SOLVED!!! Re: HELP!!?...dirty fs and dont understand what to say to fsck
Thanks all Keith --- Daniela [EMAIL PROTECTED] wrote: On Wednesday 19 November 2003 04:34, Keith Spencer wrote: Hi all, System = 4.7 all Intel I have a filesystem mount error /dev/ad0s1e i.e. /var is dirty. 1)the first I noticed trouble was a system freeze. Untold screen logged errors.. no more mbufs OR out of mbufs 2)I rebooted and it dropped into single user mode ) I Think) asking me to run fsck manually 3) I did #fsck 4) It said all ok except /dev/ad0s1e Errors were ... Unknown file type I=4609 Unexpected soft update inconsistency Clear[y|n] HELP? do i say y or n? Impact is?? *** I said no and then... 50983 DUP I=4610 Unexpected soft update inconsistency 54019 DUP I=4610 Unexpected soft update inconsistency etc etcetc... HELP! Is this fatal (please say no) How do I continue best? I don't know what the message means, but I always do: # yes | fsck And it never hurt my filesystem. Regards, Daniela http://personals.yahoo.com.au - Yahoo! Personals New people, new possibilities. FREE for a limited time. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Can I bakup like this...?? --user mode Reuben?
Hi all, thanks to all replying. I just spent many hours finding out my bakup strategy was useless (didn't know what I was doing I guess) Now I need to do it properly. Ruben (and others) Can I do the tarring of filesystems in a cron job without being in single user mode? I just followed a mostgraveconcern tute to move to a larger drive and it worked well. Lots of tarring etc BUT...all done in single user mode. I imagine I cant do THAT and reboot etc etc in a cron job. I am going to try Ruben's idea and allay concerns by having a removable 2nd harddrive so I can do this once to take a drive off site So comments? Is dump easier (for a dill like me) to use or whatever? What say you Thanks Keith --- Ruben de Groot [EMAIL PROTECTED] wrote: On Wed, Nov 19, 2003 at 09:43:30AM -0500, Lowell Gilbert typed: Keith Spencer [EMAIL PROTECTED] writes: [...] a) Throw another drive in the box b) Createthe same or at least minimum size partitions as the active drive c) Cron job to dump or tar or ??? the partitions dd(1) is the easiest way to make sure that the disk will work just like the other one. It requires a same-size-or-larger second disk. I consider dd a very lousy backup method. Any writes to the first disk while dd is running will likely result in corrupted filesystems on the second disk. Performance is bad as well, since dd will copy every single bit, not just actual data. A better approach would be to follow a) and b) above, newfs(8) the partitions, make the second drive bootable using boot0cfg(8) and then periodically use dump/restore, tar, pax, cpio or even rsync to backup your first to second disk (I've used them all and can't really recommend one over the other so suit yourself). Ruben http://personals.yahoo.com.au - Yahoo! Personals New people, new possibilities. FREE for a limited time. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HELP!!?...dirty fs and dont understand what to say to fsck
Hi all, System = 4.7 all Intel I have a filesystem mount error /dev/ad0s1e i.e. /var is dirty. 1)the first I noticed trouble was a system freeze. Untold screen logged errors.. no more mbufs OR out of mbufs 2)I rebooted and it dropped into single user mode ) I Think) asking me to run fsck manually 3) I did #fsck 4) It said all ok except /dev/ad0s1e Errors were ... Unknown file type I=4609 Unexpected soft update inconsistency Clear[y|n] HELP? do i say y or n? Impact is?? *** I said no and then... 50983 DUP I=4610 Unexpected soft update inconsistency 54019 DUP I=4610 Unexpected soft update inconsistency etc etcetc... HELP! Is this fatal (please say no) How do I continue best? Regards Keith http://personals.yahoo.com.au - Yahoo! Personals New people, new possibilities. FREE for a limited time. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can I bakup like this...??
Hi all (thanks to Daniela for digging me out of a fsck hole), I need a quick n safe backup strategy. One that I can get the machine backup super quick if have to. What say you about this...(and how do I tips please) a) Throw another drive in the box b) Createthe same or at least minimum size partitions as the active drive c) Cron job to dump or tar or ??? the partitions Then if the original drive hassles me I dump back to the partition or if the original drive dies, make the backup drive the active one! HELP How do I do this. (Disregarding the disaster recovery for the momnet if necessary) Thanks Keith http://personals.yahoo.com.au - Yahoo! Personals New people, new possibilities. FREE for a limited time. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Help! Is this a virus or a rougue? Qmail is flooding
Hi good fbsd peoples, I have suddenly been confronted with what looks a lot like a virus. Internet connections were VERY slow to stopped. ps-ax showed heaps of ... 57760:00.02 qmail-remote hotmail.com [EMAIL PROTECTED] 5777 0:00.03 qmail-remote ausstar.com.au [EMAIL PROTECTED] etc etc. I use courier imap qmail and squirrelmail. What is this? Where else should I look? I have no experience with security hassles on fbsd (if that is what this is) Please help Many Thanks Keith http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SOLVED -Re: Help! I killed my rc.conf and cant boot correctly!
Thanks --- Roman Neuhauser [EMAIL PROTECTED] wrote: # [EMAIL PROTECTED] / 2003-06-28 16:04:58 +1000: --- Adam [EMAIL PROTECTED] wrote: On Fri, 2003-06-27 at 23:57, Keith Spencer wrote: Want to hear a tale of stupidity and woe. I screwed up fbsd 4.7 system rc.conf and can only seem to boot into a basic session. Cant edit or save to /etc files. What to do and you guessed it...noboot disk was made although I have another 4.7 fbsd machine nearby. Tell me it's not fatal guys! I don't see why you wouldn't be able to boot into single-user mode, edit the rc.conf, then reboot. What exactly is the problem editing the files in /etc from SU mode? When the machine boots it drops straight into (I guess) single user mode. The /usr/sbin /usr/bin cant be cd-ed to and the /etc dir says it is read only file system! So I can't save to it. I have a Schlacter tute fireall setup on it. With whatever security it entails. Any clue? Can I interupt the boot and do something? This is a mission critical machine darn it...Oh dear! mount -u / mount -a -t ufs swapon -a /usr/bin/vi /etc/rc.conf -- If you cc me or remove the list(s) completely I'll most likely ignore your message.see http://www.eyrie.org./~eagle/faqs/questions.html http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
solvde - Re: IP aliases not working...Any ideas welcome!
Someone said I only look stupid...but hey maybe that's why I am stupid! OOPS! I goofed again. Thanks and sorry Keith --- Kevin Stevens [EMAIL PROTECTED] wrote: On Saturday, Jun 28, 2003, at 21:00 US/Pacific, Keith Spencer wrote: Hi all, I seek to add 30 or so aliases to an extrenal NIC But a ping and and ifconfig -a only shows the first 2 IPs bound to the NIC the rest of the 210.15.203.xxx ips are ignored... I am sure it is something obvious but what? Thanks Keith The correct netmask for a second alias within a subnet is 255.255.255.255. I don't make the news, I just report it. KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Help! I killed my rc.conf and cant boot correctly!
Thanks Adam, When the machine boots it drops straight into (I guess) single user mode. The /usr/sbin /usr/bin cant be cd-ed to and the /etc dir says it is read only file system! So I can't save to it. I have a Schlacter tute fireall setup on it. With whatever security it entails. Any clue? Can I interupt the boot and do something? This is a mission critical machine darn it...Oh dear! Keith --- Adam [EMAIL PROTECTED] wrote: On Fri, 2003-06-27 at 23:57, Keith Spencer wrote: Want to hear a tale of stupidity and woe. I screwed up fbsd 4.7 system rc.conf and can only seem to boot into a basic session. Cant edit or save to /etc files. What to do and you guessed it...noboot disk was made although I have another 4.7 fbsd machine nearby. Tell me it's not fatal guys! I don't see why you wouldn't be able to boot into single-user mode, edit the rc.conf, then reboot. What exactly is the problem editing the files in /etc from SU mode? -- Adam [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Solved RE: Help! I killed my rc.conf and cant boot correctly!
Yet again the FBSD community kick goals! Thanks heaps Keith --- Roland Wells [EMAIL PROTECTED] wrote: adam, try: fsck -y (check the filesystem) mount -uw / (mount root filesystem read/write) if you saved a backup of the rc.conf, all you have to do is: mv /etc/rc.conf_backup_file /etc/rc.conf reboot hope that helps roland Thanks Adam, When the machine boots it drops straight into (I guess) single user mode. The /usr/sbin /usr/bin cant be cd-ed to and the /etc dir says it is read only file system! So I can't save to it. I have a Schlacter tute fireall setup on it. With whatever security it entails. Any clue? Can I interupt the boot and do something? This is a mission critical machine darn it...Oh dear! Keith --- Adam [EMAIL PROTECTED] wrote: On Fri, 2003-06-27 at 23:57, Keith Spencer wrote: Want to hear a tale of stupidity and woe. I screwed up fbsd 4.7 system rc.conf and can only seem to boot into a basic session. Cant edit or save to /etc files. What to do and you guessed it...noboot disk was made although I have another 4.7 fbsd machine nearby. Tell me it's not fatal guys! I don't see why you wouldn't be able to boot into single-user mode, edit the rc.conf, then reboot. What exactly is the problem editing the files in /etc from SU mode? -- Adam [EMAIL PROTECTED] http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
A routing/IP/NIC query Expert required
Hi all, I have a new adsl isp allocating my fbsd 4.7 box a routable IP (end user ip) I have 32 (read that as 30) ips of my own to use and route for my domain. I have 2 NICs in the gateway/router How should I setup the IPs and aliases etc. I figure... (yyy.yyy.yyy.yyy = ISP end user ip they gave me) (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip range) (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip range) GATEWAY MACHINE ADSL MODEM | |-|| | yyy.yyy.yyy.yyy | | xxx.xxx.xxx.xx1 | | || | fxp0 NIC | | | | | | dc0 NIC| | || | 10.0.0.1 | | | |__| Or do I also need an xxx.xxx.xxx.xx3 alias on the dc0 because I have 2 ip live servers inside the firewall. I think I do! Am I right or am I right? I have ipfilter on this machine with ipnat setup tonat the 10.0.0.0 addresses. Also, I suppose I could setup ipnat to do mapping of xxx.xxx.xxx.xxn addresses into 10.0.0.n private address. what say you? Thanks Keith http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A routing/IP/NIC query Expert required
Hi Michael, Thanks for the helping hand. I assume (because I did not do it) the modem is NOT in bridge mode. It looks like the last set of instructs you tell me to do is exactly what I need. I will alias the nic to all my 30 addresses and use IPNAT to static NAT map them. I was a bit confused about what to do even though I knew about NAT. I hacked around but still couldn't see the servers behind the firewall. This would also allow me to setup a DMZ I presume. So I might put another NIC in the box and allocate some other private addresses to the facing NICs. Then prick a few holes in the firewall. Hmmm How am I doing now? PS Do I benefit from bridge mode on the modem? Keith --- Micheal Patterson [EMAIL PROTECTED] wrote: - Original Message - From: Keith Spencer [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, June 28, 2003 5:25 PM Subject: A routing/IP/NIC query Expert required Hi all, I have a new adsl isp allocating my fbsd 4.7 box a routable IP (end user ip) I have 32 (read that as 30) ips of my own to use and route for my domain. I have 2 NICs in the gateway/router How should I setup the IPs and aliases etc. I figure... (yyy.yyy.yyy.yyy = ISP end user ip they gave me) (xxx.xxx.xxx.xx1 = 1st usable ip in my 32 ip range) (xxx.xxx.xxx.xx2 = 2nd usable ip in my 32 ip range) Keith, it depends on what you're really wanting to do in the end. It also depends on if the DSL modem/router is in bridge mode or not. If it isn't, then the yyy.yyy.yyy.yyy IP may be assigned to the DSL unit leaving you with the remaining 30 real IP's for your systems behind it. Assuming that the unit isn't in bridge mode (many installs aren't) you can set the FBSD box outside nic (toward the DSL unit) to the first usable IP of the range they provided) and configure it for bridge mode and assign the remaining IP's to the systems on your lan. Assuming that the unit IS in bridge mode, the external nic would use the yyy.yyy.yyy.yyy IP and the first usable IP would go on your internal nic (facing your lan) on the FBSD box and then you'd assign the remainder of the IP's to the systems on your lan. Assuming the dsl unit not in bridge mode and you actually want to use the 10.x.x.x IP range on the lan computers insteald of the 30 provided, assign all of the real IP's provided to the nic facing the DSL unit and the first of the 10.x.x.x range you want to use on the FBSD nic facing your lan, then configure NAT normally. To allocate traffic for a real IP to an internal 10.x.x.x IP for the two live servers, set up a static nat on the FBSD box ( -redirect_address 10.x.x.x.x xxx.xxx.xxx.xxx ) for each of the systems and they'll be reachable from the outside. -- Micheal Patterson Network Administration Cancer Care Network 405-733-2230 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IP aliases not working...Any ideas welcome!
Hi all, I seek to add 30 or so aliases to an extrenal NIC But a ping and and ifconfig -a only shows the first 2 IPs bound to the NIC the rest of the 210.15.203.xxx ips are ignored... I am sure it is something obvious but what? Thanks Keith + ifconfig_interfaces=fxp0 dc0 lo0 ifconfig_dc0=inet 10.0.0.1 netmask 255.255.248.0 ifconfig_fxp0_alias0=inet 210.15.201.90 netmask 255.255.255.252 ifconfig_fxp0_alias1=inet 210.15.203.193 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias2=inet 210.15.203.194 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias3=inet 210.15.203.195 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias4=inet 210.15.203.196 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias5=inet 210.15.203.197 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias6=inet 210.15.203.198 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias7=inet 210.15.203.199 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias8=inet 210.15.203.200 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias9=inet 210.15.203.201 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias10=inet 210.15.203.202 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias11=inet 210.15.203.203 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias12=inet 210.15.203.204 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias13=inet 210.15.203.205 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias14=inet 210.15.203.206 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias15=inet 210.15.203.207 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias16=inet 210.15.203.208 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias17=inet 210.15.203.209 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias18=inet 210.15.203.210 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias19=inet 210.15.203.211 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias20=inet 210.15.203.212 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias21=inet 210.15.203.213 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias22=inet 210.15.203.214 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias23=inet 210.15.203.215 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias24=inet 210.15.203.216 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias25=inet 210.15.203.217 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias26=inet 210.15.203.218 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias27=inet 210.15.203.219 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias28=inet 210.15.203.220 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias29=inet 210.15.203.221 netmask 255.255.255.224 broadcast 210.15.203.223 ifconfig_fxp0_alias30=inet 210.15.203.222 netmask 255.255.255.224 broadcast 210.15.203.223 http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Help! I killed my rc.conf and cant boot correctly!
Hi all, Want to hear a tale of stupidity and woe. I screwed up fbsd 4.7 system rc.conf and can only seem to boot into a basic session. Cant edit or save to /etc files. What to do and you guessed it...noboot disk was made although I have another 4.7 fbsd machine nearby. Tell me it's not fatal guys! Thanks Keith http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Here are the logs...Re: qmail toaster wont deliver to v mailboxes
Thanks to Brian et al for trying to help me out. MY situation is this. I have installed (with heaps of hassles) MATT SIMERSON'S QMAIL TOASTER on my fresh install 4.7 stable box. I am changing over (via strating from scratch) my mail system for my smmc.qld.edu.au domain from sendmail/imap/squirrelmail to Matt's Supervise/Qmail/mysql/vpopmail/imap/squirrel system. I had about 40 shell account mail users. I seek to ditch them and create all mail accounts as virtual users of my domain. I don't know if to do that smmc.qld.edu.au has to be a vpopmail virtual domain but that is what I have done. Along wit the configs Matt's tute suggests that is pretty much it. ++ Here is what's happening +++ Qmailadmin can create virtaul users OK because the Maildirs are appearing in/usr/local/vpopmail/domains/smmc.qld.edu.au and the user accnt,passwd etc are getting into the vpopmail mysql tables ok. Squirrel works for the vusers ok I can send mail from the squirrel interface for any user no worries. The system is NOT able to deliver any mail at all! I can see it piling up in /var/qmail/queue/mess etc. For the few shell accounts e.g. my shell account (Keith) as you can see from the logs it believes the accnt exists but can deliver. For a virtaul user accounts it doesn't even recognise the account exists at all! I would really appreciate help as I am a little clueless. I have tried to hack but am not getting too far. Happy New year to all.. keith http://movies.yahoo.com.au - Yahoo! Movies - What's on at your local cinema? Typical whinges to log when trying to deliver to a shell account user...At least it thinks the account exists! Dec 31 00:00:00 smmcroute newsyslog[34616]: logfile turned over Dec 31 00:00:03 smmcroute mail: 1041256803.908619 starting delivery 17893: msg 290936 to local [EMAIL PROTECTED] Dec 31 00:00:03 smmcroute mail: 1041256803.909261 status: local 1/10 remote 1/255 Dec 31 00:00:03 smmcroute mail: 1041256803.910348 starting delivery 17894: msg 289996 to local [EMAIL PROTECTED] Dec 31 00:00:03 smmcroute mail: 1041256803.911272 status: local 2/10 remote 1/255 Dec 31 00:00:03 smmcroute mail: 1041256803.920062 delivery 17893: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ Dec 31 00:00:03 smmcroute mail: 1041256803.920384 status: local 1/10 remote 1/255 Dec 31 00:00:03 smmcroute mail: 1041256803.920474 delivery 17894: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ Dec 31 00:00:03 smmcroute mail: 1041256803.920549 status: local 0/10 remote 1/255 Dec 31 00:00:05 smmcroute mail: 1041256805.928609 starting delivery 17895: msg 290849 to local [EMAIL PROTECTED] Dec 31 00:00:05 smmcroute mail: 1041256805.929225 status: local 1/10 remote 1/255 Dec 31 00:00:05 smmcroute mail: 1041256805.934214 delivery 17895: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ Dec 31 00:00:05 smmcroute mail: 1041256805.934480 status: local 0/10 remote 1/255 Dec 31 00:00:10 smmcroute mail: 1041256810.059273 delivery 17886: deferral: Sorry,_I_wasn't_able_to_establish_an_SMTP_connection._(#4.4.1)/ OR .when sending to a virtual user as created by qmailadmin/vpopmail system (and yes I checked the Maildir has been created in /usr/local/vpopmail/domains/smmc.qld.edu.au/cs Dec 31 12:23:28 smmcroute mail: 1041301408.535012 new msg 290797 Dec 31 12:23:28 smmcroute mail: 1041301408.535628 info msg 290797: bytes 702 from [EMAIL PROTECTED] qp 49475 uid 89 Dec 31 12:23:28 smmcroute mail: 1041301408.541201 starting delivery 22514: msg 292224 to local [EMAIL PROTECTED] Dec 31 12:23:28 smmcroute mail: 1041301408.543116 status: local 2/10 remote 0/255 Dec 31 12:23:28 smmcroute mail: 1041301408.544101 delivery 22513: deferral: Unable_to_chdir_to_maildir._(#4.2.1)/ Dec 31 12:23:28 smmcroute mail: 1041301408.545985 status: local 1/10 remote 0/255 Dec 31 12:23:28 smmcroute mail: 1041301408.549619 starting delivery 22515: msg 290797 to local [EMAIL PROTECTED] Dec 31 12:23:28 smmcroute mail: 1041301408.552142 status: local 2/10 remote 0/255 Dec 31 12:23:28 smmcroute mail: 1041301408.553299 delivery 22515: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/ Dec 31 12:23:28 smmcroute mail: 1041301408.554145 status: local 1/10 remote 0/255 Dec 31 12:23:28 smmcroute mail: 1041301408.557766 bounce msg 290797 qp 49484 Dec 31 12:23:28 smmcroute mail: 1041301408.558188 end msg 290797 Hm!
qmail toaster wont deliver to v mailboxes
Hi all, I have been greatly helped in my quest for the MattSimerson fbsd qmail toaster that works by Danbiel Schrock...what a cool guy...but he is on hols I I have to get this damn thing working. Anyways Matt is a legend for his tute but whoa...what a task! So I have got the setup going ( qmail, vpopmail courierimapd + squirrelmail + qmailadmin + mysql auth etc etc). I can create virtual mail accounts using qmailadmin. I can get to the mailboxes using squirrel webmail and compose and send mail. But qmail bounces incoming mail claiming the account does not exist on the server. It will deliver mail fro the postmaster account but no others! I have no idea where to look to config it. Any clues guys? Keith Spencer http://movies.yahoo.com.au - Yahoo! Movies - What's on at your local cinema? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: qmail toaster wont deliver to v mailboxes
Hi Brian --- Brian Jackson [EMAIL PROTECTED] wrote: Keith Spencer wrote: But qmail bounces incoming mail claiming the account does not exist on the server. It will deliver mail fro the postmaster account but no others! I have no idea where to look to config it. Any clues guys? Keith Spencer What does your /var/log/qmail/current file say? $tail -f /var/log/qmail/current | tai64nlocal will give you a running commentary - do that in one window, send some messages in another and see what the errors are. Brian...I dont have such a /var/log/qmail/current beast! :( http://movies.yahoo.com.au - Yahoo! Movies - What's on at your local cinema? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: OOPS....Re: ipf - IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help?
--- Fernando Gleiser [EMAIL PROTECTED] wrote: On Wed, 18 Dec 2002, Keith Spencer wrote: sorry guys the copy paste mucked up on me... Here is the full rule set I am using... But the questions I sent in my previous mail remain unanswered. post the answers and maybe I can tell what's wrong. #ifdef WILDGUESS if you are using user ppp, the outside interface is tun0, *not* ed0 if that is the case, change ed0 into tun0 in the rules, reload and tell me if that works #endif OK Guys...sorry to be a pain but here goes Thanks Keith +IPF.RULES + # # Outside Interface # # # Allow out all TCP, UDP, and ICMP traffic keep state on it # so that it's allowed back in. # # If you wanted to do egress filtering...here's where you'd do it. # You'd change the lines below so that rather than allowing out any # arbitrary TCP connection, it would only allow out mail, pop3, and http # connections (for example). So, the first line, below, would be # replaced with: # pass out quick on tun0 proto tcp from any to any port = 25 keep state # pass out quick on tun0 proto tcp from any to any port = 110 keep state # pass out quick on tun0 proto tcp from any to any port = 80 keep state # ...and then do the same for the remaining lines so that you allow # only specified protocols/ports 'out' of your network # pass out quick on tun0 proto tcp from any to any keep state pass out quick on tun0 proto udp from any to any keep state pass out quick on tun0 proto icmp from any to any keep state block out quick on tun0 all #--- # Block all inbound traffic from non-routable or reserved address spaces #--- block in log quick on tun0 from 192.168.0.0/16 to any #RFC 1918 private IP block in log quick on tun0 from 172.16.0.0/12 to any #RFC 1918 private IP block in log quick on tun0 from 10.0.0.0/8 to any #RFC 1918 private IP block in log quick on tun0 from 127.0.0.0/8 to any #loopback block in log quick on tun0 from 0.0.0.0/8 to any #loopback block in log quick on tun0 from 169.254.0.0/16 to any #DHCP auto-config block in log quick on tun0 from 192.0.2.0/24 to any #reserved for doc's block in log quick on tun0 from 204.152.64.0/23 to any #Sun cluster interconnect block in quick on tun0 from 224.0.0.0/3 to any #Class D E multicast # # Allow bootp traffic in from your ISP's DHCP server only. # #pass in quick on tun0 proto udp from X.X.X.X/32 to any port = 68 keep state # # If you wanted to set up a web server or mail server on your box # (which is outside the scope of this howto), or allow another system # on the Internet to externally SSH into your firewall, you'd want to # uncomment the following lines and modify as appropriate. If you # have other services running that you need to allow external access # to, just add more lines using these as examples. # # If the services are on a box on your internal network (rather than # the firewall itself), you'll have to add both the filter listed below, # plus a redirect rule in your /etc/ipnat.rules file. # pass in quick on tun0 proto tcp from any to any port = 80 flags S keep state keep frags pass in quick on tun0 proto tcp from any to any port = 25 flags S keep state keep frags #pass in quick on tun0 proto tcp from X.X.X.X/32 to any port = 22 flags S keep state keep frags pass in quick on tun0 proto tcp from any to 203.36.104.241 port = 2 flags S keep state keep frags pass in quick on tun0 proto tcp from any to 203.36.104.241 port = 22 flags S keep state keep frags pass in quick on tun0 proto udp from any to 203.36.104.241 port = 22 keep state pass in quick on tun0 proto tcp from any to any port = 443 flags S keep state keep frags pass in quick on tun0 proto udp from any to any port = 443 keep state pass in quick on tun0 proto tcp from any to 203.36.104.241 port = 3306 flags S keep state keep frags pass in quick on tun0 proto udp from any to 203.36.104.241 port = 3306 keep state # # Block and log all remaining traffic coming into the firewall # - Block TCP with a RST (to make it appear as if the service # isn't listening) # - Block UDP with an ICMP Port Unreachable (to make it appear # as if the service isn't listening) # - Block all remaining traffic the good 'ol fashioned way
ipf - IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help?
Hi all, Marty Schlacter is obviously the man. I am following his firewall tute religiously but I am doing something wrong! I have an ipf.rules EXACTLY like his. Works a treat...but only if I remove the kernel ipfilter_default_block option. If it is in there...it blocks way too well. Everything. What is going on here or has Marty got it all wrong? Thanks Keith http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: ipf - IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help?
Fi, Here is the Sclacter rule set...mine is identical! But options IPFILTER_DEFAULT_BLOCK blocks everything always! Machine cant adsl pppoe connect etc etc. Any clues? Mine is a new 4.7 release P4 845 chipset machine... PS rules are at very end of this message. --- Fernando Gleiser [EMAIL PROTECTED] wrote: On Tue, 17 Dec 2002, Keith Spencer wrote: Hi all, Marty Schlacter is obviously the man. I am following his firewall tute religiously but I am doing something wrong! I have an ipf.rules EXACTLY like his. Works a treat...but only if I remove the kernel ipfilter_default_block option. If it is in there...it blocks way too well. Everything. What is going on here or has Marty got it all wrong? Are you using the 'quick' keyword? If you don't, ipf uses a last-match checking, and the last rule is 'block all' See the IPF HOWTO for details. +++ipf.rules++ ## # Inside Interface # # # Allow out all TCP, UDP, and ICMP traffic keep state # pass out quick on ed1 proto tcp from any to any keep state pass out quick on ed1 proto udp from any to any keep state pass out quick on ed1 proto icmp from any to any keep state block out quick on ed1 all # # Allow in all TCP, UDP, and ICMP traffic keep state # pass in quick on ed1 proto tcp from any to any keep state pass in quick on ed1 proto udp from any to any keep state pass in quick on ed1 proto icmp from any to any keep state block in quick on ed1 all # # Loopback Interface # # # Allow everything to/from your loopback interface so you # can ping yourself (e.g. ping localhost) # pass in quick on lo0 all pass out quick on lo0 all http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
OOPS....Re: ipf - IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help?
sorry guys the copy paste mucked up on me... Here is the full rule set I am using... # # Outside Interface # # # Allow out all TCP, UDP, and ICMP traffic keep state on it # so that it's allowed back in. # # If you wanted to do egress filtering...here's where you'd do it. # You'd change the lines below so that rather than allowing out any # arbitrary TCP connection, it would only allow out mail, pop3, and http # connections (for example). So, the first line, below, would be # replaced with: #pass out quick on ed0 proto tcp from any to any port = 25 keep state #pass out quick on ed0 proto tcp from any to any port = 110 keep state #pass out quick on ed0 proto tcp from any to any port = 80 keep state # ...and then do the same for the remaining lines so that you allow # only specified protocols/ports 'out' of your network # pass out quick on ed0 proto tcp from any to any keep state pass out quick on ed0 proto udp from any to any keep state pass out quick on ed0 proto icmp from any to any keep state block out quick on ed0 all #--- # Block all inbound traffic from non-routable or reserved address spaces #--- block in log quick on ed0 from 192.168.0.0/16 to any #RFC 1918 private IP block in log quick on ed0 from 172.16.0.0/12 to any #RFC 1918 private IP block in log quick on ed0 from 10.0.0.0/8 to any #RFC 1918 private IP block in log quick on ed0 from 127.0.0.0/8 to any #loopback block in log quick on ed0 from 0.0.0.0/8 to any #loopback block in log quick on ed0 from 169.254.0.0/16 to any #DHCP auto-config block in log quick on ed0 from 192.0.2.0/24 to any #reserved for doc's block in log quick on ed0 from 204.152.64.0/23 to any #Sun cluster interconnect block in quick on ed0 from 224.0.0.0/3 to any #Class D E multicast # # Allow bootp traffic in from your ISP's DHCP server only. # pass in quick on ed0 proto udp from X.X.X.X/32 to any port = 68 keep state # # If you wanted to set up a web server or mail server on your box # (which is outside the scope of this howto), or allow another system # on the Internet to externally SSH into your firewall, you'd want to # uncomment the following lines and modify as appropriate. If you # have other services running that you need to allow external access # to, just add more lines using these as examples. # # If the services are on a box on your internal network (rather than # the firewall itself), you'll have to add both the filter listed below, # plus a redirect rule in your /etc/ipnat.rules file. # # pass in quick on ed0 proto tcp from any to any port = 80 flags S keep state keep frags # pass in quick on ed0 proto tcp from any to any port = 25 flags S keep state keep frags # pass in quick on ed0 proto tcp from X.X.X.X/32 to any port = 22 flags S keep state keep frags # # Block and log all remaining traffic coming into the firewall # - Block TCP with a RST (to make it appear as if the service # isn't listening) # - Block UDP with an ICMP Port Unreachable (to make it appear # as if the service isn't listening) # - Block all remaining traffic the good 'ol fashioned way # block return-rst in log quick on ed0 proto tcp from any to any block return-icmp-as-dest(port-unr) in log quick on ed0 proto udp from any to any block in log quick on ed0 all # # Inside Interface # # # Allow out all TCP, UDP, and ICMP traffic keep state # pass out quick on ed1 proto tcp from any to any keep state pass out quick on ed1 proto udp from any to any keep state pass out quick on ed1 proto icmp from any to any keep state block out quick on ed1 all # # Allow in all TCP, UDP, and ICMP traffic keep state # pass in quick on ed1 proto tcp from any to any keep state pass in quick on ed1 proto udp from any to any keep state pass in quick on ed1 proto icmp from any to any keep state block in
More..Re: ipf - IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help?
Hi again, OK what I meant was apart from having changed an interface (tun0 not ed0) the ruleset is identical. And the rule set works! It dials out everything...It only works iff the default_block option is not active. As you can see quick is there. So how can it be that I do exactly what Marty S does and no one else reports hassles with it? Any clues Fer et al? Keith What's your internal interface? what's your external one? Is this box acting as a router? are you using user ppp or mpd? How many NICs does this box have? It seems to me that your ruleset is incomplete. Send the output of a 'ifconfig -a' after the ppp link is set up (when you got the public IP) Fer --- Fernando Gleiser [EMAIL PROTECTED] wrote: On Tue, 17 Dec 2002, Keith Spencer wrote: Hi all, Marty Schlacter is obviously the man. I am following his firewall tute religiously but I am doing something wrong! I have an ipf.rules EXACTLY like his. Works a treat...but only if I remove the kernel ipfilter_default_block option. If it is in there...it blocks way too well. Everything. What is going on here or has Marty got it all wrong? Are you using the 'quick' keyword? If you don't, ipf uses a last-match checking, and the last rule is 'block all' See the IPF HOWTO for details. +++ipf.rules++ ## # Inside Interface # # # Allow out all TCP, UDP, and ICMP traffic keep state # pass out quick on ed1 proto tcp from any to any keep state pass out quick on ed1 proto udp from any to any keep state pass out quick on ed1 proto icmp from any to any keep state block out quick on ed1 all # # Allow in all TCP, UDP, and ICMP traffic keep state # pass in quick on ed1 proto tcp from any to any keep state pass in quick on ed1 proto udp from any to any keep state pass in quick on ed1 proto icmp from any to any keep state block in quick on ed1 all # # Loopback Interface # # # Allow everything to/from your loopback interface so you # can ping yourself (e.g. ping localhost) # pass in quick on lo0 all pass out quick on lo0 all http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: are virtual mail account users possible with freebsd?
Hi Daniel, First off thanks so much for your time...I appreciate it. The Open source world never ceases to amaze me ;^) I checked out the http://matt.simerson.net/computing/mail/toaster/ tute and I'd say 95% I could handle myself OK but there are a couple of unsaid hings or perhaps errors. I wont dare try it before I am sure I have the instructions right. Could I ask you a few questions? 1) Install QMAIL: I presume -h mail.example.com should be My server ? 2) VPopmail (Virtual Domain POP) bla bla bla... --enable-mysql-logging= ...bla bla ..=example.com Again I presume I sub in my domain? vi vmysql.h What do I do in VI here ?? 3)Courier-IMAP bla bla vi quotawarningmsg I presume I edit it to suit? 4) Adding Mail Domains bla bla IDENTIFIED BY 'secret'; What goes here? a password? bla bla ~vpopmail/bin/vadddomain example.com [password] again..my domain and perhaps the password I typed instead of the 'secret' thing? 5) OK now you're ready to... bla bla Log in with postmaster, example.com and the test password ...You can guess my questions here I reckon! 6) Convert Multilog date stamps to human readable date stamps... # tai64nlocal logfile qmaillog.tmp ...Do I sub in something for the logfile thing? I know I seem a bit dopey... but it would really help so I dont screw up my machine. Thanks in adavnce if you can help Keith Keith Spencer wrote: Hi all, I am wondering how I can add mail acocunts without actually creating full-blown user accounts for my lan users. I have sendmail on fbsd 4.7 (new build machine and I dont want to create shell accnts for all my users on this new machine) Whatever help you might give me perhaps I can use webmin to add the new users... I have 600 users to add. Whoa...thats a lot of work..HELP???!! Thanks so much in adavnce Keith You may want to look into using qmail. I've been using for a couple years and find it far easier to work with than sendmail and postfix (though postfix wasn't all that bad) check out this: http://matt.simerson.net/computing/mail/toaster/ this will do everything you want. Follow the instructions and you'll be up and running in no time. http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
are virtual mail account users possible with sendmail on freebsd
Hi all, I am wondering how I can add mail acocunts without actually creating full-blown user accounts for my lan users. I have sendmail on fbsd 4.7 (new build machine and I dont want to create shell accnts for all my users on this new machine) Whatever help you might give me perhaps I can use webmin to add the new users... I have 600 users to add. Whoa...thats a lot of work..HELP???!! Thanks so much in adavnce Keith http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
ADSL ppoe + IPFILTER = :^( very sad! Help!
Hi all, Here is a true mystery for you. Please help if you can I have received no response at earlier times thanks... I have an ADSL gateway ( pppoe via userppp so tun0 uses my de0 NIC) I config my kernel to do IPFilter stuff as per schlacters tute. I put no matter what rule in and it will no longer connect to my ADSL ISP. gets as far as dialing (not eve the first big P in ppp debug and the connection dies. No IPFIlter and it works...Help. Is it the interfaces? If I use allow all from any to any that has got to be pretty open... still no worky. Anyone aware of strangeness to correct here? Thanks Keith http://greetings.yahoo.com.au - Yahoo! Greetings - Send your seasons greetings online this year! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
