RE: spammers harvesting emaill address from this list
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Erik Trulsson Sent: Thursday, August 23, 2007 6:52 AM To: fbsd2 Cc: [EMAIL PROTECTED] ORG Subject: Re: spammers harvesting emaill address from this list For this list (freebsd-questions@) in particular it is intentionally and explicitly the case that one does not need to be subscribed to post here. This is because it is the main support forum for FreeBSD, and much documentation exists directing people to ask their questions here. The list admins do have their priorities straight - they just have different priorities than you do. Probably the list admins figure that anyone who posts here is an advanced user type who understands how to setup spam filters that work. Ted ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: READ_DMA Error
During FreeBSD 6.2 installation, the process failed because of errors like the one below: READ_DMA UDMA ICRC error LBA=37505132 I managed to install by setting hw.ata.ata_dma=0 at boot time but the same errors occur after installation and at boot time so I had to put hw.ata.ata_dma=0 in loader.conf and now the system is working. I checked my hard disk which a 80GB Western Digital+ thoroughly and there were no errors reported (using fsck in single user mode). Also I used to install Fedora Linux on this disk without any problems. It looks that disabling DMA caused my disk to work with lower performance. Am I right? If yes, are there any solutions to eliminate those READ_DMA errors while DMA is enabled? PS: Motherboard: ASUS A7V8X-X CPU: Athlon XP 2500 at 1833MHz $ uname -ai FreeBSD attila 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 GENERIC Typically, I've seen the READ_DMA error when a hard drive is going bad or something wrong with the hardware (power supply is failing). But it could be as you've described. I tested with another hard disk, the one on which I'd installed FreeBSD in the past. I put it on another IDE channel but the same things happened. Now I wonder if it's my IDE controller which has problems. Some information about the hardware: # dmesg | grep -E ^ac?d[[:digit:]] ad0: 76319MB WDC WD800BB-00CJA1 17.07W17 at ata0-master PIO4 ad1: 19540MB Maxtor 32049H2 YAC614Y0 at ata0-slave PIO4 acd0: DVDR DVD RW DRU-820A/1.0b at ata1-master UDMA66 acd1: DVDROM DVD-ROM DDU1632/VER BS23 at ata1-slave UDMA33 # sysctl -a | grep ata_dma hw.ata.ata_dma: 0 # sysctl -a | grep atapi hw.ata.atapi_dma: 1 Bahman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: best way to keep track of new developments
intel 3945 wireless ati x1300 graphics I have the intel 3945 on my Sony laptop. Works for me with Damien Bergamini driver 20070121-wpi-freebsd.tar.gz and FreeBSD-6.2-RELEASE. There are a lot of error messages but it works nonetheless. However i suspect that it produces memory corruption in conjunction with the display card, which freezes from time to time when the 3945 is activated and i am running X. I have never seen a crash when the 3945 is shut down or i am running on console. The most recent driver by B. Close is 20070715-wpi-freebsd-7.0-current.tgz but it works only with FreeBSD-7 so i cannot test it. I have tested other B. Close drivers, none worked. As for the video, an Intel card is highly recommended, it works very well on laptops and is sufficiently powerful to run things like compiz. There are very good available video modes on console, contrary to many other models. -- Michel TALON ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: spammers harvesting emaill address from this list
On 8/25/07, Ted Mittelstaedt [EMAIL PROTECTED] wrote: Probably the list admins figure that anyone who posts here is an advanced user type who understands how to setup spam filters that work. Ted ___ Or doesn't; but wants to. I tell people that if they just want a Windows replacement, they should stick with Windows or use a Mac because they want better service from the computer without any growth in skills or responsibilities on their part. A core strength of the *nix operating systems and communities is the administrator/users' desire for control and acceptance of responsibilities that come with that control. System administration is not a spectator sport. Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /var or /usr for data?
On Fri, 24 Aug 2007, Wojciech Puchar wrote: It would appear that the proper allocation of filesystems on FreeBSD is to put all data in /usr. I'm used to this and have been doing it for years. my favourite proper allocation is to make ONE partition (/) and nothing more. and forget all problems about how to partition your drive right... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I've made a quick look-see through my copies of The Complete FreeBSD and Absolute BSD and can't find the reference, but I recall reading somewhere in my 4.x days that FreeBSD used a different algorithm to write to the /var directory, if it was on its own filesystem, because /var was written to a lot (holding logs and all.) Because of this, and all the way up to 6.2 today, I put /var on its own filesystem, after / and swap. Where the old AIX wonks used to call the outer middle of the disk. Was this different algorithm really the case? And, now with UFS2, is it still the case? I still put pgsql/data on /var. r ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Mouse suddenly gets detached and reattached
Hi all, I just installed X (xorg 7.2) and am using FluxBox. It's working well and there are no problems. However, the mouse gets suddenly detached and immediately reattached. I can't say exactly how often this happens, roughly about 6~7 times a day. # dmesg | tail -n 4 ums0: at uhub0 port 1 (addr 2) disconnected ums0: detached ums0: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1 ums0: 5 buttons and Z dir. # sudo sysctl -a | grep ums dev.ums.0.%desc: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1 dev.ums.0.%driver: ums dev.ums.0.%location: port=0 interface=0 dev.ums.0.%pnpinfo: vendor=0x05e3 product=0x1205 devclass=0x00 devsubclass=0x00 release=0x0100 sernum= intclass=0x03 intsubclass=0x01 dev.ums.0.%parent: uhub0 # uname -ai FreeBSD attila 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 GENERIC Is it sign of a problem? In fact I don't care about the hardware as it can be easily replaced, I'm afraid that there's something wrong with software. Thanks in advance for your help. Bahman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions Digest, Vol 191, Issue 37
Please help with suggestions on how I can eliminate some console spam. my console and messages file is filling up with these entries: Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): READ CAPACITY. CDB: 25 60 0 0 0 0 0 0 0 0 Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): CAM Status: SCSI Status Er ror Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): SCSI Status: Check Conditi on Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): NOT READY asc:3a,0 Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): Medium not present Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): Unretryable error It jusst repeats over and over again. I need to get rid of them. Question 1: How can I silence these messages so they stop repeating in my logs? Question 2: If they cannot be silenced, how can I keep them from taking over my text console when I go into single user mode? please help with suggestions, thanks Dan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ports/UPDATING instructions and Python 2.4
I need to keep Python 2.4 on my system to run Zope (which isn't compatible with 2.5). So, I dutifully followed the instructions under /usr/ports/UPDATING starting with If want to keep 2.4.x installed alongside 2.5.x [...]. When I came back a little later, all of my dependent ports had been upgraded from py24-* to py25-*, effectively killing my webserver. Could someone else take a look at those instructions and see if they make sense - they look a little suspicious to me - or if there is some gotcha that I might have missed? Thanks. -- Kirk Strauser PGP.sig Description: This is a digitally signed message part
ath pccard ok on 6.1 600mhz laptop, same card *no* dmesg at all on 6.2 hp laptop
So, I don't have any dmesg, because I don't get one at all with my ath0 card that I'm currently typing this on my old dell 600mhz laptop. I also have a wi0 card that works on the 600mhz machine, but it gives a freeze on the new system, and when you remove it, you get cbb0 ready never happened, staus=00; pccard0 card has no functions. I've done my homework, and I know these topics come up, but I can't seem to google an answer...I really, really, really hate hp/compaq. I love the way it disables the machine if you try to put an atheros card in the internal minipci slot. Shouldn't have bought the $400 laptop. What can I say, I used to be a windows user ;) This is my last windows machine to fall to bsd, at least it is if I can get a NIC in it to work. Thanks, Steve -- Steve Franks, KE7BTE Staff Engineer La Palma Devices, LLC http://www.lapalmadevices.com (520) 312-0089 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Installation Disc Won't Boot
Hi, Manoliis: I took your advice. I copied the burned iso file into a FreeBSD directory and ran md5 and the check digits did not match. I then copied my downloaded iso image from Win98 into FreeBSD and ran md5 and the digits did match. So there was nothing wrong with the iso of disc1 that I downloaded from the web site into Win98. It must have been the burning of the file in Win98 with Nero Express that was the problem. So I burned another copy of the iso in FreeBSd with burncd using: burncd -f /dev/acd1 6.2-RELEASE-i386.iso fixate and it booted just fine. Thanks for all of your suggestions and advice. Now I will be spending the better part of the weekend doing the installation of 6.2. Wish me luck. Have a great day, Larry From: Manolis Kiagias [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: Installation Disc Won't Boot Date: Fri, 24 Aug 2007 21:34:12 +0300 [EMAIL PROTECTED] wrote: Hi, I am unable to boot from 6.2-RELEASE i386-disc1.iso. I have downloaded it and burned it three times without success. I am currently running Win98SE and FreeBSD 5.4 on a dual boot. I had decided to reformat my hard drives so I reinstalled Win98SE and would like to install FreeBSD 6.2. I downloaded the disc 1 iso image and burned it to a disc in Win98. I had to boot from my CDrom to reinstall Win98 so I know that my boot priority is correct and that my CDrom is working properly. I looked at the burned cd with the 6.2-RELEASE i386-disc1.iso file on it in FreeBSD 5.4 and everything appears to be there, including a folder called 'boot'. But I just can't seem to boot from it. 1. Is there something simple I'm missing? Could be that you are burning the file as a real file on a disk instead of burning it as an image? You need to select the option from your program that is similar to create cd from iso image 2. Should I just try downloading (it takes four hours) and burning more copies again? (I've already done it three times...) No. Instead you should check the file you already downloaded 3. Is the fact that I'm burning it in Win98 a problem? Not really, no 4. Is there anything I can do in FreeBSD 5.4 to see if the file is corrupted? Yes. From the site you downloaded the iso files, download the CHECKSUM files as well. There are two of them, CHEKSUM.md5 and CHECKSUM.SHA256 One would be enough to validate your download. For example look at the CHECKSUM.md5 file: For disk1, the checksum is: MD5 (6.2-RELEASE-i386-disc1.iso) = 3d27214700687c0b5390e8b6dd3706e3 you can validate this with the md5 command from FreeBSD, or if you don't wish to reboot from win98, here is and md5 command for windows: http://www.fourmilab.ch/md5/md5.zip use something like: md5 6.2-RELEASE-i386-disc1.iso and compare the output to the one on the file. BTW - I installed FreeBSD 5.4 from discs that I purchased through FreeBSD Mall. I thought I would do it from the 6.2-RELEASE i386-disc1.iso file on FreeBSD's web site this time. I've bought stuff from them: copies of the handbook, tshirts, sticker, beastie dolls :) Good service. Any suggestions, advice, or comments would be greatly appreciated. Thanks, Larry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Best of luck, Manolis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
update: Danger Will Robinson dmesg [ath pccard... ok on 6.1 600mhz laptop, same card *no* dmesg at all on 6.2 hp laptop]
update: several minutes after I pulled the ath0 out, I got a dmesg reading: cbb0: Danger Will Robinson: Resource left allocated! This is a bug... (rid=0, type=1, addr=11) cbb0: Danger Will Robinson: Resource left allocated! This is a bug... (rid=0, type=4, addr=a100) Steve On 8/25/07, Steve Franks [EMAIL PROTECTED] wrote: So, I don't have any dmesg, because I don't get one at all with my ath0 card that I'm currently typing this on my old dell 600mhz laptop. I also have a wi0 card that works on the 600mhz machine, but it gives a freeze on the new system, and when you remove it, you get cbb0 ready never happened, staus=00; pccard0 card has no functions. I've done my homework, and I know these topics come up, but I can't seem to google an answer...I really, really, really hate hp/compaq. I love the way it disables the machine if you try to put an atheros card in the internal minipci slot. Shouldn't have bought the $400 laptop. What can I say, I used to be a windows user ;) This is my last windows machine to fall to bsd, at least it is if I can get a NIC in it to work. Thanks, Steve -- Steve Franks, KE7BTE Staff Engineer La Palma Devices, LLC http://www.lapalmadevices.com (520) 312-0089 -- Steve Franks, KE7BTE Staff Engineer La Palma Devices, LLC http://www.lapalmadevices.com (520) 312-0089 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: load script at bootup
Narek Gharibyan wrote: 3. Is there a program, script or any way more appropriate to track the packet loss and ping availability.? You might try the APinger port in: ports/net/apinger I started using it a couple weeks ago to locate some connectivity problems, and it's impressive for a small simple utility. It has a startup script, if you wish to run it automatically. -R ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Installation Disc Won't Boot
[EMAIL PROTECTED] wrote: So I burned another copy of the iso in FreeBSd with burncd using: burncd -f /dev/acd1 6.2-RELEASE-i386.iso fixate and it booted just fine. Thanks for all of your suggestions and advice. Now I will be spending the better part of the weekend doing the installation of 6.2. Wish me luck. Hurrah! :) Better part of a weekend, though? Oh well, mine not to reason why... It occurs to me now that under Win98 you would have had to use the ASPI layer to burn your CD. Much as I loathe Nero, I found it was the ASPI layer that caused my problems. The ASPI layer [for whatever reason] tends to degrade over time until it's unusable. When I finally upgraded my systems to Windows 2000, I was able to use the SPTI layer, which I found far superior to ASPI. It might be a good idea not to use Win98 for burning CDs any more. If you did decide to use a more recent version of Windows, I can recommend the freeware project Burnatonce, which is fully SPTI-capable. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /var or /usr for data?
On Fri, Aug 24, 2007 at 08:20:16PM -0600, [EMAIL PROTECTED] wrote: On Fri, 24 Aug 2007, Wojciech Puchar wrote: It would appear that the proper allocation of filesystems on FreeBSD is to put all data in /usr. I'm used to this and have been doing it for years. my favourite proper allocation is to make ONE partition (/) and nothing more. and forget all problems about how to partition your drive right... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I've made a quick look-see through my copies of The Complete FreeBSD and Absolute BSD and can't find the reference, but I recall reading somewhere in my 4.x days that FreeBSD used a different algorithm to write to the /var directory, if it was on its own filesystem, because /var was written to a lot (holding logs and all.) Because of this, and all the way up to 6.2 today, I put /var on its own filesystem, after / and swap. Where the old AIX wonks used to call the outer middle of the disk. Was this different algorithm really the case? And, now with UFS2, is it still the case? I still put pgsql/data on /var. I think you may be confusing var with swap.A different algorithm is used for managing and writing/reading swap. I haven't heard of any difference with /var. jerry r ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FBSD-friendly UPS for home needs
Hello, I am going to get a UPS device for my home freebsd gateway/router and wonder if there is anything that you would recommend? At work I use APC units and there is a dedicated software to manage it (apcupsd). Not sure if that's the case with other manufacturers? I'd like to get something that could be managed by software and at the some time not too expensive... you know home budget...erm... Well, many thanks for all recommendations! Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: How to block 200K ip addresses?
Hi, How do you block this large range of ip addresses from different subnet? IPFW only allows 65536 rules while this will probably use up a few hundred thousands of lines. I'm also trying to add this into my proxy configuration file, ss5.conf but it doesn't allow me to add this large number. IS this the limitation of IPF or FreeBSD? How do I work around this? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, August 25, 2007 8:00 PM To: freebsd-questions@freebsd.org Subject: freebsd-questions Digest, Vol 191, Issue 37 Send freebsd-questions mailing list submissions to freebsd-questions@freebsd.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freebsd.org/mailman/listinfo/freebsd-questions or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than Re: Contents of freebsd-questions digest... Today's Topics: 1. Re: FreeBSD and ImageMagick crashes OS? (Kris Kennaway) 2. RE: spammers harvesting emaill address from this list (Ted Mittelstaedt) 3. Re: READ_DMA Error (Bahman M.) 4. Re: best way to keep track of new developments (Michel Talon) 5. Re: spammers harvesting emaill address from this list (Andrew Gould) 6. Re: /var or /usr for data? ([EMAIL PROTECTED]) 7. Mouse suddenly gets detached and reattached (Bahman M.) -- Message: 1 Date: Sat, 25 Aug 2007 05:56:59 + From: Kris Kennaway [EMAIL PROTECTED] Subject: Re: FreeBSD and ImageMagick crashes OS? To: Norberto Meijome [EMAIL PROTECTED] Cc: User Questions freebsd-questions@freebsd.org, Roger Olofsson [EMAIL PROTECTED] Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=us-ascii On Fri, Aug 24, 2007 at 08:26:50PM +1000, Norberto Meijome wrote: On Fri, 24 Aug 2007 11:29:59 +0200 Roger Olofsson [EMAIL PROTECTED] wrote: Turns out ImageMagick was called through php to resize the .JPG and most likely, the server runs out of memory/disk space. /var/tmp fills up and console spews as follows: Aug 22 19:29:49 rutilus kernel: vnode_pager_putpages: I/O error 28 Aug 22 19:29:49 rutilus kernel: vnode_pager_putpages: residual I/O 32768 at 62620 Aug 22 19:29:49 rutilus kernel: pid 29 (syncer), uid 0 inumber 49382 on /var: filesystem full :) having been bitten by that in several unix-like OS (pick any Linux distro, and freebsd too), i just remove /var/tmp and make a smylink to /tmp , which is big enough for my foreseeable needs. I like to keep my /var clean of tmp rubbish. and yes, configuring PHP and it's libraries helps too :) That's not an answer obviously. Error 28 is #define ENOSPC 28 /* No space left on device */ This seems like a bug to me: when a filesystem fills you shouldn't be getting this behaviour. Can you please follow the directions in the developers handbook chapter on kernel debugging, and when you trigger a hang, break to DDB from the console and force a dump, then file a PR and make the core file available to the developers. Unfortunately unless a developer can replicate the behaviour, providing access to a core is the only real debugging option. Thanks, Kris -- Message: 2 Date: Sat, 25 Aug 2007 00:34:30 -0700 From: Ted Mittelstaedt [EMAIL PROTECTED] Subject: RE: spammers harvesting emaill address from this list To: Erik Trulsson [EMAIL PROTECTED], fbsd2 [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] ORG freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=US-ASCII -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Erik Trulsson Sent: Thursday, August 23, 2007 6:52 AM To: fbsd2 Cc: [EMAIL PROTECTED] ORG Subject: Re: spammers harvesting emaill address from this list For this list (freebsd-questions@) in particular it is intentionally and explicitly the case that one does not need to be subscribed to post here. This is because it is the main support forum for FreeBSD, and much documentation exists directing people to ask their questions here. The list admins do have their priorities straight - they just have different priorities than you do. Probably the list admins figure that anyone who posts here is an advanced user type who understands how to setup spam filters that work. Ted -- Message: 3 Date: Sat, 25 Aug 2007 11:52:30 +0330 From: Bahman M. [EMAIL PROTECTED] Subject: Re: READ_DMA Error To: Tamouh H. [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=ISO-8859-1 During FreeBSD 6.2 installation, the process failed because
Re: How to block 200K ip addresses?
In response to Aminuddin [EMAIL PROTECTED]: Hi, How do you block this large range of ip addresses from different subnet? IPFW only allows 65536 rules while this will probably use up a few hundred thousands of lines. I'm also trying to add this into my proxy configuration file, ss5.conf but it doesn't allow me to add this large number. IS this the limitation of IPF or FreeBSD? How do I work around this? Not sure if this is a limitation of ipf, but you should be able to do what you want with pf and pf tables. As long as you're using a relatively recent version of FreeBSD, you'll have pf as an option. -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Transferring a GEOM array between hosts
I have an external JBOD array that is a mirror of two stripes. What I'd like to do is plug that array into a new/different freebsd host machine. Is there anything I need to do to prepare the new machine for the array? Naively, I'd hope that the new machine will pick up the geom configuration from the drives themselves, so I won't have to run any gmirror or gstripe commands on the new machine after the JBOD has been plugged into it. Can anyone who has done this before give me a few tips on how to plan appropriately for such a move? -- Joe Schaefer ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions Digest, Vol 191, Issue 37
On Saturday 25 August 2007, blix wrote: Please help with suggestions on how I can eliminate some console spam. my console and messages file is filling up with these entries: Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): READ CAPACITY. CDB: 25 60 0 0 0 0 0 0 0 0 Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): CAM Status: SCSI Status Er ror Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): SCSI Status: Check Conditi on Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): NOT READY asc:3a,0 Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): Medium not present Aug 25 08:10:18 bsdpc kernel: (da3:umass-sim0:0:0:3): Unretryable error It jusst repeats over and over again. I need to get rid of them. Question 1: How can I silence these messages so they stop repeating in my logs? Question 2: If they cannot be silenced, how can I keep them from taking over my text console when I go into single user mode? please help with suggestions, Step 1. Create a new message to start a new thread or you emails will get lost in other, unrelated threads. Step 2. Unplug the USB device da3 or stop whatever is trying to automount it from running -- Dave ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: time issue
In response to Michael P. Soulier [EMAIL PROTECTED]: Hello, I recently noticed that my clock was running a few minutes slow, even though I have ntpd running on the box. Now I'm seeing this on occasion. Aug 24 20:17:10 kanga dovecot: Time just moved backwards by 105 seconds. This might c ause a lot of problems, so I'll just kill myself now. http://wiki.dovecot.org/TimeMov edBackwards Does this suggest a hardware clock issue? In addition to the other suggestions, FreeBSD may have chosen a crappy clock. Believe it or not, most motherboards have multiple clocks. Depending on the type of clock and the quality of the mobo, not all of these clocks are good for keeping time. FreeBSD tries to choose the best clock at boot time, but doesn't always get it right. For some interesting discussions on this topic, search the list archives for calcru or check out this FAQ entry: http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/troubleshoot.html#LAPTOP-CLOCK-SKEW -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fdisk - can't update an in-use partition
Hi, I have freebsd 6.2 installed on a disk with a 260Gb partition with only a 30Gb label (don't ask :P) and I'm trying to resize the active partition to the size of the existing label, so I can create another partition. I've already set kern.geom.debugflags=16 to be able to write to mbr, but fdisk doesn't update my disk and gives the following error: fdisk: conflict with open slices Does anywone know a way to force fdisk to update the partition table? This is a remote machine so I can't boot from CD to correct the partition table and/or reinstall the SO. Thanks in advance, João Pinheiro ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FBSD-friendly UPS for home needs
Zbigniew Szalbot writes: I am going to get a UPS device for my home freebsd gateway/router and wonder if there is anything that you would recommend? At work I use APC units and there is a dedicated software to manage it (apcupsd). Not sure if that's the case with other manufacturers? I'd like to get something that could be managed by software and at the some time not too expensive... you know home budget...erm... Assuming the manufacturer does not provide a program - and few do - the preferred software for APC (and compatible) units is apcupsd; for others, it seems to be nut (sysutils/nut). Check carefully to make sure it works with your UPS. Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FBSD-friendly UPS for home needs
On Saturday 25 August 2007 12:53:19 Robert Huff wrote: Zbigniew Szalbot writes: I am going to get a UPS device for my home freebsd gateway/router and wonder if there is anything that you would recommend? At work I use APC units and there is a dedicated software to manage it (apcupsd). Not sure if that's the case with other manufacturers? I'd like to get something that could be managed by software and at the some time not too expensive... you know home budget...erm... Assuming the manufacturer does not provide a program - and few do - the preferred software for APC (and compatible) units is apcupsd; for others, it seems to be nut (sysutils/nut). Check carefully to make sure it works with your UPS. Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ill put in another vote for an APC with sysutile/apcupsd. here is some example output of the what the software pulls from the unit: [EMAIL PROTECTED] ~] $ apcaccess APC : 001,037,0912 DATE : Sat Aug 25 12:57:45 CDT 2007 HOSTNAME : athena.dfwlp.com RELEASE : 3.14.1 VERSION : 3.14.1 (04 May 2007) freebsd UPSNAME : Athena APC RS 1500 CABLE: USB Cable MODEL: Back-UPS RS 1500 UPSMODE : Stand Alone STARTTIME: Sat Aug 25 07:56:21 CDT 2007 STATUS : ONLINE LINEV: 118.0 Volts LOADPCT : 18.0 Percent Load Capacity BCHARGE : 100.0 Percent TIMELEFT : 49.0 Minutes MBATTCHG : 5 Percent MINTIMEL : 3 Minutes MAXTIME : 0 Seconds SENSE: High LOTRANS : 097.0 Volts HITRANS : 138.0 Volts ALARMDEL : Always BATTV: 27.1 Volts LASTXFER : Low line voltage NUMXFERS : 0 TONBATT : 0 seconds CUMONBATT: 0 seconds XOFFBATT : N/A SELFTEST : NO STATFLAG : 0x0708 Status Flag MANDATE : 2006-09-19 SERIALNO : BBlalalalalalalalala BATTDATE : 2001-09-25 NOMINV : 120 NOMBATTV : 24.0 FIRMWARE : 8.g9 .D USB FW:g9 APCMODEL : Back-UPS RS 1500 END APC : Sat Aug 25 12:57:49 CDT 2007 (as you can see, its USB connected too, which is a nice convenience) cheers, -- Jonathan Horne http://dfwlpiki.dfwlp.org [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
MSK Driver -- Unable to get it working on laptop
I've been trying to get FreeBSD -CURRENT installed on my laptop for several days now. Although most things work fine, I cannot get my ethernet card to function. I have searched for similar issues on the web and mailing list archives and found nothing. The card identifies as: [EMAIL PROTECTED]:0:0: class=0x02 card=0x01101025 chip=0x435211ab rev=0x14 hdr=0x00 vendor = 'Marvell Semiconductor (Was: Galileo Technology Ltd)' device = 'Yukon 88E8038 PCI-E Fast Ethernet Controller' class = network subclass = ethernet The relevant portion of dmesg is: pcib1: ACPI PCI-PCI bridge irq 16 at device 28.0 on pci0 pcib1: secondary bus 2 pcib1: subordinate bus 2 pcib1: I/O decode0x0-0x0 pcib1: no prefetched decode [snip] pcib1: matched entry for 2.0.INTA pcib1: slot 0 INTA hardwired to IRQ 16 mskc0: Marvell Yukon 88E8038 Gigabit Ethernet irq 16 at device 0.0 on pci2 pcib1: mskc0 requested unsupported memory range 0-0x (decoding 0-0, 0-0) mskc0: 0x4000 bytes of rid 0x10 res 3 failed (0, 0x). mskc0: Lazy allocation of 0x4 bytes rid 0x14 type 4 at 0x1080 mskc0: unknown device: id=0x00, rev=0x00 device_attach: mskc0 attach returned 6 I've posted full versions of all the relevant configuration info I could think of at pastebin: DMESG: http://pastebin.org/1136 PCICONF: http://pastebin.org/1137 SYSCTL: http://pastebin.org/1138 And finally, here's the web page with the laptop's specs: http://www.acerpanam.com/synapse/forms/portal20.cfm?recordid=540formid=3404website=AcerPanAm.com/canadasiteid=7297words=allkeywords=areaid=17 Any help would be much appreciated. -- Matthew Anthony Kolybabi (Mak) () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: fdisk - can't update an in-use partition - solved
João Pinheiro escreveu: Hi, I have freebsd 6.2 installed on a disk with a 260Gb partition with only a 30Gb label (don't ask :P) and I'm trying to resize the active partition to the size of the existing label, so I can create another partition. I've already set kern.geom.debugflags=16 to be able to write to mbr, but fdisk doesn't update my disk and gives the following error: fdisk: conflict with open slices Does anywone know a way to force fdisk to update the partition table? This is a remote machine so I can't boot from CD to correct the partition table and/or reinstall the SO. Thanks in advance, João Pinheiro ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It seems fdisk updates the partition table anyway, it only displays a notice. João Pinheiro ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: time issue
On 24/08/07 Modulok said: Is this a system that is left running 24/7 connected to the Internet, or a system which is frequently turned off? If the latter, you might It's the former. I'll try the suggested ntp sync option anyway. I'm adding more sources too, in case the one that I'm syncing too isn't good enough. Ah, in fact I think that it is not. Perhaps the NRC isn't permitting public access to their time servers anymore. [EMAIL PROTECTED] ~]$ ntpq -p remote refid st t when poll reach delay offset jitter == time.nrc.ca .INIT. 16 u- 6400.0000.000 4000.00 tick.usask.ca .GPS.1 u9 641 111.674 27760.6 0.002 tock.usask.ca .GPS.1 u8 641 107.417 27759.2 0.002 boudicca.tux.or 65.212.71.1022 u7 641 95.680 27758.6 0.002 LOCAL(0)LOCAL(0)10 l6 6410.0000.000 0.002 Mike -- Michael P. Soulier [EMAIL PROTECTED] Any intelligent fool can make things bigger and more complex... It takes a touch of genius - and a lot of courage to move in the opposite direction. --Albert Einstein signature.asc Description: Digital signature
Re: time issue
In response to Michael P. Soulier [EMAIL PROTECTED]: On 24/08/07 Modulok said: Is this a system that is left running 24/7 connected to the Internet, or a system which is frequently turned off? If the latter, you might It's the former. I'll try the suggested ntp sync option anyway. I'm adding more sources too, in case the one that I'm syncing too isn't good enough. Ah, in fact I think that it is not. Perhaps the NRC isn't permitting public access to their time servers anymore. If this turns out to be your problem, I recommend using pool.ntp.org. Read up a bit, it should be much more reliable on a consistent basis. Also, OpenNTP has support built in to automatically talk to all of ntp.org's servers without any funky configuration: http://www.pool.ntp.org/use.html -- Bill Moran http://www.potentialtech.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
uknd - uhub DRAC woes.
Hi all, Whenever I reset my DRAC cards on my Dell machines, I can no longer use the remote terminal applet to access the console. The error I see is this: ukbd0: at uhub0 port 1 (addr 2) disconnected ukbd0: detached Is there any way to reinit the keyboard? (through ssh). i.e can the uhub and/or the ukbd drivers be restarted. (short of powering down/up the whole server. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Installation Disc Won't Boot
[EMAIL PROTECTED] wrote: Hi, Manoliis: I took your advice. I copied the burned iso file into a FreeBSD directory and ran md5 and the check digits did not match. I then copied my downloaded iso image from Win98 into FreeBSD and ran md5 and the digits did match. So there was nothing wrong with the iso of disc1 that I downloaded from the web site into Win98. It must have been the burning of the file in Win98 with Nero Express that was the problem. So I burned another copy of the iso in FreeBSd with burncd using: burncd -f /dev/acd1 6.2-RELEASE-i386.iso fixate and it booted just fine. Thanks for all of your suggestions and advice. Now I will be spending the better part of the weekend doing the installation of 6.2. Wish me luck. Have a great day, Larry Glad I could be of help! Make sure to get some pizza and beer for your install party :) I believe you will find 6.2 to be an excellent release, as most of us on this list do. Take care, Manolis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FBSD-friendly UPS for home needs
At 11:15 AM 8/25/2007, Zbigniew Szalbot wrote: Hello, I am going to get a UPS device for my home freebsd gateway/router and wonder if there is anything that you would recommend? At work I use APC units and there is a dedicated software to manage it (apcupsd). Not sure if that's the case with other manufacturers? I'd like to get something that could be managed by software and at the some time not too expensive... you know home budget...erm... Well, many thanks for all recommendations! Zbigniew Szalbot I use nut from the ports. I have had no problem with UPS's that have a serial interface. Some USB interfaces work, some do not. So I would use a UPS with a seral interface assuming you have a free serial port on the server. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: uknd - uhub DRAC woes.
In message [EMAIL PROTECTED], Grant Peel wrote: Whenever I reset my DRAC cards on my Dell machines, I'm sorry but I can't help you with your problem. But, you do need to reset your clock, since you appear to have reached October two months before the rest of us. I noticed this, because my spam filters flagged your message as probably spam, where of course it wasn't. Cheers, Nick. -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FBSD-friendly UPS for home needs
Hello, that's the case with other manufacturers? I'd like to get something that could be managed by software and at the some time not too expensive... you know home budget...erm... I use nut from the ports. I have had no problem with UPS's that have a serial interface. Some USB interfaces work, some do not. So I would use a UPS with a seral interface assuming you have a free serial port on the server. Thank you - thank you very much for all the responses. Very helpful. Have a nice week-end. Regards, -- Zbigniew Szalbot www.slowo.pl www.lcwords.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
nvidia driver blues
freebsd 6.2 i386 generic geforce 7300gt fresh install.. have updated source, and new ports tree.. installd x11, and then nvidia drivers no luck, all i get is [EMAIL PROTECTED] /usr/ports/x11/nvidia-driver]# make install === Building for nvidia-driver-100.14.11 === src (all) cc -O2 -fno-strict-aliasing -pipe -DNV_VERSION_STRING=\100.14.11\ -D__KERNEL__ -DNVRM -UDEBUG -U_DEBUG -DNDEBUG -O -fno-common -msoft-float -fno-unit-at-a-time -minline-all-stringops -D_KERNEL -DKLD_MODULE -std=c99 -nostdinc -I/src -I. -I@ -I@/contrib/altq -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -fno-common -mno-align-long-strings -mpreferred-stack-boundary=2 -mno-mmx -mno-3dnow -mno-sse -mno-sse2 -mno-sse3 -ffreestanding -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -c nvidia_ctl.c cc1: error: unrecognized command line option -Wno-pointer-sign *** Error code 1 Stop in /usr/ports/x11/nvidia-driver/work/NVIDIA-FreeBSD-x86-100.14.11/src. *** Error code 1 Stop in /usr/ports/x11/nvidia-driver/work/NVIDIA-FreeBSD-x86-100.14.11. *** Error code 1 Stop in /usr/ports/x11/nvidia-driver. *** Error code 1 Stop in /usr/ports/x11/nvidia-driver any ideas? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ports/UPDATING instructions and Python 2.4
On Sat, 25 Aug 2007 09:15:52 -0500 Kirk Strauser [EMAIL PROTECTED] wrote: I need to keep Python 2.4 on my system to run Zope (which isn't compatible with 2.5). So, I dutifully followed the instructions under /usr/ports/UPDATING starting with If want to keep 2.4.x installed alongside 2.5.x [...]. When I came back a little later, all of my dependent ports had been upgraded from py24-* to py25-*, effectively killing my webserver. Could someone else take a look at those instructions and see if they make sense - they look a little suspicious to me - or if there is some gotcha that I might have missed? Thanks. Hello Kirk, A couple of thoughts that could be useful. The instructions explain how to keep both 2.4 and 2.5 versions of _Python_itself_, that's all. The PYTHON_DEFAULT_VERSION=python2.5 line of /etc/make.conf serves as an indicator to all new applications to avoid confusion if python-2.4 is installed alongside. You now probably have something like: # ls -d /var/db/pkg/py* /var/db/pkg/python24-2.4.4_1 /var/db/pkg/python25-2.5.1 /var/db/pkg/py25-cairo-1.4.0_1 /var/db/pkg/py25-chardet-1.0_3 [... etc., py25-* only ...] Zope feels fine in this situation: # cd /usr/ports/www/zope3 # make configure [...] === Patching for zope-3.3.1 === Applying FreeBSD patches for zope-3.3.1 === zope-3.3.1 depends on file: /usr/local/bin/python2.4 - found === Configuring for zope-3.3.1 Configuring Zope installation Using Python interpreter at /usr/local/bin/python2.4 (The same for other py-* ports that are fixed to 2.4 interpreter (i.e. www/py-pylons).) Now, I'm trying to understand what happened to your webserver: you said that changing py24-* to py25-* broke it. Maybe I'm mistaken, but I see just 7 py-* ports that have any relationship with Zope. These are: databases/py-psycopg [WITH_ZOPE optional] devel/py-zopeInterface devel/py-twistedCore [dependent on devel/py-zopeInterface] lang/py-mx-base[WITH_ZOPE optional] x11-toolkits/py-kiwi [optionally linked with devel/py-zopeInterface] devel/py-zconfig [not sure about this one] textproc/py-zpt[not sure about this one] The presence of 'WITH_ZOPE' flag will force the port to use correct version of Python: # cd /usr/ports/lang/py-mx-base/ # make USE_ZOPE=yes === py23-mx-base-2.0.6 depends on file: /usr/local/bin/python2.3 - not found ===Verifying install for /usr/local/bin/python2.3 in /usr/ports/lang/python23 (ZOPE_VERSION is also available.) So where is the connection between zope and py-* ports that crashed your webserver? Please elaborate on this, i.e. how does you webserver depend on py24-*? In meantime, if you just need py24- versions of several ports, you can do something like this: # portupgrade -f -r -m PYTHON_VERSION=2.4 py25-imaging This will install py24-imaging and rebuild ports dependent on it (e.g. graphics/skencil). Use '-n' flag to see what will happen first. This is a quick and non-elegant help to get your webserver working again. If you provide more information you will surely get more in-depth explanation and more elegant solution from someone, preferably from other Zope users. Nikola Lečić ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to block 200K ip addresses?
In the last episode (Aug 26), Aminuddin said: How do you block this large range of ip addresses from different subnet? IPFW only allows 65536 rules while this will probably use up a few hundred thousands of lines. I'm also trying to add this into my proxy configuration file, ss5.conf but it doesn't allow me to add this large number. IS this the limitation of IPF or FreeBSD? How do I work around this? Even though there are 65536 rule numbers, each number can actually have any amount of rules assigned to it. What you're probably looking for, though, is ipfw's table keyword, which uses the same radix tree lookup format as the kernel's routing tables, so it scales well to large amounts of sparse addresses. man ipfw, search for lookup tables. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW and HTTPS problem
I enabled https for my webmail. It works for LAN client but doesn't work for
Internet clients. I checked with tcpdump ipfw filters the incomping https
packets unless the rule
Ipfw add allow tcp from any to ${webmail} 443
Ipfw add allow tcp from ${webmail} 443 to any
Even I tried
Ipfw add allow all from any to ${webmail} keep-state
Ipfw add allow all from ${webmail} to any keep-state
Nothing helps.
Any comments?
Are there any specific ipfw configurations related to https?
Thank you in advance
Narek
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Test on FreeBSD site
Bill Moran wrote: In response to NetOpsCenter [EMAIL PROTECTED]: Aloha, How long does it take for a test to be accepted or rejected on the FreeBSD test mail box? Is three minutes normal for a test to pop up? I had some FreeBSD 7 config issues and this nearly caused me to think I hadn't cleared the problem because it took quite a while to pop up. It depends on how busy the server is at the time you send it, among other factors. I haven't noticed if the mail servers are doing greylisting, but it wouldn't surprise me if they were. In this day and age, with the spam scourge and all the alleged solutions that everyone's mail servers use, anything less than 10 minutes for a delivery should be considered successful. Thanks for the reply. FreeBSD 7 is excellent. Applause to the Developers. I have been using FreeBSD since 2. something. Is there a good how to set up spam assassin for FreeBSD? Most I have tried have no FreeBSD specific file placements listsed and I can't get it to work. ~Al Plant - Honolulu, Hawaii - Phone: 808-284-2740 + http://hawaiidakine.com + http://freebsdinfo.org + [EMAIL PROTECTED] + + http://internetohana.org - Supporting - FreeBSD 6.* - 7.* + All that's really worth doing is what we do for others.- Lewis Carrol ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW and HTTPS problem
[Any reason you posted to the same list twice?]
In response to Narek Gharibyan [EMAIL PROTECTED]:
I enabled https for my webmail. It works for LAN client but doesn't work for
Internet clients. I checked with tcpdump ipfw filters the incomping https
packets unless the rule
Ipfw add allow tcp from any to ${webmail} 443
Ipfw add allow tcp from ${webmail} 443 to any
Even I tried
Ipfw add allow all from any to ${webmail} keep-state
Ipfw add allow all from ${webmail} to any keep-state
Nothing helps.
Any comments?
Yes. Please provide your entire ruleset. It's impossible to assist in
debugging a ruleset with only a partial ruleset. Do not trim or edit
the ruleset, as you may trim away the part that is causing the problem.
On your own, the output of 'ipfw show' can be useful for determining
which rules are blocking traffic, as it shows counters of how many
packets have matched each rule.
--
Bill Moran
http://www.potentialtech.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
secure /usr/src update
Hello, as far as I know neither CVSup, CTM nor (anonymous) CVS support any kind of (cryptographic) signing or encryption. Now I'd like to know if it is possible to obtain or update the base system in a secure and reliable way at all. For the ports collection there is portsnap which seems for me - in respect to the security issue - well concepted. Also, if I buy a (pressed) DVD I (hopefully) can trust the integrity of the system I install. (And with this DVD I'll receive the keyprint of portsnap on a - hopefull sufficient - secure way.) Solely the update of the /usr/src branch seems to be easily attackable by some standard stream inserting or very simple man in the middle attacks. Do you have any suggestions? Thank you, Martin Laabs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /var or /usr for data?
When asked his whereabouts on Sat, Aug 25, 2007 at 04:34 , [EMAIL PROTECTED] took the fifth, drank it, and then slurred: Date: Fri, 24 Aug 2007 14:35:27 -0400 From: Jerry McAllister [EMAIL PROTECTED] Subject: Re: /var or /usr for data? Content-Type: text/plain; charset=us-ascii On Fri, Aug 24, 2007 at 08:19:43AM +0200, Wojciech Puchar wrote: It would appear that the proper allocation of filesystems on FreeBSD is to put all data in /usr. I'm used to this and have been doing it for years. my favourite proper allocation is to make ONE partition m(/) and nothing ore. and forget all problems about how to mpartition your drive right... That works for some situations. But, there are protections, conveniences and backup efficiencies that thoughtful partitioning provide that all-in-one doesn't. I've been running Unix systems for a long time. I've noted that if a filesystem fails - it almost invariably is /. If you totally trash it then you have to reload ALL the data and programs you have on the system. And with FBSD if you make root a reasonable size. I am running about 250MB for / - in a server only environment. 500MB would be safe however. Then if something happens you can just rebuild / - or totally reinstall the /, while NOT making new file systems on the remaining partitions you have. I will say that drives are more reliable than ever, but having spent hours recovering systems [commercial ones in the past] for someone who thought the best was to put 'all your eggs in one basket - eg /' was the right way, I've avoided strenuously. And applications such as MySQL give you options as to where to store the data. If you didn't do that during install it's quite easy to make symlinks to point the data to an approved place on your HD. And IF you have a program run amock and start filling things up, having everything on / will make recovery much harder. However cleaning up after one of those messes will teach you a lot. A friend of mine has a motto of learn by destroying. Having a system with only / may be one step along that path :-) Bill -- Bill Vermillion - bv @ wjv . com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW and HTTPS problem
On Aug 25, 2007, at 4:15 PM, Narek Gharibyan wrote: I enabled https for my webmail. It works for LAN client but doesn't work for Internet clients. I checked with tcpdump ipfw filters the incomping https packets unless the rule tcpdump is the hard way. # ipfw zero try the webmail. # ipfw -a list Examine the above list for rules have been hit since zero. Your answer lies among the rules which have been hit. You might add ipfw add 65000 deny log ip from any to any and see what shows in /var/log/security for more details. If you see hits on a rule but don't understand why, add log to it. Probably best to duplicate that rule with a lower number so the log version is used first. And easy to remove the logging version later without touching the original. -- David Kelly N4HHE, [EMAIL PROTECTED] Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
xfce 4.4 questions
Folks, I'm trying to install xfce 4.4 on my FreeBSD 6.1 box, (which I just upgraded via sysinstall). It ain't workin' and I sure could use some help. Full disclosure: I'm new to FreeBSD, although I do have a basic working knowledge of *nix fundamentals. I was able to install xfce 4.2, but the install is broken -- allow me to explain. Xfce 4.2 does install, I can start it, but several features don't work. For example, according to the docs I should see a menu bar (and options) on xfterm, but it isn't there. Several other install defaults are busted too. I've reinstalled the OS several times from a 'minimal' install to 'install EVERYTHING', via the CD, upgrades via sysinstall, via FTP. All were successful). I've installed XFCE4 according to your docs (pkg_add -r xfce4) several times, and from /usr/ports/x11-wm/xfce4 (make install clean), but still the same problems. So, I thought I'd try installing a newer version of xfce (4.4). First question: what is a 'meta port', what does it do and what are it's limitations? Can't find anything in your docs that speak to this (nor any of the books I have, most notably the recent 'FreeBSD 6 Unleashed'). Reading the Ports page of your site, specifically the *xfce-4.4.1_1 http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/x11-wm/xfce4 *metaport; 'meta' seems to imply run this and you'll install all the basics you need to run XFCE 4.4. Either it doesn't work or I've misinterpreted this. Under xfce-4.4.1, it says: Requires: -- do I really have to install _every_single_pkg_listed_ BEFORE I install the xfce-4.4.1 metaport??? If so, that seems a bit much. Why can't there be a single manifest file which calls/installs all those required pkg's as a part of the metaport installation? In order to install xfce 4.4, do I have to manually install each and every file/port/pkg listed there which references xfce4.4? After doing a fresh OS install (6.1) from CD (X-Kern-Developer package), followed immediately by an upgrade (via sysinstall/FTP) which included an istall of the entire ports tree, I tried several ways to install xfce4.4: 1) downloaded xfce-4.4.1_1.tbz and ran pkg_add against it. It started but all I got was Package insert_names_here not found!. If it knows what it needs, why can't it just bust out to your ftp site and get it and install it? 2) downloaded from your site everything in /pub/FreeBSD/ports/packages/x11-wm/xfce/, which seemed to have all those required files. Once downloaded, as noted above I ran pkg_add locally. Some packages installed, but most did not because their dependencies (such as glib-2.12.13) were not there. If xfce4.4 needs glib-2.12.13, why can't it (and any others) be included in .../x11-wm/xfce/ ? 3) HOk, so then I ran pkg_add ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/All/xfce-4.4.1_1.tbz, thinking this 'All' directory must have every bloody thing it needs. Nope. At this point, I start drinking. Heavily. Btw: it was in your Handbook I found the reference to 'pkg_add -r xfce4' to install xfce4x (found here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x11-wm.html). Well, I searched your site for any package specifically labeled 'xfce4' and I couldn't find it. The closest I got was the dir xfce under ftp.../pub/FreeBSD/ports/packages/x11-wm/. So, having seen your list of ports (and the 'package' listed under each), where can I find a complete list of packages? I've cruised many forums for info - nothing truly helpful. Bottom line, I don't really need xfce 4.4; I'd be happy if 4.2 just worked (all of it) on a basic level. I'm trying to learn here, and so far the books, the docs, and other FreeBSD articles out there don't seem to jibe. I keep reading (my paraphrase): It's easy! Just run 'pkg_add -r package_name' and your done!'. Maybe this is true for some packages, but not the ones I've tried. I respect and admire the work you are doing, and what you have accomplished. I'm not giving up on FreeBSD. Any advice/info would be appreciated. cheers, - r ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mouse suddenly gets detached and reattached
On Saturday 25 August 2007, Bahman M. wrote: Hi all, I just installed X (xorg 7.2) and am using FluxBox. It's working well and there are no problems. However, the mouse gets suddenly detached and immediately reattached. I can't say exactly how often this happens, roughly about 6~7 times a day. # dmesg | tail -n 4 ums0: at uhub0 port 1 (addr 2) disconnected ums0: detached ums0: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1 ums0: 5 buttons and Z dir. # sudo sysctl -a | grep ums dev.ums.0.%desc: vendor 0x05e3 USB Mouse, rev 1.10/1.00, addr 2, iclass 3/1 dev.ums.0.%driver: ums dev.ums.0.%location: port=0 interface=0 dev.ums.0.%pnpinfo: vendor=0x05e3 product=0x1205 devclass=0x00 devsubclass=0x00 release=0x0100 sernum= intclass=0x03 intsubclass=0x01 dev.ums.0.%parent: uhub0 # uname -ai FreeBSD attila 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 GENERIC Is it sign of a problem? In fact I don't care about the hardware as it can be easily replaced, I'm afraid that there's something wrong with software. Thanks in advance for your help. Bahman An obvious test would be to connect the mouse to another usb port and/or controller. Maybe the mouse is flaky; try exchanging it with another. There could be a fracture in the mouse cord. Try to rule out hardware failure first. Hope this helps, Pieter de Goeje ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: xfce 4.4 questions
On Sat, Aug 25, 2007 at 06:11:42PM -0400, Richard Deal wrote: Folks, I'm trying to install xfce 4.4 on my FreeBSD 6.1 box, (which I just upgraded via sysinstall). It ain't workin' and I sure could use some help. Full disclosure: I'm new to FreeBSD, although I do have a basic working knowledge of *nix fundamentals. I was able to install xfce 4.2, but the install is broken -- allow me to explain. Xfce 4.2 does install, I can start it, but several features don't work. For example, according to the docs I should see a menu bar (and options) on xfterm, but it isn't there. Several other install defaults are busted too. I've reinstalled the OS several times from a 'minimal' install to 'install EVERYTHING', via the CD, upgrades via sysinstall, via FTP. All were successful). I've installed XFCE4 according to your docs (pkg_add -r xfce4) several times, and from /usr/ports/x11-wm/xfce4 (make install clean), but still the same problems. So, I thought I'd try installing a newer version of xfce (4.4). First question: what is a 'meta port', what does it do and what are it's limitations? A 'meta port' is a port which doesn't install anything itself, but just depends on a bunch of other ports so that they can all get pulled in automatically. Can't find anything in your docs that speak to this (nor any of the books I have, most notably the recent 'FreeBSD 6 Unleashed'). Reading the Ports page of your site, specifically the *xfce-4.4.1_1 http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/x11-wm/xfce4 *metaport; 'meta' seems to imply run this and you'll install all the basics you need to run XFCE 4.4. Either it doesn't work or I've misinterpreted this. Under xfce-4.4.1, it says: Requires: -- do I really have to install _every_single_pkg_listed_ BEFORE I install the xfce-4.4.1 metaport??? If so, that seems a bit much. Why can't there be a single manifest file which calls/installs all those required pkg's as a part of the metaport installation? In order to install xfce 4.4, do I have to manually install each and every file/port/pkg listed there which references xfce4.4? No,no. The point of the ports system/packages is that all the required ports will be pulled in and installed automatically. After doing a fresh OS install (6.1) from CD (X-Kern-Developer package), followed immediately by an upgrade (via sysinstall/FTP) which included an istall of the entire ports tree, I tried several ways to install xfce4.4: 1) downloaded xfce-4.4.1_1.tbz and ran pkg_add against it. It started but all I got was Package insert_names_here not found!. If it knows what it needs, why can't it just bust out to your ftp site and get it and install it? Because you did not use the '-r' flag to pkg_add which tells it to do exactly that? 2) downloaded from your site everything in /pub/FreeBSD/ports/packages/x11-wm/xfce/, which seemed to have all those required files. Once downloaded, as noted above I ran pkg_add locally. Some packages installed, but most did not because their dependencies (such as glib-2.12.13) were not there. If xfce4.4 needs glib-2.12.13, why can't it (and any others) be included in .../x11-wm/xfce/ ? Because they live elsewhere. 3) HOk, so then I ran pkg_add ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/All/xfce-4.4.1_1.tbz, thinking this 'All' directory must have every bloody thing it needs. Nope. At this point, I start drinking. Heavily. Btw: it was in your Handbook I found the reference to 'pkg_add -r xfce4' to install xfce4x (found here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x11-wm.html). Well, I searched your site for any package specifically labeled 'xfce4' and I couldn't find it. The closest I got was the dir xfce under ftp.../pub/FreeBSD/ports/packages/x11-wm/. So, having seen your list of ports (and the 'package' listed under each), where can I find a complete list of packages? I've cruised many forums for info - nothing truly helpful. Bottom line, I don't really need xfce 4.4; I'd be happy if 4.2 just worked (all of it) on a basic level. I'm trying to learn here, and so far the books, the docs, and other FreeBSD articles out there don't seem to jibe. I keep reading (my paraphrase): It's easy! Just run 'pkg_add -r package_name' and your done!'. Maybe this is true for some packages, but not the ones I've tried. I respect and admire the work you are doing, and what you have accomplished. I'm not giving up on FreeBSD. Any advice/info would be appreciated. cheers, - r ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list
Re: xfce 4.4 questions
Meta port installs the whole thing. My immediate hunch is that you are making several mistakes. Is your port tree updated? Why did you use CD to install the Xfce? Why do you want to use pkg_add utility. What about Xorg. Quick instruction would take only 10 minutes but then you need XOrg and Xfce which will take couple hours to compile. Do fresh minimal installation without X. When the installer ask you about adding port tree you decline. The same when installer ask you to add any of the packages from the second CD. Then after installation cvsup the system and build your world and/or custom kernel as you like it. You will be fine without cvsup and with generic kernel. do portsnap fetch portsnap extract then go to /usr/ports and install XOrg via ports (do not use pkg_add since you will get XOrg 6.9 instead of 7.2) Then go to Xfce 4.4 meta port and do make install clean. You will have complete Xfce which still doesn't mean that all things will work since you need to edit fstab, devfs.conf and rc.conf files Have Fun Predrag P.S. You can not get Xfce 4.4 since you do not even have XOrg 7.2 Richard Deal wrote: Folks, I'm trying to install xfce 4.4 on my FreeBSD 6.1 box, (which I just upgraded via sysinstall). It ain't workin' and I sure could use some help. Full disclosure: I'm new to FreeBSD, although I do have a basic working knowledge of *nix fundamentals. I was able to install xfce 4.2, but the install is broken -- allow me to explain. Xfce 4.2 does install, I can start it, but several features don't work. For example, according to the docs I should see a menu bar (and options) on xfterm, but it isn't there. Several other install defaults are busted too. I've reinstalled the OS several times from a 'minimal' install to 'install EVERYTHING', via the CD, upgrades via sysinstall, via FTP. All were successful). I've installed XFCE4 according to your docs (pkg_add -r xfce4) several times, and from /usr/ports/x11-wm/xfce4 (make install clean), but still the same problems. So, I thought I'd try installing a newer version of xfce (4.4). First question: what is a 'meta port', what does it do and what are it's limitations? Can't find anything in your docs that speak to this (nor any of the books I have, most notably the recent 'FreeBSD 6 Unleashed'). Reading the Ports page of your site, specifically the *xfce-4.4.1_1 http://www.FreeBSD.org/cgi/cvsweb.cgi/ports/x11-wm/xfce4 *metaport; 'meta' seems to imply run this and you'll install all the basics you need to run XFCE 4.4. Either it doesn't work or I've misinterpreted this. Under xfce-4.4.1, it says: Requires: -- do I really have to install _every_single_pkg_listed_ BEFORE I install the xfce-4.4.1 metaport??? If so, that seems a bit much. Why can't there be a single manifest file which calls/installs all those required pkg's as a part of the metaport installation? In order to install xfce 4.4, do I have to manually install each and every file/port/pkg listed there which references xfce4.4? After doing a fresh OS install (6.1) from CD (X-Kern-Developer package), followed immediately by an upgrade (via sysinstall/FTP) which included an istall of the entire ports tree, I tried several ways to install xfce4.4: 1) downloaded xfce-4.4.1_1.tbz and ran pkg_add against it. It started but all I got was Package insert_names_here not found!. If it knows what it needs, why can't it just bust out to your ftp site and get it and install it? 2) downloaded from your site everything in /pub/FreeBSD/ports/packages/x11-wm/xfce/, which seemed to have all those required files. Once downloaded, as noted above I ran pkg_add locally. Some packages installed, but most did not because their dependencies (such as glib-2.12.13) were not there. If xfce4.4 needs glib-2.12.13, why can't it (and any others) be included in .../x11-wm/xfce/ ? 3) HOk, so then I ran pkg_add ftp://ftp.freebsd.org/pub/FreeBSD/ports/packages/All/xfce-4.4.1_1.tbz, thinking this 'All' directory must have every bloody thing it needs. Nope. At this point, I start drinking. Heavily. Btw: it was in your Handbook I found the reference to 'pkg_add -r xfce4' to install xfce4x (found here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/x11-wm.html). Well, I searched your site for any package specifically labeled 'xfce4' and I couldn't find it. The closest I got was the dir xfce under ftp.../pub/FreeBSD/ports/packages/x11-wm/. So, having seen your list of ports (and the 'package' listed under each), where can I find a complete list of packages? I've cruised many forums for info - nothing truly helpful. Bottom line, I don't really need xfce 4.4; I'd be happy if 4.2 just worked (all of it) on a basic level. I'm trying to learn here, and so far the books, the docs, and other FreeBSD articles out there don't seem to jibe. I keep reading (my paraphrase): It's easy! Just run 'pkg_add -r package_name' and your
TCP packets don't flow from external hosts to WinVista clients behind nat
Hello... I've got a strange trouble... FreeBSD 6.2 amd64 as nat-router: rl0 85.249.249.249 - ISP fxp0 10.0.0.1 - My Internat Net natd/ng_nat ipfw: allow all from any to any WinXP client machines work fine behind nat, but WinVista, FreeBSD (5.5/6.2) clients don't. It's very strange but it's unable to establish any TCP internet connection from non WinXP host. ICMP and UDP packets flows normally. For example, I can ping host ya.ru, get DNS-reply from internet servers, play games via UDP, but i can't view web pages, open shh session and just can't telnet to any port Traffic from/to my net is not filtering by firewalls at all. I've tested it with natd ang ng_nat - there's no difference! I've tried to solve this problem during last week =( Unfortunately, i can't. Now i'm going to try using pf or ipfilter instead of ipfw or ever reinstall server OS and may be change freebsd architecture to i386. Any ideas ? P.S.Sorry for my bad english. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: How to block 200K ip addresses?
I intend to create a ruleset file consisting of this statement: Ruleset add 2300 skipto 2301 ip from 0.0.0.0/6 to any add 2400 skipto 2401 ip from any to 0.0.0.0/6 add 2300 skipto 2302 ip from 4.0.0.0/6 to any add 2400 skipto 2402 ip from any to 4.0.0.0/6 add 2300 skipto 2303 ip from 8.0.0.0/6 to any add 2400 skipto 2403 ip from any to 8.0.0.0/6 add 2300 skipto 2304 ip from 12.0.0.0/6 to any add 2400 skipto 2404 ip from any to 12.0.0.0/6 add 2300 skipto 2305 ip from 16.0.0.0/6 to any add 2400 skipto 2405 ip from any to 16.0.0.0/6 add 2300 skipto 2306 ip from 20.0.0.0/6 to any add 2400 skipto 2406 ip from any to 20.0.0.0/6 add 2300 skipto 2307 ip from 24.0.0.0/6 to any add 2400 skipto 2407 ip from any to 24.0.0.0/6 add 2300 skipto 2308 ip from 28.0.0.0/6 to any add 2400 skipto 2408 ip from any to 28.0.0.0/6 add 2300 skipto 2309 ip from 32.0.0.0/6 to any add 2400 skipto 2409 ip from any to 32.0.0.0/6 add 2300 skipto 2310 ip from 36.0.0.0/6 to any add 2400 skipto 2410 ip from any to 36.0.0.0/6 add 2300 skipto 2311 ip from 40.0.0.0/6 to any add 2400 skipto 2411 ip from any to 40.0.0.0/6 add 2300 skipto 2312 ip from 44.0.0.0/6 to any add 2400 skipto 2412 ip from any to 44.0.0.0/6 add 2300 skipto 2313 ip from 48.0.0.0/6 to any add 2400 skipto 2413 ip from any to 48.0.0.0/6 add 2300 skipto 2314 ip from 52.0.0.0/6 to any add 2400 skipto 2414 ip from any to 52.0.0.0/6 add 2300 skipto 2315 ip from 56.0.0.0/6 to any add 2400 skipto 2415 ip from any to 56.0.0.0/6 add 2300 skipto 2316 ip from 60.0.0.0/6 to any add 2400 skipto 2416 ip from any to 60.0.0.0/6 add 2300 skipto 2317 ip from 64.0.0.0/6 to any add 2400 skipto 2417 ip from any to 64.0.0.0/6 add 2300 skipto 2318 ip from 68.0.0.0/6 to any add 2400 skipto 2418 ip from any to 68.0.0.0/6 add 2300 skipto 2319 ip from 72.0.0.0/6 to any add 2400 skipto 2419 ip from any to 72.0.0.0/6 add 2300 skipto 2320 ip from 76.0.0.0/6 to any add 2400 skipto 2420 ip from any to 76.0.0.0/6 add 2300 skipto 2321 ip from 80.0.0.0/6 to any add 2400 skipto 2421 ip from any to 80.0.0.0/6 add 2300 skipto 2322 ip from 84.0.0.0/6 to any add 2400 skipto 2422 ip from any to 84.0.0.0/6 add 2300 skipto 2323 ip from 88.0.0.0/6 to any add 2400 skipto 2423 ip from any to 88.0.0.0/6 add 2300 skipto 2324 ip from 92.0.0.0/6 to any add 2400 skipto 2424 ip from any to 92.0.0.0/6 add 2300 skipto 2325 ip from 96.0.0.0/6 to any add 2400 skipto 2425 ip from any to 96.0.0.0/6 add 2300 skipto 2326 ip from 100.0.0.0/6 to any add 2400 skipto 2426 ip from any to 100.0.0.0/6 add 2300 skipto 2327 ip from 104.0.0.0/6 to any add 2400 skipto 2427 ip from any to 104.0.0.0/6 add 2300 skipto 2328 ip from 108.0.0.0/6 to any add 2400 skipto 2428 ip from any to 108.0.0.0/6 add 2300 skipto 2329 ip from 112.0.0.0/6 to any add 2400 skipto 2429 ip from any to 112.0.0.0/6 add 2300 skipto 2330 ip from 116.0.0.0/6 to any add 2400 skipto 2430 ip from any to 116.0.0.0/6 add 2300 skipto 2331 ip from 120.0.0.0/6 to any add 2400 skipto 2431 ip from any to 120.0.0.0/6 add 2300 skipto 2332 ip from 124.0.0.0/6 to any add 2400 skipto 2432 ip from any to 124.0.0.0/6 add 2300 skipto 2333 ip from 128.0.0.0/6 to any add 2400 skipto 2433 ip from any to 128.0.0.0/6 add 2300 skipto 2334 ip from 132.0.0.0/6 to any add 2400 skipto 2434 ip from any to 132.0.0.0/6 add 2300 skipto 2335 ip from 136.0.0.0/6 to any add 2400 skipto 2435 ip from any to 136.0.0.0/6 add 2300 skipto 2336 ip from 140.0.0.0/6 to any add 2400 skipto 2436 ip from any to 140.0.0.0/6 add 2300 skipto 2337 ip from 144.0.0.0/6 to any add 2400 skipto 2437 ip from any to 144.0.0.0/6 add 2300 skipto 2338 ip from 148.0.0.0/6 to any add 2400 skipto 2438 ip from any to 148.0.0.0/6 add 2300 skipto 2339 ip from 152.0.0.0/6 to any add 2400 skipto 2439 ip from any to 152.0.0.0/6 add 2300 skipto 2340 ip from 156.0.0.0/6 to any add 2400 skipto 2440 ip from any to 156.0.0.0/6 add 2300 skipto 2341 ip from 160.0.0.0/6 to any add 2400 skipto 2441 ip from any to 160.0.0.0/6 add 2300 skipto 2342 ip from 164.0.0.0/6 to any add 2400 skipto 2442 ip from any to 164.0.0.0/6 add 2300 skipto 2343 ip from 168.0.0.0/6 to any add 2400 skipto 2443 ip from any to 168.0.0.0/6 add 2300 skipto 2344 ip from 172.0.0.0/6 to any add 2400 skipto 2444 ip from any to 172.0.0.0/6 add 2300 skipto 2345 ip from 176.0.0.0/6 to any add 2400 skipto 2445 ip from any to 176.0.0.0/6 add 2300 skipto 2346 ip from 180.0.0.0/6 to any add 2400 skipto 2446 ip from any to 180.0.0.0/6 add 2300 skipto 2347 ip from 184.0.0.0/6 to any add 2400 skipto 2447 ip from any to 184.0.0.0/6 add 2300 skipto 2348 ip from 188.0.0.0/6 to any add 2400 skipto 2448 ip from any to 188.0.0.0/6 add 2300 skipto 2349 ip from 192.0.0.0/6 to any add 2400 skipto 2449 ip from any to 192.0.0.0/6 add 2300 skipto 2350 ip from 196.0.0.0/6 to any add 2400 skipto 2450 ip from any to 196.0.0.0/6 add 2300 skipto 2351 ip from 200.0.0.0/6 to any add 2400 skipto 2451 ip from any to 200.0.0.0/6 add 2300 skipto 2352 ip from 204.0.0.0/6 to any add 2400
Re: /var or /usr for data?
Wojciech Puchar wrote: It would appear that the proper allocation of filesystems on FreeBSD is to put all data in /usr. I'm used to this and have been doing it for years. my favourite proper allocation is to make ONE partition (/) and nothing more. and forget all problems about how to partition your drive right... With a single, large filesystem on /, you cannot take advantage of things like background fsck, cuz / always needs to be checked fully before the system goes multiuser. A small / partition is quick to fsck, and can be kept mounted sync to ensure consistency without harming system throughput. All the others (/var, /usr, /foo) can be checked after the machine is live, greatly speeding up post-crash recovery. -- Fuzzy love, -CyberLeo Technical Administrator CyberLeo.Net Webhosting http://www.CyberLeo.Net [EMAIL PROTECTED] Furry Peace! - http://.fur.com/peace/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problems with PCI RAID card showing up
For some reason, I am unable to find the drives (RAIDED with JBOD) connected to this card. The chipset for the card is VIA 6421 for SATA and 8235 for IDE (It supports both), which, according to 'man ata' is supported. Prior to the FreeBSD boot Menu, I see text scroll across the screen that lists the drives connected to the machine, and includes this RAID group as a listed drive. Not to mention that knoppix and acronis both see the drive as listed. Where are these drives located, and how do I get FreeBSD to see them so I can mount them? Here is a clipping from dmesg, where the card is referenced as being present: atapci0: VIA 6421 SATA150 controller port 0x9000-0x900f,0x9400-0x940f,0x9800-0x980f,0x9c00-0x9c0f,0xa000-0xa01f,0xa400-0xa4ff irq 16 at device 8.0 on pci0 atapci1: VIA 8235 UDMA133 controller port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xb800-0xb80f at device 17.1 on pci0 Here is output from pciconf -lv # pciconf -lv [EMAIL PROTECTED]:0:0: class=0x06 card=0x31891106 chip=0x31891106 rev=0x00 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT8377 Apollo KT400/A/600 CPU to PCI Bridge' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:1:0: class=0x060400 card=0x0080 chip=0xb1681106 rev=0x00 hdr=0x01 vendor = 'VIA Technologies Inc' device = 'ProSavageDDR P4X333 CPU to AGP 2.0/3.0 Bridge' class= bridge subclass = PCI-PCI [EMAIL PROTECTED] :8:0: class=0x010400 card=0x32491106 chip=0x32491106 rev=0x50 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT6421 IDE RAID Controller' class= mass storage subclass = RAID [EMAIL PROTECTED]:9:0: class=0x048000 card=0x1131 chip=0x71301131 rev=0x01 hdr=0x00 vendor = 'Philips Semiconductors' device = 'SAA7130HL Multi Media Capture Device' class= multimedia [EMAIL PROTECTED]:10:0: class=0x02 card=0x01051106 chip=0x31061106 rev=0x86 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT6105M/LOM Rhine III PCI Fast Ethernet Controller' class= network subclass = ethernet [EMAIL PROTECTED]:16:0:class=0x0c0300 card=0x30381106 chip=0x30381106 rev=0x80 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT82x UHCI USB 1.1 Controller (All VIA Chipsets)' class= serial bus subclass = USB [EMAIL PROTECTED]:16:1:class=0x0c0300 card=0x30381106 chip=0x30381106 rev=0x80 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT82x UHCI USB 1.1 Controller (All VIA Chipsets)' class= serial bus subclass = USB [EMAIL PROTECTED] :16:2:class=0x0c0300 card=0x30381106 chip=0x30381106 rev=0x80 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT82x UHCI USB 1.1 Controller (All VIA Chipsets)' class= serial bus subclass = USB [EMAIL PROTECTED]:16:3:class=0x0c0320 card=0x31041106 chip=0x31041106 rev=0x82 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT6202 USB 2.0 Enhanced Host Controller' class= serial bus subclass = USB [EMAIL PROTECTED]:17:0:class=0x060100 card=0x31771106 chip=0x31771106 rev=0x00 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT8235 PCI to ISA Bridge' class= bridge subclass = PCI-ISA [EMAIL PROTECTED]:17:1: class=0x01018a card=0x05711106 chip=0x05711106 rev=0x06 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT82 EIDE Controller (All VIA Chipsets)' class= mass storage subclass = ATA [EMAIL PROTECTED] :17:5:class=0x040100 card=0xf6141565 chip=0x30591106 rev=0x50 hdr=0x00 vendor = 'VIA Technologies Inc' device = 'VT8233/33A/8235/8237 AC97 Enhanced Audio Controller' class= multimedia subclass = audio [EMAIL PROTECTED]:0:0: class=0x03 card=0x81ea1043 chip=0x004110de rev=0xa1 hdr=0x00 vendor = 'NVIDIA Corporation' device = 'GeForce 6800 [NV40.1]' class= display subclass = VGA Finally, here is a listing of devices in /dev: # ls /dev acd0ad1 consolectl fd lpt0 nfslock ttyd0 ttyv3 ttyvd zero acpiad1s1 cttyfidolpt0.ctl nullttyd0.init ttyv4 ttyve ad0 ad3 cuad0 geom.ctlmdctl pci ttyd0.lock ttyv5 ttyvf ad0s1 ad3s1 cuad0.init io mem ppi0ttyd1 ttyv6 urandom ad0s1a agpgart cuad0.lock kbd0net ptyp0 ttyd1.init ttyv7 usb ad0s1b apm cuad1 kbd1net1 random ttyd1.lock ttyv8 usb0 ad0s1c ata cuad1.init kbdmux0 net2 stderr ttyp0 ttyv9 usb1 ad0s1d atkbd0 cuad1.lock
TCP packets don't flow from external hosts to WinVista clients behind
Hello... I've got a strange trouble... FreeBSD 6.2 amd64 as nat-router: rl0 85.249.249.249 - ISP fxp0 10.0.0.1 - My Internal Net natd/ng_nat ipfw: allow all from any to any WinXP client machines work fine behind nat, but WinVista, FreeBSD (5.5/6.2) clients don't. It's very strange but it's unable to establish any TCP internet connection from non WinXP host. ICMP and UDP packets flows normally. For example, I can ping host ya.ru, get DNS-reply from internet servers, play games via UDP, but i can't view web pages, open shh session and just can't telnet to any port Traffic from/to my net is not filtering by firewalls at all. I've tested it with natd ang ng_nat - there's no difference! I've tried to solve this problem during last week =( Unfortunately, i can't. Now i'm going to try using pf or ipfilter instead of ipfw or ever reinstall server OS and may be change freebsd architecture to i386. Any ideas ? P.S.Sorry for my bad english. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nvidia driver blues
On Sat, 25 Aug 2007 16:55:32 -0400 dan sikorsky [EMAIL PROTECTED] wrote: freebsd 6.2 i386 generic geforce 7300gt fresh install.. have updated source, and new ports tree.. installd x11, and then nvidia drivers no luck, all i get is [EMAIL PROTECTED] /usr/ports/x11/nvidia-driver]# make install === Building for nvidia-driver-100.14.11 === src (all) cc -O2 -fno-strict-aliasing -pipe -DNV_VERSION_STRING=\100.14.11\ -D__KERNEL__ -DNVRM -UDEBUG -U_DEBUG -DNDEBUG -O -fno-common -msoft-float -fno-unit-at-a-time -minline-all-stringops -D_KERNEL -DKLD_MODULE -std=c99 -nostdinc -I/src -I. -I@ -I@/contrib/altq -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -fno-common -mno-align-long-strings -mpreferred-stack-boundary=2 -mno-mmx -mno-3dnow -mno-sse -mno-sse2 -mno-sse3 -ffreestanding -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -c nvidia_ctl.c cc1: error: unrecognized command line option -Wno-pointer-sign *** Error code 1 ^^^ Dan, -Wno-pointer-sign is not the command line option of gcc-3.4.*, but of gcc-4.*. Interestingly, this will probably work (without deleting what is already built): # cd /usr/ports/x11/nvidia-driver/work/NVIDIA-FreeBSD-x86-100.14.11/src # make # cd /usr/ports/x11/nvidia-driver # make install Nikola Lečić ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nvidia driver blues
On Sat, 25 Aug 2007 16:55:32 -0400 dan sikorsky [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] /usr/ports/x11/nvidia-driver]# make install === Building for nvidia-driver-100.14.11 === src (all) cc -O2 -fno-strict-aliasing -pipe -DNV_VERSION_STRING=\100.14.11\ [...] And: is this the full output or you cut some lines before first cc? Nikola Lečić ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix/SpamAssassin Guru?
On Aug 24, 2007, at 11:26 PMAug 24, 2007, Noel Jones wrote: [snip] an easier way is to run spamassassin under the control of amavisd-new and let amavisd-new add address extensions such as user+spam and to let dovecot file the mail in a spam folder. Noel, Are you saying I just need amavisd-new installed and properly configured? Is there something I need to tell dovecot? A bit more information in regards to where I can look for documentation would be appreciated! - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to block 200K ip addresses?
In the last episode (Aug 26), Aminuddin said: From: Dan Nelson In the last episode (Aug 26), Aminuddin said: How do you block this large range of ip addresses from different subnet? IPFW only allows 65536 rules while this will probably use up a few hundred thousands of lines. I'm also trying to add this into my proxy configuration file, ss5.conf but it doesn't allow me to add this large number. IS this the limitation of IPF or FreeBSD? How do I work around this? Even though there are 65536 rule numbers, each number can actually have any amount of rules assigned to it. What you're probably looking for, though, is ipfw's table keyword, which uses the same radix tree lookup format as the kernel's routing tables, so it scales well to large amounts of sparse addresses. man ipfw, search for lookup tables. I intend to create a ruleset file consisting of this statement: Ruleset add 2300 skipto 2301 ip from 0.0.0.0/6 to any add 2400 skipto 2401 ip from any to 0.0.0.0/6 add 2300 skipto 2302 ip from 4.0.0.0/6 to any add 2400 skipto 2402 ip from any to 4.0.0.0/6 [...] add 2300 skipto 2363 ip from 248.0.0.0/6 to any add 2400 skipto 2463 ip from any to 248.0.0.0/6 add 2300 skipto 2364 ip from 252.0.0.0/6 to any add 2400 skipto 2464 ip from any to 252.0.0.0/6 add 2301 deny ip from 3.0.0.0/8 to any add 2401 reject ip from any to 3.0.0.0/8 add 2302 deny ip from 4.0.25.146/31 to any add 2402 reject ip from any to 4.0.25.146/31 [...] add 2302 deny ip from 4.18.37.16/28 to any add 2402 reject ip from any to 4.18.37.16/28 add 2302 deny ip from 4.18.37.128/25 to any add 2402 reject ip from any to 4.18.37.128/25 end ruleset Will the above rules block me from ssh into my remote server if the ip addresses of my local pc (dynamic ip) not within any of the above rules ip range as well as block my snmpd services? Yes; it's a little convoluted but should work. You want to drop incoming packets from the listed IP ranges, and return a host unreachable to internal machines sending outgoing packets to the listed IP ranges? Wouldn't it be easier to use ipfw's table feature and have something like this: add table 1 3.0.0.0/8 add table 1 4.0.25.146/31 add table 1 4.0.25.148/32 [...] add table 1 4.18.37.16/28 add table 1 4.18.37.128/25 add 2300 deny ip from table 1 to any add 2400 reject ip from any to table 1 That way you only have two ipfw rules, both of which use a single table lookup. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: TCP packets don't flow from external hosts to WinVista clients behind
On 8/26/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hello... I've got a strange trouble... FreeBSD 6.2 amd64 as nat-router: rl0 85.249.249.249 - ISP fxp0 10.0.0.1 - My Internal Net natd/ng_nat ipfw: allow all from any to any WinXP client machines work fine behind nat, but WinVista, FreeBSD (5.5/6.2) clients don't. It's very strange but it's unable to establish any TCP internet connection from non WinXP host. ICMP and UDP packets flows normally. For example, I can ping host ya.ru, get DNS-reply from internet servers, play games via UDP, but i can't view web pages, open shh session and just can't telnet to any port Traffic from/to my net is not filtering by firewalls at all. I've tested it with natd ang ng_nat - there's no difference! I've tried to solve this problem during last week =( Unfortunately, i can't. Now i'm going to try using pf or ipfilter instead of ipfw or ever reinstall server OS and may be change freebsd architecture to i386. Any ideas ? Could be TCP window scaling. See http://en.wikipedia.org/wiki/TCP_window_scale_option Or the plain old PMTUD problem described in http://www.cisco.com/en/US/tech/tk870/tk877/tk880/technologies_tech_note09186a008011a218.shtml#backinfo =Adriaan= ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
The FreeBSD Diary: 2007-08-05 - 2007-08-25
The FreeBSD Diary contains a large number of practical examples and how-to guides. This message is posted weekly to freebsd-questions@freebsd.org with the aim of letting people know what's available on the website. Before you post a question here it might be a good idea to first search the mailing list archives http://www.freebsd.org/search/search.html#mailinglists and/or The FreeBSD Diary http://www.freebsddiary.org/. These are the articles posted during this period: 6-Aug : IBM ThinkPad T41: Upgrading RAM and HDD - pictures Pictures now! http://freebsddiary.org/ibm-thinkpad-t41-hardware-upgrades-pics.php?2 -- Dan Langille BSDCan - http://www.BSDCan.org/ - BSD Conference ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: How to block 200K ip addresses?
My complete list has about 300K of lines. It takes about a few hours just to load the rules. Will it be faster to load using the table? -Original Message- From: Dan Nelson [mailto:[EMAIL PROTECTED] Sent: Sunday, August 26, 2007 9:37 AM To: Aminuddin Cc: freebsd-questions@freebsd.org Subject: Re: How to block 200K ip addresses? In the last episode (Aug 26), Aminuddin said: From: Dan Nelson In the last episode (Aug 26), Aminuddin said: How do you block this large range of ip addresses from different subnet? IPFW only allows 65536 rules while this will probably use up a few hundred thousands of lines. I'm also trying to add this into my proxy configuration file, ss5.conf but it doesn't allow me to add this large number. IS this the limitation of IPF or FreeBSD? How do I work around this? Even though there are 65536 rule numbers, each number can actually have any amount of rules assigned to it. What you're probably looking for, though, is ipfw's table keyword, which uses the same radix tree lookup format as the kernel's routing tables, so it scales well to large amounts of sparse addresses. man ipfw, search for lookup tables. I intend to create a ruleset file consisting of this statement: Ruleset add 2300 skipto 2301 ip from 0.0.0.0/6 to any add 2400 skipto 2401 ip from any to 0.0.0.0/6 add 2300 skipto 2302 ip from 4.0.0.0/6 to any add 2400 skipto 2402 ip from any to 4.0.0.0/6 [...] add 2300 skipto 2363 ip from 248.0.0.0/6 to any add 2400 skipto 2463 ip from any to 248.0.0.0/6 add 2300 skipto 2364 ip from 252.0.0.0/6 to any add 2400 skipto 2464 ip from any to 252.0.0.0/6 add 2301 deny ip from 3.0.0.0/8 to any add 2401 reject ip from any to 3.0.0.0/8 add 2302 deny ip from 4.0.25.146/31 to any add 2402 reject ip from any to 4.0.25.146/31 [...] add 2302 deny ip from 4.18.37.16/28 to any add 2402 reject ip from any to 4.18.37.16/28 add 2302 deny ip from 4.18.37.128/25 to any add 2402 reject ip from any to 4.18.37.128/25 end ruleset Will the above rules block me from ssh into my remote server if the ip addresses of my local pc (dynamic ip) not within any of the above rules ip range as well as block my snmpd services? Yes; it's a little convoluted but should work. You want to drop incoming packets from the listed IP ranges, and return a host unreachable to internal machines sending outgoing packets to the listed IP ranges? Wouldn't it be easier to use ipfw's table feature and have something like this: add table 1 3.0.0.0/8 add table 1 4.0.25.146/31 add table 1 4.0.25.148/32 [...] add table 1 4.18.37.16/28 add table 1 4.18.37.128/25 add 2300 deny ip from table 1 to any add 2400 reject ip from any to table 1 That way you only have two ipfw rules, both of which use a single table lookup. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
I need sound card recommendation
Dear ALL, After reading 120 pages of Open Sound System manual (the one compiled from ports) and playing with my audio card for almost a week. I came to a conclusion that my present audio card Audiology SE is not fully supported (duplex mode) even with the OSS compiled from ports. (Or I am just dumb to set it properly). Hence, I can not use VoIP which is really important to me. So I would like to get a recommendation for a sound card. In particular, I would like to get a recommendation from people running fully functional VoIP (Skype or SIP) using the sound cards fully recognized by FreeBSD available drivers (I do not want to mess any more with OSS from ports). The easiest thing for me would be to buy probably Sound Blaster Live ($30) but I over heard that Creative has change the chip set and that the kernel has troubles with new chip even without duplex mode. I hope that this is a wrong information. If you are using VoIP would you be so kind to tell me your audio card, the driver you use and possibly set up (at least if you are using 6.2 Stable or 7.0 Current and if you are using generic kernel and loading drivers, or what kind of custom kernel should I built) Thanks a lot Predrag ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
