Questions
and Answers
Amy Rich
Q I occasionally need to delete
specific DNS cache entries from our corporate BIND servers. I've
read through the documentation, but can't seem to find a way
to do this. Can you point me to any supplemental documentation that
might help, or is this just not possible?
A You don't mention which
version of BIND you're running, so I'll take a stab and
guess that you're running either BIND 8 or BIND 9. You can't
flush individual cache entries with BIND 8, but you can flush the
entire cache using:
ndc restart
With BIND 9 up to version 9.1.3, you need to kill and restart named.
The rndc command replaced the ndc command from BIND
8, so in versions 9.2.0 and 9.2.1, you can run:
rndc flush
In 9.3.0, you'll finally be able to flush individual entries
with rndc by using the syntax:
rndc flushname <name>
Q According to RFC 2821, non-resolvable/non-routable
addresses must not appear in any SMTP transactions:
4.1.1.1 Extended HELLO (EHLO) or HELLO (HELO)
These commands are used to identify the SMTP client to the SMTP
server. The argument field contains the fully qualified domain
name of the SMTP client if one is available. In situations in
which the SMTP client system does not have a meaningful domain
name (e.g., when its address is dynamically allocated and no reverse
mapping record is available), the client SHOULD send an address
literal (see section 4.1.3), optionally followed by information
that will help to identify the client system.
...
4.1.3 Address Literals
Sometimes a host is not known to the domain name system and
communication (and, in particular, communication to report and
repair the error) is blocked. To bypass this barrier a special
literal form of the address is allowed as an alternative to a
domain name. For IPv4 addresses, this form uses four small decimal
integers separated by dots and enclosed by brackets such as [123.255.37.2],
which indicates an (IPv4) Internet Address in sequence-of-octets
form. For IPv6 and other forms of addressing that might eventually
be standardized, the form consists of a standardized "tag"
that identifies the address syntax, a colon, and the address itself,
in a format specified as part of the IPv6 standards.
We have our mail hub (running sendmail) behind our NAT gateway, and
it connects directly to machines on the Internet to deliver mail.
The mail hub is clearly violating RFC 2821 by initiating SMTP transactions
with its internal name that only resolves within our RFC 1918 address
space. How do I modify our setup so that it's not breaking spec?
A Presumably your NAT gateway has
valid forward and reverse addresses and its own FQDN that allows
it to talk to other machines. If you're just doing a port 25
redirection to your internal mail hub, then you can modify the sendmail
configuration on the mail hub to talk to outside hosts using the
FQDN of the NAT box (this assumes that your NAT box never sends
mail to your mail hub). Add the following line to your .mc file
and rebuild your sendmail.cf on the mail hub:
define('confDOMAIN_NAME','your.nat.box')dnl
If your NAT box is also a machine that will be sending mail, then
you'll cause a loop if both the NAT box and the mail hub use
the same name in the SMTP transaction with each other. In this case,
you can create another A record that resolves to the same IP as your
NAT box. Use this new FQDN on your mail hub:
define('confDOMAIN_NAME','not.the.nat.box')dnl
This way both names will be resolvable and routable, but will not
conflict when the two machines are talking to each other.
Q I'm writing a Perl program
which, among other things, needs to sort software revision numbers.
I have a list of revision numbers like:
2.5.1 2.10.3 3.7.11 2.1.1
When sorted, they should appear in the following order:
2.1.1 2.5.1 2.10.3 3.7.11
I'm having difficulty coming up with an algorithm that does
this correctly and reasonably quickly. Any help you can offer would
be appreciated.
A To efficiently sort this type
of data, use the packed default sort, a modification of the Schwartzian
Transform. Uri Guttman and Larry Rosler do a fantastic job of covering
the Schwartzian Transform and the packed default sort (as well as
others) in the following paper:
http://www.sysarch.com/perl/sort_paper.html
Here are the relevant excerpts:
The significant invention in the ST is the use of anonymous arrays
to store the records and their sortkeys. The sortkeys are extracted
once, during a preprocessing pass over all the data in the list
to be sorted (just as we did before in computing the cache of sortkeys).
@out =
map $_->[0] =>
sort { $a->[1] cmp $b->[1] }
map [ $_, KEY($_) ] => @in;
The ST doesn't sort the actual input data. It sorts the references
to anonymous arrays that contain the original records and the sortkeys.
So we have to post-process to retrieve the sorted records from the
anonymous arrays.
Using the ST for a multi-subkey sort is straightforward. Just
store each successive extracted subkey in the next entry in the
anonymous array. In the sortsub, do an "or" between
comparisons of successive subkeys, as with the OM and the naive
sorts.
@out =
map $_->[0] =>
sort { $a->[1] cmp $b->[1] ||
$b->[2] <=> $a->[2] }
map [ $_, KEY1($_), KEY2($_) ]
=> @in;
The packed-default sort
Each of the advanced sorting techniques described above saves
the operands to be sorted together with their sortkeys. (In the
cached sorts, the operands are the keys of a hash and the sortkeys
are the values of the hash; in the Schwartzian Transform, the
operands are the first elements of anonymous arrays, the sortkeys
are the other elements of the arrays.) We now extend that idea
to saving the operands to be sorted together with packed-string
sortkeys, using concatenation.
This little-known optimization improves on the ST by eliminating
the sortsub itself, relying on the default lexicographic sort,
which as we showed earlier is efficient. This is the method used
in the new Sort::Records module.
To accomplish this goal, we modify the ST by replacing its anonymous
arrays by packed strings.
First we pack the subkeys into a single string. Multiple subkeys
are simply concatenated, suitably delimited if necessary. Then
we append the operand to be sorted.
Several methods can be used, singly or in combination, to build
the packed strings, including concatenation, pack, or sprintf.
Techniques for computing subkeys of various types are presented
in Appendix B.
Then we sort lexicographically on those strings, and finally
we retrieve the operands from the end of the strings.
Several methods can be used to retrieve the operands, including
substr (shown here), which is likely to be the fastest, split,
unpack or a regex.
@out =
map substr($_, 4) =>
sort
map pack('C4' =>
/(\d+)\.(\d+)\.(\d+)\.(\d+)/)
. $_ => @in;
Benchmark [Table 1] compares the two most advanced general-purpose
sorting techniques, ST and packed-default. These multi-stage sorts
are measured both as individual stages with saved intermediate data
and as single statements.
The packed-default sort is about twice as fast as the ST, which
is the fastest familiar Perl sorting algorithm.
Earlier, we showed trivial sorts using the substr or lc function.
Even for those cases, the packed-default sort performs better
when more than a few data items are being sorted. See Benchmark
A5, which shows quasi-O(N) behavior for the packed-default sort
over a wide range of input sizes, because the sorting is much
faster than the sortkey extraction.
So, to sort based on the three numeric fields in your software revision
numbers, you'd want:
@sortedrev = map (substr $_, 3) =>
sort
map pack('C3' =>
/(\d+)\.(\d+)\.(\d+)/)
. $_ => @revisions;
Q I use procmail to catch a lot of spam
that makes its way towards my account. Every once in a great while,
I'll get a false positive, but I have so many rules and regular
expression matches, that it's sometimes hard to track down what
rule was triggered. Of course I can always turn on verbose, but that,
too, shows much more than I'm interested in, and it isn't
useful for when the mail that triggered the mystery rule has already
been sent to /dev/null. Is there any way to just have procmail selectively
log what rule was matched when it triggers one of my spam catchers?
A You can selectively modify the
standard log message that gets written out. First, make sure that
you've specified a log file in your .procmailrc:
LOGFILE=$HOME/mail.log
Second, create newline variable (again in your .procmailrc) for ease
of use later in your recipes:
NL="
"
For each of your spam-catching rules, use the MATCH variable to store
the regular expression match. Here's a snippet from the procmailrc:
MATCH This variable is assigned to by procmail whenever it is
told to extract text from a matching regular expression. It will
contain all text matching the regular expression past the '\/'
token.
Let's take an example. You want to throw all mail from the
user nobody@host.name into /dev/null. The rule would look like:
:0
* ^\/From:.*nobody@host.name
{
LOG="Match = ${MATCH}${NL}"
:0
/dev/null
}
Instead of the standard log message:
From nobody@host.name Thu November 14 20:42:27 2002
Subject: spam
Folder: /dev/null 444
The log message would appear with the additional "Match"
line at the top:
Match = From: nobody@host.name
From nobody@host.name Thu November 14 20:42:27 2002
Subject: spam
Folder: /dev/null 444
The \/ token can be used with any sort of header or body match. To
get the most information, you'll want to put it as close to the
beginning of the regular expression as you can. For headers, this
means putting it after the beginning of line token, ^. For matches
on message bodies, I suggest writing the beginning of the regular
expression line as:
* .*\/
Q I recently cvsuped to FreeBSD 4.6-STABLE
and built and installed the new OS. After I rebooted the machine,
I started getting (and keep getting) messages like the following:
Nov 11 10:25:00 kosmos /usr/sbin/cron[167]: getting vmemoryuse resource limit: Invalid argument
Nov 11 10:30:00 kosmos /usr/sbin/cron[170]: getting vmemoryuse resource limit: Invalid argument
Nov 11 10:35:00 kosmos /usr/sbin/cron[178]: getting vmemoryuse resource limit: Invalid argument
I've tried changing /etc/login.conf to set vmemoryuse to various
different values, including unlimited. I rebooted the machine and
still get errors like the above. Did I miss something when running
mergemaster?
A Rather than missing something
in mergemaster, it sounds like you did not install and boot off
a new kernel. If you build a new kernel with the same sources that
you used to build your user environment and you're still having
issues, try searching through the FreeBSD mailing list archives
or posting to the stable mailing list. Information on reading and
subscribing to the freebsd-stable mailing list can be found at:
http://www.freebsd.org/support.html#mailing-list
Q I have a fresh installation of Solaris
9, which I just configured. I created an /etc/resolv.conf file and
listed our domain and our three DNS servers. /etc/nsswitch.conf has
the line:
hosts: files dns
I am able to use nslookup and dig without any problems, but client-oriented
programs, like ping, ssh, and a small C program I wrote to test gethostbyname(),
do not successfully resolve an IP when given a hostname. I am able
to use the IP address instead of the hostname for each of these services.
As a last ditch effort, I changed /etc/nsswitch.conf to use just dns
and everything started working fine. I then added files back in, so
it exactly matched the contents of the file when it was failing, and
it still continued to work. Why would modifying /etc/nswitch.conf
(and then changing it back) cause name resolution to suddenly start
working?
A Are you running the name service
cache daemon (nscd) on this machine? My best guess is that you are,
and changing the modification time on /etc/nsswitch.conf triggered
nscd and made it reread your /etc/resolv.conf file. I choose not
to run nscd on the machines I administer because it often causes
more hassles than it's worth. If you don't want to run
nscd at all, remove the following files:
/etc/rc0.d/K40nscd
/etc/rc1.d/K40nscd
/etc/rc2.d/S76nscd
/etc/rcS.d/K40nscd
If you want to run the caching daemon but not use it for hosts, or
if you want to tweak some of the parameters that nscd uses, take a
look at the nscd and nscd.conf man pages. You can experiment with
the values in /etc/nscd.conf until you are happy with the TTL parameters.
Amy Rich, president of the Boston-based Oceanwave Consulting,
Inc. (http://www.oceanwave.com), has been a UNIX systems
administrator for more than five years. She received a BSCS at Worcester
Polytechnic Institute, and can be reached at: qna@oceanwave.com.
|