[opensuse] /etc/hosts.allow causing probs ? What would cause this? ipv6 day?
I've recently been getting occasion relaying denied messages from my mail server (in my own house, no less, seems a bit abusive, shouldn't take that from a machine, pull it's plug or maybe it's memory chips one at a time....)... But I think they are related to these oddities in the /etc/hosts.allow Oct 18 17:38:15 Ishtar sshd[19952]: warning: /etc/hosts.allow, line 73: host name mismatch: Athenae != (null) (::ffff:192.168.3.140) Um....Athenae has 2 interfaces, one at 192.168.3.12, and another at 192.168.3.140. Isn't the ::ffff: some sort of ipv6 compatibility address (that I thought had been abandoned?)... Why is it seeing my addr as such athenae isn't USING IP6 addessing?!? (Athenae is a Windows 7 machine with the ipv6 stack turned off). It's talking to a server Ishtar which does have a an ipv4 and ipv6 (that mostly goes unused except for testing).... it looks like a scope link address (/64) but it looks like it with the local hosts, it's **sometimes** interpreting them as 48 bit hosts. This started happening right around ipv6 day...did something change that might cause this? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Linda Walsh wrote:
I've recently been getting occasion relaying denied messages from my mail server (in my own house, no less, seems a bit abusive, shouldn't take that from a machine, pull it's plug or maybe it's memory chips one at a time....)...
But I think they are related to these oddities in the /etc/hosts.allow
Oct 18 17:38:15 Ishtar sshd[19952]: warning: /etc/hosts.allow, line 73: host name mismatch: Athenae != (null) (::ffff:192.168.3.140)
Um....Athenae has 2 interfaces, one at 192.168.3.12, and another at 192.168.3.140.
Isn't the ::ffff: some sort of ipv6 compatibility address (that I thought had been abandoned?)...
Why is it seeing my addr as such athenae isn't USING IP6 addessing?!?
It's just an IPv4 address presented in IPv6 format. It's quite typical for an IPv6-aware applications to use that format. -- Per Jessen, Zürich (12.4°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Per Jessen wrote:
Linda Walsh wrote:
Oct 18 17:38:15 Ishtar sshd[19952]: warning: /etc/hosts.allow, line 73: host name mismatch: Athenae != (null) (::ffff:192.168.3.140)
It's just an IPv4 address presented in IPv6 format. It's quite typical for an IPv6-aware applications to use that format.
---- That's what I thought as well...but then would I get a name mismatch? as a reverse DNS on 192.168.3.140 points at Athenae? I thought it was the ::ffff: part throwing it off...maybe the host.{conf,allow,deny} libs don't know it's the same? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Linda Walsh wrote:
Per Jessen wrote:
Linda Walsh wrote:
Oct 18 17:38:15 Ishtar sshd[19952]: warning: /etc/hosts.allow, line 73: host name mismatch: Athenae != (null) (::ffff:192.168.3.140)
It's just an IPv4 address presented in IPv6 format. It's quite typical for an IPv6-aware applications to use that format.
----
That's what I thought as well...but then would I get a name mismatch? as a reverse DNS on 192.168.3.140 points at Athenae?
I thought it was the ::ffff: part throwing it off...maybe the host.{conf,allow,deny} libs don't know it's the same?
I dunno, that would be tcp_wrapper (or some such). I can't really imagine that should have an issue with IPv6. -- Per Jessen, Zürich (4.6°C) -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Per Jessen wrote:
That's what I thought as well...but then would I get a name mismatch? as a reverse DNS on 192.168.3.140 points at Athenae?
I thought it was the ::ffff: part throwing it off...maybe the host.{conf,allow,deny} libs don't know it's the same?
I dunno, that would be tcp_wrapper (or some such). I can't really imagine that should have an issue with IPv6.
---- This looks like bind not knowing they are the same. I.e. if I 'dig -x 192.168.3.140', I get back Athenae.sc.tlinx.org, But if I dig '::ffff:192.168.3.140 I get no answers back. I've never seen any reference to adding a ::ffff:... form in reverse DNS. ???weird. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Linda Walsh wrote:
Per Jessen wrote:
That's what I thought as well...but then would I get a name mismatch? as a reverse DNS on 192.168.3.140 points at Athenae?
I thought it was the ::ffff: part throwing it off...maybe the host.{conf,allow,deny} libs don't know it's the same?
I dunno, that would be tcp_wrapper (or some such). I can't really imagine that should have an issue with IPv6.
----
This looks like bind not knowing they are the same.
I.e. if I 'dig -x 192.168.3.140', I get back Athenae.sc.tlinx.org, But if I dig '::ffff:192.168.3.140 I get no answers back.
I've never seen any reference to adding a ::ffff:... form in reverse DNS.
???weird.
For that to work, I think you have to setup a reverse record for both the IPv4 form and the IPv6 form. I haven't done any IPv6 programming for a while, but afair, the ::ffff: form is just common presentation produced by e.g inet_ntop(), whereas the address internally is marked as either ipv4 or ipv6. /Per -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 10/19/2011 8:31 AM, Linda Walsh wrote:
Per Jessen wrote:
Linda Walsh wrote:
Oct 18 17:38:15 Ishtar sshd[19952]: warning: /etc/hosts.allow, line 73: host name mismatch: Athenae != (null) (::ffff:192.168.3.140)
It's just an IPv4 address presented in IPv6 format. It's quite typical for an IPv6-aware applications to use that format.
----
That's what I thought as well...but then would I get a name mismatch? as a reverse DNS on 192.168.3.140 points at Athenae?
I thought it was the ::ffff: part throwing it off...maybe the host.{conf,allow,deny} libs don't know it's the same?
Why not just nuke the line in hosts.allow and see if it comes back? -- _____________________________________ ---This space for rent--- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
John Andersen wrote:
Why not just nuke the line in hosts.allow and see if it comes back?
---- The line that was matching was: ALL: LOCAL, 192.168.3.0/255.255.255.0, [fe80:xxxxxxxx::192.168.3.0]/120]: ALLOW I'm thinking since it saw the IP6 addr on the same line, it converted the IP4 addr to an IP6 one. The fe80 isn't in use right now anyway, so put it on a separate line: ALL: LOCAL, 192.168.3.0/255.255.255.0 : ALLOW ALL: [fe80:xxxxxxxx::192.168.3.0]/120 : ALLOW Which, if I understand the access rules correctly means it should (crossing fingers)(?) match the 1st line 1st, if it is IPV4, and then the second line if it is an IPV6 addr (which I'm not really using right now, but have tried it out, and would like to leave it for experimenting...)... But never saw this message before this last month....and that line has been in there for probably a year or more...been a while since I tried config'ing my net for IPV6....decided it wasn't worth the overhead internally, and my ISP doesn't support it anyway (except in limited trials, not in my area!)... Will have to see if that changes anything. ------------------- To Per Andersen: I'm fairly certain -- I've never seen any reference to a need to put reverse dummy entries in for a dual-stack server ... (My DNS server isn't even returning IPv6 entries right now because IPv6 is unconfigured)... -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
John Andersen -
Linda Walsh -
Per Jessen