Re: How can I route through a pc that is also using a router??
Hi! Describe the test-machine, please. If both workstations are on the same subnet, you should probably configure the test-machine as an ip-forwarder or even as an ethernet-level bridge. If your personal workstation is on a different subnet, which is not serviced by proxy or dns, you should configure NAT on the test-machine. In general, there's little problem in cascading gateway installations. Regards, Andrew P. Good day! I have two workstations at work, 1 my personal, and the other, a test machine. My boss told me to configure a pcrouter, that is, the testmachine and let my personal pc connect through the internet through the testmachine: Here's the scenario: The testmachine already knows how to connect through the outside world but, also through a gateway testmachine(10.10.8.111)---gateway(10.10.8.254)[proxy][DNS]-- --internet And to let my pc connect to the internet through the testmachine, I've set its default gateway to the ip of the test machine. But it doesn't seem to work. When I tried to lauch my browser, the error indicates that it cannot seem to find its way to the proxy server. I've tried adding another line in my routing table like this: Destination Gateway proxy(202.90.128.14) testmachine(10.10.8.111) But it still won't work. Do you know what i've been missing here? I'm thinking perhaps the test machine should connect to the internet directly without using a gateway anymore.. Any idea? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pf for FreeBSD
hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ Cristi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dictd, UTF-8, FreeBSD 4.10
Has anybody been able to get dictd working with UTF-8 dictionaries in FreeBSD 4.10? When I start dictd --locale de_DE.UTF-8 it seg. faults. I do have the UTF-8 locales installed and the dictionary should be fine as it works for dictd running on a Linux machine. I'm using dictd-1.9.11 installed from the ports. Thanks, Sandy ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How can I route through a pc that is also using a router??
My workstation and the testmachine both belongs to the same subnet: Here are the details: workstation -- 10.10.8.110 testmachine -- 10.10.8.111 Gateway -- 10.10.8.254 DNS --- 202.90.128.3 202.90.158.101 Proxy --- 202.90.128.14 Port: 3128 --- Andrew [EMAIL PROTECTED] wrote: Hi! Describe the test-machine, please. If both workstations are on the same subnet, you should probably configure the test-machine as an ip-forwarder or even as an ethernet-level bridge. If your personal workstation is on a different subnet, which is not serviced by proxy or dns, you should configure NAT on the test-machine. In general, there's little problem in cascading gateway installations. Regards, Andrew P. Good day! I have two workstations at work, 1 my personal, and the other, a test machine. My boss told me to configure a pcrouter, that is, the testmachine and let my personal pc connect through the internet through the testmachine: Here's the scenario: The testmachine already knows how to connect through the outside world but, also through a gateway testmachine(10.10.8.111)---gateway(10.10.8.254)[proxy][DNS]-- --internet And to let my pc connect to the internet through the testmachine, I've set its default gateway to the ip of the test machine. But it doesn't seem to work. When I tried to lauch my browser, the error indicates that it cannot seem to find its way to the proxy server. I've tried adding another line in my routing table like this: Destination Gateway proxy(202.90.128.14) testmachine(10.10.8.111) But it still won't work. Do you know what i've been missing here? I'm thinking perhaps the test machine should connect to the internet directly without using a gateway anymore.. Any idea? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 3ddesktop
Jason wrote: ive installed 3ddesktop 0.2.7 from ports im running x.org 6.7 on a 386 box with a voodoo 3 2000 box.. I have tdfx.ko loaded and dmesg reports info: [drm] Initialized tdfx 1.0.0 20010216 on minor 0 but when I run 3ddesk, I get [EMAIL PROTECTED] 3ddesk Attempting to start 3ddesktop server. Daemon started. Run 3ddesk to activate. 3ddeskd: glXIsDirect failed, no Direct Rendering possible! 3ddeskd: Please configure hardware acceleration. Exiting. any ideas? regards, Jason I'm not sure voodoo 3 is 100% standard OpenGL, voodoo 1 2 are not, maybe the card does not support all extensions required/requested to run 3ddesktop. Or it could be the bitdepth, I it can only do 16bit in 3D, it cannot do 32bit, that I know for sure. -yuri ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Max memory + swap
Hello, I'm deploying a new server with FreeBSD 4.10-Release and I'll need a quite big piece of memory. I was thinking of installing 1 Gb of RAM plus another Gigabytes of swap. I seems to remember some limit / problem when RAM + swap go over 2 or 4 Gbytes total, is this true ? (without PAE or similar things, it's a normal P4 machine) I would avoid to tweak kernel parameters, if possible, like KVA pages and similar things I don't know ;) Anyone with similar experiences could, please, remember me actual limits ? Many thanks in advance! -- Alessandro de Manzano System Network Administrator Playstos - TIMA S.p.A. Corso Sempione 63 20149 Milano, Italy tel.: +39-023314153 fax : +39-02315678 email: [EMAIL PROTECTED] http://www.playstos.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IP address conflicts
On Mon, Sep 27, 2004 at 08:20:42PM -0700, Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matthew Seaman Sent: Monday, September 27, 2004 2:22 AM To: Tim Aslat Cc: [EMAIL PROTECTED] Subject: Re: IP address conflicts On Mon, Sep 27, 2004 at 08:51:47AM +0930, Tim Aslat wrote: I have an annoying situation in a school I do casual work in their IT department. There are a number of individuals within the system who think it's funny to allocate an IP address on a workstation identical to the network's proxy/web/mail servers. What I'd like to know is, would there be any way of preventing this short of spending quite a lot of money on managed switches an the like? Well, you could move all of the servers onto a separate network to any of the individual client machines (and make sure that the server network isn't accessible from any of the network ports your clients have access to, clearly). That way, even if one of your pet idiots decides to 'borrow' a server IP address, the network routing means that all they are going to do is hurt themselves. You must want to HELP the little shits then. Please do not ascribe such motives to me in such an insulting manner. You have a point, but you need to learn how to be less inflammatory in making it. Think of this for a second. Right now he has maybe 4-5 different servers that people are putting the IP numbers on. Once you move all those servers onto a separate subnet, now all the little twits have to do is put the IP number of the gateway router onto their systems, then the entire subnet that ALL the servers are on becomes inaccessible. Yes, you are quite right. I missed that. However the OP is stuck between a rock and a hard place. He (or his school) is saying they can't afford the correct equipment to really solve the problem. As it is, he's getting the flak when things aren't working right (what else is new?) On consideration, it strikes me that the thing to realise is that this has gone beyond a technical argument. This is now also a political argument and a financial argument. His bosses do not either see the justification for investing in equipment to make the network proof against such attacks, neither do they have the incentive to come down like a ton of bricks on the malefactors. It's counter-intuitive I know, and goes against all of the best instincts of any good systems administrator, but the OPs arguments would be strengthened if the problem was or /appeared to be/ *worse* than it is currently. Machiavellianly, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpTo4YvEZ96M.pgp Description: PGP signature
RE: IP address conflicts
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of russell Sent: Monday, September 27, 2004 9:52 PM To: Ted Mittelstaedt Cc: bsdfsse; [EMAIL PROTECTED] Subject: Re: IP address conflicts On 28/09/2004, at 1:25 PM, Ted Mittelstaedt wrote: or use a tool like arpwatch that is specifically designed to let you know when MAC/IP relationships change on your network. You don't even need to do that - any router on the network is going to log the MAC address because they will see the arp change, as will the other servers. yeah, of course they'll see the change. but what will they do about it? update their internal ARP table and that's about it, unless they're smart enough (and correctly configured) to do more. arpwatch is simple to install and will notify you straight away when things happen that might need your attention. My guess is that the phone calls from the people that suddenly cannot get mail are as effective as arpwatch would be in this situation. Even if arpwatch notifies him the instant it happens he's still going to be screwed without a managed switch the offender is coming from. Don't get me wrong I'm not advocating against putting more monitoring on the network. It is just with this situation no amount of monitoring is going to compensate for a bunch of dumb, unmanaged hubs all tied together. There's a danger of putting too much energy into software when what is going to help most is more powerful hardware. It's actually amazing that he's not already melted down under a host of broadcast storms and such already. From the description it sounds like the Ethernet rules have been broken many times here already. you log the MAC addresses of all the fixed workstations in the school, then when one of them starts doing the wrong thing you know *exactly* where to go to nab the culprit. How, exactly? Do you think that he has a list of all MAC addresses on the network and who is using them? the educational institutions I've worked in tend to be pretty anal about having a database of what computers they own and where they're located - something to do with stopping people from walking off with their assets. if your vendor is good they'll provide the machine MAC address along with the serial number and amount of installed RAM. if not then there's some walking to do. spend half a day and document the fixed machines on the network. He's already said they have over 2K nodes on the network many of which are student-owned laptops. You could take a month on something like this and still not have all of them. Not to mention that in a few seconds the owner of the offending system can easily spoof the mac address to a fake one, or more likely, that of another, innocent, machine on the network. Getting the MAC address is not the problem. Finding it on what is essentially a completely flat network is. You need managed switches for this so you can see what port the offending MAC address is on. now you're assuming that there's documentation as to what ports come out at what wall points, and that there's not still a lab full of dead-ass old machines sitting on 10Base2. He already said most of his hubs are non-managed. To do any kind of tracking down to the port level means these hubs are going to have to be replaced with managed switches. When that happens you would definitely document the wiring if you haven't already. And as far as thinnet goes, I wouldn't pay a lot of attention to that because large thinnet segments go down so much already a few more problems won't even be noticed. Any of his thinnet chains are going to have to terminate in a switch eventually, you just make sure that the port they terminate in is in a managed switch. If it's not one of the fixed workstations then you've got a bit more work to find the kiddie, but it's nothing insurmountable. Unless of course the kiddies are using made up MAC addresses like BADBEEF, DEADBEEF, CO1DCOED, and such. I'm assuming here, having worked in uni computer labs and seen this sort of crud being done, that what's happening is someone is changing the network settings on a PC... I don't recall seeing a text field next to the enter your IP address box that says enter your MAC address... That is because it is not in that location. The MAC address is setup by the nic device driver, not by the OS. Most Windows nic device drivers have a field where a user-defined MAC address can be entered. For example, on a convenient system here, Win2K on a Taiwanese motherboard based on the VIA chipset, under the Administrator user you go: Start-Settings-Network Dialup COnnections-right click Local Area Connection- Properties-then click the Configure button underneath the VIA Rhine II Fast Ethernet Adapter-click the Advanced tab-click Network Address and change the radio button from Not Present to Value, then type in the new MAC address in the
Re: Very very slow
Le 27/09/2004 à 19:14:57-0500, Kevin D. Kinsey, DaleCo, S.P. a écrit Kris Kennaway wrote: On Mon, Sep 27, 2004 at 10:16:38AM +0200, Albert Shih wrote: 32 sec to do cd /usr/src time find . -type f -print /dev/null and on other computer I just need 0.8 sec to do that. I don't believe that, unless you already have all of /usr/src in cache. 32 seconds seems quite normal for searching and reading ~55000 directory entries (on the machine I just tried it took 42 seconds). Anyway, but on this computer I need ~ 10 hours to do make buildworld, and I think.it's verrryyy long. Regards. -- Albert SHIH Universite de Paris 7 (Denis DIDEROT) U.F.R. de Mathematiques. Heure local/Local time: Tue Sep 28 10:06:54 CEST 2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Max memory + swap
On Tue, Sep 28, 2004 at 09:49:02AM +0200, Alessandro de Manzano wrote: Hello, I'm deploying a new server with FreeBSD 4.10-Release and I'll need a quite big piece of memory. I was thinking of installing 1 Gb of RAM plus another Gigabytes of swap. I seems to remember some limit / problem when RAM + swap go over 2 or 4 Gbytes total, is this true ? (without PAE or similar things, it's a normal P4 machine) There have been problems when *physical* RAM is above 2GB (and on a P4 without PAE enabled it is not possible to go above 4GB) but 1GB RAM + a few GB swap should not be any problem. I would avoid to tweak kernel parameters, if possible, like KVA pages and similar things I don't know ;) Then don't go above 2GB RAM. To make that work I think you need to do exactly what ypu want to avoid. Anyone with similar experiences could, please, remember me actual limits ? Many thanks in advance! -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NTLDR missing after 5-RELEASE install
I've seen this before 5.0 release and made some investigation of this proble. I didn't look this thread carefully so excuse me if information I give to all you is useless. My investigation show that FreeBSD reads full partition table, and after modification puts it back. It fix all entries from its own point of view. Windows dies from change of end of partition entry. As I understand with large disk it shouldn't mean anything at all. But windows checks it. You may save this entry and after installation of FreeBSD put it back. rik Dimitry Andric wrote: On 2003-02-25 at 18:58:30 Andrew Boothman wrote: I can't understand how the 5.x boot manager has managed to break my windows boot, i've never had any trouble under 3.x or 4.x, both of which played with windows perfectly nicely. Sorry for catching up on this thread so late, but couldn't this be some nasty problem with hard drive geometries? I.e. FreeBSD's interpretation of the partition table could be totally different from Windows', causing the rather flaky Microsoft bootloaders to fail. I personally have had complaints from PartitionMagic and various other Windows-based tools about partitions being invalid or having different CHS and LBA boundaries etc, after installing some versions of FreeBSD, and creating partitions from its installer. Could you please give us some info about your drive geometry, and/or or a somewhat low-level dump of your partition table data? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: k3b cannot locate growisofs executable
--- BSDjunkie [EMAIL PROTECTED] wrote: I have now upgraded everything with portupgrade. Now that I have the k3b-0.11.14 version, I still get the same error message. :| Eureeka! I've found the problem! By executing growisofs under sudo I received the error message: growisofs -- executed under sudo -- exiting... I was executing k3b under sudo which makes growisofs exit. If I su to root, then I can run k3b and it finds growisofs. *WHEW* Thanks all who helped!!! Mark ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IP address conflicts
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Tim Aslat Sent: Monday, September 27, 2004 9:39 PM To: [EMAIL PROTECTED] Subject: Re: IP address conflicts It's not the number of switches that matter it's the number of active ports. 50 what, 8 port switches? or 24 port switches? Approximately 30 24 port switches, and a mix 'n' match of 8 - 48 port units. Being a legacy network, it's not what you would call standardised. So, about $10K, time, and a lot of judicious purchasing would get you all used switches that would be managed, same manufacturer. That's if you buy them yourself off Ebay. If you get a network vendor like Network Hardware Resale to put together a package like this your talking maybe $15-$20K Of course, there are some other ways of handling this too. Oppps, looks like another switch died, we are just having a rash of these failures lately! Must be bad power. And amazing - it's the switch that the head of the Engineering department and his staff are using! Guess they will just have to go without since we don't have the money for new switches It's amazing how money will appear out of thin air if certain oxen get gored. I'm tempted to try it. However, the bureaucracy in this place is incredible. They would rather cannibalise a smaller part of the network than just buy a new router/switch/whatever. oops, the switch you are suggesting I cannibalise uses the EtherToken system, totally incompatible, would have to buy all new adapters for all the PC's I've played that game too. What you have to keep in mind is that the people running things that think they know how stuff works, they really don't know how it works. If you dig in your heels, as long as you don't pull the broken switch routine too often, they will back down. When dealing with a bureaucracy I have found the most effective method is the vise treatment. Bureaucracies work to preserve themselves. Problems are viewed as threats that can disrupt the stability of the bureaucracy. If you have a couple heart-to-heart talks with the top kingpins of the administration (who are quite often fighting the bureaucracy themselves) completely off record of course, and then make things -very-bad- for the people at the bottom by simply doing nothing and allowing the bandaids to fall apart, the bureaucracy will find itself under pressure from the top and pressure from the bottom, and like a stuck turd being freed, money will come spewing out as the bureaucracy fights to keep itself preserved. An axiom you should remember is that no bureaucracy ever spends money unless it is afraid for it's life - and then in a panic it always spends far too much money on whatever solutions present themselves at the time. This is why you read stories about the competent network admin being fired because people were complaining about niggling problems, even though the admin was doing everything under budget, and an incompetent admin being hired to replace him who knows nothing whatsoever about anything, spends money like water, and rapidly creates so many bigger problems that the users forget all about the niggling ones that caused them to complain in the first place. (then the incompetent admin brings in an outside consulting firm and after getting it firmly established, quits his post and goes to work for the consulting firm, bleeding the organization dry.) But as a competent network admin, it is easy enough to figure all this out and do exactly what the incompetent admin does - and what that is, is make people scared that unless they spend a lot of money that they will not be able to keep their cushy jobs. If you do go this route then screw the desktop switches, get yourself some decent slotted hubs. You want a much higher port density than the crummy 24 in a typical rack mounted switch. Besides that, the switch vendor is gonna want to use your school as an example of how to do things right. Remember, if your going to go begging then you need to beg for the best stuff they have. Anything in particular that you would recommend? Cisco is the obvious choice here to go beg from. First they are a rich company. Second they are still trying to break out of the we're only a router manufacturer image and they want people to believe that they actually know how to produce switches. heh. The top of the line in the business of course is the 3com Switch 7700 series, but good luck prying them free. 3com is tops, they know they are tops, everyone thinks they are tops, and everyone wants their stuff. They don't need to give away things to get market share. But, you can always try. Enterasys is also another good one to go begging to, particularly because they are still trying to create a name for themselves. As you may know they are a spawn of Cabletron. Cabletron had some very good switching products, and that technology has transferred over to Enterasys,
Mozilla Calendar with Thunderbird / Firefox
Has anyone gotten this to work yet? I've got the latest TB / FF from the ports and I'm running 5.3Beta3 and it doesn't work. I get the standard ICAL Component is not registered properly error or some might know it as TypeError: Components.classes['@mozilla.org/ical-container;1'] Does it have something to with this being a linux release and you have to fix the code to work on FreeBSD? Help here would be great, thanks! -- -Jason Porter Real Programmers think better when playing Adventure or Rogue. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IP address conflicts
-Original Message- From: Matthew Seaman [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 12:52 AM To: Ted Mittelstaedt Cc: Tim Aslat; [EMAIL PROTECTED] Subject: Re: IP address conflicts Please do not ascribe such motives to me in such an insulting manner. You have a point, but you need to learn how to be less inflammatory in making it. Alright, alright, I'm sorry now quit taking it personally. My advice is worth exactly what you paid for it. How much was that, again? Yes, you are quite right. I missed that. However the OP is stuck between a rock and a hard place. He (or his school) is saying they can't afford the correct equipment to really solve the problem. We, from my viewpoint, HE is saying that his school doesen't have the money. I didn't read anywhere that he was actually told flat out that they didn't have the money. fine line there. My suspicions are that his school has done an excellent job of giving him the IMPRESSION that they have no money, so don't bother asking for any. It is an impression that schools carefully cultivate. I'm so broke, we are so broke, wahhh wahhh wahhh. poor us. Schools cultivate this because it gets more alumni donations. But, if you look under the covers, schools always seem to have plenty of money to renovate buildings, and as a student, every time you turn around there's someone from the school with their hand out asking for another fee to be paid. For the last 20 years (since I left college) I've heard the same crying and pissing every fall from them. But they haven't dried up and blown away and always seem to have plenty of new programs going on. So, pardon me if it gets old after a while. Now, the elementary and secondary schools, that's an entirely different matter. On consideration, it strikes me that the thing to realise is that this has gone beyond a technical argument. This is now also a political argument and a financial argument. I would say discussion not argument here. And your absolutely correct. His bosses do not either see the justification for investing in equipment to make the network proof against such attacks, neither do they have the incentive to come down like a ton of bricks on the malefactors. It's counter-intuitive I know, and goes against all of the best instincts of any good systems administrator, but the OPs arguments would be strengthened if the problem was or /appeared to be/ *worse* than it is currently. Of course. But, the only people that do that are grotty old nasty systems administrators that have a resume that stretches into next week, and command 6 figure salaries. The people that run schools are scared to death of those people and run away from them as fast as they can, because they know that those folks can topple the system. Systems aren't toppled by young, green, wet behind the ears system admins that work for peanuts and are enormously grateful to their employers for getting the chance to gain work experience, little realizing that their employers couldn't give a fig how grateful they are, and only hire them because they work cheap. Every once in a while you get that rare combination of a young, green wet behind the ears system admin that works for peanuts and also knows that peanut jobs are a dime a dozen, and knows his employer is taking advantage of him, and is clever enough to make it -seem- like he isn't doing anything to topple the system - yet somehow the system seems to topple by itself. Amazing, how that happens. Heh Heh Heh. Ted ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: pf for FreeBSD
Hi, hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ I'm using pf without a problem. Not sure what exact version of FreeBSD 5.x you're using. According to /usr/src/UPDATING Since 08-Mar-2004 pf has been part of the base system and doesn't require the pf port to be installed. So, a way forward could be to ensure you've updated to latest 5.x version (cvs tag RELENG_5). Then I suggest you read /usr/src/UPDATING as it also contains some info on the pf groups users required. I have the following devices in my kernel: device PFIL_HOOKS device pf device pflog I have the following in /etc/rc.conf: pf_enable=YES pflog_enable=YES pf_rules=Path to rules You will also need the authpf group and the _pflogd user group. You can get the details by downloading the latest source and checking the passwd group files under /usr/src/etc. in /etc/passwd: _pflogd:*:64:64:pflogd privesp user:/var/empty:/usr/sbin/nologin in /etc/group: authpf:*:63: _pflogd:*:64: I will leave it to you on how you generate a ruleset. Personally I use fwbuilder.org . Thanks, Phil. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ntop question
Hi, I installed ntop 3.0 from the ports. I am running 5.2.1-10 But /usr/local/etc/rc.d/ntop.sh start does not create a daemon, . instead. ntop starts a connection to 131.114.21.22 on port 80. making a connection to that ip it appears its the website of Luca Deri himself. Very nice of course, but i hoped ntop would start sniffing and opening a webserver on port 3000. What is going on? Any hints? Bye, Mipam. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: pf for FreeBSD
Hello, i'm using 5.2.1 and i want to recompile pf to take advantage of ALTQ. This was the reason for reinstalling. What about that prefix in startup script ... this is were i have no clues ... what's the path ... And another thing ... if i want to install pf now it says that is allready installed ... strange ... because i can't find it now, not the binaries nor the modules . Cristi Hi, hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ I'm using pf without a problem. Not sure what exact version of FreeBSD 5.x you're using. According to /usr/src/UPDATING Since 08-Mar-2004 pf has been part of the base system and doesn't require the pf port to be installed. So, a way forward could be to ensure you've updated to latest 5.x version (cvs tag RELENG_5). Then I suggest you read /usr/src/UPDATING as it also contains some info on the pf groups users required. I have the following devices in my kernel: devicePFIL_HOOKS devicepf devicepflog I have the following in /etc/rc.conf: pf_enable=YES pflog_enable=YES pf_rules=Path to rules You will also need the authpf group and the _pflogd user group. You can get the details by downloading the latest source and checking the passwd group files under /usr/src/etc. in /etc/passwd: _pflogd:*:64:64:pflogd privesp user:/var/empty:/usr/sbin/nologin in /etc/group: authpf:*:63: _pflogd:*:64: I will leave it to you on how you generate a ruleset. Personally I use fwbuilder.org . Thanks, Phil. --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IP address conflicts
Ted Mittelstaedt wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Matthew Seaman Sent: Monday, September 27, 2004 2:22 AM To: Tim Aslat Cc: [EMAIL PROTECTED] Subject: Re: IP address conflicts On Mon, Sep 27, 2004 at 08:51:47AM +0930, Tim Aslat wrote: I have an annoying situation in a school I do casual work in their IT department. There are a number of individuals within the system who think it's funny to allocate an IP address on a workstation identical to the network's proxy/web/mail servers. What I'd like to know is, would there be any way of preventing this short of spending quite a lot of money on managed switches an the like? Well, you could move all of the servers onto a separate network to any of the individual client machines (and make sure that the server network isn't accessible from any of the network ports your clients have access to, clearly). That way, even if one of your pet idiots decides to 'borrow' a server IP address, the network routing means that all they are going to do is hurt themselves. You must want to HELP the little shits then. Think of this for a second. Right now he has maybe 4-5 different servers that people are putting the IP numbers on. Once you move all those servers onto a separate subnet, now all the little twits have to do is put the IP number of the gateway router onto their systems, then the entire subnet that ALL the servers are on becomes inaccessible. It's nice to hear of kids understanding enough of their IT systems to do this sort of thing, and this is what they'll do if they can. But why can the pupils alter their network settings at all? Assuming they have Windows machines, the registries can be tweaked to deny access to network settings and other things that creative minds can play games with. This can be done through their network logins. Peter. -- the circle squared network systems and software http://www.circlesquared.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: regex replacement wizard advice needed
On Monday 27 September 2004 21:28, Gary Kline wrote: I have a document with numbered paragraphs, the numbers to the far left of each paragraph. Is there a perl s/NNN/BNNN//BBR/g means I can use from the CL or as a script to make this doc more easy (for me) to read. The document is formatted like this: 1 Paragraph1. 2 Paragraph2. ... 29 Paragraph29. ... 747 Paragraph747. I would like it to be like this: B1/BBR Paragraph1. B2/BBR Paragraph2. ... B29/BBR Paragraph29. ... B747/BBR Paragraph747. I'd rather take something like: (echo htmlheadtitleTitle/title/headbodyh1Title/h1ol; perl -n -e '[EMAIL PROTECTED](.*$)@lip$1/p/li@;print' input.txt; echo /ol/body/html) output.html Without the line breaks, of course. Semantic markup and valid HTML 2.0. Regards Fabian ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache upgrads thrashing certs; index.html.* crud
On Mon, Sep 27, 2004 at 05:39:18PM -0500, Dan Rue typed: Hey Fellas, Whenever I do an apache upgrade - whether it be apache 1.3 or apache 2, it always spews all these index.html.language files in my web root that I have to go in and remove - but more annoyingly it overwrites my certs in /usr/local/etc/apache[2]/ssl.*. What gives? To avoid this I allways put the DocumentRoot of a webserver in a non-default location, e.g. under /home/www. Same goes for the certificates: SSLCertificateFile /usr/local/ssl/certs/apache.crt SSLCertificateKeyFile /usr/local/ssl/private/apache.key cheers, Ruben There a command line option I should be usign to prevent such madness? Dan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: pf for FreeBSD
Hi, I'm not sure of the dates of when 5.2.1 was released to tell you for sure whether pf is available in the kernel or not. I only started using 5.x when 5.3-Beta was released and pf has always been available in kernel for me. Never used the port. To check if pf is installed/available you could try the command line via which pf is configured i.e. # pfctl -sa (i.e. show all currently configured options for pf). To check if its available in the base system you could try configuring a kernel with the devices in my previous email and see if they're accepted. Thanks, Phil. -Original Message- From: Cristi Tauber [mailto:[EMAIL PROTECTED] Sent: 28 September 2004 11:19 To: Philip Payne Cc: FreeBSD Question Subject: RE: pf for FreeBSD Hello, i'm using 5.2.1 and i want to recompile pf to take advantage of ALTQ. This was the reason for reinstalling. What about that prefix in startup script ... this is were i have no clues ... what's the path ... And another thing ... if i want to install pf now it says that is allready installed ... strange ... because i can't find it now, not the binaries nor the modules . Cristi Hi, hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ I'm using pf without a problem. Not sure what exact version of FreeBSD 5.x you're using. According to /usr/src/UPDATING Since 08-Mar-2004 pf has been part of the base system and doesn't require the pf port to be installed. So, a way forward could be to ensure you've updated to latest 5.x version (cvs tag RELENG_5). Then I suggest you read /usr/src/UPDATING as it also contains some info on the pf groups users required. I have the following devices in my kernel: device PFIL_HOOKS device pf device pflog I have the following in /etc/rc.conf: pf_enable=YES pflog_enable=YES pf_rules=Path to rules You will also need the authpf group and the _pflogd user group. You can get the details by downloading the latest source and checking the passwd group files under /usr/src/etc. in /etc/passwd: _pflogd:*:64:64:pflogd privesp user:/var/empty:/usr/sbin/nologin in /etc/group: authpf:*:63: _pflogd:*:64: I will leave it to you on how you generate a ruleset. Personally I use fwbuilder.org . Thanks, Phil. --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ruby coredumping in 4.10 w. ports utils
Hey All What's the deal with ruby coredumping all over the place when using pkgdb -F and portsdb -Uu under 4.10 these days? I've read a bit about it and how you can possibly get around it eith either sorting the INDEX-5 file or randomizing it with rl. This strikes me as being a horrible kluge. Anyone got any ideas at to how to fix it properly? I have it happening using pkgdb -F and portsdb -Uu on two different machines. I seem to have just gotten around it by removing the whole ports tree and cvsupping a new one on one machine, I'm going to try that on another as well. Cheers, -- Irvine Short Sys Admin SANBI, University of the Western Cape, South Africa http://www.sanbi.ac.za tel: +27-21-959 3645 cel: +27-82-494 3828 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf for FreeBSD
Why not just run OpenBSD if you want to use pf? I use both Free and OpenBSD. But, pf is much easier to set up on OpenBSD. Just install OpenBSD, enable routing, enable pf in rc.conf and you are done. Shane - Original Message - From: Cristi Tauber [EMAIL PROTECTED] To: FreeBSD Question [EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 12:54 AM Subject: pf for FreeBSD hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ Cristi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf for FreeBSD
Hello, it crossed my mind to run openBSD but i have to reinstall the server and the applications (mysql, qmail,etc ...) and besides that ... i know that openbsd can't take advantage of SMP servers. I don't know if newer versions 'see' SMP but an older (i don't precisely know the version but it was the lastest i got in january this year) one i was trying to setup can't ! Cristi Why not just run OpenBSD if you want to use pf? I use both Free and OpenBSD. But, pf is much easier to set up on OpenBSD. Just install OpenBSD, enable routing, enable pf in rc.conf and you are done. Shane - Original Message - From: Cristi Tauber [EMAIL PROTECTED] To: FreeBSD Question [EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 12:54 AM Subject: pf for FreeBSD hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ Cristi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. --- This message and its contents have been scanned and certified for transmission as being free from malicious code by eTrust Antivirus. This message may contain confidential, privileged or other legally protected information. It is intended for the addressee(s) only. If you are not the addressee, or someone the addressee authorized to receive this message, you are prohibited from copying, distributing or otherwise using it. Please notify the sender and return it.Thank you. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: pf for FreeBSD
The fact you only have to maintain one OS is one great advantage. One ports tree, one system to patch for security updates. The learning curve to use FreeBSD's pf is negligible imo. As long as kernel support is compiled in for it, and you have the users in your /etc/passwd it just works. Least for me as I have been using it since it was introduced as a kernel kld, and sometime shortly after it became a native module to freebsd. Its imo easier to maintain that say ipfw, as well as faster. -Original Message- From: shane mullins [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 2:34 PM To: Cristi Tauber Cc: [EMAIL PROTECTED] Subject: Re: pf for FreeBSD Why not just run OpenBSD if you want to use pf? I use both Free and OpenBSD. But, pf is much easier to set up on OpenBSD. Just install OpenBSD, enable routing, enable pf in rc.conf and you are done. Shane - Original Message - From: Cristi Tauber [EMAIL PROTECTED] To: FreeBSD Question [EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 12:54 AM Subject: pf for FreeBSD hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ Cristi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: pf for FreeBSD
IMHO its not very hard in FreeBSD 5.3 either now its in the base. The only additional step to what you describe below is adding the kernel options building/installing the kernel to include them, which is only 2 commands. However, some of the log analysis ports I've tried (fwanalog... another the name of which slips my mind, damn) do not work with the FreeBSD implementation of tcpdump :-( I suppose, with OpenBSD's complete focus on security if I was building a dedicated firewall I would very probably select OpenBSD. Depends what other things Cristi is using FreeBSD for. Phil. -Original Message- From: shane mullins [mailto:[EMAIL PROTECTED] Sent: 28 September 2004 13:34 To: Cristi Tauber Cc: [EMAIL PROTECTED] Subject: Re: pf for FreeBSD Why not just run OpenBSD if you want to use pf? I use both Free and OpenBSD. But, pf is much easier to set up on OpenBSD. Just install OpenBSD, enable routing, enable pf in rc.conf and you are done. Shane - Original Message - From: Cristi Tauber [EMAIL PROTECTED] To: FreeBSD Question [EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 12:54 AM Subject: pf for FreeBSD hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with make WITH_ALTQ=yes make install after a deinstall I can't install it anymore, the install crashes with the error that is allready installed !! What can I do ??/ Cristi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How can I route through a pc that is also using a router??
My workstation and the testmachine both belongs to the same subnet: Here are the details: workstation -- 10.10.8.110 testmachine -- 10.10.8.111 Gateway -- 10.10.8.254 DNS --- 202.90.128.3 202.90.158.101 Proxy --- 202.90.128.14 Port: 3128 First, enable bridging in your kernel, by adding: options BRIDGE Then add the following to /etc/sysctl.conf: net.link.ether.bridge.enable=1 net.link.ether.bridge_ipfw=1 net.link.ether.bridge_cfg=xl0,xl1 ...assuming xl0 and xl1 are your two physical interfaces. If you do not have IPFW enabled on the test gateway, leave out the line that says bridge_ipfw=1 in sysctl.conf. You can't route through the test gateway, as it is on the same subnet as everything else (both sides of it), so you must bridge it. Now you are in a position to tap into the bitstream for ALL network traffic. HTH, Steve --- Andrew [EMAIL PROTECTED] wrote: Hi! Describe the test-machine, please. If both workstations are on the same subnet, you should probably configure the test-machine as an ip-forwarder or even as an ethernet-level bridge. If your personal workstation is on a different subnet, which is not serviced by proxy or dns, you should configure NAT on the test-machine. In general, there's little problem in cascading gateway installations. Regards, Andrew P. Good day! I have two workstations at work, 1 my personal, and the other, a test machine. My boss told me to configure a pcrouter, that is, the testmachine and let my personal pc connect through the internet through the testmachine: Here's the scenario: The testmachine already knows how to connect through the outside world but, also through a gateway testmachine(10.10.8.111)---gateway(10.10.8.254)[proxy][DNS]-- --internet And to let my pc connect to the internet through the testmachine, I've set its default gateway to the ip of the test machine. But it doesn't seem to work. When I tried to lauch my browser, the error indicates that it cannot seem to find its way to the proxy server. I've tried adding another line in my routing table like this: Destination Gateway proxy(202.90.128.14) testmachine(10.10.8.111) But it still won't work. Do you know what i've been missing here? I'm thinking perhaps the test machine should connect to the internet directly without using a gateway anymore.. Any idea? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IP address conflicts
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 For what it's worth, aside from some reconfiguration that could be a little time consuming, I would suggest putting the servers on a different subnet that everything else. If all the computers that are not servers are supposed to be configured for DHCP, insert a FreeBSD box that filters out any addresses outside that subnet. i.e. Server IP addresses are all 192.168.1.0 thru 192.168.1.50. Set your DHCP server to only assign IP addresses above 192.168.1.75 and up or so. I'm too lazy to do the math right now, but use the appropriate subnet mask and filter all the other stuff out. Aside from those students disrupting some of the other users on the network, they can't spoof the servers anymore. Just my $.02. - - Eric F Crist Secure Computing Networks -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) iEYEARECAAYFAkFZaTAACgkQRAAY9knOW+qSsACghfRW0BGQg5Rq9tShVcTbcxzY C1IAn3FEjWy1BS4ROedTsC3MKIJehoOm =8XMh -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[OT] Re: pf for FreeBSD
Hi Cristi, it crossed my mind to run openBSD but i have to reinstall the server and the applications (mysql, qmail,etc ...) and besides that ... i know that openbsd can't take advantage of SMP servers. I don't know if newer versions 'see' SMP but an older (i don't precisely know the version but it was the lastest i got in january this year) one i was trying to setup can't ! http://www.openbsd.org/36.html#new 3.6 is in CVS and will be released November 1. I believe that if you hurry and install a snapshot from September 17 or before, you'll be able to jump to 3.6. Don't take my word for it, though. Bye... Nico ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
View dummynet connections
Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem with USB Still...
I figured out that my pi-detach script wasn't working correctly so I fixed that but now it still is not run when the USB PDA is detached. Following is the console output. ucom0: Palm, Inc. Palm Handheld, rev 1.00/1.00, addr 2 ucom0: Palm, Inc. Palm Handheld, rev 1.00/1.00, addr 2 tmm324 ppp[864]: tun0: Error: Bad option length 0 (out of phase?) ucom0: ucomreadcb: IOERROR ucom0: at uhub0 port 1 (addr 2) disconnected ucom0: still open, forcing close ucom0: detached It seems to me that when the device is forced closed like that the script doesn't run. Any ideas? Thomas Moyer [EMAIL PROTECTED] DracoYung ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: View dummynet connections
ipfw pipe list Regards S. On Tue, 28 Sep 2004 19:40:55 +0530, Siddhartha Jain [EMAIL PROTECTED] wrote: Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: View dummynet connections
I know that command but it doesn't seem to do the job. It doesn't show me the active connections thru/to the box. Cheers, Siddhartha Subhro wrote: ipfw pipe list Regards S. On Tue, 28 Sep 2004 19:40:55 +0530, Siddhartha Jain [EMAIL PROTECTED] wrote: Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
newsyslog.conf question
Hello all, Having read the man page for this file's configuration, I notice there is not an option to digitally sign the logs on rotation using PGP/GPG. Is there a workaround? or are there plans to add this functionality to future versions, like 5.3 -STABLE? Thanks, Ron Clark ___ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Very very slow
On Tue, 28 Sep 2004 10:08:01 +0200 Albert Shih [EMAIL PROTECTED] wrote: Le 27/09/2004 à 19:14:57-0500, Kevin D. Kinsey, DaleCo, S.P. a écrit Kris Kennaway wrote: On Mon, Sep 27, 2004 at 10:16:38AM +0200, Albert Shih wrote: 32 sec to do cd /usr/src time find . -type f -print /dev/null and on other computer I just need 0.8 sec to do that. I don't believe that, unless you already have all of /usr/src in cache. 32 seconds seems quite normal for searching and reading ~55000 directory entries (on the machine I just tried it took 42 seconds). Anyway, but on this computer I need ~ 10 hours to do make buildworld, and I think.it's verrryyy long. The current mailing list may be useful as well as possibly waiting two weeks or so for 5.3 to become stable. Also dmesg could possibly be handy too. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FTP command line syntax
I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' It looks like ftp is not aware of the man page and wants the server where the login info is supposed to be. I've tried several variations of the line with no luck. Any help? --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
need to download freeBSD
Dear users support I'm new to FreeBSD, can any body give me the URL to download FreeBSD Best Regards Noorazmi Omar Kuala Lumpur Malaysia - ALL-NEW Yahoo! Messenger - all new features - even more fun! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD 5.2: kernel routine for open, close, ioctl
Hi all, I want to open a /home/user/info.txt file from kernel module itself. Is there any interface to perfrom open, close and ioctl call ? I know that on linux filp_open calls exist. I'm looking for the same kind of interface.. Any pointers would be of great help. thanx and regards, chenheng ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
In the last episode (Sep 28), Steve Suhre said: I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' Works for me: $ ftp ftp://doesnt:[EMAIL PROTECTED]/path Connected to ftp.gftp.netscape.com. 220-35 220 ftpnscp.newaol.com FTP server (SunOS 5.8) ready. 331 Password required for doesnt. 530 Login incorrect. ftp: Login failed. ftp: Can't connect or login to host `ftp.netscape.com' 221 Goodbye. $ What version of FreeBSD are you running? -- Dan Nelson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
Steve Suhre wrote: I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I needed the same sort of functionallity, found it with jmirror in ports/ftp/jmirror Hope this helps Regards, Gary Hayers ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
On Tue, 28 Sep 2004 09:04:34 -0600 Steve Suhre [EMAIL PROTECTED] wrote: If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' It looks like ftp is not aware of the man page and wants the server where the login info is supposed to be. I've tried several variations of the line with no luck. Any help? The above command works for me (FreeBSD 5.2.1, i386). I have to give the path _relative to my login-directory_. [EMAIL PROTECTED]:~:: ftp ftp://krylon:[EMAIL PROTECTED]/distinfo Connected to wintermute. 220- 220 wintermute FTP server (NetBSD-ftpd 20020615) ready. 331 Password required for krylon. 230- NetBSD 1.6.2_STABLE (WINTERMUTE) #7: Sun Sep 26 02:09:00 CEST 2004 Welcome to NetBSD on wintermute! 230 User krylon logged in. Remote system type is UNIX. Using binary mode to transfer files. 200 Type set to I. local: distinfo remote: distinfo 229 Entering Extended Passive Mode (|||65528|) 150 Opening BINARY mode data connection for 'distinfo' (110 bytes). 100% |**| 110 7.94 KB/s00:00 ETA 226 Transfer complete. 110 bytes received in 00:00 (1.09 KB/s) 221- Data traffic for this session was 110 bytes in 1 file. Total traffic for this session was 953 bytes in 1 transfer. 221 Thank you for using the FTP service on wintermute. [EMAIL PROTECTED]:~:: So if I wanted to grab the kernel-image from that machine I would have to say: ftp ftp://krylon:[EMAIL PROTECTED]/../../netbsd (My login-directory is, of course, /home/krylon.) Kind regards, Benjamin -- If cars had improved at [the computer industry's] rate, a Rolls Royce would now cost 10 dollars and get a billion miles per gallon. (Unfortunately, it would probably also have 200-page manual telling how to open the door.) -- Andrew Tanenbaum, Introduction To Distributed Systems ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
Thanks, wish I could say the same I'm running 4.6 on this machine. The man pages in 4.6 give the syntax so I assumed it would work. I tried fetch also and got a parsing error. I'll try grabbing a newer version of ftp and/or fetch and see if that works. At 09:12 AM 9/28/2004, you wrote: In the last episode (Sep 28), Steve Suhre said: I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' Works for me: $ ftp ftp://doesnt:[EMAIL PROTECTED]/path Connected to ftp.gftp.netscape.com. 220-35 220 ftpnscp.newaol.com FTP server (SunOS 5.8) ready. 331 Password required for doesnt. 530 Login incorrect. ftp: Login failed. ftp: Can't connect or login to host `ftp.netscape.com' 221 Goodbye. $ What version of FreeBSD are you running? -- Dan Nelson [EMAIL PROTECTED] --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FTP command line syntax
Try ncFTP. GREAT commandline client with resume and more features.. -Original Message- From: Steve Suhre [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 5:42 PM To: [EMAIL PROTECTED] Subject: Re: FTP command line syntax Thanks, wish I could say the same I'm running 4.6 on this machine. The man pages in 4.6 give the syntax so I assumed it would work. I tried fetch also and got a parsing error. I'll try grabbing a newer version of ftp and/or fetch and see if that works. At 09:12 AM 9/28/2004, you wrote: In the last episode (Sep 28), Steve Suhre said: I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' Works for me: $ ftp ftp://doesnt:[EMAIL PROTECTED]/path Connected to ftp.gftp.netscape.com. 220-35 220 ftpnscp.newaol.com FTP server (SunOS 5.8) ready. 331 Password required for doesnt. 530 Login incorrect. ftp: Login failed. ftp: Can't connect or login to host `ftp.netscape.com' 221 Goodbye. $ What version of FreeBSD are you running? -- Dan Nelson [EMAIL PROTECTED] --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: need to download freeBSD
On 09/28/04 06:51, Noorazmi Omar wrote: Dear users support I'm new to FreeBSD, can any body give me the URL to download FreeBSD Best Regards Noorazmi Omar Kuala Lumpur Malaysia Hello, welcome to FreeBSD! Please check the main site: http://www.freebsd.org/ Direct link to Obtaining FreeBSD in FreeBSD Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mirrors.html Regards, Karol -- Karol Kwiatkowski freebsd at orchid dot homeunix dot org ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How do I turn off preemption (getting TIMEOUT - WRITE_DMA)
I am getting TIMEOUT - WRITE_DMA messages on my ad2 and ad3 hard-drives. I never get them on ad0 or the CD drive. I did some searching, and it sounds like I need to turn of preemption in the kernel. I'm running 5.3-BETA4 on the computer. I am going to guess this is turned on for the beta-testing. Any ideas? I just started running 5.x last night. %-) thx! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FTP command line syntax
Thanks to all, ncftp worked with a .netrc file. I'm good to go. At 09:49 AM 9/28/2004, [EMAIL PROTECTED] wrote: Try ncFTP. GREAT commandline client with resume and more features.. -Original Message- From: Steve Suhre [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 5:42 PM To: [EMAIL PROTECTED] Subject: Re: FTP command line syntax Thanks, wish I could say the same I'm running 4.6 on this machine. The man pages in 4.6 give the syntax so I assumed it would work. I tried fetch also and got a parsing error. I'll try grabbing a newer version of ftp and/or fetch and see if that works. At 09:12 AM 9/28/2004, you wrote: In the last episode (Sep 28), Steve Suhre said: I need to set up a cron job that will fetch a file using ftp and a password. I've tried several versions of the commands as described in the man page and the Auto-Fetch section but I'm getting an error that makes me think I'm missing something... If I use the suggested syntax: ftp ftp://user:[EMAIL PROTECTED]/path I get:Can't locate or login to host `user' Works for me: $ ftp ftp://doesnt:[EMAIL PROTECTED]/path Connected to ftp.gftp.netscape.com. 220-35 220 ftpnscp.newaol.com FTP server (SunOS 5.8) ready. 331 Password required for doesnt. 530 Login incorrect. ftp: Login failed. ftp: Can't connect or login to host `ftp.netscape.com' 221 Goodbye. $ What version of FreeBSD are you running? -- Dan Nelson [EMAIL PROTECTED] --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I turn off preemption (getting TIMEOUT - WRITE_DMA)
On Tue, Sep 28, 2004 at 12:15:54PM -0400, bsdfsse wrote: I am getting TIMEOUT - WRITE_DMA messages on my ad2 and ad3 hard-drives. I never get them on ad0 or the CD drive. I did some searching, and it sounds like I need to turn of preemption in the kernel. I'm running 5.3-BETA4 on the computer. I am going to guess this is turned on for the beta-testing. Any ideas? I just started running 5.x last night. %-) Update to the latest beta, which has a fixed ata driver. Kris pgpwrFg5cIYb3.pgp Description: PGP signature
connections from dialup IP's
Hello, Last evening i had a pretty determined dialup user try to ssh in to my system as root, the logs showed he tried for over 15 minutes. What i'd like to know is is there a way of dropping a connection from an IP if it connects more than x times in a minute? Or any other suggestions of dealing with this? I did a host lookup on the IP, 211.206.125.39 which came back not found which kind of tells me he got offline. Suggestions welcome. Also i'm not familiar with the .kr domain i'd like to block connections from that one as well, same reason this one 4 minutes 165.132.58.56 Thanks. Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: connections from dialup IP's
dave [EMAIL PROTECTED] wrote: Hello, Last evening i had a pretty determined dialup user try to ssh in to my system as root, the logs showed he tried for over 15 minutes. What i'd like to know is is there a way of dropping a connection from an IP if it connects more than x times in a minute? Or any other suggestions of dealing with this? I did a host lookup on the IP, 211.206.125.39 which came back not found which kind of tells me he got offline. Suggestions welcome. Also i'm not familiar with the .kr domain i'd like to block connections from that one as well, same reason this one 4 minutes 165.132.58.56 A whois lookup will tell you what IPs belong to a particular domain. You can then use the technique of your choice to block them, whether it be packet filter or host.allow-like functionality. I usually just add an ipfw rule, myself, but you've got lots of choices. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
In the last episode (Sep 28), Steve Suhre said: Thanks to all, ncftp worked with a .netrc file. I'm good to go. For strictly batch purposes, ncftpget lets you specify everything on the commandline without requiring a .netrc, and returns a more specific error-code that helps you narrow down the cause of a failure. -- Dan Nelson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
enigmime doesn't install in 5.3BETA3
Not sure if this one belongs in current, but I sent it to questions as well. I'm trying to get enigmail to work in thunderbird (latest from ports) but it won't install. I've tried installing in thunderbird and firefox, but I don't get anything. It looks like it goes through the install process, but there aren't any windows that pop up and say it failed or was successful. Then when I try to use enigmail it says that enigmime wasn't installed. Not sure what to do here, anyone? Thanks -- -Jason Porter Real Programmers think better when playing Adventure or Rogue. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: connections from dialup IP's
On Tuesday 28 September 2004 17:43, dave wrote: Hello, Last evening i had a pretty determined dialup user try to ssh in to my system as root, the logs showed he tried for over 15 minutes. What i'd like to know is is there a way of dropping a connection from an IP if it connects more than x times in a minute? Or any other suggestions of dealing with this? I did a host lookup on the IP, 211.206.125.39 which came back not found which kind of tells me he got offline. Suggestions welcome. Also i'm not familiar with the .kr domain i'd like to block connections from that one as well, same reason this one 4 minutes 165.132.58.56 Thanks. One thing I think you should do is edit sshd_config to disallow direct root logins, I thought that was the default. You can still su to root, unless you disallow the wheel group. I have it setup so users have to be in a dedicted ssh-users group. I think you can force sshd to use login, which gives you some back-off options (see man login.conf). Another thing is to configure your firewall to allow ssh only from specified hosts or ip ranges. Take a look at the ipfw articles here: http://www.onlamp.com/topics/bsd/firewalls ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IP address conflicts
-Original Message- From: Eric Crist [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 6:38 AM To: Ted Mittelstaedt Cc: russell; bsdfsse; [EMAIL PROTECTED] Subject: Re: IP address conflicts -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 For what it's worth, aside from some reconfiguration that could be a little time consuming, I would suggest putting the servers on a different subnet that everything else. If all the computers that are not servers are supposed to be configured for DHCP, insert a FreeBSD box that filters out any addresses outside that subnet. i.e. Server IP addresses are all 192.168.1.0 thru 192.168.1.50. Set your DHCP server to only assign IP addresses above 192.168.1.75 and up or so. I'm too lazy to do the math right now, but use the appropriate subnet mask and filter all the other stuff out. Aside from those students disrupting some of the other users on the network, they can't spoof the servers anymore. No, they just spoof the IP address of the router that the servers are behind, and accomplish exactly the same goal. It actually makes it easier because instead of multiple servers and multiple IP numbers the attackers need to spoof, they only now need spoof 1 IP number - that of the router the servers are behind. Ted ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PAM and SSH configuration issues
Hi, I have a FreeBSD 5.2.1 box vanilla install. I want to configure ssh to use pam_tacplus to do the authentication. My ssh file in the /etc/pam directory looks like this: %-% # # $FreeBSD: src/etc/pam.d/sshd,v 1.15 2003/04/30 21:57:54 markm Exp $ # # PAM configuration for the sshd service # # auth authrequiredpam_nologin.so no_warn authsufficient pam_opie.so no_warn no_fake_prompts authrequisite pam_opieaccess.so no_warn allow_local #auth sufficient pam_krb5.so no_warn try_first_pass #auth sufficient pam_ssh.so no_warn try_first_pass authrequiredpam_tacplus.so debug try_first_pass #auth requiredpam_unix.so no_warn try_first_pass # account #accountrequiredpam_krb5.so account requiredpam_login_access.so account requiredpam_unix.so # session #sessionoptionalpam_ssh.so session requiredpam_permit.so # password #password sufficient pam_krb5.so no_warn try_first_pass passwordrequiredpam_unix.so no_warn try_first_pass %-% Sometimes this works and sometimes it doesn't work properly. I have a couple of questions. For example, for my userid it works like it should but for the guy in the cube from me, it still requires his old local password. - Once this is working, can I delete the userids our of the passwd file? - As long as the userid is in the groups will SU still work for those users? - Will the user still map to their proper home directory? - I guess that it's a good idea to keep a userid on the box that is non-root but is still stored local in case of any problems? -- Ray Seals [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pkg_add php4 with apache+ssl
Hello, I am running FreeBSD 5.2.1 I have used pkg_add to setup apache with ssl (apache+mod_ssl-1.3.29+2.8.16) Now I am trying to setup PHP4 using pkg_add as well (php4-4.3.4_2) I had to use -force option as php4 looks for apache without mod_ssl. Now when I run apachectl configtest I get the following message: [warn] Loaded DSO modules/libphp4.so uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) I'm not sure I want to get in downloading ports and compiling at this stage. What are my options to fix this situation. Thanks for the help. Abid ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How to set source address for outgoing SSH?
Hi list! I have some problems with an outgoing SSH connection to a machine on my LAN. Connections from the clients to the server work, but not vice versa. The server has two NICs and the connection should normally go through the inside interface, but the connection is initiated with the address of the outside interface instead. As a logical consequence, my firewall (which is running on the server) drops the response, with my outside address being shown in the firewall logs as source for the request, and my inside address being shown as destination for the response. The output of sockstat(1) shows the inside address being used as expected. I already examined the routing tables, to no avail. What else should I check? Regards, Daniela ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem with USB Still...
Thomas Moyer wrote: It seems to me that when the device is forced closed like that the script doesn't run. Any ideas? It's a kernel bug :) I had this same issue a little while bad and after a great deal of searching i found this http://www.freebsd.org/cgi/query-pr.cgi?pr=46488 The patch worked flawlessly for me, so you should try either the patch or simply updating your source and building a new kernel :) -- Mike Woods IT Technician ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: regex replacement wizard advice needed
On Mon, Sep 27, 2004 at 05:23:03PM -0700, Atle Veka wrote: How about something like (assuming space between numbering and paragraph is a tab): perl -pi -e 's,^(\d)\t,B$1/BBR,' filename Atle Right. I could've come up with something like this without digging out my REGEX book. But Tom Embt's example was right on the money. (FWIW, I've learned to never try to explain to non-nerds what a regular expression is. They give me strange looks!) thanks, gary -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to set source address for outgoing SSH?
On Tue, 28 Sep 2004, Daniela wrote: I have some problems with an outgoing SSH connection to a machine on my LAN. Connections from the clients to the server work, but not vice versa. The server has two NICs and the connection should normally go through the inside interface, but the connection is initiated with the address of the outside interface instead. As a logical consequence, my firewall (which is running on the server) drops the response, with my outside address being shown in the firewall logs as source for the request, and my inside address being shown as destination for the response. The output of sockstat(1) shows the inside address being used as expected. man ssh, look at the -b (bind) option. KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IP address conflicts
-Original Message- From: Peter Risdon [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 28, 2004 3:42 AM To: Ted Mittelstaedt Cc: Matthew Seaman; Tim Aslat; [EMAIL PROTECTED] Subject: Re: IP address conflicts It's nice to hear of kids understanding enough of their IT systems to do this sort of thing, and this is what they'll do if they can. But why can the pupils alter their network settings at all? Because they own the machines? Assuming they have Windows machines, the registries can be tweaked to deny access to network settings and other things that creative minds can play games with. This can be done through their network logins. Which they can easily bypass by just not running the login script. The OP said that some of the systems on the network are student-owned laptops and student-owned desktops that students are bringing in from home to plug into the school network. Even if the admin successfully manages to lock out the administrative settings on the laptops, a nuke and repave will take care of that. And there's serious questions about having the authority to do this anyway. The school does not own these systems nor does it have the manpower to administrate all of them, even if every student was happy to turn over administrative control. Sure, you could say that the student has to give up administrative control over his Windows box before getting access to the school servers - but the people that are causing the trouble don't need access to the servers to do this kind of disruption in the first place. All they need is physical acess to a network port and they are in business. They don't even need an IP number assigned to their systems. Ted ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: enigmime doesn't install in 5.3BETA3
On Tue, Sep 28, 2004 at 11:10:01AM -0600, Jason Porter wrote: Not sure if this one belongs in current, but I sent it to questions as well. I'm trying to get enigmail to work in thunderbird (latest from ports) but it won't install. I've tried installing in thunderbird and firefox, but I don't get anything. It looks like it goes through the install process, but there aren't any windows that pop up and say it failed or was successful. Then when I try to use enigmail it says that enigmime wasn't installed. Not sure what to do here, anyone? Thanks It could be just a bug in the latest version. I had trouble with firefox with the latest version on 5.2. A earlier verion did compile. If you can't wait, then you could install one of the precompiled packages that you can download of the ftp server. I don't know the exact commands, so you have to look at the handbook for those. -- Alex Articles based on solutions that I use: http://www.kruijff.org/alex/FreeBSD/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: regex replacement wizard advice needed
On Tue, Sep 28, 2004 at 12:53:12PM +0200, Fabian Keil wrote: On Monday 27 September 2004 21:28, Gary Kline wrote: [[ ... ]] B747/BBR Paragraph747. I'd rather take something like: (echo htmlheadtitleTitle/title/headbodyh1Title/h1ol; perl -n -e '[EMAIL PROTECTED](.*$)@lip$1/p/li@;print' input.txt; echo /ol/body/html) output.html Without the line breaks, of course. This might be closer, plugging in your ;print and Tom's regex, since the doc is plaintext, maybe ASCII. But then I'll want to put P or BR tags before each (\d+) line. Your echo lines are great for turning text into HTML; save some typing. Thanks for the idea. gary Semantic markup and valid HTML 2.0. Regards Fabian -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pkg_add php4 with apache+ssl
On Tue, Sep 28, 2004 at 01:24:10PM -0400, Abid Saigol wrote: I have used pkg_add to setup apache with ssl (apache+mod_ssl-1.3.29+2.8.16) Now I am trying to setup PHP4 using pkg_add as well (php4-4.3.4_2) I had to use -force option as php4 looks for apache without mod_ssl. Now when I run apachectl configtest I get the following message: [warn] Loaded DSO modules/libphp4.so uses plain Apache 1.3 API, this module might crash under EAPI! (please recompile it with -DEAPI) I'm not sure I want to get in downloading ports and compiling at this stage. What are my options to fix this situation. Ummm... downloading ports and compiling. That is your only option for running that combination of software. However, stories of the awfulness of compiling your own software are viciously exaggurated by those that have never had the pleasure of using the ports system. The worst problem you're going to have is the wait to download the ports, and even that can be minimized by installing from one of the FreeBSD installion disks and then by using cvsup(1) as shown in the cvsup FAQ to adopt the installed stuff and update it properly. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpdSrbLLCtRp.pgp Description: PGP signature
tcsh star-up files help needed
Hi, Could someone explain to me what is the order tcsh's star-up file are processed ? The man page is rather unclear for me: The shell may read /etc/csh.login before instead of after /etc/csh.cshrc What I want and doesn't work if entered in /etc/csh.cshrc but works in ~/.cshrc, if possible, is to have the prompt for all users if (${TERM} == 'screen') then set SCREEN_NAME = /${STY:e} else set = '' endif set prompt = ${SCREEN_NAME}. with the intent of having screen(1) session name somewhere in the prompt if the shell runs under screen or nothing if it is not under screen, without having to add the above lines to all users ~/.cshrc Thanks, -- IOnut Unregistered ;) FreeBSD user ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: enigmime doesn't install in 5.3BETA3
Jason Porter wrote: I'm trying to get enigmail to work in thunderbird (latest from ports) but it won't install. From what I know, this port is marked as IGNORE. http://www.freshports.org/mail/enigmail-thunderbird/ I've tried installing in thunderbird and firefox, but I don't get anything. You have tried to install enigmail in Firefox? Isn't that for Thunderbird only? Jochen ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Backup Mail Server Questions
Hi Bill, When I have a choice of punishing idiots or smart people, I punish idiots. When black mode is on, I just want to get them all. ;-) When I arrange fallback MX for people/organisations, they expect their mail to be handled in a delicate, perhaps even 'professional' manner. No mail may be lost, mail must be manageable (within minutes, not hours) at all times. From the outside world, mail seems delivered when it is in fact not, true. However, mail *will* be delivered. So ultimately, mail gets delivered anyhow, I get no calls. Unless it is a mailserver under my supervision that is down. Maybe my fallback MX host. ;-) [The OT part starts here] I disagree just a _little_. I don't _want_ to know, but I feel obligated that I _have_ to know. You'd better make it a hobby then. ;-) political rant My country is rapidly breaking down the social structures that took years of hard work to build up. Health care is getting too expensive, it is said. As long as 'health care' only deals with sick people instead of preventing them becoming sick, this will indeed be the case. /political rant Write up a web page and point people to it. There are a lot of really fine pages already available to which I indeed point people. My own agenda includes other stuff which will be benificial in other ways. [The OT part ends here] Thanks and bye... Nico ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can somebody explain how the autotools are configured in FreeBSD 4.10?
Hi All, I'm hoping somebody can explain to me how to use the autotools (automake, autoconf, libtool, etc.) in FreeBSD 4.10 because plainly I'm doing something quite wrong. I am trying to build turck-mmcache-2.4.6 with PHP 4.3.9 and with this (and other PHP modules) I am continually getting aclocal and libtool related errors, even after installing *all* of the various autoconf and automake options. I see that they are all getting installed with names like autoconf259 and so on so I suspect that it has something to do with the fact that phpize can't figure out what's going on. I've done quite a few web searches looking for info on how to do this sort of thing properly but I can't seem to find anything either on the FreeBSD site or elsewhere. If anyone can point me in the right direction that would be great. Here are some examples of the behavior I'm seeing: --- sol# ./pear install APC downloading APC-2.0.4.tgz ... Starting to download APC-2.0.4.tgz (44,606 bytes) done: 44,606 bytes 35 source files, building running: phpize aclocal: not found `phpize' failed --- sol# which aclocal aclocal: Command not found. sol# which aclocal18 /usr/local/bin/aclocal18 --- I've tried creating a soft link to the various utilities involved but this just results in unresolved m4 macros so I don't think this is a proper solution, even if I could get it working. Any help would be apreciated! -Gabe -- go at quay dot net http://web.quay.net/ http://web.quay.net/gpg/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to set source address for outgoing SSH?
On Tuesday 28 September 2004 17:42, Kevin Stevens wrote: On Tue, 28 Sep 2004, Daniela wrote: I have some problems with an outgoing SSH connection to a machine on my LAN. Connections from the clients to the server work, but not vice versa. The server has two NICs and the connection should normally go through the inside interface, but the connection is initiated with the address of the outside interface instead. As a logical consequence, my firewall (which is running on the server) drops the response, with my outside address being shown in the firewall logs as source for the request, and my inside address being shown as destination for the response. The output of sockstat(1) shows the inside address being used as expected. man ssh, look at the -b (bind) option. I already tried this, but it doesn't work. I guess this option is just to actually transmit the packages over the respective interface, but not to adjust the source address written into the packages. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: View dummynet connections
Give us a view of ipfw pipe list and ipfw -c list Regards S. On Tue, 28 Sep 2004 20:04:41 +0530, Siddhartha Jain [EMAIL PROTECTED] wrote: I know that command but it doesn't seem to do the job. It doesn't show me the active connections thru/to the box. Cheers, Siddhartha Subhro wrote: ipfw pipe list Regards S. On Tue, 28 Sep 2004 19:40:55 +0530, Siddhartha Jain [EMAIL PROTECTED] wrote: Hi, FreeBSD 4.10-RELEASE I am using dummynet in the bridge mode. Is there a way that I can see the active connections going through each pipe in the form of source IP/port and destination IP/port pairs? Thanks, Siddhartha ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Subhro Sankha Kar School of Information Technology Block AQ-13/1 Sector V ZIP 700091 India ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Backup Mail Server Questions
Nico Meijer wrote: Hey Bill, Are you saying that it's better for users not to know that their mail has been delayed? Unfortunately, yes. That is what I am saying. On a technical level, I totally disagree with myself. On a practical, day-to-day operations level I have to admit I'd rather not handle the calls. As a user who understands, to some degree, how email is delivered, and who wouldn't be calling you to fix it, I *STILL* don't want to get those stupid messages: Your email has been delayed for 4 hours... Don't do anything Here's why: A) *I* can't do anything about it -- It's up to some (probably incompetent) admin to fix their computer down the line somewhere. B) It never includes the email I sent, so I've got no clue what message it's bitching about anyway. C) If I'm not supposed to do anything, why are you bugging me? If you can manage to send me an email about the email you can't send, it's obvious that your computer isn't the broken one either. [Okay, I'm sure there's a counter-example to that, but it's not the norm.] D) 99.9% of the time, the email ends of getting where it should go anyway, just later than I had hoped. I've seen USPS take seven (7) months to deliver paper mail. I ain't gonna bitch about a few days delay in email. Now, if you could manage to track down an email address of somebody who is probably/nominally responsible for the machine that isn't working right, and you want to warn them that their machine is toast, go for it! At least then you'd be bugging the person that can actually take some action to do something useful. Probably best to bug them once per X [day|week] about their broken machines, though, since bombarding them with email won't help either. But, hey, that's just my opinion. It *WOULD* be nice also if bounced messages contained the full message -- If I have an alternate way to send it to the recipient, that's WAY more convenient than me digging through my Outbox, which may or may not even be available at the time I receive the bounce anyway. I can't count the times I've gotten a bounce and realized the reconstructing (or finding) the email would be too time-consuming and/or would take too long, but if I had the email to send out again, I could have gotten the message through in time. -- Like Music? http://l-i-e.com/artists.htm ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NIC Driver Hacking
Since so many people gave me on -mobile and -questions gave me so much help, I'd like to *TRY* to continue working on adding support for the Broadcom 4401-B0 to FreeBSD. Here's where I came from: None of my CardBus, NIC, WiFi, etc devices were getting register memory: http://phpbootcamp.com/articles/inspiron700m/dmesg_verbose.txt All hardware worked fine under Windows. Well, as fine as anything works under Windows. :-) Here's where I am: I can use allow_unsupported_io_range and all my devices get identified and assigned what look like valid memory ranges: http://www.phpbootcamp.com/articles/inspiron700m/hw.pci.allow_unsupported_io_range/dmesg.txt Attempting to configure the NIC using ifconfig or the sysinstall GUI locks up the machine completely. So, which of the following most likely describes my current status: A) The unsupported_io_range is fine, but the driver source needs hacking B) I really haven't solved the device register memory issues -- they just *SEEM* to be okay. If it's A) I can start mucking with C code and hopefully not damage my hard drive too much in the process... If it's B) I'm still at a complete loss how to compute valid io_range... Use the Windows numbers, since they work? Use the Linux numbers, since they work? Some kind of tool/monitor to compute a base offset? If it's A) I can also start playing with the CardBus and WiFi with some hope of it working. If it's B) there's not much point in my buying a PCM/CIA WiFi card, now is there, as the Cardbus io_range ain't gonna be any good either, is it?... -- Like Music? http://l-i-e.com/artists.htm ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Repeating keys in XFree86 4.4
Anybody else having this problem, or know how to fix it? After upgrading XFree86 to 4.4 (Gnome 2.6.2) I have had problems with my keyboard. After a few minutes, keys seem to stick, repeating until the next keystroke. Or, a keypress produces no output. Eventually a key gets stuck permanently, forcing a reboot. This never happens in the text mode console, only in X. Just to be sure I tried two other keyboards, with no improvement. CPU is a Dell GX260 To get any work done at all I have disabled key repeat in the Gnome keyboard control panel. Awkward, and keys still drop out. Sounds like a previously reported bug (http://marc.theaimsgroup.com/?l=xfree86m=104879558008189w=2): I've found the solution to a long-standing problem, which for example afflicted users of Sawfish WM. Under certain conditions (in fact during a long enough sync key/board grab), some keys were repeated: Explanation: 1/ XKB-enabled Xfree86 implements key-repeating in software (w/ timers). When a hardware Key Release arrives, the software timer is canceled. 2/ Xfree86 implements key(board) grabs in GrabModeSync by switching a pointer dev-public.processInputProc to either dev-public.enqueueInputProc ... events are put in a queue for later processing or dev-public.realInputProc The problem is, that the public.enqueueInputProc (which is EnqueueEvent() in xc/programs/Xserver/dix/events.c) does not invoke function AccessXCancelRepeatKey(), which cancels the timer. So, if during Sync grab, key Release is signalled/read from kernel(hardware), the timer is not cancelled. Therefore it is run (later), and generates a pair of Release/Press events, and reschedules itself (so it can result in many incorrect key events). ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP command line syntax
Thanks Dan, I tried that and it wouldn't take. The remote server refused the login info using -u and -p. I think this will work for my purposes, the server here needs to download just one file each day. If I run into trouble I'll work on the command line thing some more... At 11:02 AM 9/28/2004, Dan Nelson wrote: In the last episode (Sep 28), Steve Suhre said: Thanks to all, ncftp worked with a .netrc file. I'm good to go. For strictly batch purposes, ncftpget lets you specify everything on the commandline without requiring a .netrc, and returns a more specific error-code that helps you narrow down the cause of a failure. -- Dan Nelson [EMAIL PROTECTED] --- Steve Suhre Antero web technologies 719.634.8161 [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: NTLDR missing after 5-RELEASE install
[ Note to Roman: Please adjust your mail client to wrap lines at more acceptable range of 72-76 characters. Thanks. ] From: Roman Kurakin I've seen this before 5.0 release and made some investigation of this proble. I didn't look this thread carefully so excuse me if information I give to all you is useless. My investigation show that FreeBSD reads full partition table, and after modification puts it back. It fix all entries from its own point of view. Windows dies from change of end of partition entry. As I understand with large disk it shouldn't mean anything at all. But windows checks it. You may save this entry and after installation of FreeBSD put it back. Just like in UFS, there are structures in NTFS that have to be changed if the size of the volume changes. Also like UFS, NTFS doesn't place data sequentially on the disk. A large, mostly-empty, NTFS volume can have data at or near the end of the volume. The slicing issue is well-known with NTFS. A reliable way to add a non-Windows slice to a computer with Windows installed is to use a volume management tool like PM. If you don't need to resize a slice, use the Disk Management administrative tool to create an unformatted partition, then change the media descriptor when you go to install FreeBSD. NT is so picky it's even recommended that you use the NT boot loader. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
panic: ufs_dirbad
Today, I have tried to install FBSD 4.10 on a Gateway 920 Server (Celeron 2.4 GHz, 128 MB RAM, 60 GB Maxtor DiamondMax Plus 9 HDD, two Intel Pro 10/100/1000 NICs). In order to make the server work correctly, I have to boot with hw.hasbrokenint12=1. After setting up the drive (fdisk and disklabel), the install begins just as it should. Shortly after creating the Emergency Holographic Shell, when the installation process starts to copy files, I receive a message stating, panic: ufs_dirbad bad dir syncing disks ... I have tried mutiple CDs downloaded from multiple sources with the same results. When this happens I am unable to use the shell created on VTY 4. I am able to install FreeBSD 4.8 without any problems on this system. Any suggestions would be greatly appreciated. Thanks in advance for your assistance. Jay ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf for FreeBSD
On Tue, 28 Sep 2004 09:54:18 +0200 Cristi Tauber [EMAIL PROTECTED] wrote: hello folks, i want to install the packet filter for FreeBSD so i recompile the kernel with the options : device bpf options PFIL_HOOKS options RANDOM_IP_ID and installed pf from ports ( i did a cvsup before installing to get the latest ports). Now my dilemma is ... in pf start script ... i have to enter a prefix ... but what prefix, 'cause after installing and rebooting the modules that I want to load are still in source directory . I installed pf with Does the prefix by chance refer to the full path to the script (i.e. /usr/local/etc/rc.d/pf.sh)? Read the comments in the script; it will tell you what you need to do to /etc/rc.conf to get things started on bootup. make WITH_ALTQ=yes make install I've been running pf on two separate FBSD 5.2.1 boxes for weeks without adding this switch. Only thing that doesn't work that great is spamd logging but otherwise I prefer pf over ipf and ipfw any day -- even on a ported OS... Cheers, EB ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd-questions@freebsd.org
Hi Guy's I have problem with my floppy always said me : Can't open /dev/fd0: No such file or directory and my floppy disk is corectly installed at my BIOS I haven't problem with Linux or Solaris but i don't know why always happened this on Free BSD Thanks! ... Nicx www.ebox.gr - Dwrea'n E-mail µe 15MB mailbox www.hyperhosting.gr Apokty%ste to diko' sa*s web site µe dw%ro to domain name! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Permssions Question
I have recently decided to switch from CUPS to apsfilter for printing and cannot remember the permssions on /usr/bin/lp, lpq, lpr, and lprm. They were changed to non-executable (through chmod 0) and now I need to set them back to their original values. Can someone tell me what they should be. Thomas Moyer [EMAIL PROTECTED] DracoYung ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions@freebsd.org
On Tue, 2004-09-28 at 18:17, Nicx wrote: Hi Guy's I have problem with my floppy always said me : Can't open /dev/fd0: No such file or directory and my floppy disk is corectly installed at my BIOS I haven't problem with Linux or Solaris but i don't know why always happened this on Free BSD Thanks! ... Nicx www.ebox.gr - Dwrea'n E-mail µe 15MB mailbox www.hyperhosting.gr Apokty%ste to diko' sa*s web site µe dw%ro to domain name! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Try mount /dev/fd0c /mnt (UFS floopy) or mount -t msdos /dev/fd0c /mnt (DOS FAT floppy) It may work if your system is an earlier version; I think it was changed to fd0 in 5.0. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: newsyslog.conf question
At 7:38 AM -0700 9/28/04, Ronnie Clark wrote: Hello all, Having read the man page for this file's configuration, I notice there is not an option to digitally sign the logs on rotation using PGP/GPG. Is there a workaround? or are there plans to add this functionality to future versions, like 5.3 -STABLE? That is not on my list of things to add to newsyslog, but I could certainly put something for this on the list... If I do it, it will show up in 5.3-stable, and possibly even in 4.x-stable (although that is less likely once we have 5.3-stable). What I might add is some generic way to specify a program to run after a log file has been rotated, where newsyslog will specify the name of the (already rotated) log file when it runs the program. -- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute; Troy, NY; USA ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: newsyslog.conf question
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 28, 2004, at 6:04 PM, Garance A Drosehn wrote: At 7:38 AM -0700 9/28/04, Ronnie Clark wrote: Hello all, Having read the man page for this file's configuration, I notice there is not an option to digitally sign the logs on rotation using PGP/GPG. Is there a workaround? or are there plans to add this functionality to future versions, like 5.3 -STABLE? That is not on my list of things to add to newsyslog, but I could certainly put something for this on the list... If I do it, it will show up in 5.3-stable, and possibly even in 4.x-stable (although that is less likely once we have 5.3-stable). What I might add is some generic way to specify a program to run after a log file has been rotated, where newsyslog will specify the name of the (already rotated) log file when it runs the program. This is not something I had really thought of before today, but it would be a very handy feature to have. The PGP/GPG signature or an MD5 hash, something that could be used to verify the integrity of the log file once it's been rotated. Just my $.02. - - Eric F Crist Secure Computing Networks -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (Darwin) iEYEARECAAYFAkFZ8S0ACgkQRAAY9knOW+pDcQCcC/6RyI4NTU++us4teC3KEGgJ VTMAn14BNTrKhLv83KlYlBdDJdp9uk8h =PTBk -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cvsup propagate?
Hi, I was just wondering when a new release of a port comes out how long does it take cvsup to get it and propagate to the other cvsup servers? - Raman ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
getting rid of disk selection on bootup
I have -current installed and I get the following on bootup: F1 FreeBSD F5 Drive 1 Default: F1 I'd like to get rid of that and boot directly to the pitchfork dude. Is there a way to clear that out so it boots without the above selector? TIA, Sean signature.asc Description: This is a digitally signed message part
Re: cvsup propagate?
On Tue, Sep 28, 2004 at 07:53:01PM -0400, Raman said: Hi, I was just wondering when a new release of a port comes out how long does it take cvsup to get it and propagate to the other cvsup servers? It depends how it's configured. Have a look at: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/hubs/mirror-howto.html and check section 3.4 How often should I mirror? for the FreeBSD reccomendations. -- Adam Smith Internode : http://www.internode.on.net Phone : (08) 8228 2999 Dog for sale: Eats lots and is fond of children. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do I turn off preemption (getting TIMEOUT - WRITE_DMA)
Am Dienstag, 28. September 2004 18:36 schrieb Kris Kennaway: On Tue, Sep 28, 2004 at 12:15:54PM -0400, bsdfsse wrote: I am getting TIMEOUT - WRITE_DMA messages on my ad2 and ad3 hard-drives. I never get them on ad0 or the CD drive. I did some searching, and it sounds like I need to turn of preemption in the kernel. I'm running 5.3-BETA4 on the computer. I am going to guess this is turned on for the beta-testing. Any ideas? I just started running 5.x last night. %-) Update to the latest beta, which has a fixed ata driver. Kris Right, but I'd also like to know how I can turn it off. Just for curiosity. Thanks, -Mano ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Gnome administrative interface
I am looking for ways to smooth out administrative tasks under Gnome. Is there a way to configure applications or menu launchers so that when an application requires administrative rights it will prompt, in a nice dialog box, for the administrator password? For example, on my system, Applications / System Tools / Login Screen Setup produces an error dialog You must be the super user (root) to configure GDM. But I don't want to log on as root, and I don't want to require people to open a terminal window and fool around with su and sudo to make it happen. I want it as smooth as it is in OS X. Has anyone done this? Is there a nice, Gnome-like GUI tool for managing users, groups, printers, and network shares? I know about SWAT and WebMin, but what I seek is the Gnome family equivalent. Gary Dunn Honolulu ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
error compile kernel in 5.2.1.Release
Dear all, i have problem with my freebsd 5.2.1RELEASE , when i compile kernel using make buildkernel KERNCONF=MYKERNEL I got this error messages... should i upgrade to 5.3. BETA RELEASE :( or upgrade to 5.2.1.STABLE help me please,... cc -c -O -pipe -mcpu=pentiumpro -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -std=c99 -g -nostdinc -I- -I. -I/usr/src/sys -I/usr/src/sys/dev -I/usr/src/sys/contrib/dev/acpica -I/usr/src/sys/contrib/ipfilter -D_KERNEL -include opt_global.h -fno-common -mno-align-long-strings -mpreferred-stack-boundary=2 -ffreestanding -Werror aic7xxx_reg_print.c bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:189: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:189: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:190: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:190: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:191: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:191: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:192: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:192: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:193: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:193: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:194: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:194: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:195: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:195: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:196: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:196: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:197: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:197: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:198: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:198: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:199: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:199: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:200: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:200: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:201: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:201: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:202: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:202: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:203: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:203: warning: called from here pci_if.h:21: warning: inlining failed in call to `PCI_READ_CONFIG' /usr/src/sys/dev/pci/pcivar.h:213: warning: called from here pci_if.h:32: warning: inlining failed in call to `PCI_WRITE_CONFIG' /usr/src/sys/dev/pci/pcivar.h:219: warning: called from here bus_if.h:39: warning: inlining failed in call to `BUS_READ_IVAR' /usr/src/sys/dev/pci/pcivar.h:234: warning: called from here bus_if.h:50: warning: inlining failed in call to `BUS_WRITE_IVAR' /usr/src/sys/dev/pci/pcivar.h:234: warning: called from here
Re: getting rid of disk selection on bootup
In the last episode (Sep 28), Sean McNeil said: I have -current installed and I get the following on bootup: F1FreeBSD F5Drive 1 Default: F1 I'd like to get rid of that and boot directly to the pitchfork dude. Is there a way to clear that out so it boots without the above selector? That's boot0 (aka booteasy). What you want is an MBR that just chains to the first active partition. Install it with fdisk -B da0, or whatever your devicename is. If you want boot0 back, run boot0cfg -B da0. -- Dan Nelson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gnome administrative interface
On Tue, 2004-09-28 at 10:52, [EMAIL PROTECTED] wrote: I am looking for ways to smooth out administrative tasks under Gnome. Is there a way to configure applications or menu launchers so that when an application requires administrative rights it will prompt, in a nice dialog box, for the administrator password? For example, on my system, Applications / System Tools / Login Screen Setup produces an error dialog You must be the super user (root) to configure GDM. But I don't want to log on as root, and I don't want to require people to open a terminal window and fool around with su and sudo to make it happen. I want it as smooth as it is in OS X. Has anyone done this? The application really has to have support for this (like the gnome-system-tools do). However, you could probably wrap misbehaving applications in sysutils/gnomesu to handle this for time being. Of course, gnomesu is just a su frontend, and not a sudo frontend (like MacOS X). Is there a nice, Gnome-like GUI tool for managing users, groups, printers, and network shares? I know about SWAT and WebMin, but what I seek is the Gnome family equivalent. sysutils/gnomesystemtools. They are not a complete set, but they do offer some of the functionality you seek. Joe Gary Dunn Honolulu ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- PGP Key : http://www.marcuscom.com/pgp.asc signature.asc Description: This is a digitally signed message part
Weekly Teacher Tip Newsletter Welcome Follow-up
We at TeAch-nology would like to take the time to thank you for subscribing to Weekly Teacher Tip Newsletter. We would like to make you aware of all of the resources available via the TeAch-nology network. TEACH-NOLOGY - The Art and Science of Teaching with Technology® represents a vision that embraces the future of teaching in a world driven by technology. Our goal is to actualize this vision by offering a range of services that are designed to assist and support educational agencies in their attempt to develop the knowledge, competencies, or skills that teachers need to effectively incorporate technology in teaching. It is our mission to assist educators in their quest to meet the challenges of the Twenty-First Century Learners: The Net-Generation. The TeAch-nology Network consists of several sites: 1. TeAch-nology.com- http://www.teach-nology.com/ Our main site was founded in 1998. This site is entirely free for all users and consists of: -19,000 reviewed lesson plans: http://www.teach-nology.com/teachers/lesson_plans/ -2,000 reviewed web quests: http://www.teach-nology.com/teachers/lesson_plans/computing/web_quests/ -5,600 printable worksheets: http://www.teach-nology.com/worksheets/ -200,000 reviewed web sites: http://www.teach-nology.com/teachers/ -Rubric generators: http://teach-nology.com/web_tools/rubrics/ -500+ teaching tips: http://www.teach-nology.com/ideas/ -80+ teaching themes: http://teachers.teach-nology.com/themes/ -1,000+ reviewed downloads for Mac and PC: http://www.teach-nology.com/downloads/ -25 educational games: http://www.teach-nology.com/games_start/ -Teacher tools: http://teachers.teach-nology.com/web_tools/ -50+ tutorials specifically for educators: http://www.teach-nology.com/tutorials/ -eReport virtual cards: http://search.teach-nology.com/ecard/ -Free web sites:http://signup.teach-nology.com/ -Monthly guides: http://www.teach-nology.com/monthly/ -2,000+ message, message board: http://teachers.teach-nology.com/cgi-bin/ikonboard//ikonboard.cgi -Today in history: http://search.teach-nology.com/today/today2.pl -Jokes you can tell in class: http://search.teach-nology.com/jokes/hints.pl -Educational Flash Movies: http://www.teach-nology.com/movie/ 2. ExamBuddy.com (Our Latest Greatest Creation)- http://www.exambuddy.com a href=http://www.exambuddy.com; HTML email users click this link to visit /a In 2003, we created our ExamBuddy membership which allows members to create: 30+ online activities, learning games, online quizzes, online calendars, printable tests, class web pages, electronic newsletters, learning units, class surveys. Student progress can be monitored through the automatic item analysis feature that can be used with on-line quizzes and surveys. Development is effortless; just add words and clues. 3. Getworksheets.com (Gold Membership)- http://getworksheets.com/ a href=http://www.getworksheets.com; HTML email users click this link to visit /a In 2002, we created our gold membership in response to overwhelming need for high-quality classroom-ready materials. Our gold membership is now one of the largest subscription-based teacher resource sites on the web! TeAch-nology.com Gold Membership puts the power of countless hours of work at your fingertips in minutes. We offer unlimited access to over 5,000 worksheets, activities, animations, Office® templates, fonts and sounds! What Are Teachers Saying About Our Gold Membership? I wish I knew about this site sooner. I just wasted over $150 of my own money purchasing workbooks for my room. The membership you guys have, is 20% of that, it has all that I need, and it grows. I like the reading themed worksheets you add all the time. Thanks for being there!- Cris M., Grade 4 4. Makeworksheets.com (Platinum Membership)- http://www.makeworksheets.com/ a href=http://www.makeworksheets.com; HTML email users click this link to visit /a Our Teacher Tools Platinum Membership Package is the first of its kind! It provides you with unlimited use of templates and tools to create and save your own customized worksheets, graphic organizers, rubrics, lesson plans, word puzzles, printables, math worksheets, mazes, and much more. You create them, we save them for you on our hard drive for you to access, edit, and print at any time from any Internet location. Just think! No more disks to carry or search for; no more applications to up-grade; no more struggles creating templates for designing great lessons. What Are Teachers Saying About Our Platinum Membership? This platinum membership makes life so much easier! Thanks! - Carol K. 5. Teacherworkbooks.com- http://teacherworkbooks.com/ a href=http://www.teacherworkbooks.com; HTML email users click this link to visit/a At Teacherworkbooks.com, we feature instant downloads of all of our workbooks! Each workbook is professionally edited and digitally delivered to your own personalized download account. As
ad2: TIMEOUT - READ_DMA retrying (2 retries left) LBA=5855
Well, I think I found the problem. FreeBSD 4.x and 5.x do not like my new Asus P4SP-MX (Celeron) motherboard's IDE controller. I fixed this by using a leftover Adaptec 1200A Raid controller as an alternate IDE controller. I plugged the 3 HD's in to the 1200A, and I no longer get the DMA errors. I havent' tried the DVD drive, but I expect I will get the DMA errors, since it is still connected to the mobo. I installed via FTP, so I didn't use the CD's. There was another problem with using some Compaq RAM chips on the Celeron, doing so generates Signal 11's in addition to the DMA errors. I guess I will buy some new RAM for the machine, if the functioning 128MB isn't enough for it. I have another machine, a Compaq Presario 6024 (P4 1.8Ghz). It has 3 big (Western Digital) drives, and is also running FBSD 5.3-Beta6 - and it does *not* get the DMA errors. My laptop (Toshiba 2805-S301) also runs Beta6 fine. Only my Asus P4SP-MX mobo has the DMA errors. thx! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: tcsh star-up files help needed
On Tue, 28 Sep 2004, Ion-Mihai Tetcu wrote: Could someone explain to me what is the order tcsh's star-up file are processed ? The man page is rather unclear for me: The shell may read /etc/csh.login before instead of after /etc/csh.cshrc Normally, tcsh reads its start-up files in the following order: /etc/csh.cshrc /etc/csh.login ~/.tcshrc ~/.cshrc ~/.login You can check this by typing: echo $version If lf doesn't appear in the options list, the order given above is used. What I want and doesn't work if entered in /etc/csh.cshrc but works in ~/.cshrc, if possible, is to have the prompt for all users if (${TERM} == 'screen') then set SCREEN_NAME = /${STY:e} else set = '' endif set prompt = ${SCREEN_NAME}. with the intent of having screen(1) session name somewhere in the prompt if the shell runs under screen or nothing if it is not under screen, without having to add the above lines to all users ~/.cshrc I'd check the contents of $TERM within /etc/csh.cshrc by echoing it to make sure that it is set as expected. Did you? Regards Konrad Heuer GWDG, Am Fassberg, 37077 Goettingen, Germany, [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD hardware specifications
Hi All, I'm new to Linux/Unix. I've installed Fedora Core 1 on my AMD Sempron 1.67, 256 MB, 40GB and 17 monitor. It is running but the CD player does work (No sound) - can anyone help me on this? I'm interested on FreeBSD (download the 4.10) and would like to install it either on this machine or a new machine. Can anyone suggest a suitable machine (with specs so that I can go to the PC shops)? Regards, AA EHSAN Malaysia --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.768 / Virus Database: 515 - Release Date: 9/22/2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]