|
|||
The unknown /etc/networks file
On my local network utp.xnet I have a local DNS server, which resolves names in the utp.xnet network.
If one doesn't have such a server you always have to remember to specify the -n flag to netstat for example. Code:
$ netstat -rn -f inet Routing tables Internet: Destination Gateway Flags Refs Use Mtu Prio Iface default 192.168.222.10 UGS 3 22 - 8 fxp0 127/8 127.0.0.1 UGRS 0 0 33200 8 lo0 127.0.0.1 127.0.0.1 UH 1 0 33200 4 lo0 192.168.222/24 link#1 UC 2 0 - 4 fxp0 192.168.222.10 00:08:c7:05:ca:0b UHLc 1 4 - 4 fxp0 192.168.222.20 00:19:db:47:b0:4c UHLc 1 180 - 4 fxp0 224/4 127.0.0.1 URS 0 0 33200 8 lo0 Without the "don't resolve addresses to names" option, that same routing table looks like this: Code:
$ ]netstat -r -f inet Routing tables Internet: Destination Gateway Flags Refs Use Mtu Prio Iface default parmenides UGS 3 23 - 8 fxp0 loopback localhost UGRS 0 0 33200 8 lo0 localhost localhost UH 1 0 33200 4 lo0 192.168.222/24 link#1 UC 2 0 - 4 fxp0 parmenides 00:08:c7:05:ca:0b UHLc 1 4 - 4 fxp0 hercules 00:19:db:47:b0:4c UHLc 1 204 - 4 fxp0 BASE-ADDRESS.MCAST localhost URS 0 0 33200 8 lo0 But did you ever wonder where the BASE-ADDRESS.MCAST network name for 224/4 comes from? It does not originate from DNS but from a file /etc/networks which as usual on the BSD's has a man page. For the online versions see networks(5) for OpenBSD and for FreeBSD networks(5). From the OpenBSD version: Code:
NAME networks - Internet Protocol network name database DESCRIPTION The networks file is used as a local source to translate between Internet Protocol (IP) network addresses and network names (and vice versa). It can be used in conjunction with the Domain Name System (DNS). Code:
# $OpenBSD: networks,v 1.5 1997/09/15 09:54:52 deraadt Exp $ # # Internet networks (from nic.ddn.mil) # 1) The multicast network BASE-ADDRESS.MCAST.NET 224 loopback 127 loop # Your subnets follow... Code:
utp.xnet 192.168.222 Code:
$ netstat -r -f inet Routing tables Internet: Destination Gateway Flags Refs Use Mtu Prio Iface default parmenides UGS 2 30 - 8 fxp0 loopback localhost UGRS 0 0 33200 8 lo0 localhost localhost UH 1 0 33200 4 lo0 utp.xnet link#1 UC 2 0 - 4 fxp0 parmenides 00:08:c7:05:ca:0b UHLc 2 20 - 4 fxp0 hercules 00:19:db:47:b0:4c UHLc 1 363 - 4 fxp0 BASE-ADDRESS.MCAST localhost URS 0 0 33200 8 lo0 Code:
# Your subnets follow... utp.xnet 192.168.222 utp-mask 255.255.255 Code:
# ifconfig lo1 create # ifconfig lo1 192.168.222.245 netmask utp-mask # ifconfig lo1 lo1: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 33200 priority: 0 groups: lo inet 192.168.222.245 netmask 0xffffff00
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
What's the difference between /etc/networks and /etc/hosts ?
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
I can imagine that an "Arp constable", confined to watching and patrolling ARP communication in a single network, may not understand the difference
From hosts(5): Code:
NAME hosts - host name database DESCRIPTION The hosts file contains information regarding the known hosts on the net- work. For each host, a single line should be present with the following information: Internet address Official host name Aliases Code:
NAME networks - Internet Protocol network name database DESCRIPTION The networks file is used as a local source to translate between Internet Protocol (IP) network addresses and network names (and vice versa). It can be used in conjunction with the Domain Name System (DNS). While the networks file was originally intended to be an exhaustive list of all IP networks that the local host could communicate with, distribu- tion and update of such a list for the world-wide Internet (or, indeed, for any large "enterprise" network) has proven to be prohibitive, so the Domain Name System is used instead, except as noted. For each IP network, a single line should be present with the following information: official network name ip network number aliases
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
Excuse me, I had checked FreeBSDs manuals instead (having been logged in from a FBSD box) :-P
Quote:
Quote:
+1 for the tieres... hehe, sorry for the fool question
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
There are no foolish questions, only foolish answers
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
How secure are wireless home networks? | JMJ_coder | General software and network | 37 | 18th April 2011 04:04 PM |
root: unknown user | roddierod | FreeBSD General | 9 | 28th April 2009 10:18 PM |
Securing wifi networks with ipsec/ssh and openbsd | Oko | OpenBSD Security | 4 | 16th April 2009 07:32 AM |
DMZ for two networks users... | maurobottone | OpenBSD Security | 6 | 2nd June 2008 02:57 PM |
postfix + dovecot LDA: bounce, user unknown | cbrace | FreeBSD General | 1 | 9th May 2008 05:19 PM |