DaemonForums  

Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st January 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,167
Default The unknown /etc/networks file

On my local network utp.xnet I have a local DNS server, which resolves names in the utp.xnet network.

If one doesn't have such a server you always have to remember to specify the -n flag to netstat for example.
Code:
$ netstat -rn -f inet
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            192.168.222.10     UGS        3       22     -     8 fxp0
127/8              127.0.0.1          UGRS       0        0 33200     8 lo0
127.0.0.1          127.0.0.1          UH         1        0 33200     4 lo0
192.168.222/24     link#1             UC         2        0     -     4 fxp0
192.168.222.10     00:08:c7:05:ca:0b  UHLc       1        4     -     4 fxp0
192.168.222.20     00:19:db:47:b0:4c  UHLc       1      180     -     4 fxp0
224/4              127.0.0.1          URS        0        0 33200     8 lo0
If you forget that -n option, netstat will do reverse name lookups on the addresses. If they don't resolve, because of absence of a nameserver the DNS requests will time out, and that can cause considerable delays.

Without the "don't resolve addresses to names" option, that same routing table looks like this:
Code:
 $ ]netstat -r -f inet  
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            parmenides         UGS        3       23     -     8 fxp0
loopback           localhost          UGRS       0        0 33200     8 lo0
localhost          localhost          UH         1        0 33200     4 lo0
192.168.222/24     link#1             UC         2        0     -     4 fxp0
parmenides         00:08:c7:05:ca:0b  UHLc       1        4     -     4 fxp0
hercules           00:19:db:47:b0:4c  UHLc       1      204     -     4 fxp0
BASE-ADDRESS.MCAST localhost          URS        0        0 33200     8 lo0
Nearly all numeric values referring to hosts have been replaced by the names to those hosts.
But did you ever wonder where the BASE-ADDRESS.MCAST network name for 224/4 comes from?

It does not originate from DNS but from a file /etc/networks which as usual on the BSD's has a man page.
For the online versions see networks(5) for OpenBSD and for FreeBSD networks(5).

From the OpenBSD version:
Code:
NAME
     networks - Internet Protocol network name database

DESCRIPTION
     The networks file is used as a local source to translate between Internet
     Protocol (IP) network addresses and network names (and vice versa).  It
     can be used in conjunction with the Domain Name System (DNS).
The /etc/networks on my OpenBSD box:
Code:
#       $OpenBSD: networks,v 1.5 1997/09/15 09:54:52 deraadt Exp $
#

# Internet networks (from nic.ddn.mil)
# 1) The multicast network
BASE-ADDRESS.MCAST.NET  224
loopback                127     loop

# Your subnets follow...
Adding the following line
Code:
utp.xnet                192.168.222
And now utp.xnet will be used
Code:
$ netstat -r -f inet 
Routing tables

Internet:
Destination        Gateway            Flags   Refs      Use   Mtu  Prio Iface
default            parmenides         UGS        2       30     -     8 fxp0
loopback           localhost          UGRS       0        0 33200     8 lo0
localhost          localhost          UH         1        0 33200     4 lo0
utp.xnet           link#1             UC         2        0     -     4 fxp0
parmenides         00:08:c7:05:ca:0b  UHLc       2       20     -     4 fxp0
hercules           00:19:db:47:b0:4c  UHLc       1      363     -     4 fxp0
BASE-ADDRESS.MCAST localhost          URS        0        0 33200     8 lo0
You can also specify a netmask in this /etc/networks file.
Code:
# Your subnets follow...
utp.xnet                192.168.222
utp-mask                255.255.255
This allows you to do things like

Code:
# ifconfig lo1 create
# ifconfig lo1 192.168.222.245 netmask utp-mask
# ifconfig lo1
lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200
        priority: 0
        groups: lo
        inet 192.168.222.245 netmask 0xffffff00
Nice uuh?
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 22nd January 2010
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

What's the difference between /etc/networks and /etc/hosts ?
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
  #3   (View Single Post)  
Old 22nd January 2010
DutchDaemon's Avatar
DutchDaemon DutchDaemon is offline
Real Name: Ben
Spam Refugee
 
Join Date: Jul 2008
Location: Rotterdam, The Netherlands
Posts: 336
Default

To me it looks like /etc/hosts is for /32 hostnames, whereas /etc/networks is for /24|/16|/8 network names. Not sure what to do with a /29 or a /14
Reply With Quote
  #4   (View Single Post)  
Old 22nd January 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,167
Default

I can imagine that an "Arp constable", confined to watching and patrolling ARP communication in a single network, may not understand the difference

From hosts(5):
Code:
NAME
     hosts - host name database

DESCRIPTION
     The hosts file contains information regarding the known hosts on the net-
     work.  For each host, a single line should be present with the following
     information:

           Internet address
           Official host name
           Aliases
From networks(5):
Code:
NAME
     networks - Internet Protocol network name database

DESCRIPTION
     The networks file is used as a local source to translate between Internet
     Protocol (IP) network addresses and network names (and vice versa).  It
     can be used in conjunction with the Domain Name System (DNS).

     While the networks file was originally intended to be an exhaustive list
     of all IP networks that the local host could communicate with, distribu-
     tion and update of such a list for the world-wide Internet (or, indeed,
     for any large "enterprise" network) has proven to be prohibitive, so the
     Domain Name System is used instead, except as noted.

     For each IP network, a single line should be present with the following
     information:

           official network name
           ip network number
           aliases
So one is about individual hosts, the other one about networks. A collection of host atoms form the network molecule.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #5   (View Single Post)  
Old 22nd January 2010
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

Excuse me, I had checked FreeBSDs manuals instead (having been logged in from a FBSD box) :-P

Quote:
Originally Posted by hosts(5)

NAME
hosts -- host name data base

DESCRIPTION
The hosts file contains information regarding the known hosts on the net-
work. It can be used in conjunction with DNS, and the NIS maps
`hosts.byaddr' and `hosts.byname', as controlled by nsswitch.conf(5).
For each host a single line should be present with the following informa-
tion:

Internet address
official host name
aliases
....
Quote:
Originally Posted by networks(5)
NAME
networks -- network name data base

DESCRIPTION
The networks file contains information regarding the known networks which
comprise the DARPA Internet. For each network a single line should be
present with the following information:
....

+1 for the tieres... hehe, sorry for the fool question
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
  #6   (View Single Post)  
Old 22nd January 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,167
Default

There are no foolish questions, only foolish answers
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How secure are wireless home networks? JMJ_coder General software and network 37 18th April 2011 04:04 PM
root: unknown user roddierod FreeBSD General 9 28th April 2009 10:18 PM
Securing wifi networks with ipsec/ssh and openbsd Oko OpenBSD Security 4 16th April 2009 07:32 AM
DMZ for two networks users... maurobottone OpenBSD Security 6 2nd June 2008 02:57 PM
postfix + dovecot LDA: bounce, user unknown cbrace FreeBSD General 1 9th May 2008 05:19 PM


All times are GMT. The time now is 04:23 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick