<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=us-ascii" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Chris. wrote:
<blockquote cite="mid20080304114337.5E6D4EA51AE@mail.fastmail.ca"
type="cite">
<pre wrap="">On Tue, 04 Mar 2008 22:56:19 +1300, Amos Jeffries wrote...
</pre>
<blockquote type="cite">
<pre wrap="">Chris. wrote:
</pre>
<blockquote type="cite">
<pre wrap="">On Mon, 3 Mar 2008 14:25:14 +0000 (UTC), Chris. wrote...
</pre>
<blockquote type="cite">
<pre wrap="">On Sun, 02 Mar 2008 23:50:21 +0300, Michael Tokarev wrote...
</pre>
<blockquote type="cite">
<pre wrap="">Chris. wrote:
[]
</pre>
<blockquote type="cite">
<pre wrap="">FWIW both the working, and non-working installs were on BSD/OS
(FreeBSD).
</pre>
</blockquote>
<pre wrap="">Ok.
</pre>
<blockquote type="cite">
<pre wrap="">FWIW both installs declared only <a class="moz-txt-link-abbreviated" href="mailto:localhost@127.0.0.1">localhost@127.0.0.1</a> in their
hosts file.
</pre>
</blockquote>
<pre wrap="">Irrelevant -- DNS internally works by using IP addresses only,
never looking into hosts file.
</pre>
<blockquote type="cite">
<pre wrap="">FWIW both installs used only 1 (one) Internet Routable IP address
on the RBLDNS commandline.
</pre>
</blockquote>
<pre wrap="">Irrelevant - 1, 10, 100 - makes no difference.
</pre>
<blockquote type="cite">
<pre wrap="">FWIW nospammers.COM, and nospammers.NET each have a different, and
valid internet routable addresses. Both names are fictitious in
this dialog, as I'm not ready to announce them until I have a
working, and stable RBLDNSD install. I hope that's understandable.
:)
</pre>
</blockquote>
<pre wrap="">By the way, you can have as many IP addresses for a domain [name]
as you wish, including 0. The opposite is true as well - as many
domain names can live on a single IP address as necessary.
</pre>
</blockquote>
<pre wrap="">Understood. I currently host ~25 domains on one of my servers. I
only mentioned it, should it make a difference to RBLDNSD.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">FWIW other than the FQDN, and IP addresses, the only difference
between the 2 installs is the version of BSD, and the version of
the BIND.
</pre>
</blockquote>
<pre wrap="">So this brings up my first question - the inability to bind to
loopback other than 127.0.0.1. I'm not an expert in FreeBSD, so
it's not my game. Maybe it's version dependent, maybe some local
settings or compile-time flag - I've no idea. The thing is that
one of your systems allows to bind to any 127.x.x.x address freely,
while another does not.
Note it's not rbldnsd who refuses to bind to 127.0.0.3 etc, it's
the Operating System who does not permit it to do so.
If you don't believe me, try the following perl program:
--------- cut -------------
#! /usr/bin/perl -W
use Socket;
socket(H, PF_INET, SOCK_DGRAM, 0) or die "socket: $!";
my $sin = sockaddr_in(1053, inet_aton($ARGV[0] || "127.0.0.3"));
bind(H, $sin) or die "bind: $!";
print "success!\n";
--------- cut -------------
run it on your "working" machine (which allows to bind to
non-127.0.0.1 addresses) and on your "non-working" machine. Try
without starting bind and/or rbldnsd or anything else (except
network, obviously) - it does not matter which version of bind
you're running.
</pre>
</blockquote>
<pre wrap="">I ran this on several of my servers. In /all/ cases, the script
returned:
bind: Can't assign requested address at ./run-me.pl line 5.
I also modified it to use 127.0.0.2
it returned: bind: Can't assign requested address at ./run-me.pl
line 5.
modifying it to 127.0.0.1 returned:
Success!
All attempts also included the server that successfully ran RBLDNSD.
</pre>
<blockquote type="cite">
<pre wrap="">Yet again: this issue (rbldnsd is unable to bind to 127.0.0.3 etc)
is a completely separate issue, unrelated to any other. You
already worked around it(*) by using your PRIP instead of loopback
range.
</pre>
</blockquote>
<pre wrap="">OK
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">FWIW I realize that the thread has obscured my original post which
included my detailed (and working) config/setup. If you wish me to
repeat it, I would be more than happy to reproduce it here. Also,
if there is anything else required/desired to assist you, please
let me know, as I will be happy to oblige. ;)
</pre>
</blockquote>
<pre wrap="">I just re-read your original message. And to be fair, I don't see
a question in it which I can answer... You describe your working
setup in full details, next you describe some other setup you want
to achieve (which is different from your current setup, but by very
small details), and next you ask if someone has a recipe... But
you already gave a recipe in your working setup, which needs only
few changes to adopt.
</pre>
</blockquote>
<pre wrap="">I'm listening. :)
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">FWIW I'm confident that this is a resolvable problem. As such, I
have begun creating
</pre>
</blockquote>
<pre wrap="">They all definitely ARE solvable problems. Let's start hunting
them one-by-one.
</pre>
</blockquote>
<pre wrap="">That is always the most efficient diagnoses. :)
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">a web interface to the RBLDNSD lists which can be manipulated from
a web browser, and stored in a DB. Hope this helps.
</pre>
</blockquote>
<pre wrap="">Heh. Maybe - I for one hate web interfaces ;)
</pre>
</blockquote>
<pre wrap="">Then you may be encouraged to know that I /only/ made the "web"
portion in an effort to permit requests to become whitelisted, and
to allow mail users to manipulate their own lists. The whole thing
has been incarnated from the scripts I've already created, and have
already been using to manipulate (manage) the lists from my terminal
(console), or cron. Point being; the web part isn't required to
accomplish everything it provides. The web part was only an "after
effect".
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">OH. One more thing. It might be worth noting that there is a bug
in the 9.4 BIND related to name resolution (gethostbyname as I
recall). This may be the difference, which may require some sort
of kludge to work around - see; may be the trouble.
</pre>
</blockquote>
<pre wrap="">bind does not use gethostbyname() library routine.
</pre>
</blockquote>
<pre wrap="">I only remember that there was a bug (freebsd related) regarding
gethostbyname(), in the way bind used/required it. Unfortunately
isc is /very/ secretive about their bugs, and I can't seem to find
it right now.
</pre>
<blockquote type="cite">
<pre wrap="">Regardless, it's not the bug to worry about in our case.
</pre>
</blockquote>
<pre wrap="">Good to know.
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap="">Thank you again for taking the time to respond. Please do not
trouble yourself until you are feeling better. I will be more than
happy to wait until then. :)
</pre>
</blockquote>
<pre wrap="">Yes I'm *much* better now. When I wrote first reply to you, I had
temp of 38.4C - it was a flu (grippe as we call it here). Now I'm
back to normal again.
</pre>
</blockquote>
<pre wrap="">Glad to hear it. Congratulations. :)
</pre>
<blockquote type="cite">
<pre wrap="">Ok, back to our horses/sheeps/whatever.