Need help with Netgear wireless card WG311T

[Jim Freeze]

Hi

I can't seem to get a 'supported' wireless card working.
pciconf -l -v reports the chipset as 5212, 5213, but dmesg
says that device_attach failed and returned 6 (which I
think means the hardware is unsupported.)

Currently I have tried this with both 6.1 and 5.5.

Any help would be appreciated.

Thanks

Jim Freeze



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Need advice on Raid and FreeNas

[Jim Freeze]

Hi

I am setting up a file server for a small office (10 computers).
My first attempt at this I used FreeNas. It was easy to setup
and I like that the system is dedicated.

One downside of this method is that the write times are slower
than I expected. I am using SATA2 drives w/ 8MB buffer on a
100MB network, but the write times I was getting was about
2.5GB per hour. I expected 5 GB in ten minutes.

The mother board I am using has a built in raid controller, but
I have never read about anyone having warm fuzzies using
a built in raid card.

I assume I could use a hardware raid with FreeNas and have
it setup the CIFS and NFS systems. It is also nice to
be able to boot from a USB drive.

Another downside is that it is not easy to build and install scripts
onto a FreeNas system.

Can someone tell me if I am heading down the wrong path using
FreeNas? Should I just use a hardware raid and install FBSD
so I have access to the ports and and configure samba and nfs manually?

I could probably work around the script issue if I could figure out how
to get a fast raid with FreeNas, since I like the simplicity and the fact
that I can upgrade the system very easily.


Thanks for any input.

--
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Need advice on Raid and FreeNas

[Jim Freeze]

On 7/19/06, pete wright [EMAIL PROTECTED] wrote:

On 7/19/06, Jim Freeze [EMAIL PROTECTED] wrote:
 Hi

 I am setting up a file server for a small office (10 computers).
 My first attempt at this I used FreeNas. It was easy to setup
 and I like that the system is dedicated.

 One downside of this method is that the write times are slower
 than I expected. I am using SATA2 drives w/ 8MB buffer on a
 100MB network, but the write times I was getting was about
 2.5GB per hour. I expected 5 GB in ten minutes.

a better metric for us would be network throughput and disk I/O over a
shorter period, like kilobit's per sec.


Well, if I do the math, 5GB/3600 =  1356 KB/sec.
A 100MB/s network has a maximum thruput of 12800KB/sec.

So, I am getting 10% of the available BW.


 The mother board I am using has a built in raid controller, but
 I have never read about anyone having warm fuzzies using
 a built in raid card.

hmm...actually the oposite is generally true.  what motherboard are
you using, and what is the RAID controller chipset?


Opposite of what?
I don't have the specs in front of me, but one is a 945? Intel and the
other is a AMD. I'll have to get the specs.


 I assume I could use a hardware raid with FreeNas and have
 it setup the CIFS and NFS systems. It is also nice to
 be able to boot from a USB drive.

 Another downside is that it is not easy to build and install scripts
 onto a FreeNas system.


I'd hit the FreeNAS list regarding questions about scripting and configuration.


I've been down that road, but have not been able to dig up an active
list. The bb system seems rather sparse. Do you have a link for me to
an active mailing list?


--
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Need advice on Raid and FreeNas

[Jim Freeze]

Have you checked to make sure the NIC is negotiating at the right speed?
Sounds suspiciously like it's running at 10MB/sec.


The 100MB light is lit up, but I did not turn off ICMP redirects. I
think I'll try this tonight.


--
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Problems with Vim 6.3.85 (vim6+ruby)

[Jim Freeze]

Hi

I just installed FBSD 6.0 and installed vim6+ruby from ports.
This is a clean system with nothing on it.

When I run vim, I get what looks like character codes instead of  
letters.


For example, immediately after opening vim, I get

25h

Typing  ':q' to quit gives me:
---
25h25l


:25hq25l25h


Very weird.

Have I set something up wrong or is vim getting the wrong terminal type?
I get the same behavior if TERM is either 'xterm' or 'xterm-color',  
but not

if it is set to 'ansi', but then I don't get color.

I have never had to worry about this before.
Any help appreciated.

--
Jim Freeze
Got Ruby?
http://www.ruby-lang.org/



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Looking for SW Firewall

[Jim Freeze]

Hi

I am interested implementing a firewall in SW that has similar
features as a Cisco PIX firewall. But, I don't want to roll
my own ipfw statements. A nice gui would be nice. From the 
ports index I see things like:


dante-1.1.15  A circuit-level firewall/proxy
cp2fwb-0.6Checkpoint FW1 to Firewall Builder ruleset converter
fwbuilder-2.0.10  Firewall Builder GUI and policy compilers
hlfl-0.60.1   High Level Firewall Language
libfwbuilder-2.0.10_1 Firewall Builder API
pfw-0.6.2 A web frontend for the pf firewall

I'm basically looking for a good firewall that has an easy administration
interface.

Can someone who has experience with this suggest a fw I should try?

Thanks

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Need advice on building a system with a Raid drive

[Jim Freeze]

Hi

I am building a new system and plan to use two 
300GB drives in a raid 1 configuration. However,
I have read where fbsd can't boot from a raid
drive, but it is not clear why.

Can anyone confirm if this is a valid restriction?
Will I really need a boot drive separate from my
raid drives?

Thanks
-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: How does one bootstrap DNS

[Jim Freeze]

Svein Halvor Halvorsen wrote:
[snippage]

I currently only have one computer on my domain, and it provides dns
lookups for itself (and virtual servers)[1]
[snippage]

[1] One could argue that I should have at least two name servers, 
but why
should I need greater redundancy on my name servers, than I have on my
other services? If my dns is down, so is my mail, and am in the mercy of
the sender to keep retrying anyway.
Yes, exactly. Is it permissable for ns1 and ns2 to point to the same IP 
address?

Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

How does one bootstrap DNS

[Jim Freeze]

Hi
I am wondering if the following is possible.
Suppose I own two domains: abc.com and xyz.org.
I want to host these domains myself and have them provide
the primary and secondary name servers for each other.
Is this possible? Seems kind of circular.
In theory I would have ns1.abc.com to map to the IP of abc.com and 
ns2.abc.com to map to the IP of xyz.org.
This will give me my primary and secondary name servers.

So, to set this up, I go the the registrar of abc.com and attempt to 
enter a name server:

  NS1
  ns1.abc.com
  1.2.3.4
  NS2
  ns2.abc.com
  5.6.7.8
In my attempts so far, the registrar has said that either the name
server is invalid or it doesn't like me entering just an IP address, it 
wants a name.

Is this a common practive, or do most people use a service like zoneedit.
Thanks
Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Does 5.3 support Raid 1 on VT8237?

[Jim Freeze]

Hi

I am trying to install 5.3 on a system with an on board
raid controller (VT8237), but am having troubles getting
the installer to see the raid drive. I have configured
the drive in the bios as Raid 1, but the installer
shows two drives.

Some helpful specs are:
 Motherboard: ECS EliteGroup PT800CE-A
 Onboard Raid: VIA VT8237

Thanks
-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* Doug Hardy

 The localhost is trying to send the 40 bytes in its buffer.  It is not 
 receiving and ACK from remotemachine so it retries until it eventually 
 gives up.  The F flag is localhost issuing a FIN to remotemachine to 
 drop the TCP connection.   It tries a couple times and then likewise 
 gives up.  I would recommend a ktrace on the server  to see if it 
 yields any additional information.  My guess is that the sshd process 
 has died.  syslog might not be set to catch the error it may be 
 generating.  ktrace will show all the syslog calls

Well, I cannot run ktrace on this particular server. I did run it on the
client, but I'm not sure that is much help.

Yup, that is what has happened. The sshd process (pid 45244 and 45265 below)
is dying (not the /usr/sbin/sshd one).
  root  52394  0.0  0.0  1000  340  p0  DL+   2:54PM   0:00.00 grep ssh
  root  60244  0.0  0.1  2404 1624  ??  Ss8:45AM   0:00.46 /usr/sbin/sshd
  root  45244  0.0  0.1  5056 1840  ??  Is2:45PM   0:00.03 sshd: jdf [priv] 
(sshd)
  jdf   45265  0.0  0.1  5000 1848  ??  S 2:45PM   0:00.04 sshd: [EMAIL 
PROTECTED] (sshd)

So, why would this be dying when I login with a Mac and not
from linux? Is the mac not pinging the server to remind it
not to doze off into unconsciousness?

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* David Kelly [EMAIL PROTECTED] [2005-02-22 16:31:43 -0600]:

 Later in the thread Jim stated he had no control over the version of the
 FreeBSD machine. Am guessing he might not have root there. Am guessing
 he doesn't know what customizations may have been performed on it.
 
 I have seen similar problems where one end may have been FreeBSD.
 Suggest from the MacOS end to try forcing SSH protocol 1 with 
 ssh -1 [EMAIL PROTECTED]
 
 If that doesn't work try forcing version 2 with -2.
 

Thanks, tried both, and they both locked up.

 Also might try moving ~/.ssh/ out of the way on the Mac to see what
 happens if one starts afresh.

This didn't help either.

Thanks for the suggestions, but I'm still stumped. :(

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* pete wright [EMAIL PROTECTED] [2005-02-22 15:32:10 -0800]:

 On Tue, 22 Feb 2005 23:13:52 +, [EMAIL PROTECTED] [EMAIL PROTECTED] 
 wrote:
 (big snip)
 unless i'm missing something you are making the connection then typing
 exit in the shell.
  debug1: channel 0: open confirm rwindow 0 rmax 32768
  debug2: channel 0: rcvd adjust 131072
  Last login: Tue Feb 22 22:58:44 2005 from rrcs-67-78-64-2
  Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
  The Regents of the University of California.  All rights reserved.
  FreeBSD 4.7-RELEASE-p27 (VKERN) #38: Thu Aug 26 17:44:26 MDT 2004
  
  [EMAIL PROTECTED] 54 /home/user  exit
  logout
 (another big snip)
 
 unless i'm missing something you are making the connection then typing
 exit in the shell.
 
 For this example, yes. That was the exit to leave the remote host. 
 I did this just to show that I had successfully logged in. If I 
 had waited a few minutes, then I would not have been able to show 
 that because the terminal would have locked up.

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* Chuck Swiger [EMAIL PROTECTED] [2005-02-22 18:39:35 -0500]:

 [EMAIL PROTECTED] wrote:
 * Chuck Swiger [EMAIL PROTECTED] [2005-02-22 17:17:09 -0500]: 
 I'll try the tcpdump. Is that command done as follows from the Mac?:
 
su
tcpdump -Xvn remotemachine.org user and port 22
 
 Try:
 
 tcpdump -Xvn host remotemachine.org and port 22

Ok, this is what I did from the Mac:

  su
  tcpdump -Xvn host remotemachine.org and port 22
  tcpdump: WARNING: en0: no IPv4 address assigned
  tcpdump: listening on en0, link-type EN10MB (Ethernet), capture size 96 bytes


Then I did from another terminal on the Mac:

  script ssh.log
  ssh -vvv [EMAIL PROTECTED]

The tcpdump window did not show any activity. Is this correct?

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* Chuck Swiger [EMAIL PROTECTED] [2005-02-22 18:43:39 -0500]:

 Jim Freeze wrote:
 Show us what SSH shows when the connection locks up.  In particular, try 
 doing a RETURN~? after you get the connection lockup and see whether 
 you get a menu of escape sequences back.

Hmm, I never knew about that. 
So, I finally got tcpdump working, and after the terminal locks
up, hitting return produces no affect on the command line, but the ssh
connection is still open because I can see data go by on my tcpdump
window. And, I DO get the menu of escape sequences back after typing 
RETURN~?, but I was not successful in getting anything to work. 
In  fact, the tcpdump messages pretty much stopped after a few 
key strokes.


-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: SSH terminal locking up from OS X to FreeBSD

[Jim Freeze]

* Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] [2005-02-22 22:58:17 -0700]:

 Just for giggles, what happens when you try a different encryption 
 method with the ssl client?  For example,  -c blowfish

Ok, so I tried this, but it still locks up. However, I was 
able to do RETURN~C to get a command line and RETURN~^Z to
background the ssh terminal, but I was never able to re-activate
it.

I did manage to log the IP activity through tcp dump, and I discovered
that after the 'lock up', there are no IP messages originating
from the remote machine. Also, the IP blocks are of type FP,
whatever that is. (Hmm, maybe I need to clear out the known hosts
on the remote machine.)

An abbreviated version is below.
The full log file is at:

  http://www.freeze.org/tcpdump3b.log

00:22:59.999439 IP localhost.53245  remotemachine.com.ssh: S 
611378943:611378943(0) win 65535 mss 1360,nop,wscale 0,nop,nop,timestamp 
1996513030 0
00:23:00.053942 IP remotemachine.com.ssh  localhost.53245: S 
77400915:77400915(0) ack 611378944 win 57344 mss 1460,nop,wscale 
0,nop,nop,timestamp 1100668230 1996513030
00:23:00.054039 IP localhost.53245  remotemachine.com.ssh: . ack 1 win 65535 
nop,nop,timestamp 1996513030 1100668230
00:23:00.331844 IP remotemachine.com.ssh  localhost.53245: P 1:24(23) ack 1 
win 57964 nop,nop,timestamp 1100668258 1996513030
00:23:04.922358 IP localhost.53245  remotemachine.com.ssh: . ack 3512 win 
65535 nop,nop,timestamp 1996513040 1100668711
# Long break - remote terminal stops responding but data is still flowing as 
you can see.
# RETURN
00:34:05.662885 IP localhost.53245  remotemachine.com.ssh: P 1519:1559(40) ack 
3512 win 65535 nop,nop,timestamp 1996514361 1100668711
00:34:07.284836 IP localhost.53245  remotemachine.com.ssh: P 1519:1559(40) ack 
3512 win 65535 nop,nop,timestamp 1996514364 1100668711
00:34:09.285235 IP localhost.53245  remotemachine.com.ssh: P 1519:1559(40) ack 
3512 win 65535 nop,nop,timestamp 1996514368 1100668711
00:34:43.290382 IP localhost.53240  remotemachine.com.ssh: FP 0:48(48) ack 1 
win 65535 nop,nop,timestamp 1996514436 1100663377
# RETURN~?
00:35:09.294870 IP localhost.53245  remotemachine.com.ssh: P 1519:1719(200) 
ack 3512 win 65535 nop,nop,timestamp 1996514488 1100668711
00:37:17.308387 IP localhost.53245  remotemachine.com.ssh: FP 1519:2655(1136) 
ack 3512 win 65535 nop,nop,timestamp 1996514744 1100668711
#Closed terminal

-- 
Jim Freeze
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: natd firewall settings for vpn

[Jim Freeze]

 Protocol 50 is ESP, or encapsulating security payload
 Protocol 51 is AH, or authentication header
 

Ok, thanks.

 The trick here with NAT is that AH will build a checksum of the IP
 header, which includes the private IP address of your laptop.  Since NAT
 changes this IP address, the destination will dump the packet since the
 AH checksum will fail.
 
 When the laptop is behind the gateway, are you using private addresses
 on the LAN while running NATD with the 'open' rule set?  If yes, then
 you aren't using AH, but only ESP.
 
I'm not sure what you are driving at here.
I think the answer is yes. The IP of clients on my LAN
are 192.168.0.x.
As far as the 'open' rule is concerned, I just used that to
test if Contivity worked. I'm not sure what you mean by not using AH.
When using the 'open' firewall ruleset, I did not have to
add any rules for ESP or AH.

 Yep, I use a Nortel Extranet Client each and every day behind my FreeBSD
 firewall/router, which runs IPFW2 with NATD.  The rules that you have
 above look ok.  Have you tried setting up a static NAT translation in
 /etc/natd.conf for inbound UDP/500?  Something like...
 
 redirect_port udp 192.168.1.1:500 500
 
 where 192.168.1.1 is the IP addr of your laptop.  Also, here are the
 relevant rules from my rc.firewall:
 

Would I use this in addition to the firewall rules?

 ${fwcmd} add 5000 divert natd all from any to any via ${wan_if}
 #
 ${fwcmd} add 42000 queue 70 esp from any to any in recv ${wan_if}
 ${fwcmd} add queue 80 esp from any to any out xmit ${wan_if}
 ${fwcmd} add queue 50 esp from any to any in recv ${lan_if}
 ${fwcmd} add queue 60 esp from any to any out xmit ${lan_if}
 #
 ${fwcmd} add 43000 queue 50 udp from ${lan_net}/${lan_mask} to any
 dst-port=
  500 in recv ${lan_if}
 ${fwcmd} add queue 80 udp from ${wan_ip} to any dst-port 500 out xmit
 ${wan=
 _if}
 ${fwcmd} add queue 70 udp from any to ${lan_net}/${lan_mask} src-port
 500 i=
 n recv ${wan_if}
 ${fwcmd} add queue 60 udp from any to ${lan_net}/${lan_mask} src-port
 500 o=
 ut xmit ${lan_if}
 
 *NOTE* that the ESP and ISAKMP rules come AFTER the divert rule.

These rules look a little different. Should adding the AH be all I 
need or do I need to replace my rules with the one you list above?

-- 
Jim Freeze
Anarchy may not be the best form of government, but it's better than no
government at all.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

natd firewall settings for vpn

[Jim Freeze]

Hi

I am trying to configure my firewall to allow packets through
for a VPN connection. I am running FBSD 5.2 as my router and am trying
to connect my laptop from behind the router to our work computer.

The laptop is running OSX 10.3.4 with a Nortel Networks client
made by Apani.

The VPN connection works when the laptop is connected directly
to my DSL modem or when behind the gateway when I set the 
firewall type to 'open'.

Support at Apani says that I need to open port 500 and 
allow protocols 50 and 51 (whatever that means).

I found the firewall settings below from the archive and have
implemented them before the divert statement (after also)
but with no luck.
 
 # Allow IPSec clients to run behind firewall
 # --- ISAKMP - allow key exchange over UDP 500
 ${fwcmd} add pass udp from ${inet}:${imask} to any 500 in recv ${iif}
 ${fwcmd} add pass udp from ${oip} to any 500 out xmit ${oif}
 ${fwcmd} add pass udp from any 500 to ${inet}:${imask} in recv ${oif}
 ${fwcmd} add pass udp from any 500 to ${inet}:${imask} out xmit ${iif}
 # --- ESP - allow protocol 50 (ESP) for everyone ;-)
 ${fwcmd} add pass esp from any to any
 
Does anyone have a firewall with a working nortel client behind it.
I would greatly appreciate any help.

Thanks
-- 
Jim Freeze
There was a young poet named Dan,
Whose poetry never would scan.
When told this was so,
He said, Yes, I know.
It's because I try to put every possible syllable into that last line that I can.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Input/output error report

[Jim Freeze]

Hi

My daily security report has recently been spitting profanities
at me:

  Subject: rabbit security run output
  
  
  Checking setuid files and devices:
  find: /usr/local/share/texmf/doc/latex/sidecap/sc2demo.tex: Input/output error
  find: /usr/local/share/texmf/doc/latex/sidecap/scdemo.tex: Input/output error
  find: /usr/local/share/texmf/doc/latex/sidecap/sidecap.dvi: Input/output error
  ...
  
Is this indicated of a disk going bad?
If so, is there a way to confirm it?

Thanks

-- 
Jim Freeze
--
For I perceive that behind this seemingly unrelated sequence
of events, there lurks a singular, sinister attitude of mind.

Whose?

MINE! HA-HA!
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Looking for wireless camera compatible with FreeBSD

[Jim Freeze]

Hi

I am looking for a small wireless camera that can take pictures
at user specified intervals. I'm sure that there are many such 
cameras that work with Windows, but I haven't found one capable
of working on Unix. 

If you know where I can find such a camera, I would greatly appreciate
a contact point.

Thanks
-- 
Jim Freeze
--
A LISP programmer knows the value of everything, but the cost of
nothing.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

mutt and flock

[Jim Freeze]

Hi:

I recently attempted to send an email with a large
attachement. During the send process, the disk ran
out of space and I had to Ctl-C out. After clearing
space on the drive, whenever I send mail with mutt, 
I get a message that it fails to flock sent-mail.

I've looked and can't find a lock file or other
artifact that would be causing the problem.

Can someone tell me how to clear the locked file?

Thanks
-- 
Jim Freeze
--
Warning: Do not look directly into laser with remaining eye.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Is cups port broken?

[Jim Freeze]

On Sunday, 19 January 2003 at 19:56:12 -0500, AlanE wrote:
 On Sun, Jan 19, 2003 at 07:43:38PM -0500, Jim Freeze wrote:
 Hi
 
 I am trying to install cups and it doesn't appear to be installing
 dependencies or finding existing include files.
 
 Cups is not broken. I am working on upgrading, so I suggest you just
 wait a few days until 1.1.18 is ready.
 
 And yes, something *is* out of sync on your system.
 
Thanks. I'll upgrade my system while you do your thing.

-- 
Jim Freeze
--
There are no games on this system.

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Possible attack?

[Jim Freeze]

Hi:

I got an interesting log report today. 
Has anyone seen such messages lately?

Jan 14 12:59:52 rabbit /kernel: ipfw: limit 100 reached on entry 64000
Jan 14 17:39:13 rabbit ftpd[1502]: ANONYMOUS FTP LOGIN REFUSED FROM
  p5089A961.dip.t-dialin.net
Jan 14 17:39:13 rabbit ftpd[1503]: ANONYMOUS FTP LOGIN REFUSED FROM
  p5089A961.dip.t-dialin.net
Jan 15 12:15:21 rabbit sm-mta[3937]: h0FHFIJI003936: Truncated MIME
  Content-Disposition header due to
 field size (length = 25) (possible attack)
Jan 15 17:33:03 rabbit ftpd[4434]: ANONYMOUS FTP LOGIN REFUSED FROM
 pD9E60C0F.dip.t-dialin.net
Jan 15 17:33:04 rabbit ftpd[4435]: ANONYMOUS FTP LOGIN REFUSED FROM
 pD9E60C0F.dip.t-dialin.net
Jan 15 23:59:48 rabbit sm-mta[5210]: h0G4xkJI005209: Truncated MIME
 Content-Disposition header due to
  field size (length = 22) (possible attack)



-- 
Jim Freeze
--
It's not Camelot, but it's not Cleveland, either.
-- Kevin White, mayor of Boston

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

Re: Possible attack?

[Jim Freeze]

On Friday, 17 January 2003 at 10:01:43 -0500, Bill Moran wrote:
 Jim Freeze wrote:
  Hi:
  
  I got an interesting log report today. 
  Has anyone seen such messages lately?
  
  Jan 15 12:15:21 rabbit sm-mta[3937]: h0FHFIJI003936: Truncated MIME
Content-Disposition header due to
   field size (length = 25) (possible attack)
  Jan 15 17:33:04 rabbit ftpd[4435]: ANONYMOUS FTP LOGIN REFUSED FROM
   pD9E60C0F.dip.t-dialin.net
  Jan 15 23:59:48 rabbit sm-mta[5210]: h0G4xkJI005209: Truncated MIME
   Content-Disposition header due to
field size (length = 22) (possible attack)
 
 I've seen the anonymous FTP denied off and on.  I think that some folks
 just randomly attempt to connect to any FTP server they find in the
 hopes that there's cool stuff there.
 The sm-mta Truncaded MIME stuff isn't familiar to me, and it doesn't
 actually seem related (compare the times).  Could be someone with a
 broken mailer? or some sort of bogus MIME header that facilitates
 the propagation of some worm?
 It's probably a cheesy attempt at an attack.  But it's not blatent
 enough to do much more than note it in case something more serious
 goes wrong.  If you don't have any clients that should be connecting
 from Deutsche TeleKom, you can just firewall off that whole subnet.
 
 Thanks all for the replies. I accept the fact that I am going
 to get the FTP login attempts, I just had never seen the 
 (possible attack) in my logs.

 I'm not sure I have anything worth the effort to attempt a break-in. :)

-- 
Jim Freeze
--
Anyone who goes to a psychiatrist ought to have his head examined.
-- Samuel Goldwyn

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

file table is full

[Jim Freeze]

Hi:

Today I got up and my security log showed the following:

rabbit kernel log messages:
 246:3175 63.106.140.204:22 in via sis0
 file: table is full
 file: table is full
 Limiting open port RST response from 250 to 200 packets per second
 Limiting open port RST response from 250 to 200 packets per second
 Limiting open port RST response from 250 to 200 packets per second
 Limiting open port RST response from 250 to 200 packets per second
 pmap_collect: collecting pv entries -- suggest increasing PMAP_SHPGPERPROC
 file: table is full
 file: table is full
...and on and on and on
 file: table is full
 file: table is full
 Limiting open port RST response from 201 to 200 packets per second
 Limiting open port RST response from 201 to 200 packets per second
 Limiting open port RST response from 201 to 200 packets per second
 Limiting open port RST response from 201 to 200 packets per second
 file: table is full
 file: table is full
...pattern essentially repeated...


Does anyone know why this would be happening?
The only thing that I can think that caused this is that I was
running the apache benchmark ab with 1000 tests and 50 concurrent
accessors..

Is there a direct way to see if this problem is gone?

Thanks

-- 
Jim Freeze

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message

sendmail and mqueue permissions

[Jim Freeze]

Hi:

I get the following error in my log:

rabbit kernel log messages:
 bbit sendmail[177]: g67NOTKK000177: SYSERR(root): queueup: cannot create queue temp 
file ./tfg67NOTKK000177, uid=25: Permission denied

My permissions are:
-r-xr-sr-x   1 rootsmmsp  582428 Jul  7 18:45 sendmail*
drwxrwx---   2 smmsp   smmsp 512 Jul 22 09:04 clientmqueue/
drwxr-xr-x   2 rootdaemon512 Jul 22 09:08 mqueue/

I tried changing the owner of mqueue from root to smmsp, but then
I could not receive mail.

Can someone tell me why I get the permission denied error.

Thanks
-- 
Jim Freeze
If only I had something clever to say for my comment...
~

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message