a solution, but i think it's against the nature of the node to throw all the unwanted packets away.. there would be many useless threads..
The problem is the use of *all local IP addresses* bound to the network interface used for *outgoing* internet connections.
eth0 123.123.123.123 eth0:1 123.123.123.124 eth0:2 123.123.123.125
In the example above it would use all of the three ips, to initiate outgoing connections. I don't know why. But that would make it looks like three different hosts acting with one node-identity. If i block the 2nd and 3rd address by firewall i'll loose 66% of the threads on trial initiated outgoing connections. The node does not know about the packets beeing dropped...
It would confuse the freenet routing at the worst case!?
I don't know exactly, but if i could bound to a specific ip instead to 0.0.0.0 there could be a chance to limit the use of only the same ip as source ip too..
Is there a way to make the node using only one address!? Or is there generally no way to avoid the use of multiple virtual addresses on outgoing connections?
In my opinion it makes a difference, if i present just a number/account-id/nick/any-provider-data, or my real name and street address via the easy use of the arin database....
What database? I whois my IP address and get an address in bradford.. (I'm in bristol)... I was under the impression the way to go from IP address to home address was to send some threatening legalese to the ISP.
I've talked about www.arin.net. But you're right. I was wrong about that. In the almost cases it reverses only another named address without any closer personal data.
Only if somebody gets the line between the registered Domain and the used ip address i have the problem. Got somehow in panic.. ;-)
_______________________________________________ Support mailing list [EMAIL PROTECTED] http://news.gmane.org/gmane.network.freenet.support Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support Or mailto:[EMAIL PROTECTED]
