PF binat rule issue - feature or bug?
Using 7.2-RELEASE-p4 i386 with GENERIC kernel, I've found (the hard way) that if I have a pf.conf rule like nat on $ext_if proto { tcp udp icmp } from $my_subnet \ to any - some.public.ip.num then pfctl will perform the expected expansion of the listed protocols into three separate NAT rules. However, if I have a rule like binat on $ext_if proto { tcp udp icmp } from $server_dmz_ip \ to any - $server_public_ip then I will /only/ get one NAT rule, for TCP. Then things like NTP, DNS and ping will fail, but the filtering rules that permit such traffic will increment their byte, packet and state counters like PF is working just fine (and I suppose in some sense that the filtering part is). But only if I explicitly declare in pf.conf a separate binat rule for each desired protocol, instead of listing them, will things work as needed. Feature or bug? If the former, it is not well documented that I could see. I expected that a list of protocols for a binat rule would just work, and pfctl certainly didn't mark it as bad syntax. If a bug, is this a FreeBSD bug or OpenBSD? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [Trouble Ticket #190456] AutoReply: freebsd-questions Digest, Vol 246, Issue 39
AEBC Support via RT wrote: Content preview: Thank you for contacting us. This message has been automatically generated in response to the creation of a trouble ticket regarding: freebsd-questions Digest, Vol 246, Issue 39, [...] OMG, PLEASE... unsubscribe your help desk robot from the freebsd-questions email list or else find a way to prevent it from automatically responding to every digest message it receives. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Firefox, or FreeBSD?
Kurt Buff wrote: I'm visiting various web sites, and having a stupid little issue which is really annoying. FreeBSD 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #4: Sun Dec 14 22:08:22 PST 2008 root@:/usr/obj/usr/src/sys/GENERIC amd64 FireFox 3.04. For instance, if I go to http://www.wsj.com, among others, it's constantly beeping, as the little headline scroller at the top of the page updates. I can't find anywhere in the menu items, or in FF help, on how to turn the beeping off, and it's driving me nuts. Anyone have a hint for me? IIRC, a beeping Firefox results as a feature of compiling it with debugging options enabled. A quick trip through the Way Back Machine: http://lists.freebsd.org/pipermail/freebsd-gnome/2006-March/013973.html No idea if your problem is the same but seems like a good place to poke. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: F11 in Firefox
David Benfell wrote: Hello all, Having long fingers, I occasionally hit F11 while typing into a text box in Firefox. F11 does something truly horrible that I never under any circumstances want. It moves the window partially off screen such that the window controls are inaccessible. As I said, I NEVER EVER want this function. It is, in my view, a damnable bug. The only way I can get control back is to exit Firefox. How do I kill it? Try adding something like the following to your Firefox profile's /chrome/userChrome.css file, and restart Firefox. menuitem[label=Full Screen] { display: none; } I am not totally sure that will kill the F11 equivalent, but it will remove the menu option and I think take away the fkey as well. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Cannot post because of spamassassin blocking my mail
Hakan K wrote: ytriffy, I do not think it is a gmail issue...I post from gmail.com,,, It's not gmail. Here is some of what our local SpamAssassin had to say about the OP's message that started this thread: RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net [Blocked - see http://www.spamcop.net/bl.shtml?80.86.254.135]' RCVD_IN_SORBS_WEB RBL: SORBS: sender is a abuseable web server [80.86.254.135 listed in dnsbl.sorbs.net] So the root problem seems to be a tainted PPP address, at best caused by another customer of their ISP and at worst indicating that the OP has bigger problems than emailing this list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: scp/sftp without interactive shell?
Ewald Jenisch wrote: Hi, I'm looking for a way to securely transfer files between machines using either scp or sftp without giving the user a login shell on the target machine. Have you tried ports/shells/scponly? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: started playing with jails
Bill Moran wrote: I've had trouble getting programs that use shared memory (such as Postgres) to run inside a jail, but it's been a while since I've tried. Postgres needs this in the host rc.conf: jail_sysvipc_allow=YES -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: started playing with jails
Bill Moran wrote: In response to Greg Barniskis [EMAIL PROTECTED]: Bill Moran wrote: I've had trouble getting programs that use shared memory (such as Postgres) to run inside a jail, but it's been a while since I've tried. Postgres needs this in the host rc.conf: jail_sysvipc_allow=YES My experiments with Postgres in jail predate the existence of that setting. When I was working with it, you had to frob a sysctl via /etc/sysctl.conf But even then, I couldn't seem to get it to work -- the Postgres in the jail would corrupt the shared memory of the postgres outside the jail. It was ugly. Imagine big, wet tears rolling down my cheeks. I haven't had the need to try it in a while, so it might work OK now, I just don't know. Ah, now that you mention it I do recall discussions of multiple instances peeing in each others pools so to speak. I also thought there was discussion of how to fix it, but have no idea where that went if anywhere... A single instance inside a jail does work quite happily if the knob above is set. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: started playing with jails
Jonathan Horne wrote: what is the best method for backup? just back up the whole thing as if it were files on my host? Files in a jail are in fact just files on the host, so you could certainly do that. But as in many things (and especially when talking about backups), best is framed by local conditions, practices and requirements. There's nothing much special about backing up jail files though, so do what you normally do. There are by default some constraints on jailed processes using devices. This may or may not affect trying to run backup processes from inside the jail. Backups running in the host environment have no such constraints. Personally, I like to configure all jails on a standalone /jails partition so that I can easily take a snapshot from the host and run a backup against that. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: serious performance problems with 6.2 Release
Ted Mittelstaedt wrote: questions isn't for bugs. I don't mean to be rude but you won't get the problem fixed by bitching about it on this mailing list. Good gravy. They're not asking -questions for a fix, they're asking for guidance on how to isolate the root cause of the problem. Quoth the OP: *what are we missing?* That is perfectly germane for -questions and only /after/ that question is answered would it be appropriate to use send-pr. Using send-pr to submit a poorly defined problem (too much load) is not going to result in a project committer magically finding and fixing an unknown OS bug. Steven H. Baeighkley wrote: If bugs is the correct list then that's where we'll send it. However we were not initially thinking it was a bug. We were thinking it was a configuration error on our part. That's a reasonable assumption actually. Sorry I don't have any specific suggestions for you except to second the motion that you ignore Ted's assertion that you should give up on -questions. It's entirely possible that there's a tunable knob or app compilation option that will help you out. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Connection timed out
Matthew Pope wrote: I find that during the blocking behaviour, when I try and ping the windows box, a tcpdump shows that each second ping attempt is followed by a response (it appears) from an IPv6 address... 13:30:51.066625 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 13:30:53.069431 802.1d config 8000.00:30:19:53:05:00.8011 root 8000.00:30:19:53:05:00 pathcost 0 age 0 max 20 hello 2 fdelay 15 If you're referring to the above samples as appears from IPV6, those are Spanning Tree Protocol packets originating from the Cisco switch, and are unrelated to your ping test. You will see them on the wire frequently even in the absence of any normal IP traffic. You probably want the following Cisco configuration directive added to those switch ports that do not connect the 2900 to other switches: spanning-tree portfast The presence of the STP packets may or may not be related to your performance issues. They shouldn't be, but some buggy NICs/drivers do seem to get freaked out by STP. When STP is enabled on a switch port, it definitely will delay your initial link establishment by 30 seconds or so, when the attached computer is first powered up. That alone can confuse things when the NIC is trying to negotiate a link speed and the switch is still thinking about STP. It's even possible that you're getting a link speed/duplex mismatch out of it, and of course that will play holy hell with your response time. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd jails
Denzil Kelly wrote: I need to implement web content filtering using squidguard and/or dansguardian for several locations. Each site has different filtering requirements. I want to know if it is possible to do this using a jail for each site(provided that I have sufficiently powerful hardware). Should not be too difficult to implement. I want to have a different IP address for each jail. A unique IP for each jail is required in any case. If this is possible do I need to have a different NIC for each jail? Nope. Just use aliases in rc.conf for the one NIC. For example, if I have a NIC fxp0, on a host with two jails: ifconfig_fxp0=inet 192.168.0.1 netmask 255.255.255.0 ifconfig_fxp0_alias0=inet 192.168.0.2 netmask 255.255.255.255 ifconfig_fxp0_alias1=inet 192.168.0.3 netmask 255.255.255.255 Note the alias masks are all ones -- that's not a typo. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Running Name Server
Warren Liddell wrote: Im wanting to run a name server server locally around my network on FreeBSD 6.2-PRERELEASE ... Where abouts do i find the port to install so i can configure it ? There are DNS ports, but the BIND name server is native to the system. You just need to config and enable it. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-dns.html If you don't want BIND, DNS ports would be in ports/net. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewall
Hèrvé Simplice van der Eijk wrote: on 1 machine I set up a freebsd 5.4 server with dhcp, dns, ldap running on it. on an other machine I set up apachy webserver and both are working fine. when I'm making an http request on a windows client (internet explore) it shows my web site. but since I install ipfw firewall on my freebsd 5.4 (dhcp, dns ldap server) my windows client cant reach my webserver anymore. Please can somebody tell me wich port I have to open up in my firewall. 80? 8080? 443? Depends on your Apache configuration. Default is 80. Check which port(s) your httpd process is listening on. # sockstat | grep httpd -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is Active Directory integrated file sharing possible on FreeBSD?
Ashley Moran wrote: Our network admin said winbindd is broken on FreeBSD so he tried compiling the Solaris version(!) but couldn't make that work. Unfortunately he's beeyessdeephobic, but I want to avoid looking into it myself because, well, it's not my job :) If I have no choice, do you think it will take long to learn how to set it up? I don't want to lose a whole day to it. Tell your lackey to to RTFM. =) The Samba web site gives a bunch of scenarios and recipes for commonly requested configs. Procedure for joining a domain as a member server and creating/configuring file and print shares: http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id2559527 -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A webhosting script?
Duane Hill wrote: On Friday, August 25, 2006 at 3:45:08 PM, Kyrre confabulated: At 17:30 25.08.2006, Andy Greenwood wrote: We use perl scripts here. Unfortunately, I can't provide any specific examples. So stop trolling :) Perl is obsolete anyway giggle And that's not trolling? ;) Without getting into a way-OT my favorite language is better'n yours flamefest, if you really want inspiration for the pure shell way, look at ports/sysutils/ezjail and its flavours framework for templating new jails with users, ports, post-install scripts, etc. All shell. Requires 6.1-RELEASE-p3 or later due to a jail-related rc bug. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: new 6.1 install will not boot
Perry Hutchison wrote: Recommend you get a [bigger|second] disk if you can though, or housecleaning will be a constant chore. I got it more or less working, although not completely set up, and then that 10GB disk died: click -- kerthunk -- click -- kerthunk continuously, even after cycling power, even with only the power connected :( After replacing it with a 160GB Hitachi, and reinstalling Windoze, Linux, and FreeBSD (in that order, as before), I seem to be back at square one -- FreeBSD won't boot -- but the details are different. Partition Commander now has: Ptnsize - type - 1st sector # of sectors P0 250M FAT32 0x0B 63514017 P1 7M Linux ext2 0x83 514080 16065 P2 41.99G Unix 0xA5 530145 88068330 P3 85.75G Extended 0x0F88598475 179831610 L0 43.75G FAT32 0x0B88598538 91763217 L1 400M Linux swap 0x82 180361818819252 L2 41.60G Linux ext2 0x83 181181133 87248952 Sysinstall had not commented about the geometry with the 10GB disk, but it did this time; and as suggested I let it do what it wanted. The Dell BIOS will not tell me what it thinks the geometry is -- it just says the drive is EIDE -- so I have no direct way of verifying sysinstall's geometry; however the first BIOS partition is a working FAT32 and per the instructions that should be enough for sysinstall to have gotten it right. (The second BIOS partition is a Linux /boot, which also works.) The install appeared to succeed, and the FreeBSD boot manager does successfully boot Windoze and Linux, but all attempts to boot FreeBSD from the hard disk fail. The following was transcribed by hand, so there might be some typos; and I've added some notes to the right of the lsdev output. I've also confirmed, using the loader's ls, that there is no visible file named 'kernel' in the root directory, nor anywhere under /boot, /rescue, or /sbin. Where is it supposed to come from, and how do I get it where it needs to be without reinstalling the whole thing *yet again*? F1 DOS F2 Linux F3 FreeBSD Default: F3 BTX loader 1.00 BTX version is 1.01 Consoles: internal video/keyboard BIOS drive A: is disk0 BIOS drive C: is disk1 BIOS 640kB/195584kB available memory acpi: bad RSDP checksum (210) FreeBSD/i386 bootstrap loader, Revision 1.1 ([EMAIL PROTECTED], Sun May 7 03:20:03 UTC 2006) Loading /boot/defaults/loader.conf Unable to load a kernel! / can't load 'kernel' Type '?' for a list of commands, 'help' for more detailed help. OK lsdev cd devices: disk devices: disk0: BIOS drive A: disk1: BIOS drive C: disk1s1: FAT32 # C: disk1s2: ext2fs # Linux /boot disk1s3a: FFS # FreeBSD / disk1s3b: swap disk1s3d: FFS # FreeBSD /var disk1s3e: FFS # FreeBSD /tmp disk1s3f: FFS # FreeBSD /usr disk1s4: Unknown fs: 0xf# contains FAT32 D:, Linux swap and / pxe devicde: OK Well, you're at least as far as having the disk sliced up in a workable way, or the bootstrap wouldn't start at all. This jumps out as not only being bad, but happening right before meltdown. acpi: bad RSDP checksum (210) Have you got the latest Dell BIOS for this hardware? If not you may be SOL if they don't support this hardware any more. I expect the GX1 is well past Dell's official EOL, but they may still have the files downloadable on their support site. It might not help anyway. The alternative to making an old ACPI implementation work right is to try to work around its shortcomings by trying to boot around the problem or reconfigure the underlying system to eliminate the root cause of the conflict. Searching http://www.google.com/bsd for bad RSDP checksum turns up that this is a recurring issue on older Dells, along with wildly disparate pokes at causes and solutions including: toggling ACPI support on/off in the BIOS workarounds for funky RAID cards replacing the video card with a different model Ain't low level hardware troubleshooting grand? I expect there are also boot loader command line options you can try to coax the system to start with hardware as is but I've never had to resort to that; the Handbook or others on the list are going to be more helpful than I can on that point. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: new 6.1 install will not boot
Perry Hutchison wrote: Well, you're at least as far as having the disk sliced up in a workable way, or the bootstrap wouldn't start at all. This jumps out as not only being bad, but happening right before meltdown. acpi: bad RSDP checksum (210) I suspect it's a red herring, since I was getting that message at that point when everything was working (with the 10GB drive). That could be. I thought it might be a symptom of the BIOS version being the root of the problem, and of course once that's foo all bets are off. After a CD boot, is there a reasonably simple way to have sysinstall reinstall just the kernel -- or the package containing it -- without starting completely over? Yeah, see what Derek wrote. Never done that, myself, or even heard of the kernel not getting installed. The BIOS version is A08. Dunno if it is the latest, but I do have ACPI turned off in the BIOS. I guess it is arguably a BIOS bug for an RSDP to exist when ACPI is disabled, and/or a FreeBSD bug to be complaining about ACPI when it is disabled. Whose bug? is often largely a matter of semantics when two pieces of software fight. It's likely that for historical hardware, only FreeBSD developers could fix the conflict at this point, but that seems unlikely unless (after you get things otherwise working) you're willing to do extensive trial and error, debugging operations, etc. You're probably right about it being a red herring for your immediate boot problem, but ACPI issues do cause all kinds of trouble, so keep an eye on it. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: new 6.1 install will not boot
maintenance tasks in the proper manner, but given your constraints it could free you from a good bit of elbow room jostling now and in the future. However you work the space, if you try to do anything very significant with the /usr/ports tree in 2-3 GB, you're in for no fun. I usually surpass that within hours after sysinstall finishes, but then I like to keep both packages and sources on hand after installing a port. It is possible to keep /usr bloat in check (somewhat) if you don't do that, and the portsclean utility can help you keep the raw materials tidy. Recommend you get a [bigger|second] disk if you can though, or housecleaning will be a constant chore. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rsync on Freebsd 5.3
Lisa Casey wrote: Hi, I am trying to transfer all files in /var/mail from one Freebsd 5.3 machine (oldfreebsd.com) to another (newfreebsd.com). I decided to use rsync for this since it would preserve ownership, permissions, etc. I made sure rsync was installed on both machines. Neither machine had an /etc/rsyncd.conf or /etc/rsyncd.motd file. On newfreebsd.com I created /etc/rsyncd.conf thusly: motd file = /etc/rsyncd.motd max connections = 1 hosts allow = 208.44.xx.xx (The IP address is that of oldfreebsd.com) On newfreebsd.com, I created rsyncd.motd with the words Authorized Users Only in it. as a test, I'm just trying to rsync /var/mail/lisa from oldfreebsd.com to newfreebsd.com. When that works I'll do all of /var/mail/ on oldfreebsd.com I cd /var/mail, then type: rsync lisa newfreebsd.com:/var/mail/ and get this: connect to host newfreebsd.com port 22: Connection refused rsync: connection unexpectedly closed (0 bytes read so far) rsync error: error in rsync protocol data stream (code 12) at io.c(348) Anyone know what might be wrong? Or can anyone suggest a better way of moving these mail boxes? man rsync Modern rsync wants to use SSH transport, not rsyncd. That's why it's trying for a connect to port 22 of the remote host, and the connection refusal is due to either an intermediate firewall block, TCP wrappers, etc. or else sshd is simply not running. In this case, newfreebsd.com must be running sshd on accessible on port 22. Otherwise, you'll need to actually get rsyncd running and alter your invocation to use it (on port 873). Simplest, most secure fix is to make sure that newfreebsd.com is running sshd, and that should do it. Put sshd_enable=YES in /etc/rc.conf, tune /etc/ssh/sshd_config as needed, then start sshd by reboot or manually invoking its startup script. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: new 6.1 install will not boot
Perry Hutchison wrote: Do you get the FreeBSD boot menu ? No. The BIOS clears the screen and loads the boot sector, then nothing. I'm not sure exactly what the problem is, but I can say I've installed FreeBSD x.y on just about every flavor of Dell hardware without much trouble, so it should work for you. Disclaimer: the Dimension line is highly variable re: component types, chip versions and overall quality, so all bets are off there, even though all the pieces are generally mainstream hardware. Did you install using the default/suggested disk geometry and slice arrangement, or did you try to tune things as the installer went along? Try this: Reinstall, and if prompted about disk geometry problems just let the installer do what it wants to. When prompted to choose a disk location to install to, choose A for Use Entire Disk, and when prompted to slice up that disk area, choose A again for Auto Defaults. When prompted for a boot manager, choose to install the FreeBSD MBR. If you already did this, then FreeBSD or your BIOS is probably confused about proper disk geometry (got the latest BIOS for this box?). But if the default settings work and your custom tuning efforts don't, well... maybe you're confused about FreeBSD disk needs or the use of the proper use of the installer for slicing. Study the defaults and try installing again, and if you still have problems describe to the list the end result you're trying to achieve by your tuning. HTH, -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Please Help
Igor Treyger wrote: Hi, I have burned 3 iso images on CDs: FreeBSB 6.1 disk1 FreeBSB 6.1 disk2 FreeBSB 6.1 Boot All of them i386 I have Compaq workstation that is currently running Windows2000 Problem: Desktop would not boot with FreeBSB 6.1Boot. I have tried FreeBSBDisk1 - same result. What am I doing wrong. Please HELP! The boot order in BIOS - CD Rom first I am trying to get familiar with UNIX OS Thanks Igor Treyger The Boot disc is mainly for testing and repairs. You will want to boot with disc 1 to actually install FreeBSD. But they don't boot for you... Did you Create CD from ISO image or Burn from image as some CD writing software calls it? A .iso file represents an entire CD file system, so if you simply copied the .iso files to the CDs like you would any other files, then that is what is wrong. Search for ISO in the Help for your CD burning software. If you correctly created CDs from the ISO images by burning their images rather than copying files, but you still cannot boot, test booting with other bootable CDs like the Windows disc that came with your PC. Make sure that your PC really can boot from CD. If your PC can boot from CD, but not from correctly burned FreeBSD CDs, write to this email list a description of exactly what does happen when you try. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Are hardware vendors starting to bail on FreeBSD ... ?
Ted Mittelstaedt wrote: Calling for testing is pretty much a way of excusing the claim. People including Danial, have done the testing in the past, posted the results, then had armchair quarterbacks pick apart the test methodology claiming the tests were done wrong, thus irrelevant. So why even bother doing it anymore. No, testing is the only way to isolate the root cause and get it fixed. And there must be consensus that the testing methodology is in fact valid vs. the hypothesis. Without consensus on its validity, then yes, that test /is/ irrelevant and proves nothing. That's not a reason to forego pursuit of forming an accepted test methodology, and certainly not a reason to demonize those saying that a particular test is not valid. Saying so is just another hypothesis. I'm not saying there aren't problems (and I really don't think many others are either). I'm just saying that finding the root cause is not a simple matter, and that calling for consensus-approved tests and positing alternative theories isn't any kind of evasion, even if it seems on the face of it to question the very validity of the claim that there is a problem. Testing and the search for the real root cause actually must question the validity of the hypothesis and propose alternative explanations and tests. Otherwise the earth would still be flat, and we'd all be lucky to eat every day, much less work on computers! =) So, Occam's Razor just cuts and cuts and cuts, /because it has to/. Thus, anyone making a hypothesis has to be prepared to have umpteen other people attempt to shred all of their precious assumptions. Only assumptions that by consensus survive repeated attempts to shred them are actually considered to be valid. Trolls tend to cling to shredded assumptions as if they were still valid. They begin to regard the wielders of Occam's Razor as their enemies, and this causes conflict that is wholly unproductive. That's where the process really goes wrong in a big way, and the people who would be allies (in that they are in fact eager to test, isolate and fix any validated problem) will start to walk away. Shredded assumptions need to be abandoned and new testable assumptions need to be asserted. Then the shredding effort needs to start all over again. Lather, rinse, repeat until there is consensus that valid testing has in fact isolated the truth, because Occam's Razor just can't slice things any thinner. There is no other way. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: What FreeBSD users really want
Jim Stapleton wrote: No offense, but, it doesn't even integrate BASH. I had to install the bash package so I wasn't stuck to CSH, and BASH is much more popular than any PHP shell. (Wait, is there a PHP shell? I know there is a CLI interpereter, but that's different). Regardless, if it's in ports (which it probably is if there is such a thing), then just install it, not very difficult at all. Indeed. Very easy. To me, the bare-bones-ness of FreeBSD is one if its strongest points. I happened to read this thread after an employee birthday party, so please excuse the poor analogy to follow... Linux distros are like cakes that arrive fully baked, frosted and decorated. Don't like that flavor? Wrong number of candles? Too bad, use a different distro, or fight the installer to stop it from doing things you don't want it to do. Very, um, Microsoft. FreeBSD is like a build-your-own-cake kit. It arrives as a nearly flavorless slab of yellow cake. Then you decide if it should be double chocolate or lemon or [choose from 20,000 options here]... All you have to do is tell it in your kernel config: options batter angelfood and then cd /usr/src make WITH_FROSTING=orange cd /usr/ports/deco/candles make KIND=birthday COUNT=40 make light make sing In my opinion, FreeBSD should never change its model to arriving as a fully completed cake. The ability to choose (including the choice of plain old cake, no frosting, no decoration) is just priceless. At most, the installer might be improved to make it easier to make good choices. It most definitely should not start choosing for me, at least not beyond the minimal components required for a plain cake level. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Are hardware vendors starting to bail on FreeBSD ... ?
Ted Mittelstaedt wrote: - Original Message - From: Danial Thom [EMAIL PROTECTED] To: Greg Barniskis [EMAIL PROTECTED]; Nick Withers [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; freebsd-questions@freebsd.org Sent: Thursday, July 13, 2006 11:10 AM Subject: Re: Are hardware vendors starting to bail on FreeBSD ... ? Burying your head in the sand is a common method used by stupid people that have no answer to the truth. I don't blame you; you guys don't want your employers to know that you've wasted man 1000s of their dollars because you don't know the performance characteristics of the hardware you've recommended. It must be thoroughly embarrassing. [snip] I do agree with Danial that most USERS on this list are burying their heads in the sand on this issue. But I will point out that there isn't really any reason they shouldn't be. What the market wants is features, not speed. And that is what the FreeBSD developers are working on. Features over speed is generally the right equation, yes. But I think you're being too generous to Danial. The quote of his above was in direct response to my assertion that many people refuse to listen to him because he frequently engages in cheap demagogy[1]. His response? Another whole boatload of cheap demagogy, questioning the intelligence, aptitude and moral character of anyone who doesn't listen to him, by way of accusations that are wholly unsupported by facts. I could probably rest my case right there, but I think his perception (and yours) that people are not receptive to claims of FreeBSD performance problems is quite simply false. Every time a performance question is brought up, I see a flurry of calls for clarification and for the formulation of repeatable tests which are generally agreed to be an accurate gauge of the problem. People with performance problems then /sometimes/ get upset (I think because the questioning and testing tends to assume they're wrong and they get defensive about it). The problem is, scientific testing of an assertion must try to prove the hypothesis is false, and must posit (and also try to disprove) any plausible alternative explanations. There's just no reason to get upset about that. Raising questions about a claim, and trying to explain an outcome's root cause by alternative hypotheses, is in fact the /required behavior/ of critical thinkers. When the OP of a performance problem does follow through with testing, and is willing to engage civilly in a logical debate, then generally there is a successful outcome to the thread. When the OP of a problem gets emotional about it and starts spouting cheap demagogy, then other users and developers quickly will walk away from the table. Walking away from trollery is in no way equivalent to these users and developers sticking their heads in the sand on the issue. It's the predictable response of critical thinkers who recognize demagogy as a tool of /antitruth/. Those who consistently use demagogy are always more interested in winning an argument than in finding the truth, and any critical thinker either sees right through the murk of BS being tossed at them or least has enough intuitive sense to recoil from it. And that is /the only reason/ why people ignore Danial. His brand of cheap demagogy is so potent that the smell of /antitruth/ emanates from his posts in a field so strong that it might as well be a physically repelling force. He might do better in politics or religion where these trollish debating tactics are the norm. But in a community of critical thinkers, the truthiness of demagogy will rarely find any traction at all. [1] http://en.wikipedia.org/wiki/Demagogy ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD Source Upgrade
Mikhail Goriachev wrote: Cody Holland wrote: Also RELENG_6 won't take you to 6.1. You need RELENG_6_1. Check files in /usr/share/examples/cvsup/ for more details about configurations. Nope. RELENG_6_1 is the errata only branch (6.1 RELEASE plus critical bug fixes), it is not STABLE. RELENG_6 is the correct tag, and the OP's confusion is that there isn't a difference between 6.0-STABLE and 6.1-STABLE. There is only STABLE. See http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Are hardware vendors starting to bail on FreeBSD ... ?
Nick Withers wrote: On Thu, 13 Jul 2006 08:22:03 -0700 (PDT) Danial Thom [EMAIL PROTECTED] wrote: --- Head in the sand Jerry mumbled: Just thought I should metion that this comes across as rude to me... but maybe that's just me! No, it's not you. Mr. Thom thoroughly obscures the fact that he has an occasional valid point to make by frequently hurling foul-smelling, flaming troll turds at anyone who dares to voice disagreement with him (or even anyone who in any other way presents an attractive target). Many list subscribers have long since permanently ignored him. Most folks are tolerant of differing opinions, and even of having their own assumptions challenged, but not tolerant of name calling and other forms of cheap demagogy which really have no place in the formulation of a cogent rational argument. As have writ others before me... please do not feed the troll. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: using fping to monitor internet connection status
Paul Hamilton wrote: Hi, I need to monitor a number of IP addresses, so that if they ALL go down (say three IP's), then that is a pretty good indication that my server has lost internet connectivity. [snip] Any idea's on a ping tool or simple script? Your test would be a little simpler if you just test one IP address: your ISP's upstream router. Its reachability is quite definitive re: whether your ISP link is up or down. Even it it's assigned dynamically by DHCP, you should be able to write a script that pulls that IP, pings it a few times, and checks the result. No special tools necessarily required. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Chrooted ftpd users can't access system time.
nocturnal wrote: Hi I'm using the ftpd server that ships with FreeBSD and when i chroot a user i notice that all created directories and files have GMT time on them as if the process can't access the system time because it's chrooted. That's only my theory. I would love a way to solve this, i just can't imagine that people have had this problem for so long without solving it. I believe you merely need to copy or link the system's /etc/localtime to the effective /etc of the chroot tree. But that's from memory, could only be theory too. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Opinions Wanted: Dell PowerEdge Servers ... ?
Chuck Swiger wrote: I've heard that Dells tech support isn't as helpful as it used to be, but I've had them replace a CD-ROM drive and a 4mm DAT tape backup on Dell machines dedicated to FreeBSD without any problems. Try running the diagnostic CD or floppy that came with the machine? (Or can be downloaded for the specific system type from the Dell website.) Second that. They're not as good as in the past, but we have had hardware assistance on a FreeBSD-driven server on the condition of proving hardware fault using Dell's own bootable diagnostics. Also, it seems like YMMV definitely applies to Dell, generally. We find that their higher end desktops (mainly Optiplex), higher end laptops and PowerEdge servers to be pretty solid and well-supported. However, our support experience may be artificially enhanced compared to others because we buy off a large govt. contract. We do not talk to the same support group that most other posters have grumbled about. That said, our overall experience with Dell support has actually been as good or better than with many other vendors. From time to time we're confronted with a 1st tier non-help desk operator (scripted responses, incapable of deviating from script or otherwise actually helping), but we find that it's not too difficult to escalate around those individuals and actually get help. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Installing FreeBSD 4.9 on a Windows/XP Professional system.
Walt Haynes wrote: Good afternoon. I have a Compaq SR1810NX with a 100GB hard drive split into four equal partitions of 23GB. Two are initialized (one with Windows/XP (C) and the other with a quick format (G)); the file systems are NTFS. The other two partitions (D and E) are uninitialized. I have FreeBSD 4.9 on three CD'S that I'd like to install into one of the uninitialized partitions. Can you tell me what I need to do for preinstallation and what do I need to know to direct my installation to one of the uninitialized partitions? I'm going to give the entire 23GB to FreeBSD. Thank you in advance for your assistance. I'm very anxious to learn UNIX system administration and all of the related tasks (shell programming, security administration, etc.). Version 4.9 is basically obsolete and may not support newer hardware. I don't know your hardware, so can't specifically address that. But even if it's older, you really should download and install version 6.1 from the Web site, or buy a new CD set from a reseller, if you intend to learn the state of the art and keep moving forward. Since the disk space you want to use for FreeBSD is not initialized, you should have little trouble distinguishing it from your Windows disk space during the installation. Telling the installer which disk space to use is pretty straightforward. Even so, you should back up your Windows installation before proceeding with a FreeBSD install, unless you are very confident. For complete install instructions, read the very fine manual: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ Specifically, the method of selecting disk space is described here: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-steps.html Welcome, and good luck! -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [Fwd: formatting tools for Docbook]
Chuck Robey wrote: Greg Barniskis wrote: Chuck Robey wrote: This is a delayed reposting of something that I might have sent to an initially poorly chosen list; if it still gets no reponse in another day, I might try again, if I can figure out a better FreeBSD list to choose. My predilection for FreeBSD is strong, I would really dislike to be forced to jump to Linux (or, god forbid, to Windows) for this infomation, about using the various FreeBSD ports tools to get to the ability to format docbook materials. Well, I wasn't trying to write FreeBSD documentation, I was trying to generate my own personal documentation, using a schema that would hopefully be far more generally available. Back when I was using groff and the mm macros (yesterday!) I never would have used some locally tweaked version of the mm macros, unless I included those changes in my docs, because then no one else would be able to use my documents. Am I wrong in considering the FDP generated documentation as being in that category, not terribly uselful outside the FreeBSD project. That's the reason I asked about docbook in general. Obviously, doing FDP stuff is made truly simple. There isn 't some way to adapt the FDP installation to support he generation of more general docbook xml (such as the latest 4.x series stuff, I think 4.5x). ? Best list: http://lists.freebsd.org/mailman/listinfo/freebsd-doc Good starting point: http://www.freebsd.org/docproj/ Detailed tutorial: http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/index.html Tools: check out everything that is installed by these metaports: textproc/docproj-jadetex textproc/docproj-nojadetex Sorry, I could have been more expansive and specific, but there's a new and extremely cranky (non-FreeBSD) server here and it's all I can do between its firestorms to dash off brief missives on other topics. I wanted to point you at the general state of the FreeBSD community work with DocBook, and that project's list since they'll likely have the expertise you seek in general terms. I know they are not doing everything you asked about specifically but it's a starting point to explore capabilities; the metaports certainly install plenty of general tools and capabilities in addition to the FreeBSD specific stuff. If the metaports are not interesting to you, I think you can just install the DocBook port, Java, and many typical DocBook tools one at a time (xalan, saxon, jade, fop, etc., etc.). There should be everything you need in the ports collection one way or another. If your question is which of the dozens of XML/XSL processing tools is best for DocBook [4|5], I don't know, but suspect the answer's in the metaports and/or the Doc Project list arena (check their archives and/or ask away over there). Hope that helps more. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [Fwd: formatting tools for Docbook]
Chuck Robey wrote: This is a delayed reposting of something that I might have sent to an initially poorly chosen list; if it still gets no reponse in another day, I might try again, if I can figure out a better FreeBSD list to choose. My predilection for FreeBSD is strong, I would really dislike to be forced to jump to Linux (or, god forbid, to Windows) for this infomation, about using the various FreeBSD ports tools to get to the ability to format docbook materials. Best list: http://lists.freebsd.org/mailman/listinfo/freebsd-doc Good starting point: http://www.freebsd.org/docproj/ Detailed tutorial: http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/index.html Tools: check out everything that is installed by these metaports: textproc/docproj-jadetex textproc/docproj-nojadetex -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dial Up To ASDL Router
Richard Collyer wrote: Hello, I've been given a company laptop which is ok but they dont supply data cards. Instead I have been given a 0845 number to dial when at a place with no Internet. Instead I would like to use my mobile to dial my home phone number which is not 0845 therefore included in the thousands of free minutes that I get each month. The only thing that is on in my house is the Freebsd server so how can I set this up to use the dial up modem to answer the phone and connect it to the Internet through the ADSL it is plugged into. I've googled but as I dont know what this type of software is called I didn't find much. Anyone know of any software that will do this? The software you want is called FreeBSD, and as luck would have it it's already installed on your server. You just need to configure it to do what you want. Plug a standard home phone jack into a standard external modem and plug that into a serial port on the home server, or use an internal modem card that is NOT a software modem (a.k.a. a Winmodem). Configure the server to offer a PPP or SLIP connection when the modem is dialed into, and walla! You just became your own dialup ISP. The server is probably already configured as a network gateway with NAT capabilities; if not you'll need that configured too. There is more to it than that, of course, but further detail may be specific to your hardware and circumstances. Anyway, you can probably find just about everything you need to know about it in the FreeBSD Handbook and/or the Web site's articles on home networking. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ppp-and-slip.html -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dmesg not working on new system
Chris Maness wrote: I just installed 6.1 and upgraded to RELEASE-p1. The command dmesg is not displaying any kernel messages, any suggestions? Suggests all is well? dmesg outputs stuff from the current system message buffer, which contains your boot messages right after booting but those can get flushed over time. Boot messages are saved to a file though, for reference. more /var/run/dmesg.boot -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dmesg not working on new system
Chris Maness wrote: On Mon, 5 Jun 2006, Greg Barniskis wrote: Chris Maness wrote: I just installed 6.1 and upgraded to RELEASE-p1. The command dmesg is not displaying any kernel messages, any suggestions? Suggests all is well? dmesg outputs stuff from the current system message buffer, which contains your boot messages right after booting but those can get flushed over time. Boot messages are saved to a file though, for reference. more /var/run/dmesg.boot I just thought it was strange because every other system I have it at least displays dmesg.boot if there is no other messages. Is this new behavior for 6.1? Not new behavior. A dmesg on any of my running systems (4.x, 5.x) returns nothing after a time. You were just catching it before the buffer was flushed. I don't know what triggers that, and it is possible that the trigger/timing of it may have changed in 6.x (and as always, YMMV). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dmesg not working on new system
Lowell Gilbert wrote: Greg Barniskis [EMAIL PROTECTED] writes: Chris Maness wrote: On Mon, 5 Jun 2006, Greg Barniskis wrote: Chris Maness wrote: I just installed 6.1 and upgraded to RELEASE-p1. The command dmesg is not displaying any kernel messages, any suggestions? Suggests all is well? dmesg outputs stuff from the current system message buffer, which contains your boot messages right after booting but those can get flushed over time. Boot messages are saved to a file though, for reference. more /var/run/dmesg.boot I just thought it was strange because every other system I have it at least displays dmesg.boot if there is no other messages. Is this new behavior for 6.1? Not new behavior. A dmesg on any of my running systems (4.x, 5.x) returns nothing after a time. You were just catching it before the buffer was flushed. I don't know what triggers that, and it is possible that the trigger/timing of it may have changed in 6.x (and as always, YMMV). Interesting. Does dmesg -a show anything different? Sure. On a mail server, -a reveals tons of SMTP timed out messages (primarily spammers who cut and run when 550'd). On a firewall, -a shows tons of ipfw log messages. On a web server, -a shows mainly ssh login (and su) success/failure. Chris Howells wrote: dmesg is not flushed here. Hmmm interesting. It has always eventually flushed around here, which prompted me to read the dmesg man page, which pointed me at /var/run/dmesg.boot. I never really thought about it much after that, and really still don't think it too odd... but if anyone thinks the behavior is erratic and in need of troubleshooting, I'll try to answer any other questions about my setup. But I don't see anywhere that the man page says dmesg will always report the boot messages no matter what. It says it reads the system message buffer, and when something is a buffer I immediately think of it as a temporary thing. YMMV, obviously. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: AC97 sound card on 6.1
Dave wrote: Hello, I'm atempting to get an integrated AC97 sound card working under 6.1. I know this card works, loading the snd_driver module finds it, but i do not know which actual module works it over. I'd rather not have to load 26 sound modules just the ones i actually need. I've checked /boot/kernel/snd* but didn't find anything... cat /dev/sndstat after loading the snd_driver meta module, to see which module actually associates itself with your card. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/sound-setup.html That always worked for me with 5.x, but I haven't tried any GUI/media stuff on 6.x yet. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dmesg not working on new system
Chris Maness wrote: Interesting. Does dmesg -a show anything different? Yes, it does, but why would it not show anything without the flag right after a reboot? Wierd. I almost suspect hard drive issues. OK, THAT does not seem normal. Sorry, didn't catch that detail at first. Right after booting you really should be able to review your boot messages with dmesg. While the dmesg on my servers typically goes empty after awhile, I've never had any problem reviewing kernel output from a fresh boot using the dmesg command. Is /var/run/dmesg.boot populated correctly? What kinds of things are in the -a output? Same results booting with or without network attached? (asking because busy network w/ lots of system messages seems to be what's flushing the buffer for me). Anybody else got suggestions? Kernel troubleshooting's not really my favorite thing, and as such my expertise in that area is close to /dev/null. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New FreeBSD Logo
Ted Mittelstaedt wrote: To those taking affront at such answers, no one is saying oh, fork you! in some intentionally rude or belittling way (at least, I'm not), they're saying forking (process-wise) to the appropriate forum is the logical thing to do. I take affront to such answers because of the simple fact that it's obvious that your perfectly valid answer isn't a real answer. A real answer would be something that would get rid of this continual resurgence of this discussion. Thus the suggestion that folks pursue it in a forum where PR might actually be germane, and in a way that might actually bear results. Continual barking on questions@ about how upset folks are has got to be among the very least effective ways of seeking change (other than changes to killfiles). Based on responses I'd estimate about 60% of FBSD users didn't want the logo changed before the contest. Based on responses post-contest results, I think about 90% of users hate the new logo. Despite what 24-hour cable news channels might like to have us believe, % self-selected email senders % actually holding opinions. Asserting that these are valid statistics is nonsense. Like many folks who really don't care about the logo all that much one way or the other, I simply won't be reading or posting on this subject any more (making any future post counts that much less valid as statistics). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New FreeBSD Logo
fbsd wrote: The point being it was not announced on the questions list. Non-technical announcements are not in the questions@ charter. The point being the logo affects all the users just not the core committers. And it affects you in exactly the same way as thousands of other choices made by core without your explicit involvement or approval. Love the new feature and use it, or, don't use it. It's real simple. Why don't the complainers on this subject seem to understand that they are in no way compelled to adopt, deploy, endorse or enjoy the project logo? Use Beastie if you like, there is absolutely no one telling you that you can't (except, um, its copyright holder). Quite trying to make a non-subject out of something that effects us all. Quit using question@ as a beauty contest / user rights forum, please. It *is* far OT, especially since there are other forums specifically for such subject matter. The logo issue is a horse that has been solidly beaten to death, raised as a zombie, chased with torches and pitchforks, burnt to crispiness, buried and then (surprise!) brought to life again this week for another 1,001 rounds of beating and flaming. Tiresome, really. No one is belittling the subject, only pointing out that it's both OT and done with. The appearance of the logo on the Web site is not a beginning, it's a finality. If you want to hack and burn the undead, go play Oblivion. ;) Maybe now is the time to ask the list if that want to vote on keeping the new logo? Or on if a new logo is wanted at all? Wrong forum, years too late. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New FreeBSD Logo
cpghost wrote: On Wed, May 10, 2006 at 10:03:04AM -0500, Greg Barniskis wrote: No one is belittling the subject, only pointing out that it's both OT and done with. The appearance of the logo on the Web site is not a beginning, it's a finality. questions@ is for general user questions. The sex-toy just appeared on the main website, and a user then asked questions about it. That's a perfectly valid forum, *especially* considering the current time frame. Point taken. I could have phrased that better. * What/when/how did this happen? * How and when can it be undone? * Why didn't I hear about this before? These are indeed all perfectly valid questions. What I was trying to express is that the askers really don't seem to be accepting (or even seeing) the perfectly valid answers: * See the archives where this was beaten to death multiple times. * The best place to pursue such matters is in those forums chartered for PR and general chatter. * Read [EMAIL PROTECTED] To those taking affront at such answers, no one is saying oh, fork you! in some intentionally rude or belittling way (at least, I'm not), they're saying forking (process-wise) to the appropriate forum is the logical thing to do. And [in response to the opposition party] no, I don't buy the assertion that questions@ is the correct forum to continue fighting in simply because it's popular. That's like saying spam is good because it reaches a lot of people cheaply. Forums have charters for reasons. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: details about EOL (of FreeBSD 5.4) ?
Kris Kennaway wrote: On Tue, May 09, 2006 at 11:20:21AM +0200, albi wrote: i'm running 5.4 on a few servers, and i wondered till when security-updates will be available http://www.freebsd.org/security/ says that the EOL is estimated may 31 2006, but does that also mean no more security-updates for 5.4 ? Yes. [blink blink] I'm not at all opposed to RE@ and security@ making hard decisions and doing whatever is needed to best further the project's goals (so please don't read this as flame bait). But I have to confirm what I just read: 5.4 is EOL before 5.5 is released, and even before 4.11 and 5.3 are EOL? Or is it really the case that the EOL table should list /2007/ for 5.4 (same day as RELENG_5)? If 2006 is accurate, this is registering on me as a significant POLA violation. Very hard to believe this is accurate. If accurate, what list/channel/forum should I have been paying more attention to? PS - many thanks to all RE, security and all other contributors. Testing of 6.1 is indicating all is well for our purposes and hardware. So if 5.4 really is EOL, we'll move forward, just a little quicker than previously planned. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: details about EOL (of FreeBSD 5.4) ?
Kris Kennaway wrote: On Tue, May 09, 2006 at 10:40:06AM -0500, Greg Barniskis wrote: If 2006 is accurate, this is registering on me as a significant POLA violation. Very hard to believe this is accurate. If accurate, what list/channel/forum should I have been paying more attention to? security@, and the website where this has been announced for a LONG TIME. The policy and rationale is all there. OK, thanks. Searched back in my security@ archives and found it, plain as day. The discussion of 5.4's fate did happen long ago. I actually read it carefully at the time but didn't think much of it, believing we'd surely have our servers on 6.x by now. So I totally take back the POLA statement -- I knew this was coming and it was my mistake to forget and let mgmt. defer the upgrade plan. We'll do an interim hop from RELENG_5_4 to RELENG_5, and escalate our path to 6.x adoption. Actually, it'll be nice to wave the EOL stick to force some action on that. Running EOL server parts is against policy. =) -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions@freebsd.org
Marty Landman wrote: I've just reinstalled FBSD 4.8 from the mini-iso on an old box (PII-133 w/ 3 GB on two hd's). The problem I'm running into is that my ports are looking for old, outdated packages, I think. So going from http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.htmltried to install cvsup to do a port upgrade: mrwilhelm# pkg_add -r cvsup-without-gui Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.8-release/Latest/cvsup-without-gui.tgz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch ' ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4.8-release/Latest/cvsup-without-gui.tgz' by URL mrwilhelm# Same problem though, how can I tell my system where to get access to the 4.8stuff? I don't think there is any /easy/ way for you to continue using 4.8, which is not officially supported. If you install 4.11 you will have better luck with ports and packages (for as long as 4.11 is supported, anyway... the 4.x line is still widely used, but is EOL except for security updates). Someone may be able to provide you with a 4.8 workaround for a cvsup package (OK, I see someone did already!), but that may only be the beginning of a long train of workarounds you'd need. Using 4.11 will provide somewhat more of a panacea. If you have enough RAM, go ahead and install 5.4 or 6.0 (or soon enough, 6.1). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: freebsd-questions@freebsd.org
Marty Landman wrote: On 5/8/06, Greg Barniskis [EMAIL PROTECTED] wrote: Marty Landman wrote: I've just reinstalled FBSD 4.8 from the mini-iso on an old box (PII-133 w/ 3 GB on two hd's). The problem I'm running into is that my ports are looking for old, outdated packages, I think. If you have enough RAM, go ahead and install 5.4 or 6.0 (or soon enough, 6.1 ). Hi Greg. My issue is that would like to continue using this box and - possibly because of the age of the cdrom - am having a problem installing with my 6.0 iso too. :( This box has 82M of ram, forgot to mention that. And it is running 4.8 with just about nothing on it, and it is networked with my office broadband connection. So, is there a simple way I could install over the net? And how high a release could I go? Obviously I won't be putting X windows on there but if I can get Apache w/ mod_perl, Samba, Mysql and Perl it'll be a useful machine for my intranet. I had all that on before but apparently 4.8 isn't going to work for me now unless I have a time machine. That's plenty of RAM for basic installation and modest non-GUI usage. I've no idea how much RAM Samba and MySQL might need to thrive though. If you ran them before, you should be able to keep doing that. According to the fine manual, you should be able to boot from a floppy and install 6.0 over FTP. It's just like installing from CD, only slower, generally . See section 2.2.7 of: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-pre.html I'd try re-toasting the 6.0 ISO myself. Use the slowest burn speed available on your burner -- older CD-ROMs sometimes have a problem with discs burned at a high speed. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6.1 install problems with creating partitions
Eric Dan wrote: update: I actually backed up the ext3 to another hard drive and got rid of all partitions and slices on that drive. installer still can't do it. the exact error says: unable to make new root file system on ad3sa1 then i hit return and it says: couldn't make file system properly any ideas? * Eric Dan ([EMAIL PROTECTED]) wrote: trying to install 6.1 on my secondary master partition or slice 2. I come from linux so please be forgiving with the naming or slices and partitions. i created a 40G slice on ad3 with fdisk, then with disklabel i created a 4g /a 512M swap and the rest for /home i used the S option on the / partition. You may need to drop some more assumptions that you are bringing from the Linux world -- you seem to be trying to manually impose the Linux way of dividing up the space, but that is really not what a typical FreeBSD partition/slice scheme looks like. As long as you have essentially wiped the drive already, you can use the FreeBSD installer's Auto Defaults option to get a look at what the installer is expecting you to do, and then tune that as desired. On the FDISK screen, press A to use the whole disk, then on the Disklabel screen press A again for Auto Defaults. Or, have a closer look at the handbook for more details, http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-steps.html (esp. figure 2-22) -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTPd recommendation?
Jerry McAllister wrote: Using what comes with the base system. Having no problem. Same here. If functionality is in the base, my philosophy is that replacing it violates the KISS principle unless the replacement offers some additional functionality that justifies the change. Security problems detected in the base are usually fixed very, very quickly. If truly worried about the security of any ftpd (base or not), jail it and (if you can) firewall the access to limit usage to specific clients. Probably better, use SCP or SFTP instead of plain old FTP. Of course, you can't block or secure logins if you're aiming at anonymous access from the big bad Internet, but jailing the service might be sufficient then. You might get better answers if you posted details about intended use and any atypical functionality required/desired. There are nifty ftpd replacements available that serve particularly well for some environments. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTPd recommendation?
Greg Barniskis wrote: Jerry McAllister wrote: Using what comes with the base system. Having no problem. Same here. If functionality is in the base, my philosophy is that replacing it violates the KISS principle unless the replacement offers some additional functionality that justifies the change. OK, so... after I wrote this I looked at the vsftpd site recommended by others and I'd have to say this probably is a justified swap. The number of high end vsftpd users (including -- hint hint, enable_cluestick=YES -- freebsd.org) is a pretty clear testimonial. I'm guessing the only reason this baby is not the base ftpd is its inherent GPLness. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rsnapshot: /bin/cp failed
Jim Stapleton wrote: Anyone know what would cause this? I am on a 6.0 system, an installed rsnapshot via ports. It looks like it wants to use the -a option, and cp doesn't like that, what's the fix? [snip] ERROR: /bin/cp failed. Perhaps this is not GNU cp? ^^^ Install GNU cp, available as part of the sysutils/coreutils port. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: postgres
eoghan wrote: Hi I am installing postgres81-server from ports, but it gives me an error. It requires postgres81-client but I have postgres74-client installed. I have not installed this port, so is there something that uses this? I cannot find any pgsql script. Would it be safe to remove 74-client and install the latest version? Short answer: probably safe, yes. Longer answer: Have a poke at # pkg_info -R postgres74-client (or however that client package is actually named) This will tell you what other port(s) you have installed that presumably need/want you to have the 7.4 client installed, and thus what might be broken by your forcing an upgrade of it. Then you can decide if it's worth the risk, what to test after, what contingency plans and backups to make, etc. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Dell vs. Silicon Mechanics vs. FreeBSD Systems
Questions wrote: Anyone have any opinions about the quality and/or value of these respective vendors? [snip] How does Dell fit into all of this? I haven't dealt with Dell in years but when I have in the past, there didn't seem to be any major issues. I'm looking at a Power Edge 1850 with the Embedded RAID (ROMB) - PERC4e/Si Controller. Folks' mileage with Dell really seems to vary, so I'd guess you're going to get a broad range of responses on that question. Our experience here is pretty consistent, over a long period of time: Dell's low end consumer systems (e.g. Dimension models) tend to be flaky, to the point where we simply won't buy them anymore, while their high end business systems (e.g. Optiplex, PowerEdge) tend to be pretty reliable, to the point where we'd need a pretty compelling reason to change vendors. There have been exceptions (like a large percentage of GX270 mobo's dying early due to bulging capacitors), but they've been pretty good about providing replacement parts, once we jump through all the hoops that their first tier phone support throws up. Does Dell support Serial Console Redirection without their extra lights out card? Can't comment on that as we've never needed to try. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Trunking connections
Michael Landin Hostbaek wrote: List, In a branch office, I've got two ADSL lines setup (with two different ISPs) - one of them are supposed to work as backup line, but since it is a ADSL flat fee line, I was wondering if there's a way of setting up some sort of a trunk with FreeBSD, so I can make use of the extra bandwith. This has been discussed quite extensively on the list in the past, and if I recall correctly the answer is basically no, unless the lines go to the same ISP and they also configure the lines this way on their end. There may be various ways to dynamically dink your own routing table to try to balance your outbound traffic, but by the very nature of IP the inbound traffic cannot be regulated without full cooperation of the upstream routers. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: question on ftp - drag and drop
Alex Zbyslaw wrote: Kevin Kinsey wrote: [snip] Sounds (perhaps) more like a job for Samba than FTP. I'd agree with Kevin, but if you do want FTP then maybe try a proper FTP client rather than IE as they may do what you want. Try maybe FileZilla or CuteFTP. I've used Filezilla a lot and like it. IE's FTP functions are a [censored] piece of [censored]. (what did you expect? ;). Another solution you might consider is Unison (or some other file system synchronizer), to make everyone's files available on the laptops even when they are not connected to a network. I use the Cygwin command line version on Windows laptops to sync with a FreeBSD central server, but I'm pretty sure there is a Windows GUI version available as well. The great bonus of the CLI way is being able to script it and make it a (mostly) hands off solution. If you go that way, be sure all the Unison versions match on every host (so be careful with portupgrade and friends). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Wanted: Flash player for browser_of_choice....
Chad Leigh -- Shire.Net LLC wrote: On Apr 12, 2006, at 10:08 AM, Greg Barniskis wrote: The Business Software Alliance will gladly descend on suspected violators of any commercial software EULA with a horde of lawyers and auditors and fines in the 5-6 figure range per violation. The business software alliance is not a government agency and cannot levy fines without a court order to enforce them. And unless they have a court warrant they cannot enter my premises either nor audit any of my machines (not that I have anything to hide, I don't, but people should know their rights) IANAL (IANALAIDPOOTV) and all that IANAL either, but my understanding is that what BSA asks from the legal system, BSA (mostly) gets. Someone else mailed me privately that BSA had suffered some significant legal setbacks recently, but they are by no means rendered toothless. There are obviously matters of formality and timing, and (if you've pockets deep enough) you obviously retain the right to fight and fight and fight against it in court, but the bottom line still seems to be that if BSA wants to audit someone's records and systems, they will very likely be handed such subpoena paperwork as is needed to compel the target's cooperation. Anyway, this is getting way OT... I'm not on -chat but would entertain any other comments off list if mailed directly. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Wanted: Flash player for browser_of_choice....
Andy Greenwood wrote: On 4/12/06, Paul Schmehl [EMAIL PROTECTED] wrote: Ashley Moran wrote: Petition? How about we sue them? How can a vendor dictate what platform they allow their software to run on? Just because they designed it for some other OS doesn't mean, if I can figure out a way to make it work, that they can tell me I can't run it on that platform. With the Current EULA, that's exactly what they CAN do Indeed they can, and at least in the U.S., commerce law basically backs their rights to be total asses about it if they so choose. It's their intellectual property and you must toe their line on their terms, whatever the terms. Pulling it from ports was the only logical short-term response to this silly restrictive language. I'm not a lawyer either, but frankly I think their EULA is unenforceable and their attitude ought to cost them customers. They don't really need to enforce it themselves. The Business Software Alliance will gladly descend on suspected violators of any commercial software EULA with a horde of lawyers and auditors and fines in the 5-6 figure range per violation. Would they, in the case of a lone user who's just trying to browse the Web? Probably not, but stranger things have happened (RIAA, Sony DRM, etc.). FWIW, I don't really care if this gets resolved. I'd estimate 95% of Flash content I'm exposed to is somewhat-to-totally undesirable (way too animated ads), and the remainder's value is mainly just entertainment-oriented and not so precious that I'd really fight for it. On the other hand, I'd applaud anyone who does fight it, on principle alone. It's a bad EULA, 'nuff said. Good luck! -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: src upgrade from 4.11-p16 to 5.4 possible?
B. Cook wrote: [snip] Stop in /usr/src/usr.sbin/pcvt/vgaio. *** Error code 1 === usr.sbin/pcvt/ispcvt cc -O -pipe -c /usr/src/usr.sbin/pcvt/ispcvt/ispcvt.c cc -O -pipe-o ispcvt ispcvt.o gzip -cn /usr/src/usr.sbin/pcvt/ispcvt/ispcvt.8 ispcvt.8.gz === usr.sbin/pcvt/vgaio cc -O -pipe -I/usr/obj/usr/src/usr.sbin/pcvt/vgaio -I/usr/src/usr.sbin/pcvt/vgaio -c vgaio.c In file included from /usr/src/usr.sbin/pcvt/vgaio/vgaio.y:56: /usr/obj/usr/src/i386/usr/include/machine/cpufunc.h:60: error: syntax error before bsfl /usr/obj/usr/src/i386/usr/include/machine/cpufunc.h:60: error: syntax error before mask /usr/obj/usr/src/i386/usr/include/machine/cpufunc.h: In function `bsfl': [snip] I don't have the expertise to get deep into fixing any CPU code bugs, but I've seen a roughly similar error in the past and fixed it with just basic procedures. Have you tried doing rm -rf /usr/obj/* before your buildworld? This step doesn't seem to be in the upgrade guide you cited, but it is in the Handbook under general buildworld procedures. Section 21.4.6 of: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Best way to print photos
M. Warner Losh wrote: OK. I got bordered photo printing working. I haven't gotten borderless printing working, alas. The key points I learned: (1) Install print/cups. (2) Install graphics/hpijs. This filters .ps - goo the printer groks (3) Install graphics/gimp. This makes .ps files (4) Kill lpr/lpd before starting cups. (5) Make sure you configure lpr/lpd not to startup on boot (6) Remove lp* binaries (7) Setup buildworld /etc/make.conf so it doesn't build lpr with NO_LPR or WITHOUT_LPR (8) Add printer via localhost:631 web interface. (8) Set printer to draft mode via cups for testing (9) Use firefox to generate test prints. (10) To print from gimp, I have to remove the '-l' from the command line every time I print in the printer setup. This causes the raw .ps file to go to the printer, rather than via cups' postscript filter for the printer. (11) To get photos, one must set photo quality via cups setup interface. [snip] Thanks very much for posting back a solution summary. I tried to monitor this thread but it got to be more verbose than I could digest. This is most helpful. I'd love to know how to print borderless prints (right now I get 1/4 (8mm) boarder on the prints). Perhaps I'm not reading you right, but if you mean you want to print your images all the way to the physical edge of the paper, I think you are out of luck. As I understand it, most consumer model printers simply do not (physically cannot) support that. In PDF terminology, you've got the MediaBox (paper size) is one thing and the Bleedbox (printable area) is another, smaller thing. Then there's the Trimbox, an even smaller area where printing is thought to be reliably accurate. Of course, if you can print borderless on your particular printer via Windows, then you should have a reasonable expectation of being able to do that in FreeBSD as well. However, if you regressed your setup I think you'd find that the hardware is the limiting factor. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: software recommendation
fbsd_user wrote: I am looking for am application that will simulate a browser and allow me to program responses to filling in forms from the internet application the browser is accessing. I have read about this type of thing before and even seen it mentioned on this list but at the time I had no interest in it. I don't even know what this type of function is called so I can not do a successful web search or ports search. I tried the words scraping, session capture, and browser session simulation all with no luck. Does anyone know what this is called or the port name if there is one? If you like Perl at all, take a look at WWW::Mechanize and its companion modules, e.g.: ./devel/p5-Test-WWW-Mechanize ./devel/p5-Test-WWW-Mechanize-Catalyst ./www/p5-WWW-Mechanize ./www/p5-WWW-Mechanize-FormFiller ./www/p5-WWW-Mechanize-Shell There are probably (many) other Perl modules that would be of tremendous usefulness, but WWW-Mechanize is specifically designed for what you are asking. http://search.cpan.org/~PETDANCE/WWW-Mechanize-1.18/lib/WWW/Mechanize.pm -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache config question
Darryl Hoar wrote: Greetings, I have a Freebsd 6.0-Release system that I just installed. I have installed Apache 1.3.33 from the ports system. I can see the index.html file when I point my browser to the server. What I can't do is : browse to : http://server/cgi-bin/cscripts/myscript.cgi I get a 404 Not found. The requested URL /cgi-bin/myscript.cgi was not found on this server. The file myscript.cgi is located in the /usr/local/www/cgi-bin directory. I verified this. I have added: Directory /usr/local/www/cgi-bin/cscripts deny from all Options ExecCGI AllowOverride AuthConfig Order deny,allow /Directory to the http.conf file. I did /usr/local/sbin/apachectl stop /usr/local/sbin/apachectl start. of course /usr/local/sbin/apachectl configtest says the config file is OK. What am I missing here ? well, is your script really in www/cgi-bin/ or is it really in www/cgi-bin/cscripts/ ? Your config and testing examples are not consistent as written above. That may just be transcription error due to writing email in a state of puzzlement/frustration, but if not, that inconsistency is clearly part of the problem. Also, you may have reasons for trying to do things this way, but it is really not necessary to give any special httpd.conf directives (e.g. ExecCGI) for subdirectories of cgi-bin, which is already configured as a ScriptAlias by default. Everything under it is considered to be executable if file system permissions are correct and Apache's access controls allow entry. The configtest only tells you that your config file is syntactically valid, not that it's the right thing to do. One would normally only need to add the ExecCGI option to a special directory in your normal document space (storage areas not already designated as ScriptAlias content), but not to children of cgi-bin. Just make your script files executable by permissions (755) and let the default config handle it. In short, your config seems rather odd to me, but I'm no expert beyond the simplest CGI needs and as I said, maybe you have reasons for added complexity. If not, don't add complexity where not needed. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: business of BSDmall
fbsd_user wrote: BSD mall is separate company. This questions list has nothing to do with it. That's very true, but it may be of general interest that the site has had some service issues. I tried to order some stuff there a year or two ago and while they did (eventually) answer my repeated queries about the order, it was not a happy experience for me. After more than a month of going in circles and getting nowhere, I had to instruct my credit card company to negate the charges (as the card had been charged even though my order had not shipped). The mall folks were nice enough about it when they did finally reply, but their action on the problem came way, way, way too late to be considered reasonable. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of antonio zacca Sent: Thursday, March 23, 2006 9:05 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: business of BSDmall Hello I am a consummer from JP and have shopping a CD for FreeBSD4.9 on BSDmall where linked from this site. I am sure to remember date of order is end of FEB so Its been almost all a month but nothing to reach me from BSDmall. I sent e-mail to them twice for checking of shipping for my order but even no answer. now what I want to ask here is BSDmall is working or not? if they are working with no torable why they ignore me? credit card company already have charged for this shopping. I know It takes approx ten to couple of weeks for trancportation from US to JP coz I have often shoped from Oversee particuler from US alots. if someone have time and get my hand for me please thanks for any reply PS: my name is Yoshiya Imai I have no infomation of order coz BSDmall never have sent any e-mail to me ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: help: fetchyahoo crash in perl on upgrading to 6.1-PRERELEASE #0
Rajarajan Rajamani wrote: I am having a crash when trying to use fetchyahoo. Prior to upgrading my box from 5.4 to 6.1 there was no problem. After upgrading to 6.1 (and cvsup'ing all the ports) I did a portupgrade -fa to recompile all of them. Now I am having the following problem [snip] I have recompiled perl and all the ports that fetchyahoo uses but to no avail. [snip] re: perl, did you perform the required perl-after-upgrade tasks (see /usr/ports/UPDATING)? Perl going funky after a major upgrade is often due to overlooking this. I've no idea if that is related to your problem or how to address your problem if it's not, I just know of several folks who were bitten by not submitting themselves to UPDATING wisdom. Your mention of perl brought it to mind. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSHD Help?
Huy Ton That wrote: I am sure I am lacking the technical knowledge to get this running but. I setup (more like started) the sshd daemon. Now I have this system setup at home and am just using it for experimenting. When I try to SSH into it, it queries me for my user name, in which case I am logging in as root. I key in roots password (is this password the same as the main root password?) and it returns permission denied, please try again. I'm guessing I am not asking the right questions but I was under the assumption that the password would be the same as root or whatever user I'm trying to login? Any tutorials? I'm going crazy :(. As part of the default security posture of sshd, root is not allowed to log in remotely, only on the console. It is best practice to log in as a regular user (who is a member of the wheel group) and then use su (or sudo) to perform tasks that require root privilege. This practice results in better logging of who did what when. If you really want to allow remote ssh root logins (seriously, you probably don't ;) this can be achieved. See: man sshd_config -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: To track or not to track
Chris Maness wrote: I just wanted to get pros and cons for tracking the whole port tree on a production server. Any opinions? If by track you mean regularly download, compile and install all available updates, the big con is that you can sometimes break your box. More frequently you won't break anything but may need to spend considerable time babysitting the process, often needlessly since many updates are for features you'll never use. Tracking updates aggressively is a job for a dedicated build/test server that makes packages and dishes them out on demand, as needed (via NFS, rsync or your favorite sync method) first to other test servers and then to production servers.This way production boxes only get tested updates, on your schedule, for your reasons. You can best follow the not broke, don't fix credo by regularly doing cvsup (in case an upgrade is suddenly required), but only doing updates on production servers when: * there is an official FreeBSD security alert * portaudit throws a fit based on one or more of your installed port versions * some business requirement of yours creates a definitive need to have the latest version of something -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: New logo, new look
fbsd_user wrote: Check here to see new logo and then post your thoughts. http://logo-contest.freebsd.org/result/ Been there, done that. With all due respect to those with opinions, and their right to voice those opinions, this is not a question and in fact the subject is a horse that's been beaten to death, scalded with acid, ground into dust and thrown to the wind several times around already. The deed is done. Please, please, please take this thread to -advocacy@ or -chat@ where it belongs. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Webserver behind nat/ipfw
freebsd-questions wrote: Hello all, I have been struggling for the last months now to run a webserver behind a firewall. I have installed apache 2 on a Opendarwin G4 machine hebind a FreeBSD 6 firewall/nat box: internet ]-[ outside IP ] modem [ 192.168.1.1 ]-[ nge0: 192.168.1.40 ] FreeBSD 6.0 : natd, ipfw [ fxp0: 10.31.21.1 ]-[ en0: 10.31.21.2 ] OpenDarwin webserver When I run apache from the firewall people can connect. Tcpdump on en0, fxp0 both show the right incoming and outgoing traffic on the webserver as expected. It also shows that incoming traffic on the firewall on port 80 is succesfully translated to to the firewall's IP. I can access the website from the LAN (from the firewall itself and going through the firewall via not shown nge1 10.31.20.1) Does tcpdump show the web server returning packets to the firewall? That is, are you barking at ipfw/natd when the problem is the web server's idea of proper routing for addresses outside the firewall? If the web server gets requests from the firewall and also returns them properly, add verbose logging to every ipfw rule so you can see exactly where they get clobbered. I am clearly missing something here in the way the respond from the webserver should be sent back to the internet requests. If I only knew what... I have tried adding lines like: ipfw 3 add divert 8668 all from any to any 80 I don't think that is what you want. I even tried running a second natd and diverting all traffic on port 80 through it without any result. Nor that. I am out of ideas now... Goole-ing for a month lead me to instructions how to run ipfw OR natd, i couldn't find one that combinse the two. man natd more /etc/rc.firewall (the stock rc.firewall, not one you've heavily experimented on) It should be pretty simple to make them work together. Perhaps you're trying to make it more complicated than it is? Simply divert to natd at an appropriate place in your ipfw rule set. Note how the example rules in the stock rc.firewall do RFC 1918 spoof checks before and after the divert, then get into what kinds of non-spoofed connections are permitted or denied. Can anyone help me setup nat and ipfw so that the webserver is able to respond to incoming http requests? Many thanks in advance, Arno HARDWARE: internet ]-[ outside IP ] modem [ 192.168.1.1 ]-[ nge0: 192.168.1.40 ] FreeBSD 6.0 : natd, ipfw [ fxp0: 10.31.21.1 ]-[ en0: 10.31.21.2 ] OpenDarwin webserver GREP NAT /ETC/RC.CONF: natd_program=/sbin/natd # path to natd, if you want a different one. natd_enable=YES # Enable natd (if firewall_enable == YES). natd_interface=nge0 # Public interface or IPaddress to use. natd_flags=-f /etc/natd.conf # Additional flags for natd. /ETC/NATD.CONF: unregistered_only yes use_sockets yes same_ports yes dynamic yes ### Forward all incoming http access to Webserver redirect_port tcp 10.31.21.2:8080 redirect_port tcp 192.168.1.40:80 10.31.21.2:80 My working gateway's natd.conf uses only one redirect: redirect_port real.web.server.IP:8080 Is the second redirect above part of your problem? Seems odd. Sorry, I haven't time to offer any specific advice on your ipfw rules except to suggest that liberal use of logging can help you isolate any bad assumptions really quickly, especially if you are able to test in a controlled lab environment so there isn't a lot of noise. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: rebooting and crashes on dell server
BSD Guy wrote: Theres alot to this problem, but I'll try to be concise so I don't loose people. I started out with a cheap dell server running scsi raid and 5.x It crashed or locked up with a kernel panic in a different process (everything, syslog, you name it) ever few days. I swapped ram around figuring it was at fault since it was bought used on ebay. Still no luck. Tired of messing with it, I bought a new dell poweredge 2650, with scsi raid, a couple gigs of ram, duals, and just a new system, configured it, copied user data over and switched to it. Sure enough still the worst stability I've ever seen. It has dual power supplies, each in a different UPS. I don't believe power is the problem or I'd see similar problems on the other server or router I have plugged in there. I even upgraded to 6.0-Release-p1 but no luck. It panics from time to time, but usually now it just randomly reboots. Often at least every 36 hours. Often 2-3 times a few minutes apart when it does. I did install a debug kernel 2 weeks ago to try to get a crash dump, but no panic's since then. [snip] Been running FreeBSD on Dell 2650's for a long, long time now and never had a single hardware issue that was specific to FreeBSD. Early firmware versions for this model had issues, but you say yours is brand new... Got a DRAC card? Tried disabling it? We don't use them here but I have noticed frequent list chatter about how to use these with FreeBSD (and how not to have problems with them). See the archives. I definitely agree with the suggestion to pound on the system with Dell's native diagnostics software; this'll be among the first things you're asked to do if you call them for support. If you've blown away their diagnostics partition, you should still be able to go to support.dell.com and download a bootable ISO of them. Barring that, a plain old http://www.memtest86.com/ test may help. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: help i need a help
Tim Daneliuk wrote: As Mike points out, you do *not* need X or any GUI tools to do any of this. Well, you don't need a GUI to access the files and share them in the sense of raw file share functionality. I think perhaps the OP was getting at sharing at a higher level, like Windows User A being able to hand off an Office file to FreeBSD User B and User B being able to whip out OpenOffice and edit that file. There's probably a few on this list who'd be comfortable editing an Office doc in vi, but I personally wouldn't recommend it. 8) A /complete/ sharing solution may need to include the users and their need for some X Windows apps. The OP didn't state such a need explicitly but to me it seemed implied that the FreeBSD PC needs to open the Windows files and probably vice versa. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: question on NAT for multiple subnets
Ted Mittelstaedt wrote: -Original Message- From: Greg Barniskis [mailto:[EMAIL PROTECTED] Sent: Friday, February 17, 2006 10:14 AM To: Ted Mittelstaedt Cc: freebsd-questions Subject: Re: question on NAT for multiple subnets Ted Mittelstaedt wrote: I've never done it but I think you can run multiple nat instances and multiple divert sockets, you will have to specify them in the config file to natd, though. Excellent. That's what I was hoping for. So instead of one divert natd rule in ipfw, I simply need divert N, divert N+1, divert N+2, etc. where N is a port number where I bound my first natd, N+1 the next natd instance, etc. I think I can manage that. I looked at the man page for natd and they specify the divert port with -port, and alias address with -alias_address Your going to have a bit of trial and error to work this config out but it shouldn't be that bad. I would love to see it posted here once you get it working. I will share anything I get working, when I do (ipfw, pf or otherwise). Might be a while though. My immediate need was only to answer the question of whether any significant lab time on it was even worthwhile. A yes answer means the topic's tabled for a couple of weeks at least. PS: A firewall with a shell that you can actually initiate a telnet session from knocks a PIX into a cocked hat. And I just love dealing with a PIX on a network that has multiple gateways on it. Nothing like the lack of icmp redirects to get you swearing. Wouldn't be asking if the subject hadn't been discussed by staff in terms of Can't we do this outside the [grumble|mumble|curse] PIX?. Not to knock it too hard; it does what it does pretty well, pretty fast, it's just that the things it doesn't do well are too many. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
question on NAT for multiple subnets
I'm sure I could figure this out from scrutinizing Google, the FreeBSD documentation, and testing in a lab, but I'm particularly pressed for time on finding the right answer to this. For a long time we've been quite happy coalescing all private IP client requests onto a single public IP address through NAT. Management now wants more granularity, at least one unique public IP per private subnet. Can I set up a single ipfw box that examines client source ip addrs and provides different public NAT addrs for each private client subnet? Any pointers to the best way to think about this issue much appreciated. If the answer is ipfw doesn't handle this, but some other fw does, fine, I just need to know which. Thanks! -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: question on NAT for multiple subnets
Ted Mittelstaedt wrote: I've never done it but I think you can run multiple nat instances and multiple divert sockets, you will have to specify them in the config file to natd, though. Excellent. That's what I was hoping for. So instead of one divert natd rule in ipfw, I simply need divert N, divert N+1, divert N+2, etc. where N is a port number where I bound my first natd, N+1 the next natd instance, etc. I think I can manage that. If it were me, though, I would try to setup multiple FreeBSD boxes, not only does that give you some redundancy, but it makes troubleshooting a lot easier. Thanks, but we're talking about a need for somewhere between 54 and 216 distinct NAT-subnet instances, maybe more. I really need a solution for one host, two NICs, that compares favorably to providing this functionality with a PIX. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Greg Barniskis Sent: Friday, February 17, 2006 8:43 AM To: freebsd-questions Subject: question on NAT for multiple subnets I'm sure I could figure this out from scrutinizing Google, the FreeBSD documentation, and testing in a lab, but I'm particularly pressed for time on finding the right answer to this. For a long time we've been quite happy coalescing all private IP client requests onto a single public IP address through NAT. Management now wants more granularity, at least one unique public IP per private subnet. Can I set up a single ipfw box that examines client source ip addrs and provides different public NAT addrs for each private client subnet? Any pointers to the best way to think about this issue much appreciated. If the answer is ipfw doesn't handle this, but some other fw does, fine, I just need to know which. Thanks! -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.15.10/263 - Release Date: 2/16/2006 -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to tell what ran what
Glenn McCalley wrote: Thanks Brian, that's already tonights project to run through those logs and see if anything jumps out there. What I think he might be doing is either POSTing the parameters (which won't show up) or he's loaded a file of email addresses and just triggers the mailer with a simple cgi request. Either way he's got to be calling sendmail or mail to get it out the door I believe. Actually, they can use a number of other ways to create the outbound SMTP connections. Perl, for instance, offers the Net::SMTP module (and numerous others that'd do the trick). They don't need to call on binaries outside of their own cgi-bin or leave any tracks for you other than a web access log entry. You might consider putting your customers in jails with unique IP numbers as a way to better strain out whose CGI is the source of what packets on your network. Probably not a trivial change to your working environment, but maybe worth it in the long run. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
Urs Schroffenegger wrote: To make an independent rhyming dictionnary program, I think you basically need to have a list of words written phonetically and with syllabes separation. After that, it's only a search function to find the matching pattern. The difficult part is to get the phonetic data. Isn't this sort of thing (word list with phonetic data) built into aspell's dictionaries? Also, whatever Thunderbird 1.5 is doing for spell checking is clearly doing some rather sophisticated phonetic matching (based on what I've seen it try to do lately with people's last names that it doesn't recognize). I'm sure there must be other OSS applications out there whose sources would at least provide clues on how to proceed, if not a handily packaged solution. PS re: the spam poetry submission... funny! For more random poetry fun, Google for the Shakespearian insult generator (several versions exist). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Question of Interest
Dinosaur wrote: Hello! Just a question of interest: How have you packed so much software to just two CDs? No one seems to be jumping on this one. While I can take no credit myself for this feat (and bow down humbly to those who can), I'll take a stab at a short answer: * standardized, interchangeable, re-usable parts * philosophical aversion to bloatware * much of the software included is not really on the discs, it's just pointed to from within the ports tree and downloaded on demand -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: What functionality is provided by minimal install
Giorgos Keramidas wrote: On 2006-01-31 14:56, Eric Schultz [EMAIL PROTECTED] wrote: Giorgos Keramidas wrote: On 2006-01-30 13:42, Eric Schultz [EMAIL PROTECTED] wrote: sysintall help that a Minimal install is just the base system. But what _functionality_ is provided by a *base system*??? A short `overview' of a sort can be seen with: # man 5 rc.conf For every daemon, service, or option that you see in that manpage, there is also a feature of the base system. Good afternoon... That's a very interesting idea. I guess that would cover (excuse my un-certainty with the terminology here) the /kernel/ but not the /userland/. For the /userland/ i assume I would still have to man every executable - and then some - that I find? No, many parts of the userland are configured by `rc.conf' options too. Of course, an exchaustive list of all the binaries in */bin paths is, uhm, a huge task. But you can also get an idea by: $ apropos . | more Also, the book _The Complete FreeBSD_ has many (all?) of the base man pages arranged in a convenient bound printed format. My copy is quite few years old though, and I really don't know how current or complete the most recent edition may be. The man pages are also available online in a very, very convenient hyperlinked format so you can explore the relatedness of various pieces with ease. http://www.freebsd.org/docs/man.html You may find the man section indexes online to be the most useful for the task of enumerating all functionality. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache not included
James Munro wrote: I'm a bit of a new user to BSD from Windows/Linux. But I recently went thru the 5.4 version installer and was pleased at how simple it was to install the Apache web server thru the sysinstall menus. After reinstalling with 6.0 I was surprised to find that apache wasn't an option from this menu. Any ideas if this is an omission or intentional? I would think a webserver would definitely be included in the basic config. Lots of things that are very, very popular and/or useful are not in the base system, for lots of good reasons. This is no great hardship though, since things are usually quite easy to add on later. In the past you were probably using the installer feature that lets you add 3rd party ported software packages to the base system immediately after the base OS is installed. I wasn't aware that the prompt for package add-ons had been removed from the installer script for 6.0, but I could be wrong. Perhaps you just missed it? I've a feeling the Handbook may need some updating with regard to screen shots but generally what you should have seen is described in part 2.9.14 of the Handbook http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-post.html In any case, the cure is simple if you elected to install the framework for the ports collection. Simply pkg_add -r apache If you did not install the ports framework when prompted to do so, then you will have to configure cvsup or portsnap and sync your ports tree before adding apache (or, reinstall and install the ports tree and apache during install). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portmanager status?
Micah wrote: Check out http://portmanager.sunsite.dk/preface.html I have decided to remove portmanager from the FreeBSD ports tree because I do not get along with the people in charge of FreeBSD ports. Sounds pretty permanent to me. Use portupgrade. The web site in question seems to have been updated to state that portmanager will remain in (return to?) the FreeBSD ports collection. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cannot ping anything
Derek Ragona wrote: See if you can ping your own interface. You should be able to ping it on both the loop back 127.0.0.1 and the 192.168.1.128 address. Well, he said he'd tried the loopback, but it's worth double checking of course. A finger fumble and a resulting false negative can lead to hours of useless troubleshooting. Fun for some, pain for most! The OP wrote: The output of netstat and ifconfig aboe are from today. I began having this problem yesterday, and left the box on over night. Yesterday's output was different in that the BSD box had a different IP address, 192.168.1.122. That is fine I understand that the box is communicating with the router and negotiating leases when they expire. However, why has the gateway to 192.168.1.1 changed from link#1 to the MAC address of my router. I am certain that if I restart the computer that same gateway will revert to link#1. If I'm not mistaken (warning: lately I have been mistaken more than is usual ;) you're going to get the link#1 indicator prior to your box having had any reason to arp for the router, meaning generally, that IP address should be somewhere in that direction. You'll see the MAC address after the box has tried and succeeded with an arp request, meaning that IP address is precisely right there. That the indicator changes to a MAC address is a sure sign of basic NIC functionality as well as cabling that transmits and receives OK, at least some of the time. I was previously using this HD in another machine to test IPF, with NAT also, and it worked peerfectly there. The fact that you can use arp and DHCP but not ping smells like there is leftover ipf/nat configuration or related kernel/module issues that are preventing appropriate packet flow. Ensuring that such features are disabled is the only thing I can suggest short of reinstalling, which I am fairly confident would solve the problem. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: httpd could not be started
Steven Narmontas wrote: I'm entirely new to FreeBSD, but have a fair amount of Linux experience. I installed FreeBSD 6.0 (Production Release) on an oldish i386 system. During the install, I asked to install ALL. The install went flawlessly. I need Apache on this system for some software development, so I followed these instructions I found at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html : # pkg_add -r cvsup-without-gui # cvsup -L 2 -h cvsup.FreeBSD.org /usr/share/examples/cvsup/ports-supfile # cd /usr/ports/www/apache13 # make # make install Everything to this point went smoothly! As well it should have, since you followed correct procedure. =) I edited /usr/local/etc/apache/httpd.conf ONLY to set the ServerName to the IP address of the machine. However, when I try to start apache I get: #/usr/local/sbin/apachectl start /usr/local/sbin/apachectl start: httpd could not be started [snip] Does anyone have any suggestions on how to get ANY version of Apache running on a new install of FreeBSD 6? Apache and most other add-on daemons on FreeBSD require that you explicitly enable them to run in /etc/rc.conf. Have you got a line apache2_enable=YES in your rc.conf? The need for this as well as the proper syntax should be noted in the file /usr/ports/www/apache2/pkg-msg. For any other port you install there's probably gold nuggets of info in its pkg-msg file. This stuff displays during the make install, but then so does several K of other info so it's not hard to miss these things. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: httpd could not be started
Frank Staals wrote: Greg Barniskis wrote: apache2_enable=YES in your rc.conf? The need for this as well as the proper syntax should be noted in the file /usr/ports/www/apache2/pkg-msg. For any other port you install there's probably gold nuggets of info in its pkg-msg file. This stuff displays during the make install, but then so does several K of other info so it's not hard to miss these things. In fact, it doesn't realy matter if you add apache_enable=YES to rc.conf ( since het installed apache13 adding apache2_enable=YES would be quite useless ... ) Duh. Sorry, the later line about him trying apache22 got stuck in my mind. when you start it manually from commandline, adding it to rc.conf is only usefull when you want to start apache from boot, which can be quite usefull, but it can't be the reason why apache wouldn't start. Oh. I was sure that I'd read in a previous thread that the lack of an enable flag would stop it from being started at all, but that must have been for a different port or in a different context. Anyway, thanks for the correction, always glad to have my misconceptions destroyed. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Strange Failure Mode in FreeBSD 4.11
Martin McCormick wrote: I built a FreeBSD 4.11 system recently which is to be remotely installed in another town. The system worked on our network while I tested it and installed several ports, etc. We then moved it to the town where it is supposed to live and now, there's big trouble. The Ethernet interface, known as em0 on this system, comes up According to all the messages. If, however, you try to use it, it is as dead as a stone. If I try to ping the local host from root, I get this: ping: sendto: Permission denied ping: sendto: Permission denied ping: sendto: Permission denied I get the same response when trying to ping real hosts over the network. This smells like ipfw denial -- at least, that is the exact same message I get on a box where ICMP is blocked by ipfw rules. When it shipped, did your new box go into an IP range for which ipfw rules (or other filter) would apply, where maybe they did not previously apply on your build/test network? Pinging that system from a known good system is like pinging a disconnected Ethernet jack in that absolutely nothing happens. If I'm right, you'll see that something happens, in at least the target IP address is ARPed for and you should see the target's MAC in the arp table on the known good system, even if the pings never return. That should at least give you confidence that the NIC in question is functioning insofar as it responds to an ARP request. tcpdump is possibly your friend as well here. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Strange Failure Mode in FreeBSD 4.11
Martin McCormick wrote: In rc.firewall, there is a place where one can include a table of local rules and that's where I am doing something wrong. The place in rc.firewall reads: # filename - will load the rules in the given filename (full path required) This section of rc.firewall refers to valid values you can place in rc.conf for firewall_type. In rc.conf you can name any of the types defined in rc.firewall /or/ you can specify a file of your own (instead of rc.firewall). I don't think you can invoke rc.firewall /and/ another file you name. Well, OK, surely there is a way to do that, but that functionality is not the intent of this part of rc.firewall and rc.conf as I understand it. I'm sure that if you put your custom rules in a shell file that you can use rc or cron to load those rules at boot time; you'd just need to be careful with rule numbering, maybe use ipfw sets for rule ordering, etc. Maybe easier to just cp rc.firewall custom.ipfw, edit to your needs and use firewall_type=/etc/custom.ipfw -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Strange Failure Mode in FreeBSD 4.11
fbsd_user wrote: The firewall section of the handbook states that the rc.firewall file is an example. You really should read the firewall section of the handbook and use the working examples contained there. Oh, most definitely yes. I was assuming Martin (the OP) knew this since he clearly had gone to the trouble of writing custom rules, and that the problem was just one of successful integration. I only use the stock rc.firewall for basic testing, training and POC work, otherwise I do something like this: cp rc.firewall custom.ipfw, edit to your needs and use firewall_type=/etc/custom.ipfw And having glanced at the handbook just now, I believe that I flubbed that assertion above, and the proper use is firewall_script=/etc/custom.ipfw with firewall_type being used to select from within a multi-mode case structure such as rc.firewall has. Sorry, it's been a long while since I actually edited any part of my firewall rules (love that FreeBSD stability ;). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to tell aspell -c to ignore _, , , and other bytes
Gary Kline wrote: People, You may remember that I'm trying to scan 400 pages from a text. Things work much better using he latest gocr and a greatly enlarged JPEG image, tweaked with xv. I'm almmost to the point where I can use aspell -c to correct misinterpreted text. The gotcha is that the sample jpg file I have are filled with improper non-characters, including _, ', , along with punctuation, and random integers. Is there any way to tell aspell to look at (say) S_wiss and guess Swiss, an6yle and guess angle, n:otio:1 and guess motion, and di.5tnnce and guess distance? You might get somewhere with the bad-spellers suggestion mode setting, which should make it more aggressive about trying to find a match for mangled strings. However, I understand that in this mode it's still looking for soundslike mistrakes, not 9 looks like g and the like. This mode also turns of checking for typos IIRC, but those checks really won't be helping you anyway since they're looking for fumbled keystrokes, not lookalike chars. Tuning the edit distance may or may not help for those really bad mangles. Other than that, you should probably ask this question in an aspell support forum for best results. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: format disk in bsd
Hieu Nguyen Danh wrote: Hi everybody I have about 20Gb unused space and 40Gb of NTFS on my HDD an I want to change them to ufs . But everytime when I tried with cfdisk-linux or sysinstall = configure = fdisk (as root ) it is said that I am not allowed to write disk table (or something like disk read only ) But I am root , why did it happen? someone show me solution plz? Are you booting FreeBSD from a 3rd partition on that same disk, and then trying to run these tools? I don't believe that is allowed. You need to boot from CD or floppy to do formatting and partitioning on the same drive that FreeBSD normally boots from. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6.0-REL isos of distfiles
RW wrote: On Friday 30 December 2005 13:54, Greg Barniskis wrote: distribution ISOs as packages. Again, if you simply must have sources not packages, then at your high speed location, do something like: portupgrade -F '*' Then burn your own ISOs any which way you like. Try to be more specific about what you want than '*' or you may be sorry due to the sheer volume -- do you really want all of the sources for nearly 14,000 ports? * is a package glob that applies only to the entries in the package database, so you wont get the source 14,000 ports, unless you've already installed them all. Yeah, I guess I knew that wasn't quite right, thus the hedge language: something like. I suppose I should have just said see man portupgrade or taken the time to do that myself. Thanks for the clarification. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.0: Problem with network, doesn't use default gateway
Christer Folkesson wrote: Hi, this is my first message to the mailing-list. I hope that I have included enough information about the problem. The problem is that my FreeBSD 6.0 (release) won't use the default route (gateway). So I can't access anything on the internet. [snip] I may have snipped some clue to what's actually wrong, but don't let that discourage you from trying to file complete problem reports. I'm a snipper. What I found to be most relevant follows. Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.0.199 UGS 0 52 bge0 [snip] This shows generally that the router IP is being properly used by FreeBSD as a gateway (Use = 52). Suggests that your assumption that FreeBSD isn't using the gateway properly is not correct. alcoy# traceroute ping.sunet.se traceroute to ping.sunet.se (130.242.80.31), 64 hops max, 40 byte packets 1 sentinel (192.168.0.199) 0.524 ms 0.518 ms 0.515 ms [snip] This shows the gateway IP is being properly used by FreeBSD as the appropriate route to ping.sunet.se. Indicates that the problem really is not FreeBSD's default route configuration or functionality. The route is clearly being used. alcoy# ping sentinel PING router.aqualize.tk (192.168.0.199): 56 data bytes 64 bytes from 192.168.0.199: icmp_seq=0 ttl=250 time=0.669 ms [snip] This shows you communicating with the gateway directly (confirms the assertion that local LAN operations are doing just fine). Since your packets are being routed and NATed by the gateway correctly when the box is in Windows mode, packets should be getting routed and NATed correctly for FreeBSD as well. That is, if the box in Windows mode is using the same IP number and mask as the FreeBSD settings (you should double check that it is). If the gateway is running fine (seems to be) and FreeBSD is properly using the gateway (seems to be), then the most likely suspect seems to be firewall configuration -- after your connection is properly routed, reply packets from the Internet could be getting dropped on the floor by your gateway or by FreeBSD. Have you configured any kind of packet filter (ipf, ipfw, other) for FreeBSD? Try disabling that and see if your results change. If so, tune your filtering rules accordingly. Use of tcpdump -i bge0 may also be informative (see man tcpdump). -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6.0-REL isos of distfiles
[EMAIL PROTECTED] wrote: El día Thursday, December 29, 2005 a las 11:13:50AM -0600, Greg Barniskis escribió: ... My point was that I don't have a fast Internet link at home to fetch all the (new) sources for the distfiles and I was looking for distfiles on CD which match exactly the 6.0-REL ports collection requirements; ... Anyway, do you think you could download an ISO of the sources all that much faster than just downloading the sources directly from their respective repositories around the world as is normally done? OK, maybe a little bit faster, but not that much. Now you're close to my point :-) In the company, where I'm at the moment, I've an uplink to Internet of 2 mb, at home I've 64 kbit; so my idea was to fetch, lets say 4 CD at high speed, burn them and use them at home for the needed disfiles; it seems that this would be a good idea to place somewhere a start collection of the disfiles matching exactly the versions which will be fetched by the ports, at least for the the most common parts of the ports collection, don't you think so? No, I don't. It's one thing for the individual port maintainers to try to keep pace with updating the ports Makefiles telling you where you can download each distfile from, and quite another to try to create a central repository for these distfiles. Would you like to volunteer to host it and keep it current? ;) Also, the most common parts of the ports collection are on the distribution ISOs as packages. Again, if you simply must have sources not packages, then at your high speed location, do something like: portupgrade -F '*' Then burn your own ISOs any which way you like. Try to be more specific about what you want than '*' or you may be sorry due to the sheer volume -- do you really want all of the sources for nearly 14,000 ports? Or perhaps this is what you want? http://www.freebsdmall.com/cgi-bin/fm/bsdtool?id=yvFGn3kwmv_pc=26 -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Recursive FTP upload tool?
Alexander Pohoyda wrote: Hi folks, I'm looking for a command-line tool to recursively upload all changed files/directories to my homepage server via FTP. Is there anything better than wput for this task? If your server supports it, of course rsync seems much better than FTP for this task. Have you seen this article on automating command line ftp? http://www.onlamp.com/pub/a/onlamp/excerpt/BSDHacks_chap1/index1.html It recommends ncftp client, but I don't know if it does what you want or not. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6.0-REL isos of distfiles
[EMAIL PROTECTED] wrote: El día Thursday, December 29, 2005 a las 04:54:42PM +0100, Andreas Rudisch escribió: On Thu, 29 Dec 2005 16:10:00 +0100, [EMAIL PROTECTED] wrote: [snip] Just install FreeBSD 6.0 and use the packages provided with the RELEASE, or cvsup your ports tree and do a fresh install of the ports you need. My point was that I don't have a fast Internet link at home to fetch all the (new) sources for the distfiles and I was looking for distfiles on CD which match exactly the 6.0-REL ports collection requirements; If you don't have a fast connection you might want to consider installing the ports from packages (which *are* on the release ISO images, at least for popular ports) rather than compiling all your ports from source. Anyway, do you think you could download an ISO of the sources all that much faster than just downloading the sources directly from their respective repositories around the world as is normally done? OK, maybe a little bit faster, but not that much. If you simply must have sources not packages, you might consider using something like portupgrade -F to prefetch the sources you want separately from doing compilation, and just batch it to do that fetching overnight or something. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NATD Internal Network problems
Chris S. Wilson wrote: Hello! :) I am having a problem with freebsd 5.3-release and natd. When I try to connect to a service on my internal network to an IP on my external network that has a port redirected, it wont connect. IE: 67.128.100.2 is my external IP, on my internal network I try to connect to 67.128.101.2:80 which is forwarded in my natd.conf and the connection is refused. Does anyone know why? I don't know the exact technical reasons why but I will confirm for you that this simply does not work, and the reasons why center around it being a rather tortured mess. Your inside machines should reach your inside server by its inside address. Think about how you're sending your request outside the firewall (getting the request NATed on the way out) and then back in (getting the request re-NATed), and then having the reply packets from the web server have to take the reverse of that path. Yuck. Use split DNS so that that www.example.com appears to external clients as being your external NAT server address, and appears to inside clients as the web server's real inside address. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NATD Internal Network problems
Chris S. Wilson wrote: Weird, every other router I've used forwards all the packets properly, even my backup linksys when I hook it up. Probably works there because there's not a very complex packet filtering operation in the middle when using an off-the-shelf router. Keep in mind that I'm speaking from distant memory. What you describe doesn't work for me, never did, and I know it's been talked about on this list as being an undesirable thing to do anyway, given that there are better alternatives than torturing your packets. You can possibly make FreeBSD do what you want, but (IIRC) it's going to take some ipfw wizardry, or whatever you're using to drive packets into natd. Also, I believe the result of that is that you'd have to create a less secure set of rules about what is permitted to pass. In other words the real reason this doesn't work is that as a best practice, it shouldn't. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Inconsistencies in df
Tim Lastine wrote: Hi, We are wondering why df gives such peculiar outputs on large disk drives? If I'm not mistaken, it's because Available is a relative term. Some space is reserved by the OS for itself. See part 9.25 of http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html I haven't done the math against your example, but I'd wager it adds up correctly if you revise your assumptions accordingly. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Inconsistencies in df
Greg Barniskis wrote: Tim Lastine wrote: Hi, We are wondering why df gives such peculiar outputs on large disk drives? If I'm not mistaken, it's because Available is a relative term. Some space is reserved by the OS for itself. See part 9.25 of http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/disks.html I haven't done the math against your example, but I'd wager it adds up correctly if you revise your assumptions accordingly. Sorry, 9.25 and 9.26 both. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ports security branch
Paul Schmehl wrote: I'm not sure what you mean by suffering all the intricacies. Cvsup will fetch all the ports that have updates (assuming you use the right config - man is your friend), so you really don't have to do much except launch cvsup (if you haven't already scheduled it routinely) and then launch portupgrade once cvsup is done. When I set up a new server, one of the first things I do, before installing any applications, is run cvsup to update everything. Then I setup cvsup to run nightly, and only then to I begin installing whatever applications that particular server might need. I do a very similar thing only I don't cvsup/portupgrade frequently, I portaudit frequently and then cvsup/portupgrade on demand. This way is somewhat less intrusive, as there are frequently port version bumps available that are not security related and certainly not required for continuity of service. When first getting used to this stuff I thought it moderately burdensome compared to automatic binary updates, but I quickly came to understand the value of being able to choose exactly what, how and when to upgrade. All regrets soon faded. Intricacies and suffering? Sometimes yes, but not that frequently, and it's worth it. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Off-Topic
Pietro Cerutti wrote: I'm for this one: The best way to accellerate a computer running Windows is at 9.81 m/s^2 by Roland It's wonderful! I concur. Physics is fun (I know, I'm sick), so I'd add to that: For best results, continue until the PC's speed exceeds 11.2 km/s. 8D ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sligtly OT: setting static routes on clients
Andrea Venturoli wrote: Hello. I've got a network of clients on which I'd like to set static routes; these are mainly (but not only) Windows machines, administered through a couple of FreeBSD servers. Is there any way to do this with DHCP? Or via Samba (netlogon.cmd)? You can certainly do it with a Windows cmd file, though I think it'd be the machine startup script, not the user netlogon (might work but would likely require runas if they are not Admins). For details, go to a Windows command line and give it a route /? -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Uptimes, autoreboots, and package upgrades
N.J. Thomas wrote: * Louis J. LeBlanc [EMAIL PROTECTED] [2005-12-02 09:33:44 -0500]: So, I know restarting is important on occasion, but my real questions are: Does anyone use a crontab reboot to make sure their system(s) get a regular fresh start? If so, how often - weekly, montly, bi-monthly? I think system upgrades should always be done manually, since any change could potentially corrupt an otherwise perfectly running machine. Manually, one can do a quick sanity check to make sure the upgrade went okay, and back out if it didn't. I would agree with that; any significant FreeBSD update should minimally be tested carefully on a reference machine. If that works out well enough then one might have some level of comfort for automating update deployments from the reference machine to comparable production platforms. With of course the first automated phase being the taking of a file system snapshot and a dump. re: update frequency, I tried to be aggressive about this for a time but ran into the OP's frustration about things not always working out too well. Nowadays I only update ports when there's a version change that I am sure provides significant added value, or when portaudit starts whining about something. IIRC, on Windows machines the default setting is to automatically download and install OS updates, and this has only caused problems for everyone involved. I don't know any moderately competent Windows user who doesn't turn this feature off right away. I used to feel that way too, but around here we have had a very long track record on about 850 Win boxes of having nearly zero problems with their updates. It's not just luck. When folks have problems it often seems related to customizations made to their systems, particularly with regard to firewall, NTFS or registry ACL hardening. This is not at all surprising -- compare that to a FAQ re: FreeBSD upgrade failure where the answer is looks like you've got the immutable flag set. Ain't security swell? ;) On Windows servers we turn off automated installation (reboot timing and change management being of moderate importance). On clients, we usually push out updates just as fast as we can. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Update: Setting up VLAN interfaces with Cisco gear... getting traffic on broadcast only...
Brian J. McGovern wrote: I hate to add to my own issue. I did some more playing and VLANs != 1 seem to work ok (typically in the 100-150 range). However, operating on VLAN 1 still seems to be an issue. VLAN 1 is the default VLAN on Cisco gear. IIRC, all ports are members of VLAN 1 until you specify otherwise. I don't know if that really explains the symptoms you're seeing, but setting VLAN = 1 for a port seems like asking for confusion. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Am I Right about Stable VS Point
Sean Murphy wrote: I have read the FreeBSD Handbook Chapter 20 http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cutting-edge.html I understand what FreeBSD-Current is. FreeBSD-Stable is a little fogy for me. Here is what I found and I think. quote FreeBSD-STABLE is our development branch from which major releases are made. Changes go into this branch at a different pace, and with the general assumption that they have first gone into FreeBSD-CURRENT for testing. This is still a development branch, however, and this means that at any given time, the sources for FreeBSD-STABLE may or may not be suitable for any particular purpose. It is simply another engineering development track, not a resource for end-users. So Stable is not really Stable it is still a branch for development and security fixes that go into Point Releases. Which means Point Releases are the real true Stable area. Right? More or less, yes. -STABLE really is pretty stable in my experience, since the development code that gets checked in is ostensibly good, running code that has already been tested. But... sometimes it isn't good code, or sometimes one change conflicts with other recent changes that got checked in. Also, features in -CURRENT may diverge from the last release point by a rather wide margin, so it isn't really the best testing environment for evaluating how a change will affect users when it is grafted onto the last release point -- that is more the job for -STABLE. Finally, some bugs just don't manifest until a wider range of users have tried out the new code. Release points represent a junction where -STABLE really does prove to be very stable for a wide range of uses and platforms. A release might still have some bugs that didn't manifest yet, but that is much less likely than if you run -STABLE. So when I need a security update I should CVSup the tag line should be RELENG_6_0 for the real stable version, also includes bug and security fixes. This will include the release point code plus /critical/ bug fixes. As I understand it, this is not all available bug fixes, just the fixes for clear operational threats such as security-related bugs or things that might lead to data loss. Minor bugs might not get fixed until the next major release point. Yes, RELENG_X_Y is the recommended CVS setting for production servers and any non-expert use, and RELENG_6_0 is ostensibly the most stable and secure branch to be following today. -- Greg Barniskis, Computer Systems Integrator South Central Library System (SCLS) Library Interchange Network (LINK) gregb at scls.lib.wi.us, (608) 266-6348 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]