smtp pull
Hi, Looking for some thoughts on the following scenario. firewall smtp2 | | smtp1 smtp1 is on the DMZ. So smtp1 is the first point of call for incoming mail. Mail ultimately has to end up on smtp2 however I do not want smtp1 to simply forward the mail to smtp2 as I'll have to explicitly allow the setup of port 25 through the firewall to smtp2. I would like smtp2 to connect to smtp1 and pull back the mail so that it's smtp2 that initiating an outgoing connection to smtp1. Is there any smtp type approach I can use? Obviously I can make smtp1 drop the mail in a mailbox on smtp1 and then get smtp2 to imap or pop the mail out however I'm looking for something that's fast and pop doesn't really excite me.. Anyone have any other thoughts? Thanks, ajt. -- Andrew Thomson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipsec vpn mtu problem
I have a problem with a freebsd lan to lan IPSEC vpn. Specifically seems to be an mtu related problem. Previously I have set these up and they have run perfectly between freebsd firewalls acting as the vpn terminator. The latest site that I'm trying to connect to has a basic internet connection. Although it is a business ethernet connection, it's looking similar to a PPPoE link that I have at home! Anyway, in order to get a reliable internet connection, the MTU on the public interface had to be dropped to 1492. Once down, the internet worked a treat. Lan to lan VPN config was done with setkey and racoon, up and running very quickly. However when we try to move data across this link, it gets a bit done and then conks out. scp rt-3.2.2.tar.gz [EMAIL PROTECTED]: [EMAIL PROTECTED]'s password: rt-3.2.2.tar.gz11% 144KB 36.7KB/s - stalled - All my other VPNs work perfectly however none of them required the MTU change. This is the first one that required an MTU change and the first one that doesn't seem to be able to handle anything more than a ping. One side is running 4.3-RELEASE-p28, the other is running 5.3-STABLE. The 5.3 box is the one that has the dodge internet link requiring the MTU change. Any thoughts would be much appreciated. ajt. -- Andrew Thomson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd 5.2.1 and exim 4.30 problems
I have a bit of strange problem and I'm nearly at my witts end as to what the cause of the problem is. Basically I installed a 5.2-RELEASE box and setup my new mailserver. Then used portupgrade to upgrade any newer versions of software installed. I then cvsup'ed to 5.2.1-p4 and now things aren't working too well. mx2# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 mx2 ESMTP Exim 4.30 Wed, 31 Mar 2004 14:27:14 +1000 421 mx2 lost input connection Connection closed by foreign host. I always get this connection closed business before I can send any commands through! The problem is that everything works on my desktop, which is a 5.2.1-p4/exim 4.30 combo - thus proving everything should work fine. The only real differences I guess are in the hardware. The new mailserver is an SMP box whilst my box is just a standard desktop. I've tried the following to no avail: * portupgrade -Rf exim * make kernel (use GENERIC) * make kernel (use GENERIC but no smp) * build/installworld then portupgrade -Rf exim Everything was working fine but now it's pooched! I'm not sure what to try next as I had this box all setup ready to be dropped into production and then this issue arose! Every other part of the box works fine - ssh, courier-imap, ldap etc etc.. But not being able to receive mail is quite a fundamental problem! Any thoughts on what to try next would be appreciated. System rebuild isn't high on the agenda!! ;) Thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd 5.2.1 and exim 4.30 problems
On Wed, 2004-03-31 at 14:38, Andrew Thomson wrote: I have a bit of strange problem and I'm nearly at my witts end as to what the cause of the problem is. Basically I installed a 5.2-RELEASE box and setup my new mailserver. Then used portupgrade to upgrade any newer versions of software installed. I then cvsup'ed to 5.2.1-p4 and now things aren't working too well. mx2# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 mx2 ESMTP Exim 4.30 Wed, 31 Mar 2004 14:27:14 +1000 421 mx2 lost input connection Connection closed by foreign host. I always get this connection closed business before I can send any commands through! The problem is that everything works on my desktop, which is a 5.2.1-p4/exim 4.30 combo - thus proving everything should work fine. The only real differences I guess are in the hardware. The new mailserver is an SMP box whilst my box is just a standard desktop. I've tried the following to no avail: * portupgrade -Rf exim * make kernel (use GENERIC) * make kernel (use GENERIC but no smp) * build/installworld then portupgrade -Rf exim Everything was working fine but now it's pooched! I'm not sure what to try next as I had this box all setup ready to be dropped into production and then this issue arose! Every other part of the box works fine - ssh, courier-imap, ldap etc etc.. But not being able to receive mail is quite a fundamental problem! Any thoughts on what to try next would be appreciated. System rebuild isn't high on the agenda!! ;) Something else I've noted. On my desktop where it works: 1011# ps auxwww | grep exim mailnull 99630 0.0 0.8 5284 2144 ?? Ss3:21PM 0:00.00 /usr/local/sbin/exim -bd -q30m (exim-4.30-2) And on the new mailserver: mx2# ps auxwww | grep exim mailnull 766 0.0 0.2 5844 3180 ?? Ss3:26PM 0:00.00 /usr/local/sbin/exim -bd -q30m (exim-4.30-2) root 767 0.0 0.1 5836 3124 ?? S 3:26PM 0:00.02 /usr/local/sbin/exim -q (exim-4.30-2) root 768 0.0 0.2 5896 3216 ?? S 3:26PM 0:00.00 /usr/local/sbin/exim -q (exim-4.30-2) mailnull 0 0.0 0.0 00 ?? ZW - 0:00.00 (exim-4.30-2) This is after and /etc/rc.d/exim start. No exim processes were running before the exim start. Interesting? ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd 5.2.1 and exim 4.30 problems
On Wed, 2004-03-31 at 15:24, Andrew Thomson wrote: On Wed, 2004-03-31 at 14:38, Andrew Thomson wrote: I have a bit of strange problem and I'm nearly at my witts end as to what the cause of the problem is. Basically I installed a 5.2-RELEASE box and setup my new mailserver. Then used portupgrade to upgrade any newer versions of software installed. I then cvsup'ed to 5.2.1-p4 and now things aren't working too well. mx2# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 mx2 ESMTP Exim 4.30 Wed, 31 Mar 2004 14:27:14 +1000 421 mx2 lost input connection Connection closed by foreign host. I always get this connection closed business before I can send any commands through! The problem is that everything works on my desktop, which is a 5.2.1-p4/exim 4.30 combo - thus proving everything should work fine. The only real differences I guess are in the hardware. The new mailserver is an SMP box whilst my box is just a standard desktop. I've tried the following to no avail: * portupgrade -Rf exim * make kernel (use GENERIC) * make kernel (use GENERIC but no smp) * build/installworld then portupgrade -Rf exim Everything was working fine but now it's pooched! I'm not sure what to try next as I had this box all setup ready to be dropped into production and then this issue arose! Every other part of the box works fine - ssh, courier-imap, ldap etc etc.. But not being able to receive mail is quite a fundamental problem! Any thoughts on what to try next would be appreciated. System rebuild isn't high on the agenda!! ;) Something else I've noted. On my desktop where it works: 1011# ps auxwww | grep exim mailnull 99630 0.0 0.8 5284 2144 ?? Ss3:21PM 0:00.00 /usr/local/sbin/exim -bd -q30m (exim-4.30-2) And on the new mailserver: mx2# ps auxwww | grep exim mailnull 766 0.0 0.2 5844 3180 ?? Ss3:26PM 0:00.00 /usr/local/sbin/exim -bd -q30m (exim-4.30-2) root 767 0.0 0.1 5836 3124 ?? S 3:26PM 0:00.02 /usr/local/sbin/exim -q (exim-4.30-2) root 768 0.0 0.2 5896 3216 ?? S 3:26PM 0:00.00 /usr/local/sbin/exim -q (exim-4.30-2) mailnull 0 0.0 0.0 00 ?? ZW - 0:00.00 (exim-4.30-2) This is after and /etc/rc.d/exim start. No exim processes were running before the exim start. Interesting? ajt. And another point of interest, mx2# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 mx2.au.itouchnet.net ESMTP Sendmail 8.12.10/8.12.10; Wed, 31 Mar 2004 16:01:19 +1000 (EST) mail from: [EMAIL PROTECTED] 250 2.1.0 [EMAIL PROTECTED] Sender ok So sendmail works ok... Velly interesting! ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd 5.2.1 and exim 4.30 problems
On Wed, 2004-03-31 at 15:59, Andrew Thomson wrote: On Wed, 2004-03-31 at 15:24, Andrew Thomson wrote: On Wed, 2004-03-31 at 14:38, Andrew Thomson wrote: I have a bit of strange problem and I'm nearly at my witts end as to what the cause of the problem is. Basically I installed a 5.2-RELEASE box and setup my new mailserver. Then used portupgrade to upgrade any newer versions of software installed. I then cvsup'ed to 5.2.1-p4 and now things aren't working too well. mx2# telnet 0 25 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. 220 mx2 ESMTP Exim 4.30 Wed, 31 Mar 2004 14:27:14 +1000 421 mx2 lost input connection Connection closed by foreign host. I always get this connection closed business before I can send any commands through! The problem is that everything works on my desktop, which is a 5.2.1-p4/exim 4.30 combo - thus proving everything should work fine. Well, we're getting closer!! The problem is reproduceable. Install exim-ldap2-4.30_2 on freebsd 5.2.1 This will obviously install openldap-client-2.1.28_1 if your ports are up to date! Then start exim and try a telnet on port 25.. I noticed some interesting commits on the openldap21-server however potentially someone more knowledgeable may have some thoughts on this matter! Regards, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
grep: writing output: Broken pipe
I've done a bit of search and couldn't find much on this. However when I build some ports, I often get the following: === gdm2-2.6.0.0 depends on shared library: X11.6grep: writing output: Broken pipe - found === gdm2-2.6.0.0 depends on shared library: esd.2 - found === gdm2-2.6.0.0 depends on shared library: glib-2.0.400 - found === gdm2-2.6.0.0 depends on shared library: atk-1.0.600grep: writing output: Broken pipe - found === gdm2-2.6.0.0 depends on shared library: pango-1.0.399grep: writing output: Broken pipe All this broken pipe business... I'm guessing it can't be doing good things.. This is on 5.2.1-p3 box... Any thoughts? ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dual channel raid array setup
not really a freebsd question as such, however i will be running freebsd on the box! just curious as to what people think is the most efficient use of a dual channel raid controller. Say I have 10 disks which will make up 2 raid5 arrays. Do I put one raid5 array on one channel and the other raid5 array on the other channel? Or do I mix it up and put 3 disks of one raid5 array on one channel, the other 2 on the other channel, and then the reverse for the second raid5 array. Just curious what people think will achieve the best performance. regards, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipsec changes in 5.2
Can't quite access my laptop from work so I've replicated the scenario here at work on my 5.2 desktop. My host: 192.168.13.202 Firewall: 192.168.13.1 Just recompiled kernel with IPSEC options and installed racoon. Install the following as per previous setup: spdadd 192.168.13.202/32 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.13.202-192.168.13.1/require; spdadd 0.0.0.0/0 192.168.13.202/32 any -P in ipsec esp/tunnel/192.168.13.1-192.168.13.202/require; Have an all.log tail and a tcpdump on xl0 listening for my ip or the firewall ip. I then try a single ping to the firewall. ping -c 1 192.168.13.1 PING 192.168.13.1 (192.168.13.1): 56 data bytes 64 bytes from 192.168.13.1: icmp_seq=0 ttl=64 time=0.373 ms --- 192.168.13.1 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.373/0.373/0.373/0.000 ms [EMAIL PROTECTED]:~ ping -c 1 192.168.13.1 PING 192.168.13.1 (192.168.13.1): 56 data bytes --- 192.168.13.1 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss all.log Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:1682:isakmp_post_acquire(): IPsec-SA request for 192.168.13.1 queued due to no phase1 found. Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:796:isakmp_ph1begin_i(): initiate new phase 1 negotiation: 192.168.13.202[500]=192.168.13.1[500] Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:801:isakmp_ph1begin_i(): begin Aggressive mode. Jan 21 15:56:51 1011 racoon: ERROR: isakmp.c:1774:isakmp_chkph1there(): phase2 negotiation failed due to time up waiting for phase1. ESP 192.168.13.1-192.168.13.202 Jan 21 15:56:51 1011 racoon: INFO: isakmp.c:1779:isakmp_chkph1there(): delete phase 2 handler. Jan 21 15:57:00 1011 racoon: INFO: isakmp.c:1701:isakmp_post_acquire(): request for establishing IPsec-SA was queued due to no phase1 found. Jan 21 15:57:32 1011 racoon: ERROR: isakmp.c:1774:isakmp_chkph1there(): phase2 negotiation failed due to time up waiting for phase1. ESP 192.168.13.1-192.168.13.202 However as soon as I setkey -FP and try the ping again... It works.. and it's only once SPD entries are cleared that I see anything on xl0 - previously with the SPD in place there was nothing. Especially the udp 500 communication that is obviously essential to setting up the VPN appears..! Any tips appreciated... Again this worked between a 5.0 - 4.9p1 host setup. thanks, ajt. On Wed, 2004-01-21 at 14:38, Kris Kennaway wrote: On Tue, Jan 20, 2004 at 10:29:51AM +1100, Andrew Thomson wrote: I'm really more interested in changes wrt ipsec since 5.0! ;) I just upgraded my laptop from 5.0 to 5.2 the other day and now my IPSEC VPN doesn't work. I run a VPN over my wireless adhoc network at home. There are just two hosts on the network, the firewall and the laptop. The firewall is running Freebsd 4.8. When my laptop was on 5.0 the following setup worked a treat. However since the upgrade, the VPN has stopped working. Is anything logged by the kernel? What does tcpdump show happening on the wire? Kris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipsec changes in 5.2
At the same time, I do see what I'm asking is a bit of a chicken and an egg scenario.. spdadd 192.168.13.202/32 0.0.0.0/0 any -P out ipsec I'm asking for encryption from my laptop to anywhere.. however I'm also asking it to establish encryption with another host which technically it needs to talk to unencrypted. This must be where things are getting hung up. ajt. On Wed, 2004-01-21 at 16:04, Andrew Thomson wrote: Can't quite access my laptop from work so I've replicated the scenario here at work on my 5.2 desktop. My host: 192.168.13.202 Firewall: 192.168.13.1 Just recompiled kernel with IPSEC options and installed racoon. Install the following as per previous setup: spdadd 192.168.13.202/32 0.0.0.0/0 any -P out ipsec esp/tunnel/192.168.13.202-192.168.13.1/require; spdadd 0.0.0.0/0 192.168.13.202/32 any -P in ipsec esp/tunnel/192.168.13.1-192.168.13.202/require; Have an all.log tail and a tcpdump on xl0 listening for my ip or the firewall ip. I then try a single ping to the firewall. ping -c 1 192.168.13.1 PING 192.168.13.1 (192.168.13.1): 56 data bytes 64 bytes from 192.168.13.1: icmp_seq=0 ttl=64 time=0.373 ms --- 192.168.13.1 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.373/0.373/0.373/0.000 ms [EMAIL PROTECTED]:~ ping -c 1 192.168.13.1 PING 192.168.13.1 (192.168.13.1): 56 data bytes --- 192.168.13.1 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss all.log Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:1682:isakmp_post_acquire(): IPsec-SA request for 192.168.13.1 queued due to no phase1 found. Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:796:isakmp_ph1begin_i(): initiate new phase 1 negotiation: 192.168.13.202[500]=192.168.13.1[500] Jan 21 15:56:20 1011 racoon: INFO: isakmp.c:801:isakmp_ph1begin_i(): begin Aggressive mode. Jan 21 15:56:51 1011 racoon: ERROR: isakmp.c:1774:isakmp_chkph1there(): phase2 negotiation failed due to time up waiting for phase1. ESP 192.168.13.1-192.168.13.202 Jan 21 15:56:51 1011 racoon: INFO: isakmp.c:1779:isakmp_chkph1there(): delete phase 2 handler. Jan 21 15:57:00 1011 racoon: INFO: isakmp.c:1701:isakmp_post_acquire(): request for establishing IPsec-SA was queued due to no phase1 found. Jan 21 15:57:32 1011 racoon: ERROR: isakmp.c:1774:isakmp_chkph1there(): phase2 negotiation failed due to time up waiting for phase1. ESP 192.168.13.1-192.168.13.202 However as soon as I setkey -FP and try the ping again... It works.. and it's only once SPD entries are cleared that I see anything on xl0 - previously with the SPD in place there was nothing. Especially the udp 500 communication that is obviously essential to setting up the VPN appears..! Any tips appreciated... Again this worked between a 5.0 - 4.9p1 host setup. thanks, ajt. On Wed, 2004-01-21 at 14:38, Kris Kennaway wrote: On Tue, Jan 20, 2004 at 10:29:51AM +1100, Andrew Thomson wrote: I'm really more interested in changes wrt ipsec since 5.0! ;) I just upgraded my laptop from 5.0 to 5.2 the other day and now my IPSEC VPN doesn't work. I run a VPN over my wireless adhoc network at home. There are just two hosts on the network, the firewall and the laptop. The firewall is running Freebsd 4.8. When my laptop was on 5.0 the following setup worked a treat. However since the upgrade, the VPN has stopped working. Is anything logged by the kernel? What does tcpdump show happening on the wire? Kris ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipsec changes in 5.2
I'm really more interested in changes wrt ipsec since 5.0! ;) I just upgraded my laptop from 5.0 to 5.2 the other day and now my IPSEC VPN doesn't work. I run a VPN over my wireless adhoc network at home. There are just two hosts on the network, the firewall and the laptop. The firewall is running Freebsd 4.8. When my laptop was on 5.0 the following setup worked a treat. However since the upgrade, the VPN has stopped working. Below are the setkey entries I was using to get the job done. spdadd 192.168.14.2/32 0.0.0.0/0 any -P in ipsec esp/tunnel/192.168.14.2-192.168.14.1/require; spdadd 0.0.0.0/0 192.168.14.2/32 any -P out ipsec esp/tunnel/192.168.14.1-192.168.14.2/require; And racoon for the key exchange. Any tips? ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cdrecord problems
Just trying to write a cd under 5.2 but am having some issues. Relevant output below. Thoughts? 1,0,0 100) 'LG ' 'CD-ROM CRD-8400B' '1.04' Removable CD-ROM 1,1,0 101) 'CREATIVE' 'CD-RW RW1210E ' 'LCS6' Removable CD-ROM # cdrecord -v -eject dev=1,1,0 5.2-RELEASE-i386-miniinst.iso Cdrecord 2.00.3 (i386-unknown-freebsd5.2) Copyright (C) 1995-2002 J\xf6rg Schill ing TOC Type: 1 = CD-ROM scsidev: '1,1,0' scsibus: 1 target: 1 lun: 0 Using libscg version 'schily-0.7' atapi: 0 Device type: Removable CD-ROM Version: 0 Response Format: 1 Vendor_info: 'CREATIVE' Identifikation : 'CD-RW RW1210E ' Revision : 'LCS6' Device seems to be: Generic mmc CD-RW. Using generic SCSI-3/mmc CD-R driver (mmc_cdr). Driver flags : MMC SWABAUDIO BURNFREE Supported modes: TAO PACKET SAO SAO/R96P SAO/R96R RAW/R96P RAW/R96R Drive buf size : 1658880 = 1620 KB FIFO size : 4194304 = 4096 KB Track 01: data 236 MB Total size: 271 MB (26:55.60) = 121170 sectors Lout start: 272 MB (26:57/45) = 121170 sectors Current Secsize: 2048 ATIP info from disk: Indicated writing power: 4 Is not unrestricted Is not erasable Disk sub type: Medium Type A, high Beta category (A+) (3) ATIP start of lead in: -11077 (97:34/23) ATIP start of lead out: 359848 (79:59/73) Disk type:Long strategy type (Cyanine, AZO or similar) Manuf. index: 11 Manufacturer: Mitsubishi Chemical Corporation Blocks total: 359848 Blocks current: 359848 Blocks remaining: 238678 Starting to write CD/DVD at speed 12 in real TAO mode for single session. Last chance to quit, starting real write0 seconds. Operation starts. Waiting for reader process to fill input buffer ... input buffer ready. BURN-Free is OFF. Performing OPC... cdrecord: Input/output error. send opc: scsi sendcmd: retryable error CDB: 54 01 00 00 00 00 00 00 00 00 status: 0x2 (CHECK CONDITION) Sense Bytes: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0 0 00 00 00 00 00 00 00 00 00 Sense Key: 0x [], Segment 0 Sense Code: 0x00 Qual 0x00 (no additional sense information) Fru 0x0 Sense flags: Blk 0 (not valid) cmd finished after 0.000s timeout 60s cdrecord: OPC failed. Writing time:4.456s cdrecord: fifo had 64 puts and 0 gets. cdrecord: fifo was 0 times empty and 0 times full, min fill was 100%. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd 5.2 rc2 and grip issues
Historically grip has always worked quite well for me.. However just trying to use it on my 5.2 box and it's not working too well. Basically it rips the cd in about 5 seconds, and then encodes some mini me mp3's. If I ask grip just to rip the CD, then it takes about the same time but no wav's are generated. Example: -rw-r--r-- 1 ajt users 128 Jan 7 13:47 Massive Attack - Protection.mp3 And some more information about my setup: uid=1001(ajt) gid=1001(users) groups=1001(users), 0(wheel), 5(operator) crw-rw 1 root operator4, 12 Jan 7 12:36 acd0 crw-rw 1 root operator4, 13 Jan 7 12:36 acd1 I tried changed the permissions on the operator group to rw instead of the default r.. just in case.. acd0: CDROM CRD-8400B at ata1-master PIO4 acd1: CDRW CREATIVE CD-RW RW1210E at ata1-slave PIO4 I've tried both my cd drives and they both do the same thing... Currently grip is configured to use the specific cdrom device. I have also tried using a cdrom symlink in dev and pointing to that.. grip-3.1.4 5.2-RC FreeBSD 5.2-RC #0: Wed Dec 31 09:14:18 EST 2003 I'm just not sure what's wrong here.. Anyone using grip on a 5.2RC2 box?? Thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd 5.2 rc2 and grip issues
Also just tried what was in the handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/sound-mp3.html cdda2wav -D /dev/acd0 cdda2wav: Invalid argument. Open by 'devname' not supported on this OS. Cannot open SCSI driver. open(/dev/acd0) in file interface.c, line 532 On Wed, 2004-01-07 at 14:04, Andrew Thomson wrote: Historically grip has always worked quite well for me.. However just trying to use it on my 5.2 box and it's not working too well. Basically it rips the cd in about 5 seconds, and then encodes some mini me mp3's. If I ask grip just to rip the CD, then it takes about the same time but no wav's are generated. Example: -rw-r--r-- 1 ajt users 128 Jan 7 13:47 Massive Attack - Protection.mp3 And some more information about my setup: uid=1001(ajt) gid=1001(users) groups=1001(users), 0(wheel), 5(operator) crw-rw 1 root operator4, 12 Jan 7 12:36 acd0 crw-rw 1 root operator4, 13 Jan 7 12:36 acd1 I tried changed the permissions on the operator group to rw instead of the default r.. just in case.. acd0: CDROM CRD-8400B at ata1-master PIO4 acd1: CDRW CREATIVE CD-RW RW1210E at ata1-slave PIO4 I've tried both my cd drives and they both do the same thing... Currently grip is configured to use the specific cdrom device. I have also tried using a cdrom symlink in dev and pointing to that.. grip-3.1.4 5.2-RC FreeBSD 5.2-RC #0: Wed Dec 31 09:14:18 EST 2003 I'm just not sure what's wrong here.. Anyone using grip on a 5.2RC2 box?? Thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd 5.2 rc2 and grip issues
I also just recompiled with atapicam et al.. Now I can do the following: cdda2wav -D 1,0,0 -B Type: ROM, Vendor 'LG ' Model 'CD-ROM CRD-8400B' Revision '1.04' MMC+CDDA 266240 bytes buffer memory requested, 4 buffers, 27 sectors Which works.. however it is terribly slow compared to when I could just hook up to /dev/acd0 ajt. On Wed, 2004-01-07 at 14:57, Andrew Thomson wrote: Also just tried what was in the handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/sound-mp3.html cdda2wav -D /dev/acd0 cdda2wav: Invalid argument. Open by 'devname' not supported on this OS. Cannot open SCSI driver. open(/dev/acd0) in file interface.c, line 532 On Wed, 2004-01-07 at 14:04, Andrew Thomson wrote: Historically grip has always worked quite well for me.. However just trying to use it on my 5.2 box and it's not working too well. Basically it rips the cd in about 5 seconds, and then encodes some mini me mp3's. If I ask grip just to rip the CD, then it takes about the same time but no wav's are generated. Example: -rw-r--r-- 1 ajt users 128 Jan 7 13:47 Massive Attack - Protection.mp3 And some more information about my setup: uid=1001(ajt) gid=1001(users) groups=1001(users), 0(wheel), 5(operator) crw-rw 1 root operator4, 12 Jan 7 12:36 acd0 crw-rw 1 root operator4, 13 Jan 7 12:36 acd1 I tried changed the permissions on the operator group to rw instead of the default r.. just in case.. acd0: CDROM CRD-8400B at ata1-master PIO4 acd1: CDRW CREATIVE CD-RW RW1210E at ata1-slave PIO4 I've tried both my cd drives and they both do the same thing... Currently grip is configured to use the specific cdrom device. I have also tried using a cdrom symlink in dev and pointing to that.. grip-3.1.4 5.2-RC FreeBSD 5.2-RC #0: Wed Dec 31 09:14:18 EST 2003 I'm just not sure what's wrong here.. Anyone using grip on a 5.2RC2 box?? Thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
port failures
I've seen a couple of port failures.. I'm all cvsup'ed and have been trying daily the passed couple of days.. I've tried removing the distfiles frequently too.. Anyone else? ajt. 1011# make install clean Imlib2-Perl-1.0.0.tar.gz doesn't seem to exist in /usr/ports/distfiles/. Attempting to fetch from http://www.muhri.net/. Receiving Imlib2-Perl-1.0.0.tar.gz (32611 bytes): 100% 32611 bytes transferred in 0.0 seconds (6.35 MBps) === Extracting for p5-Imlib2-1.0.0 Checksum mismatch for Imlib2-Perl-1.0.0.tar.gz. === Refetch for 1 more times files: Imlib2-Perl-1.0.0.tar.gz Imlib2-Perl-1.0.0.tar.gz doesn't seem to exist in /usr/ports/distfiles/. Attempting to fetch from http://www.muhri.net/. Checksum mismatch for Imlib2-Perl-1.0.0.tar.gz. === Giving up on fetching files: Imlib2-Perl-1.0.0.tar.gz Make sure the Makefile and distinfo file (/usr/ports/graphics/p5-Imlib2/distinfo) are up to date. If you are absolutely sure you want to override this check, type make NO_CHECKSUM=yes [other args]. *** Error code 1 Stop in /usr/ports/graphics/p5-Imlib2. *** Error code 1 Stop in /usr/ports/graphics/p5-Imlib2. 1011# cd /usr/ports/x11/eterm/ 1011# rm /usr/ports/distfiles/Eterm-0.9.2.tar.gz 1011# make install clean Eterm-0.9.2.tar.gz doesn't seem to exist in /usr/ports/distfiles/. Attempting to fetch from http://www.eterm.org/download/. Receiving Eterm-0.9.2.tar.gz (698262 bytes): 100% 698262 bytes transferred in 0.1 seconds (8.26 MBps) === Extracting for eterm-0.9.2 Checksum mismatch for Eterm-0.9.2.tar.gz. === Refetch for 1 more times files: Eterm-0.9.2.tar.gz Eterm-0.9.2.tar.gz doesn't seem to exist in /usr/ports/distfiles/. Attempting to fetch from http://www.eterm.org/download/. Checksum mismatch for Eterm-0.9.2.tar.gz. === Giving up on fetching files: Eterm-0.9.2.tar.gz Make sure the Makefile and distinfo file (/usr/ports/x11/eterm/distinfo) are up to date. If you are absolutely sure you want to override this check, type make NO_CHECKSUM=yes [other args]. *** Error code 1 Stop in /usr/ports/x11/eterm. *** Error code 1 Stop in /usr/ports/x11/eterm. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: socket: no buffer space available
Just for the record, I fixed this problem by recompiling my kernel with MAXUSERS 512 :) ajt. On Mon, 2003-12-15 at 16:15, Andrew Thomson wrote: I've got a perl script doing some p5-sybase stuff for me.. However after a while, it fails with the following error message: ..socket: No buffer space available... I've seen other reports from other uses getting this problem however no clear responses on a fix. This script used to work find on my 5.0-RELEASE box now I'm trying it on a 5.1-RELEASE box. I admit the new box is a lower spec - less cpu and less memory - so that may affect some of the default sysctl values??? I've tried tweaking a couple of sysctl entries however nothing has gotten me over this hurdle. Below are some relevant(??) sysctls. kern.ipc.maxsockbuf: 1048576 kern.ipc.sockbuf_waste_factor: 8 kern.ipc.nmbufs: 17920 kern.ipc.nsfbufs: 2496 kern.ipc.mbuf_wait: 64 kern.ipc.mbuf_hiwm: 512 kern.ipc.mbuf_lowm: 128 kern.ipc.numopensockets: 94 kern.ipc.maxsockets: 4008 Any suggested tweaks appreciated. Regards, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/dev/dsp disappearing
anyone else noticed /dev/dsp just disappearing.. i switched to esound in an effort to alleviate this problem.. however it still pops up after a number of days of uptime.. only cured by reboot. High Performance MPEG 1.0/2.0/2.5 Audio Player for Layer 1, 2 and 3. Version 0.59r (1999/Jun/15). Written and copyrights by Michael Hipp. Uses code from various people. See 'README' for more! THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTY! USE AT YOUR OWN RISK! /dev/dsp: No such file or directory /dev/dsp: No such file or directory /dev/dsp: No such file or directory audio: No such file or directory [EMAIL PROTECTED]:~/mp3 ps auxww | grep esd ajt 44318 0.0 0.2 1352 748 p0 S+ 11:30PM 0:00.00 grep esd [EMAIL PROTECTED]:~/mp3 esd /dev/dsp: No such file or directory [EMAIL PROTECTED]:31:5: class=0x040100 card=0x02221014 chip=0x24858086 rev=0x02 hdr=0x00 vendor = 'Intel Corporation' device = '82801CA/CAM (ICH3-S/ICH3-M) AC'97 Audio Controller' class= multimedia subclass = audio FreeBSD 5.0-RELEASE-p7 reboot time. ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
using trafd
Requesting some assistance using trafd. I have it running on my ethernet and running trafdump/trafshow sporadically. From what I've read the best thing to do is something like this: 59 * * * * trafdump 59 23 * * * trafsave 0 0 * * * traflog daily_traffic_log anyway, just shooting for the general theory here.. just been mucking around with it so far on my desktop and am curious about the following fields too.. (fxp0) athomson at Jul 17 13:02:36 - Jul 17 13:09:15 Summary: 80950 data bytes, 100678 all bytes, 11 records From Port ToPort Proto Data All What's the difference between data bytes and all bytes thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Racoon / VPN problem
That looks a bit like mine too.. (this output taken from host .14.1) Of course these would be reversed on 14.2 ie, the in and out bits) 192.168.14.2[any] 0.0.0.0/0[any] any in ipsec esp/tunnel/192.168.14.2-192.168.14.1/require spid=1 seq=1 pid=42486 refcnt=1 0.0.0.0/0[any] 192.168.14.2[any] any out ipsec esp/tunnel/192.168.14.1-192.168.14.2/require spid=2 seq=0 pid=42486 refcnt=1 I'm using this to IPSEC my wireless traffic. Works a treat coupled with racoon. ajt. On Fri, 2003-07-11 at 05:12, Company 2210 wrote: I have two freebsd 5.0 boxes authenticating at stage one of the VPN, however stage 2 fails. with: ph2begin_r(): respond new phase 2 negotiation: 10.0.0.1[0]=10.0.0.2[0] get_proposal_r(): no policy found: 10.0.0.2/32[0] 0.0.0.0/0[0] proto=any dir=in quick_r1recv(): failed to get proposal for responder. _ph2begin_r(): failed to pre-process packet. I'm a bit new too this, so I'm guessing the lack of a policy refers to my SPD Database. Setkey -DP looks like this: 0.0.0.0/0[any] 10.0.0.1[any] any in ipsec esp/tunnel/10.0.0.2-10.0.0.1/require spid=19 seq=1 pid=770 refcnt=1 10.0.0.1[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/10.0.0.1-10.0.0.2/require spid=18 seq=0 pid=770 refcnt=1 As I understand it, this means all packets heading too or from 10.0.0.1 must be encapsulated (which is what I want, as I'm running a VPN between too FreeBSD gateway boxes). If I replace the 0.0.0.0/0 with the IP of the other boxes inteface (i.e. 10.0.0.2) the VPN works between 10.0.0.1-10.0.0.2, but other traffic from other interfaces is not encrypted. Any help in resolving/understanding this issue is greatly appericated. Many Thanks Colin ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how many bytes send out of my box?
you could also use some ipfw rules. oblivion# ipfw list 00010 count ip from any to any out xmit fxp0 00020 count ip from any to any in recv fxp0 ipfw show will the detail how many bytes each rule has counted.. ajt. On Tue, 2003-07-08 at 20:49, BSD wrote: On Tue, Jul 08, 2003 at 11:39:44AM +0100, Supote Leelasupphakorn wrote: Can I find out how many byte my box is send out via each ethernet interface? netstat -ni man netstat. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
what the...
any translations on pee wee work?? ..some hardened systems, possibly some Peewee work as well with some of the Engineers ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
spamassassin slow to process messages
I'm looking for some suggestions as to why my spamassassin is so slow! Installed from ports. Details: p5-Mail-SpamAssassin-2.55 5.0-RELEASE-p7 I'm running spamd and using spamc/procmail to pass the messages to spamd. I was reading the following, http://spamassassin.rediris.es/dist/spamd/README.spamd and it was talking with figures like: Well, on my 400MHz K6-2 mail server, spamassassin process a 11689 byte message in about 3.36 seconds, spamc/spamd processes the same message in about 0.86 seconds, or about 4 times faster. I've got a CPU: Pentium III/Pentium III Xeon/Celeron (930.32-MHz 686-class CPU) and I'm seeing performance like, Jul 8 08:25:11 athomson spamd[52016]: clean message (0.4/5.0) for ajt:1001 in 10.2 seconds, 2132 bytes. Jul 8 08:25:27 athomson spamd[52031]: clean message (0.4/5.0) for ajt:1001 in 10.2 seconds, 2092 bytes. Jul 8 08:30:12 athomson spamd[52074]: identified spam (16.0/5.0) for ajt:1001 in 10.3 seconds, 3158 bytes. Jul 8 08:30:28 athomson spamd[52093]: clean message (-2.1/5.0) for ajt:1001 in 10.2 seconds, 2847 bytes. Jul 8 08:30:44 athomson spamd[52100]: clean message (0.4/5.0) for ajt:1001 in 10.2 seconds, 2133 bytes. Much smaller messages, taking much longer to process!! ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: spamassassin slow to process messages
On Tue, 2003-07-08 at 09:22, Daniel Bye wrote: Could be mx timeouts, DNS timeouts, rbl timeouts, dcc/razor/pyzor timeouts... In your global SpamAssassin config, try setting a value for timelog_path - this will cause spamd to log what it's doing, and where it spent most time doing it. Check perldoc Mail::SpamAssassin::Conf. You might also try turning on debugging (modify /usr/local/etc/rc.d/spamd.sh so that spamd is called with the `-D' option, then restart spamd). You will then get lots of debugging in /var/log/mail. Thanks Dan. Some great suggestions, appreciate it. Anyway you were onto it.. tracked down the following.. 0.000: Finished head tests (Delta: 0.000s) 0.000: Starting body tests 0.000: Razor2 - Starting razor test (10 secs max) 10.000: Razor2 - Finished razor test: not known spam (Delta: 10.000s) 10.000: Finished body tests (Delta: 10.000s) Time to investigate that. cheers, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: spamassassin slow to process messages
On Tue, 2003-07-08 at 09:37, Matthew Hunt wrote: On Tue, Jul 08, 2003 at 09:08:37AM +1000, Andrew Thomson wrote: I've got a CPU: Pentium III/Pentium III Xeon/Celeron (930.32-MHz 686-class CPU) and I'm seeing performance like, Jul 8 08:25:11 athomson spamd[52016]: clean message (0.4/5.0) for ajt:1001 in 10.2 seconds, 2132 bytes. Well, that's pretty bad. I see: Jul 7 04:05:49 wopr spamd[66708]: identified spam (8.4/5.0) for mph:501 in 4.0 seconds, 1206 bytes. Jul 7 04:08:18 wopr spamd[66726]: clean message (-5.3/5.0) for mph:501 in 7.1 seconds, 2553 bytes. This is on a Cyrix 6x86 (166 MHz 486-class CPU) with no L2 cache. :-) Is the machine heavily loaded with other work? Assuming that there are no messages between the ones you posted, it doesn't look like the machine is overburdened by mail alone. we're back in business... Jul 8 09:50:11 athomson spamd[52899]: clean message (0.4/5.0) for ajt:1001 in 10.2 seconds, 3044 bytes. Jul 8 09:50:28 athomson spamd[52912]: clean message (0.4/5.0) for ajt:1001 in 10.3 seconds, 5840 bytes. Jul 8 09:54:35 athomson spamd[52952]: clean message (0.4/5.0) for ajt:1001 in 0.3 seconds, 3027 bytes. Jul 8 09:54:43 athomson spamd[52965]: clean message (1.3/5.0) for ajt:1001 in 0.4 seconds, 8524 bytes. put use_razor1 0 use_razor2 0 in my local config and now it goes real fast!! thanks for the tips.. so what is this razor business anyway?? ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
funky dns required
I currently have a caching nameserver on my local domain that really just caches and forwards to my primary nameserver. A lot of laptop users connect to the public ip of my mailserver as this is what they'd use if they were out of the office. However when they are in the office, it doesn't work so well. I've got some double nat magic on the firewall to attempt to overcome the problem however it just doesn't seem to work so well. As soon as I change the mailserver to the internal ip for these laptop users, everything works great. However having the laptop users change this everytime is not a workable solution. What I want to do is setup on my caching nameserver something so that when the laptop users requests the public name of my mailserver it acutally returns the internal ip. Everyone's happy! I could make the caching nameserver a master for the public domain of my mailserver however I would also have to keep updating every other host on the domain. Can I change the dns for this one host?? mailserver.mydomain.com = public ip mailserver.int.mydomain.com = private ip And there's lots of other hosts on mydomain.com. I want my caching nameserver to resolve mailserver.mydomain.com to private ip as the only hosts querying this nameserver would be internal hosts anyway! Can I just be a master for a host??? zone mailserver.mydomain.com { type master; file master/mailserver.mydomain.com; }; Long winded I know.. hopefully everything's clear!! Thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
caching nameserver with local domain
just wanted to verify this is kind of right.. do i have to do anything special with my fake internal domain?? acl localnet { 192.168.1.0/24; }; options { directory /etc/namedb; pid-file /var/run/named/pid; forward only; allow-query { localnet; }; forwarders { isp.nameserver; }; }; zone . { type hint; file named.root; }; zone 0.0.127.IN-ADDR.ARPA { type master; file master/localhost.rev; }; zone fake.internal.domain { allow-query { localnet; }; type master; file master/fake.internal.domain; }; zone 1.168.192.in-addr.arpa { allow-query { localnet; }; type master; file master/1.168.192.in-addr.arpa; }; thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jftpgw and fbsd 5
before i get carried away, is anyone running jftpgw on freebsd 5.x ?? proxy1# uname -sr FreeBSD 5.0-RELEASE-p7 proxy1# pkg_info | grep jftpgw jftpgw-0.13.4 Highly configurable FTP proxy when i fire it up: Jun 26 15:47:19 [55535]: jftpgw v0.13.4 opened the logfile Jun 26 15:47:19 [55535]: log_init() Jun 26 15:47:19 [55535]: Changed EUID to 65534 (nobody) Jun 26 15:47:19 [55535]: In closedescriptors() Jun 26 15:47:19 [55536]: Changing id back (socket(), bind()) Jun 26 15:47:19 [55536]: Could not change the EUID to 65534: Operation not permitted Jun 26 15:47:19 [55536]: In closedescriptors() grep 65534 /etc/passwd nobody:*:65534:65534:Unprivileged user:/nonexistent:/sbin/nologin Anyone else having any joy with this?? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
data contained in ipfw show
what's the max bytes ipfw show will record? 00010 422 44684 count ip from any to any out xmit tun0 00020 509 42556 count ip from any to any in recv tun0 i dump and zero them on the hour atm but just curious. also, /(1024*1024.0) would give me my mb yeah?? cool. ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Transparent Proxy going astray
Paul, You'd probably have noticed a few posts from me on this very subject. The good news is I did end up getting it all working.. but there were definitely a few hurdles in the way. I assume your firewall is also running the squid proxy? For some reason, I got away with just putting rule 60 in! I also added a dst port of 80 so just my http traffic got forwarded. If this is your firewall, then you'd probably want to change rule 50 to something like: skipto 70 tcp from 192.168.0.10 to any 192.168.0.10 is your firewall?? From my understanding, an add rule will stop moving through the ruleset however you still need your requests to go through nat etc etc.. Let me know how you get on. You can be restassured that it is possible. I have now setup transparent proxies with the proxy running on the firewall and also with the proxy running on another box. I've also used 4.7 and 5.0 in seperate instances sucessfully too! good luck, ajt. On Sat, Jun 21, 2003 at 01:34:17PM +0800, Paul Hamilton wrote: Hi all, I have watched/lurked on this list for sometime now, and see a Transparent Proxy question every now or then. None of them have answered my problem. I give it a bash every now and then to see if I will trip over the answer. It hasn't worked, so I will try this list again. I run FreeBSD 4.8 on the gateway, Squid Cache: Version 2.4.STABLE4 Squid.conf has the required lines: http_port 8080 httpd_accel_port 80 httpd_accel_host virtual httpd_accel_with_proxy on httpd_accel_uses_host_header on and the required ipfw2 firewall rules: 00050271 27520 allow tcp from 192.168.0.10 to any 00060 3144 fwd 127.0.0.1,8080 tcp from any to any dst-port 80 Interestingly enough when watching the ip traffic on the gateway, I see this on my inside NIC: 08:27:18.735861 192.168.0.2.3276 203.10.1.17.53: 1093+ A? www.google.com.au. (35) 08:27:18.922217 203.10.1.17.53 192.168.0.2.3276: 1093 2/4/4 CNAME[|domain] 08:27:18.923667 192.168.0.2.3277 216.239.39.99.80: S 813553086:813553086(0) win 16384 mss 1460,nop,nop,sackOK (DF) 08:27:18.923722 216.239.39.99.80 192.168.0.2.3277: R 0:0(0) ack 813553087 win 0 08:27:19.397657 192.168.0.2.3277 216.239.39.99.80: S 813553086:813553086(0) win 16384 mss 1460,nop,nop,sackOK (DF) 08:27:19.397697 216.239.39.99.80 192.168.0.2.3277: R 0:0(0) ack 1 win 0 08:27:19.906095 192.168.0.2.3277 216.239.39.99.80: S 813553086:813553086(0) win 16384 mss 1460,nop,nop,sackOK (DF) 08:27:19.906153 216.239.39.99.80 192.168.0.2.3277: R 0:0(0) ack 1 win 0 and this on my outside NIC: 08:27:18.736970 202.72.147.43.3276 203.10.1.17.53: 1093+ A? www.google.com.au. (35) 08:27:18.922026 203.10.1.17.53 202.72.147.43.3276: 1093 2/4/4 CNAME www.google.com., (215) The cache_access.log doesn't show any traffic, yet (something) is pretending to be the google website, as there is a reply from 216.239.39.99.80. I have tried to run tcpdump -ni lo0 but there isn't any traffic. Should I be able to see traffic on lo0? Any thoughts on what I am missing? Cheers, Paul Hamilton ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bsd daemon chick wallpaper??
i know this isn't exactly mission critical stuff, but the one i'm actually thinking off is all black. The cartoon daemon in chick is a glowing blue for memory with a tail wrapping over her lap?? sounds dodge, but i just can't remember where i got the picture originally..!! thanks, ajt. On Tue, Jun 17, 2003 at 10:04:15PM -0500, Josef Grosch wrote: On Wed, Jun 18, 2003 at 12:34:31PM +1000, Andrew Thomson wrote: i had this once upon time.. however can no longer find it.. it was an image which was pretty much all black with a chick bsd daemon on it for memory? anyway no what i'm talking about? got it lying around? http://themes.freshmeat.net/projects/menvsboys/?topic_id=918%2C952 Enjoy Josef -- Josef Grosch | Another day closer to a | FreeBSD 5.1 [EMAIL PROTECTED] | Micro$oft free world | www.bafug.org ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bsd daemon chick wallpaper??
all over it.. thanks all. ajt. On Wed, Jun 18, 2003 at 05:46:03AM -0700, Greg J. wrote: On Wed, 18 Jun 2003 22:12:27 +1000 Andrew Thomson [EMAIL PROTECTED] wrote: i know this isn't exactly mission critical stuff, but the one i'm actually thinking off is all black. The cartoon daemon in chick is a glowing blue for memory with a tail wrapping over her lap?? sounds dodge, but i just can't remember where i got the picture originally..!! thanks, Perhaps this is it? http://hurring.com/blackbox/styles/backgrounds/SecureBSD.jpg ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
restrictive ipfw ruleset and ftp
any suggestions would be great. i have a restrictive ipfw ruleset that works great.. it only allows incoming connections that i allow and outgoing connections allow. i have a list of ports that i let my users go out on: 80, 22, 143, 443 etc etc.. All the stuff they might need to do. how can i handle passive ftp though? i can let 21 out, but when the remote ftp server says use this x high port.. i block that because it's not in my list. so what can i do to get around this.. not totally familiar with it, but is this what fw_punch is for within nat?? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bsd daemon chick wallpaper??
i had this once upon time.. however can no longer find it.. it was an image which was pretty much all black with a chick bsd daemon on it for memory? anyway no what i'm talking about? got it lying around? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: more transparent proxy and squid questions.
i'm still having issues here.. has anyone else got transparent proxy going with firewall and squid on different boxes?? anyway, from the squid faq, does this apply to freebsd these days?? ...Compile and run a version of Squid which accepts connections for other addresses. For some operating systems, you need to have configured and built a version of Squid which can recognize the hijacked connections and discern the destination addresses. For Linux this seems to work automatically. For *BSD-based systems, you probably have to configure squid with the --enable-ipf-transparent option. (Do a make clean if you previously configured without that option, or the correct settings may not be present.)... i'm trying to use ipfw for my fwd'ing from the firewall to the proxy server. thanks, ajt. On Mon, Jun 16, 2003 at 07:25:26AM +0300, Rapier wrote: From what you've said you have natd enabled,instead of redirecting with ipfw you shoud redirect with natd!man natd On Mon, 16 Jun 2003 09:41:05 +1000 Andrew Thomson [EMAIL PROTECTED] wrote: On Fri, Jun 13, 2003 at 09:47:09AM -0400, Bill Moran wrote: Yes. You've got the right idea. hmm.. i have encountered some difficulties ;) so now i'm seeking some more advice.. i have the following rules on my firewall: 10561 skipto 11000 ip from 192.168.1.2 to any 10562 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 keeping in line with my example, 1=fwall, 2=squid, 3=user the skipto is in there so we go through nat and get a proper ip. i never see any packets get to the squid box though.. ipfw show indicates matching packets ipfw show 10561 10562 10561 5342331306 skipto 11000 ip from 192.168.1.2 to any 10562 2520120960 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 a tcpdump on the squid box looking out for port 3128 shows nothing, although the ipfw shows matches.. i'll keep digging around but any more tips would be appreciated on this setup. thanks, andrew. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: more transparent proxy and squid questions.
further, if i do try and configure with the --enable-ipfw-transparent option, configure complains with the following: checking if setresuid is implemented... yes checking if IP-Filter header files are installed... no WARNING: Cannot find necessary IP-Filter header files Transparent Proxy support WILL NOT be enabled I appreciate it's talking about ipfilter however I use ipfw which is compiled into the kernel. I want transparent proxy but with ipfw.. what's the status? ajt. On Mon, Jun 16, 2003 at 04:52:12PM +1000, Andrew Thomson wrote: i'm still having issues here.. has anyone else got transparent proxy going with firewall and squid on different boxes?? anyway, from the squid faq, does this apply to freebsd these days?? ...Compile and run a version of Squid which accepts connections for other addresses. For some operating systems, you need to have configured and built a version of Squid which can recognize the hijacked connections and discern the destination addresses. For Linux this seems to work automatically. For *BSD-based systems, you probably have to configure squid with the --enable-ipf-transparent option. (Do a make clean if you previously configured without that option, or the correct settings may not be present.)... i'm trying to use ipfw for my fwd'ing from the firewall to the proxy server. thanks, ajt. On Mon, Jun 16, 2003 at 07:25:26AM +0300, Rapier wrote: From what you've said you have natd enabled,instead of redirecting with ipfw you shoud redirect with natd!man natd On Mon, 16 Jun 2003 09:41:05 +1000 Andrew Thomson [EMAIL PROTECTED] wrote: On Fri, Jun 13, 2003 at 09:47:09AM -0400, Bill Moran wrote: Yes. You've got the right idea. hmm.. i have encountered some difficulties ;) so now i'm seeking some more advice.. i have the following rules on my firewall: 10561 skipto 11000 ip from 192.168.1.2 to any 10562 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 keeping in line with my example, 1=fwall, 2=squid, 3=user the skipto is in there so we go through nat and get a proper ip. i never see any packets get to the squid box though.. ipfw show indicates matching packets ipfw show 10561 10562 10561 5342331306 skipto 11000 ip from 192.168.1.2 to any 10562 2520120960 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 a tcpdump on the squid box looking out for port 3128 shows nothing, although the ipfw shows matches.. i'll keep digging around but any more tips would be appreciated on this setup. thanks, andrew. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: more transparent proxy and squid questions.
On Fri, Jun 13, 2003 at 09:47:09AM -0400, Bill Moran wrote: Yes. You've got the right idea. hmm.. i have encountered some difficulties ;) so now i'm seeking some more advice.. i have the following rules on my firewall: 10561 skipto 11000 ip from 192.168.1.2 to any 10562 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 keeping in line with my example, 1=fwall, 2=squid, 3=user the skipto is in there so we go through nat and get a proper ip. i never see any packets get to the squid box though.. ipfw show indicates matching packets ipfw show 10561 10562 10561 5342331306 skipto 11000 ip from 192.168.1.2 to any 10562 2520120960 fwd 192.168.1.2,3128 tcp from 192.168.1.3 to any 80 a tcpdump on the squid box looking out for port 3128 shows nothing, although the ipfw shows matches.. i'll keep digging around but any more tips would be appreciated on this setup. thanks, andrew. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfirewall_forward
i'm working on setting up a transparent squid proxy. would like to clarify what the forward stuff actually does.. this is what I thought was happening.. ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging unlimited 00500 fwd 192.168.1.2 tcp from any to any dst-port 80 65535 allow ip from any to any i just thought i'd muck around with apache atm.. i hit the box with these rules on it on port 80, and the request is never fwd'ed to 192.168.1.2 is this what's supposed to happen?? a tcpdump port 80 on both hosts show in the incoming http from the client, however nothing on the machined having the packets forwarded.. can someone clarify this for me? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfirewall_forward
On Mon, Jun 16, 2003 at 10:09:34AM +1000, Andrew Thomson wrote: i'm working on setting up a transparent squid proxy. would like to clarify what the forward stuff actually does.. this is what I thought was happening.. ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging unlimited 00500 fwd 192.168.1.2 tcp from any to any dst-port 80 65535 allow ip from any to any i just thought i'd muck around with apache atm.. i hit the box with these rules on it on port 80, and the request is never fwd'ed to 192.168.1.2 is this what's supposed to happen?? a tcpdump port 80 on both hosts show in the incoming http from the client, however nothing on the machined having the packets forwarded.. can someone clarify this for me? thanks, ajt. just tested some more.. and i assume this fwd business is for just pushing packets around on the same host.. i snuck in rule 400 as a test.. 00400 fwd 192.168.1.1,3128 tcp from any to any dst-port 80 00500 fwd 192.168.1.2 tcp from any to any dst-port 80 1.1 is what i'm typing in my browser.. originally i was hoping this would be forwarded to 1.2.. but was getting no love.. however when i fwd to the same host as i type in the browser, the fwd works.. i take it this is it's use?? so how do I do want I want to do?? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
more transparent proxy and squid questions.
I'm not looking for help at setting this up as such, but rather a better understanding of what's happening to the packets in this situation. I have a freebsd firewall/gateway box. I then fwd the port 80 requests to the squid box on port 3128 squid then i imagine process the request.. does squid then make the same http request with it's ip as the source? perhaps an illustration might be helpful. wall/gwy = 192.168.1.1 squid = 192.168.1.2 user = 192.168.1.3 user makes an http request. ipfw rule on wall diverts to squid: ipfw add 50 fwd 192.168.1.2,3128 tcp from any to any 80 does squid then make the request with it's ip? thus we'd need something like, ipfw add 45 allow tcp from 192.168.1.2 to any 80 squid updates the cache/passes the data back to the user?? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: more transparent proxy and squid questions.
oh, and does squid need to be compiled with CONFIGURE_ARGS+= --enable-ipf-transparent given the firewall does the divert to the squid box ?? ta, ajt. On Fri, Jun 13, 2003 at 05:04:38PM +1000, Andrew Thomson wrote: I'm not looking for help at setting this up as such, but rather a better understanding of what's happening to the packets in this situation. I have a freebsd firewall/gateway box. I then fwd the port 80 requests to the squid box on port 3128 squid then i imagine process the request.. does squid then make the same http request with it's ip as the source? perhaps an illustration might be helpful. wall/gwy = 192.168.1.1 squid = 192.168.1.2 user = 192.168.1.3 user makes an http request. ipfw rule on wall diverts to squid: ipfw add 50 fwd 192.168.1.2,3128 tcp from any to any 80 does squid then make the request with it's ip? thus we'd need something like, ipfw add 45 allow tcp from 192.168.1.2 to any 80 squid updates the cache/passes the data back to the user?? thanks, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ibm thinkpad x24 and 5.1-release
i'm having problems running 5.1-release on my thinkpad. just updated the bios to the lastest and greatest from ibm however 5.1 doesn't want to play nice with my laptop. i have finally managed to get through a custom install however once I've rebooted and using the machine, after a random period of time I get a 'fatal trap 18: integer divide fault', and the machine reboots! if i boot up with acpi disabled, the laptop just seems to hang after the following: ata0: ata1: pci0: pci0: limited information I know.. Just restarted with more verbose logging to see if that turns anything up.. I also get these acpi errors when I startup with acpi enabled. Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.FDC_._INI] (Node 0xc3338b00), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__._INI] (Node 0xc3331920), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BGID] (Node 0xc3338c40), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BINI] (Node 0xc3338c60), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BSTA] (Node 0xc3338ca0), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.IDE0.SCND.MSTR._STA] (Node 0xc3338b60), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-0175: *** Error: Method execution failed [\_SB_.PCI0.IDE0.SCND.MSTR._STA] (Node 0xc3338b60), AE_NOT_EXIST Jun 10 12:33:17 kernel: acpi0: power button is handled as a fixed feature programming model. Jun 10 12:33:17 kernel: Timecounter ACPI-fast frequency 3579545 Hz Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BGID] (Node 0xc3338c40), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BINI] (Node 0xc3338c60), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.LPC_.EC__.BSTA] (Node 0xc3338ca0), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.PCI0.IDE0.SCND.MSTR._STA] (Node 0xc3338b60), AE_NOT_EXIST Jun 10 12:33:17 kernel: ACPI-0175: *** Error: Method execution failed [\_SB_.PCI0.IDE0.SCND.MSTR._STA] (Node 0xc3338b60), AE_NOT_EXIST Jun 10 12:33:17 kernel: acpi_timer0: 24-bit timer at 3.579545MHz port 0x1008-0x100b on acpi0 Jun 10 12:33:17 kernel: acpi_cpu0: CPU on acpi0 Jun 10 12:33:17 kernel: acpi_tz0: thermal zone on acpi0 Jun 10 12:33:17 kernel: acpi_lid0: Control Method Lid Switch on acpi0 Jun 10 12:33:17 kernel: ACPI-1287: *** Error: Method execution failed [\_SB_.LID_._PSW] (Node 0xc11e14e0), AE_NOT_EXIST Jun 10 12:33:17 kernel: acpi_button0: Sleep Button on acpi0 regards, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bandwidth monitor
i'll be honest and say i haven't really investigated too much... i'm running snmpd and using cricket to generate pretty bandwidth graphs. however I'm looking for something a bit more precise that will give me a bandwidth breakdown in/out per day. i currently have some count rules 00040 count ip from any to any out xmit dc0 00045 count ip from any to any in recv dc0 which i check and zero every hour, and then analyse this data later. however i'm curious if there's something i can use to double check my results.. cheers, ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel desktop board and floppy drive
On Mon, Mar 31, 2003 at 10:06:50AM -0500, Lowell Gilbert wrote: That *looks* like a real read error; either a bad floppy or drive. I assume you tried other floppies? yup.. multiple machines.. multiple bsd installations.. linux.. windows.. only failed on the bsd boxes with this motherboard.. somewhat odd. ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
intel desktop board and floppy drive
anyone experience problems mounting floppies using an intel desktop board?? I've been able to replicate the problem under 4.4 and 5.0 mount -t msdos /dev/fd0 /mnt/floppy/ msdosfs: /dev/fd0: Input/output error fdc0: Enhanced floppy controller (i82077, NE72065 or clone) port 0x3f7,0x3f4-0x3f5,0x3f2-0x3f3,0x3f0-0x3f1 irq 6 drq 2 on acpi0 fdc0: FIFO enabled, 8 bytes threshold fd0: 1440-KB 3.5 drive on fdc0 drive 0 fd0: hard error cmd=read fsbn 128 of 128-143 (ST0 44abnrml,top_head ST1 4sec_not_fnd ST2 0 cyl 3 hd 1 sec 3) fd0: hard error cmd=read fsbn 128 of 128-143 (ST0 44abnrml,top_head ST1 4sec_not_fnd ST2 0 cyl 3 hd 1 sec 3) ajt. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: port make options
sure is.. check out /usr/local/etc/pkgtools.conf MAKE_ARGS section.. ajt. On Thu, 2002-12-19 at 15:00, Rob B wrote: I'm upgrading my installed ports with the assistance of the portupgrade tool, and I'm wondering if there is a way to specify compile options to a particular port. I know that it is possible to upgrade one port at a time with make options specified thusly: portupgrade -m make_args Port_name but is it possible to install a port (Samba for instance), and rather than specifying the options a compile-time every time the port is upgraded, specify the options once only and have portupgrade or whatever follow those options? cheers, Rob -- What hair color do they put on the driver's licenses of bald men? This is random quote 1179 of a collection of 1269 Distance from the centre of the brewing universe: [15200.8 km (8207.8 mi), 262.8 deg](Apparent) Rennerian Public Key fingerprint = 6219 33BD A37B 368D 29F5 19FB 945D C4D7 1F66 D9C5 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
linux compat and rpm...
any tips on why this ain't working? athomson# pkg_info | grep linux linux-sun-jdk-1.3.1.05_1 Sun Java Development Kit 1.3 for Linux linux_base-7.1_1The base set of packages needed in Linux mode athomson# linux Linux driver already loaded athomson# ls sybase-11.9.2Docs sybase-openclient-11.1.1-2.i386.rpm sybase-ase-11.9.2-1.i386.rpmsybase-repsrv-12.0-1.i386.rpm sybase-common-11.9.2-2.i386.rpm sybase-repsrvmgr-12.0-1.i386.rpm sybase-monserver-11.9.2-3.i386.rpm sybase-sqlremote-6.0.2-1.i386.rpm athomson# rpm -ivh --ignoreos --nodeps --root /compat/linux/ sybase-common-11.9.2-2.i386.rpm athomson# ls /compat/linux/opt/* ls: No match. FreeBSD 4.7-RC #7: Mon Nov 11 16:18:56 EST 2002 thanks, ajt. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: linux compat and rpm...
doing a --noscripts sorted it out cheers, ajt. On Mon, 2002-11-18 at 15:17, Andrew Thomson wrote: any tips on why this ain't working? athomson# pkg_info | grep linux linux-sun-jdk-1.3.1.05_1 Sun Java Development Kit 1.3 for Linux linux_base-7.1_1The base set of packages needed in Linux mode athomson# linux Linux driver already loaded athomson# ls sybase-11.9.2Docs sybase-openclient-11.1.1-2.i386.rpm sybase-ase-11.9.2-1.i386.rpmsybase-repsrv-12.0-1.i386.rpm sybase-common-11.9.2-2.i386.rpm sybase-repsrvmgr-12.0-1.i386.rpm sybase-monserver-11.9.2-3.i386.rpm sybase-sqlremote-6.0.2-1.i386.rpm athomson# rpm -ivh --ignoreos --nodeps --root /compat/linux/ sybase-common-11.9.2-2.i386.rpm athomson# ls /compat/linux/opt/* ls: No match. FreeBSD 4.7-RC #7: Mon Nov 11 16:18:56 EST 2002 thanks, ajt. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
reinstall all installed ports
I just need to reinstall all my ports.. only 67 so I'll survive. However I'm just wondering what the best command would be. Given I'm doing all of them, I'm just curious if I need to worry about dependencies and reinstall in order type thing..or if I can just reinstall each package in any order.. Is portupgrade -af my best bet? I'm assuming I don't want to use any -r or -R options in this procedure.. cheers, ajt. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: reinstall all installed ports
My portupgrade just finished fine.. however the hole point of this excerise was to try and fix this problem. [ root @ redback :/root# ] ncftp3 /usr/libexec/ld-elf.so.1: ncftp3: Undefined symbol InitWinsock I just upgraded the system yesterday and that didn't fix it either... FreeBSD 4.7-RELEASE-p1 #9: Tue Oct 29 19:46:34 EST 2002 I admit to screwing around ages ago when I was trying to get gphoto2 working before it arrived in ports.. This is the only abnormality I'm seeing on this box.. Any thoughts? cheers, ajt. On Wed, 2002-10-30 at 10:48, Kris Kennaway wrote: On Wed, Oct 30, 2002 at 10:18:47AM +1100, Andrew Thomson wrote: I just need to reinstall all my ports.. only 67 so I'll survive. However I'm just wondering what the best command would be. Given I'm doing all of them, I'm just curious if I need to worry about dependencies and reinstall in order type thing..or if I can just reinstall each package in any order.. If you do them out of order the dependency information will be screwed up. It's best to let portupgrade do it for you all at once and in order. Is portupgrade -af my best bet? That's what I use. Kris To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
nat + ipfw + adsl
I'm out of my house and into a flat now.. so I don't have access to cable anymore.. bit of a dud.. I'm onto the next best thing being adsl. I read one doco about what I want to do but thought I'd just throw it out here as well.. Basically I've already got a nice little firewall running the cable modem, with a nice tight little rule set. I've got PPPoE running fine under BSD now with my new ADSL provider however am curious if I can just plug in my current firewall and s/fxp0/tun0/g in appropriate places.. namely for nat and the ipfw rules.. I've grown quite accustomed to using ipfw and natd and would prefer to use it over ppp -nat and it's filtering rules.. No worries? Cheers, ajt. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
4.4 mailserver dying
I recently upgraded our mailserver to 4.4, was on 4.0. It ran for days and days on 4.0 so I'm not dubious about the hardware. The only change has been the addition of raid 5 array to store the mail.. and also some updated packages... The symptoms I'm seeing are that it will run for about a day/ 2days and then users will complain they can't access the mail server. If I try to logon, my ssh session just will go 99% of the way through but just never return me to a prompt. Trying to logon via the console doesn't help either. The common theme I'm seeing here are references to the raid array/controller before it dies.. actually looking at the logs again, it's _not_ moments before the death... Oct 10 10:53:21 mx1 /kernel.MAIL.0: xl0: transmission error: 90 Oct 10 10:53:21 mx1 /kernel.MAIL.0: xl0: tx underrun, increasing tx start threshold to 360 bytes Oct 10 12:54:00 mx1 /kernel.MAIL.0: amr0: bad slot 177 completed Oct 10 13:19:06 mx1 /kernel.MAIL.0: Copyright (c) 1992-2001 The FreeBSD Project. Oct 10 13:19:06 mx1 /kernel.MAIL.0: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 Oct 10 13:19:06 mx1 /kernel.MAIL.0: The Regents of the University of California. All rights reserved. Oct 10 13:19:06 mx1 /kernel.MAIL.0: FreeBSD 4.4-RELEASE-p15 #0: Wed Jul 17 22:19:32 SAST 2002 It's a fairly big ass raid array just for mail and there's another scsi disk for everything else.. /dev/da0s1a 496M42M 415M 9%/ /dev/da0s1f 992M 6.8M 906M 1%/tmp /dev/da0s1g 4.9G 264M 4.3G 6%/usr /dev/da0s1e 992M55M 858M 6%/var /dev/amrd0s1e66G32G29G52%/var/mail procfs 4.0K 4.0K 0B 100%/proc So in short.. I'm not too sure what's screwing up and there's probably not much to go on here! Thoughts? thanks, ajt. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: libgda2/gnome2 build error .....
Yeah, I've got the same problem. Fresh install of a machine, cvsup to 4.7 RC, cvsup ports. Then pretty much the first thing I did post install was... # cd /usr/ports/x11/gnome2 # make fetch-recursive === Fetching all distfiles for gnome2-2.0_4 and dependencies libgda-0.8.193.tar.bz2 doesn't seem to exist in /usr/ports/distfiles/gnome2. Attempting to fetch from ftp://ftp.rpmfind.net/linux/gnome.org/sources/libgda/2.0/. fetch: libgda-0.8.193.tar.bz2: File unavailable (e.g., file not found, no access) Attempting to fetch from ftp://ftp.sunet.se/pub/X11/GNOME/sources/libgda/2.0/. fetch: libgda-0.8.193.tar.bz2: File unavailable (e.g., file not found, no access) Get's stuck there... ajt. On Sat, 2002-09-21 at 04:38, Moti Levy wrote: Moti Levy wrote: On 20 Sep 2002 13:30:08 -0400 Joe Marcus Clarke [EMAIL PROTECTED] wrote: On Fri, 2002-09-20 at 12:16, Moti Levy wrote: Hi All, I get this error when trying to build gnome2 it's a - 4.7-RC FreeBSD 4.7-RC #1 built today . ports were cvsup'd this morning . What version of popt do you have installed? let me guess ... run portupgrade ? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message