interpreting top output (computing n% cpu usage in actual megahertz)
Hi, My goal is to find out how much CPU a program consumes when I execute it. In the manual, it says I can toggle from raw cpu mode to weighted cpu. However, I can't still understand the difference between the two and how it has something to do with my goal. Suppose my computer has a 1.6Ghz pentium 4 processor. I want to know how much is already in use or what percent. I also want to know how much it has increased when I run a particular program so that I can decide if this I can install this program without affecting other existing critical programs. The same goes with memory usage.. Free doesn't mean that that are all my memory left that is useable right? The Description of Memory section just says: Active: number of pages active Inactive: number of pages inactive and so on and so forth without telling what the heck does it mean when a page is inactive and just what does pages means.. Buf, Free, Wired, Cache... don't know what are these either.. Perhaps I should consult wiki or google for this. That's all for now. Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD VPS providers
If you're really looking for a provider offering true FreeBSD virtual private server solution, chance are, they are most likely running jail systems. For everything else, your choice might be companies providing Xen, LVS, UML, or even vmware solutions although companies are less likely to offer the last option option. I suggest you do some more research if a jail based virtual private server solution will suite to your needs, e.g; you require a dedicated resource allocation (e.g, minimum guaranteed memory etc.) that you won't get from a shared server solution, or you need a full access to the virtual environment including software compilation, or even kernel compilation, as well as firewall configuration etc. Once you've finalized your requirements, you can now do another research on the technical approach used by each of those solutions and finally base your decision if a particular solution really satisfy your needs. hint: google for vps provider Good luck. -mark On 11/28/06, Eric [EMAIL PROTECTED] wrote: Hello, I am looking to move a website i run from its current provider (linux based shared box) to a VPS solution. I have been doing some searching via google and the mailing list and so far have found http://www.johncompanies.com/jc_bsd.html which seems like a good setup. Can anyone else recommend some good FreeBSD virtual private server providers that I can add to my evaluation? Ideally i would like to be able to run 6.x. Our current usage looks like: Disk usage: 1864.38 Megabytes Bandwidth usage (current month) : 14858.01 Megabytes Thanks all Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Knowing if someone really stole someone else's code
Hi, It's been almost three years since I started using opensource software, specifically FreeBSD. I'm glad that I'm learning a lot of things from it. Things that I'm sure I would never have learned if I haven't entered this so called opensource world. Things that I can say, have positively affected my life in a certain way. HALT!!! Before you proceed reading, let me just tell you.. If in anyway you feel, that this email, with such a catchy subject line, have completely gotten your attention and consumed at least 10 seconds of your most precious time that you think should have been spent for answering other freebsd related questions worth answering hence the list title freebsd-questions, my deepest appologies. If by the looks of it you may have noticed that this email is not properly broken down into paragraphs or it contains MIME or was submitted in an HTML format that would really annoy you, or this should have been sent into -anyotherlist instead... appologies as well. I have tried my best not to sound like a troll, I've seen the netiquette RFCs, read a lot of how to ask good questions, where to ask it, came across the words like just fucking google it, rtfm, bikesheds, flaming, apple vs. orange, that doofus thread, avoid saying you're a n00b.. etc. etc. still I can't help but ask this: If I download a program source code with, let's say BSD license, and compile it. How does one know if I really stole his code? If someone sue me, will the court require me to provide the source code for my program and compare it to what he's claiming is the original code? If this is the case, what if I really have my own version of the source code, but when I compile it, it runs a lot slower than his program, so I just use his program instead. And when the court ask me to show my source code, I would instead give my slower version of the source code. Will the court just let someone do the benchmark just to find out if what I gave was really the source code for my program? Thanks. -jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How does mypc.freebsd-users.org sounds?
Hi, Have anyone out there already brought up having a free dns service for all FreeBSD fanatics out there? I just got my dsl connection and is about to register my box to dyndns.org, however, most of those domains they were offering aren't that much attractive. It would be cool if I could name my rig with, let's say, mypc.freebsd-users.org. Of course, i'm still dreaming of having a [EMAIL PROTECTED] address one day, but I know I'm not part of the project, and have contributed nothing to it, so I guess being a part of freebsd-users.org domain should be just fine. What's your thought? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How does mypc.freebsd-users.org sounds?
Hi, Have anyone out there already brought up having a free dns service for all FreeBSD fanatics out there? I just got my dsl connection and is about to register my box to dyndns.org, however, most of those domains they were offering aren't that much attractive. It would be cool if I could name my rig with, let's say, mypc.freebsd-users.org. Of course, i'm still dreaming of having a [EMAIL PROTECTED] address one day, but I know I'm not part of the project, and have contributed nothing to it, so I guess being a part of freebsd-users.org domain should be just fine. What's your thought? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Nvidia has drivers for FreeBSD (but my xorg is already working)
Hi, I have a Palit GeForce 6500 PCI-E 256Mb/64bit and I'm running x windows. What do I need that NVidia FreeBSD driver for? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Anyone here who also has a WinTuner?
Hi, As I was expecting, my post to freebsd-multimedia will not get me anywhere.. However, I'm not in the mood to give up this time.. Anyone here who has experienced making Leadtek Winfast 2000 XP RM work under FreeBSD? Just one quick answer, please Is this supported or not? :-( I've been digging the list archive for quite some time now but still no luck. Someone got the same tv tuner and asked for help about a year ago.. http://lists.freebsd.org/mailman/htdig/freebsd-multimedia/2005-May/002151.html http://lists.freebsd.org/mailman/htdig/freebsd-multimedia/2005-August/002517.html I wonder what he/she has done with his tuner.. or did he just bought another one which costs more. You might want to check on the thread I started at freebsd-multimedia: http://lists.freebsd.org/pipermail/freebsd-multimedia/2006-November/005242.html Thanks for the time.. I hope this is not cross posting.. i'm just trying to get some more help.. :-( -- Forwarded message -- From: Mark Jayson Alvarez [EMAIL PROTECTED] Date: Nov 7, 2006 10:13 PM Subject: Please don't tell me this is a WIntuner (my winmodem memories keep hunting me...:-) To: [EMAIL PROTECTED] Hi, just purchased an ultra-cheap PCI TV Tuner, Leadtek WinFast TV2000 XP RM and couldn't make it to work. There were only 17 matches when you search the freebsd-multimedia archive for winfast... been reading it over and over again and I couldn't get any closer to my goal. The box: FreeBSD 6.2-PRERELEASE Sysctl: hw.bt848.slow_msp_audio: -1 hw.bt848.format: 0 hw.bt848.reverse_mute: -1 hw.bt848.tuner: 15 hw.bt848.card: 14 I tried using kbtv: Hardware Info: Bktr module: Loaded Capture chip: BrookTree 878 Card name: Leadtek Winfast TV 2000 sysctl:14 -huh!? I thought it was 15 says bktr (4) Tuner type: LG TP18PSB12P PAL sysctl:15 - as according to this: http://lists.freebsd.org/mailman/htdig/freebsd-multimedia/2005-August/002521.html I'm leaving here in the Philippines The tv tuner's surface doesn't really say anything about it's tuner type. It just have a sticker with Winfast TV2000 XP RM and NTSC selected on the checkbox.. The chipset is definitely a Conexant Fusion 878. I tried xawtv... played with different values to no avail. $xawtv -hwscan This is xawtv-3.95, running on FreeBSD/i386 (6.2-PRERELEASE) looking for available devices port 57-88 type : Xvideo, image scaler name : NV Video Blitter /dev/bktr0: OK [ -device /dev/bktr0 ] type : bktr flags: overlay capture tuner However, upon launching xawtv, I got these: $xawtv This is xawtv-3.95, running on FreeBSD/i386 (6.2-PRERELEASE) Warning: Cannot convert string -*-ledfixed-medium-r-*--39-*-*-*-c-*-*-* to type FontStruct Xlib: extension GLX missing on display :0.0. I removed bktr_load=YES from /boot/loader.conf, rebooted the machine sysctl were also gone it was detected as: Leadtek Winfast TV 2000, Philips FR1236 NTSC FM tuner. Perhaps you can get something from the verbose dmesg: bktr_mem: memory holder loaded pci0: driver added found- vendor=0x8086, dev=0x27da, revid=0x01 bus=0, slot=31, func=3 class=0c-05-00, hdrtype=0x00, mfdev=0 cmdreg=0x0001, statreg=0x0280, cachelnsz=0 (dwords) lattimer=0x00 (0 ns), mingnt=0x00 (0 ns), maxlat=0x00 (0 ns) intpin=b, irq=23 pci0:31:3: reprobing on driver added pci1: driver added found- vendor=0x109e, dev=0x036e, revid=0x11 bus=1, slot=1, func=0 class=04-00-00, hdrtype=0x00, mfdev=1 cmdreg=0x0006, statreg=0x0290, cachelnsz=0 (dwords) lattimer=0x40 (1920 ns), mingnt=0x10 (4000 ns), maxlat=0x28 (1 ns) intpin=a, irq=21 powerspec 2 supports D0 D3 current D0 pci1:1:0: reprobing on driver added bktr0: BrookTree 878 mem 0xbfffe000-0xbfffefff irq 21 at device 1.0 on pci1 bktr0: Reserved 0x1000 bytes for rid 0x10 type 3 at 0xbfffe000 ioapic0: routing intpin 21 (PCI IRQ 21) to vector 59 bktr0: [GIANT-LOCKED] brooktree0: PCI bus latency is 64. bktr0: buffer size 3555328, addr 0x1a00 bktr0: GPIO is 0x003ff502 bktr0: subsystem 0x107d 0x6609 bktr0: Leadtek Winfast TV 2000, Philips FR1236 NTSC FM tuner. found- vendor=0x109e, dev=0x0878, revid=0x11 bus=1, slot=1, func=1 class=04-80-00, hdrtype=0x00, mfdev=1 cmdreg=0x0006, statreg=0x0290, cachelnsz=0 (dwords) lattimer=0x40 (1920 ns), mingnt=0x04 (1000 ns), maxlat=0xff (63750 ns) intpin=a, irq=21 powerspec 2 supports D0 D3 current D0 pci1:1:1: reprobing on driver added pci2: driver added pci3: driver added pci4: driver added found- vendor=0x10de, dev=0x0160, revid=0xa1 bus=4, slot=0, func=0 class=03-00-00, hdrtype=0x00, mfdev=0 cmdreg=0x0007, statreg=0x0010, cachelnsz=4 (dwords) lattimer=0x00 (0 ns), mingnt=0x00 (0 ns), maxlat=0x00 (0 ns) intpin=a, irq=16 powerspec 2 supports D0 D3 current D0 MSI supports 1 message, 64 bit
FreeBSD 64-bit(EM64T) and Hyperthreading support
Hi, I just purchased a new Intel Pentium 4(3.06Ghz), 533 Mhz FSB, supporting EM64T (as written in the box). It has 1 MB cache size, package type = LGA 775, processor number = 524 Features: (as shown in the dropdown combo box when cpu speed =3.06, processor number = 524) http://processorfinder.intel.com/List.aspx?ProcFam=483sSpec=OrdCode= Enhanced Halt State (CIE) Enhanced Intel Speedstep Technology Execute Disable Bit Hyper-Threading Technology Intel EM64T Intel Thermal Monitor 2 Intel Virtualization Technology I wonder if I could benefit from these features when running AMD64 version. On i386 install, I just enabled SMP and the OS happilly reported 2 logical cpus, however, I'm not sure how I will build a particular application to benefit from this hyperthreading thing. There are certain knobs when configuring a particular application that says --enable-pthreads. Does it have something to do with this HT thing? Is it a bad idea to always pkg_add rather than make install?? Also, I'm concerned with EM64T. Let's say I installed the AMD64 version, those software I will be building via ports will pick up this EM64T thing, right?? No additional knobs? So they run faster? AMD64 is on tier 1 right? Are there any caveats? Will my mplayer, xawtv, and snd_hda patch work flawlessly just like it use to in i386? Howabout this hardware based Virtualization? 'You got any experience on making this work? I mean, running completely different operating system at once, like that of Xen, Virtuozzo, VMware etc. I will consult Intel's docs soon, in the meantime, any idea what are these? Enhanced Halt State (CIE) - Is this supported? Enhanced Intel Speedstep Technology - I think this has something to do with overclocking.. still need to check on their site. Execute Disable Bit - According to the wiki, it has something to do with countering buffer overflow attacks right? is this supported? Intel Thermal Monitor 2 - still have to check if mbmon will work on this one. That's all folks. Thanks! -mark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pkg_add/delete questions
Hi, I have several questions: 1. If I install a particular package, its dependencies will be installed as well. Now if I remove it later using pkg_delete, only that package will be removed and not the dependencies. The reason I guess is because some other packages may be dependent on those dependencies as well. Is there a way to remove a particular package and all of its dependencies (given that no other package is dependent on those dependencies)? 2. Is it possible to tell pkg_add to just fetch the package and not install them? My goal is to use my Internet conn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recommended network games to play with your best bud.
Hi, Say you are working in a place where all workstations are mixtures of Unixes..Now you have your bestfriend somewhere far away. And he was complaining of severe boredom in his current work. What *nix network game would you two play? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fire_saver while inside kde???
Hi, Is it possible to run the console screen saver (fire_saver.ko) while inside kde?? I find it cool to always have that screensaver Thanks. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Virtual Private Servers???
Hi, Ok, I'm a FreeBSD guy. Recently I moved into another company. All of their servers runs Linux. For my first assignment, I need to have a comparison between various Linux Virtualizations. So far I came up with Virtuozzo/OpenVZ, Xen, UML, Linux-Vserver. As far as I can understand, all of them are somewhat connected to the Linux kernel. Ok, it's not a simple software.. it uses the Linux kernel, and I cannot simply install it on my favorite OS. Questions: Do you know any sort of virtualization project ongoing on top of FreeBSD or any BSDs? As far as I can understand, the jail does virtualization but only with processes and not the entire Os, am I right? That's all for now, hope you can help me. Thanks! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ldconfig -m for libs... how about upgrading @INC for perl modules??
Hi, After upgrading perl, a lot of applications broke, primarily because the new perl looks into site_perl/5.8.8 however my application modules are still in site_perl/5.8.7 Question: Is there an ldconfig -m sort of thing for this job? My new perl package installation process didn't bother about this one... Any idea? Thanks. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
I keep having wrong checksum in 6.1 iso download (what should I do??)
Hi, It was my second time to download a 6.1 iso from one of the regional ftp sites.. Lucky we have a slightly fast connection (155Mbps)... By the way, is it really dangerous to ignore these checksums that doesn't match with the published one? What's the reason behind this bad checksum mismatch??. Thanks __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is it recommended to allow all outgoing connections from your firewall??
Hi, I've seen most people allow all outgoing traffic originating from the firewall itself... Is this really recommended?? What if the machine have been compromised and the intruder have installed a program that let's him access the machine remotely by having the program itself to initiate the outgoing connection to him thus defying the incoming connection firewall ruleset... Thanks.. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
quick question regarding security advisories
Hi, Those security advisories posted in www.freebsd.org... will they be applied once I rebuild my entire system?? My default /usr/share/example/cvsup/stable-supfile contains this line: *default release=cvs tag=RELENG_6 Are those security patches constantly being applied in the source tree of such release?? Thanks... __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recommended streaming server
Hi, I'm currently looking for a good streaming server softwares.. For video: helix vlc darwin streaming server fluendo For audio: icecast apache mod_mp3 Which one do you recommend?? thanks! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
bsdcertification.org vs bsdcertification.com (which is which??)
Hi, Anyone here who are interested in taking up bsd certifications?? the bsdcertification.org says they are not affiliated with bsdcertication.com. I'm confused which one should I pick?? Any idea? I am particularly interested in having a FreeBSD certification.. Thanks. - Yahoo! Messenger with Voice. Make PC-to-Phone Calls to the US (and 30+ countries) for 2¢/min or less. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Attacking our pc router at work
Hi, I have one question. What if I change my ip and mac address at the same time to that of our pcrouter's ip and mac... Will this going to kick out that router in our network, causing the rest of the entire lan to be out of service?? No one's gonna caught me right?? Arpwatch can only watch if an ip address has moved to another mac address but not when both ip and mac has moved to another ip and mac... Do you know any possible solution to this?? Thanks.. - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw plus authentication (authpf is cool but....)
Hi Nikos Nikos Vassiliadis [EMAIL PROTECTED] wrote: On Monday 03 April 2006 10:34, Mark Jayson Alvarez wrote: Hi I am looking for ways to manage our LAN by having each user register their ipaddress, mac address, workstation os, etc. in our ldap directory. Now in our pcrouter, the users will first send his login credentials to the pcrouter, and then the pcrouter will check against ldap if this login is correct, and if it is, then it will now do an ldapsearch/compare operation to see if the source address (ip/mac) of the user trying to gain network access is indeed belongs to that user. Only then, the ipfw ruleset will be changed to allow traffic originating from this source address... snip Does it have to be LDAP and ipfw? there is authpf which.. Ofcourse this does not cover the IP|MAC address checking you mentioned, but I don't see how this enhances security. It will be easy for a user to change his IP|MAC address. /snip Our main problem is that in our company, each user has his own workstation(no one else uses it).. However, due to poor implementation of ip allocation strategy, any user can change his ip to whatever ip address he wants, thus it would be hard for us to really monitor who is doing this and who is doing that (because it would be useless to see the ip address of the one who's eating up or bandwidth or doing p2p when we cannot determine who is this user this ip belongs to. This leads us to our decision to have every user assigned a static ip address and have him register his mac address, all stored in ldap directory, and have him authenticate to the pc router first before being allowed to access any server. Authpf is somewhat close to this idea but perhaps it was designed for environment wherein users have no permanent workstation, or user can come from any location, even outside the company(at home) I have created a draft of my proposed solution: First, user will authenticate to a web based login form which is tied up against the ip[f|fw|tables] ruleset. When the user submits the form, the cgi will then verify if the user is really who he claims to be by doing an ldapbind using the credentials provided. Also, the script will check if the request is coming from an ip address that is assigned to that user, by comparing it to his ldap attributes (somewhat prevents users from using other user's ip address). If everything goes well, the script will happily change the router's firewall ruleset to allow the user to pass thru. (note that in our setup, we have allocated a single class C ip block for all the staffs(120) (no need to have separate blocks since all policies applies to all). Also, we have placed all the servers (mail, proxy, file, printer, im etc) in a different block to make sure that authentication will happen first before a user is allowed to access any of those servers. Next, we will also provide a logout form(the same as logging out from ssh session in authpf) so that the ruleset can be reverted back when the user does not want to access any network server anymore. The problem with this is that users may be too lazy to logout to the network authentication.. In authpf, even the user did not logout from his ssh session, when he turns off his computer, the ssh session will automatically be terminated. I'm thinking perhaps I can have a nagios server constantly monitoring each user's network connectivity and then changing the firewall ruleset once the user's machine is unreacheable... Another problem I am thinking is that, when a user has already authenticated to the router and have his ip address verified and has been allowed in the firewall, another smart user might immediately change his ip/mac address to that of the authenticated user, and thus making it hard to track his network activity again.. I'm still going to investigate if arpwatch can fill this need What do you think??? HTH, Nikos Anyone have gone with this solution before?? Thanks - Blab-away for as little as 1¢/min. Make PC-to-Phone Calls using Yahoo! Messenger with Voice. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw plus authentication (authpf is cool but....)
Norberto Meijome [EMAIL PROTECTED] wrote: On Tue, 4 Apr 2006 18:22:42 -0700 (PDT) Mark Jayson Alvarez wrote: Hi Nikos Nikos Vassiliadis wrote: On Monday 03 April hi there, I mentioned DHCP registration - i found the link : http://www.netreg.org/ it may do what you need. I have already looked into it, as well as the CMU version of netreg which is far more feature rich and matured. http://www.net.cmu.edu/netreg/ However, we are on the process of having a centralized LDAP directory of each equipment (including ip, mac address, os, owner, property number etc.) Both implementations uses a separate backend to store each machine's mac addresses. We don't want to have redundant data. Also, during our discussion: Another problem I am seeing with this kind of setup is that it doesn't prevent someone from using other user's network information. There's not that much of authentication happening in the process of dhcp. The server only looks if the mac address is already registered(in my case, a simple ifconfig will allow me to change my mac address to that of a registered user). There are a couple of suggestions and workarounds to this however, and with these at hand, were're only left with that redundancy issue.. Our main problem is that in our company, each user has his own workstation(no one else uses it).. However, due to poor implementation of ip allocation strategy, any user can change his ip to whatever ip address he wants, thus it would be hard for us to really monitor who is doing this and who is doing that (because it would be useless to see the ip address of the one who's eating up or bandwidth or doing p2p when we cannot determine who is this user this ip belongs to. have you considered changing the policy in this regards? do users need that much control over their own workstation? According to the policy, the NMG is the only responsible for software installation, removal, patching etc of each workstation.. However, the MIS has very few manpower, they cannot have full control over all of the user's workstation. That's why we have proposed another policy that the user will be held responsible for every outcome that will be originating from his machine... be it p2p, or worm flooding. This leads us to our decision to have every user assigned a static ip address and have him register his mac address, all stored in ldap directory, and have him authenticate to the pc router first before being allowed to access any server. Authpf is somewhat close to this idea but perhaps it was designed for environment wherein users have no permanent workstation, or user can come from any location, even outside the company(at home) I have created a draft of my proposed solution: First, user will authenticate to a web based login form which is tied up against the ip[f|fw|tables] ruleset. can you run iptables on BSD? | When the user submits the form, the cgi will then verify if the user is really who he claims to be by doing an ldapbind using the credentials provided. Also, the script will check if the request is coming from an ip address that is assigned to that user, by comparing it to his ldap attributes (somewhat prevents users from using other user's ip address). If everything goes well, the script will happily change the router's firewall ruleset to allow the user to pass thru. (note that in our setup, we have allocated a single class C ip block for all the staffs(120) (no need to have separate blocks since all policies applies to all). Also, we have placed all the servers (mail, proxy, file, printer, im etc) in a different block to make sure that authentication will happen first before a user is allowed to access any of those servers. and your pcrouter is the gateway between the users and the servers, right? and different physical segment too Yup.. just to make sure that they will have to get authenticated first before using any network services.. If they are known, that is the time when monitoring and accounting will make sense (since it is useless to know the ip address of the one doing p2p when we can't find out the user whom this ip is registered to.:-) Next, we will also provide a logout form(the same as logging out from ssh session in authpf) so that the ruleset can be reverted back when the user does not want to access any network server anymore. The problem with this is that users may be too lazy to logout to the network authentication.. In authpf, even the user did not logout from his ssh session, when he turns off his computer, the ssh session will automatically be terminated. I'm thinking perhaps I can have a nagios server constantly monitoring each user's network connectivity and then changing the firewall ruleset once the user's machine is unreacheable... what if they leave their PC on overnight downloading / uploading files? what if they leave their PC
ipfw plus authentication???
Hi I am looking for ways to manage our LAN by having each user register their ipaddress, mac address, workstation os, etc. in our ldap directory. Now in our pcrouter, the users will first send his login credentials to the pcrouter, and then the pcrouter will check against ldap if this login is correct, and if it is, then it will now do an ldapsearch/compare operation to see if the source address (ip/mac) of the user trying to gain network access is indeed belongs to that user. Only then, the ipfw ruleset will be changed to allow traffic originating from this source address... Anyone have gone with this solution before?? Thanks - Blab-away for as little as 1¢/min. Make PC-to-Phone Calls using Yahoo! Messenger with Voice. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How do you divide your network?? (do you use vlan??)
Hi, How do you divide your network?? Our current setup looks like this. Given all switch are unmanaged. 1 pc router has two interfaces. 1st is the uplink to the internet and the 2nd is connected to our private lan switch. Now this private lan switch is then connected to each switch of every department.. Network A.) / uplink(public) / [pcrouter] \ \ 10.10.x.x [private lan switch] \ / \ \[dept3 switch] / \ 10.10.3 [dept1 switch] [dept2 switch] 10.10.1 10.10.2 Now the problem we have encountered with this setup are: 1. mixed broadcast.The pc router has only one private interface which is aliased to every subnet. (all traffic pass thru it, don't know whats the implication of this) 2. a user on dept1 switch can use ip addresses that belongs to dept2 or dept3 making it hard to track down the source in case there's a flooding going on. 3. When the router died all departments dies. No failover.. 4. Haven't tried this yet, but can I implement DHCP with this kind of setup?? Now trying to revise the network diagram, I came up with network B. This time the same setup as network A but with failover plus the private lan switch is managed, with possible port filtering so that only ip's belonging to a subnet is allowed to connect to that particular port. Network B.) :...carp...: :: [pcrouter1][pcrouter2] \ / \ / \ / \ / [private lan switch] --- managed switch with port filtering / \\ / \ \-[dept3 switch] [dept1 switch] [dept2 switch] Questions in mind: 1. Did it prevent mixed broadcasts?? 2. Again, is it possible to use DHCP since all are still connected to only 1 aliased interface. / Network C.)/ [pcrouter] /| \ / | \ [dept1] [dept2] [dept3] Now in this setup, router will no longer have a single aliased interface. Instead, it will have one interface for every subnet.. Also, I'm assuming that dhcp will be close to possible by now. The same with mixed broadcast... (although i'm just assuming) it will be easy to prevent?? Problems: 1. failover was gone.. When the router dies, every department dies. 2. any other negative implications?? Network D.) [main uplink switch] / | \ / |\ / | \ [pcrouter1] [pcrouter2] [pcrouter3] | | | | | | [dept1switch] [dept2switch] [dept3switch] problems: 1. costly... must maintain a lot of pcrouters (we have more that 3 departments), no more space in our noc. Network E.) Same with network B, but now with VLAN implementation... I don't want to divide the network by physical topology since users frequently transfer to other departments... So what do you suggest?? Thanks - jay - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need some tips in reorganizing our LAN.
Hi everyone, Thanks for replying.. I'm currently on the phase I of the plan. Its not finalized yet. I hope you can add some more. What else do you want to know if you will be reorganizing your own LAN? Also, if you have a clue on what the succeeding phase should be..Anyway, I will try to focus on the phase I first. Phase I - Identify the Current Setup 1. Network Diagram 1.1 Connectivity Type a. wired b. wireless 1.2 Geographical Divisions a. Site survey (building plan) b. cabling structure (is it possible to recable?) 2. Types/Classifications/Numbers of Users (126 employees) 2.1 Administrative staffs a. OD b. FAD c. DIVAS 2.2 Technical staffs 3. Machine Classifications and their network type(private/public) 260 all in all Admin Tech a. servers (public/private) - 24 b. workstations b.1 desktop (public/private?) 35 162 b.2 laptops (public/private?) 317 c. testbeds (public/private) already included in desktop d. personal (laptop,pda) NA 3.1 Operating system a. Windows b. *nix 4. Services Provided/needed a. file server (private) b. printer server (private) c. internet proxy server (public) d. im server (private) e. web server (private) f. directory service/server Thanks -jay - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need some tips in reorganizing our LAN.
Hi everyone, Thanks for replying.. I'm currently on the phase I of the plan. Its not finalized yet. I hope you can add some more. What else do you want to know if you will be reorganizing your own LAN? Also, if you have a clue on what the succeeding phase should be..Anyway, I will try to focus on the phase I first. Phase I - Identify the Current Setup 1. Network Diagram 1.1 Connectivity Type a. wired b. wireless 1.2 Geographical Divisions a. Site survey (building plan) b. cabling structure (is it possible to recable?) 2. Types/Classifications/Numbers of Users (126 employees) 2.1 Administrative staffs a. OD b. FAD c. DIVAS 2.2 Technical staffs 3. Machine Classifications and their network type(private/public) 260 all in all Admin Tech a. servers (public/private) - 24 b. workstations b.1 desktop (public/private?) 35 162 b.2 laptops (public/private?) 317 c. testbeds (public/private) already included in desktop d. personal (laptop,pda) NA 3.1 Operating system a. Windows b. *nix 4. Services Provided/needed a. file server (private) b. printer server (private) c. internet proxy server (public) d. im server (private) e. web server (private) f. directory service/server Thanks -jay - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need some tips in reorganizing our LAN.
Benjamin Lutz [EMAIL PROTECTED] wrote: Hello jay, I see no place for a wireless network in a professional network. It's hard to secure it (it's possible, encrypted-VPN-over-WLAN works, but it's difficult and expensive to set up). Stick with a wired LAN, and there'll be one security threat less that you have to worry about. No, problem with this as we already have wireless authentication wherein users are forced to login before accessing proxy servers. Keep in mind that a DHCP server needs to be in the same subnet it serves. Other services do not have this requirement. So you mean, If I have 1 pc router that has maximum of 8 lan ports, I can't do dhcp on 8 networks?? Let's say, dhcp will listen on each interface and serve only the assigned subnets It sounds like you're planning to have all subnets connected through this one FreeBSD box. This is not necessary. You can put a router in between subnets, and have that one located elsewhere, where it's more convenient. My partner say that having a separate pc router for each subnet and placing it in their designated area is not an option. He said we should try having a redundant/failover central pc router instead. If we were to deploy 5 or more of those, we should put it somewhere we can access it easily.. that is here in our NOC, at the 3rd floor. Unfortunately, we don't have much space left for tower pc's unless we can afford to buy rackmounted servers... Even purchasing those 5 servers will be a big issue And here's another thought: reliability and redundancy. Computers fail. If you have one central router that everything goes through, not only is it a performance choke point, but it'll also bring the whole agency to a standstill if it should fail. Maybe there isn't a better way to do things given your resources, but if there is, try to limit the impact of potential failures. Distribute things like routing, and most of the network will keep working if one machine fails. Or, if you can, make things redundant. Cheers Benjamin - Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need some tips in reorganizing our LAN.
Benjamin Lutz [EMAIL PROTECTED] wrote: Hello jay, I see no place for a wireless network in a professional network. It's hard to secure it (it's possible, encrypted-VPN-over-WLAN works, but it's difficult and expensive to set up). Stick with a wired LAN, and there'll be one security threat less that you have to worry about. No, problem with this as we already have wireless authentication wherein users are forced to login before accessing proxy servers. Keep in mind that a DHCP server needs to be in the same subnet it serves. Other services do not have this requirement. So you mean, If I have 1 pc router that has maximum of 8 lan ports, I can't do dhcp on 8 networks?? Let's say, dhcp will listen on each interface and serve only the assigned subnets It sounds like you're planning to have all subnets connected through this one FreeBSD box. This is not necessary. You can put a router in between subnets, and have that one located elsewhere, where it's more convenient. My partner say that having a separate pc router for each subnet and placing it in their designated area is not an option. He said we should try having a redundant/failover central pc router instead. If we were to deploy 5 or more of those, we should put it somewhere we can access it easily.. that is here in our NOC, at the 3rd floor. Unfortunately, we don't have much space left for tower pc's unless we can afford to buy rackmounted servers... Even purchasing those 5 servers will be a big issue And here's another thought: reliability and redundancy. Computers fail. If you have one central router that everything goes through, not only is it a performance choke point, but it'll also bring the whole agency to a standstill if it should fail. Maybe there isn't a better way to do things given your resources, but if there is, try to limit the impact of potential failures. Distribute things like routing, and most of the network will keep working if one machine fails. Or, if you can, make things redundant. Cheers Benjamin I have attached here our current lan setup... - New Yahoo! Messenger with Voice. Call regular phones from your PC for low, low rates.___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need some tips in reorganizing our LAN.
Hi, Right now, I'm working in a poor government agency where the network is not well organized. Its hard to trace users that are doing this stuff and doing that.IP addresses are scattered all around the 3 story building.Switches are cascading everywhere.. Everything is a disaster. When a machine is infected with some worms, its trivial to track it down..When one is doing p2p, no one can stop him. Perhaps the reason why this is happening right now is that the former network administrators did not consider the scenarios that will happen in the future, like increasing number of users and workstations mobilization of employees from one area to another, etc. Right now, we have a freebsd 4.7 lying in a dark room not far away from where I am right now. And it is indeed the center of our Local Area Network.. Guess what, it has only 2 interfaces. One connected to public, and the other connected to our private switch. That private interfaced is aliased to multiple subnets like this: 10.10.1.1 10.10.2.1 10.10.3.1 10.10.4.1 10.10.5.1 This interface is connected to 1 switch and then 5 or more switches are connected to this main switch. Those 5 or more switches are then scattered to every area of the building. I know you are thinking a lot of negative things about this setup, but this is what it really looks right now. The MIS suggested a LAN transition project, and I was assigned to lead the team. Right now, we are only two in this very big team. :-) I'm just wondering if I will ever gonna finish this project or not. I have a lot of stuffs mixed up in my mind right now but I really don't know where to start. I have these in my mind right now: Connectivity 1. wired 2. wireless Machines being hooked into the network: 1. servers 2. workstations 3. testbeds 4. personal (laptops etc.) Will use DHCP Will use centralized directory service Will use centralized authentication We have at most 150 employees... We don't have that much to spend on equipments like managed switches, powerful servers, etc. We have a lot of political issues that needs to be resolved regarding network usage policies All these stuffs, basically mixed up in my mind. I really have no idea where to start aside from creating a purchase request for a new PC router and a multiple port lan card, which I already did a week ago..And it has not arrived yet. :-) Please help me. I told my partner that services configuration is just a piece of cake once we already have a definite plan. I really don't know where to start. I'm not even tasked to do this... I'm just tasked to help my partner who is a member of the poor MIS. At first, I thought this would be just as easy as upgrading the machine to FreeBSD 6.0 and then reconfiguring the firewall ruleset, but I was wrong. If you have any Network Transition plan that you may want to share to me, please do so. Even if we don't have that much similarities in our network setup, at least the non technical part like planning etc... Thanks Sincerely -jay - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How do you keep users from stealing other user's ip??
Hi, Ok here's our problems. Mostly pertaining to tracking down who is this user eating up our bandwidth or who is this user flooding our network. 1. Users when they want to plug a machine to the network... let's say their own testbeds, they will choose whatever ip they want possibly stealing used ip's. 2. Users workstations are mixed Windows and *nixes. Most windows machines are getting infected with worm from time to time... Some of them are not so skillful enough to clean their own workstations. Given an unmanaged ip allocation, it would also be hard to trace which machines are causing the network congestion. 3. Some users with public workstations and testbeds are eating up bandwidth through file sharing...Still hard to trace this without proper ip allocation management. Erik Nørgaard [EMAIL PROTECTED] wrote: I once set up such a solution in a student house with about 120 users. People had their own private pcs so we couldn't just take away their admin rights on their own pc. Now, question to ask: - Are all users legitimate users? Do users have friends coming in and connect to the network? is it wired or do you have neighbors trying to use the net also? - What is the benefit of stealing another users ip? Do you have limitations on access such as download? Is it to hide behind another user? In our case we had a wired network, so all users was legitimate users, but we had a limitation on download so some users would try to use their neighbors ip to get more quota. What we did was: 1) Static ip assigned with dhcp - people wouldn't need to learn to configure their computer. 2) Static arp table on router, to spoof, one would have to spoof mac-address. 3) Require registration of all hosts owned by the user: To hold users accountable for their hosts. 4) Count traffic per host, up and download, this was done with ipfilter. 5) Make current usage visible, the users could always check their quota and knew when they hit the limit. That way they didn't get surprises and annoyed. This actually worked fine. It was sufficiently complicated to spoof that people wouldn't bother. A different and possibly better way around this would be to limit bandwidth for ports higher than 1023, this is where most file sharing takes place. You can do that with packet filter, I still haven't figured how to effectively implement traffic quotas on packet filter as accounting is not so easy. If your concerns are people trying to hide behind others identity, or unauthorized access such as if you have a wireless lan, then there are two good options: 1) Use authpf with packet filter. This requires the user to authenticate with the firewall to get access. No proxy needed. 2) Let each client establish a VPN to the router, this have the advantage of also encrypting traffic if you have a wireless or non-switched network. Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
net-im is not in my supfile..
Hi, I'm trying to install the latest jabberd but first I would like to cvsup the latest ports tree. I only want the ports-net-im to speed up the process, however, to my surprise, net-im is not in my /usr/share/example/cvsup/ports-supfile. Adding that line and commenting ports-all doesn't make any difference.. I'm trying to read this link but I'm not sure really what to do.. http://www.freebsd.org/doc/en/articles/committers-guide/ports.html#Q12.4.1. please help... thanks. - Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How do you keep users from stealing other user's ip??
Good day, We are trying to reorganize our local area network and I need some tips on how you are managing your own lan... We have a vanilla pc router with interface facing our private lan and interface facing the Internet. One problem which we are experiencing right now is that any user from private lan can use any ip address he wants. If he boots his computer with a stolen ip address, the poor owner of that machine(not active at the moment) will give automatically up his ip address to this user. The same scenario for public ip addresses. Basically, we need to track down the users through their ip address.. But this is trivial as of now since anyone can use any ip he wants. Even if there is a solution out there to tie up his mac address to his ip address..(sort of checking the mac first before giving him an ip, possibly through dhcp..) still, users can just download applications which will enable him to change his mac address Now, where thinking about authenticating users before he is allowed to use a particular network service(internet proxy, mail etc.) because I guess it is a clever way of keeping the bad users from doing something bad within your network when after all, the reason why he is plugging his lancard to the network is to use a particular service. However, it still doesn't keep them from playing around and steal other ip addresses or mac addresses and thus denying network access to those legitimate owners. I'm thinking about tying dhcp with authentication, and freeradius comes to mind.. I just need some more tips from you. User's workstations are mixed Windows and *nixes. Some have laptops with wireless interfaces. Any idea how to handle this situations?? Thanks... - New Yahoo! Messenger with Voice. Call regular phones from your PC and save big. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/dev/cuaa gone in 6.0?? /dev/console doesn't work...
Hi, I'm trying to secure our cisco router by hooking its console to a freebsd 6.0 box. I was reading this document: http://www.onlamp.com/pub/a/bsd/2001/10/11/FreeBSD_Basics.html It seems like /dev/cuaaN has been replaced by /dev/console. On my 6.0 box, I can't seem to find /dev/cuaaN... I tried using /dev/console instead and I got the same response Connected but it hangs... I can't do anything. The command I used was cu -l /dev/console -s 9600. On an older box (4.11) I used cu -l /dev/cuaa0 -s 9600 and it worked. I got the login prompt of our router. If ever I would make everything work... does this mean that only one user can connect to our router or does freebsd have some sort of pseudo consoles??? Thanks.. - Brings words and photos together (easily) with PhotoMail - it's free and works with Yahoo! Mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /dev/cuaa gone in 6.0?? /dev/console doesn't work...
Kris Kennaway [EMAIL PROTECTED] wrote: No, they're different. Anyway, /dev/cuaaN was replaced by /dev/cuadN. Kris Ok, its working now.. How about multiple console connections using just a single console cable?? sort of like pseudo terminal used by ssh. - Yahoo! Mail Bring photos to life! New PhotoMail makes sharing a breeze. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /dev/cuaa gone in 6.0?? /dev/console doesn't work...
Kris Kennaway [EMAIL PROTECTED] wrote: On Wed, Mar 08, 2006 at 09:13:51PM -0800, Mark Jayson Alvarez wrote: Kris Kennaway wrote: No, they're different. Anyway, /dev/cuaaN was replaced by /dev/cuadN. Kris Ok, its working now.. How about multiple console connections using just a single console cable?? sort of like pseudo terminal used by ssh. No idea, perhaps the conserver port. I also thinks so, I'm reading this one now: http://www.freebsd.org/doc/en_US.ISO8859-1/articles/console-server/article.html Kris - Yahoo! Mail Bring photos to life! New PhotoMail makes sharing a breeze. - Yahoo! Mail Bring photos to life! New PhotoMail makes sharing a breeze. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Trouble with apache ports (finding it hard to enable particular modules)
Hi, I'm trying to install phpldapadmin-0.9.8 This is just as simple as doing a make install inside /usr/ports/net/phpldapadmin. It requires an installation of php4 plus ldap and xml extensions. So far no problem. If I do a make install inside php4-extensions, php4 and apache13 gets installed automagically. But my problem is, it's just a plain apache that gets installed. I wanted it to have an ssl capability.. I can't get the three to work together. php4-extension-enabled php php-enabled apache ssl-enabled apache Please help me.. Thanks! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
network monitoring system with downtime reporting
Hi, I'm looking for a network monitoring system with downtime reporting. Currently, we are using nagios for services monitoring and mrtg for traffic monitoring. Do you know any tool which can report the downtimes of a particular customer's internet link? We need it because from time to time, customers are asking for rebates because they say that their link went down a couple of times, and mrtg cannot show this accurately.. Thanks. -jay __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HELP:(cisco serial (up, up) but cannot ping its interface from within.
Hi, In sh ip int br a particular serial interface shows to be both line and protocol up but I cannot ping the interface from within the router itself. When I tried pinging from the outside, I can ping it... Any idea what seems to be misconfigured in our router??? Thanks.. - Yahoo! Autos. Looking for a sweet ride? Get pricing, reviews, more on new and used cars. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: HELP:(cisco serial (up, up) but cannot ping its interface from within.
Glenn Dawson [EMAIL PROTECTED] wrote: At 10:13 PM 2/13/2006, Mark Jayson Alvarez wrote: What does this have to do with FreeBSD? Well, for one, I have a machine running FreeBSD 6.0 where I am pinging the said router from... and it works fine. However, when I telnet to the router from that machine and ping the interface after I successfully logged in, I cannot ping it anymore... :-) - Yahoo! Mail Use Photomail to share photos without annoying attachments. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
need some advice on our cisco routers..
Hi, We have a couple of cisco routers. There was one time when suddenly we cannot login remotely via telnet. I investigate further and was shocked when I found out that there where 16 telnet connections coming from outsiders ip addresses. I immediately called our Director(the only cisco certified guy in the office) and he begin kicking each of the telnet connections one by one. He then replaced every secret/password and deleted all unnecessary local accounts. However, we're still wondering how those hackers got into the system. Now this cisco's aaa is default to a radius server. Since then, outsiders have gone away.. Perhaps the hackers got one of the router's local accounts, and trying to brute force their way to enable mode. Now, I have few questions: 1. Is it possible to think that they still haven't cracked the enable password yet or they already know it and just silently been playing with our router?? What for? If you are a hacker, what would you do if you got an access to an ISP's router??:-) 2. What will you do if the same thing happened to you?? 3.How do you secure your cisco routers in your office?? Our director said that we should look for best practices in securing our routers. Our company is an ISP for broadband internet for RD institutions. We offer no dial up connections, only E1's etc. We have 2 stm1(155Mbps) outgoing pipes. One cisco 7206 and one cisco 7304. We have a radius server running some old version of freebsd(4.6 I guess) but the accounting is not working anymore. Only authentication, and radius uses the accounts listed in /etc/passwd. Now, I am trying to configure a new radius server(to replace the old server configured by the former net/sys admins) only not sure if it is really what we need.. My initial idea of radius is that it ties up authentication, authorization and accounting.. however as I have said, I guess we don't need any accounting since we don't offer dial up services. In authentication, I tried once to make our router work with our kerberos setup so that telnet password doesnt have to be sent but unfortunately, I failed to make it work with our heimdal installation(seems like they are having incompatibility issues with encryption, though I haven't tried it with MIT yet). Authorization: We currently have an ldap directory used only for email services, don't know if it is still needed. We also have remote logging through that radius server also, and guess what, its not working anymore. I compared the config of that compromised router with the other one and found out that the logging lines are gone(hmmm..) I need some tips here. The tools you are currently using. Also some of the best practices you are implementing in your noc.. I'm the new admin and the services are poorly documented.. Now I am trying to start everything from scratch, this time documenting everything I am doing.. Load balancer, proxy server, email, dns, web, ldap, kerberos, etc. Unfortunately I don't have any cisco training yet and I'm glad that my supervisor is kind enough to lend me the enable password (the rest, google and google) Thank's for your time. Sincerely -jay - Brings words and photos together (easily) with PhotoMail - it's free and works with Yahoo! Mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
probing devices on a pentium-s 90mhz.... installation can't continue because it takes forever..
Hi, We have an old pentium-S 90mhz machine running Redhat7 used for LVS load balancer and I would like to replace it with FreeBSD6.0. The motherboard have two IDE socket but it doesn't seem to detect the cdrom at all. No problem, I downloaded the floppy images and then reboot it. However, on the final booting process, it just says Probing devices, please wait (this can take a while)... and it just sits there and nothing happens. Other hardware components are: its memory looks like an edo ram (more than 113 mb i think) it has 2 pci devices installed: a lan card, and a scsi controller it has 1 isa device installed: vga card Any idea what might be happening? Is this some sort of IRQ conflict problem? I just removed another isa device(serial,parallel) thinking it might be conflicting with the vga card, but the probing is still taking forever. Thanks.. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: probing devices on a pentium-s 90mhz.... installation can't
Michael S [EMAIL PROTECTED] wrote: As a last measure, you could always try NetBSD as it is friedly to old hardware. Hmmm.. we have two machines, 1 newer (can absolutely install freebsd 6.0) and this old one. Currently, both of them are running IPVS, heartbeat, Redhat7. I will be replacing this with IPVS on FreeBSD plus CARP. I guess I would have to find out if NetBSD has CARP and IPVS is already ported - Yahoo! Shopping Find Great Deals on Holiday Gifts at Yahoo! Shopping ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: How does carp computes the MAC address of the a certain Virtual IP?
Mark Jayson Alvarez [EMAIL PROTECTED] wrote: Date: Sun, 4 Dec 2005 15:59:39 -0800 (PST) From: Mark Jayson Alvarez [EMAIL PROTECTED] To: freebsd-net@freebsd.org Subject: How does carp computes the MAC address of the a certain Virtual IP? Hi, How does carp computes the MAC address of the a certain Virtual IP? Perhaps I can set up a route for the virtual IP address manually because the kernel keeps on complaining: arp_trequest: bad gateway (!AF_LINK). This is weired because my carp setup is working for the past 4 days and it suddenly stopped with the above error. Any idea? Thanks - Yahoo! Personals Skip the bars and set-ups and start using Yahoo! Personals for free ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: How does carp computes the MAC address of the a certain Virtual IP?
Mark Jayson Alvarez [EMAIL PROTECTED] wrote: Date: Sun, 4 Dec 2005 15:59:39 -0800 (PST) From: Mark Jayson Alvarez [EMAIL PROTECTED] To: freebsd-net@freebsd.org Subject: How does carp computes the MAC address of the a certain Virtual IP? Hi, How does carp computes the MAC address of the a certain Virtual IP? Perhaps I can set up a route for the virtual IP address manually because the kernel keeps on complaining: arp_trequest: bad gateway (!AF_LINK). This is weired because my carp setup is working for the past 4 days and it suddenly stopped with the above error. Any idea? Thanks - Yahoo! Personals Let fate take it's course directly to your email. See who's waiting for you Yahoo! Personals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
devices are automatically created at boot(how about pseudo devices e.g; carp)?
Hi, Do I have to write a script that contains let's say: #!/bin/sh ifconfig carp0 create then add a line in my rc.conf that looks like this: ifconfig_carp0=vhid 1 pass mypasswd 192.168.0.1/24 or is there a place where I can do them both at the same time? thanks - Yahoo! Personals Single? There's someone we'd like you to meet. Lots of someones, actually. Try Yahoo! Personals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
arp_rtrequest: bad gateway(!AF_LINK) This is weired as it was working a while ago.
Hi, I'm not sure what I did wrong. My carp setup with 2 machines sharing 1 virtual ip is working perfect for 3 days now, until today, I got these messages in /var/log/messages kernel: carp: incorrect hash arp_rtrequest:bad gateway 10.10.8.146 (!AF_LINK) googling brought me to this link: http://lists.freebsd.org/pipermail/freebsd-net/2004-January/002608.html However, It doesn't show how to resolve the problem. After rebooting the machine, it still doesn't work (when it is supposed to) Netstat -rn gives me: default10.10.8.254UGS 0 1074xl0 10.10.8/24 link#1 UC 00xl0 10.10.8.11200:0e:a6:c9:ac:19 UHLW1 46xl0 1186 10.10.8.25400:01:02:9a:7f:c3 UHLW21xl0827 127.0.0.1 127.0.0.1 UH 00lo0 Any idea how to eliminate the problem? Thanks - Yahoo! DSL Something to write home about. Just $16.99/mo. or less ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: kernel panic after loading ipvs.ko
Lowell Gilbert [EMAIL PROTECTED] wrote: Mark Jayson Alvarez writes: I include these 2 lines in my loader.conf: ipvs_load=YES ip_vs_rr_load=YES However, the kernel(6.0) panic after rebooting.. Manually loading those modules is no problem.. I am trying to load the ipvs(FreeBSD version of LVS) module at boot time. Any idea? Where did this module come from? Are you sure it's compatible with your 6.0 kernel? It came came from the LVS on FreeBSD (porting LVS on FreeBSD) (/usr/ports/net/ipvs) - Yahoo! Music Unlimited - Access over 1 million songs. Try it free. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: proper way to create network devices at boot time.
Lowell Gilbert [EMAIL PROTECTED] wrote: Mark Jayson Alvarez writes: How do you create a network device at boot time? I need to set up my carp devices at boot time. in Openbsd, it can be set in /etc/hostname.if like this. /etc/hostname.carp1 inet 172.16.0.100 255.255.255.0 172.16.0.255 vhid 1 carpdev em0 \ pass lanpasswd Thanks. On recent FreeBSD, the devices should be created automatically if the hardware they support is present. What device exactly are you trying to create? Im trying to create carp pseudo device. In rc.conf, I can simply configure it using ifconfig, however only after the device have been created. So manually I would say: ifconfig carp create ifconfig carp0 vhid 1 pass mypasswd ipaddress something like that... - Yahoo! Music Unlimited - Access over 1 million songs. Try it free. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
proper way to create network devices at boot time.
Hi, How do you create a network device at boot time? I need to set up my carp devices at boot time. in Openbsd, it can be set in /etc/hostname.if like this. /etc/hostname.carp1 inet 172.16.0.100 255.255.255.0 172.16.0.255 vhid 1 carpdev em0 \ pass lanpasswd Thanks. - Yahoo! Music Unlimited - Access over 1 million songs. Try it free. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
kernel panic after loading ipvs.ko
Hi, I include these 2 lines in my loader.conf: ipvs_load=YES ip_vs_rr_load=YES However, the kernel(6.0) panic after rebooting.. Manually loading those modules is no problem.. I am trying to load the ipvs(FreeBSD version of LVS) module at boot time. Any idea? Thanks. - Yahoo! Music Unlimited - Access over 1 million songs. Try it free. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
last try (anyone who here who has a working carp setup??)
Hi, Been trying to make this work for the past three days, yet still no luck. On host A (which is suppose to be the master): xl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 options=9RXCSUM,VLAN_MTU inet6 fe80::201:2ff:fe88:d8c%xl0 prefixlen 64 scopeid 0x1 inet 10.10.8.144 netmask 0xff00 broadcast 10.10.8.255 ether 00:01:02:88:0d:8c media: Ethernet autoselect (100baseTX full-duplex) status: active plip0: flags=108810POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 carp0: flags=41UP,RUNNING mtu 1500 inet 10.10.8.146 netmask 0xff00 carp: MASTER vhid 1 advbase 1 advskew 0 On host B (which is supposed to be the backup) xl0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 1500 options=9RXCSUM,VLAN_MTU inet6 fe80::201:2ff:fe90:1957%xl0 prefixlen 64 scopeid 0x1 inet 10.10.8.145 netmask 0xff00 broadcast 10.10.8.255 ether 00:01:02:90:19:57 media: Ethernet autoselect (100baseTX full-duplex) status: active plip0: flags=108810POINTOPOINT,SIMPLEX,MULTICAST,NEEDSGIANT mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 carp0: flags=41UP,RUNNING mtu 1500 inet 10.10.8.146 netmask 0xff00 carp: BACKUP vhid 1 advbase 1 advskew 100 Even host B with a higher advskew, both of them seems to be the BACKUP... no MASTER at all. pinging 10.10.8.146 won't reply however.. arping works? Now the big question... how am I going to use this virtual IP if I can't even ping it??? Thanks... __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
link_elf: symbol nf_register_sockopt undefined
Good day! I tried patching my kernel(6.0) source as according to the instructions on these site: http://dragon.linux-vs.org/~dragonfly/htm/lvs_freebsd.htm rebuild and install it... update my ports via cvsup.. and do a make install inside /usr/ports/net/ipvs After that, I try loading ipvs.ko with kldload /boot/modules/ipvs.ko and I got the following: link_elf: symbol nf_register_sockopt undefined kldload: can't load /boot/modules/ipvs.ko: No such file or directory Any idea? Anyone here successfully running ipvs on FreeBSD6.0? The site said that it is working fine on 5.3 however I am afraid that I may not be able to use the carp feature which is already included in 6.0. Thanks. __ Start your day with Yahoo! - Make it your home page! http://www.yahoo.com/r/hs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can't subscribe to freebsd-net
Hi, I can't seem to subscribe to freebsd-net mailinglist. I have 1 question however. I have 2 machines running freebsd 6.0 compiled with device carp. The example in the carp manual slightly confuses me. I can't make those 2 machines to appear as one... I hope you can help me. machine A has xl0 with assigned ip of 10.10.8.145 machine B has xl0 with assigned ip of 10.10.8.146 Now following the example on carp(4) manual: On machine A: ifconfig carp0 create ifconfig carp0 vhid 1 pass mypasswd 10.10.8.147/24 so now, machine A shows these in ifconfig: carp0: flags=41UP,RUNNING mtu 1500 inet 10.10.8.147 netmask 0xff00 carp: BACKUP vhid 1 advbase 1 advskew 0 meanwhile on machine B ifconfig carp0 create ifconfig carp0 vhid 1 advskew 100 pass mypasswd 10.10.8.147/24 and I got 10.10.8.147/24 is duplicated by xl0 (10.10.8.145/24) What I wanted to do is to do some failover... ssh to 10.10.8.147 and see what machine it would connect to.. then pull the utp out... and repeat the process.. this time it should ssh to the backup server.. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pen+ucarp or carp(4).... any good experience?
Hi, Anyone here who has a working LVS-like setup in freebsd using carp? What software load balancer did you use? How was your experience with it I'm about to implement it in our proxy farm. Thanks. __ Yahoo! FareChase: Search multiple travel sites in one click. http://farechase.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Quick high availability load balancer for freebsd
I need a quick tip on setting up a High availability load balancer in freebsd. Here is our current setup: we have a cisco router, and a class B network. All of those who acquired ipaddresses cannot pass through the router if destined to port 80. The router only allow 3 ip addresses to browse the web. Those three machines are the parent proxies. Now 2 other machines on the same switch acts as high availability, load balancer. It is currently running an old version of redhat, heartbeat, and ldirector. The router doesn't enforce all traffic destined to port 80 to go through the load balancer first. some web clients uses the virtual ip of the load balancer and thus being diverted to the right proxy(not heavily loaded) while some, uses goes directy to the parent proxies. On the setup I am planning, this is not yet a concern.. I just have to achieve the same setup in freebsd because those 2 load balancers are old and retiring. I'm looking at freevrrpd and pen at this site: http://redundancy.redundancy.org/fbsd_lb.html I need some more tips however. How will you compare this setup to the Linux HA. Any link or quick guide will be greatly appreciated. Thanks. __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Good day again!! This has something to do with my previous email about finding an IRC bouncer installed into one of our freebsd servers(4.9). Someone suggested here to run a rootkit finder... I installed an rkhunter and eventually found an ascii text file inside the /dev/ named saux and to my surprise, it contains all of our username and passwords we used to login to other servers from that machine. Afterwards, we didn't even run the same root kit finder into other machines and just looked for that file(saux) and walla!! all machines have one!! We immediately killed all remote administration daemons and allow only root console access. Now we have a lot of work to do. more than 10 servers have been compromised founded the same file(saux) containing our passwords. Critical servers such as dns, proxy, mail etc. Even two of our cisco routers are 80% possibly compromised as well.. The question is: Now what?? I guess we will be spending 7 days of work starting from this day till we have a properly created policies, not just for user accounts... but I guess for everything, as in everything. And it wouldn't be only for a short period of time...I'm sure though. The bigger question is: Where should we start? Investigate how the cracker got into the system? Why? perhaps we should bring back the server first into their functional state because hundreds of thousands of people are relying to them?? Or should we tell our Director first, in case he might wonder why he is not receiving his emails on Monday morning or cannot telnet into the cisco router? Now we have a couple of inputs, we just have to figure out which is the proper combination. Here they are: 1. Use private key for ssh logins (should bring the private key always... and if it is stolen.) 2. Use kerberos for ssh logins? useful for cisco telnet authentication too. Should we replace the existing radius for the routers? Do we have enough time? can we afford to run a compromised server while setting up these servers? 3. Constantly upgrade third party softwares (ssh, ssl, apache, bind) etc.. (too much work.. there are so many of them(postgres, proftp, mysql, php) must be member of various security mailing lists and discussions). 4. Constant Os upgrade(or should we shift to OpenBSD like one of our boss recommended(need to familiarize first, it is a *nix no problem... but it is still OpenBSD :)Also, was it really the 4.8 that has been hacked or the old version of BIND running on it? Anyway, its 6.0 now, guess we really have to upgrade now. 5. Use nmap versioning etc. constantly check for unknown services (must audit all of the services running on every machine) 6. Always compile into a jail environment 7. Create a standard firewall ruleset template, (if it is a web server... uncomment this etc.) 8. use a livecd... (use for binary trojaning) 9. remote sysloging (I thought -ss flag is recommended?) 10. Implement kernel secure level chflags(undeletable, firewall unchangeable) 11. Use ip forwarding so that public servers will never again face the Internet directly( does this require a supers strong machine that will act as firewall? or perhaps an appliance(brand new) can we acquire this right away? What else?? Do you have anymore idea? Right now I am about to reformat one of our proxy server and install 6.0 on it. Perhaps I should check the squid config throughly... Suggestions are welcome... very much welcome. I just need to collate everything. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old versions mostly freebsd) Also, that particular server is running - ProFTPD Version 1.2.4 which someone have suggested to have a known vulnerability.. I really need all the help I can get as the administration of those servers where just transferred to us by former admins. The server is used for ftp. Thanks.. __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Need urgent help regarding security
Good Day! I think we have a serious problem. One of our old server running FreeBSD 4.9 have been compromised and is now connected to an ircd server.. 195.204.1.132.6667 ESTABLISHED However, we still haven't brought the server down in an attempt to track the intruder down. Right now we are clueless as to what we need to do.. Most of our servers are running legacy operating systems(old versions mostly freebsd) Also, that particular server is running - ProFTPD Version 1.2.4 which someone have suggested to have a known vulnerability.. I really need all the help I can get as the administration of those servers where just transferred to us by former admins. The server is used for ftp. Thanks.. __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
First, I want to thank you all for replying. For now what I just did is to just pulled the utp cable from its ethernet port. Now, no one can access it. However I tried once to put it back and then the ircd connection went up silently. It is confirmed that we are running psybnc like what someone who replied has experienced too, installed in a folder(pnybnc) inside etc that is named with a special character... hard to get inside, but we've managed to read some files using find and grep... The chat logs are still there.. seems like it has been turned into a sex chatroom.. also the config of psybnc which contains the username/password the intruder used in connecting... Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world. To others who replied... I will just answer you all one by one... Thanks again. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Need urgent help regarding security
Steve Bertrand [EMAIL PROTECTED] wrote: Now what I want to do is to just reinstall the whole operating system and secure it as possible as I can. Like someone told, its just a waste to try to track it down because the intruder might be located somewhere on the other side of the world. They are always on the other side of the world...this is the Internet. If that is your solution, I would recommend reconfiguring your FTP servers DNS entries, and applying another IP to the box,lest you be affected again. However, that won't even fix it, becuase it will just be found again by someone else. Unplugging the box just informs the attacker that you are aware of them. Moving the IP just makes people re-locate you. The solution is make the box accessible to only those who need it...and only the services they need. .02 Steve No, that is not the solution I'm thinking of.. You see right now, that machine contains at least 200 Gb of important files... I'm just paranoid that the intruder might just launch an rm -rf. Right now we don't have a backup of those files yet. I'm really eager to know how the intruder got into our machine, I'm just afraid that he might be reading everything I am typing in the terminal. I am also dissapointed because most of our server configuration files are in my home directory but doing the ls /tmp I found those files. Those files are our proxy configurations containing all of our peer proxies (ipaddress) and also the squid.conf which I'm afraid that the intruder can use to launch an attack to our proxy farm. You see those proxies aren't in a much secure mode yet but they are the MOST critical service in our company because all of our partners are passing through that proxies. Now what I really wan't to do is to just do the right thing but only one by one. I got so many replies, someone even suggested finding out the irc channel and try to have a little chat with the intruders. Someone suggested putting up a firewall before it and try to dump the packets to retrieve relevant informations. I'm really so confused right now as to where to start Right now, the server is currently inaccessible from the network, but it is still running( I just remembered someone suggested not shutting it down because the script the intruder used might get automatically erased). From there... where should I start.? Thank you very much. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Need urgent help regarding security
Marco Wertejuk [EMAIL PROTECTED] wrote: try sockstat | grep 6667 to see which process is connecting to irc and try to see what this process is doing with lsof, but depending on what backdoor or rootkit is used, it's possible to see nothing because intelligent rootkits hide themself Ok done this... and I found something First the output of nestat: 10.10.8.140.2994 195.204.1.132.6667 SYN_SENT 10.10.8.140.2993 195.204.1.132.6667 SYN_SENT Then sockstat root adjkernt 4926 445 tcp4 10.10.8.140:2994 195.204.1.132:6667 So.. is it the adjkernt that has been replaced? What should I do with it? P.S. I just plugged this server into our private network in order to access it from my workstation. - Yahoo! FareChase - Search multiple travel sites in one click. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Compile error when upgrading 4.8 to 4.11
Good day! Here's my system: 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Here's my GCC gcc version 2.95.4 20020320 [FreeBSD] Here's what I did: 1. Download 4.11 miinst.iso 2. Install the sources 3. cd to /usr/src 4. Make buildworld And the last few lines during the compilation looks like this: === sys/boot/i386/btx/btxldr (cd /usr/src/sys/boot/i386/btx/btxldr; m4 -DLOADER_ADDRESS=0x20 btxldr.s ) | as -o btxldr.o ld -N -e start -Ttext 0x20 -o btxldr.out btxldr.o objcopy -S -O binary btxldr.out btxldr === sys/boot/i386/btx/lib as -o btxcsu.o /usr/src/sys/boot/i386/btx/lib/btxcsu.s as -o btxsys.o /usr/src/sys/boot/i386/btx/lib/btxsys.s as -o btxv86.o /usr/src/sys/boot/i386/btx/lib/btxv86.s ld -i -o crt0.o btxcsu.o btxsys.o btxv86.o === sys/boot/i386/boot2 as --defsym FLAGS=0x80 /usr/src/sys/boot/i386/boot2/boot1.s -o boot1.o ld -nostdlib -static -N -e start -Ttext 0x7c00 -o boot1.out boot1.o objcopy -S -O binary boot1.out boot1 dd if=/dev/zero of=boot2.ldr bs=512 count=1 2/dev/null *** Error code 126 Stop in /usr/src/sys/boot/i386/boot2. *** Error code 1 Any idea? Thanks! __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
compile error when upgrading from 4.8 to 4.11
Good day! Here's my system: 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Thu Apr 3 10:53:38 GMT 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Here's my GCC gcc version 2.95.4 20020320 [FreeBSD] Here's what I did: 1. Download 4.11 miinst.iso 2. Install the sources 3. cd to /usr/src 4. Make buildworld And the last few lines during the compilation looks like this: === sys/boot/i386/btx/btxldr (cd /usr/src/sys/boot/i386/btx/btxldr; m4 -DLOADER_ADDRESS=0x20 btxldr.s ) | as -o btxldr.o ld -N -e start -Ttext 0x20 -o btxldr.out btxldr.o objcopy -S -O binary btxldr.out btxldr === sys/boot/i386/btx/lib as -o btxcsu.o /usr/src/sys/boot/i386/btx/lib/btxcsu.s as -o btxsys.o /usr/src/sys/boot/i386/btx/lib/btxsys.s as -o btxv86.o /usr/src/sys/boot/i386/btx/lib/btxv86.s ld -i -o crt0.o btxcsu.o btxsys.o btxv86.o === sys/boot/i386/boot2 as --defsym FLAGS=0x80 /usr/src/sys/boot/i386/boot2/boot1.s -o boot1.o ld -nostdlib -static -N -e start -Ttext 0x7c00 -o boot1.out boot1.o objcopy -S -O binary boot1.out boot1 dd if=/dev/zero of=boot2.ldr bs=512 count=1 2/dev/null *** Error code 126 Stop in /usr/src/sys/boot/i386/boot2. *** Error code 1 Any idea? Thanks! __ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HELP:I'm on deployment and they've got Linksys Wireless-G usb network adapter(is there any hope?)
Good day, This will be really really quick.Is linksys wireless-g 2.4ghz usb network adapter supported by freebsd 5.4?? If so, please point me somewhere I can make it work. Thanks! - Sell on Yahoo! Auctions - No fees. Bid on great items. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pptp with mppe on freebsd
Hi, I'm trying to connect my lan to a remote lan through pptp/vpn. I followed the instructions on http://www.freebsddiary.org/pptp.php and created a ppp.conf like this: UPVPN: set authname myusername set authkey mypassword set timeout 0 set ifaddr 0 0 add 10.40.23.0/24 HISADDR alias enable yes Now when I lauched pptp: # pptp vpnserver UPVPN I got these errors: anon warn[open_inetsock:pptp_callmgr.c:312]: connect: Operation timed out anon fatal[callmgr_main:pptp_callmgr.c:121]: Could not open control connection t o vpnserver's ip anon fatal[open_callmgr:pptp.c:379]: Call manager exited with error 256 Looking at /var/messages, I can see something like this, but I don't know if it has something to do with the error. Jun 16 13:04:14 tmc pptp[20182]: anon log[main:pptp.c:219]: The synchronous pptp option is NOT activated There is this site: http://www.mreriksson.net/howtos/netbsd-pptp-client/ which discusses how to set up pptpclient on NetBSD and there he mentioned about installing the PPPD-MPPE package which I did't do in my FreeBSD box since I failed to find the said pacakge in /usr/ports. I have a slight idea that I really need to have this installed because when I look at the properties page of my vpn connection using a windows machine, I can see this details: device Name WAN Miniport(PPTP) Device Type vpn Server Type PPP Transports TCP/IP Authentication MS CHAPv2 Encryption MPPE 128 Compression (none) PPP multilinkOff ServerIP Address 10.40.23.120 ClientIP Address 10.40.23.13 Here's my LAN setup: LAN --PCRouter/proxy-Cisco Routercloud Private computer on LAN access Internet through a dual homed pcrouter/proxy server. In this kind of setup, is it possible that those private machine on LAN be connected to the remote private LAN through a pptp tunnel? I've already done this on Windows and there, it has an option for internet sharing, and I'm wondering if I can do the same with freebsd. Any idea? Thanks a lot! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is MPPE supported in FreeBSD?
Hi, I'm trying to connect my lan to a remote lan through pptp/vpn. I followed the instructions on http://www.freebsddiary.org/pptp.php and created a ppp.conf like this: UPVPN: set authname myusername set authkey mypassword set timeout 0 set ifaddr 0 0 add 10.40.23.0/24 HISADDR alias enable yes Now when I lauched pptp: # pptp vpnserver UPVPN I got these errors: anon warn[open_inetsock:pptp_callmgr.c:312]: connect: Operation timed out anon fatal[callmgr_main:pptp_callmgr.c:121]: Could not open control connection t o vpnserver's ip anon fatal[open_callmgr:pptp.c:379]: Call manager exited with error 256 Looking at /var/messages, I can see something like this, but I don't know if it has something to do with the error. Jun 16 13:04:14 tmc pptp[20182]: anon log[main:pptp.c:219]: The synchronous pptp option is NOT activated There is this site: http://www.mreriksson.net/howtos/netbsd-pptp-client/ which discusses how to set up pptpclient on NetBSD and there he mentioned about installing the PPPD-MPPE package which I did't do in my FreeBSD box since I failed to find the said pacakge in /usr/ports. I have a slight idea that I really need to have this installed because when I look at the properties page of my vpn connection using a windows machine, I can see this details: device Name WAN Miniport(PPTP) Device Type vpn Server Type PPP Transports TCP/IP Authentication MS CHAPv2 Encryption MPPE 128 Compression (none) PPP multilinkOff ServerIP Address 10.40.23.120 ClientIP Address 10.40.23.13 Here's my LAN setup: LAN --PCRouter/proxy-Cisco Routercloud Private computer on LAN access Internet through a dual homed pcrouter/proxy server. In this kind of setup, is it possible that those private machine on LAN be connected to the remote private LAN through a pptp tunnel? I've already done this on Windows and there, it has an option for internet sharing, and I'm wondering if I can do the same with freebsd. Any idea? Thanks a lot! Yahoo! Sports Rekindle the Rivalries. Sign up for Fantasy Football http://football.fantasysports.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Help: krb5_sock_to_principal failed - Kerberos guru(kindhearted)... Anyone? Here?
Hi, I'm trying to configure a kerberos realm, and I have already installed heimdal on one FreeBSD5.4 machine and was able to run KDC daemon. I can already acquire a TGT and was about to test it using telnet. First, after acquiring a ticket granting ticket, I launched telnet on another machine with inetd running and telnetd enabled already in its inetd.conf.. However, my telnet client said the following: Trying KERBEROS5 (host/[EMAIL PROTECTED])... ] [ Kerberos V5 refuses authentication because krb5_sock_to_principal failed ].. Some of kerberos clients are already installed by default right? Ex., even without installing heimdal, I can still run kinit. How about those server daemons like telnetd?? Are they already built to accept a kerberos authentication? Why am I getting the above messages even if I use the telnet client inside /usr/local/heimdal/bin against the telnetd found inside /usr/local/heimdal/libexec -a user of the remote machine I am connecting to. And even if I use the default /usr/bin/telnet against /usr/libexec/telnetd -a user of the remote machine, I still get the same error above. Now if I pair a /usr/bin/telnet against the /usr/local/heimdal/libexec/telnetd -a debugon the remote computer, I still get the same error above but now with a warning: *** Connection not encrypted! Communication may be eavesdropped. *** and also the login prompt.. this time it is allowing me to login, only not encrypted, unlike when I use those pairings above which automatically exits upon failed authentication. Do you have any idea what's happening here? Thank you very much. -jay __ Discover Yahoo! Use Yahoo! to plan a weekend, have fun online and more. Check it out! http://discover.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Are those services in inetd.conf(telnetd, ftpd) kerberized already??
Hi, I'm trying to configure a kerberos realm, and I have already installed heimdal on one FreeBSD5.4 machine and was able to run KDC daemon. I can already acquire a TGT and was about to test it using telnet. First, after acquiring a ticket granting ticket, I launched telnet on another machine with inetd running and telnetd enabled already in its inetd.conf.. However, my telnet client said the following: Trying KERBEROS5 (host/[EMAIL PROTECTED])... ] [ Kerberos V5 refuses authentication because krb5_sock_to_principal failed ].. Some of kerberos clients are already installed by default right? Ex., even without installing heimdal, I can still run kinit. How about those server daemons like telnetd?? Are they already built to accept a kerberos authentication? Why am I getting the above messages even if I use the telnet client inside /usr/local/heimdal/bin against the telnetd found inside /usr/local/heimdal/libexec -a user of the remote machine I am connecting to. And even if I use the default /usr/bin/telnet against /usr/libexec/telnetd -a user of the remote machine, I still get the same error above. Now if I pair a /usr/bin/telnet against the /usr/local/heimdal/libexec/telnetd -a debugon the remote computer, I still get the same error above but now with a warning: *** Connection not encrypted! Communication may be eavesdropped. *** and also the login prompt.. this time it is allowing me to login, only not encrypted, unlike when I use those pairings above which automatically exits upon failed authentication. Do you have any idea what's happening here? Thank you very much. -jay __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
few processor performance questions
Good day, I have an athlon thunderbird 1.2ghz processor and I'm looking forward to overclocking it. My plans are to buy a new motherboard that supports raising the core voltage, fsb or even the multiplier. I have looked at some stores selling motherboard for socketA(462) processors and found out that those new motherboards mostly have fsb of 400 mhz and supporting memory modules upto pc333-400mhz. Also with 8x agp slot. My question is, if I were to buy this kind motherboard with a specified FSB of let's say upto 400+mhz and I equiped it with let's say, PC333 DDR, and if I were to put an 8x video card to it, given that my processor can only run as much as 1.33 ghz(but only when overclocked), will I be able to gain anything with it? Or should I just stick to an old mobo with 4x agp and fsb of 133? Thanks a lot. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Merging a directory to the search path of includes and libs permanently(ldconfig -m....)
Hi, Is there a way to merge a certain directory to the library search path or include search path permanently? ldconfig -m works only while the computer have not yet been rebooted. I have an experienced that I was able to install a certain application that depends on a library not found in the standard search path, so I used ldconfig -m... but after rebooting, the application can't run anymore because of the library not found. __ Do you Yahoo!? Yahoo! Small Business - Try our new Resources site http://smallbusiness.yahoo.com/resources/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Uninstalling software compiled from source
Hi, Is there a way to remove all the components of a software that was installed from its source? Make uninstall doesn't work unlike when using the ports tree. Thanks. __ Yahoo! Mail Stay connected, organized, and protected. Take the tour: http://tour.mail.yahoo.com/mailtour.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Can FreeBSD withstand this kind of network load??
Hi, Someone consulted me about building a pc router for multiple networks using a single interface card. Actually there are two, one facing a network going to the internet, and the other facing those multiple networks. The setup looks like this. There are three /24 networks, A, B, C All of these networks are private lan. However, Network A contains their servers, one of which is their internet proxy server. That proxy server is dual homed, one private, one public, which is also their passage way to the Internet. Now, the IT guy asked me if he can use a pc router so that network B and C can see network A, and make their way to the internet through the proxy server sitting on network A. I told him yes. I'm thinking of three posibilities, bridging, ip forwarding, and NAT. In his sketch, PC router has 3 interfaces, 1 facing network A, and two each facing network B and C. With this setup, since A already have a route to the Internet, we don't have to use NAT, ip forwarding will do the job. We will simply forward the request coming from each interface connected to network B and C to the interface connected to network A and then they can already see the proxy. However, he told me that network B and C in his sketch is not really their set up. It could extend to even few more networks(D, E, F, G, H). Qestion: Instead of using 6 to 8 interface cards in his pc router,(which I don't think is a good idea) can we just alias that interface, let's say it has an ip for networks B, C, D, E, F, G, H, I and then all the traffic from B-I network will pass through this interface through some sort of cascading switches and then routed will forward this to the second interface facing the A network and then every body will be happy? Or is it not feasible considering that all the traffic from 6-8 networks will only pass through a single interface considering that each network will at least have 30-50 hosts? What's even funny about this is that he brought that pc he will turn into a router in our office so that we can install freebsd-4.11 with this specs: pentium III - 500 Mhz memory 64 MB. HD 4 GB I just don't know whats wrong with his hard drive, FreeBSD panics during the installation process. I just smiled thinking, whoa!, you're building a pc router that will route hundreds of host with this specs?? I haven't really encountered this kind of setup yet, that's why I told him I will do a research on this setup. I've heard that freebsd can be configured as a web server with this specs serving hundreds of clients with just few tweekings.. What do you think with his scenario? Thanks a lot!!.:) You're the best! __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cvsup through ssh forwarding
Good day, I'm looking for some sort of way to update the ports collection in my (private-ip'd) workstation via cvsup by tunneling it through on of our public-ip'd machines. Have you ever accomplished the same thing. Isn't it that ssh forwarding requires you to supply your username and password in the remote machine such that the imap/pop polling works well through ssh tunnelling. What should I give if I am to tunnel a cvsup connection? I also came across this document which says that cvsup has already been implemented through ssh tunnelling. http://cvsweb.xfree86.org/cvsweb/cvsup/Acknowledgments?rev=1.1.1.5 Any idea? Thanks. __ Yahoo! Messenger Show us what our next emoticon should look like. Join the fun. http://www.advision.webevents.yahoo.com/emoticontest ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is this a function or a structure???(once again, a mind-boggling example from Kernighan)
Hi, On chapter 6 section 2 of The C Programming Language, the topic is Structures and Function. His very first example for this topic contains the lines of code: struct point makepoint(int x, int y) { struct point temp; temp.x = x; temp.y = y; return temp; } As I can understand it, he is trying to declare a structure of type point, and the value of that structure will be the return value of the function makepoint, or is it a function definition? Can anyone enlighten me if this is really a structure declaration or a function? If this is a structure, then there must be a definition outside the main for the function makepoint, right?Only that he didn't showed anything. But if this is already a function definition, like all of his examples before, perhaps a simple program should look like this #include... /* declare function makepoint */ /*i don't know how, do you?:) */ main() { /* call function make point and pass some arguments */ /* i'm not sure how to do this either.. help =( */ print(%d%d, newcreatedstruct.x,newlycreatedstruct.y) } struct point makepoint(int x, int y) { struct point temp; temp.x = x; temp.y = y; return temp; } My problem is how am i going to call the function makepoint. Why is there the word point in the above definition of makepoint. Another thing is the words temp.x and temp.y, if they are both members of structure temp, why didn't the author declared it first, instead he immediately initializing it to (x, y) I'm reading the Notes To accompany The C Programming Language- http://www.eskimo.com/~scs/cclass/krnotes/top.html; but it didn't help me that much in this topic. Perhaps you could. I have only 2 chapters left to read and I can't wait to reach the topics unix system calls, and sockets. But I don't want to leave this chapter floating in the air as if I've never read it. I really need all the help I can get. Thank you very much. Sincerely, jayson __ Celebrate Yahoo!'s 10th Birthday! Yahoo! Netrospective: 100 Moments of the Web http://birthday.yahoo.com/netrospective/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Word counting by Kernighan won't compile =(
Hi, Sorry for asking this question here. I just thought that this might be a platform specific issue=). I'm reading this book(The C Programming Language 2nd Edition by Brian W. Kernighan. Upon reading the book, I came up with this example code. It says, it will count the number of words, lines and characters in the command line, until I send an EOF signal. I copied it verbatim and tried compiling it with plain cc myprog.c It exited with errors: word.c: In function `main': word.c:17: error: invalid lvalue in assignment Any idea what this means? Thanks. Here's the code: #includestdio.h #define IN 1 #define OUT 0 main() { int c, nl, nw, nc, state; state = OUT; nl = nw = nc = 0; while ((c = getchar()) != EOF) { ++nc; if (c == '\n') ++nl; if (c == ' ' || c == '\n' || c = '\t') state = OUT; else if (state == OUT) { state = IN; ++nw; } } printf(%d %d %d\n, nl, nw, nc); } __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Word counting by Kernighan won't compile =(
--- Mark Jayson Alvarez [EMAIL PROTECTED] wrote: Hi, everyone! No need to answer this one. I think I know what my problem is. The book contains typographical errors such that example programs might not work if one would just copy and paste it. Particularly in the example below, the second if's third condition lacks one = sign that's why the compiler complained an error of assigning values when testing for equality is what it really wants to do. Hi, Sorry for asking this question here. I just thought that this might be a platform specific issue=). I'm reading this book(The C Programming Language 2nd Edition by Brian W. Kernighan. Upon reading the book, I came up with this example code. It says, it will count the number of words, lines and characters in the command line, until I send an EOF signal. I copied it verbatim and tried compiling it with plain cc myprog.c It exited with errors: word.c: In function `main': word.c:17: error: invalid lvalue in assignment Any idea what this means? Thanks. Here's the code: #includestdio.h #define IN 1 #define OUT 0 main() { int c, nl, nw, nc, state; state = OUT; nl = nw = nc = 0; while ((c = getchar()) != EOF) { ++nc; if (c == '\n') ++nl; if (c == ' ' || c == '\n' || c = '\t') state = OUT; else if (state == OUT) { state = IN; ++nw; } } printf(%d %d %d\n, nl, nw, nc); } __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recommended trouble ticketing system
Hi, I'm looking for a software that we can use for trouble ticketing system. We are using Open Ticket Request System(OTRS) before but my superiors, told me that I can search for another better software for this purpose. Can you suggest me some of the trouble ticketing systems you have used before aside from OTRS and if there's any problem you have encountered using it or its advantages over OTRS. I did a quick search on google and freebsd ports and found Request Tracker(RT), also Trouble Ticket System from Freshmeat, and lastly WebTTS, but I'm having a hard time deciding which one to use. Suggestions are very much welcome. Thanks! __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is there a file where I can specify the location of my header files??(like that of ld.so.hints)
Hi, I think I did something horrible with my machine. I cannot complete a make anywhere in ports. For example, I'm compiling iperf and got this error. headers.h:82:19: errno.h: No such file or directory headers.h:139:24: syslog.h: No such file or directory I used find to search for these files and I did find it. #find / -name errno.h -print /usr/include/sys/errno.h /usr/include/sys/syslog.h Whenever I'm compiling a c program, I learned that I can pass a -Idirectory to the gcc, but I don't know how to do it in ports. Is there a file where in I can specify where my include files can be found, like that of the ld-elf.so.hints and ld.so.hints that contains the directory where my libraries can be found? __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is there a file where I can specify the location of my header files??(like that of ld.so.hints)
Hi, I think I did something horrible with my machine. I cannot complete a make anywhere in ports. For example, I'm compiling iperf and got this error. headers.h:82:19: errno.h: No such file or directory headers.h:139:24: syslog.h: No such file or directory I used find to search for these files and I did find it. #find / -name errno.h -print /usr/include/sys/errno.h /usr/include/sys/syslog.h Whenever I'm compiling a c program, I learned that I can pass a -Idirectory to the gcc, but I don't know how to do it in ports. Is there a file where in I can specify where my include files can be found, like that of the ld-elf.so.hints and ld.so.hints that contains the directory where my libraries can be found? __ Do you Yahoo!? Yahoo! Mail - 250MB free storage. Do more. Manage less. http://info.mail.yahoo.com/mail_250 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Any success in extracting mpeg from a vcd?
Hi, Do you have any success extracting mpeg files from a vcd?For sure I can play them with mplayer with vcd option but I haven't had any luck extracting them. I've been trying to figure out how vcdgear(console) or vcdxrip(vcdimager) works but still no luck. Any idea how they work?? I'm using FreeBSD5.3. I have installed them from ports My cdrom drive is at /dev/acd0 Plesee... I'm begging you... pleaaaseee... I've tried various combinations of options with those programs I've mentioned above but I'm just too dumb that I can't figure out how I should be doing it. I know someday I may be able to comprehend with their manual, its just that I don't have enough time. If I don't return those vcd's to the shop, I will be paying a huge fine:(. Why does it always have to be this way? I was a long time windows user and I know its a tough decision to completely eradicate that entire partition dedicating it all to freebsd, just to be able to learn the right way how people should be using a computer. I remember one time, I have been reading the manual of ldconfig over and over again because of some program that doesn't compile not knowing where my libraries are, and I've played with various options trying to restore the hint files I've messed with only to find out that a complete reboot or just ldconfig alone will bring it back. I just can't get it. I've had a hard time trying to make my modem dial up to internet, and nearly freaked out trying to compile a new kernel with atapicam support, or even skipped a meal trying to learn the vi editor, and even messed really bad with one of our production servers at work trying to create a cvsup mirror, and worst, I even got a lot of awful response when I try to ask a simple question about running packet filter at openbsd's mailing list where a lot of them said hey, this is not linux, there's no Linux-Howto's here. RTFM! I just can't understand it. Why do people have to endure such hardships when they have other choices. What does those people from ports collection gets from maintaining such application that they barely even know if someone have ever looked at its package description. What do you get from responding to these questions. Yeah, you can laugh at me now. I'm pathetic that's it. Open Source is free and free software is good. I'm not an advocate but just a simple user trying to extract these f*ck*ng mpegs out of these damn vcds!! Tomorrow I'll be returning those vcd's to the shop with one day fine, but I won't sleep tonight till I get those mpegs written right on the very surface of my hardrive... __ Do you Yahoo!? All your favorites on one personal page Try My Yahoo! http://my.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Make fails because of missing library but I can see it's there, why???
Hi, This always happens to me whenever I'm compiling third party applications. Make fails because it says that it cannot find a certain library.. and when I try to search for that file, I usually finds it. For example, I'm compiling, nagios-plugins but it fails with this error messages: check_ldap.c:31:18: lber.h: No such file or directory check_ldap.c:32:18: ldap.h: No such file or directory but when I run: # find / -name ldap.h -print /usr/lib/ldap.h /usr/local/lib/ldap.h /usr/local/include/ldap.h noc# find / -name lber.h -print /usr/lib/lber.h /usr/local/lib/lber.h /usr/local/include/lber.h See.. it's all there! I'm thinking perhaps there's a way for me to tell a compiler that the system wide library files are found in that certain directory. Any idea?? Thanks! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Using yahoo's free SMS service for nagios and mrtg alert.
Good day! Do you know any library or module that can be use for interfacing with the yahoo's api that can send sms messages? I've seen some applications related to yahoo in the ports but I haven't tried one yet, such as libyahoo2, ari-yahoo, jabber-yahoo etc. __ Do you Yahoo!? The all-new My Yahoo! - Get yours free! http://my.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How will I rename every file in a directory to their filenames appending anything?
Example. I would want to rename every file that ends in .mp3 to their filename with appended .old. so that, test.mp3 will be renamed test.mp3.old? my initial command would then be: ls |grep mp3 |xargs -J # mv #..[this part is what trying to figure out] How will I tell the mv that its arguments would be the output of ls and append something like .old to it? ~ Thanks! __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
HELP!!!: I've accidentally deleted /dev
Hi, I was playing with file flags and decided to change the entire / hierarchy with uunlnk. After doing that, I've cd into one of my file folders and then tried rm -rf *. It says operation not permitted. It worked. The uunlnk file flag worked. So I immediately cd'd into / and tried doing the same thing(rm -rf *). It was too late when I found out the the entries in my /dev/ wasn't affected when I chflags -R /. And then all of my devices were gone. I need a serious help now. Is there a way I can bring them back? __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How come uunlnk flag doesn't permit me to check out a file from it???
Good day! I've been editing our mrtg configuration files using the Revision Control System. To edit the file, I've always check it out first and then check it back in with a '-u' option to leave a copy of the config file so that the mrtg can always find the file when it needs it.Recently, I've decided to change the flag of the RCS file(the one with the same name as the config file but ends with a ,v found inside the RCS folder I've created to uunlnk for the purpose of avoiding accidental deletion and thus keeping a copy always available in case I have accidentally deleted the config file that is being extracted from it. #cd RCS #ls -lo * #-r--r--r-- 1 root wheel uunlnk 7004 Jan 27 10:06 vis-inanna.conf,v Questions: 1. When I co -l the config file, I got a warning saying: co: RCS/vis-inanna.conf,v: Operation not permitted co: saved in RCS/,vis-inanna.conf, Why??? I mean, on a normal check out operations, 'co -l' always leave the RCS file (vis-inanna.conf,v) inside the RCS folder. How come check out won't work when uunlnk just says never delete the file I didn't delete the file. I just extracted a file (just a copy)from vis-inanna.conf,v which happens to be the config file I'm after, vis-inanna.conf After that warning, another RCS file was created with the same flag uunlnk inside the RCS folder but starts with , So now when I: #ls RCS ,vis-inanna.conf, vis-inanna.conf,v Any idea why is this happening? Thanks! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
1 cpu + 2 monitors + 2 keybord/mouse + FreeBSD, is it possible??
Hi, FreeBSD is multi-user right? I know this setup but only when other users are logging in remotely via another pc. I just want to know if it is possible for me to just buy 1 more monitor, a mouse and a keyboard and just dig a hole between my brother's room and mine and share with him my pc. I really wanted him to learn the inner workings of computer, but we cannot afford to buy another computer. Used computers are cheaper but not as cheap as just buying another used monitor and a keyboard. I've heard something like a dumb terminal but I guess it still requires another cpu. Just hoping if it's possible :( __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD ACPI shutdown -p fails on my Motherboard
Good day, I have an old Jetway Motherboard(830 CH) together with AMD Athlon 1.2 Ghz. It's currently running FreeBSD 5.3. The ACPI is already enabled in BIOS but whenever I shutdown -p now, the computer doesn't totally goes off at all, it just reboots itself. I'm thinking that the APCI interface of FreeBSD with my particular motherboard is not working very well(it works well in my office workstation). Do you know any kernel tweek that can help me get around with this situation. Because I'm having a hard time turning my computer back on whenever I presses the power button during a reboot by Freebsd and I would have to turn the power on and off for quite some times just to be able to boot it to normal again. __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Is this new hard drive going to be useless with freebsd?
Good day, I currently have this setup at home and its working fine with FreeBSD 4.10. Motherboard: Jetway 830CH Hard Drive: 10 Gb Samsung Video Card: SiS on-board Processor:AMD Athlon 1200 Mhz (this is not an Athlon XP) Memory: 256 mb PC100 SDRAM I bought a new 80 Gb Seagate 7200 rpm Hard Drive and installed it on the primary master my pc. The access mode for my hard drive Primary Master: ST380011A in BIOS which shows these choices is set to Auto: CHS LBA Large Auto I boot into FreeBSD 5.3 cd and proceed with the installation. Some time after choosing the X-User in the installation method, it ended up failing to install some packages(perl and xorg). Still, it says, Congratulations... FreeBSD is now installed... (and I'm really hoping that nothing went wrong with the base system, and thinking to just install perl and xorg later). I removed the cd, and boot the pc. The kernel boots silently until this error message showed up: ad0 Warning_Read_DMA UDMA ICRC error(retrying request) LBA=1518639 ad0: Failure_Read_DMA status=51READY,DSC,ERROR error=84 ICRC, ABORTED LBA=1518639 spec_getpages:(ad0s1a) I/O read failure:(error=5) bp0xc65fe2ec vp0xc16f7d68 size: 32768,resid:32768,a_count:37268, valid: 0x0 nread:0, reqpage:7, pindex:61, pcount:8 vm_fault:pager read error, pid 55(sh) pid 55(sh),uid 0:exited on signal 11 Dec 24 17:28:39 init: /bin/sh on /etc/rc terminated abnormally, going to single user mode Enter full pathname of shell or RETURN for /bin/sh: After pressing return key, the same error message appeared. I tried reinstalling it again but this time, I selected LBA access mode in BIOS. I also choose minimal installation. It successfully installed withouth any package extraction or cd read error problem. Again, I removed the cd, rebooted the pc praying that this time I will be able to see some login prompt... then waiting... and waiting... and then.. Grrr!! Waaa! ad0 Warning_Read_DMA UDMA ICRC error(retrying request) LBA=1518639 ad0: Failure_Read_DMA status=51READY,DSC,ERROR error=84 ICRC, ABORTED LBA=1518639 spec_getpages:(ad0s1a) I/O read failure:(error=5) bp0xc65fe2ec vp0xc16f7d68 size: 32768,resid:32768,a_count:37268, valid: 0x0 nread:0, reqpage:7, pindex:61, pcount:8 vm_fault:pager read error, pid 55(sh) pid 55(sh),uid 0:exited on signal 11 Dec 24 17:28:39 init: /bin/sh on /etc/rc terminated abnormally, going to single user mode Enter full pathname of shell or RETURN for /bin/sh: Do you know what's causing this problem. I'm thinking maybe my new hard drive is not compatible with my other pc peripherals (because I have 5.3 running on the same hard drive specs in my office workstation but together with a newer board and processor). I haven't tried installing FreeBSD 4.10 on it yet, because I'm really looking forward to using 5.3. I really need some good advice here. I can't afford to upgrade the rest of my pc because its like a chain reaction, once I upgrade the board..., the processor, memory and video card shall have to be upgraded too due to compatibility issues. Any cheeper idea? Thank you very much for any advice. I'm really hoping to be able to use my new hard drive soon. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
3com 3c2000-T gigabyte ethernet support fbsd410
I think this has been asked in this list before, I've found it at the archive but there's no useful reply. Is 3com 3c2000-T gigabyte ethernet card supported on freebsd 4.10? If so, what's the driver? Thanks... - Do you Yahoo!? Yahoo! Mail - Easier than ever with enhanced search. Learn more. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Shell hacker and freebsd booting experts, I need some serious investigation regarding cups.sh
Good day, I found out this very weired experience on freebsd(4.10, 5.3) booting process one time when I was using my home pc. I've installed cups and renamed the cups.sh.sample to cups.sh to be able to run it at boot time. I have successfully set up my printer and be able to print some test page. Now, what bothers me most is that, each time I try to cancel the loading of shell scripts residing in /usr/local/etc/rc.d, particularly the cups.sh which I'm sure is causing the trouble, the computer starts to halt or shutdown just right when I'm about to type my username at the login prompt. Do you know what causes this problem? I'm thinking perhaps there's a bug in the cups.sh script that makes the computer halt if the script is cancelled while being read. I've tried it at work with my (5.3) workstation but then the same problem occurs. Try it yourself and I bet you'll experience the same thing. I haven't put any script to run inside the rc.d other than that of the cups.sh which was put by the cups installation process and other applications I've installed(kdelibs.sh..etc.). This is weired. Happens both on FreeBSD 4.10 and 5.3, only after installing cups. Any idea? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CVSUP Routing question
Good day! Is it possible to tell cvsup to use another machine's global access in fetching the freebsd source updates?? Here's my office workstation setup: (private ip) (pri/pub ip) (all public) workstation router proxy server---internet mail server web server In short, I have a private ip workstation, I can reach the internet through our proxy server via a dual homed router. The proxy server, of course has a globally routable ip. The proxy server can run cvsup without any problem. I have a priviledge account at the proxy server. Now what I want to do is run cvsup in my workstation(private ip) but tell the cvsup to go through the router... and then go through the proxy.. and then tell the proxy to forward the cvsup to the internet(freebsd cvsup server) and then return the fetched files back through the router... then back to my workstation.. and make me live happily ever after.. Is it possible? I find the ssh tunneling with the -R option somewhat close to what I'm trying to accomplish. I've used the -R option in ssh'ing from the outside( public ip machine) to my office workstation(with private ip) through one of our publicly routable server machines) but I don't really think it has some relevance with what I would want to accomplish above. I need to update our private LAN workstations using CVSUP but I don't know how exactly will I do it. Any idea? Thanks Friend, You're the best!! __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Why can't I mount a Video CD in FreeBSD??
--- James Hong [EMAIL PROTECTED] wrote: isnt VCD another CDFS with MPG1 DAT files ? According to the some people here, VCD isn't really a file system. I don't know what Windows did to make it visible in their file Explorer. The actual video file seems to be located at cdrom:\mpeg\avseq(n).dat Why wouldnt it mount ? I don't know, that's why I'm asking.=)Why?, Have you tried it already? damaged CD ? The movie played well in our VCD player. or are we talking about different VCD ? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adam Fabian Sent: Thursday, November 25, 2004 1:58 PM To: Mark Jayson Alvarez Cc: [EMAIL PROTECTED] Subject: Re: Why can't I mount a Video CD in FreeBSD?? On Wed, Nov 24, 2004 at 05:40:09PM -0800, Mark Jayson Alvarez wrote: Good day! I'm getting an error whenever I mount a video cd. I can't remember the error right now because I already brought it back to the rental shop (its already overdue). I was also told by my friend that he too can't mount a video cd in his linux box. Do you happen to know why? A video CD does not have a filesystem, therefore it can't be mounted. You may be able to play it with the appropriate program, or extract the video data to files. -- Adam Fabian ([EMAIL PROTECTED]) ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
This is a cool shell prompt question
Good day! I'm just wondrin if its possible for me to run applications at boot time but on another terminal. I find it cool to have a huge digital clock (grdc) running on background so that I can just shift to another terminal whenever I want to know the time. Actually, all I really want is a clock that is continuously ticking whatever I may be doing(in terminal window). I've already learned how to set my prompt to multiple lines and also displaying my current working directory. But now, I want it even more informative displaying a ticking digital clock in my shell prompt like the one i'm seeing in my kde system tray right now. Is it possible?. Thanks. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Why can't I mount a Video CD in FreeBSD??
Good day! I'm getting an error whenever I mount a video cd. I can't remember the error right now because I already brought it back to the rental shop (its already overdue). I was also told by my friend that he too can't mount a video cd in his linux box. Do you happen to know why? Thanks. __ Do you Yahoo!? All your favorites on one personal page Try My Yahoo! http://my.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Why does qmake port still needs qt source when I already have qt installed?
Good day! Upon learning the instruction on http://www.linuxgazette.com/node/view/9553 on creating a simple qt hello world program, I fired up my konsole and issued qmake in the directory of myfirstqt.pro I received this error message: QMAKESPEC has not been set, so configuration cannot be deduced. Error processing project file: /home/matato/files/documents/qt/progs/myfirstqt.pro Do you know what this error is all about? The instruction in that site tells that All these steps are tested on a Fedora Core 2 machine with Qt 3.3.2 and KDE 3.2 so I'm just wondring if it has something to do with doing it in FreeBSD 5.3. My qmake version is 3.3.3 and qt 3.3.3 and kde 3.3.1 And one last thing. When I found out that I haven't installed qmake, I cd to /usr/ports/devel/qmake and make install it without any args. But to my surprise, it is downloading the source of qt(qt-x11-free-3.3.3.tar.bz2) when I know that qt is already included in my kde installation. I pkg_info |grep qt to make sure. qt-3.3.3_1 Multiplatform C++ application framework ...but why?? Thanks for any input. A good qt programming link is also welcome=) __ Do you Yahoo!? All your favorites on one personal page Try My Yahoo! http://my.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
nfs server pid310 not responding --- why does this line appear continuesly???
Good day! I don't know what have I done with my machine. I haven't enabled the nfs server or anything that has to do with nfs but why does these line continuesly appearing in my terminal?? Any idea?? My machine's hostname is layline and i'm running 5.3-release. Here are the lines: date time layline kernel: nfs server [EMAIL PROTECTED]:/host: not responding date time layline kernel: nfs server [EMAIL PROTECTED]:/net: not responding __ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Question regarding X windows client-server implementation
Good day! Something is bothering me for so long regarding the X windows client-server architecture. First of all, I know that X server(eg; xorg) manages my monitor, keyboard, mouse and video card. And also, the clients are those applications that I run (eg, kde, mozilla). Since I ran them both(xserver,x clients) on only one pc(my workstation), that would be very simple and fine for me. But then I'm confused by the fact that I can let my x clients connect to a remote x server,(eg, on a LAN). How can that be? For example, I'm looking at my monitor right now.. And then there is this xorg installed on another pc beside me. Now what I'm thinking is that the xorg installed on another pc, knows the specs of my monitor and graphics card and then I will authenticate my self to it remotely.. then what? the x server will manage my monitor and keyboard inputs remotely??? And here's another scenario which I'm thinking of.. I have a workstation but its mouse, keyboard and monitor is connected to a remote machine running x server via a very very long monitor and keyboard cable(hmm.. haven't seen anything that long). Aaaah! I really can't get it.. Could you enlighten me please. The handbook lacks this details. I'm thinking perhaps it's because that section in the handbook is for a typical user with standalone workstation and not for an implementation of x window client-server on a network. I just wanted to try this setup and many other interesting things in FreeBSD with my officemate. I hope you could help me. Thanks a lot and have a nice day! __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
What is the best way to obtain an exact copy download?--wrong md5 after downloading 5.3dsc1,2=(
Good day! After downloading disc1 and disc2 of freebsd 5.3, my boss told me to verify the download using md5. And to my surprise, none of those two iso's have the same md5 as that of the md5 written in CHECKSUM.md5. This is the first time I ever use the md5 and for so long, I didn't bother doing so with every huge download I make. But then the previous cd's works fine. My boss told me that if I continue to burn those ISO's, somewhere within the disc, there's a broken file and I'm gonna have a problem for sure. He also told me that there are a lot of factors behind this.. Question: On the middle of my download, how will I know if I'm still downloading the correct file, that no packet is being dropped and that I will end up in a perfect mirror file download? Do you know any downloading tool that will do just like this? Earlier, I just used the konqueror when I downloaded those ISO's. Is it really that hard to download? We're using E1 modems and our internet connection is quite fast. I'm just thinking, we are still lucky because of this. But how about those people with low bandwidth internet connection? Do they have a choice? How about the fetch(1) program? How accurate is it? Thanks. __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
How can I specify the ipaddress in smbfs entry in fstab?
Good day! I wanted to mount our samba server whenever my computer boots so I added an entry in fstab like this mountpt //[EMAIL PROTECTED]/mp3s /mp3 but I have no idea how will I specify the ip address of the server. using the mount_smbfs, I can mount it by providing the -I ipaddress option. Do you know how will I tell the fstab to add that information? I've been reading the fstab manpages and also the mount_smbfs but nothing helps. I've also edited /etc/nsmb.conf and added the some entries according to instructions but it still won't work. I mounted it manually by issuing: $mount /mp3 and I get this error: smbfs: can't get server address: syserr = Operation timed out Is there any shell environment variable where I can set this value? Thanks a lot for your time! __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How can I specify the ipaddress in smbfs entry in fstab?
--- albi [EMAIL PROTECTED] wrote: hi, mountpt //[EMAIL PROTECTED]/mp3s /mp3 you can probably use e.g. //[EMAIL PROTECTED]/mp3s /mp3 It still doesn't work. I remember mounting it manually using the command mount_smbfs -I ipaddress //[EMAIL PROTECTED]/mp3s /mtpoint I don't think substituting ipaddress(eg, 10.1.1.1) for samba in [EMAIL PROTECTED] will make any sense because I still have to specify its IP address using the -I option whenever I mount it manually. in your /etc/fstab, but of course you can also add your samba-server in /etc/hosts tried it also, but didn't work. Anymore idea? thanks. __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CTM first time user needs your help
Good day, I have a workstation at office but I can only access the internet through our proxy server. Someone in this list have the same situation which was told to use CTM. I'm currently using 5.3RC1 and would want to keep in sync with the latest sources of 5.3 and recompile my system. I already have the sources and just want to update it. Upon reading the instructions I went to ftp.freebsd.org/pub/FreeBSD/CTM and found these directories: cvs-cur ports-cur src3-cur src4-cur src5-cur src-cur Here are what confuses me: 1. First, if I choose to enter the src5-cur directory above, which file would I pick, the last/latest one dated NOV 1? 2. What are those gzipped files and why are those older files still exists? 3. Another thing is I can't really understand how the CTM process works. Mind if you give me some brief insight on how I will be able to get the latest sources? I'm thinking perhaps its like the bittorrent system wherein the torrent file contains the information where to get the files. How about the CTM? Thanks a lot for your time and have a nice day! __ Do you Yahoo!? Check out the new Yahoo! Front Page. www.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]