Re: Simple command to reset / clear all logs?
newsyslog -F ? On 1/12/2011 11:04 AM, Redd Vinylene wrote: Hi, Is there a simple command to reset / clear everything in my /var/log? I've done a lot of testing, configuring, trial and error and most of my logs are just full of bullshit and I'd like a fresh start :-) Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: router / firewall with PF and carp.
Both would probably be fine. However, I would recommend taking a look at pfsense if I were you. It is made to do what you want without as much of the overhead as a full blown *BSD install. It is easier to configure, update, the documentation is good, and you can get top notch paid support from the developers if you want. On 9/30/2010 6:19 PM, Patrick Lamaiziere wrote: Hi, We are in the process to replace two Cisco Pix firewalls and one Cisco router with two servers running PF with carp. The network is large (it is an University) and all will depend on this two machines. We have made some tests with OpenBSD, PF and OpenBGPD and it looks to work (but we have to make a lot of more tests to validate this). I think that the support for an OpenBSD release is very small (only one year) and I'm suggesting to use FreeBSD instead (we can expect ~3/4 years of support if we follow a stable branch). I am an happy user of FreeBSD since some time - I mean that I know it is not perfect and there are some bugs! - but I dont have any experience running it as a router on a large network. So, are PF and carp expected to work fine on FreeBSD or are there some known problems? Do you think that OpenBSD suits better for this? Thanks, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Install Microsoft Root Certificates into FreeBSD
Gerard wrote: FreeBSD-6.3 I wanted to import the root certificates from my WinXP machine into my FreeBSD server. I found a site: http://safari.ibmpressbooks.com/9781593271459/configure-id11 that supplied information on how to accomplish this. This is an excerpt from that page. quot In order to avoid errors when visiting SSL-encrypted websites, a file named cert.pem containing public certificates of Trusted Root Certification Authorities needs to be present in the /usr/local/openssl/certs directory. This file can be constructed by exporting an existing collection of trusted root certificates from another operating system, namely Microsoft Windows XP or Macintosh OS X. 12.6.1. Microsoft Windows XP To export trusted root certificates from a Windows XP system: Click the Start menu and open the Control Panel. Double-click the Internet Options icon. Click the Content tab then click the Certificates... button. Click the Trusted Root Certification Authorities tab. Click the first entry in the list and then scroll down to the end of the list. While holding the [shift] key, click the last entry in the list. This will select all of the listed certificates. Click the Export button and then click Next at the wizard Welcome screen. Click the Browse... button and save the file as cert.p7b in a location of your choice. Click Next when you are returned to the File Name prompt. Click Finish to complete the export. Copy the file cert.p7b to the /usr/local/openssl/certs directory on your FreeBSD system using SFTP or a similar file transfer utility (see OpenSSH Server 4.7p1 for details on SFTP). Once the cert.p7b file is in the proper location, run the following command to convert it into the required PEM (Privacy Enhanced Mail) format: # cd /usr/local/openssl/certs # openssl pkcs7 -inform DER -in cert.p7b -print_certs -text -out cert.pem You should now be able to securely connect to websites trusted by Microsoft without Lynx SSL errors. /quot The problem is that I do not have a: /usr/local/openssl/certs directory. I do have a: /usr/local/share/certs directory though. Could I use that directory instead, or do I have to create the specified one? I also read about creating an /etc/ssl/certs directory somewhere. I think you could accomplish what you are after more easily by installing the ca_root_nss port. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Install Microsoft Root Certificates into FreeBSD
Gerard wrote: On Wed, 25 Jun 2008 13:20:55 -0400 Kevin Kobb [EMAIL PROTECTED] wrote: [snip] I think you could accomplish what you are after more easily by installing the ca_root_nss port. I have it installed. It appears that the Microsoft version contains more certificates and apparently is updated more often. It seems that I get a new update for the root certificates every two months or so on Windows. I honestly do not remember the last time 'ca_root_nss' was updated. No, it doesn't seem to get updated as frequently. I haven't run across any sites recently that it complained about, not that I use it that much. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sysinstall: No Floppy Devices Found
Dan Mahoney, System Admin wrote: On Tue, 16 Jan 2007, Kevin Kobb wrote: I have found that when I do an install with an install.cfg file on a floppy, I must insert the floppy right after the system begins to boot from CD. If I don't when I tell sysinstall to read the floppy I get an error. I've found the floppy works okay when I escape to the bootloader, so I can load my KLD at that time. As a work around, if I go into the options and select rescan for hardware devices (not sure if that is the exact wording) after inserting the floppy disk, it will work OK as well. Might be worth a try. I'll be sure to try that, thanks. Any idea why it's not found initially, tho? I mean, the CONTROLLER is found, so... Is this the type of thing I should send-pr over? -Dan -- Be happy. Try not to hurt each other. Hope you fall in love. --Mallory, Family Ties Finale (on the meaning of life) Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I am not sure why this happens myself. I have also noticed that when I try to transfer a few files from floppy (during install my install.cfg mounts the floppy and copies a few custom scripts) the transfer is very slow, even by floppy disk speed standards. I haven't worried too much about it because I so seldom use floppies any more, and plan on getting a better install gameplan (PXE ?) if I install more than a few systems. Might be worth checking or filing a PR. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Sysinstall: No Floppy Devices Found
Dan Mahoney, System Admin wrote: Hey all, I'm getting the message when I try to load a KLD in Sysinstall, even though I KNOW my floppy drive works. In fact, I can load the KLD from the loader prompt just fine. Is there a difference/advantage to one way of doing this over the other? -Dan Mahoney -- Hitler, Satan, those Hanson kids, anything. Just not the curious anteater. -Peter Scolari, as Wayne Szalinki in Honey, I Shrunk The Kids--The Series Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org --- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I have found that when I do an install with an install.cfg file on a floppy, I must insert the floppy right after the system begins to boot from CD. If I don't when I tell sysinstall to read the floppy I get an error. As a work around, if I go into the options and select rescan for hardware devices (not sure if that is the exact wording) after inserting the floppy disk, it will work OK as well. Might be worth a try. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cyrus-sasl2 configuration
Gerard Seibert wrote: This document is available on the FreeBSD site: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/smtp-auth.html However, this doc references security/cyrus-sasl version 1.x. Is it still relevant to version2.x? If so, are there any specific changes that should be made to the installation? I think the modification I made in the following statements is correct, but I am not sure. SENDMAIL_CFLAGS=-I/usr/local/include/sasl2 -DSASL SENDMAIL_LDFLAGS=-L/usr/local/lib SENDMAIL_LDADD=-lsasl One last question. In the above document, there is a reference to 'pwcheck'. Is the port suppose to be built with that option and if so, how do I go about setting it? From the Sendmail.README file of the cyrus-sasl2 port. # Add SMTP AUTH support to Sendmail SENDMAIL_CFLAGS+= -I/usr/local/include -DSASL=2 SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+=-lsasl2 Take a look at this readme to start. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Samba 3.0.14a with AD Support
Timothy Radigan wrote: Hi all, I've been trying to build Samba 3.0.14a for 2 days now. I have exhausted all of the resources I could find to help resolve this issue but to no avail. I am currently trying to attach my Samba server running FreeBSD 5.3 to a functioning Windows Server 2003 domain. I have installed the krb5 package from the ports as well as the openldap-client-2.2.24 package. Whenever I run a 'make install' from /usr/ports/net/samba3, it runs the configure script find and starts compiling. When it gets to compile the kerebos section, I keep getting the following errors: Linking bin/smbd /usr/local/lib/libkrb5.so: warning: warning: mktemp() possibly used unsafely; co nsider using mkstemp() libads/kerberos_keytab.o(.text+0x7e9): In function `ads_keytab_add_entry': : undefined reference to `krb5_kt_compare' /usr/lib/libgssapi.so: undefined reference to `krb5_rd_cred2' /usr/lib/libgssapi.so: undefined reference to `krb5_crypto_destroy' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_address' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_data' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_keyblock' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setremotesubkey' /usr/lib/libgssapi.so: undefined reference to `krb5_data_free' /usr/lib/libgssapi.so: undefined reference to `krb5_config_get_strings' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setlocalsubkey' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_generatelocalsubkey ' /usr/lib/libgssapi.so: undefined reference to `krb5_sockaddr2address' /usr/lib/libgssapi.so: undefined reference to `krb5_cc_get_ops' /usr/lib/libgssapi.so: undefined reference to `krb5_get_default_principal' /usr/lib/libgssapi.so: undefined reference to `krb5_cc_copy_cache' /usr/lib/libasn1.so: undefined reference to `init_error_table' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setkey' /usr/lib/libgssapi.so: undefined reference to `krb5_get_forwarded_creds' /usr/lib/libgssapi.so: undefined reference to `krb5_get_err_text' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_int32' /usr/lib/libgssapi.so: undefined reference to `krb5_h_addr2sockaddr' /usr/lib/libgssapi.so: undefined reference to `krb5_build_authenticator' /usr/lib/libgssapi.so: undefined reference to `krb5_build_ap_req' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_getremoteseqnumber' /usr/lib/libgssapi.so: undefined reference to `krb5_data_zero' /usr/lib/libgssapi.so: undefined reference to `krb5_storage_free' /usr/lib/libgssapi.so: undefined reference to `krb5_config_free_strings' /usr/lib/libgssapi.so: undefined reference to `krb5_create_checksum' /usr/lib/libgssapi.so: undefined reference to `krb5_generate_random_block' /usr/lib/libgssapi.so: undefined reference to `krb5_crypto_init' /usr/lib/libgssapi.so: undefined reference to `krb5_enctype_to_keytype' /usr/lib/libgssapi.so: undefined reference to `krb5_free_creds_contents' /usr/lib/libgssapi.so: undefined reference to `krb5_storage_from_mem' /usr/lib/libgssapi.so: undefined reference to `krb5_store_address' /usr/lib/libgssapi.so: undefined reference to `krb5_decrypt_ivec' /usr/lib/libasn1.so: undefined reference to `initialize_error_table_r' /usr/lib/libgssapi.so: undefined reference to `krb5_store_int16' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_int16' /usr/lib/libgssapi.so: undefined reference to `krb5_get_error_string' /usr/lib/libgssapi.so: undefined reference to `krb5_principal_match' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setlocalseqnumber' /usr/lib/libgssapi.so: undefined reference to `krb5_storage_to_data' /usr/lib/libgssapi.so: undefined reference to `krb5_decrypt_ivec' /usr/lib/libasn1.so: undefined reference to `initialize_error_table_r' /usr/lib/libgssapi.so: undefined reference to `krb5_store_int16' /usr/lib/libgssapi.so: undefined reference to `krb5_ret_int16' /usr/lib/libgssapi.so: undefined reference to `krb5_get_error_string' /usr/lib/libgssapi.so: undefined reference to `krb5_principal_match' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setlocalseqnumber' /usr/lib/libgssapi.so: undefined reference to `krb5_storage_to_data' /usr/lib/libgssapi.so: undefined reference to `krb5_store_int32' /usr/lib/libgssapi.so: undefined reference to `krb5_encrypt_ivec' /usr/lib/libgssapi.so: undefined reference to `krb5_storage_emem' /usr/lib/libgssapi.so: undefined reference to `krb5_store_data' /usr/lib/libgssapi.so: undefined reference to `krb5_auth_con_setremoteseqnumber' /usr/lib/libgssapi.so: undefined reference to `krb5_principal_get_realm' /usr/lib/libgssapi.so: undefined reference to `krb5_set_error_string' /usr/lib/libgssapi.so: undefined reference to `krb5_make_principal' /usr/lib/libgssapi.so: undefined reference to `krb5_store_keyblock' *** Error code 1 Stop in
Re: dd cd image
Osmany Guirola Cruz wrote: Hi people I am trying to do an iso image of DATA CD and i am using this command line %dd if=/dev/acd0 of=cd.iso and this is the error dd: /dev/acd0: Invalid argument 0+0 records in 0+0 records out 0 bytes transferred in 0.000304 secs (0 bytes/sec) How can i made and iso image of a data cd ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I think if you specify a block size (bs=2k or greater) it will work. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Upgrading a 5.1-RELEASE-p10 system...
Kevin D. Kinsey, DaleCo, S.P. wrote: Glenn Sieb wrote: Alex de Kruijff said the following on 10/19/2004 9:01 PM: Gerely speeking, STABLE doesn't mean things never gets broken. Most reliable are the RELEASE plus fixes. So don't follow 5-STABLE but 5-RELENG To help ease frustration and such.. you mean: Follow RELENG_5_2 not RELENG_5 (from: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html) In cvsup-supfile speak for those of us using cvsup to sync our source trees Thanks for the advice, Alex! :) Best, G. Just for general information: Bruce Mah has a fine article, entitled FreeBSD 5.3-BETA Migration Guide. Worth a read for anyone moving from anywhere towards 5.3-RELEASE, IMO. http://people.freebsd.org/~bmah/pub/article.html Kevin Kinsey ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Please forgive my ignorance, but I am looking at the 5.3 Migration Guide, through the link you provided and have a question. Under section 5.2 source upgrade it says: To check out 5.3-RELEASE from the FreeBSD CVS repository, use the RELENG_5_3_0_RELEASE tag. For the 5.3 release and security fix branch, use the RELENG_5_3 tag. To track the FreeBSD 5-STABLE development branch, use the RELENG_5 branch tag. I understand the RELENG_5_3 and RELENG_5 tags, but am hazy about the RELENG_5_3_0_RELEASE tag meaning. Is this a static branch frozen at a particular date? For a production box, is this the way to go? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
