issues compiling world
Hi all, I've been battling the whole day now trying to compile 9 STABLE I've svn'ed the source from branch base/stable/9 numerious times and the code base as far as I can tell is up to date... cc -O2 -pipe -I/usr/src/usr.sbin/tcpdump/tcpdump -I/usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump -DHAVE_CONFIG_H -D_U_=__attribute__((unused)) -DINET6 -DLBL_ALIGN -I/usr/obj/usr/src/tmp/usr/include/openssl -DHAVE_LIBCRYPTO -DHAVE_OPENSSL_EVP_H -DHAVE_NET_PFVAR_H -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wno-uninitialized -Wno-pointer-sign -c /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c: In function 'print_src_dst': /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: 'tcpstates' undeclared (first use in this function) /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: (Each undeclared identifier is reported only once /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: for each function it appears in.) *** [print-pfsync.o] Error code 1 Stop in /usr/src/usr.sbin/tcpdump/tcpdump. *** [all] Error code 1 Can someone perhaps recommend a course of action? -- Regards, Chris Knipe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: issues compiling world
Hi, Followed those and recompiled. Precisely the same issue :-( On Thu, Jun 27, 2013 at 4:44 PM, Jerry je...@seibercom.net wrote: On Thu, 27 Jun 2013 16:10:54 +0200 Chris Knipe articulated: Hi all, I've been battling the whole day now trying to compile 9 STABLE I've svn'ed the source from branch base/stable/9 numerious times and the code base as far as I can tell is up to date... cc -O2 -pipe -I/usr/src/usr.sbin/tcpdump/tcpdump -I/usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump -DHAVE_CONFIG_H -D_U_=__attribute__((unused)) -DINET6 -DLBL_ALIGN -I/usr/obj/usr/src/tmp/usr/include/openssl -DHAVE_LIBCRYPTO -DHAVE_OPENSSL_EVP_H -DHAVE_NET_PFVAR_H -std=gnu99 -fstack-protector -Wsystem-headers -Werror -Wall -Wno-format-y2k -W -Wno-unused-parameter -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wno-uninitialized -Wno-pointer-sign -c /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c: In function 'print_src_dst': /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: 'tcpstates' undeclared (first use in this function) /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: (Each undeclared identifier is reported only once /usr/src/usr.sbin/tcpdump/tcpdump/../../../contrib/tcpdump/print-pfsync.c:330: error: for each function it appears in.) *** [print-pfsync.o] Error code 1 Stop in /usr/src/usr.sbin/tcpdump/tcpdump. *** [all] Error code 1 Can someone perhaps recommend a course of action? Have you followed all of the directions precisely as stated on http://www.freebsd.org/doc/en/books/handbook/makeworld.html, especially http://www.freebsd.org/doc/en/books/handbook/makeworld.html#idp91153200 and http://www.freebsd.org/doc/en/books/handbook/makeworld.html#idp91104944. -- Jerry ♔ Disclaimer: off-list followups get on-list replies or get ignored. Please do not ignore the Reply-To header. __ There is a fine line between genius and insanity. I have erased this line. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Regards, Chris Knipe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: find date of last boot
It's not that. 'last reboot' seems to be broken at the moment, at least on stable/9: but last(1) isn't coming up with the goods: lucid-nonsense:~:% last reboot wtmp begins Fri Jun 1 06:14:46 BST 2012 last reads from /var/log/wtmp - which more than likely got rotated since your last reboot. -- Regards, Chris Knipe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Maximum number of tun pseudo-devices
On Mon, May 14, 2012 at 3:09 AM, Brett Glass br...@lariat.net wrote: I'm running a busy FreeBSD-based that may handle large numbers of simultaneous connections. I'm currently using software that creates a tun device for each connection. However, after it hits tun127 (128 pseudo-devices), it doesn't seem to want to create any more. What sets the limit on the number of tun devices that can exist in the system, and how can the limit be adjusted? Is there a similar limit on, say, ng devices? You don't say which version of FreeBSD you're using, but older versions of FreeBSD had the option to specify a maximum number of pseudo-device to allow. For example pseudo-device tun1 # Tunnel driver(user process ppp) In your kernel would only allow for 1 tun device to be created. If you're using an older (5.x / 4.x) version of FreeBSD, I'd say check your kernel config. Nut sure whether this is still relevant in newer versions of FreeBSD, but documentation suggest that it is no longer the case with newer versions. -- Regards, Chris Knipe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: semi OT: correct CIDR block?
Yes. cknipe@amnesiac ~ $ ipcalc 10.0.0.32/27 Address: 10.0.0.321010...001 0 Netmask: 255.255.255.224 = 27 ...111 0 Wildcard: 0.0.0.31 ...000 1 = Network: 10.0.0.32/27 1010...001 0 HostMin: 10.0.0.331010...001 1 HostMax: 10.0.0.621010...001 0 Broadcast: 10.0.0.631010...001 1 Hosts/Net: 30Class A, Private Internet On Mon, Mar 5, 2012 at 4:30 PM, Robert Huff roberth...@rcn.com wrote: With my brain still on EBADSLEEP, I cannot decide if: 10.0.0.32-10.0.0.63 is correctly described by: 10.0.0.32/27 Anyone? Please? Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Regards, Chris Knipe ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
7.2-RELEASE kbdmux
Hi, I've just checked out 7.2-RELEASE from CVS. My build world was successful, but I am failing on compiling the stock standard GENERIC kernel that comes out of CVS. === kbdmux (all) cc -O2 -fno-strict-aliasing -pipe -D_KERNEL -DKLD_MODULE -std=c99 -nostdinc -DHAVE_KERNEL_OPTION_HEADERS -include /usr/obj/usr/src/sys/GENERIC/opt_global.h -I. -I@ -I@/contrib/altq -finline-limit=8000 --param inline-unit-growth=100 --param large-function-growth=1000 -fno-common -g -I/usr/obj/usr/src/sys/GENERIC -mno-align-long-strings -mpreferred-stack-boundary=2 -mno-mmx -mno-3dnow -mno-sse -mno-sse2 -mno-sse3 -ffreestanding -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -fformat-extensions -c /usr/src/sys/modules/kbdmux/../../dev/kbdmux/kbdmux.c /usr/src/sys/modules/kbdmux/../../dev/kbdmux/kbdmux.c:127:8: error: macro names must be identifiers /usr/src/sys/modules/kbdmux/../../dev/kbdmux/kbdmux.c: In function 'kbdmux_kbd_event': /usr/src/sys/modules/kbdmux/../../dev/kbdmux/kbdmux.c:261: warning: implicit declaration of function 'KBDMUX_CHECK_CHAR' /usr/src/sys/modules/kbdmux/../../dev/kbdmux/kbdmux.c:261: warning: nested extern declaration of 'KBDMUX_CHECK_CHAR' *** Error code 1 This is a stock standard cvsup'ed machine, nothing changed, altered, added, or removed. Any help appreciated. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Sponsoring FreeBSD
From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Wojciech Puchar Sent: 27 May 2009 05:57 PM To: Zbigniew Szalbot Cc: freebsd-questions@freebsd.org; utis...@gmail.com Subject: Re: Sponsoring FreeBSD as usually - i speak for myself. and will keep it that way. Grrr... there are times when I think that freedom of speech is not such a good thing after all... Of course - ban it! Just my 2c... Snotty comments like this in a public forum, is exactly why I no longer use FreeBSD. Just about everything in these mailing lists turns into snotty flame wars... It's pathetic truth be told. Use it, don't use it, /care -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sponsoring FreeBSD
On 27/05/09 12:40 -0700, prad wrote: On Wed, 27 May 2009 19:34:04 +0200 Chris Knipe sav...@savage.za.org wrote: Snotty comments like this in a public forum, is exactly why I no longer use FreeBSD. i really don't understand this. it would make sense for you to ignore the forum, but why take it out on the os? Because it's here to support the OS, and the level of support relates -directly- to what I can expect here in terms of support of the OS, not even getting started on the LEVEL of support and the PROFESIONALISM of said support, or accuracy there of. Hell, I'm to scared to post and ask a question because of starting a 'flame war'. Perception is everything, and the IMAGE of FreeBSD that is created by this forum, is one of a minority bunch of toddlers, throwing their toys in a cot about each and every little thing that does not go the way they want it. This thread is a PERFECT example there of, but there are many, many, many threads that got COMPLETELY derailed because someone said the smallest little thing that annoyed someone else. GROW UP PEOPLE FFS. If you want the world to believe you have a mature OS, *ACT* like you have a mature OS... Why am I still here, replying, reading? Because, I'm INTERESTED. But that too, will more than likely start a completely different spin off and flame war and mass mails now, with questions like why am I interested and not using FreeBSD -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD 6.1 - libltdl
Hi, Can anyone shed some light perhaps as to why GCC is not seeing libltdl ??? bash-2.05b# gcc -lltdl /usr/bin/ld: cannot find -lltdl bash-2.05b# ldconfig -r|grep ltdl 115:-lltdl.4 = /usr/local/lib/libltdl.so.4 bash-2.05b# pkg_info |grep ltdl libltdl-1.5.22_1System independent dlopen wrapper bash-2.05b# uname -a FreeBSD xxx 6.1-RELEASE FreeBSD 6.1-RELEASE #0: Sun May 7 04:32:43 UTC 2006 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 bash-2.05b# Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
OT General, RAID and Drives
Hi, This is just about the best mailing list that I'm subscribed to for this discussion, and I believe this was in some extend covered before (SCSI vs. SATA). I'm looking at getting some storage put together. At the moment, I have about 800GB of Fiber Channels in a JBOD configuration (Posted previously about this looking for Emulex Drivers in BSD). For interest sakes, it is running on Windows 2003 at the moment, as the only drivers I found are for Windows and Linux based systems - nothing for FreeBSD as far as Emulex goes. Now, let's talk about Disk IO *only*. I'm not too hecticly interested in transfer speeds, as even PATA has more than enough speed as far as my requirements go. The applications that I intent to run on the storage system however, will be MASSIVELY IO intensive. We're talking LARGE files ranging from 800MB to 50GB (per file), with various reads and writes inside the files. I am considering RAID3 for this with hot spares and the like. Now, given that someone can shed some light on the IO issues, I'm happy to get rid of all FC devices I have (3 x DAE's fully populated), and invest in SATA or SCSI (which will also be significantly cheaper). But, what kind of IO can you expect from SATA on RAID3? FC (which I have now), performs VERY well even with software RAID5 as far as Disk IO goes. From experience working with SCSI arrays, I know that SCSI is also a pretty good choice for Disk IO. SCSI is still however a tad expensive. Given a good PCIe 64bit SATA controller. What can be expected as far as Disk IO goes??? Will I be safe in presuming that I will get reasonable (and with that I mean, something that can be comparable to FC) IO out of such a system? If we're looking at 3TB arrays spanned over 7 or more disks, will it perform? The costs of SATA is also much less than SCSI or FC, but the MTBF for SATA seems to be something that is very much questioned in systems like this. Given the cost factor of SATA vs FC, replacing disks on SATA seems to be small change in comparison of what HBAs, FC Drives, and the link costs - so that is also a risk I'm willing to take. Google is giving me very little results as far as performance goes when comparing FC vs. SATA however. Anyone *please* some information on this??? Thanks allot, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fiber Channel, Emulex
Hi, Any drivers to support Emulex??? Would love to get my beasty connected to FC!! Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Fiber Channel, Emulex
Hmm. Absolutely NO fiber channel adapters listed on the supported hardware?? :-( That's not good... Regards, Chris. - Original Message - From: Chris Knipe [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Monday, September 04, 2006 5:55 PM Subject: Fiber Channel, Emulex Hi, Any drivers to support Emulex??? Would love to get my beasty connected to FC!! Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Racoon - Disable debug loggin?
Hi, I've compiled racoon (IPSec-Tools / FreeBSD Ports) various times with --disable-debug Debug messages keeps ending up in syslog :( How can I disable the debug output??? Regards, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Building ports with sorces on a local mirror?
Look at the cvs-mirror port... Regards, Chris. - Original Message - From: stan [EMAIL PROTECTED] To: Free BSD Questions list freebsd-questions@freebsd.org Sent: Saturday, August 26, 2006 10:15 PM Subject: Building ports with sorces on a local mirror? I'm in the process of seting up to build a fair number of machines behind a very restrictive firewall (and besides that the outbound link is very slow). What I have in mind is setting up a machine using mirror software to create a local mirror of the FreeBSD site, including the distfiles for the ports tree. Is thee a way to get the ports build system to look for distfiles on this local mirror? -- Unix is very simple, but it takes a genius to understand the simplicity. (Dennis Ritchie) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Racoon / IPSec-Tools, disable debug logging?
Hi, I've compiled racoon (IPSec-Tools / FreeBSD Ports) various times with --disable-debug Debug messages keeps ending up in syslog :( How can I disable the debug output??? Regards, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
a bit OT, but stumped
Hi, Just a quick question - especially valid in regards to VPN (L2TP / PPTP). I know this will depend solely on the NAS, but considering a normal *nix pppd process, and a windows based RAS client... Is it at all possible to get PPP to assign static routes to the CLIENT during the authentication process? Let's say I have a DMZ with 10/8 and 20/8 used for addressing. A client connects to a VPN server on a.b.c.d Unless I tell the client to use the VPN as a Default Gateway, the client will not have routes to route 10/8 and 20/8 over the VPN link... What needs to be done to tell Windows this? Sure, I know I can always add these routes manually, but I'm trying to avoid it :) Just a general q... Sorry for OT Regards, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sluggish disk performance.
Hi, 2 usersLoad 0.06 0.12 0.11 Aug 21 17:48 Mem:KBREALVIRTUAL VN PAGER SWAP PAGER Tot Share TotShareFree in out in out Act 122748 10896 52483630684 14216 count All 247916 13364 341838840552 pages Interrupts Proc:r p d s wCsw Trp Sys Int Sof Fltcow 373 total 18100 689 12 369 484 15 81872 wire100 0: clk 124232 act 41 4: sis0 3.7%Sys 0.3%Intr 0.2%User 1.2%Nice 94.6%Idl29988 inact 128 8: rtc |||||||||| 13564 cache 10: rl0 ==- 652 free13: npx daefr 104 14: ata Namei Name-cacheDir-cache prcfr Calls hits% hits% react 357 357 100 pdwake zfod340 pdpgs Disks ad0 ofodintrn KB/t 16.83 %slo-z35456 buf tps 103 4 tfree 414 dirtybuf MB/s 1.70 20988 desiredvnodes % busy 98 5247 numvnodes 4223 freevnodes Got 1 ATA100 Seagate 120GB disk in there at the moment 1.7MB/s at 98% busy? Surely, that figure is WAY low??? I'd expect atleast about 10MB/s on ATA100. dmsg detects everything right obviously, atapci0: SiS 630S UDMA100 controller port 0xd800-0xd80f,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 0.1 on pci0 ata0: channel #0 on atapci0 ata1: channel #1 on atapci0 ... ad0: 114473MB ST3120026A/8.01 [232581/16/63] at ata0-master UDMA100 Anything I can look at to speed this up? It's not the most powerfull system ever, P3 850 with 1GB Ram... But I *definately* expect allot more than 2MB/s for 100% load... Thanks, Regards, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sluggish disk performance.
In the last episode (Aug 21), Chris Knipe said: Disks ad0 ofodintrn KB/t 16.83 %slo-z35456 buf tps 103 4 tfree 414 dirtybuf MB/s 1.70 20988 desiredvnodes % busy 98 5247 numvnodes 4223 freevnodes Got 1 ATA100 Seagate 120GB disk in there at the moment 1.7MB/s at 98% busy? Surely, that figure is WAY low??? I'd expect atleast about 10MB/s on ATA100. That number's about right for random I/O and small blocksizes, which is what the KB/t field shows. If you were doing sequential I/O, the KB/t field would be at or near 128. Are you also running a du, cvs update, or other command likely to be doing random disk accesses? ALTER TABLE on a 200MB mySQL table? I guess its time for a dedicated disk then -- C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: new firewall rules
sh /etc/rc.firewall LABEL Regards, Chris. - Original Message - From: Noah [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Monday, August 21, 2006 1:24 AM Subject: new firewall rules Hi there, I want to activate the new rules I added to rc.firewall . Is there anyway to easily do this without rebooting? Cheers, Noah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: vmware on freebsd?
On Tue, 15 Aug 2006 02:58:23 -0400 (EDT) Peter [EMAIL PROTECTED] wrote: AFAIK, VMWare does not support FreeBSD as a host (YES as a guest) in their latest versions of the Workstation line. I havent heard of host as for the Server line, but I could be wrong. Quest Yes, Host No. VMServer does support Linux however. The problem is that they have build the server to depend solely on how linux operates. Hard coded commands, specifics about modules (i.e. lsmod, depmod, etc). If they wern't so full of fuzz about the installation, chances are the VMServer would run under linux-emu on BSD. But alas, at the moment BSD lacks the commands that VMServer requires. As far as Linux goes, it runs on just about anything Redhat, SuSe, Slackware, etc. -- Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: vmware on freebsd?
- VM Server isn't supported either. I am not so sure it would be as simple as mapping the linux commands to bsd ones... the fact that it needs the *mod linux commands implies they use linux kernel modules... which I would say are not compatible with BSD. I'd love to be proven wrong :) 100% - and it even has its own proprietary Linux modules that the VMServer loads when starting up (virtual nics, hubs / switches, etc). I just thought that linux modules would be able to operate under linux-emu in BSD. Guess I was wrong on that one :-) But yeah, VMWare Workstation is not really something I'd use in production. VMWare Server only Linux / Windows / etc, and then we have the enterprise class ESX Server, which is a OS in itself ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
named ACL
Hi all, Just a quick question... Will the following work for bind9: acl myacl { 192.168.0.0/16; }; view internal { match-clients { myacl; !192.168.1.1; }; }; Basically, I'm trying to include a network into my view, except one address... Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bind9 issue?
notify-source :) I must have been blind. Sorry, Chris. - Original Message - From: Chris Knipe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 30, 2005 12:09 PM Subject: bind9 issue? Hi, I'm not on the bind9 mailing lists, hopefully someone can help me out here, or as I suspect, perhaps just fill in a bug report My server has a primary IP, with various aliases: x.x.x.136 (Primary) x.x.x.131 (Alias) named.conf: options { listen-on port 53 { x.x.x.131; }; query-source address x.x.x.131 port 53; transfer-source x.x.x.131; }; Yes, notifies at my slave, comes from x.x.x.136 The slave thus, complains notify from non master (because 136 is not a name server), and as such, no updates happens on my slaves. How can I force bind9 to send notifies from the query-source address? IMHO, if bind uses the query-source address do to lookups, it *should* also use this address to send notifies - hence, my initial claim above re bug... Can anyone perhaps confirm this?? Alternatively, give some pointers to a working way for the above scenario? Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bind9 issue?
Hi, I'm not on the bind9 mailing lists, hopefully someone can help me out here, or as I suspect, perhaps just fill in a bug report My server has a primary IP, with various aliases: x.x.x.136 (Primary) x.x.x.131 (Alias) named.conf: options { listen-on port 53 { x.x.x.131; }; query-source address x.x.x.131 port 53; transfer-source x.x.x.131; }; Yes, notifies at my slave, comes from x.x.x.136 The slave thus, complains notify from non master (because 136 is not a name server), and as such, no updates happens on my slaves. How can I force bind9 to send notifies from the query-source address? IMHO, if bind uses the query-source address do to lookups, it *should* also use this address to send notifies - hence, my initial claim above re bug... Can anyone perhaps confirm this?? Alternatively, give some pointers to a working way for the above scenario? Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
large file support
Hi, Uhm, quite urgent, but does BSD support 4GB files on i386? We have a 4.3GB MySQL Table (i.e. one file), mysql reads from it, server halts, we tried to cp / mv it, server halts... For a test, I did a quick dd to generate a 6.4GB file, server halted What's the solution here Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ports: www/jakarata-tomcat*
Lo all, [EMAIL PROTECTED]:/usr/ports/www/jakarta-tomcat41# make WITHOUT_X11=yes install clean jakarta-tomcat-4.1.31_1: Environment error: JAVA_PORT should not be defined. *** Error code 1 I did tripple check, at the time of running make, the variable is NOT defined. I can't install any of the tomcat versions Help??? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ports: www/jakarata-tomcat*
Nopes. I'm sure I'm afraid... [EMAIL PROTECTED]:~# cd /usr/ports/www/jakarta-tomcat41/ [EMAIL PROTECTED]:/usr/ports/www/jakarta-tomcat41# unset JAVA_HOME [EMAIL PROTECTED]:/usr/ports/www/jakarta-tomcat41# make WITHOUT_X11=yes install clean jakarta-tomcat-4.1.31_1: Environment error: JAVA_PORT should not be defined. *** Error code 1 Stop in /usr/ports/www/jakarta-tomcat41. [EMAIL PROTECTED]:/usr/ports/www/jakarta-tomcat41# -- Chis. - Original Message - From: Louis LeBlanc [EMAIL PROTECTED] To: freebsd-questions@freebsd.org; [EMAIL PROTECTED] Sent: Thursday, July 07, 2005 5:21 PM Subject: Re: ports: www/jakarata-tomcat* ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ports: www/jakarata-tomcat*
What about /etc/make.conf or the Makefiles in the jakarta-tomcat ports directories? John. Thanks John :) /etc/make.conf had it defined. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
libc
Lo all, Is there anywhere that I can see what has changed from FreeBSD 4.11 to FreeBSD 5.x, in regards to libc ? We are getting major errors and core dumps from one of our applications which runs flawlessly on 4.x, but just dumps on 5.x, complaining about __cxa_finalize () from /lib/libc.so.5 (FreeBSD 5.4-STABLE)... Would be good if someone can give some hints or pointers to debug this... Thanks allot, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
OT Shell Script
May be a bit off topic, but I don't know any sh scripting lists that I'm subscribed to... :) If I run the script from shell / console, it runs without a problem Running it via cron, I get: [: 6: unexpected operator The script: #!/bin/sh HOSTNAME=`/usr/bin/uname -n` SIZE=`/usr/bin/du /var/log/MYAPP/|/usr/bin/cut -c 1-7` ROTATE=1024000 if [ -e /tmp/.rotate ]; then return 1 else touch /tmp/.rotate if [ $SIZE -ge $ROTATE ]; then /bin/mkdir -p /usr/local/backup/var/logs cd /usr/local/backup/var/logs for X in `ls /var/log/MYAPP/`; do rm -f $X.9.tgz mv $X.8.tgz $X.9.tgz mv $X.7.tgz $X.8.tgz mv $X.6.tgz $X.7.tgz mv $X.5.tgz $X.6.tgz mv $X.4.tgz $X.5.tgz mv $X.3.tgz $X.4.tgz mv $X.2.tgz $X.3.tgz mv $X.1.tgz $X.2.tgz /usr/bin/tar -czf $X.1.tgz /var/log/MYAPP/$X /dev/null /bin/cat /dev/null /var/log/MYAPP/$X done /bin/echo /var/log/MYAPP Rotated on $HOSTNAME | /usr/bin/mail -s MYAPP Log Rotation [EMAIL PROTECTED] fi /bin/rm /tmp/.rotate fi No, unfortunately, I MUST script this, I cannot use logrotate / newsyslog / name your fav log rotation tool, as they all destroy active file handles on the log file. cating /dev/null to the log is a good way to clean the log, whilst allowing a MULTITUDE of applicating writing to the file, to keep their file handles in tact Anyone that can give me a indication of what is going haywire in the script? Thank you kindly, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OT Shell Script
Call me stupid, I wasn't aware that [ is a command... ;) Thanks, Chris. - Original Message - From: Alex Zbyslaw [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Tuesday, June 21, 2005 12:02 PM Subject: Re: OT Shell Script Chris Knipe wrote: May be a bit off topic, but I don't know any sh scripting lists that I'm subscribed to... :) If I run the script from shell / console, it runs without a problem Running it via cron, I get: [: 6: unexpected operator The script: #!/bin/sh HOSTNAME=`/usr/bin/uname -n` SIZE=`/usr/bin/du /var/log/MYAPP/|/usr/bin/cut -c 1-7` ROTATE=1024000 if [ -e /tmp/.rotate ]; then Maybe your path doesn't have [ in it. Try if /bin/[ -e /tmp/.rotate ]; then or if /bin/test -e /tmp/.rotate; then Same for all your other [ tests. Or just make sure that /bin is in your path at the top of the script. It's often a good idea to set path explicitly for scripts, in case someone who runs it has something weird in their path, like their own [ or test or whatever. I notice the rest of the commands all have absolute pathnames avoiding the path issue, but I like setting the path anyway as it's really easy to forget to use absolute pathnames since we are so used to the shell finding things for us at the command line. --Alex --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: vlan - pls help
On Mon, Jun 13, 2005 at 04:23:59PM -0700, ann kok wrote: ifconfig vlan0 192.168.1.2 netmask 255.255.255.252 ifconfig vlan1 192.168.1.6 netmask 255.255.255.252 255.255.255.255 ??? Obviously it won't be able to see any other addresses -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: vlan - pls help
On Tue, Jun 14, 2005 at 11:18:35AM +0200, Chris Knipe wrote: On Mon, Jun 13, 2005 at 04:23:59PM -0700, ann kok wrote: ifconfig vlan0 192.168.1.2 netmask 255.255.255.252 ifconfig vlan1 192.168.1.6 netmask 255.255.255.252 255.255.255.255 ??? Obviously it won't be able to see any other addresses I'm being a idiot again... Please excuse me. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
databases/mysql41-server
Hi, Anyone have any idea when 4.1.12 will be commited to the ports tree? It's been available for quite some time now... Thanks, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fsck on startup
Hi, I'm not sure what is causing this, but virtually -every- unclean system shutdown results in my server asking for the root password to run fsck manually, and this is a co-located server in a remote datacenter which I unfortunately can not get to as easily as I would want. Is there anyway to tell rc.conf or sysctl or anything else to get bsd to not pause for the root password??? Don't ask me why, but this has happened twice already now in one week that the system would for some reason just do a cold restart, and then sit at the startup waiting for the passwords This is 5.4-STABLE on a P4 3.4GHz 1GB Ram. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipf + ipfw + divert = no go
Hi, Quick question... dmesg: IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 1024 packets/entry by default shell: bash-2.05b# ipfw add 50 fwd 192.168.0.237,3306 tcp from any to x.x.56.178 dst-port 3306 ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# whoami root bash-2.05b# What gives? FreeBSD 5.4-STABLE -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf + ipfw + divert = no go
On Tue, May 24, 2005 at 12:56:06PM +0200, Chris Knipe wrote: Hi, Quick question... dmesg: IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 1024 packets/entry by default shell: bash-2.05b# ipfw add 50 fwd 192.168.0.237,3306 tcp from any to x.x.56.178 dst-port 3306 ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# whoami root bash-2.05b# What gives? FreeBSD 5.4-STABLE bash-2.05b# ipfw add 50 fwd 1.1.1.1,1 tcp from 1.1.1.1 to 1.1.1.1 dst-port 1 ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# ipfw add 50 allow ip from me to any ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# Ok, well this is really not right -shrugs- -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf + ipfw + divert = no go
On Tue, May 24, 2005 at 01:54:45PM +0200, Joost Bekkers wrote: On Tue, May 24, 2005 at 01:38:58PM +0200, Chris Knipe wrote: On Tue, May 24, 2005 at 12:56:06PM +0200, Chris Knipe wrote: Hi, Quick question... dmesg: IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 1024 packets/entry by default shell: bash-2.05b# ipfw add 50 fwd 192.168.0.237,3306 tcp from any to x.x.56.178 dst-port 3306 ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# whoami root bash-2.05b# What gives? FreeBSD 5.4-STABLE bash-2.05b# ipfw add 50 fwd 1.1.1.1,1 tcp from 1.1.1.1 to 1.1.1.1 dst-port 1 ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# ipfw add 50 allow ip from me to any ipfw: getsockopt(IP_FW_ADD): Operation not permitted bash-2.05b# At what securelevel are you running? Slap me with a rotten trout! Thank you very much... Was level 3 which is obviously to high :) It's ment to be level 2. Thanks allot! -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: lmmon + FBSD 5.4
On Wed, May 18, 2005 at 08:22:00PM +0200, Roland Smith wrote: On Wed, May 18, 2005 at 07:26:20PM +0200, Chris Knipe wrote: Don't mean to be rude or anything... But as I did indicate before, NOTES was not and still is not, any help... You haven't read what I wrote properly: See /usr/src/sys/conf/NOTES, especially the SMB bus section. So see /usr/src/sys/conf/NOTES (_not_ /usr/src/sys/i386/conf/NOTES): -doh- Ok. Thanks, and my apologies :) -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
lmmon + FBSD 5.4
What's the options now that is required in the kernel to enable the reading for the sensors on the boards??? All my attempts has been futile, /sys/i386/conf/NOTES is useless... Anyone? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: lmmon + FBSD 5.4
Don't mean to be rude or anything... But as I did indicate before, NOTES was not and still is not, any help... What the below has to do with monitoring sensors makes very little sense to me. Perhaps it's just the description that doesn't make sense to me, perhaps someone needs to CVS commit some better description, but this just doesn't make sense to me. -- Chris. # # System Management Bus (SMB) # options ENABLE_ALART# Control alarm on Intel intpm driver # # Set the number of PV entries per process. Increasing this can # stop panics related to heavy use of shared memory. However, that can # (combined with large amounts of physical memory) cause panics at # boot time due the kernel running out of VM space. # # If you're tweaking this, you might also want to increase the sysctls # vm.v_free_min, vm.v_free_reserved, and vm.v_free_target. # # The value below is the one more than the default. # options PMAP_SHPGPERPROC=201 # # Change the size of the kernel virtual address space. Due to # constraints in loader(8) on i386, this must be a multiple of 4. # 256 = 1 GB of kernel address space. Increasing this also causes # a reduction of the address space in user processes. 512 splits # the 4GB cpu address space in half (2GB user, 2GB kernel). # options KVA_PAGES=260 -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' - Original Message - From: Roland Smith [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org Sent: Wednesday, May 18, 2005 6:12 PM Subject: Re: lmmon + FBSD 5.4 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: can't connect to mysql
vi /etc/rc.conf mysql_enable=YES :wq /usr/local/etc/rc.d/mysql-server.sh start mysql and you should be fine. read what the port installation says the next time you install a port ;-) -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' - Original Message - From: Eric Cheney [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Sunday, May 15, 2005 9:37 PM Subject: can't connect to mysql Hello. I'm trying to get MySQL4.0 working. I've installed it using /stand/systinstall (as well as ports method on another attempt). I got a report from sysinstall that MySQL was installed. That's both the client and the server (it caught the dependencies.) But here's the problem: I can't connect to the database. Here's the error I get begin error message** max# mysql -u root -p Enter password: ERROR 2002: Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) end error message** I did the above leaving the password blank because I haven't set up a password for root on MySQL yet. Which brings up another problem. I've tried the below and get the stated message. begin error message** max# mysqladmin -u root password 'newpassword' mysqladmin: connect to server at 'localhost' failed error: 'Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2)' Check that mysqld is running and that the socket: '/tmp/mysql.sock' exists! max# end error message** Well sure enough, /tmp/mysql.sock does not exist. And a ps waux | grep msyql leaves me to believe that mysql is not running. So then I did this, as root max# /usr/local/etc/rc.d/mysql-server.sh start And still mysql is not running, and I get the same problems as stated above. Any ideas about what I'm doing wrong? Thank you. -- Eric Cheney [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
memory errors / crashes
We will try our best to scrape up some info that will hopefully help diagnose the problem, but since we have already crashed, something is definitely wrong and this may fail. key_buffer_size=536870912 read_buffer_size=2093056 max_used_connections=418 max_connections=2048 threads_connected=404 It is possible that mysqld could use up to key_buffer_size + (read_buffer_size + sort_buffer_size)*max_connections = 516080 K bytes of memory Hope that's ok; if not, decrease some variables in the equation. Righty. Now, the system has 4 x 3.2GHz Intel processors... It has 4GB of ram... systat shows that all 4 processors are definately used... NO swap space is used at all (4GB allocated), and yes, it uses the entire 4GB of ram under heavy load... I am aware of the POSSIBILITY of the 2GB limit... However, I highly doubt that this is related as the system has no problem to use the 4GB of RAM (According to top in any case). 1) Why does the system not swap, and 2) Why is Mysql complaining that it needs at least 512MB ram, whilst there are 4GB available to it?? I've been battling for over 3 weeks to get this right, I have made multiple posts on the list about this... can someone please just give me some answers We're running FBSD 5.4-STABLE. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: On removing ^M
Textpad as a editor on Windows works great -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' - Original Message - From: Fafa Hafiz Krantz [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, May 08, 2005 9:20 PM Subject: On removing ^M Good day all! I am aware of the port unix2dos (dos2unix) as a tool to remove ^Ms from ASCII files. But if you execute dos2unix in a directory where some files contain ^M (CR/LF) and some files don't (CR), then dos2unix will make a mess of those files who don't. I am wondering what is needed (what tool or what code) to do a mass (recursive) removal of ^Ms? Thanks! -- Fafa Hafiz Krantz Research Designer @ http://www.home.no/barbershop Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
high perf kernel
Hi, Can anyone recommend some very usefull settings for a high performance kernel on 5.4? There doesn't seem to be a LINT config anymore in CVS, so I dont know what all my options are. We have a quad CPU system with 4GB of RAM Nevermind what we throw at the system, it never seems to do any actual work I'm not sure whether this is because we already have a very good optimised system, or whether our test clients are unable to cope I believe that there may be a couple of issues with the high amount of resources we have. The 4GB of RAM seems to be a issue (we can't get MySQL to even manage to use 2GB of it), and from what we can see, multiple processors aren't used either I'm also after settings / options for MAXDSIZ and MAXSSIZE, google has returned nothing... I've seen allot of archived posts refering to this, but as far as a actual configuration with those options go, nudda... Our kernconf at the moment: # DB02 - Optimised Kernel for Max Performance. # cknipe - 2005/04/25 machine i386 cpu I686_CPU ident DB02 maxusers512 options NMBCLUSTERS=65536 # maxusers and NMBCLUSTERS are both very important settings options SCHED_4BSD # 4BSD scheduler options INET# InterNETworking options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support options UFS_ACL # Support for access control lists options UFS_DIRHASH # Improve performance on big directories options MD_ROOT # MD is a potential root device options PROCFS # Process filesystem options PSEUDOFS# Pseudo-filesystem framework options GEOM_GPT# GUID Partition Tables options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] options COMPAT_FREEBSD4 # Compatible with FreeBSD4 options SCSI_DELAY=5000 # Delay (in ms) before probing SCSI options KTRACE # ktrace(1) support options SMP # Multi Processor System # System V semaphores and tunable parameters options SYSVSEM # SYSV-style semaphores options SEMMAP=8192 # Amount of entries in semaphore map options SEMMNI=1024 # Number of semaphore identifiers in the system options SEMMNS=8192 # Number of semaphores in the system options SEMMNU=16384# Number of undo structures in the system options SEMMSL=255 # Max number of semaphores per id options SEMOPM=401 # Max number of operations per semop call options SEMUME=201 # Max number of undo entries per process # System V shared memory and tunable parameters options SYSVSHM # SYSV-style shared memory options SHMMAXPGS=4097 # Max amount of shared memory pages (4k on i386) options SHMALL=4097 # Max amount of shared memory (bytes) options SHMMAX=(SHMMAXPGS*PAGE_SIZE+1) # Max shared memory segment size (bytes) options SHMSEG=57 # Max shared memory segments per process options SHMMNI=1024 # Max number of shared memory identifiers # System V message queues and tunable parameters options SYSVMSG # SYSV-style message queues options MSGMNB=4097 # Max characters per message queue options MSGMNI=81 # Max number of message queue identifiers options MSGSEG=4097 # Max number of message segments in the system options MSGSSZ=32 # Size of a message segment MUST be power of 2 options MSGTQL=81 # Max amount of messages in the system options _KPOSIX_PRIORITY_SCHEDULING options KBD_INSTALL_CDEV# install a CDEV entry in /dev options AHC_REG_PRETTY_PRINT# Print register bitfields in debug # output. Adds ~128k to driver. options AHD_REG_PRETTY_PRINT# Print register bitfields in debug # output. Adds ~215k to driver. options ADAPTIVE_GIANT # Giant mutex is adaptive. device apic# I/O APIC # Bus support. Do not remove isa, even if you have no isa slots device isa device eisa device pci # Floppy drives device fdc # ATA and ATAPI devices device ata device atadisk # ATA disk drives device ataraid # ATA RAID drives options ATA_STATIC_ID # Static device numbering # SCSI peripherals device scbus # SCSI bus (required for SCSI) device da # Direct
swap space
Hi, Simple question really... Can you ever have to much swap space? We're sitting with quite a nifty P4 System with 1GB Ram. We will more than likely add another 2 or 3GB in the month to come as our applications (mainly perl) are consuming vast amounts of memory and swap. We made the mistake however of just allocating 512MB swap as we did not know accurately at the time of installation what the resouce requires are going to be (especially not that it would be this high). Obviously reinstalling the entire OS / Applications is not really a option. We may want to install a dedicated 40GB just for swap... Would this be advisable, or will it actually slow the system down? And to what extend? We're running FreeBSD 5.4-STABLE. Thanks in advance. -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: swap space
We made the mistake however of just allocating 512MB swap as we did not know accurately at the time of installation what the resouce requires are going to be (especially not that it would be this high). A traditional rule of thumb is to have 1x - 2x the total RAM size in swap space. This assures that you can do a crash dump and that you can deal with peak load of 2x the normal maximum number of processes by swapping them out. Beyond that, you are probably better off with the system just refusing to fork more processes or allocate them memory. i.e. 4GB Ram, approx 8GB Swap? In that case we'll need to install a secondary HDD in any case. The current drive is already partitioned and what not, so reinstall isn't a option. Having 2 or more swap partitions should also not be a big deal? And this might be a extremely stupid question, but both are used at the same time right? Some of our other high end perl systems use allot of memory as well. We normally use stuff like SYSVSHM, SYSVMSG and SYSVSEM (Plus allot of parameters / options for it which I do not currently have with me unfortunately). Me personally, are not 100% on what the drawbacks or benefits are, but would this make a difference? In some of our production environments, we have applications terminating within seconds of reaching peak load without SYSV + magic options in the kernel. This is not because of bad code, but because of severe load (thousands of concurrent connections). The server in question right now is basically a high end anti-spam / anti-virus solution (which by nature is extremely resource intensive - look at big SA installations for example). We are already running with MAXUSERS 512 and NMBCLUSTERS=65535 as advanced features in the kernel currently. I suppose I should recompile and add SYSV (after I got the magic options again). Those two options are also so far the only options I found to tune for a high performance FBSD config... If anyone have additional resources, please feel free to share... :) I'm talking under correction, but I believe the magic options to the SYSV stuff is related to specifying the ammounts of ram to use, etc. Thanks for all the answers and suggestions!!! -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: swap space
PS: Is there a FreeBSD 5.4 stable version? FreeBSD pyro.acme.com 5.4-STABLE FreeBSD 5.4-STABLE #0: Wed Apr 27 15:51:43 SAST 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/PYRO i386 Guess so :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf out rule
to x.x.x.122 port = 123 keep state keep frags pass in quick on rl0 proto udp from c.c.c.c to x.x.x.122 port = 123 keep state keep frags # rl0 - x.x.x.122 MySQL pass in quick on rl0 proto tcp from x.x.x.120/29 to x.x.x.122 port = 3306 flags S keep state keep frags # rl0 - x.x.x.123 DNS pass in quick on rl0 proto udp from x.x.x.120/29 to x.x.x.123 port = 53 keep state keep frags # rl0 - x.x.x.123 Squid pass in quick on rl0 proto tcp from x.x.x.120/29 to x.x.x.123 port = 3128 flags S keep state keep frags pass in quick on rl0 proto tcp from y.y.0.0/16 to x.x.x.123 port = 3128 flags S keep state keep frags pass in quick on rl0 proto tcp from z.z.0.0/16 to x.x.x.123 port = 3128 flags S keep state keep frags pass in quick on rl0 proto tcp from x.x.x.120/29 to x.x.x.123 port = 3130 flags S keep state keep frags # rl0 - x.x.x.123 PMX pass in quick on rl0 proto tcp from x.x.x.122 to x.x.x.123 port = 10024 flags S keep state keep frags pass in quick on rl0 proto tcp from any to x.x.x.123 port = 18080 flags S keep state keep frags pass in quick on rl0 proto tcp from any to x.x.x.123 port = 28080 flags S keep state keep frags # Le Grande Finale block in log quick on rl0 all As always, looking forward to some help :) -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' - Original Message - From: [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, May 02, 2005 1:56 AM Subject: RE: ipf out rule When asking for help with firewall rules you have to post complete content of firewall rule set file because some previous rule may be dropping all packets. If this is your complete rule set them you are missing the mandatory L0 interface rule to pass quick all. rl0 must be Nic connected to public internet. x.x.x.120/29 is ip address range of pc's on private LAN behind firewall. This is not much of firewall with everything being allowed out. You could replace all of these meaning less statements with pass quick all from any to any You really need to read firewall section of the official handbook. It has working examples of ipf.rules rule set along with detailed explanation of how to build firewall rules. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Knipe Sent: Sunday, May 01, 2005 6:56 PM To: [EMAIL PROTECTED] Subject: ipf out rule Hi, Can anyone take a minute to just explain to me why ipf is blocking this... ipf.rules: # rl0 - Outgoing pass out quick on rl0 proto tcp from x.x.x.120/29 to any flags S keep state keep frags pass out quick on rl0 proto udp from x.x.x.120/29 to any keep state keep frags pass out quick on rl0 proto icmp from x.x.x.120/29 to any keep state keep frags block out log quick on rl0 all ipftest: opening rule file ipf.new in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 input: in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 pass ip 40(20) 6 196.25.1.1,2210 x.x.x.122,22 -- out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 input: out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 block ip 40(20) 6 x.x.x.122,22 196.25.1.1,2210 Thanks. -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipf out rule
Hi, Can anyone take a minute to just explain to me why ipf is blocking this... ipf.rules: # rl0 - Outgoing pass out quick on rl0 proto tcp from x.x.x.120/29 to any flags S keep state keep frags pass out quick on rl0 proto udp from x.x.x.120/29 to any keep state keep frags pass out quick on rl0 proto icmp from x.x.x.120/29 to any keep state keep frags block out log quick on rl0 all ipftest: opening rule file ipf.new in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 input: in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 pass ip 40(20) 6 196.25.1.1,2210 x.x.x.122,22 -- out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 input: out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 block ip 40(20) 6 x.x.x.122,22 196.25.1.1,2210 Thanks. -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf out rule
First of all what I see in your log is just normal hacker traffic probing for access to your box. Your firewall is doing it's job denying this bogus traffic. I get over 1500 of these daily. I run the abuse reporting system to report this junk to the owners of the ip address range. You can download copy of the abuse reporting system scripts from http://www.unixguide.net/freebsd/fbsd_installguide/index.php Hmm ok, Thanks. I'll have a look at that. What I am picking up however, is that they only come after I browsed to a site for example. It may just be fragments or something. If it's not serious, it's not serious. I don't see any affect as such from using the server, so it must not be serious. now about your rule set. 1. the Lo0 rules is just to allow your PC to talk to itself, so 'keep state' option is wasted over head. Remove keep state from those 2 rules. Thanks. 2. this rule block in log quick all with frag is dropping all frags so the keep frag option on all the rules is useless so remove it from all rules. Allrighty. 3. Your problem about ftp is not described enough in detail to debug. Not working how? Can you access public ftp sites from the firewall box and or from LAN pc's? Are you running a FTP server and remote users can not access your ftp server? If so is FTP server on firewall box or on LAN pc? Add log option to your ftp rules and read log to view ftp packet traffic to debug Are you running NAT for LAN users, if so post NAT rules There are no Internal network, or LAN. This is a co-located server in a data center (thus firewall and all services are on the same machine). PASV FTP coming in to the server is not working logs: May 2 15:20:45 pyro pure-ftpd[23394]: ([EMAIL PROTECTED]) [INFO] New connection from x.x.x.x May 2 15:20:46 pyro pure-ftpd[23395]: ([EMAIL PROTECTED]) [INFO] cknipe is now logged in May 2 15:20:46 pyro ipmon[8689]: 15:20:46.628707 rl0 @0:62 b x.x.x.x,4049 - a.a.a.122,33273 PR tcp len 20 48 -S IN May 2 15:20:49 pyro ipmon[8689]: 15:20:49.556181 rl0 @0:62 b x.x.x.x,4049 - a.a.a.122,33273 PR tcp len 20 48 -S IN May 2 15:21:53 pyro pure-ftpd[23395]: ([EMAIL PROTECTED]) [INFO] Logout. 4. You are allowing out all services originating from behind your firewall. This is a very unsecure practice. Your LAN PC's or the firewall box it self could have a Trojan or spyware and you will never know it. Change the rules to only allow out the services you expect to be using like shown in the official handbook firewall section. See above :) -- Chris. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Chris Knipe Sent: Monday, May 02, 2005 6:19 AM To: [EMAIL PROTECTED] Subject: Re: ipf out rule Ok, that is fair enough. I did manage to get it up and running without locking myself out though *yay* I am having 2 issues mainly. FTP doesn't work at all (PASV or not), and I am getting allot of false drops on packets which *should* be allowed... Quick dump from the log file: May 2 12:11:03 pyro ipmon[8689]: 12:11:02.335403 rl0 @0:62 b y.y.195.133,1201 - x.x.x.123,3128 PR tcp len 20 40 -AF IN May 2 12:11:05 pyro ipmon[8689]: 12:11:04.760397 rl0 @0:62 b y.y.195.133,1201 - x.x.x.123,3128 PR tcp len 20 40 -AF IN May 2 12:11:10 pyro ipmon[8689]: 12:11:09.787481 rl0 @0:62 b y.y195.133,1201 - x.x.x.123,3128 PR tcp len 20 40 -AF IN May 2 12:11:20 pyro ipmon[8689]: 12:11:19.744860 rl0 @0:62 b y.y.195.133,1201 - x.x.x.123,3128 PR tcp len 20 40 -AF IN May 2 12:11:40 pyro ipmon[8689]: 12:11:39.760718 rl0 @0:62 b y.y.195.133,1201 - x.x.x.123,3128 PR tcp len 20 40 -AF IN /etc/ipf.rules: # lo0 - Loopback pass in quick on lo0 all keep state pass out quick on lo0 all keep state # Bad Packet Murder block in log quick all with ipopts block in log quick all with short block in log quick all with frag block return-rst in log quick proto tcp all flags FUP block return-rst in log quick proto tcp all flags FSRPAU # # Outside Interfaces # # rl0 - Outgoing pass out quick on rl0 proto tcp from x.x.x.120/29 to any flags S keep state keep frags pass out quick on rl0 proto udp from x.x.x.120/29 to any keep state keep frags pass out quick on rl0 proto icmp from x.x.x.120/29 to any keep state keep frags block out log quick on rl0 all # # Block and log all remaining traffic coming into the firewall # - Block TCP with a RST (to make it appear as if the service # isn't listening) # - Block UDP with an ICMP Port Unreachable (to make it appear # as if the service isn't listening) # - Block all remaining traffic the good 'ol fashioned way # # rl0 - Global Incoming block in quick on rl0 from 0.0.0.0/7 to any block in quick on rl0 from 2.0.0.0/8 to any block in quick on rl0 from 5.0.0.0/8 to any block in quick on rl0
ipf out rule
Hi, Can anyone take a minute to just explain to me why ipf is blocking this... ipf.rules: # rl0 - Outgoing pass out quick on rl0 proto tcp from x.x.x.120/29 to any flags S keep state keep frags pass out quick on rl0 proto udp from x.x.x.120/29 to any keep state keep frags pass out quick on rl0 proto icmp from x.x.x.120/29 to any keep state keep frags block out log quick on rl0 all ipftest: opening rule file ipf.new in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 input: in on rl0 tcp 196.25.1.1,2210 x.x.x.122,22 pass ip 40(20) 6 196.25.1.1,2210 x.x.x.122,22 -- out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 input: out on rl0 tcp x.x.x.122,22 196.25.1.1,2210 block ip 40(20) 6 x.x.x.122,22 196.25.1.1,2210 Thanks. -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: weird problem with ipfw and ftp
You need tcp port 20 as well (ftp-data) -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' - Original Message - From: Clement Twine [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Tuesday, April 12, 2005 9:19 AM Subject: weird problem with ipfw and ftp hi freebsd users, i have a problem with users accessing my ftp service from the internet. everything was working well until i changed from Linux/shorewall to freebsd/ipfw as my firewall. my setup is briefly as follows: FTP_Server (10.0.0.1) --- Firewall (IPFW) - INTERNET The linux rules were just two (and were working): allow tcp from any to 10.0.0.1 21 allow tcp from 10.0.0.1 21 to any I have the following in ipfw but they have refused to work! ipfw add 00010 allow tcp from any to 10.0.0.1 21 ipfw add 00011 allow tcp from 10.0.0.1 21 to any The problem is that an ftp session is established, but when the session enters passive mode, the ftp session hangs. Are there any other ports that need to be opened? Has anyone had such a problem before? I can see in the logs that unprivileged ports are responding from the ftp server to the requestor - but have tried all combinations of rules to no avail! Please help! Regards, Clem. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/sbin/ppp error codes
Lo all, From the ppp man page. -background Here, ppp attempts to establish a connection with the peer imme- diately. If it succeeds, ppp goes into the background and the parent process returns an exit code of 0. If it fails, ppp exits with a non-zero result. Where can I see what the other 'non-zero' results are, and what they mean? I'm looking for the specific return to indicate a authentication failure. -- Chris. I love deadlines. I especially love the whooshing sound they make as they fly by... - Douglas Adams, 'Hitchhiker's Guide to the Galaxy' ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
date change
Lo all, Firstly, I am well aware of the implications, risks, and everything else associated with this... Unfortunately due to means out of my control, I have no alternative, and quite frankly, this is on a very secure system where no one has access to : Right. How / what do I change (I presume this is kernel level) in order to allow root AND normal users to be able to set the system date via the 'date' command? I would actually prefer to juse allow uid 0 (root) plus one additional uid to be able to change it. I had a look at /usr/src/bin/date but couldn't really find anything there - hence, I am presuming the limitation is coming from the kenrel. If anyone can be of some aid, I'll appreciate it allot. This is currently on a 4.10 system, I will more than likely upgrade it to 5.x-STABLE in the near future. Regards, Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: date change
On 3/22/2005 14:23, Chris Knipe seems to have typed: How / what do I change (I presume this is kernel level) in order to allow root AND normal users to be able to set the system date via the 'date' command? I would actually prefer to juse allow uid 0 (root) plus one additional uid to be able to change it. sounds like a perfect job for /usr/ports/security/sudo Never even thought about that... *slaps himself silly*. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [OT] Re: MS Exchange server on FreeBSD?
Don't you all want to at least mention Open Groupware? http://www.opengroupware.org/ How about something that supports MySQL? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
newsyslog
Can anyone perhaps just give me a sample for 'when' in newsyslog.conf to get rotation to rotate at 00:00 on the 1st of the month? I tried '@$M18D0' to no evail... -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: no x on server
WITHOUT_X11=yes - Original Message - From: dave [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Saturday, March 05, 2005 3:53 PM Subject: no x on server Hello, I've got a new box that i'm putting 5.3 on. I do not want any ports to install x, on machines i've seen sometimes doing a port install installs a dependent port which then pulls in x. This is behavior i do not want on this box. Any pointers? Thanks. Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ppp failure
Hi, Can some ppp guru not by any change tell me why the below session is failing? I never seem to be able to properly read these PPP sessions... Feb 22 16:31:44 wsmd01 pppoed[7845]: Listening Feb 22 16:31:44 wsmd01 pppoed[8045]: Offering to .:exec-8045 as access concentrator wsmd01 Feb 22 16:31:44 wsmd01 pppoed[8045]: adding to .:exec-8045 as offered service wsmd01 Feb 22 16:31:44 wsmd01 pppoed[8045]: Received NGM_PPPOE_SESSIONID (hook %) Feb 22 16:31:44 wsmd01 pppoed[8045]: Received NGM_PPPOE_SUCCESS (hook exec-8045) Feb 22 16:31:44 wsmd01 pppoed[8045]: Executing: exec /usr/sbin/ppp -direct PPPoE Feb 22 16:31:44 wsmd01 ppp[8045]: Phase: Using interface: tun1 Feb 22 16:31:44 wsmd01 ppp[8045]: Phase: deflink: Created in closed state Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: default: ident user-ppp VERSION (built COMPILATIONDATE) Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: default: set device /dev/cuaa1 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: default: set speed 115200 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5 AT OK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: PPPoE: enable lqr proxy Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: PPPoE: enable pap chap passwdauth Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: PPPoE: set ifaddr 192.168.1.20 192.168.1.200-192.168.1.254 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: IPCP: Selected IP address 192.168.1.241 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Command: PPPoE: accept dns Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: PPP Started (direct mode). Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: bundle: Establish Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: deflink: closed - opening Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: deflink: Link is a netgraph node Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: deflink: Connected! Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: deflink: opening - carrier Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Phase: deflink: carrier - lcp Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: FSM: Using deflink as a transport Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: State change Initial -- Closed Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: State change Closed -- Stopped Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: RecvConfigReq(1) state = Stopped Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1440 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0x1771 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: Warning: deflink: Reducing configured MRU from 1500 to 1492 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: SendConfigReq(1) state = Stopped Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: ACFCOMP[2] Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: PROTOCOMP[2] Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: ACCMAP[6] 0x Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1492 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0xf9d75109 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: QUALPROTO[8] proto c025, interval 3ms Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: SendConfigAck(1) state = Stopped Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1440 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0x1771 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: LayerStart Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: State change Stopped -- Ack-Sent Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: RecvConfigRej(1) state = Ack-Sent Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: SendIdent(0) state = Ack-Sent Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM f9d75109 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: TEXT user-ppp 3.1 (built Feb 23 2004) Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: QUALPROTO[8] proto c025, interval 3ms Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: deflink: SendConfigReq(2) state = Ack-Sent Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: ACFCOMP[2] Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: PROTOCOMP[2] Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: ACCMAP[6] 0x Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1492 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0xf9d75109 Feb 22 16:31:44 wsmd01 ppp[8045]: tun1: LCP: AUTHPROTO[5] 0xc223 (CHAP 0x05) Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: deflink: RecvConfigReq(2) state = Ack-Sent Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1440 Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0x1771 Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: deflink: SendConfigAck(2) state = Ack-Sent Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: MRU[4] 1440 Feb 22 16:31:46 wsmd01 ppp[8045]: tun1: LCP: MAGICNUM[6] 0x1771 Feb 22 16:31:46 wsmd01 ppp[8043]: tun0: LCP: deflink: LayerFinish Feb 22
high latency
Hi, I have 4 FreeBSD Servers connected to a Cisco 2950 all doing inter-VLAN routing. Everything is working right, but one server is getting absurdly high latency through the VLANs. problem box: [EMAIL PROTECTED]:/home/cknipe# ping 198.19.0.1 PING 198.19.0.1 (198.19.0.1): 56 data bytes 64 bytes from 198.19.0.1: icmp_seq=0 ttl=64 time=1020.571 ms 64 bytes from 198.19.0.1: icmp_seq=2 ttl=64 time=1114.468 ms 64 bytes from 198.19.0.1: icmp_seq=3 ttl=64 time=934.580 ms 64 bytes from 198.19.0.1: icmp_seq=4 ttl=64 time=814.296 ms 64 bytes from 198.19.0.1: icmp_seq=5 ttl=64 time=682.657 ms 64 bytes from 198.19.0.1: icmp_seq=6 ttl=64 time=1173.596 ms 64 bytes from 198.19.0.1: icmp_seq=7 ttl=64 time=1212.085 ms 64 bytes from 198.19.0.1: icmp_seq=8 ttl=64 time=1021.996 ms 64 bytes from 198.19.0.1: icmp_seq=9 ttl=64 time=826.783 ms 64 bytes from 198.19.0.1: icmp_seq=10 ttl=64 time=372.565 ms ^C --- 198.19.0.1 ping statistics --- 12 packets transmitted, 10 packets received, 16% packet loss round-trip min/avg/max/stddev = 372.565/917.360/1212.085/241.657 ms second box: [EMAIL PROTECTED]:~# ping 198.19.0.1 PING 198.19.0.1 (198.19.0.1): 56 data bytes 64 bytes from 198.19.0.1: icmp_seq=0 ttl=64 time=1.847 ms 64 bytes from 198.19.0.1: icmp_seq=1 ttl=64 time=1.484 ms 64 bytes from 198.19.0.1: icmp_seq=2 ttl=64 time=1.478 ms 64 bytes from 198.19.0.1: icmp_seq=3 ttl=64 time=1.564 ms 64 bytes from 198.19.0.1: icmp_seq=4 ttl=64 time=1.913 ms 64 bytes from 198.19.0.1: icmp_seq=5 ttl=64 time=3.057 ms 64 bytes from 198.19.0.1: icmp_seq=6 ttl=64 time=1.839 ms 64 bytes from 198.19.0.1: icmp_seq=7 ttl=64 time=1.526 ms 64 bytes from 198.19.0.1: icmp_seq=8 ttl=64 time=2.791 ms 64 bytes from 198.19.0.1: icmp_seq=9 ttl=64 time=1.522 ms ^C --- 198.19.0.1 ping statistics --- 10 packets transmitted, 10 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.478/1.902/3.057/0.537 ms The other's ping basically the same (1.4ms - 4ms). Now, the problematic box is running a RealTek card, netstat -bin reports no input / output errors. The interface on the Cisco 2950 also doesn't report any problems or errors on the interface. Does anyone have some recommendations? I'm thinking of just switching the NIC out, but I'd rather want to make sure first that is actually the problem. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re: high latency
Hi, I have 4 FreeBSD Servers connected to a Cisco 2950 all doing inter-VLAN routing. Everything is working right, but one server is getting absurdly high latency through the VLANs. [...] Now, the problematic box is running a RealTek card, Ugh. You don't say which one, but I just cured a prob with nfs by replacing a brand new Realtek card with an old digital NIC that was lying around. Not for the first time, I vow never to use Realtek cards again. Yup. Switched the card and problem solved. I use RealTek mainly because I have heard that they have the best support for VLANs with large packets inside those VLANs. Oh well, we'll be running only cisco on the networking side pretty soon, then there wont be a use for VLANs on the servers :) Thanks -- chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php4-extentions
TY. - Original Message - From: Cezar Fistik [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Wednesday, February 09, 2005 2:29 PM Subject: Re: php4-extentions Hi, Try 'make config' in php-extesions port's directory. regards, Cezar - Original Message - From: Chris Knipe [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Wednesday, February 09, 2005 1:50 AM Subject: php4-extentions === Vulnerability check disabled, database not found === Found saved configuration for php4-extensions-1.0 === Extracting for php4-extensions-1.0 Where's the configuration saved? I need to reconfigure it.. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
php4-extentions
=== Vulnerability check disabled, database not found === Found saved configuration for php4-extensions-1.0 === Extracting for php4-extensions-1.0 Where's the configuration saved? I need to reconfigure it.. -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw / ppp NAT
Hi, Is there any way that I can get / configure ipfw / Kernel PPP to rewrite the source address via NAT? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw / ppp NAT
Ok wait, let me explain a bit more, because it seems the source-address is not my problem. y.y - x.x - x.1 y.y is a IP from the Internet x.x is the FreeBSD gateway, and x.1 is a client on a internal network I run NAT (via ipfw / ppp) on x.x. The packet comes in from y.y, via x.x, to x.1, HOWEVER, the source-address of the packet ariving at x.1 is still y.y. I want the source address of the packet ariving at x.1 to be x.x, and not y.y -- Chris. - Original Message - From: Chris Knipe [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Sunday, February 06, 2005 2:37 PM Subject: ipfw / ppp NAT Hi, Is there any way that I can get / configure ipfw / Kernel PPP to rewrite the source address via NAT? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Re[2]: ipfw / ppp NAT
given that tun0 is the interface that connects x.x to the world (y.y) then what you have now would be: ipfw add divert natd all from any to any via tun0 from what I understand what you want you should probably add somethin like: ipfw add divert natd all from any to any via rl0 rl0 being the interface connecting x.x to x.1 on related news, why would u want to do something like that ? Hexren Quite complex 1) I have a routed network on 198.18/15 going via NAT to the net. 2) I have two gateways, running VRRP for high redundancy. 3) Gateway 1 routes local traffic via tun0, the rest (ala international) is sent to gateway 2 4) Gateway 2 routes the rest via tun0, and local traffic to gateway 1 This all happens now via BGP, and so far this is working without a problem. The problem now, is that I only receive one real IP per PPPoE session. Multilink is out of the question (not supported), so is getting multiple IPs per session. A further problem, is that the gateway address of these PPPoE sessions, are 100% exactly the same. Thus, what I need to achieve now (and hence what is my problem): 1) I need to establish MULTIPLE PPPoE sessions on Gateway 1 (even if the gateway address of the PtP link are the same) - BIG problem. I have semi fixed this by forcing my gateway address of the secondary pppoe sesssions to be the rl0 interface (and this is working) (i.e. ifaddr 10.0.0.1/32 x.x.x.x 255.255.255.0 0.0.0.0) 2) I need to be able to forward the live ip address received from one of the secondary PPPoE Sessions on Gateway1 to any host inside my routed network (198.18/15). 3) The load balancing and routing between Gateway 1 and Gateway 2 should all still work, and basically just exclude what ever is happening on the secondary PPPoE Sessions. I know I'm not giving allot of information, but this is ALLOT of work / configurations. If it's not a problem, I will post what is required (config wise), but yeah... We're talking close to 300 statically managed routes between Gateway 1 2... What my problem is now, is basically what would seem, like a nat / routing issue. PPP1 - GW1 - 198.18/15 PPP2 - GW1 - CLIENT1 INSIDE 198.18/15 Incoming, the connectivity is working. I establish a connection to PPP2, GW1 forwards the data to CLIENT1, and a tcpdump shows that the data does arrive. The problem is that the replies from CLIENT one, goes to GW1 and GW1 transmit the data back to the Internet via PPP1, and not PPP2.. Thus, in a nutshell now, I need to map PPPx to CLIENTx without causing any problems for the rest of the network -- Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VRRP
Hi, Does FreeBSD have any support, or does anyone know of any open source applications that can be used to get some form of VRRP into FreeBSD 4.11 / 5.x? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CVS Blues
Lo all, I'm trying to get a CVS Repositry running via pserver. After allot of googling, I managed to get the server up and authentication working via the internal passwd file. However, as soon as I log in to the repositry (via wincvs), the cvs process on the server core dumps with sig 11 Jan 25 17:00:12 netsphere xinetd[87286]: Started working: 1 available service Jan 25 17:00:21 netsphere /kernel: pid 87296 (cvs), uid 89: exited on signal 11 I tried running cvs both as root as well as with its own user - it doesn't really change anything... Does anyone have some hope for me? -- Chris. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Adding IP's ifconfig problems
ifconfig_fxp0=inet 208.53.17X.8 netmask 255.255.255.0 ^ ifconfig_fxp0=inet 208.53.17X.8 netmask 255.255.255.240 ifconfig_fxp0_alias0=inet 208.53.17X.2 netmask 255.255.255.240 ^^ Netmask should be 255.255.255.255 on a alias if it is from the same network as the primary address. ifconfig_fxp0_alias6=inet 208.53.17X.8 netmask 255.255.255.240 ^^^ You already assigned this address?!?!?! -- Chris * ** This email has been scanned by Cenergy Networks for viruses and ** ** spam. As part of our ongoing drive to ensure reliable and ** ** secure communications, Cenergy Networks guarantees this message ** ** to be clean of any viruses or spam. Should you not be satisfied** ** with the content of this email, please let us know by emailing ** ** us at [EMAIL PROTECTED] ** * ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
licensing
Quick question I'm not sure about the license that FreeBSD falls under. Are we allowed to modify code (specifically /sbin/natd) and resell it commercially as part of a product?? Secondly, natd runs via divert in usermode. Is there something similar in kernel mode? Kernelmode will obviously operate allot faster than usermode... -- me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IP Management
Lo all (again), A bit off-topic, but I thought if there is something like what I want, someone on this list should know about it... I'm looking for IP Management software (IP Networks that is). Basically, my own repository where I can allocate a certain network of numbers to a client below us, and have a record of who has what IP addresses. Something like a local whois server I suppose... Is there something like this out there?? Can anyone recommend some packages that is worth looking in to?? I'd prefer it if the entire thing is MySQL based so that I can integrate it into existing customer management software. Regards, Chris. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PPPoE misbehaving?
Hi Gleb and the rest, Thank you all for the replies. The card is a Senao NL-2054PCI, based on the Atheros chipset... pciconf -lv reports: [EMAIL PROTECTED]:9:0: class=0x02 card=0x2027168c chip=0x0013168c rev=0x01 hdr=0x00 vendor = 'Atheros Communications Inc.' device = '802/11b/g AR5212 wireless Adapter' class= network subclass = ethernet As I did indicate, the card is working and functioning properly - I am 99% sure it is a problem related with PPPoEd, or something in regards to PPPoE over the Ethernet card (which, can also be possible I guess). I've tried all the other suggestions that was made, and none of them seemed to have changed anything. From what I can see, the client sends and attempts to initiate the PPPoE connection properly, but the PPPoE daemon does not receive the packets / or does not initiate a session - which, needs to be completed before any sub processes will be spawned. It's quite urgent that I get this working An alternative would be to port the ath drivers to the 4.X tree - but I really don't think that's even a option I can only imagine the amount of work that would be required for this. Are there possibly any other open source PPPoE Daemons available that I can possibly try on FreeBSD 5.2?? Look forward to hearing from you all -- me - Original Message - From: Gleb Smirnoff [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED] Sent: Friday, July 16, 2004 9:35 PM Subject: Re: PPPoE misbehaving? Chris, what network card do you have? On Fri, Jul 16, 2004 at 07:53:21PM +0200, Martin wrote: M Am Fr, den 16.07.2004 schrieb Chris Knipe um 12:44: M M Also fine Lastly, the client fires off a PPPoE session... TCPDump shows M the packets without problems... M tcpdump: listening on ath0 M 12:31:09.050286 PPPoE PADI [Service-Name] [Host-Uniq UTF8] M 12:31:09.122091 PPPoE PADI [Service-Name] [Host-Uniq UTF8] M ^C M 2 packets received by filter M 0 packets dropped by kernel M M However, the PPPoE Deamon simply does not pick it up and does nothing. No M session is initiated, no ppp processes are spawned, nothing... M M I submitted a PR (kern/69133) about this: M http://www.freebsd.org/cgi/query-pr.cgi?pr=kern%2F69133 M M Has M something changed? M M PPPoE is broken for me on -CURRENT, too, now since about 2 weeks. M M Martin M M M ___ M [EMAIL PROTECTED] mailing list M http://lists.freebsd.org/mailman/listinfo/freebsd-current M To unsubscribe, send any mail to [EMAIL PROTECTED] -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PPPoE misbehaving?
Hi Gleb, I'm afraid to say it still does exactly the same... No change what so ever... pppoed: su-2.05b# /usr/libexec/pppoed -Fd -P /var/run/pppoed.pid -a pppoe -p * -l pppoe ath0 Sending NGM_LISTHOOKS to ath0: Got reply from id [1]: Type ether with 1 hooks Got [1]:orphans - [4]:ethernet Sending PPPOE_LISTEN to .:pppoe-601, provider * pppoed[601]: Listening as provider * tcpdump: 04:11:47.145798 PPPoE PADI [Service-Name] [Host-Uniq UTF8] 04:11:48.195504 PPPoE PADI [Service-Name] [Host-Uniq UTF8] HOWEVER! When I start PPPOE on ath0 (Wireless), and rl0 (cabled), there is definate differences ath0: su-2.05b# /usr/libexec/pppoed -Fd -P /var/run/pppoed.pid -a pppoe -p * -l pppoe ath0 Sending NGM_LISTHOOKS to ath0: Got reply from id [1]: Type ether with 1 hooks Got [1]:orphans - [4]:ethernet Sending PPPOE_LISTEN to .:pppoe-601, provider * pppoed[601]: Listening as provider * rl0: Sending NGM_LISTHOOKS to rl0: Got reply from id [2]: Type ether with 0 hooks Send MKPEER: rl0:orphans - [type pppoe]:ethernet Sending PPPOE_LISTEN to .:pppoe-602, provider * pppoed[602]: Listening as provider * pppoed[602]: Got 60 bytes of data: 000c766aa50b8863110900100101010300080a000d00 pppoed[604]: Creating a new socket node pppoed[602]: Listening as provider * pppoed[604]: Sending CONNECT from .:exec-604 - rl0:orphans.exec-604 pppoed[604]: Sending NGM_SOCK_CMD_NOLINGER to socket pppoed[604]: Offering to .:exec-604 as access concentrator pppoe pppoed[604]: adding to .:exec-604 as offered service pppoe pppoed[604]: Sending original request to .:exec-604 (60 bytes) pppoed[604]: Waiting for a SUCCESS reply .:exec-604 pppoed[604]: Received NGM_PPPOE_SESSIONID (hook ) pppoed[604]: Received NGM_PPPOE_SUCCESS (hook exec-604) pppoed[604]: Executing: exec /usr/sbin/ppp -direct pppoe So yes... Exactly the same program, modules, and configuation works with the rl drivers, but not with the ath drivers... I suppose now it is down to being a driver issue??? -- Chris. - Original Message - From: Gleb Smirnoff [EMAIL PROTECTED] To: Chris Knipe [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, July 19, 2004 2:22 AM Subject: Re: PPPoE misbehaving? On Mon, Jul 19, 2004 at 02:17:00AM +0200, Chris Knipe wrote: C Thank you all for the replies. The card is a Senao NL-2054PCI, based on the C Atheros chipset... pciconf -lv reports: C C [EMAIL PROTECTED]:9:0: class=0x02 card=0x2027168c chip=0x0013168c rev=0x01 C hdr=0x00 C vendor = 'Atheros Communications Inc.' C device = '802/11b/g AR5212 wireless Adapter' C class= network C subclass = ethernet C C As I did indicate, the card is working and functioning properly - I am 99% C sure it is a problem related with PPPoEd, or something in regards to PPPoE C over the Ethernet card (which, can also be possible I guess). I've tried C all the other suggestions that was made, and none of them seemed to have C changed anything. From what I can see, the client sends and attempts to C initiate the PPPoE connection properly, but the PPPoE daemon does not C receive the packets / or does not initiate a session - which, needs to be C completed before any sub processes will be spawned. Try to activate this paragraph in ng_pppoe.c: #if 0 #define AAA printf(pppoe: %s\n, __func__ ); #define BBB printf(-%d-, __LINE__ ); #else #define AAA #define BBB #endif I mean change if 0 to if 1. Then rebuild a new ng_pppoe.ko. Then try to connect, ensure that you see PADI's with tcpdump. And then report what do you have (or have not) logged on console. Thanks. C for this. Are there possibly any other open source PPPoE Daemons available C that I can possibly try on FreeBSD 5.2?? Seems like the issue is either with network driver or ng_pppoe, not with pppoed daemon. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PPPoE misbehaving?
Lo all, I recently upgraded to FreeBSD 5.2 to get support for the ath devices... All it well (so far), but I'm baffled as to why my PPPoEd aren't operating... A quick example... su-2.05b# ifconfig ath0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1250 ether 00:02:6f:20:98:bb media: IEEE 802.11 Wireless Ethernet DS/1Mbps hostap (autoselect hostap) status: associated ssid VARYNET-HS01 1:VARYNET-HS01 channel 6 authmode OPEN powersavemode OFF powersavesleep 100 wepmode MIXED weptxkey 1 wepkey 1:40-bit All is fine, the WLAN is up and working. When I do assign IP addresses on the interface, the WiFi Client can talk to the server via the wireless network. Thus, the network itself is fine... Next, I start up PPPoEd: su-2.05b# /usr/libexec/pppoed -Fd -l pppoe ath0 Sending NGM_LISTHOOKS to ath0: Got reply from id [1]: Type ether with 1 hooks Got [1]:orphans - [4]:ethernet Sending PPPOE_LISTEN to .:pppoe-5086, provider pppoed[5086]: Listening Also fine Lastly, the client fires off a PPPoE session... TCPDump shows the packets without problems... tcpdump: listening on ath0 12:31:09.050286 PPPoE PADI [Service-Name] [Host-Uniq UTF8] 12:31:09.122091 PPPoE PADI [Service-Name] [Host-Uniq UTF8] ^C 2 packets received by filter 0 packets dropped by kernel However, the PPPoE Deamon simply does not pick it up and does nothing. No session is initiated, no ppp processes are spawned, nothing... This exact same configuration over a wired network works perfectly with FBSD4.10... Has something changed? -- me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Compiling issues...
Lo all, The software... FreeBSD4.9-STABLE, Apache 1.3.27, and PHP4 4.3.7 (From Ports). Everything compiles fine, running mySQL Client version 5.0 LDD shows: [EMAIL PROTECTED]:/usr/local/libexec/apache# ldd /usr/local/libexec/apache/libphp4.so /usr/local/libexec/apache/libphp4.so: libcrypto.so.3 = /usr/local/lib/libcrypto.so.3 (0x284b8000) libssl.so.3 = /usr/local/lib/libssl.so.3 (0x285ab000) libcrypt.so.2 = /usr/lib/libcrypt.so.2 (0x285da000) libmcal.so = /usr/local/lib/libmcal.so (0x285f3000) libc-client4.so.8 = /usr/local/lib/libc-client4.so.8 (0x28603000) libzzip.so.10 = /usr/local/lib/libzzip.so.10 (0x286b7000) libexpat.so.5 = /usr/local/lib/libexpat.so.5 (0x286bd000) libsnmp.so.4 = /usr/local/lib/libsnmp.so.4 (0x286da000) libhistory.so.4 = /usr/lib/libhistory.so.4 (0x28734000) libreadline.so.4 = /usr/lib/libreadline.so.4 (0x2873a000) libncurses.so.5 = /usr/lib/libncurses.so.5 (0x2876) libpspell.so.15 = /usr/local/lib/libpspell.so.15 (0x287a2000) libmysqlclient.so.14 = /usr/local/lib/mysql/libmysqlclient.so.14 (0x287a4000) libsybdb.so.4 = /usr/local/lib/libsybdb.so.4 (0x287d6000) libming.so.3 = /usr/local/lib/libming.so.3 (0x28821000) libm.so.2 = /usr/lib/libm.so.2 (0x28855000) libmhash.so.2 = /usr/local/lib/libmhash.so.2 (0x28871000) libmcve.so.3 = /usr/local/lib/libmcve.so.3 (0x2888a000) libmcrypt.so.8 = /usr/local/lib/libmcrypt.so.8 (0x28897000) libltdl.so.4 = /usr/local/lib/libltdl.so.4 (0x288ca000) libpam.so.1 = /usr/lib/libpam.so.1 (0x288d2000) libiconv.so.3 = /usr/local/lib/libiconv.so.3 (0x288dc000) libgmp.so.3 = /usr/lib/libgmp.so.3 (0x289ca000) libintl.so.5 = /usr/local/lib/libintl.so.5 (0x289e) libt1.so.5 = /usr/local/lib/libt1.so.5 (0x289e9000) libfreetype.so.9 = /usr/local/lib/libfreetype.so.9 (0x28a35000) libpng.so.5 = /usr/local/lib/libpng.so.5 (0x28a87000) libz.so.2 = /usr/lib/libz.so.2 (0x28aab000) libjpeg.so.9 = /usr/local/lib/libjpeg.so.9 (0x28ab9000) libdb41.so.1 = /usr/local/lib/libdb41.so.1 (0x28ad7000) libgdbm.so.3 = /usr/local/lib/libgdbm.so.3 (0x28b77000) libcurl.so.3 = /usr/local/lib/libcurl.so.3 (0x28b7d000) libbz2.so.1 = /usr/lib/libbz2.so.1 (0x28ba9000) libudmsearch.so.1 = /usr/local/lib/libudmsearch.so.1 (0x28bb9000) libssl.so.3 = /usr/lib/libssl.so.3 (0x28bf) libcrypto.so.3 = /usr/lib/libcrypto.so.3 (0x28c2) libaspell.so.15 = /usr/local/lib/libaspell.so.15 (0x28d1f000) libstdc++.so.3 = /usr/lib/libstdc++.so.3 (0x28dec000) libmysqlclient.so.10 = not found (0x0) Apache complains: [EMAIL PROTECTED]:/usr/local/libexec/apache# apachectl configtest Syntax error on line 42 of /usr/local/etc/apache/httpd.conf: Cannot load /usr/local/libexec/apache/libphp4.so into server: Shared object libmysqlclient.so.10 not found Now, from the LDD, why would PHP link against libmysqlclient.so.14 (for 5.0-ALPHA of mysqlclient), AS WELL AS libmysqlclient.so.10 (which was an older 3.x version). so.10 doesn't even exist on my system anymore... And yes, I tried symlinking, it is looking for references which doesn't exist in so.14 Uhm, am I stupid, or is something broken?? -- me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SATA
Lo all, How much of SATA is supported in FreeBSD?? A couple of questions if I may Firstly, is the Adaptec 2819SA (8-Port SATA RAID Controller) supported by FreeBSD (4.8/4.9), and if it is, will a ufs file system cope with a 2TB, or bigger partition (8 x 250GB SATA). I then also presume that if the OS supports the partition, I should have no problems in regards to applications reading/writing to and from that partition (samba mainly). From what I can see at Adaptec, this card is COMPLETELY hardware based, which tells me that any OS will see the RAID Array as a single hard drive, and therefore it should make very little difference whether or not it is supported. But yeah, with 2TB, I'd rather not take chances... The alternative is to build up a new Win2003 Server, and for that I really do not have the patience :) Regards, Me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
PPP Question - should be easy...
Hi all, I was just wondering, I run ppp from rc.conf with -ddial, and it is working brilliantly. However, I need to change ppp configurations quite frequently, is there a quick way to tell ppp to reload the configuration without killing it? I am specifically looking to change values in the label that is run from rc.conf with -ddial... I'm hoping in some way that I can send ppp a -HUP and it will use the new values when the ppp process reconnects automatically in -ddial mode. Thanks for your time, and I look forward to some possible answers. Regards, Chris. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loading balancing with more than one ISP.
On Sun, 18 Jan 2004, Chris Knipe wrote: I have a service set up, some.host IN A A.A.A.x (i.e. in network A and gateway A). Now, the moment some one from network B connects to the service I've setup on network A, the FreeBSD Box will route the reply packets out on network B (because of the client's address) and hence, it follows a invalid networ path and the connection fails. The same will also happen when someone from Network A tries to connect to a IP on Network B ex: don't understand this, it should work. what you're describing seems to be a dual homed freebsd set up as a simple gateway between two networks. Ok, maybe it was a bit confusing from me... Let's take a real world example (i.e. my setup - or part's there of). Interfaces: sis0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet A.A.A.194 netmask 0xfff8 broadcast A.A.A.199 ether 00:e0:18:84:a4:24 media: Ethernet autoselect (100baseTX full-duplex) status: active dc0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 ether 00:a0:cc:db:15:26 media: Ethernet autoselect (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet 127.0.0.1 netmask 0xff00 tun0: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST mtu 1492 inet B.B.B.197 -- B.B.B.1 netmask 0xff00 Opened by PID 45282 Cut down routing table: Internet: DestinationGatewayFlagsRefs Use Netif Expire defaultA.A.A.193 UGSc 21 2880234 sis0 213/8 B.B.B.1UGSc 13 423232 tun0 Now, say I have a SMTP server, listening on A.A.A.194. A mail server in the 213/8 network has a message to deliver. It connects to A.A.A.194 but because it is in the 213/8 network range, BSD routes the reply packets (ACKs I presume) out via tun0 and due to multitutes of NAT running to accommodate my 192.128.1/24 private network and the fact that it is two different ISPs in question - a different IP address. And hence, communication fails and hence the problem in a nutshell... If I can manage to solve this, then I'll be a *VERY* happy chappy. But try applying the multipath patches to freebsd. that should give you the ability to route a same network to two different gateways. Hmm, do you have some more info?? If it can't solve my problem, it would at least (from the sound of it) offer me the ability to get route redundancy. You don't perhaps have a web site or something similar? Regards, Chris. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Loading balancing with more than one ISP.
On Sunday 18 January 2004 06:10, Dinesh Nair wrote: what i do today is i set the default route to the ISP i am more convinced off, with static routes of certain large CIDR address blocks going out to the other ISP. i decided on those large blocks after checking the global route tables, AS PATH diagrams and experience of link quality. you can do this by using tools such as the Looking Glass servers, RouteViews.Org and even Netlantis.org for your situation. i'm not running routed, zebra/bgpd/ospfd on this at all, since it's all static routes and i can't find an ISP ospf/bgp router willing to exchange routes with me. Same for me... Anyway, thanks for the explanation :) I really appreciated. Antoine Yes, here as well. However, this brings (to me at least) a very big problem. I route network A over gateway A, and network C over gateway B. (say, 2 x /12s) I have a service set up, some.host IN A A.A.A.x (i.e. in network A and gateway A). Now, the moment some one from network B connects to the service I've setup on network A, the FreeBSD Box will route the reply packets out on network B (because of the client's address) and hence, it follows a invalid networ path and the connection fails. The same will also happen when someone from Network A tries to connect to a IP on Network B ex: -- 192.168.1.0/24 --- | BSD ROUTER | --- 10.255.255.0/24 --- - Some Service on here - 192.168.1.0/24 routed to sis0 - 10.255.255.0/24 routed to sis1 The moment 192.168.1.x tries to connect to my IP address(es) from 10.255.255.0/25, the connection fails - and vica versa. If I can manage to solve this, then I'll be a *VERY* happy chappy. But other than that, as mentioned previously, the ipfw fwd thing doesn't work for me either - it forwards the packet to a port (won't really help forwarding ftp packets to port 21 of your router now, would it). So yes, I'm also stuck with this - and the sad part is I'll more than likely be adding a 3rd gateway to my network pretty soon Regards, Chris. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
poptop / pppd
Lo all, Very arb and weird problem... I've followed all the docs that google could return (they all mostly the same in any case), and yeah... My PPTP server *does* work.. As long as I don't terminate more than one connection at a time to the server *shock horror*. For some reason (and I suspect I know why), ppp insist on only using one device for all the incoming PPTP connections from poptop. Obviously not right, and err, ja.. I need to get this fixed... Very urgently as well. My streamlined ppp.conf: pptp: accept dns allow mode direct disable chap disable mschap disable mschapv2 enable lqr enable pap set device localhost:pptp set dial set dns 192.168.1.1 set ifaddr 192.168.1.1 10.255.255.1-10.255.255.254 255.255.255.255 set log Connect set login set radius /etc/ppp/ppp.radius set server /tmp/loop 0177 set timeout 0 Now, I suspect that it is only using one device (regardless of the number of connections), due to the device (socket) specification. But frankly, if I don't specify it what device to use, it won't even be able to operate a single pptp connection. Any advice is greatly appreciated. I need to get this resolved asap. I didn't send any logs from ppp PPP and the PPTP connections works 100% - even with Radius. The problem is purely that PPP always uses the same device, regardless of the amount of connections (ala tun0). My kernel does have allot of tunX devices, and ifconfig -a lists at least two available. Still, ppp only uses the one. I'm sad to say, but if I can't get this to work, I'm going to have to be forced to scrap my BSD box for a W2K Adv server... *sigh*, at least their RAS server works okish... Thanks, me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pppd / poptop
Lo all, Very arb and weird problem... I've followed all the docs that google could return (they all mostly the same in any case), and yeah... My PPTP server *does* work.. As long as I don't terminate more than one connection at a time to the server *shock horror*. For some reason (and I suspect I know why), ppp insist on only using one device for all the incoming PPTP connections from poptop. Obviously not right, and err, ja.. I need to get this fixed... Very urgently as well. My streamlined ppp.conf: pptp: accept dns allow mode direct disable chap disable mschap disable mschapv2 enable lqr enable pap set device localhost:pptp set dial set dns 192.168.1.1 set ifaddr 192.168.1.1 10.255.255.1-10.255.255.254 255.255.255.255 set log Connect set login set radius /etc/ppp/ppp.radius set server /tmp/loop 0177 set timeout 0 Now, I suspect that it is only using one device (regardless of the number of connections), due to the device (socket) specification. But frankly, if I don't specify it what device to use, it won't even be able to operate a single pptp connection. Any advice is greatly appreciated. I need to get this resolved asap. I didn't send any logs from ppp PPP and the PPTP connections works 100% - even with Radius. The problem is purely that PPP always uses the same device, regardless of the amount of connections (ala tun0). My kernel does have allot of tunX devices, and ifconfig -a lists at least two available. Still, ppp only uses the one. I'm sad to say, but if I can't get this to work, I'm going to have to be forced to scrap my BSD box for a W2K Adv server... *sigh*, at least their RAS server works okish... Thanks, me ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Install of 4.8 hangs after recognising harddrives
You may want to try and lower the UDMA to 33 or 66 or something. I've had the same thing with a 80GB UDMA100 drive where the installation constantly froze when trying to run sysinstall. The only way we could get it to work was to lower the UDMA to 33. -- me - Original Message - From: Ville Lundberg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, August 19, 2003 9:26 PM Subject: Install of 4.8 hangs after recognising harddrives It seems like the install hangs on the probing of the next hardware, whatever that is. I tried to install without any harddrives connected, and it hung after the line that was previously before the HD probe. How could I get to know what part hangs the install? What comes (usually?) after the HD probe? I tried to get a debug screen with alt-f2 but it didn't work (the install is not far enough?) The probe list was something like ppc0 yada yada plip0 yada yada ad0 yada yada at ata0-master, UDMA100 ad1 yada yada at at0-slave, UDMA66 and then it hung. If I disconnected the HDs, it hung after the plip0 line. Any help appreciated, --Ville -- Ville Lundberg ville.lundbergATwelho.com http://www.hut.fi/~vlundber ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ppp, progress...
Lo all, I managed to get the CBCP stuff away, by disabling some advance features in windows (LCP Extensions, etc). Can somebody perhaps shed some light on the logs now and perhaps give an indication why the server may now still be failing... It's FBSD4.8, logs are below. -- Chris Jul 28 18:38:51 router ppp[39555]: Phase: Using interface: tun0 Jul 28 18:38:51 router ppp[39555]: Phase: deflink: Created in closed state Jul 28 18:38:51 router ppp[39555]: tun0: Command: default: set device /dev/cuaa0 Jul 28 18:38:51 router ppp[39555]: tun0: Command: default: set speed 57600 Jul 28 18:38:51 router ppp[39555]: tun0: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5 ATOK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: accept dns Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: disable chap Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: enable pap Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: enable proxy Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: set dial Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: set dns 192.168.1.249 Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: set ifaddr 192.168.1.193 192.168.1.194-192.168.1.222 Jul 28 18:38:51 router ppp[39555]: tun0: IPCP: Selected IP address 192.168.1.199 Jul 28 18:38:51 router ppp[39555]: tun0: Command: dialin: set log phase chat connect lcp ipcp command Jul 28 18:38:51 router ppp[39555]: Command: dialin: set login Jul 28 18:38:51 router ppp[39555]: Command: dialin: set timeout 0 Jul 28 18:38:51 router ppp[39555]: Phase: PPP Started (direct mode). Jul 28 18:38:51 router ppp[39555]: Phase: bundle: Establish Jul 28 18:38:51 router ppp[39555]: Phase: deflink: closed - opening Jul 28 18:38:51 router ppp[39555]: Phase: deflink: Connected! Jul 28 18:38:51 router ppp[39555]: Phase: deflink: opening - carrier Jul 28 18:38:52 router ppp[39555]: Phase: deflink: /dev/cuaa0: CD detected Jul 28 18:38:52 router ppp[39555]: Phase: deflink: carrier - lcp Jul 28 18:38:52 router ppp[39555]: LCP: FSM: Using deflink as a transport Jul 28 18:38:52 router ppp[39555]: LCP: deflink: State change Initial -- Closed Jul 28 18:38:52 router ppp[39555]: LCP: deflink: State change Closed -- Stopped Jul 28 18:38:53 router ppp[39555]: LCP: deflink: LayerStart Jul 28 18:38:53 router ppp[39555]: LCP: deflink: SendConfigReq(1) state = Stopped Jul 28 18:38:53 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:53 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:53 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:53 router ppp[39555]: LCP: MRU[4] 1500 Jul 28 18:38:53 router ppp[39555]: LCP: MAGICNUM[6] 0x5e7f56b4 Jul 28 18:38:53 router ppp[39555]: LCP: AUTHPROTO[4] 0xc023 (PAP) Jul 28 18:38:53 router ppp[39555]: LCP: deflink: State change Stopped -- Req-Sent Jul 28 18:38:55 router ppp[39555]: LCP: deflink: RecvConfigReq(4) state = Req-Sent Jul 28 18:38:55 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:55 router ppp[39555]: LCP: MAGICNUM[6] 0x0c7662c7 Jul 28 18:38:55 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:55 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:55 router ppp[39555]: LCP: deflink: SendConfigAck(4) state = Req-Sent Jul 28 18:38:55 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:55 router ppp[39555]: LCP: MAGICNUM[6] 0x0c7662c7 Jul 28 18:38:55 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:55 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:55 router ppp[39555]: LCP: deflink: State change Req-Sent -- Ack-Sent Jul 28 18:38:56 router ppp[39555]: LCP: deflink: SendConfigReq(1) state = Ack-Sent Jul 28 18:38:56 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:56 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:56 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:56 router ppp[39555]: LCP: MRU[4] 1500 Jul 28 18:38:56 router ppp[39555]: LCP: MAGICNUM[6] 0x5e7f56b4 Jul 28 18:38:56 router ppp[39555]: LCP: AUTHPROTO[4] 0xc023 (PAP) Jul 28 18:38:59 router ppp[39555]: LCP: deflink: RecvConfigReq(5) state = Ack-Sent Jul 28 18:38:59 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:59 router ppp[39555]: LCP: MAGICNUM[6] 0x0c7662c7 Jul 28 18:38:59 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: deflink: SendConfigAck(5) state = Ack-Sent Jul 28 18:38:59 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:59 router ppp[39555]: LCP: MAGICNUM[6] 0x0c7662c7 Jul 28 18:38:59 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: deflink: SendConfigReq(1) state = Ack-Sent Jul 28 18:38:59 router ppp[39555]: LCP: ACFCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: PROTOCOMP[2] Jul 28 18:38:59 router ppp[39555]: LCP: ACCMAP[6] 0x Jul 28 18:38:59 router ppp[39555]: LCP: MRU[4] 1500 Jul 28 18:38:59 router ppp[39555]:
Urgent, PPP Problems.
Lo all, I've successfully set up FreeBSD on numerous occasions as a PPP Dialin Server, both for modem usage, as well as PPTP and other types of VPNs. I even managed to get the Radius sorted and working with that as well. But alas, this one, is giving me a *really* hard time, it refuses to work, and I simply cannot see what is wrong here I'm using mgetty to answer modem calls, and then use Auto_PPP to start the pppd process. From what I can see, it looks like PPP is having problems authenticating the users from ppp.secrets, but once again, from what I can see, ppp.secrets have no problem what so ever. My routing table is as follows: Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.1.254 UGSc416461rl0 127.0.0.1 127.0.0.1 UH 10 98lo0 192.168.1/26 link#2 UC 40rl1 192.168.1.500:50:04:3c:61:14 UHLW1 6220rl1 1198 192.168.1.10 00:05:5d:7c:e3:e0 UHLW0 1939rl1940 192.168.1.11 00:c0:df:26:01:fb UHLW0 908rl1 1049 192.168.1.12 00:c0:26:7f:ef:70 UHLW0 2281rl1636 192.168.1.64/26link#3 UC 40rl2 192.168.1.66 00:c0:df:13:3b:40 UHLW0 2558rl2745 192.168.1.67 00:a0:c9:fb:b4:ed UHLW0 967rl2 1128 192.168.1.68 00:40:f4:75:bd:29 UHLW0 93rl2626 192.168.1.69 00:a0:c9:92:9e:0e UHLW0 953rl2953 192.168.1.128/26 link#4 UC 00rl3 192.168.1.248/29 link#1 UC 20rl0 192.168.1.249 00:40:f4:7b:48:c5 UHLW1 2019lo0 192.168.1.254 00:02:96:05:70:72 UHLW20rl0475 All pretty standard stuff, routing three /26 subnets over three dedicated networks. The fourth and last /26 is further subnetted into smaller /29 segments, also working fine. From a routing point of view, there is nothing wrong and everything is working very happily to date. mgetty's login.conf has: /AutoPPP/ - - /usr/sbin/ppp -direct dialin Once again, no problem from what I can see. Spending numerous hours on google, it's pretty much the same as what everyone else is using to call ppp. My ppp.conf looks as follows: default: set timeout 0 set log LCP IPCP CCP Chat Command Phase TUN set device /dev/cuaa0 set dial set login set speed 115200 dialin: accept dns allow mode direct disable chap enable pap enable proxy # set radius /etc/ppp/ppp.radius set ifaddr 192.168.1.249 10.0.0.2-10.0.0.254 Once again, nothing here really that *should* cause PPP to fail from what I can see, and pretty much in line with all of my other configurations on my other servers, as well as those from the numerous examples found via google. ppp.secret usernametabpassword As specified on numerous web sites. The ppp debug output is shown below. *ANY* advice very welcome, I need to get this server online and working ASAP. -- me Jul 25 20:08:33 router ppp[5741]: Phase: Using interface: tun0 Jul 25 20:08:33 router ppp[5741]: Phase: deflink: Created in closed state Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set device /dev/cuaa0 Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set speed 115200 Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5 ATOK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: disable chap Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: disable passwdauth Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: enable pap Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: enable proxy Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: set ifaddr 192.168.1.249 192.168.1.250 255.255.255.255 Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: set dns 192.168.1.249 Jul 25 20:08:33 router ppp[5741]: tun0: Phase: PPP Started (direct mode). Jul 25 20:08:33 router ppp[5741]: tun0: Phase: bundle: Establish Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: closed - opening Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: Connected! Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: opening - carrier Jul 25 20:08:34 router ppp[5741]: tun0: Phase: deflink: /dev/cuaa0: CD detected Jul 25 20:08:34 router ppp[5741]: tun0: Phase: deflink: carrier - lcp Jul 25 20:08:34 router ppp[5741]: tun0: LCP: FSM: Using deflink as a transport Jul 25 20:08:34 router ppp[5741]: tun0: LCP: deflink: State change Initial -- Closed Jul 25 20:08:34 router ppp[5741]: tun0: LCP: deflink: State change Closed -- Stopped Jul 25 20:08:35 router ppp[5741]: tun0: LCP: deflink: LayerStart Jul 25 20:08:35 router ppp[5741]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped Jul 25 20:08:35
Urgent, PPP Problems.
Lo all, I've successfully set up FreeBSD on numerous occasions as a PPP Dialin Server, both for modem usage, as well as PPTP and other types of VPNs. I even managed to get the Radius sorted and working with that as well. But alas, this one, is giving me a *really* hard time, it refuses to work, and I simply cannot see what is wrong here I'm using mgetty to answer modem calls, and then use Auto_PPP to start the pppd process. From what I can see, it looks like PPP is having problems authenticating the users from ppp.secrets, but once again, from what I can see, ppp.secrets have no problem what so ever. My routing table is as follows: Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.1.254 UGSc416461rl0 127.0.0.1 127.0.0.1 UH 10 98lo0 192.168.1/26 link#2 UC 40rl1 192.168.1.500:50:04:3c:61:14 UHLW1 6220rl1 1198 192.168.1.10 00:05:5d:7c:e3:e0 UHLW0 1939rl1940 192.168.1.11 00:c0:df:26:01:fb UHLW0 908rl1 1049 192.168.1.12 00:c0:26:7f:ef:70 UHLW0 2281rl1636 192.168.1.64/26link#3 UC 40rl2 192.168.1.66 00:c0:df:13:3b:40 UHLW0 2558rl2745 192.168.1.67 00:a0:c9:fb:b4:ed UHLW0 967rl2 1128 192.168.1.68 00:40:f4:75:bd:29 UHLW0 93rl2626 192.168.1.69 00:a0:c9:92:9e:0e UHLW0 953rl2953 192.168.1.128/26 link#4 UC 00rl3 192.168.1.248/29 link#1 UC 20rl0 192.168.1.249 00:40:f4:7b:48:c5 UHLW1 2019lo0 192.168.1.254 00:02:96:05:70:72 UHLW20rl0475 All pretty standard stuff, routing three /26 subnets over three dedicated networks. The fourth and last /26 is further subnetted into smaller /29 segments, also working fine. From a routing point of view, there is nothing wrong and everything is working very happily to date. mgetty's login.conf has: /AutoPPP/ - - /usr/sbin/ppp -direct dialin Once again, no problem from what I can see. Spending numerous hours on google, it's pretty much the same as what everyone else is using to call ppp. My ppp.conf looks as follows: default: set timeout 0 set log LCP IPCP CCP Chat Command Phase TUN set device /dev/cuaa0 set dial set login set speed 115200 dialin: accept dns allow mode direct disable chap enable pap enable proxy # set radius /etc/ppp/ppp.radius set ifaddr 192.168.1.249 10.0.0.2-10.0.0.254 Once again, nothing here really that *should* cause PPP to fail from what I can see, and pretty much in line with all of my other configurations on my other servers, as well as those from the numerous examples found via google. ppp.secret usernametabpassword As specified on numerous web sites. The ppp debug output is shown below. *ANY* advice very welcome, I need to get this server online and working ASAP. -- me Jul 25 20:08:33 router ppp[5741]: Phase: Using interface: tun0 Jul 25 20:08:33 router ppp[5741]: Phase: deflink: Created in closed state Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set device /dev/cuaa0 Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set speed 115200 Jul 25 20:08:33 router ppp[5741]: tun0: Command: default: set dial ABORT BUSY ABORT NO\sCARRIER TIMEOUT 5 ATOK-AT-OK ATE1Q0 OK \dATDT\T TIMEOUT 40 CONNECT Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: disable chap Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: disable passwdauth Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: enable pap Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: enable proxy Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: set ifaddr 192.168.1.249 192.168.1.250 255.255.255.255 Jul 25 20:08:33 router ppp[5741]: tun0: Command: cuaa0: set dns 192.168.1.249 Jul 25 20:08:33 router ppp[5741]: tun0: Phase: PPP Started (direct mode). Jul 25 20:08:33 router ppp[5741]: tun0: Phase: bundle: Establish Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: closed - opening Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: Connected! Jul 25 20:08:33 router ppp[5741]: tun0: Phase: deflink: opening - carrier Jul 25 20:08:34 router ppp[5741]: tun0: Phase: deflink: /dev/cuaa0: CD detected Jul 25 20:08:34 router ppp[5741]: tun0: Phase: deflink: carrier - lcp Jul 25 20:08:34 router ppp[5741]: tun0: LCP: FSM: Using deflink as a transport Jul 25 20:08:34 router ppp[5741]: tun0: LCP: deflink: State change Initial -- Closed Jul 25 20:08:34 router ppp[5741]: tun0: LCP: deflink: State change Closed -- Stopped Jul 25 20:08:35 router ppp[5741]: tun0: LCP: deflink: LayerStart Jul 25 20:08:35 router ppp[5741]: tun0: LCP: deflink: SendConfigReq(1) state = Stopped Jul 25 20:08:35
Re: Urgent, PPP Problems.
Hi, Is this with FreeBSD 5.1?. If it is, then does your /var/log/auth.log have PAM authentication errors? This is the same problem currently plaguing us. We have yet to do a latest build world. I'll let you know if that fixes things. Andrew. Ooops, I forgot to mention that yes. It's 4.8-STABLE. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]