On 13-Oct-99 Julian Assange wrote:
> For privacy reasons source addresses would not be logged, indeed a
> compile time option could be used to enable address spoofing --
> although this seems extravagant given the amount of trust implicitly placed
> in *.netbsd.org by anyone running NetBSD code (and the logging that
> ftpd, cvs etc already does).

I think the right thing to do is write a perl script that looks at the logs for
ftp.netbsd.org, and records how many times that distfile is downloaded, or
attempted to be downloaed. (if that one is in the logs, not sure).

Besides.. it avoids the whole firewall, corporate security, we don't want you
to know what we run, etc etc mess.  Which is a very real concern for a number
of companies.  Passing information like that out (even with all the spoofing
and whatnot you suggested) is a direct violation of company policy.

What I would not object to, is logic in bsd.pkg.mk, that sends out information
like the above, but must be explicitly turned on by the user, and ships with a
NO in mk.conf.example, with a comment urging people to turn it on (with proper
explanations of what it does).

---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
NetBSD Mailing lists on the web: http://mail-index.netbsd.org/