Re: Some fixes for some non-features of the /etc/rc.firewall script - Nate Williams - org.freebsd.freebsd-bugs

6 messages in org.freebsd.freebsd-bugsRe: Some fixes for some non-features ...

From	Sent On	Attachments
Ronald F. Guilmette	Oct 29, 1999 2:46 pm
Nate Williams	Oct 29, 1999 2:51 pm
Poul-Henning Kamp	Oct 29, 1999 2:57 pm
Ronald F. Guilmette	Oct 29, 1999 2:59 pm
Nate Williams	Oct 29, 1999 3:07 pm
Poul-Henning Kamp	Oct 29, 1999 3:12 pm

Subject:	Re: Some fixes for some non-features of the /etc/rc.firewall script
From:	Nate Williams (na...@mt.sri.com)
Date:	Oct 29, 1999 3:07:37 pm
List:	org.freebsd.freebsd-bugs

The second patch below allows outsiders to connect to your AUTH port (113). I found that allowing this will cut down a lot on the number of pointless "Deny" log messages you will get if you don't have this, because a *lot* of things out in the real world (most notably Sendmail) _will_ try to connect to your local auth port whenever you connect out to them.

Or you can simply ignore them completely w/out logging them, since AUTH is a useless protocol, and you really shouldn't have a real AUTH daemon running on your box in any case.

On this topic also consider the "dummy" AUTH server in inetd...

Someone (you?) posted one to the mailing list, and/or modified inetd to use a dummy one. I'd have to go look in the archives.

However, I haven't had an auth server running on my box for over 3 years, and it hasn't appeared to have hurt anything. :)

I can wait the extra 2-3 seconds for the auth server to timeout to get my email. :)

Nate

To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets