Repeaters [off topic]
I'm using a repeater to grab a wireless signal and pass it to my local (wired) lan. For various reasons I won't go into a repeater is, in theory, the best way to do this. However, I'm having trouble finding a repeater that isn't garbage. I've been through 2 Linksys units, both of which required constant reboots and both of which died after almost exactly a year. I tried a Hawking HWREN1 which is still working after slightly more than a year but has trouble with encrypted traffic and also requires frequent reboots. I also tried a Hawking HW2R1, which was much less flaky than the HWREN1 and handled encrypted traffic OK, but died after about 3 months. Since these things cost $100-$140 apiece, it would be cost effective to to pay more for a unit that worked consistently and didn't die after a few months of light use. Has anyone on the list used a repeater that they had good experience with? Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: what is the best kind of KVM Switch?
On Sat, Aug 11, 2012 at 12:18:59PM -0700, Gary Kline wrote: > > > guys, > > can any of you with hardware background tell me which are > the better KVM makes? about three weeks ago my "Belkin > soho" 4-port kvm switch started going flakey on port #1. > > I ordered a new one, same make//model except with PS/2 > plugs. it arrived 100% DOA. I'Ve finally found > somebody willing to come over and help me. Fry's is about > 12 clicks away. they have not too many. maybe an > "iogear" (sp?). is there really that much diff between kvm > switch? and if there is, which should I be looking for? I've used Belkins. They've been flakey. I'm currently on my third year with an Aten and have had no problems. I bought this cheap off the Internet so I don't know what they usually sell for. There was some discussion here about KVM switches just before I bought mine and everyone who mentioned Aten said good things about it. Best of luck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Fri, Apr 29, 2011 at 01:54:06AM +0100, RW wrote: > On Thu, 28 Apr 2011 13:17:41 -0400 > Bob Hall wrote: > > > On Thu, Apr 28, 2011 at 12:10:10AM +0100, RW wrote: > > > I'm not saying that anonymous mappings used by malloc aren't > > > zero-filled, just that it's not mentioned anywhere in the mmap man > > > page. I think it's just taken as read. > > > > I just got what you're trying to say. Unfortunately, your quotes > > mislead me about what you were concerned about. You're right, the man > > page doesn't explicitly state whether anonymous mappings are zero > > filled or not. Since man pages prioritize concision, I would expect > > the page to explain how anonymous mappings are different from other > > mappings, but not how they are the same. > > but they aren't the same - that's what the quotes were about. Looking back, I don't see anything in your quotes that raises the issue of anonymous objects being used differently. > If the zero-filled extensions included whole pages that have the same > status as the rest of the mapping then it would be reasonable to infer > that anonymous mappings are similarly filled with zeroed-pages. > > What that man page is talking about is a small padding region at the > end of a file-backed mapping that isn't really intended for use and > presumably could get re-zeroed at any moment since it has no backing > store. It seems to me to be unreasonable to infer anything about > anonymous mappings from this. When an anonymous object first gets a pagein, it grabs a free page and zeros it. Generally, the virtual memory system fetches new pages from a cache of zeroed pages. In either case, pages are zeroed before a process gets access. This is part of the general background info on virtual memory and I wouldn't expect it to be documented in the mmap man page. Off topic, the maillist is apparently filtering out my posts. I've looked at the webpage on filtering and can't find anything that explains why I'm being filtered. I've tried posting from another system that I posted successfully from previously, but no success. I've tried googling and searching the mail archives for problems related to google mail, but nothing came up. If some mail expert can spot what's causing me to be blocked and let me know, I'd be grateful. > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Thu, Apr 28, 2011 at 12:10:10AM +0100, RW wrote: > I'm not saying that anonymous mappings used by malloc aren't > zero-filled, just that it's not mentioned anywhere in the mmap man > page. I think it's just taken as read. I just got what you're trying to say. Unfortunately, your quotes mislead me about what you were concerned about. You're right, the man page doesn't explicitly state whether anonymous mappings are zero filled or not. Since man pages prioritize concision, I would expect the page to explain how anonymous mappings are different from other mappings, but not how they are the same. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Tue, Apr 26, 2011 at 11:41 AM, RW wrote: >> The above quote states that the memory not occupied by the remapped >> object is zero filled. Which is to say that memory allocated by >> mmap() is either filled with new data or filled with zeros. > > In context it says: > > "If len is not a multiple of the page-size, the mapped region > may extend past the specified range. Any such extension beyond the > end of the mapped object will be zero-filled." > > To me the most straightforward reading of that is that it's > referring to non-aligned address ranges. > > Your interpretation may well be the intended one, but where would > that leave the anonymous mappings used by malloc? Are we to think > of them as extensions beyond a non-existent mapped object, and thus > infer that they are zero-filled? It's a bit of a stretch from > what's written. malloc() uses either sbrk or mmap to extend the heap. As far as I know, sbrk extends the heap with zero filled memory. According to the man page, mmap extends it either with remapped data, or with remapped data plus additional zero filled memory. This answers the original poster's question. If you've gone on to a different issue then I apologize for not following you. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Mon, Apr 25, 2011 at 11:29:08PM +0100, RW wrote: > On Mon, 25 Apr 2011 13:54:20 -0400 > Bob Hall wrote: > > > On Mon, Apr 25, 2011 at 05:46:33PM +0200, C. P. Ghost wrote: > > > On Mon, Apr 25, 2011 at 5:15 PM, Bob Hall wrote: > > > > On Mon, Apr 25, 2011 at 03:18:46PM +0100, RW wrote: > > > >> I don't believe the heap is allocated zeroed pages. The kernel > > > >> does allocate such pages to the BSS segment, but that's because > > > >> it holds zeroed data such as C static variables. > > > > > > > > According to McKusick and Neville-Neil's book on FreeBSD, sbrk > > > > extends the uninitialized data segment with zero-filled pages. > > > > Since malloc() is an interface to sbrk, it does the same thing. > > > > > > True, except that malloc(3) now uses both sbrk(2) and mmap(2) > > > allocators, depending on the user-settable flags > > > in /etc/malloc.conf, MALLOC_OPTIONS and the global variable > > > _malloc_options. So you have to look into mmap(2) too. > > > > Good point. From the man page: > > "Any such extension beyond the end of the mapped object will be > > zero-filled." > > and > > "A successful mmap deletes any previous mapping in the allocated > > address range." > > > The above quote refers to zeroing the fraction of a page that's left > over when "len" isn't a multiple of the page size. The above quote states that the memory not occupied by the remapped object is zero filled. Which is to say that memory allocated by mmap() is either filled with new data or filled with zeros. > However, there's a > comment in malloc.c about mmap'ed regions being zeroed, so I guess they > are, but it doesn't seem to be mentioned at all in mmap(2). It is mentioned, in the first sentence I quoted. > The reason I thought that heap memory isn't zeroed is from the > discussion of pre-zeroed pages in this article: > > http://www.freebsd.org/doc/en_US.ISO8859-1/articles/vm-design/prefault-optimizations.html > > It reads as if the BSS region is the only significant user of zeroed > pages. It appears to me to say that any virtual pages allocated to a process are pre-zeroed, which would include the BSS segment. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Mon, Apr 25, 2011 at 05:46:33PM +0200, C. P. Ghost wrote: > On Mon, Apr 25, 2011 at 5:15 PM, Bob Hall wrote: > > On Mon, Apr 25, 2011 at 03:18:46PM +0100, RW wrote: > >> I don't believe the heap is allocated zeroed pages. The kernel > >> does allocate such pages to the BSS segment, but that's because it > >> holds zeroed data such as C static variables. > > > > According to McKusick and Neville-Neil's book on FreeBSD, sbrk extends > > the uninitialized data segment with zero-filled pages. Since malloc() is > > an interface to sbrk, it does the same thing. > > True, except that malloc(3) now uses both sbrk(2) and mmap(2) allocators, > depending on the user-settable flags in /etc/malloc.conf, MALLOC_OPTIONS > and the global variable _malloc_options. So you have to look into mmap(2) > too. Good point. From the man page: "Any such extension beyond the end of the mapped object will be zero-filled." and "A successful mmap deletes any previous mapping in the allocated address range." ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Password theft from memory?
On Mon, Apr 25, 2011 at 03:18:46PM +0100, RW wrote: > I don't believe the heap is allocated zeroed pages. The kernel > does allocate such pages to the BSS segment, but that's because it > holds zeroed data such as C static variables. According to McKusick and Neville-Neil's book on FreeBSD, sbrk extends the uninitialized data segment with zero-filled pages. Since malloc() is an interface to sbrk, it does the same thing. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Image activator
On Wed, Apr 20, 2011 at 12:48:38AM +0530, akash kumar wrote: > Hi, > > Can someone throw light on what ELF image activators is all about and point > me to some good articles on it. You mean the thingy that starts execution of a file by setting up process memory and remapping the text and initialized data segments into the low part of the address space and setting up the user stack? Aside from a brief mention in McKusick's and Neville-Neil's book on FreeBSD, I haven't found anything on it. I think this is a case of RTFS. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
statclock vs softclock
I hope this is the correct forum. I'm reading The Design & Implementation of the FreeBSD OS by McKusick & Neville-Neil, & I'm a little confused about statclock( ) and softclock( ). According to the book, statclock( ) ticks 128 times per second, and recalculates the priority of the current process every four ticks. If the recalculated priority is less than the current priority, it reschedules the process. However, on the same page, the book says that softclock( ) recalculates priorities once per second, and also reschedules processes. I must not be understanding something, because it seems to me that the book is saying that there are two routines doing the same thing and getting in each other's way. Can someone straighten me out? http://flylib.com/books/en/2.849.1.44/1 Thanks in advance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Simple command to reset / clear all logs?
On Wed, Jan 12, 2011 at 08:21:45PM +0100, Polytropon wrote:
> On Thu, 13 Jan 2011 02:17:10 +0900, Ryuichiro Hara wrote:
> > Hello,
> >
> > It might be all right to remove all "normal file" logs,
> > though you may want to retain all subdirectories.
> >
> > find /var/log -type f -exec rm {} \;
> >
> > may do.
>
> Possible problem: Programs that log to files may be confused
> that the file has disappeared. How about simply cutting the
> files to zero length?
>
> # cat /dev/null > /var/log/*
or # truncate -s 0 /var/log/*
That will save you two keystrokes, and that's important! ;-)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Portupgrade status [Was Re: Portmaster general questions and problems]
On Sun, Dec 26, 2010 at 11:39:58AM -0800, Ron (Lists) wrote: > But, due to portupgrade no longer being maintained and failing to work > anymore, I'm a bit confused about this. I did a quick google search and saw that someone had stopped maintaining portupgrade, but I also saw things that suggested that other people were maintaining it. The handbook continues to list it ahead of portmanager and portmaster, with no mention that it isn't being maintained. I've never stopped using portupgrade, and it has always worked. Updates come through periodically, two in the past month. For a port that isn't being maintained, it seems to be remarkably well maintained. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Greybeards (Re: Netbooks & BSD)
On Wed, Oct 20, 2010 at 12:07:55PM -0500, Tim Daneliuk wrote: > On 10/20/2010 11:55 AM, Gary Kline wrote: > > On Wed, Oct 20, 2010 at 12:47:38AM -0700, per...@pluto.rain.com wrote: > >> Matthias Apitz wrote: > >>> El d?a Tuesday, October 19, 2010 a las 07:29:46PM -0700, Gary Kline > >>> escribi?: > PS: I really _was_ current on hardware stuff. Back in the VAX > 780 days :-) > >>> I booted my first UNIX V7 tape on a PDP-11 around 1982, I think. > >> > >> Gotcha beat :) UNIX V6, PDP-11/34, RK05 disk cartridge, 1975. > >> The whole runtime fit on one RK05. The sources took a second one. > > > > I remember the 11/34 fondly. The whole EE department at Cory > > Hall was running one one; then when I interned at Livermore my > > job of porting the "Portable F77 Compiler" was done with vi and > > the source code that Stu Feldman wrote. I love[d] those bloody > > old computers, :-) Dunno why. Maybe because they really > > *were* about computing. Not streaming [[whatever]] or having > > php running. (Blah^9^9^9) > > > > :) > > Heck, when I started out, they didn't even have zeros and ones yet. > We had to settle for "o"s and "l"s ... When I started out, we didn't have read/write heads for the hard disks. We had to copy the data from the screen to the disk by hand using magnetized sewing needles. In order to read the damn things we had to pass a compass over the disk and see where the needle deflected. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Little question about device driver name
On Fri, Sep 24, 2010 at 07:04:06PM +0200, David DEMELIER wrote: > Hi folks, > > I just wonder why if_bridge(4) is prefixed by if_ for device name. > Every other device name like lagg(4), gif(4) are not prefixed with > this same one. if_bridge was based on bridge. I assume that when the updated if_bridge was introduced, the earlier bridge was still available, so the author needed some way to distinguish his new module from the earlier module. Type "man bridge" and check the Authors section. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is this bunk.
On Mon, Aug 23, 2010 at 01:25:34AM +0100, Garry wrote: > Mac OS X is basically BSD that's been appleised (serious vendor lock-in), > they do give a little back to BSDs, but have made sure that BSDs can't get > much off of them, but they can get a lot out of BSD. If the kernel is the basis of an OS, then OS X is basically the Mach kernel. The userland part of early versions of OS X borrowed heavily from NetBSD, but much of this has been replaced with FreeBSD in later version. Or so I'm told. As someone else has pointed out, Apple has made some important contributions to NFS, so they are not exactly free riders. > Also, Windows uses (or used to use) a BSD stack for networking for > instance. NT had a notoriously unstable network stack. It suddenly became more stable with Win2k, which turned out to be due to the replacement of much of the code with code taken from FreeBSD, which has a famously stable network stack. People who claim to have seen the MS code say that large parts of it are unchanged from the original FBSD code, and include the original comments. As far as I know, that code is still being used. > This does not mean to say that I have a problem with the quality of the code > in BSD, I just feel that the license is counter productive. And the wonderful thing about the proliferation of open source licenses is that you can pick a project with a license that you approve of and never have to have your code encumbered by a license you feel is inferior. The people who use FBSD and the wonderful people who produce it obviously feel that the FBSD license is the sort of license that they want to support. You are free to pity our delusions and choose a project with a more enlightened approach. Best of luck! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: BSD logo (a moderate opinion)
On Thu, Jul 29, 2010 at 11:03:07AM -0400, Jerry McAllister wrote: > On Thu, Jul 29, 2010 at 10:15:27AM -0400, Bob Hall wrote: > > Beastie is the mascot, and the sex toy is the logo. It is only the > > mascot that the OP objected to. He didn't mention any objections to the > > logo. > > Actually, the OP said logo and made no mention of mascott. In that case, I'm glad I was able to contribute my share of misinformation and confusion to this thread. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: BSD logo (a moderate opinion)
On Thu, Jul 29, 2010 at 09:52:07AM +0200, ?? wrote: > On Wed, 28 Jul 2010 12:55:04 -0600 > Dale Scott wrote: > > > Personally, I enjoy our mascot Beastie, as well as the > > Beastie-influenced official logo. I also smile when I see Casper, > > Wendy andHotStuff. However, I also accept there are individuals who > > understand these symbols differently than me, and that I may be > > alienating them to my detriment. It seems consumer products need to > > be mindful of cultural differences, is FreeBSD different? A larger > > community and increased OS market share wouldn't be all that bad, > > would it? > > > > I hope that those of you who believe in FreeBSD but with a personal > > conflict with the mascot or logo, band together and propose a > > complementary alternate symbol. I don't mean flooding the mail list > > (it's obvious we can do that on our own), I'm talking about difficult > > time-consuming organization, lobbying, and support gathering. For me, > > I hope Beastie endures forever - he our first and legacy mascot - but > > I also wouldn't object to one or two more officially sanctioned > > mascots and logos either. > > > > Dale Scott > > > > Personally, I tried to stay out of this conversion (because it's OT and > I find all religions annoying). But, anyway, IIRC, the reason why > our nice little beastie is no longer the official FreeBSD logo, is the > sentiments you just mentioned. There was a discussion about this years > ago on one of the mailing lists (I don't remember which one anymore), > which resulted in a contest, and the result is the horned ball logo you > find on the top of www.freebsd.org. This is also the reason why we > have to add 'beastie_disable="NO"' to /boot/loader.conf after a fresh > install now. So, please, refrain from calling for yet another new logo. Beastie is the mascot, and the sex toy is the logo. It is only the mascot that the OP objected to. He didn't mention any objections to the logo. As far as marketing products to a wide range of buyers, googling for "red devil" gets me Red Devil home repair and refinishing products Red Devil Italian Restaraunt Red Devil Equipment Co. Red Devil Lounge Red Devil Energy drink Red Devil snow blowers Red Devil hot sauce Red Devil Records Red Devil brakes Red Devil pedicab service Red Devil fire training and consuling You'll get a similar list if you google for "blue devil". So it seems that Beastie has lots of company out there in product land. Images of devils seem to be successful in marketing products. I don't believe that creating an alternative to Beastie is going to do anything to increase FBSD market share. My best wishes to the OP. I hope he finds something he's comfortable with. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Directory Passwords
On Sat, Jun 12, 2010 at 02:52:59PM -0400, Mike Robins wrote: > Hi there, I currently am running a FreeBSD/Samba server for my company > with public shares for all of the employees to keep their work related > documents in. I'm wondering if it is possible for me to keep these shares > public and add a password to each sub directory in the public share? This > would mean I could give each department a sub directory that only they > would know the password to and keep the sensitive documents away from > public view. Any password known to a group of people quickly becomes public knowledge. If you really need to restrict access to a share, this won't do it securely. In jobs I've had where it was necessary to restrict access to network shares, there was a central security server that was aware of me after I successfully logged on to my computer, and automatically gave me access to any share that a project manager had given me rights to, while blocking me from any share to which no project manager had given me rights. I'm pretty sure you can integrate Samba into such a system, but how to do it is a Samba related question, not a FreeBSD question. Best of luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: any shortcuts to doc to ascii?
On Fri, May 28, 2010 at 10:45:38AM -0400, Bob Hall wrote: > Another possibility, if you haven't considered it, is using sed to > convert everything. If you know all the characters that need to be Never mind. I just remembered about the garbage at the beginning of doc files. I had forgotten that I using both sed and awk to deal with that when I was working with doc files. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: any shortcuts to doc to ascii?
On Thu, May 27, 2010 at 10:53:39PM -0700, Gary Kline wrote: > On Thursday 27 May 2010 05:18:07 pm Bob Hall wrote: > > On Thu, May 27, 2010 at 04:36:08PM -0700, Gary Kline wrote: > > > ps: antiword same as catdoc. back to my per substitutions. > > > that works, along with vi's Builtin subs. > > > > Have you considered using whatever replaces the most special characters, > > and fixing the few characters that remain with sed? > > exactly!!! Another possibility, if you haven't considered it, is using sed to convert everything. If you know all the characters that need to be swapped out, you can write a sed script that will do it for you in one pass. If you don't know sed, creating the script may be a PITA, but you'll only have to do it once, and then you can reuse the script whenever needed. As I recall, the hard part is figuring out how to represent the special characters in sed. It's been a few years since I used sed on doc files, but I recall that the character codes that displayed on my screen were not the codes that I needed to use in sed scripts. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: any shortcuts to doc to ascii?
On Thu, May 27, 2010 at 04:36:08PM -0700, Gary Kline wrote: > ps: antiword same as catdoc. back to my per substitutions. > that works, along with vi's Builtin subs. Have you considered using whatever replaces the most special characters, and fixing the few characters that remain with sed? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Autoresponders [pa...@magi.magidesign.com: [#24508600] Re: Need advise.]
On Wed, May 19, 2010 at 10:37:22PM -0400, Glen Barber wrote: > Headers attached, so we can stop this nonsense in the future. I've gotten the same thing, and I'm a bit confused. What exactly is going on? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Question not found in FAQs or other documentation
On Sat, May 15, 2010 at 05:57:35PM -0400, jon wrote: > To whom it concerns, > > I am a relatively basic/amateur computer user and I just noticed > today that my "recent servers" lists "Free BSD". > > I do not knowingly connect to any outside servers and am concerned > that any server has been connected to my computer. > > My question is: how can I prevent this server from ever connecting to > my computer again? And anything else I can do to delete this server, > this connection Out of curiosity, I looked in the "Recent Servers" list in a couple of Macs that I have, and the only thing I could find were local file servers. A server is a process that accepts requests for services. Typically, they don't iniciate connections. As near as I can tell from the Mac documentation, the "Recent Servers" list is a list of servers that you've connected to, and nothing more. I suggest clicking on the item in your "Recent Servers" list and finding out what you connect to. If you have any further questions you should post them in a Mac forum, since the question of which servers you've been connected to really has nothing to do with the Free BSD operating system. Best of luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting firewall symbolic constants
On Tue, Mar 30, 2010 at 04:17:22PM -0500, Walter wrote:
> >>Can these be set by the system automatically? Specifically
> >>$firewall_simple_onet?
My first response never showed up. Second try.
I use
onet=`ifconfig rl0 | grep "inet " | awk '{print $6}'`
where rl0 is the outward facing NIC on this gateway.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting firewall symbolic constants
On Tue, Mar 30, 2010 at 07:52:57AM -0500, Walter wrote:
> Can these be set by the system automatically? Specifically
> $firewall_simple_onet?
I use
onet=`ifconfig | grep "inet " | awk '{print $6}'`
where if is rl0 or em0 or whatever the outward facing interface is for
your system.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
On Sun, Oct 18, 2009 at 11:48:55AM -0400, PJ wrote: > Bob Hall wrote: > > On Sat, Oct 17, 2009 at 05:36:43PM -0400, PJ wrote: > > > >> Bob Hall wrote: > >> > >>> On Sat, Oct 17, 2009 at 02:34:40AM +, Mark wrote: > >>> > >>> > >>>> Actually, this has got very little to do with being a native English > >>>> speaker or not. It's ere a matter of intonation (which, in writing, can > >>>> only be conveyed to a certain degree, of course). 'Should' can certainly > >>>> mean "Don't try that." As in: > >>>> > >>>> Will the ice hold me? > >>>> Well, technically it should. > >>>> > >>>> (Meaning: it probably will, but I'm not overly confident.) > >>>> > >>>> > >>> Actually, what's happening here is dropping part of a sentence. It's > >>> common in English to shorten > >>> Yea, it should work, but it doesn't. > >>> > >>> > >> Absolutely not! There is nothing to suggest either statement above. If > >> one says it should work, it can mean (of course, it changes within > >> different contexts) that all is ok and normal conditions (whatever they > >> may be) will allow things to function correctly. There is certainly no > >> implication about confidence... where do you get that? > >> > > > > >From common English usage. Specifically, where? Australia, England, > > >Russia, France, USA, Canada... Again, that is your personal interpretation > > >and certainly not "common English usage." Or better yet, try common sense. > > >Or, better yet, you *should* go back to school. The third edition of Fowler's Modern English Usage gives British and American usage. Merriam-Webster's Dictionary of English Usage concentrates more on American usage. I don't have access to any specifically Australian or Canadian reference books. Anyone interested in the topic can look up the use of "should" as a modal verb and see what is common usage. My compliments to the authors of the man page for their clear and concise use of English. My complements to Polytropan for spotting the fact that "should" was being used as a modal verb, even if he didn't call it that. My compliments to Warren Block for submitting the PR. I believe that's my cue to exit the thread. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
On Sat, Oct 17, 2009 at 05:36:43PM -0400, PJ wrote: > Bob Hall wrote: > > On Sat, Oct 17, 2009 at 02:34:40AM +, Mark wrote: > > > >> Actually, this has got very little to do with being a native English > >> speaker or not. It's ere a matter of intonation (which, in writing, can > >> only be conveyed to a certain degree, of course). 'Should' can certainly > >> mean "Don't try that." As in: > >> > >> Will the ice hold me? > >> Well, technically it should. > >> > >> (Meaning: it probably will, but I'm not overly confident.) > >> > > > > Actually, what's happening here is dropping part of a sentence. It's > > common in English to shorten > > Yea, it should work, but it doesn't. > > > Absolutely not! There is nothing to suggest either statement above. If > one says it should work, it can mean (of course, it changes within > different contexts) that all is ok and normal conditions (whatever they > may be) will allow things to function correctly. There is certainly no > implication about confidence... where do you get that? >From common English usage. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
On Sat, Oct 17, 2009 at 02:34:40AM +, Mark wrote: > Actually, this has got very little to do with being a native English > speaker or not. It's ere a matter of intonation (which, in writing, can > only be conveyed to a certain degree, of course). 'Should' can certainly > mean "Don't try that." As in: > > Will the ice hold me? > Well, technically it should. > > (Meaning: it probably will, but I'm not overly confident.) Actually, what's happening here is dropping part of a sentence. It's common in English to shorten Yea, it should work, but it doesn't. to Yea, it should work. In order to catch the meaning, you have to be aware of context. Contrary to the OP's claim, this shows a pretty good grasp of English idiom. It's definitely not evidence that the man author is not a native speaker of English. On the other hand, it can be clarified so that the meaning is clear even without context. If the OP really believes that the present wording is a problem, other people have made suggestions on what to do about it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: I hate to bitch but bitch I must
On Fri, Oct 16, 2009 at 07:27:42PM -0400, PJ wrote: > Polytropon wrote: > > On Fri, 16 Oct 2009 17:54:23 -0400, PJ wrote: > >> but from man tunefs: > >> BUGS > >> This utility should work on active file systems. > >> What in hades does this mean--just above it says cannot be run on active > >> file systems. ??? > >> > > > > It "should". This means: Don't try that. :-) > > > > My printer isn't printing! > > But it should. > > No, it is not printing! > > Yes, but it should. > > :-) > > > > > Aha! Gotcha! Whoever wrote that has made an unintentionnal booboo. It is > a subtle difference and is indicative that whoever wrote it is not a > native english user... the meaning is clearly "should be executed, done, > carried out, performed" - should work means it can be carried out - I > think the author meant to say "should not be done" I'm a native English speaker, and the manual makes perfect sense to me. It's very clear to me that since the statement is in the BUGS section, it means that the utility should, but doesn't. Since it follows a statement that the utility doesn't, the meaning is unambiguous. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Regex Help - Greedy vs. Non-Greedy
On Wed, Sep 09, 2009 at 09:15:25AM -0700, Drew Tomlinson wrote:
> I'm trying to do a search and replace in vim. I have lines like this:
> http://site1/dir/;
> http://site2/dir/;LastName, FirstName;Phone;
> http://site3/dir/;LastName, FirstName;
> http://site4/dir/;
>
> I'm want to match "http:*" and stop matching at the first ";". My basic
> regex is:
>
> /http:.\+;/
Use "{-}" in place of "+".
/http:.\{-};/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Restarting hal
On Sat, Jul 25, 2009 at 08:41:38AM +0200, Polytropon wrote: > On Fri, 24 Jul 2009 11:02:39 -0400, Bob Hall wrote: > > Aside from the ctrl-alt-bksp bug, this has been the easiest X setup I've > > ever done. I've tried it with and without hal and both are easy to set > > up. Given my level of ignorance, that's saying something. I've seen a > > lot of complaints about Xorg's new system, but I like it. > > I'm sure it works very well on up-to-date hardware, but on > older hardware, where all the autodetect magic won't work > properly, problems may occur. I'm going to install FBSD 7 on a PII in a few weeks. We'll see how that goes. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: vim port have a lot of broken links ??
On Fri, Jul 24, 2009 at 09:13:43PM +0200, Kalle Mller wrote: > When I try to install vim from ports it tries 4-5 sites which all have to > time out... and with a 200 files.. thats a lot of timeouts.. Who should I > poke to, so the mirrors would be updated ?? > > -- > > Med Venlig Hilsen Hi Kalle, If several servers are timing out, there's a good chance that the problem is at your end. Either you or your ISP might be having a problem. If you haven't changed anything (hardware, software, configuration, ISP), then the problem is likely to be temporary. If the problem is a spike in activity that's overburdoning the servers, the following may help: /usr/ports/ports-mgmt/fastest-sites Med venlige hilser til deg ogsaa. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Restarting hal
On Fri, Jul 24, 2009 at 08:57:43AM +0200, Polytropon wrote: > On Thu, 23 Jul 2009 13:43:50 -0400, Bob Hall wrote: > > Is there a way to get hal to reload its > > configuration withou rebooting? I've tried sending a HUP signal and I've > > tried "rc.d/hal restart", but so far rebooting is the only thing that > > works properly. > > Maybe it's neccessary to restart DBUS as well - just a wild > guess, Yea, someone already e-mailed me and suggested I restart dbus along with hal. I've just recently made the switch to Xorg and I'm still a bit fuzzy about how things interrelate , so it hadn't occurred to me to restart dbus when I reconfigured hal. > im not using DBUS or HAL because I like my X working. :-) Aside from the ctrl-alt-bksp bug, this has been the easiest X setup I've ever done. I've tried it with and without hal and both are easy to set up. Given my level of ignorance, that's saying something. I've seen a lot of complaints about Xorg's new system, but I like it. Thanks for your response. It's great that there are so many helpful people on this list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Restarting hal
Thanks to Manolis Kiagias's suggestion, I was able to get ctrl+alt+bksp working in xorg again. However, I've noticed that just restarting hal leaves me with no mouse or keyboard in X. I have to reboot the system to get a mouse & keyboard in X. Is there a way to get hal to reload its configuration withou rebooting? I've tried sending a HUP signal and I've tried "rc.d/hal restart", but so far rebooting is the only thing that works properly. Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anonymizer tool like Tor?
On Thu, Mar 12, 2009 at 03:04:05PM +, RW wrote: > On Thu, 12 Mar 2009 11:38:13 +0100 (CET) > Wojciech Puchar wrote: > > > > set up tor and use it as socks proxy with your browser and python > > script. > > > > You don't need privoxy for that. > > but isn't the point of of using privoxy to strip identifying > information from http requests that would otherwise undermine tor. It's been a while since I played with tor, but I recall that the documentation said that you have to combine tor and privoxy (or the equivalent) in order to surf anonymously. On the other hand, Giles is using his own script run from the command line, rather than a web browser, so I assume that he won't write the script to send info that he wants to hide. It would probably be a good idea check the http requests that are sent externally and see what info is being passed with them. Then he can determine for himself if he needs anything more than tor. Just my uninformed opinion. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: The Design and Implementation of the FreeBSD Operating System
> A few years later about 6 months after the book went out of print > I actually bought a box of 20 of the books for something like a dollar > a book, from a remainder dealer, just to have a future cache of them > that I could give away. I probably wouldn't be using FBSD now if it wasn't for your book and Greg Lehey's book back then. I still have both on the shelf. Greg's book is version 3 and your book has an unopened FBSD 4.2 CD package. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD Server Settings Consult
On Fri, May 02, 2008 at 07:28:44AM -0400, Free BSD wrote: > We've been having some problems with our server and I was wondering if > someone had any advice or suggestions for our current system settings. You'll probably get more help if you post the problems and any diagnostic info. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: traceroute problems
On Mon, Mar 10, 2008 at 11:30:05PM +0100, Wojciech Puchar wrote: > traceroute uses UDP packets, no special port numbers. Outgoing is UDP. The return packet is ICMP type 11. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Recommendations for djvu and bittorrent
Thanks to all for the suggestions and comments. I'm using rtorrent for the torrents. I noticed that I was uploading today, which I hadn't expected (I'm behind a firewall and NAT), but I'm happy to do in order to help make this public domain material available to people who are interested in Buddhist texts. All two of them. Possilby three if you include the population of Mars. :) I have a question that I haven't found an answer to in the man pages or by googling. If a particular torrent is maked closed in the rtorrent screen, can a person seeking to down load a torrent still access it, or is it only accessable if I restart the torrent? (Keeping in mind the firewall and NAT) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Recommendations for djvu and bittorrent
I found some old public domain translations of Prajnaparamita texts available in djvu format and available via bittorrent. I have no experience with either one. Does anyone have any recommendations for djvu readers or torrent clients in the ports? Thanks, Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: xorg-drivers-7.3
On Mon, Jan 21, 2008 at 03:15:19PM -0500, Chess Griffin wrote: > Bob Hall wrote: > >I'm trying to update xorg-drivers-7.3 on an old machine. I didn't know > >that the i810 drivers do the job of the i740 drivers, so I selected i740 > >in the config screen when I ran portmanager. Unfortunately, this > >conflicts with i810, and unfortunately, this choice I made is preserved > >in some configuration data hidden somewhere. When I try to redo it, it > >picks up my previous choice instead of giving me the option of making a > >new choice. > > > > Found saved configuration for xorg-drivers-7.3_1 > > > >portupgrade and "Make distclean" followed by "Make" both give this > >message. > > > >I've tried searching, but the key words I use aren't getting me any > >information. What do I do to deselect i740, or to force portmanager to > >let me reselect my options? > > See section 4.5.2.3 of the Handbook. Thank you. Very informative. And thanks Peter Boosten for giving me the precise answer. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
xorg-drivers-7.3
I'm trying to update xorg-drivers-7.3 on an old machine. I didn't know that the i810 drivers do the job of the i740 drivers, so I selected i740 in the config screen when I ran portmanager. Unfortunately, this conflicts with i810, and unfortunately, this choice I made is preserved in some configuration data hidden somewhere. When I try to redo it, it picks up my previous choice instead of giving me the option of making a new choice. Found saved configuration for xorg-drivers-7.3_1 portupgrade and "Make distclean" followed by "Make" both give this message. I've tried searching, but the key words I use aren't getting me any information. What do I do to deselect i740, or to force portmanager to let me reselect my options? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: how to be *nix programmer
On Wed, Jan 16, 2008 at 04:42:48PM -0500, Jerry McAllister wrote: > On Wed, Jan 16, 2008 at 03:48:47PM -0500, Radheshyam Bhatt wrote: > > > Hello People, > > > > > >How's it going?I am interested in to developing drivers > > for FreeBSD. How do I go about start learning program for that? What > > books & resources I should look in to. I know C, and I am learning about > > processes, and system calls. Also where would I take my questions to if I > > don't get something and need help for something in system's programming... > > Please email me back.. > > Learning C and probably C++ and maybe some Assembly is good. > > After that, you might want to absorb the McKusic books: 'Design and > Implementaiton of the (4.3 and) 4.4 BSD Operating System. Actually, McKusic's 'Design and Implementaion of the FreeBSD Operating System' might be more useful. It's based on FBSD 5.2, but it's still more up to date. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IPFW Rules and Games
On Fri, Nov 02, 2007 at 10:59:04PM +0100, [EMAIL PROTECTED] wrote:
> >onet=`ifconfig xl0 | grep "inet " | awk '{print $6}'`
> I'm not sure about this. Isn't the sixth word the broadcast address
> (ending with .255)?
It's correct. I've been using this in my firewall file since FBSD
4.something. No problems. By default, awk uses spaces as column
delimiters. The line containing "inet " starts with eight spaces. Try it
and see what happens.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IPFW Rules and Games
On Fri, Nov 02, 2007 at 04:59:27AM -0500, Jack Barnett wrote:
> I added this for a temporary fix:
>${fwcmd} add pass all from any to any
>
> I don't think that is the right answer; That allows to much in?
Yes.
> I've tried these per the docs:
>
>${fwcmd} add allow all from any to any out via {$iip} setup
>${fwcmd} add allow all from any to any out via {$iip} established
>${fwcmd} add allow all from any to any in via {$iip} established
>
> and also a bunch of others; but none of them worked.
Try oip instead of iip. iip is your internal IP address, so anything
going out from iip is going to your lan, and anything coming in to iip
is coming from your lan. You want to control packets communicating with
the outside world, so you want to control them at oip.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Should sudo be used?
On Thu, Apr 05, 2007 at 10:42:27AM +0200, Victor Engmark wrote: > Hi all, > > I thought it would be a good idea to use sudo on my FreeBSD laptop, but I'm > having doubts after checking the handbook (it's not mentioned at all) and > Google (most of the articles were obscure and / or old). > > Are you using sudo? If not, why? I administer a tiny LAN. Usually, I'm the only one fooling with the servers (IMAP, file sharing for classic Mac & Windows, routing, Internet access, other lesser things). However, it's nice to go on vacation occasionally. I have a small number of accounts, each of which uses sudo to give the account the rights necessary to administer one part of the overall system. I can pass off the mail duties to someone else, and know that the worst damage they can do is limited to the mail system, and restricted by the rights granted via sudo. As long as the firewall and other security measures are in place, my biggest concern is clumsy fingers. Sudo limits the harm that can occur and backups ensure recovery. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Should I Upgrade 5.4 -> 6.2?
On Fri, Mar 16, 2007 at 01:14:45AM -0400, Kris Kennaway wrote: > On Thu, Mar 15, 2007 at 08:46:45PM -0700, Garrett Cooper wrote: > > Kris Kennaway wrote: > > >On Thu, Mar 15, 2007 at 05:09:57PM -0400, Jerry McAllister wrote: > > >>On Thu, Mar 15, 2007 at 04:47:06PM -0400, [EMAIL PROTECTED] wrote: > > >> > > >>>First off, I want to thank the people who responded to my thread > > >>>"Stability Issues on a 5.4-RELEASE box" a couple of weeks ago; after > > >>>disabling hyperthreading, getting a clean run of Memtest back, and > > >>>doing some serious fsck'ing of the disks, the box appears to now be > > >>>completely stable. I'm still not sure which of the above fixed the > > >>>problem...but I'll take a stable system at this point. :-) > > >>> > > >>>That said, in that thread I had asked about the advisability of > > >>>upgrading to 6.2, and it was intelligently pointed out that doing so in > > >>>pursuit of stability was a bad idea. Now that the box is stable, > > >>>though, I'm back to the same question: should I make the upgrade, and > > >>>if so, how should I do it? > > >>> > > >>>My primary driver for doing so would be to keep current enough that I'm > > >>>still getting security and other patches on a regular basis, and that I > > >>>can upgrade my applications from ports as necessary. If this is not an > > >>>issue, then my only remaining concern would be that it's usually easier > > >>>to get support on lists like this if you're running a modern version of > > >>>the OS (that's certainly the case with the OpenBSD folks). > > >>> > > >>>My primary concern with upgrading is that the box is in Portland, OR, > > >>>and I'm in Arlington, VA...and while the ISP is friendly, I doubt that > > >>>I could count on them for major system recovery if I botch something > > >>>during the upgrade. My other worry is that I don't want to break > > >>>existing apps if possible (the main one I'm concerned about is > > >>>Zope/Plone). This is a production box with moderate traffic, and it > > >>>would be a problem if there was extensive downtime. > > >>> > > >>>Is it worth upgrading? If so, what's the best way to do so -- CVSup, or > > >>>some other way? Are there any major caveats if I do choose to upgrade > > >>>(or choose to stay with the existing OS)? > > >>You should if you can reasonably do it, for the reasons you give plus > > >>improvements in performance and in some utilities. > > >> > > >>My sentiment is usually to do a clean install over major version numbers. > > >>It tends to leave less dross laying around. but I do not have to worry > > >>about down times very much, a couple of hours at night is not terribly > > >>noticable in my stuff. It does require more time down to do a clean > > >>from scratch install. But, I think you can get away with a cvsup > > >>upgrade from 5.4 to 6.2. Then your downtime is just the reboot and > > >>stuff at single user (mergemaster), plus probably some for upgrading > > >>various ports. > > > > > >Yes, a source upgrade from 5.x to 6.x (followed by portupgrade -fa) > > >isn't too bad. As with any upgrade you do need a recovery strategy > > >though. > > > > > >Kris > > > > I agree with both Kris and Jerry. Besides, if you run 6.2 you're running > > a supported version of FreeBSD whereas 5.4 isn't supported anymore (5.5 > > is the last supported version in the legacy 5.x branch). Plus there are > > slight improvements from 5.x to 6.x. > > s/slight/major/ ;) Well sed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need a good Unix script that..
On Wed, Mar 14, 2007 at 05:56:26AM -0400, [EMAIL PROTECTED] wrote: > Hello, > > I'm trying to write a script to delete all line that include a certain > pattern in an output file. I sending information to one of our Security > people and they take this data and create a spreadsheet on the > information, I have a constant reoccurring lines within the output file > that they do not need. I'm trying to use the sed command to remove lines > that fits a certain pattern but it does not appear to remove anything. It can probably be done with sed, but without knowing the specifics of what you're doing, no one can give a meaningful opinion. I use sed, grep, and awk all the time, but I can't tell you anything without seeing your sed statement and a sample file. I'd recommend posting to a forum where sed is a frequent topic and giving enough information to allow someone to actually help you. Someone somewhere maintains a sed FAQ along with a file of 100 sed statements giving examples of various tasks. I can't remember the URL, but googling will probably bring it up. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: List Protocol (was: Major Version Upgrade 4.11 to 5.x)
On Tue, Dec 12, 2006 at 04:49:39PM -0800, Ted Mittelstaedt wrote: > a young girl in a tank top and boobs out front Isn't that where the boobs are usually installed? > Until then STFU you ungrateful bastards. All you once were > dumb newbies who didn't know FreeBSD from free beer, and > I'll bet more than a few of you sent e-mail to questions, thinking > it was an actual person who gave a damn. Boy were you surprised! That's exactly what happened to me, back in the time of FBSD 4.3. And I got a response from an actual knowledgeable person who gave a damn. The only thing better would have been a young girl in a tank top and boobs out front. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Top behavior differences
On Sun, Sep 10, 2006 at 06:04:04PM -0400, stan wrote: > On Sun, Sep 10, 2006 at 11:57:05AM -0400, Bob Hall wrote: > > On Sun, Sep 10, 2006 at 08:56:31AM -0400, stan wrote: > > > Can someone explain to me why top's handling of multi processor > > > status display is different on FreeBSD, than it is on Linux? > > > > Open source started with the concept of individuals hacking the source > > code to get the features they want. The commericial ideal of users paying > > for features they want was replaced by the ideal of users doing the work > > to create the features they want. Open source has evolved into the > > concept of many users getting a free ride as a relatively small number > > of open source programmers do the work for them, without pay. > > > > Possible reasons why open source software X doesn't have feature Y: > > > -- Long discussion of open source philosophy dleted --- > > Once upon a time, when people posted on lists like this, they got > well reasoned technical answers. They did if they asked for technical answers. What you actually asked, if you'll read your own e-mail, is why FBSD doesn't display the information the way Linux does. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Top behavior differences
On Sun, Sep 10, 2006 at 08:56:31AM -0400, stan wrote: > Can someone explain to me why top's handling of multi processor > status display is different on FreeBSD, than it is on Linux? Open source started with the concept of individuals hacking the source code to get the features they want. The commericial ideal of users paying for features they want was replaced by the ideal of users doing the work to create the features they want. Open source has evolved into the concept of many users getting a free ride as a relatively small number of open source programmers do the work for them, without pay. Possible reasons why open source software X doesn't have feature Y: 1) The people who created X weren't interested in feature Y. Since they were doing unpaid work, they created the features they were interested in. 2) The core code of X was written before the technological advance that made feature Y useful, and no one has needed feature Y badly enough to add it to X. 3) The creators of X didn't think of feature Y, and no one has gotten in touch with the maintainers to suggest it. 4) Only one or two people want feature Y, and the amount of work necessary to add it to X greatly exceeds the benefit of providing a feature for one or two people. Also, no one has contacted the maintainers of X to ask how much it would cost to change their minds about this. 5) No one wants feature Y badly enough to devote the necessary free time to learn the skills and do the work necessary to create it. Since it's not high on anyone's list of things to do in their spare time, everyone has chosen to wait until it moves to the top of someone else's list of things to do in their spare time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: AND COBOL
On Tue, Mar 07, 2006 at 04:33:05PM -0800, jdow wrote: > From: "Kris Kennaway" <[EMAIL PROTECTED]> > > >Give the poor guy a break; he's a COBOL programmer, so he's used to > >thinking and typing in all-caps :-) > > And just think, both COBOL and AOL end in OL. I wonder if there is a > relationship? LOL? Or maybe I've ingested too much PHENOL and ETHENOL, or been exposed to SOL without my PARASOL, or inhaled too much AEROSOL. I'm like TOPOL up on the roof and my mind's gone AWOL out in the TYROL with a MONGOL. I'll take some CALCIFEROL and call INTERPOL. Ja, jeg sitter på en STOL og synes det var litt FRIVOL. I couldn't figure out how to fit ALGOL in there. Ain't life a PISTOL? I'm sorry. What was the question? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Crontab and GPG?
On Wed, Oct 26, 2005 at 08:06:28PM -0400, Kris Kennaway wrote: > On Wed, Oct 26, 2005 at 07:51:03PM -0400, Bob Hall wrote: > > On Wed, Oct 26, 2005 at 12:31:44PM -0400, Kris Kennaway wrote: > > > On Wed, Oct 26, 2005 at 11:23:29AM -0400, Bob Hall wrote: > > > > On Wed, Oct 26, 2005 at 03:52:53AM -0400, Kris Kennaway wrote: > > > > > On Tue, Oct 25, 2005 at 07:10:57PM -0400, Bob Hall wrote: > > > > > > On Tue, Oct 25, 2005 at 03:00:18PM -0400, Kris Kennaway wrote: > > > > > > > On Tue, Oct 25, 2005 at 02:45:02PM -0400, Bob Hall wrote: > > > > > > > > On Tue, Oct 25, 2005 at 01:13:52PM -0500, Robert Wall wrote: > > > > > > > > > Hello! I'm attempting to run GPG from cron, and it's not > > > > > > > > > working. I can run the script from the command line, and all > > > > > > > > > works perfectly. When I try to run it from cron, however, it > > > > > > > > > doesn't work. The crontab calls this script, called > > > > > > > > > "pgpdecrypt" with the following crontab line: > > > > > > > > > > > > > > > > > > */1* * * * root/bin/bash > > > > > > > > > /etc/pgpdecrypt > > > > > > > > > > > > > > > > > > The /bin/bash wasn't originally there; I added it to make > > > > > > > > > sure that the script was using the correct shell. Still no > > > > > > > > > luck. Here's the script that it calls: > > > > > > > > > > > > > > > > > > echo >> /etc/pgpdecrypt.logger "PGP Decrypter Starting" > > > > > > > > > > > > > > > > Take the "/bin/bash" out of your crontab. Put > > > > > > > > #!/bin/bash > > > > > > > > at the beginning of your script. > > > > > > > > > > > > > > What do you think that will do to help? It's a NOP, so it can't > > > > > > > fix > > > > > > > the problem (which is because of bad assumptions about PATH, per > > > > > > > my > > > > > > > other message). > > > > > > > > > > > > Well, I don't know whether "#!" is a NOP or not. It does tell the > > > > > > script > > > > > > which executable to use in executing the script. > > > > > > > > > > Yeah, which he was already doing explicitly (see above) ;-) > > > > > > > > Which is irrelevant. The fact is that if you put the path at the > > > > beginning of the script, the script will run the same under cron as it > > > > does under the shell you tested it with. If the OP had put "#!/bin/bash" > > > > at the beginning of the script when he tested it, he would have been > > > > able to debug it without being confused by the fact that it ran under > > > > his shell and not under cron. > > > > > > No, this was because his environment was not as he expected it to be > > > when run from cron, as I've explained to you twice. Just making the > > > NOP change of adding #!/bin/bash when the script is already being run > > > by /bin/bash will not affect the environment. > > > > I doubt very much that putting the wrong path into the environmental > > variables is going to help anything. > > PATH does not include /usr/local when run from cron, and his script > assumes that it does (it calls gpg not /usr/local/bin/gpg). Then he can include it in his script. That's superior to creating a potential security problem by giving cron more information than it needs, particularly when cron is running as root. It's the script that needs to know the location of gpg, not cron. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Crontab and GPG?
On Wed, Oct 26, 2005 at 12:31:44PM -0400, Kris Kennaway wrote: > On Wed, Oct 26, 2005 at 11:23:29AM -0400, Bob Hall wrote: > > On Wed, Oct 26, 2005 at 03:52:53AM -0400, Kris Kennaway wrote: > > > On Tue, Oct 25, 2005 at 07:10:57PM -0400, Bob Hall wrote: > > > > On Tue, Oct 25, 2005 at 03:00:18PM -0400, Kris Kennaway wrote: > > > > > On Tue, Oct 25, 2005 at 02:45:02PM -0400, Bob Hall wrote: > > > > > > On Tue, Oct 25, 2005 at 01:13:52PM -0500, Robert Wall wrote: > > > > > > > Hello! I'm attempting to run GPG from cron, and it's not > > > > > > > working. I can run the script from the command line, and all > > > > > > > works perfectly. When I try to run it from cron, however, it > > > > > > > doesn't work. The crontab calls this script, called "pgpdecrypt" > > > > > > > with the following crontab line: > > > > > > > > > > > > > > */1* * * * root/bin/bash > > > > > > > /etc/pgpdecrypt > > > > > > > > > > > > > > The /bin/bash wasn't originally there; I added it to make sure > > > > > > > that the script was using the correct shell. Still no luck. > > > > > > > Here's the script that it calls: > > > > > > > > > > > > > > echo >> /etc/pgpdecrypt.logger "PGP Decrypter Starting" > > > > > > > > > > > > Take the "/bin/bash" out of your crontab. Put > > > > > > #!/bin/bash > > > > > > at the beginning of your script. > > > > > > > > > > What do you think that will do to help? It's a NOP, so it can't fix > > > > > the problem (which is because of bad assumptions about PATH, per my > > > > > other message). > > > > > > > > Well, I don't know whether "#!" is a NOP or not. It does tell the script > > > > which executable to use in executing the script. > > > > > > Yeah, which he was already doing explicitly (see above) ;-) > > > > Which is irrelevant. The fact is that if you put the path at the > > beginning of the script, the script will run the same under cron as it > > does under the shell you tested it with. If the OP had put "#!/bin/bash" > > at the beginning of the script when he tested it, he would have been > > able to debug it without being confused by the fact that it ran under > > his shell and not under cron. > > No, this was because his environment was not as he expected it to be > when run from cron, as I've explained to you twice. Just making the > NOP change of adding #!/bin/bash when the script is already being run > by /bin/bash will not affect the environment. I doubt very much that putting the wrong path into the environmental variables is going to help anything. As I explained in a section that you deleted, you need to run "whereis bash" and get the correct path, instead of "/bin/bash". Had he put "#!/bin/bash" at the beginning of the script when he was testing it in his account shell, he probably would have realized sooner than he was using the wrong path. Because he was using bad practice, he didn't discover that there was a problem until he switched to cron, at which point he thought the problem had something to do with cron. Using bad practice didn't cause the error, but it made it harder to diagnose the error. Proper procedure: 1) Put "#!/usr/local/bin/bash" at the head of the script file (or whatever the correct path to bash is on your system). If it will work, "#!/bin/sh" is more portable. 2) Make your script executable by the user that cron will run as. (Otherwise, you'll get a permission error.) 3) Put the path to your script in the crontab. This is currently working for me, without changing cron's environment, or mine. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Crontab and GPG?
On Wed, Oct 26, 2005 at 03:52:53AM -0400, Kris Kennaway wrote: > On Tue, Oct 25, 2005 at 07:10:57PM -0400, Bob Hall wrote: > > On Tue, Oct 25, 2005 at 03:00:18PM -0400, Kris Kennaway wrote: > > > On Tue, Oct 25, 2005 at 02:45:02PM -0400, Bob Hall wrote: > > > > On Tue, Oct 25, 2005 at 01:13:52PM -0500, Robert Wall wrote: > > > > > Hello! I'm attempting to run GPG from cron, and it's not working. I > > > > > can run the script from the command line, and all works perfectly. > > > > > When I try to run it from cron, however, it doesn't work. The > > > > > crontab calls this script, called "pgpdecrypt" with the following > > > > > crontab line: > > > > > > > > > > */1* * * * root/bin/bash > > > > > /etc/pgpdecrypt > > > > > > > > > > The /bin/bash wasn't originally there; I added it to make sure that > > > > > the script was using the correct shell. Still no luck. Here's the > > > > > script that it calls: > > > > > > > > > > echo >> /etc/pgpdecrypt.logger "PGP Decrypter Starting" > > > > > > > > Take the "/bin/bash" out of your crontab. Put > > > > #!/bin/bash > > > > at the beginning of your script. > > > > > > What do you think that will do to help? It's a NOP, so it can't fix > > > the problem (which is because of bad assumptions about PATH, per my > > > other message). > > > > Well, I don't know whether "#!" is a NOP or not. It does tell the script > > which executable to use in executing the script. > > Yeah, which he was already doing explicitly (see above) ;-) Which is irrelevant. The fact is that if you put the path at the beginning of the script, the script will run the same under cron as it does under the shell you tested it with. If the OP had put "#!/bin/bash" at the beginning of the script when he tested it, he would have been able to debug it without being confused by the fact that it ran under his shell and not under cron. Because the script ran under his shell but not under cron, he was deluded into thinking that the problem had to do with cron, and so he was looking for the solution in the wrong place. For several different reasons, it's better to have the executable path in the script instead of in the crontab. It's not that you can't get the job to run that way, it's just bad practice. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Crontab and GPG?
On Tue, Oct 25, 2005 at 03:00:18PM -0400, Kris Kennaway wrote: > On Tue, Oct 25, 2005 at 02:45:02PM -0400, Bob Hall wrote: > > On Tue, Oct 25, 2005 at 01:13:52PM -0500, Robert Wall wrote: > > > Hello! I'm attempting to run GPG from cron, and it's not working. I can > > > run the script from the command line, and all works perfectly. When I > > > try to run it from cron, however, it doesn't work. The crontab calls > > > this script, called "pgpdecrypt" with the following crontab line: > > > > > > */1* * * * root/bin/bash /etc/pgpdecrypt > > > > > > The /bin/bash wasn't originally there; I added it to make sure that the > > > script was using the correct shell. Still no luck. Here's the script > > > that it calls: > > > > > > echo >> /etc/pgpdecrypt.logger "PGP Decrypter Starting" > > > > Take the "/bin/bash" out of your crontab. Put > > #!/bin/bash > > at the beginning of your script. > > What do you think that will do to help? It's a NOP, so it can't fix > the problem (which is because of bad assumptions about PATH, per my > other message). Well, I don't know whether "#!" is a NOP or not. It does tell the script which executable to use in executing the script. But I did make a mistake. Try whereis bash and use that path. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Crontab and GPG?
On Tue, Oct 25, 2005 at 01:13:52PM -0500, Robert Wall wrote: > Hello! I'm attempting to run GPG from cron, and it's not working. I can run > the script from the command line, and all works perfectly. When I try to run > it from cron, however, it doesn't work. The crontab calls this script, > called "pgpdecrypt" with the following crontab line: > > */1* * * * root/bin/bash /etc/pgpdecrypt > > The /bin/bash wasn't originally there; I added it to make sure that the > script was using the correct shell. Still no luck. Here's the script that > it calls: > > echo >> /etc/pgpdecrypt.logger "PGP Decrypter Starting" Take the "/bin/bash" out of your crontab. Put #!/bin/bash at the beginning of your script. I just looked at your script quickly, but it looks like it should run in sh. For portability, you can use #!/bin/sh Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mutt weirdness
On Tue, Oct 04, 2005 at 03:51:26PM -0700, Danny Howard wrote: > On Tue, Oct 04, 2005 at 06:15:14PM -0400, Bob Hall wrote: > > I did "portupgrade -ar" last night. When I tried to use mutt this > > morning, it was behaving weirdly. Mutt wasn't one of the upgrades. > > I'm pretty sure this command isn't recursive: > > 0-15:47 [EMAIL PROTECTED] /usr/ports/mail/mutt> make run-depends-list > /usr/ports/converters/libiconv > /usr/ports/devel/gettext > /usr/ports/misc/mime-support > /usr/ports/security/openssl Thanks. The run-depends-list was the clue I needed. I added that to my clue notebook. Downgraded openssl and all is well. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Mutt weirdness
I did "portupgrade -ar" last night. When I tried to use mutt this morning, it was behaving weirdly. Mutt wasn't one of the upgrades. Anything involving the display at the bottom of the mutt screen doesn't work. If I type "c" to change the mailbox, nothing happens. If I type "d", I can mark a mail for deletion, but I can't quit mutt because quitting requires a message at the bottom of the screen asking if I want to delete the messages marked for deletion. Typing "y" has no effect. I have to unmark the mail in order to quit. I'm using 5.2.1. A list of the updated ports follows. I have no idea which one's may be causing the problem. XFree86-Server-4.5.0_1 < needs updating (port has 4.5.0_3) docbook-xsl-1.68.1 < needs updating (port has 1.69.1) gd-2.0.33_1,1 < needs updating (port has 2.0.33_2,1) gtk-2.6.8 < needs updating (port has 2.6.10_1) libwmf-0.2.8.3 < needs updating (port has 0.2.8.4) libxml2-2.6.21 < needs updating (port has 2.6.22) netpbm-10.26.14 < needs updating (port has 10.26.16) openssl-0.9.7g < needs updating (port has 0.9.8) p5-Compress-Zlib-1.37 < needs updating (port has 1.39) p5-Digest-1.10 < needs updating (port has 1.12) p5-MIME-Tools-5.417,2 < needs updating (port has 5.418,2) p5-Scalar-List-Utils-1.14,1 < needs updating (port has 1.17,1) p5-Test-Simple-0.60 < needs updating (port has 0.61) p5-Time-HiRes-1.72,1< needs updating (port has 1.74,1) pure-ftpd-1.0.20_3 < needs updating (port has 1.0.20_4) t1lib-5.0.1,1 < needs updating (port has 5.1.0,1) tiff-3.7.3 < needs updating (port has 3.7.4) tightvnc-1.2.9 < needs updating (port has 1.2.9_1) unzip-5.52_1< needs updating (port has 5.52_2) xterm-204 < needs updating (port has 205_1) I've tried googling for "mutt" and "bottom of screen", which is all I can think of, but no luck. Thanks in advance for any suggestions. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ct Re: NMAP probing of network ports
On Fri, Sep 16, 2005 at 07:36:36AM -0500, Boris Karloff wrote: > It appears that when FreeBSD is sent an invalid packet > without the SYN or ACK bits set, it responds with a RESET > reply regardless of the ipfw rules. It appears this is one > of the things nmap is exploiting. > > Any suggestions on how to modify this behavior? man blackhole ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Can I do this?
On Thu, Sep 15, 2005 at 10:05:12PM -0400, Lisa Casey wrote: > What's the quickest & easiest way to change the IP address on the new 5.3 > box? Should I do it via /stand/sysinstall or should I change it in > /etc/rc.conf and /etc/hosts (or do I need to do something with ifconfig - > which I'm least comfortable with). Make the changes in rc.conf so that the box will be configured correctly then next time it is rebooted. To change the address without rebooting, you'll have to use ifconfig. Do ifconfig -a to get the device, e.g. xl0. Then do ifconfig xl0 192.168.2.1 changing 'xl0' to your device and '192.168.2.1' to your address. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP assigned unregistered IP address
On Fri, Jul 15, 2005 at 07:14:52PM +0100, Alex Zbyslaw wrote: > Also if the 4100 can't reach the DHCP server, the green lights won't > ever all come on, so it's pretty obvious when there is a fault. Of > course, that might be because the local DHCP server has been turned off ;-) In this case, the green lights were on. It seems as though the failure to contact the DHCP server was only momentary, but just long enough to ensure that my gateway box was assigned an unregistered IP address by the modem. The order of events was roughly 1) DHCP server off line 2) Modem fails to contact server 3) Modem assigns unregistered IP address to FBSD box. 4) DHCP server comes back on line 5) I check modem lights, which are all green, since the modem can now communicate with the server. > >was new, and generally the techs can distinguish between their cloacal > >anatomy and a geophysical excavation. > > > two types of techs. The ones for whom their cloacal anatomy is > indistinguishable from their articulatio cubiti, and the ones who Damn. Trumped by medical Latin. I hate it when that happens. :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP assigned unregistered IP address
On Fri, Jul 15, 2005 at 11:38:07AM +0100, Alex Zbyslaw wrote: > Bob Hall wrote: > > >The modem web page contained this: > > The SURFboard cable modem can be used as a gateway to the > > Internet by a maximum of 32 users on a Local Area Network (LAN). > > When the Cable Modem is disconnected from the Internet, users on > > the LAN can be dynamically assigned IP Addresses by the Cable > > > > > On the SB4100, the "Enable DHCP" checkbox is right above this blurb. Yes, I've seen screen shots with it. The SB5100 has no checkbox. > However, note the "When the Cable Modem is disconnected from the > Internet..." so the only reason it should be handing you the local IP is > if it cannot talk back to the DHCP server it gets your real IP from. If Yea, that's pretty obvious. It's also pretty undesirable. Apparently, Motorola decided the checkbox was confusing and removed it, replacing it with this automatic behavior. Blea. > it happens again, you might want to talk to your provider to find out > *why*. Does this thing have any flashing lights on the front? There are LEDs, but they didn't indicate anything was wrong. There have been many reboots over the time I've been with this ISP, and this is the only time this happened. I'm not going to demand an explanation for a fluke. A better question is why the tech I talked to told me that the unregistered IP address wasn't a problem. But she did tell me that she was new, and generally the techs can distinguish between their cloacal anatomy and a geophysical excavation. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DHCP assigned unregistered IP address
Thanks for all the replies. Responses to everyone's comments and suggestions: 1) It is a Motorola cable modem. (SB5100) 2) I can access 192.168.100.1 after modifying the firewall rules that stop RFC1918 nets on the outside interface. (IPFW) There's no checkbox to disable DHCP. I downloaded the modem user manual from the URL Glenn Dawson posted, but I didn't find anything on this problem. 3) I did the (shutdown, disconnect modem 30 seconds, reboot) cycle about three times, but it didn't do anything. The solution was # dhclient -r # dhclient rl0 Repeat until oip != 192.168.100.11. (I think it took four iterations, but I wasn't counting.) This cleared the IP address on both the inner and outer NICs. Maybe I should have specified the interface with the -r flag, but it was easy to fix. 4) The problem was solved by the time I saw the dig suggestion, so I didn't have a chance to try it. 5) Bill was paid on time. :) The modem web page contained this: The SURFboard cable modem can be used as a gateway to the Internet by a maximum of 32 users on a Local Area Network (LAN). When the Cable Modem is disconnected from the Internet, users on the LAN can be dynamically assigned IP Addresses by the Cable Modem DHCP Server. I take this to mean that the modem can't do NAT. It can only act as a gateway for registered IP addresses, which it can't assign. The config web page has two buttons: Reset All Defaults Restart Cable Modem I can't find any documentation on the second. Would "Restart Cable Modem" be equivalent to disconnecting the modem power for 30 seconds? And "Reset All Defaults" would have released the unregistered IP address? (Along with any other settings) How do I find the outward facing IP address for the cable modem? Is that the "option routers" line in dhclient.leases? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
DHCP assigned unregistered IP address
Tonight, during a thunderstorm, I shutdown the household FBSD internet gateway. After the storm passed, I booted it up again, only to discover that during the bootup, my ISP's DHCP server had assigned me a new IP address. That wasn't a problem in itself, but the new address was 192.168.100.11, an unregistered address. The result was that I could ping my ISP's DHCP server, but I couldn't do anything that required a URL. When I talked to a tech at my ISP, she couldn't see my modem. She insisted that the IP address wasn't a problem because I had a router. (Huh?) After she scheduled a visit from a tech for tomorrow and I hung up, I released the lease on the unregistered address a few times until the DHCP server gave me a new, registered address. Magically, everthing worked again. When I cancel the tech visit tomorrow, I'll have them check to see if they can see my modem again. Obviously, the unregistered IP address screwed up my system and theirs. My understanding, after extensive reading, is that the unregistered address could only have come from my ISP's DHCP server. However, I don't know why they would have assigned an IP address that screwed up their systems and mine. I'm wondering if dhclient could have assigned this address to itself if it encountered a problem during bootup. I don't believe this could happen, but I don't understand why my ISP would shoot itself (and me) in the foot. Does anyone know enough about dhclient to say definitely whether it could have been the culprit? Anybody with enough experience with ISPs to say why they would have assigned an unregistered IP address that broke both systems? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: perl-after-upgrade
On Thu, Jul 07, 2005 at 01:53:48PM -0500, Paul Schmehl wrote: > --On Thursday, July 07, 2005 14:39:44 -0400 Bob Hall <[EMAIL PROTECTED]> > wrote: > > > >As I stated above, I used portupgrade. That means that any messages at > >the end of the perl upgrade scrolled off the screen and out of the > >screen buffer when portupgrade carried out the next install. One of the > >problems with portupgrade is that you rarely see the post-upgrade > >messages when you do batch upgrades. > > > That's an easily solved problem. After you finish portupgrade, view the > pkg-message file in any port you have a question about. E.g. % view > /usr/ports/lang/perl5.8/pkg-message Aha. The instructions in the post-install message are not repeated in the perldoc page. And the message does suggest using "rehash". Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: perl-after-upgrade
On Thu, Jul 07, 2005 at 06:55:58PM +0200, legalois wrote: > Bob Hall wrote: > >I don't know squat about perl. I recently ran portupgrade, which > >upgraded perl. Goose stopped working, because the location for Curses.pm > >was no longer in @INC. I tried to run perl-after-upgrade, but I couldn't > >get it to run. I've got a book that said to use > > # perl perl-after-upgrade > >or > > # ./perl-after-upgrade > >I also tried just > > # perl-after-upgrade > >No joy. Just for the heck of it, I tried > > * sh perl-after-upgrade > >and dang if it didn't run. It didn't look to me like an sh script, but > >what do I know? It wasn't supposed to change anything without the -f > >option, but goose ran afterward, so it obviously changed things. I > >looked for Curses.pm, and it moved to a directory listed in @INC. > > > >Anybody have any advice? Comments? How was I supposed to get > >perl-after-upgrade to run? > >___ > >freebsd-questions@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions > >To unsubscribe, send any mail to > >"[EMAIL PROTECTED]" > > > > > > A longish message appears at the end of the perl upgrade build, that > explains how to run perl-after-upgrade. As I stated above, I used portupgrade. That means that any messages at the end of the perl upgrade scrolled off the screen and out of the screen buffer when portupgrade carried out the next install. One of the problems with portupgrade is that you rarely see the post-upgrade messages when you do batch upgrades. > If you overlooked that, the same > instructions are at > #perldoc perl-after-upgrade That's identical to the man page, which didn't supply any information that helped. So if the man page, perldoc page, and post-install message were the same, none of them contained the information I needed. > If the script is in a directory not in your root's path, find the full > path to the script with > #locate perl-after-upgrade > (but make sure your locate db is up-to-date, first). As I stated above, I tried "./perl-after-upgrade" and I looked at the script, neither of which would have been possible if I didn't know where the script was. As I mentioned in my followup post, I solved the problem with "rehash". A mention of this in /usr/ports/UPDATING would help those of use who rarely use tcsh unless we need to run something as root. Also in the man page. Any situation that requires perl-after-upgrade probably also requires rehash. I found the solution at http://marc.theaimsgroup.com/?l=freebsd-ports&m=111980508717308&w=2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: perl-after-upgrade
On Wed, Jul 06, 2005 at 03:10:04PM -0400, Bob Hall wrote: > I don't know squat about perl. I recently ran portupgrade, which > upgraded perl. Goose stopped working, because the location for Curses.pm > was no longer in @INC. I tried to run perl-after-upgrade, but I couldn't > get it to run. I found a thread on this in freebsd-ports. I tried "rehash" and all seems to be well. The three apps modified when running perl-after-upgrade as an sh script seem to function OK. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
perl-after-upgrade
I don't know squat about perl. I recently ran portupgrade, which upgraded perl. Goose stopped working, because the location for Curses.pm was no longer in @INC. I tried to run perl-after-upgrade, but I couldn't get it to run. I've got a book that said to use # perl perl-after-upgrade or # ./perl-after-upgrade I also tried just # perl-after-upgrade No joy. Just for the heck of it, I tried * sh perl-after-upgrade and dang if it didn't run. It didn't look to me like an sh script, but what do I know? It wasn't supposed to change anything without the -f option, but goose ran afterward, so it obviously changed things. I looked for Curses.pm, and it moved to a directory listed in @INC. Anybody have any advice? Comments? How was I supposed to get perl-after-upgrade to run? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Linux move to FreeBSD (Beastie vs Penguin)
On Tue, Jul 05, 2005 at 11:43:07PM -0700, Ted Mittelstaedt wrote: > 30 years from now they will probably try for bestiality marriage Beastie getting married? Be still my heart! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Linux move to FreeBSD
On Mon, Jul 04, 2005 at 01:02:33AM +0400, Dmitry Mityugov wrote: > I am, personally, currently helping my friend to buy and configure a > computer for him and his family. Although I know FreeBSD better than > Linux (and this does not mean I am a FreeBSD guru), I'll be installing > something like Ubuntu on that machine, not FreeBSD, because my friend > and his family are religious men. There are plenty of devout Christians using FreeBSD without any problem. The belief that guys with red skin, horns, pointy tails, and pitchforks represent the devil is a European superstition, not a Christian doctrine. There's no support for it in the Bible or the writings of the church fathers. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Lilypond and LaTeX
I haven't used Lilypond since last fall. Running the current port
(lilypond-2.2.2) today, I get the following error message:
*
lilypond: error: LaTeX failed on the output file.
lilypond: error: The error log is as follows:
! Undefined control sequence.
\kern 098.0248\outputscale \embeddedps
{000.0650 000.0650
-00.187...
l.164 }
%
The control sequence
LATEX output to `chorosClaves.latex'...
TEX output to `chorosClaves.tex'...
***
The ly file is one that I've run Lilypond on before, without problem.
None of this means anything to me. I searched the archives but didn't
see a bug report or any discussion of this problem. Is this a bug in the
port?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Where's the grammar: hostname nor servname provided, or not known
On Sat, May 28, 2005 at 04:13:52PM -0500, Fafa Hafiz Krantz wrote: > > Hello! > > Can someone please change this in the source: > >hostname nor servname provided, or not known That's a bit archaic, but perfectly correct. See the most recent edition of Fowler's. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: MySQL Server died yesterday !
On Wed, Apr 20, 2005 at 12:14:19PM +0100, Graham Bentley wrote: > Hello All ! > > I made quite a few changes to my system recently > but havent touched any MySQL specific stuff. > > When I came to check my forum it was dead > with an unable to connect error :( > > This is in the logs and is recorded every > time I reboot or start manaully with > > /usr/local/etc/rc.d/mysql-server.sh start > > 12:05:43 mysqld started > 12:05:44 InnoDB: Started > 12:05:44 Fatal error: Can't open privilege tables: Table 'mysql.host' > doesn't exist > 12:05:44 Aborting > 12:05:44 InnoDB: Starting shutdown... > 12:05:46 InnoDB: Shutdown completed > 12:05:46 /usr/local/libexec/mysqld: Shutdown Complete > > I have googled on this and read various sections of > the MySQl manual but cant seem to nail it - nothing seem specific > to my issue. > > Some links suggested reinitialising my DB but > am not sure how to go about that. This is a very MySQL specific question. You should post it to the MySQL mailing list. It's been a while since I used MySQL. The host table is in the MySQL database. There should be a directory called data, or something similar, and inside that there is a directory called mysql, and inside that there is a file called host, which contains the host table. Or at least, that's what I remember. Either that file is missing, or the system permissions on it have changed, or MySQL has changed access privileges on it. Or something. Check to make sure that it is there, and has the correct system permissions (ls -l). If it's not there, you may have to back up all your tables and reinstall. Or you may be able to reinstall just the host table. Further questions should go to a MySQL mailing list. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: messages from dhclient
On Sun, Apr 17, 2005 at 02:50:05PM +0200, Joost van Dijk wrote:
> On Sunday 17 April 2005 14:17, Bob Hall wrote:
> >
> > My solution is in the archives, here:
> >
> http://lists.freebsd.org/mailman/htdig/freebsd-questions/2005-January/071412.html
> > Again, I can't promise that it will solve your problem.
> >
> > Bob Hall
>
> I had a look at the document, but I am afraid that this is all way above my
> head. This may also explain why my csvup..FreeBSD.org was finding
> nothing. Not one single host I tried could be found up and running. It seems
> that all FreeBSD servers were down. It is probably the firewall which is
> disabling my machine. I shall see if it is possible to turn it off.
>
> Now, it will probably take me 6 hours to find out how to do that. Whew!
Don't turn off the firewall.
Look in /var/db/dhclient.leases, and find the entry for routers. If your
ISP is set up like mine, there will be only one IP address for a router
listed. Put the following rule before any NAT diverts in your firewall,
if you're using NAT. That's important, because IPFW ignores it if it is
placed after a divert rule.
${fwcmd} add allow udp from ${router} bootps to ${bcast} bootpc in via ${oif}
Replace ${router} with the router IP address. Replace ${bcast} with
255.255.255.255. If I recall correctly, you load new firewall rules by
uttering
rc.firewall
assuming that "rc.firewall" contains the firewall rules that you are
using. /etc/rc.firewall contains the default rules for IPFW. I recommend
making a backup copy of /etc/rc.firewall before making any changes.
If that works, then you have diagnosed the problem and you can worry
about a more conplicated set of rules. If it doesn't work, then you
haven't found the cause of your problem.
BTW, the firewall rule above is not an obvious test, but it opens a hole
in your firewall for a packet that dhclient expects to get periodically.
When it doesn't get it, it starts trying to send the messages that your
firewall is blocking. Just allowing dhclient to send the messages won't
necessarily solve the problem. It will just make the immediate symptom
go away.
Another test, which I don't recommend, is to set your firewall so that
it defaults to allow. If the messages go away, then your firewall rules
are blocking traffic that dhclient needs.
HTH,
Bob Hall
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: messages from dhclient
On Sun, Apr 17, 2005 at 01:04:48PM +0200, Joost van Dijk wrote: > Hello, > > I have installed dhcp to get my FreeBSD system on line, a machine which I am > trying to set up as a web server. I used sysinstall and it seems to work > correctly (this e-mail is coming from my Linux workstation). However, when > working on the FreeBSD machine I keep getting the following message: > dhclient: send_packet: permission denied. > What does this mean? I cannot find a reference to it in the man files. > It is a nuisance. When I am editing a config file with vi, this message get > written into the file, and over cofig file lines. How can I turn it off. I vaguely recall that this can have more than one cause, and therefore more than one solution. That's just a vague recollection. In my case, it was caused by interaction between dhc protocol and my firewall. YMMV. My Internet connection worked fine for months at a time, aside from a flood of "send_packet: permission denied" messages. Then I would have a day or two of periodic outages, and then I'd lose the connection completely and have to reboot the cable modem. When the connection was reestablished, I'd have a new IP address. My solution is in the archives, here: http://lists.freebsd.org/mailman/htdig/freebsd-questions/2005-January/071412.html Again, I can't promise that it will solve your problem. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Outgoing port 113 connections
On Mon, Apr 04, 2005 at 11:46:26AM -0700, [EMAIL PROTECTED] wrote: > My firewall keeps reporting that it denies outgoing 113 port > connections. > > Why would I allow port 113 outgoing connections? I don't seem to have > any problems at the moment. > > Also, how would I identify which program is trying to connect to 113 > port? I think the first step is grep 113 /etc/services ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: samba ldap
On Mon, Feb 28, 2005 at 11:56:49AM +0100, Florian Hengstberger wrote: > Disabled by default? Sorry, but I've never specified any > ldap options in my smb.conf but the server always tries > to authentificate the users with an ldap server. With or without LDAP compiled in, Samba shouldn't be asking for LDAP unless you specified it in smb.conf. Look in smb.conf and post the "passdb backend" setting. I played with LDAP for a while, so I have ; passdb backend = ldapsam The semicolon makes the line inactive. My installation uses tdbsam by default. HTH ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Firefox configuration problem
On Fri, Feb 18, 2005 at 06:04:24PM -0500, Mike Hauber wrote: > On Friday 18 February 2005 04:42 pm, Bob Hall wrote: > > uname -a > > FreeBSD kongemord.krig.net 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE > > #0: Mon Sep 13 00:17:04 EDT 2004 > > [EMAIL PROTECTED]:/usr/obj/usr/src/sys/KONGEMORD0 i386 > > > > Port: firefox-1.0_7,1 > > > > Firefox can't write to its configuration files when I make > > changes. I can manually edit them. The bookmark and prefs.js > > files are both owned by the same user that runs Firefox. > > > > I had no problems with previous versions of Firefox. Version 1 > > works fine on Windows. > > > > I've googled and searched the mail archives but I can't find > > anything on this. > > Have you tried rm'ing ~/.mozilla/firefox? I seem to remember > running into that after an upgrade a while back, but I don't > remember what I did to solve it (I do remember deleting the > directory and letting firefox recreate it, though). > > As a side note, don't forget to backup/export your bookmarks. > That's something I _didn't_ do. :) Thanks. I tried deleting just the config file and bookmark file, but that didn't work. Deleting the entire .mozilla directory (after backing up) did the trick. Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Firefox configuration problem
uname -a FreeBSD kongemord.krig.net 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Sep 13 00:17:04 EDT 2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/KONGEMORD0 i386 Port: firefox-1.0_7,1 Firefox can't write to its configuration files when I make changes. I can manually edit them. The bookmark and prefs.js files are both owned by the same user that runs Firefox. I had no problems with previous versions of Firefox. Version 1 works fine on Windows. I've googled and searched the mail archives but I can't find anything on this. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Please don't change Beastie to another logo such asNetBSD!!!
On Thu, Feb 17, 2005 at 09:36:36AM -0500, Bob Johnson wrote: > Ted Mittelstaedt wrote: > > > > > >>Only my personal experience. In addition to not being > >>comfortable with > >>the BSD logo, a couple of the programmers here didn't like my > >>Ouija-board mouse pad, because they associated it with the occult, and > >>thus The Devil. > >> > >> > > > > > >Man, you must have a hell of a lot of fun with these people. What > >do they do when you start citing biblical verses that blow the > >crap out of their preconceptions? > > > >Ted > > > > I learned years ago that it is a waste of time. They just say it > doesn't apply because . > > And I thought the Ouija-board mouse pad was one of the funniest things > I've ever seen. http://www.greystoneinn.net/d/20010104.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: distrubuting distro
On Wed, Feb 02, 2005 at 02:22:38PM +0100, Erik Trulsson wrote: > It has been widely alleged (and is even likely) that Windows got large > parts of the TCP/IP implementation from some BSD implementation, but so > far no proof has appeared. Actually, MS admitted to it. From Win2k on, much of the TCP/IP stack comes from FreeBSD. http://64.233.161.104/search?q=cache:anQ7meaPIZgJ:www.my-opensource.org/lists/myoss/2001-06/msg00031.html+Microsoft+freebsd+tcp/ip+hotmail+dns+hosting+zdnet&hl=en ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How do I do a COLD Reboot on FreeBSD?
This may help. http://www.faqs.org/faqs/assembly-language/x86/general/part3/section-5.html Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dhclient stops trying to get a new lease
On Fri, Jan 28, 2005 at 10:58:56PM +0100, Nicolas wrote: > Why did it stopped trying ? What should I do to tell him to try forever > until it can acquire a lease ? That's set in dhclient.leases, in the expire setting. Look in man dhclient.leases In my case, expire is set by my ISP, as part of the lease. You may be able to set it a century into the future by setting up a permanent lease. I've never tried it, so I don't know. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Backups / Dump etc
On Fri, Jan 14, 2005 at 12:30:49PM -0800, Tabor Kelly wrote: > Jeff MacDonald wrote: > > > > On a related note: > > If I want to do complete dumps of all of my file systems do I need to be > in single user mode? Will running in multiuser mode (with all of my > normal daemons running) mess up my dumps? Use the -L flag Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Hosts.allow and netatalk/cups
On Tue, Jan 11, 2005 at 02:31:47AM -0500, Bob Hall wrote: > Three questions: > > How do I cause changes in the hosts.allow file to take effect without > rebooting? Everything I've seen says to restart inetd, but I'm not using > inetd. I searched with different keywords and found the answer to this in the archives. Searching the archives, Googling, and experimentation still haven't turned up an answer to the two below. > How do I compile netatalk without CUPS? I don't see any obvious > switches, but there has to be something that tells Make to use CUPS, > because it gives a message saying that it's checking if CUPS can be > included. > > How do I get netatalk to use the dbd cnid scheme? It ignores the > path name cnidscheme:dbd > setting in AppleVolumes.default and the > - -cnidserver localhost:4700 > setting in afpd.conf. Regardless of what the cnidscheme setting is, it > announces that's there's no cnid scheme selected and uses the default. > > Bob Hall > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Hosts.allow and netatalk/cups
On Tue, Jan 11, 2005 at 02:37:23PM +0700, Olivier Nicole wrote: > To my knowledge, the effects in /etc/hosts.allow are immediate as soon > as you save the modified file. > > And I have been using it that way for many years. > > No need to killall -HUP inetd, no need to reboot. > > If after a change the service is still not available: > > - you did not allow the right thing > > - the servcie would not be working even without tcp wrapper > > Try to add ALL : ALL : allow at the top of /etc/hosts/allow. Does the > service work? Then you made a mistake when trying to open tcp wrapper > for that specific service. Else the problem is not with tcp wrapper / > hosts.allow. Thanks for the comments, but changes to /etc/hosts.allow don't take effect until the system is rebooted. And when the system is rebooted, they definitely take effect. Two entries that take effect if and only if the system is rebooted: smbd : .krig.net : allow afpd : .krig.net : allow Commenting these out and saving the file has no effect. Rebooting the system stops Windows and Mac file sharing. Uncommenting them and saving the file has no effect. Rebooting the system restores Windows and Mac file sharing. uname -a FreeBSD kongemord.krig.net 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE #0: Mon Sep 13 00 :17:04 EDT 2004 kongemord.krig.net:/usr/obj/usr/src/sys/KONGEMORD0 i386 Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hosts.allow and netatalk/cups
Three questions: How do I cause changes in the hosts.allow file to take effect without rebooting? Everything I've seen says to restart inetd, but I'm not using inetd. How do I compile netatalk without CUPS? I don't see any obvious switches, but there has to be something that tells Make to use CUPS, because it gives a message saying that it's checking if CUPS can be included. How do I get netatalk to use the dbd cnid scheme? It ignores the path name cnidscheme:dbd setting in AppleVolumes.default and the - -cnidserver localhost:4700 setting in afpd.conf. Regardless of what the cnidscheme setting is, it announces that's there's no cnid scheme selected and uses the default. Bob Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dhclient: send_packet: Permission denied
On Sat, Jan 08, 2005 at 08:25:39PM -0500, Bob Hall wrote:
> I keep getting the message
> dhclient: send_packet: Permission denied
This stopped when I added
${fwcmd} add allow udp from ${router} bootps to ${bcast} bootpc
in via ${oif}
to my rule set.
My dhclient was broadcasting packets but the firewall wasn't letting the
broadcast responses from the router in. Once dhclient could read the
responses (which included the DHCP server address), it stopped trying to
send the packets that were being blocked.
I'm using a modified version of the SIMPLE rule set for IPFW. If the
DHCP rules are anywhere after the NAT divert rule, they are never
triggered. Something else is denying or allowing the DHCP packets. This
doesn't make any sense to me, but I moved the DHCP rules to the
beginning of the rule set and all is well.
For anyone who's interested, here's the rules I added to handle DHCP
packets. They allow direct traffic between my host (oip) and the DHCP
server (dhcps), and between oip and the subnet router (router). They
also allow broadcast packets from dhcps, router, and oip, provided they
come from and are directed to the correct bootp ports. These rules
should follow the "setup_loopback" call, unless you explicity assign
rule numbers.
In addition, dhcps sends an echo request to an address before assigning
it, to check if it's already in use. Since I don't honor echo requests,
I added two rules to to respond to dhcps's echo requests. A DHCP client
should should double check before accepting an IP address by sending an
ARP packet, but it's not required and doesn't always happen. My ISP
changed my IP address while I was testing this because I failed to
respond to the server's echo request and the client that got my old
address didn't check to see if it was in use.
## DHCP server IP address
#
search_text="dhcp-server-identifier"
file_path=`ls /var/db/dhclient.leases`
if [ -z `echo ${file_path} | grep 'No such file or directory'` ]
then
dhcps=`grep ${search_text} ${file_path} | sed 's/.* \([0-9.]*\);/\1/'`
fi
if [ -z "${dhcps}" ]
then
dhcps="any"
fi
## DHCP router IP address
#
if [ -z `echo ${file_path} | grep 'No such file or directory'` ]
then
# If > 1 router is listed, get the last one.
router=`grep "routers" ${file_path} | sed 's/.*[^0-9.]\([0-9.]*\);/\1/'`
fi
if [ -z "${router}" ]
then
router="any"
fi
## Broadcast address
bcast="255.255.255.255"
#
## DHCP section (Immediately following "setup_loopback")
##
${fwcmd} add allow udp from ${dhcps} bootps to ${oip} bootpc in via ${oif}
${fwcmd} add allow udp from ${oip} bootpc to ${dhcps} bootps out via ${oif}
${fwcmd} add allow udp from ${router} bootps to ${oip} bootpc in via ${oif}
${fwcmd} add allow udp from ${oip} bootpc to ${router} bootps out via ${oif}
${fwcmd} add allow udp from ${dhcps} bootps to ${bcast} bootpc in via ${oif}
${fwcmd} add allow udp from ${router} bootps to ${bcast} bootpc in via ${oif}
${fwcmd} add allow udp from ${oip} bootps to ${bcast} bootpc out via ${oif}
###
## ICMP section
##
...
${fwcmd} add pass log icmp from ${dhcps} to ${oip} icmptype 8 in via ${oif}
${fwcmd} add pass log icmp from ${oip} to ${dhcps} icmptype 0 out via ${oif}
Bob
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I quit
On Sun, Jan 09, 2005 at 06:17:36PM -0600, Scott Bennett wrote: > On Sun, 9 Jan 2005 08:54:55 -0600 Andrew L. Gould <[EMAIL PROTECTED]> > wrote: > > >Mac OSX is based upon FreeBSD and may have native versions of the > > Mac OSX was--and unless something has changed drastically in the last > few weeks, still is--based upon NextStep, another proprietary UNIX that was > based upon a Mach 2.4-2.5 kernel and 4.3BSD above that. >From http://developer.apple.com/unix/: Specifically, it is based in part on BSD 4.4 Lite. On a system level, many of the design decisions are made to align with BSD-style UNIX systems. Most libraries and utilities are from FreeBSD (http://www.freebsd.org/), but some are derived from NetBSD (http://www.netbsd.org/). For future development, Mac OS X has adopted FreeBSD as a reference code base for BSD technology. Work is ongoing to more closely synchronize all BSD tools and libraries with the FreeBSD-stable branch.. Your statements applied to the original OSX. It has shifted to 4.4BSD, Mach 3, and FBSD during the course of development, with lots of contributions from Net and OpenBSD. The changes didn't happen in the last few weeks. They happened continuously during the system's development. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dhclient: send_packet: Permission denied
I keep getting the message dhclient: send_packet: Permission denied I try sockstat | grep dhclient and get root dhclient 247 4 udp4 *:68 *:* root dhclient 247 6 dgram -> /var/run/log I utter psgrep dhclient and get root 247 0.0 1.0 1812 1284 ?? Ss 2:13PM 0:00.26 /sbin/dhclient rl0 I've tried setting up special rules in the firewall to catch the dhclient packets, and the firewall doesn't seem to be stopping them. The ipfw rules to pass the packets are allow udp from any 68 to 255.255.255.255 dst-port 67 out via rl0 allow udp from any 67 to 255.255.255.255 dst-port 68 in via rl0 "ipfw show" doesn't register any packets even when dhclient is complaining about not being able to send packets. I can get an IP address, no problem. From the messages log: dhclient: New IP Address (rl0): dhclient: New Subnet Mask (rl0): 255.255.254.0 dhclient: New Broadcast Address (rl0): dhclient: New Routers: But even with this, I'm still getting the Permissin denied message. The only DHCP configuration I've done is in the rc.conf file: ifconfig_rl0="DHCP" I'm not using inetd. This has been a problem starting with FBSD 4.4 through 4.8. and with my current system, 5.2.1. I'll upgrade to 5.3 in a month or so when I have the time, but the problem seems to occur on all versions. I've searched the archives and Googled extensively, and I can find messages from other people with the same problem, but I haven't found a solution. I used tcpdump to look at the UDP traffic through the bootp ports. About once an hour, my host would send a UDP packet out the bootpc port to the bootps port at the broadcast address. I would get a reply back from my ISP's router with the DHCP server's IP address. Shortly before it was time to renew the DHCP lease, my host started sending out a boatload of these broadcast packets, with no response from my ISP. This stopped at the time the old lease listed as the renew time. The only thing I received from the DHCP server IP address was an echo request packet, which I didn't respond to. In spite of the fact that there was no evidence of UDP traffic between my host and the DHCP server, my DHCP lease was renewed and my IP address was changed. That's the first time my IP address has been changed when I wasn't off line. Output from ipfw list: 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 deny ip from 192.168.0.240/28 to any in via rl0 00500 deny ip from 68.230.190.0/23 to any in via xl0 00600 deny ip from any to 10.0.0.0/8 via rl0 00700 deny ip from any to 172.16.0.0/12 via rl0 00800 deny ip from any to 192.168.0.0/16 via rl0 00900 deny ip from any to 0.0.0.0/8 via rl0 01000 deny ip from any to 169.254.0.0/16 via rl0 01100 deny ip from any to 192.0.2.0/24 via rl0 01200 deny ip from any to 224.0.0.0/4 via rl0 01300 deny ip from any to 240.0.0.0/4 via rl0 01400 allow ip from any to any via xl0 01500 divert 8668 ip from any to any via rl0 01700 deny ip from 10.0.0.0/8 to any via rl0 01800 deny ip from 172.16.0.0/12 to any via rl0 01900 deny ip from 192.168.0.0/16 to any via rl0 02000 deny ip from 0.0.0.0/8 to any via rl0 02100 deny ip from 169.254.0.0/16 to any via rl0 02200 deny ip from 192.0.2.0/24 to any via rl0 02300 deny ip from 224.0.0.0/4 to any via rl0 02400 deny ip from 240.0.0.0/4 to any via rl0 02500 allow tcp from any to any established 02600 allow ip from any to any frag 02700 deny log tcp from any to any in via rl0 setup 02800 allow tcp from any to any setup 02900 allow udp from 68.230.186.138 to any dst-port 53 keep-state 03000 allow udp from any 123 to any dst-port 123 via rl0 03100 allow icmp from any to any icmptypes 3,4,8 out via rl0 03200 allow icmp from any to any icmptypes 0,3,4,11 in via rl0 03300 allow udp from any to any dst-port 33434-33523 out via rl0 03400 allow udp from any 68 to any dst-port 67 out via rl0 03500 allow udp from any 67 to any dst-port 68 in via rl0 03600 allow udp from any 68 to 255.255.255.255 dst-port 67 out via rl0 03700 allow udp from any 67 to 255.255.255.255 dst-port 68 in via rl0 03800 allow udp from any 68,67 to any dst-port 68,67 via rl0 65535 deny ip from any to any If I set up a specia deny all rule for UDP packets in IPFW (after rules allowing DNS, NTP, and traceroute and Windows ping), nothing triggers it. Nothing triggers the rules that I set up to allow the DHCP packets. Tcpdump doesn't show any UDP traffic between my host and the DHCP server. And yet dhclient is complaining that it doesn't have permission to send packets, and my DHCP lease is being renewed. Can anybody explain to me what is happening? Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
dhclient: send_packet: Permission denied
I keep getting the message dhclient: send_packet: Permission denied I try sockstat | grep dhclient and get root dhclient 247 4 udp4 *:68 *:* root dhclient 247 6 dgram -> /var/run/log I utter psgrep dhclient and get root 247 0.0 1.0 1812 1284 ?? Ss 2:13PM 0:00.26 /sbin/dhclient rl0 I've tried setting up special rules in the firewall to catch the dhclient packets, and the firewall doesn't seem to be stopping them. The ipfw rules to pass the packets are allow udp from any 68 to 255.255.255.255 dst-port 67 out via rl0 allow udp from any 67 to 255.255.255.255 dst-port 68 in via rl0 "ipfw show" doesn't register any packets even when dhclient is complaining about not being able to send packets. I can get an IP address, no problem. From the messages log: dhclient: New IP Address (rl0): dhclient: New Subnet Mask (rl0): 255.255.254.0 dhclient: New Broadcast Address (rl0): dhclient: New Routers: But even with this, I'm still getting the Permissin denied message. The messages log also includes this: dhclient: Can't bind to dhcp address: Address already in use dhclient: Please make sure there is no other dhcp server dhclient: running and that there's no entry for dhcp or dhclient: bootp in /etc/inetd.conf. Also make sure you dhclient: are not running HP JetAdmin software, which dhclient: includes a bootp server. In addition to the system generating these messages on its own, I can also prod it into generating them by uttering dhclient rl0 I'm not running HP JetAdmin software, and the dhclient setup is perfectly stock. I haven't installed any additional DHCP software. I'm not running a DHCP server. The only DHCP configuration I've done is in the rc.conf file: ifconfig_rl0="DHCP" I'm not using inetd. This has been a problem starting with FBSD 4.4 through 4.8. and with my current system, 5.2.1. I'll upgrade to 5.3 in a month or so when I have the time, but the problem seems to occur on all versions. I've searched the archives and Googled extensively, and I can find messages from other people with the same problem, but I haven't found a solution. It seems as though a second copy of dhclient is firing up and tryng to bind to port 68, and getting blocked by the existing copy of dhclient. Anybody have a clue what's going on, or why that would be happening? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
On Thu, Sep 18, 2003 at 08:54:30AM +0800, Robert Storey wrote: > On Wed, 17 Sep 2003 14:29:22 -0400 > "Bob Hall" <[EMAIL PROTECTED]> wrote: > > Apologies humbly offered. Apparently, I'm getting confused by reading My fault. I'm too impatient. > the tons of documentation I've been looking at. For now, option No. 1 > will do - I just want to get kernel ppp working with a firewall enabled. > So far, I've gotten ppp working, but only with the firewall disabled. Good. Use that as a starting point. Revert back to the cofiguration that worked, and we'll add a firewall. With option 1, your box is not a gateway. However, if you use the box as a gateway later, you will need NAT. If you are using pppd, you'll need to implement NAT in the firewall. In that case, you'll need the IPFIREWALL and IPDIVERT options. If you have already recompiled with them, don't change that. They won't hurt you now and you'll need them later. > > You also need > > options IPFIREWALL > > for any of the three options. > > Now that's interesting. I did indeed read that in "FreeBSD Unleashed", > but "The Complete FreeBSD" says "If you wish you can build a kernel with > firewall support...but you don't need to build a new kernel. You can > load the KLD /boot/kernel/ipfw.ko instead: #kldload ipfw" > So I tried that, and it told me it was already loaded. What did "kldstat" return? Lehey can do lots of things with FBSD that I don't know how to do. I've never tried loading IPFW as a dynamic module. I've seen posts from people who've tried it and had problems. Your milage will vary. My belief is that you connect to the internet often enough that you don't gain anything by using a dynamic module. You might as well load IPFW at bootup. > OK, that part I knew, but what setting should I use? Just leave it > blank? When I try "ifconfig -a" it always gives me an address in the > format 168.95.xx.xx where x can be any number. Start with the "OPEN" firewall. If there are no firewall rules, the rules can't cause problems. Once you know that the firewall is working, you can switch to client or simple. If you have a problem at that point, you've isolated the problem to your ruleset. Before using an open firewall, make sure that /etc/hosts.allow is configured to allow only localhost and machines on your LAN to establish connections. Anything external to your LAN should be blocked, at least until your firewall is no longer "OPEN". ALL : localhost 127.0.0.1 : allow ALL : box1.lan.net 192.168.0.1 : allow ... portmap : 192.168.0.0/255.255.255.250 : allow ALL : ALL : deny or something similar. > Again, thank you for your help. Sorry for my stupidity, but I am As a beginner, you have no right to claim stupidity. You are only entitled to vague feelings of incompentence. It will take a couple of years of having the computer constantly make you look like a fool to develop and sharpen those feelings into true stupidity. Until then, use the force. > probably the only FreeBSD user within 100 miles of where I live - on one > around here who I can ask. I don't personally know any FBSD users, other than myself. My geek friends are into Linux. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: What's the difference between FreeBSD and OpenBSD?
On Wed, Sep 17, 2003 at 03:07:39PM +0200, Nico Meijer wrote: > Roughly, FreeBSD's mailing lists are friendlier than OpenBSD's, unless > (and this can't be stressed enough methinks) you do your homework. So That's correct. There's nothing I hate worse than a FBSD geek who has done all the assigned problems for Diff Eq class. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
At this point, I'm a little confused. You said previously that this would be the only machine that accessed the Internet via PPP. Now you're setting it up as the gateway, which means that other machines will be accessing the Internet via PPP on your gateway. To reiterate from an earlier post, you have three options: 1) This is not a gateway. You need PPP and a firewall. 2) This is a gateway. You need PPP, a firewall, and NAT implemented via user PPP. 3) This is a gateway. You need PPP, a firewall, and NAT implemented via the firewall. Decide on an option, and tell us which you're going to implement. On Wed, Sep 17, 2003 at 05:23:25PM +0800, Robert Storey wrote: > In the continuing saga of my firewall configuration... > > One kind member of this list suggested I must compile this into my > kernel: > > options IPDIVERT You need that only for option 3. You also need options IPFIREWALL for any of the three options. > So I did that, and it made a difference though it didn't solve the > problem. Previously, whenever I started ppp, if I attempted to ping I > would get this error message: > > [EMAIL PROTECTED]:~> ping slashdot.org > ping: cannot resolve slashdot.org: Host name lookup failure > > Now when I ping, I get no response - no error messages, but no other > feedback. I think this is an improvement, but something is still > preventing me from getting a response from ppp. > > To reiterate, this is everything I've done so far: > > FROM /etc/rc.conf: > > firewall_enable="YES" > firewall_script="/etc/rc.firewall" > firewall_type="simple" > natd_enable="YES" > natd_interface="ppp0" > > FROM /etc/rc.firewall: > > # set these to your outside interface network and netmask and ip > oif="ppp0" > onet="168.95.0.0" > omask="255.255.255.255" > oip="168.95.0.0" oip = Outer IP address. 168.95.0.0 is not your oip. Once again, the oip is found in the ppp0 section of the output from "ifconfig -a". It changes every time you dial up. > # set these to your inside interface network and netmask and ip > iif="vr0" > inet="192.168.0.0" > imask="255.255.255.0" > iip="192.168.0.2" > > Kernel recompile: > options IPDIVERT See above. > CONTENT OF /etc/hosts: > # > ::1 localhost localhost.utopia.com > 127.0.0.1 localhost localhost.utopia.com > # > 192.168.0.3 ibm.utopia.com ibm > 192.168.0.2 sonic.utopia.comsonic > 192.168.0.1 pro.utopia.com pro I use local DNS, so I've never manually written anything in my hosts file, but I think you need to add an address for DNS lookup. It's possible that this is entered automatically when you dial up. As I said, I don't do DNS this way, so I'm not sure how your setup should work. > I also used sysinstall to designate this machine as a gateway. Was that > the right thing to do? Tell us whether or not you've decided to use this machine as a gateway. You can't proceed, and we can't help you, until you make that decision. If you decide to use this machine as a gateway, then you have to decide how you're going to implement NAT. Again, you can't proceed, and we can't help you, until you decide. You have to pick one of the three options listed at the top. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
On Tue, Sep 16, 2003 at 06:17:13PM +0800, Robert Storey wrote: > On Mon, 15 Sep 2003 18:56:07 -0400 > "Bob Hall" <[EMAIL PROTECTED]> wrote: > > > Another poster pointed out, and I seconded, that you need to set up > > NAT. There was no divert rule in your previous rule list, and you > > haven't mentioned setting up NAT, so I assume you still haven't done > > it. Without NAT, your gateway computer will be able to use PPP without > > your previous firewall, but none of your other computers will be able > > to connect. > > Dear Bob, > > Thanks. Acting on Scott's suggestion, I put this in /etc/rc.conf: > > natd_enable="YES" > natd_interface="ppp0" > > However, I'm still left with the same problem - with the firewall > enabled, ppp is blocked. Maybe I should clarify - it's the gateway > machine that cannot access ppp. I'm not worried about the other machines > on the network gaining access to ppp. Anyway, the internal network is OK > even with the firewall enabled, but the firewall is definitely blocking > my ppp connection. > > If I were smarter, I could probably tweak the network settings in > /etc/rc.firewall. But all I'm trying to do is use the "simple" > configuration (which so far is not proving to be simple). > > I'm pretty much out of ideas on this. OK. I think I've figured out what you don't know. Your firewall is configured to work with 192.168.0.xxx addresses. These are special addresses that should only be used inside your LAN. Anyone outside your LAN, including your ISP, should never see them. NAT (Network Address Translation) is used to convert your internal IP address to the address assigned by your ISP when you dial up. That is the IP address associated with your ppp0 device, which you see when you type "ifconfig -a". Without NAT, your firewall is allowing your 192.168.0.xxx addresses to access the internet, but they don't have an external connection. Your ppp0 device, which does have an external connection, is being blocked because it doesn't have a 192.168.0.xxx address. Everyone who responded to you has been assuming that your box with the dial up connection was a gateway; i.e. the gateway used by the other computers to access the Internet. If this is the case, then you need to set up NAT by one of two methods: 1) recompile the kernel with the following two options: options IPFIREWALL #firewall options IPDIVERT#divert sockets Then you need to add a "divert" rule to your firewall that translates internal addresses to your external address. 2) If you are using user PPP, you do the same thing by using PPP's built in NAT function. If your box with the dial up connection is not a gateway (i.e. it is the only computer that will access the Internet), then use the CLIENT rule set, but use the external IP address, not the 192.168.0.xxx address. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
On Mon, Sep 15, 2003 at 06:56:07PM -0400, Bob Hall wrote: > Once you've got NAT set up, your oip should be 168.95.46.33. I should have said: Your oip should not be 168.95.0.0. It should be whatever your ISP assigned to you when you logged on. This will probably change every time you dial up, so you'll need some way of setting it for each dial up. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NAT without recompiling my kernel ?
On Mon, Sep 15, 2003 at 08:55:01PM +0100, Wayne Pascoe wrote: > Hi all, > > I've got ipfw working and logging without recompiling my kernel. I've > now hit my next problem... > > Is it possible to use NAT without recompiling ? I've kldloaded the\ No. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
On Mon, Sep 15, 2003 at 09:25:51PM +0800, Robert Storey wrote: > On Sun, 14 Sep 2003 23:52:40 -0400 > "Bob Hall" <[EMAIL PROTECTED]> wrote: > > > Could you be more specific about what doesn't work? Have you tried > > ping and traceroute? nslookup? HTTP? Sometimes when people are having > > trouble, it turns out that they are having trouble with specific apps, > > but otherwise can connect successfully. > > > > It looks like you're using the CLIENT ruleset from the default > > rc.firewall. If this firewall is for a LAN, you will have more success > > with the SIMPLE ruleset. (I made the same mistake the first time I set > > up a LAN firewall.) > > Thanks, that was a good suggestion (to use the SIMPLE ruleset). However, > I'm still not getting through with PPP. Here is the output of ifconfig > when I'm online: > > > [EMAIL PROTECTED]:~> ifconfig > vr0: flags=8843 mtu 1500 > inet6 fe80::20c:6eff:fe0a:ca02%vr0 prefixlen 64 scopeid 0x1 > inet 192.168.0.2 netmask 0xff00 broadcast 192.168.0.255 > ether 00:0c:6e:0a:ca:02 > media: Ethernet autoselect (none) > status: no carrier > lp0: flags=8810 mtu 1500 > lo0: flags=8049 mtu 16384 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 > inet 127.0.0.1 netmask 0xff00 > ppp0: flags=8051 mtu 1524 > inet 61.227.219.11 --> 168.95.46.33 netmask 0xff00 > > AND the result of a ping: > [EMAIL PROTECTED]:~> ping slashdot.org > ping: cannot resolve slashdot.org: Host name lookup failure > > > This is my current configuration in /etc/rc.firewall: > > # set these to your outside interface network and netmask and ip > oif="ppp0" > onet="168.95.0.0" > omask="255.255.255.255" > oip="168.95.0.0" > > # set these to your inside interface network and netmask and ip > iif="vr0" > inet="192.168.0.0" > imask="255.255.255.0" > iip="192.168.0.2" Another poster pointed out, and I seconded, that you need to set up NAT. There was no divert rule in your previous rule list, and you haven't mentioned setting up NAT, so I assume you still haven't done it. Without NAT, your gateway computer will be able to use PPP without your previous firewall, but none of your other computers will be able to connect. Once you've got NAT set up, your oip should be 168.95.46.33. Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: firewall
On Sun, Sep 14, 2003 at 05:27:15PM +0800, Robert Storey wrote: > Dear All, > > I'm having a hard time configuring a firewall. I ALMOST understand it, > but I've run into one problem. I think I don't actually have my > /etc/rc.firewall set up properly. Maybe I don't really understand what > the "ip" setting should be, and I've made it the same as my "net" > setting. Anyway, what I can say is that with the configuration I have, I > can access my internal (ethernet) network, but ppp is totally blocked, > which of course I don't want. Could you be more specific about what doesn't work? Have you tried ping and traceroute? nslookup? HTTP? Sometimes when people are having trouble, it turns out that they are having trouble with specific apps, but otherwise can connect successfully. It looks like you're using the CLIENT ruleset from the default rc.firewall. If this firewall is for a LAN, you will have more success with the SIMPLE ruleset. (I made the same mistake the first time I set up a LAN firewall.) Bob Hall ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
