Re: Testing a DHCP server without jeopardizing my IP configuration?
On 5/30/05, Rob [EMAIL PROTECTED] wrote: Is there a way to test the DHCP server, without running dhclient and thus without losing my FreeBSD system's IP configuration? I'm just throwing a random idea out here, I have no clue if it'd actually work, but what about putting an alias in your rc.conf and setting it to pull its IP from DHCP? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipf + ipfw + divert = no go
On 5/24/05, Chris Knipe [EMAIL PROTECTED] wrote: Hi, Quick question... dmesg: IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 1024 packets/entry by default Why are you running IPFW and IPF? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf + squid
On 5/18/05, Greg Donald [EMAIL PROTECTED] wrote: I am following this howto: http://www.benzedrine.cx/transquid.html I added pf and pflog to my kernel. After rebooting I did chgrp squid /dev/pf and chmod g+rw /dev/pf. I also restarted squid several times. When I try to access a remote web server it times out. I'm not getting any errors in /var/log/pflog or /var/log/messages. My config files look like this: cat /etc/pf.conf |grep -v ^# ext_if=dc0# replace with actual external interface name i.e., dc0 int_if=dc1# replace with actual internal interface name i.e., dc1 internal_net=10.0.0.1/8 external_addr=24.159.59.97 rdr on $int_if inet proto tcp from any to any port www - 127.0.0.1 port 3128 pass in on $int_if inet proto tcp from any to 127.0.0.1 port 3128 keep state pass out on $ext_if inet proto tcp from any to any port www keep state cat /usr/local/etc/squid/squid.conf |grep -v ^# acl all src 0.0.0.0/0.0.0.0 acl our_networks src 10.0.0.0/8 acl to_localhost dst 127.0.0.0/8 http_port 127.0.0.1:3128 http_access deny to_localhost http_access allow our_networks visible_hostname gateway.localdomain httpd_accel_host virtual httpd_accel_port 80 httpd_accel_with_proxy on httpd_accel_uses_host_header on I am using ipfw to create my NAT, I don't know if that matters, but here are my config files for that as well: cat /etc/rc.firewall |grep -v ^# ipfw -f flush ipfw pipe 10 config bw 12KBytes/s ipfw add 50 pipe 10 ip from 10.0.0.2 to any via dc1 ipfw pipe 11 config bw 24KBytes/s ipfw add 51 pipe 11 ip from 10.0.0.3 to any via dc1 ipfw pipe 12 config bw 12KBytes/s ipfw add 52 pipe 12 ip from 10.0.0.4 to any via dc1 ipfw pipe 13 config bw 64KBytes/s ipfw add 53 pipe 13 ip from any to 10.0.0.4 via dc1 ipfw add 200 pass all from any to any via lo0 ipfw add 201 deny ip from any to 127.0.0.0/8 ipfw add 500 divert natd all from any to any via dc0 cat /etc/natd.conf |grep -v ^# interface dc0 dynamic use_sockets unregistered_only punch_fw 2000:50 redirect_port tcp 10.0.0.2:20-21 20-21 redirect_port tcp 10.0.0.2:22 22 redirect_port tcp 10.0.0.2:80 80 redirect_port tcp 10.0.0.2:113 113 redirect_port tcp 10.0.0.2: redirect_port tcp 10.0.0.2:2010-2020 2010-2020 Any ideas? TIA. -- Greg Donald Zend Certified Engineer http://destiney.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Why are you using IPFW and PF? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf + squid
Guess I better go ahead and ask now, is it ok to use natd with pf? PF does NAT for you, in one line. I hope you're not using natd, ipfw, and pf http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html Read it, choose one. I use PF myself. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh to new ip...
Hi, I'm moving my new freebsd 5.3 box to a new static ip address and I'm worried that once I put it at the isp, I won't be able to ssh to it or anything. Right now it's still at home and has dhcp. I'm not able to ssh from my windoze box over to it thru my router. I'm getting a connection refused error. Trying to ssh from another box on the net isn't successful either. The operation times out. I am able to ssh to that address from the box itself tho. Is this a firewall issue or maybe more of a thing with my dhcp provider? How can I tell? Ignorance prevails in this posting. I love derogatory references to software vendors. Never-the-less, DHCP has nothing to do with port redirection commonly, and I highly doubt it has anything to do with this one. Try opening your Linksys/Dlink/etc. SoHo router via HTTP in your favorite browser, and forwarding port 22 or whatever your SSH port of choice is, to your FreeBSD box. I imagine your setup is something like this. Internet - Router - LAN (Windows, FreeBSD, etc.) You have to forward the port from the Internet, through your router, and into a local box on your LAN. You could also edit the DMZ setting on your router so that the FreeBSD box, or perhaps any other box on your LAN receives all ports automatically. Lastly: How can I tell? See that blue/grey box connected to your modem? Your ISP will tell you the exact same thing. It's a configuration issue on your end, since you're using a router. I'd suggest some RTFM'ing. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD or NetBSD on older hardware (MMX)
On 5/16/05, FreeBSD MailingLists [EMAIL PROTECTED] wrote: I fished out an old laptop out of my closet. It is a Pentium 233 MMX w/ 64MB Ram and 12G HD I am thinking about setting up a small station for browsing the web. Which would perform better on such a system? FreeBSD or NetBSD? I know that this is a mailing list for FreeBSD users, but I am hoping that you will be objective and give me a suggestion based purely on performance. Thank you, Tomoki Taniguchi Hell, put Windows NT4 on it. It's all the same. If you're not doing anything special on it, it doesn't really matter imo. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: lnc0: Missed packet -- no receive buffer
Fafa Hafiz Krantz Research Designer @ http://www.home.no/barbershop Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf it's people invading your privacy - why do you keep posting to this list? He has to bring us enlightenment of course, silly! In another topic he acknowledged the fact that Fafa isn't his name, nor anyone related to him, but the name of someone that was threatened publicly(?) and so he is using the name out of rebellion perhaps? Either way I think Fafa is a fool. lnc0 is a secret FreeBSD insurgency tool designed to destroy your motherdisk and download your ram 1 kb at a time. The world is coming to an end Fafa! - On the serious side: http://www.google.com/search?sourceid=navclientie=UTF-8rls=GGLD,GGLD:2004-30,GGLD:enq=missed+packet+receive+buffer+full The very first link explains what the missed packet means. The receive buffer on the card is well, self explanatory full. I would suggest purchasing a better NIC, or doing some research into tuning your system, TCP window size etc., although from what limited googling I did, that doesn't look to be easily accomplishible, and the NIC FIFO will still fill. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: two ISP connections, three nics, and a NAT
I have two ISP connections, a DSL line and a Cable Modem line. I want to plug both connections into a FreeBSD box that has three nics in it, one nic for each ISP connection and the last nic for my NAT. How can I bind the connections together without any other sort of router? I've used ipfw a bit over the past couple of years, and I've got a basic NAT working for the other LAN PCs. I can't seem to find any docs on how to proceed with two connections however. I've got two connections for the sake of failover but it'd be nice to actually use both of them instead of one or the other sitting idle all the time. Would it be as simple as adding a static route from each connection to the other? PF is wonderful for this. I manage a router with 3 DSL Circuits and have PF setup to round-robin between them. The configuration is fairly simple, and I can provide my pf.conf if you'd like for some clarification on how to go about doing it. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: two ISP connections, three nics, and a NAT
On 5/12/05, Alex Zbyslaw [EMAIL PROTECTED] wrote:
Tomas Quintero wrote:
PF is wonderful for this. I manage a router with 3 DSL Circuits and
have PF setup to round-robin between them. The configuration is fairly
simple, and I can provide my pf.conf if you'd like for some
clarification on how to go about doing it.
I'd be interested to see how it's done. I don't have any experience of PF
(just IPFW) and seeing good, working examples always helps in understanding
new stuff. If you would forward me a copy, I'd be grateful, and it's the
kind of resource it's nice to run across when searching archives, if you're
prepared to post it to the list.
Best,
--Alex
I got two emails back for it, including Alex's, so I'll go ahead and
post the config for the list. The setup is for a Game/LAN center, so
we're pretty lenient on what goes out, which is why I haven't setup an
inclusive firewall block list. Anyways here is the config. There are
currently two of the three circuits going through it, however it would
be as simple as adding the third iface name to th the ext_ifs macro to
enable it.
If there are any questions on any part of the setup, feel free to ask.
### MACROS AND TABLES ###
# interfaces
ext_ifc1=rl0
ext_ifc2=xl0
ext_ifs={ $ext_ifc1 $ext_ifc2 }
int_if=rl2
# single ips
ext_c1ip=( $ext_ifc1 )
ext_c2ip=( $ext_ifc2 )
ext_ips={ $ext_ifc1 $ext_ifc2 }
ext_firstips=( $ext_ifc1:0 $ext_ifc2:0 )
int_ip=( $int_if )
# networks
int_net=( $int_if:network )
### OPTIONS ###
# rule: about 1000 states per 1MB of ram, and we have 1GB of ram
set limit states 50
# normal timeouts for everything, aggressive would mitigate ddos
attacks, however could timeout valid connections too soon
set optimization normal
# silently drop all packets matching a block rule
set block-policy drop
# we don't want to do any filtering on lo0, nothing gets here except
what we explicitly put there
#set skip will be commented until implemented
#set skip on lo0
### TRAFFIC NORMALIZATION ###
# might break games, commented out now
#scrub in all no-df random-id fragment reassemble
### QUEUEING ###
### TRANSLATION ###
# nat all outbound with all our ips
nat on $ext_ifs inet from $int_net to any - $ext_ips round-robin sticky-address
# make any ftp stuff use our ftp proxy
rdr on $int_if inet proto tcp from $int_net to any port ftp -
127.0.0.1 port 8021
### PACKET FILTERING ###
# default policy
block in log all
pass out all modulate state
# allow internal traffic to flow freely
pass in quick on $int_if inet from $int_net to any modulate state
# allow ssh inbound
pass in quick on $ext_ifs inet proto tcp from any to $ext_ips port ssh
flags S/FSRPA modulate state
--
-Tomas Quintero
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Redirect *:port to ip:port on the same machine?
On 5/11/05, Andrew P. [EMAIL PROTECTED] wrote: Hello! I have a program that binds to ip:port. What are my options, if I want it to listen on all interfaces (*:port)? Let's say reconfiguring the program and/or running one instance per interface is not possible. I've got ipfw as a firewall. Thanks! Andrew P. In something like PF, for instance I have FTP connections forwarding to FTP-Proxy locally so I use a line like: rdr on $int_if inet proto tcp from $int_net to any port ftp - 127.0.0.1 port 8021 I have no idea how you would write that for IPFW however. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: partnership proposition
Good morning, I take the liberty of sending you this e-mail, because I developed a site of programming and scripting. To date, I shall possibly be able to participate with you in project, and even give you of the space on my server. In fact, I wanted to know if a partnership with us, you will suit? You will find the link mentioned below leading you on the site. I thank you, Warmly, Zargone My Money says, and that is without dignifying your more than likely spam link with a click, that the FreeBSD Project has enough contributors, and plenty of diskspace for their website. I'm sure they thank you, warmly. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BAD SU
On 5/10/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: But user victor it's me! I mean I have only root and a user victor (belonging to the group wheel too!) with no special privileges... Could the cause of that warning be the fact that - in view of the long time required for the compilation - I opened a new console as user 'victor' and then failed the su command having provided the wrong password? Vittorio Correct, if you typed the wrong password, it would print that message. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mailinglist privacy: MY NAME ALL OVER GOOGLE!
I'm sorry but doesn't this discussion belong on another list? Maybe -chat? I dunno, surely it seems like it isn't related to any FreeBSD technical related content. This is worse than Theo spouting off about his next spam campaign. Top Posting for a Reason. On 5/8/05, Anthony Atkielski [EMAIL PROTECTED] wrote: Ted Mittelstaedt writes: No, Chris, we don't want to do that. If you put any kind of message like that on the website you are then implying that the users have copyrights in the first place on postings that they put on the mailing list. It's better than being successfully sued or prosecuted for infringement. There can be little doubt that posts are indeed protected by copyright, as they fall within the scope of materials that are so protected. The only question is the degree to which this copyright can be successfully enforced. However, successful enforcement of a law isn't necessary to make the law valid, especially in torts. Since what law there is supports the opposite assumption - that the poster has no copyright on the post made in this forum - you are far better legally by NOT putting such a disclaimer. Which law supports that? It is kind of like if you walk into a restaurant and pick up a fork and stab yourself, then sue the restaurant claiming that they are negligent in not warning you that their forks are sharp. Today you don't see warning labels on forks because the law presumes that a fork is supposed to be sharp, and it presumes that anyone of legal age to enter a restaurant would know this. What is the minimum legal age to enter a restaurant? If restaurants all started slapping warning labels on their forks then they would create a presumption that a normal fork is dull, and that the sharp kind is unexpected. Yes, but then they couldn't be sued successfully any more. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Want a logo competition? Do it properly.
I really must say that Fafa is a useless troll. He requests his name not be on any mailing lists, yet acknowledges that it infact isn't even his/her name, and continues to mail the lists. Topposting hurray. On 5/7/05, Fafa Hafiz Krantz [EMAIL PROTECTED] wrote: I recall hearing of an announcement to comitters list that they'd get a vote. - though that's not on http://logo-contest.freebsd.org/announce.txt Now we are talking :) They've certainly earned it. Yes. Uhuh! Ain't nothing wrong with that. -- Fafa Hafiz Krantz Research Designer @ http://www.home.no/barbershop Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf -- ___ Sign-up for Ads Free at Mail.com http://promo.mail.com/adsfreejump.htm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mailinglist privacy: MY NAME ALL OVER GOOGLE!
On 5/6/05, Fafa Hafiz Krantz [EMAIL PROTECTED] wrote: Hello. I have a big problem. My privacy has been violated. I had no idea when I first started writing posts to the FreeBSD mailinglist that it would be archived, let alone indexed by Google so that the world can spy on my words. Can the FreeBSD mailinglist administrators change my name and e-mails, or delete my posts, if I can prove that I wrote them? Thanks. -- Fafa Hafiz Krantz Research Designer @ http://www.home.no/barbershop Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf -- Results 1 - 10 of about 57 for Fafa Hafiz Krantz. (0.23 seconds) Results 1 - 10 of about 175,000 for Tomas Quintero. (0.33 seconds) If only I was all of them. Point being, you're gonna make it, you'll survive. Enjoy the publicity, I'm sure you'll have the tabloids calling to ask who The GREAT FAFA is. I'm kinda forced to laugh about people suggesting the use of DMCA and other copyright laws/methods to force Fafa to disappear off the face of google. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Want a logo competition? Do it properly.
On 5/6/05, Fafa Hafiz Krantz [EMAIL PROTECTED] wrote: Hey! I believe that the FreeBSD Project -- representing an open and democratic rule and not a totalitarian power -- should allow its users to decide what logo would be best suited. Hence, it would be in the best interest for the future of this project to put all logo submissions up for public display. This display should be complimented by a voting system. It is very important to get things right from the start. Look at the NetBSD Project and their new logo for instance. The public expressed great discontent about it, but only after the logo had sunken deep into the cycles of production and the mentalities of its contributors. Even though designers do this for free (and I am sure most act out of their love for the system and not because of the reward), the framework of their profession should still apply. That is, a contract protecting their rights from malicious intentions. The FreeBSD Project should acknowledge that the elected designer is entitled some say in the redesign of FreeBSD's website. Its coders would most likely not know the first thing about design, and hence compromise FreeBSD's image and its potential as conceived by the designer. If the website design also should be staged as a competition, it would be in the best interest of the project to let the identity designer cooperate with the website designer on the final outcome. We all want what is best for FreeBSD. Having said that, there should be no reason to fight over this. A working design contract in need of modification: http://www.aiga.org/resources/Content/1/4/6/documents/AIGA_contract.pdf -- Fafa Hafiz Krantz Research Designer @ http://www.bleed.no Enlightened @ http://www.home.no/barbershop/smart/sharon.pdf http://marc.theaimsgroup.com/?l=freebsd-questionsm=111537599232346w=2 I would refer you to this address Fafa, prior to posting on the lists continually. http://marc.theaimsgroup.com/?t=11153760591r=1w=2 Perhaps that one, for the entire story. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mailinglist privacy: MY NAME ALL OVER GOOGLE!
On 5/6/05, Anthony Atkielski [EMAIL PROTECTED] wrote: Roland Smith writes: Subscribing to a list means that you give permission for your messages to be sent to all subscribers. Any one of those could save the messages, creating an archive. So posting to the list implies permission for archival. It doesn't give permission to make the archive publicly accessible. -- Anthony Theres just one more big problem with this, and all the DMCA stuff. I don't think Fafa is in America. I don't think he'd be a US Citizen either. Fafa, can you claim otherwise? I mean all indications in his sig hint towards him being a citizen of another country. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD ip alias
On 5/6/05, sn1tch [EMAIL PROTECTED] wrote: I have an issue that is driving me mad, it may be something simple that I am overlooking but any insight would be great. I have a freebsd machine with 2 nics and one being used. The first has 2 ip addresses, one of them via alias. I have BIND listening x.x.x.19 and regular operations on x.x.x.18. My problem is that apache wants to listen on both IPs and I dont want someone being able to point their browser at the ns1.domain.com and see a web page, so how do i get apache to stop listening on this IP. I have tried binding it to the .18 address and even setting Listen x.x.x.18:80 but it still wants to go to the main apache TLS/SSL has been installed page when i point it at x.x.x.19. Any thoughts as to what I might be doing wrong? Are you using Virtual Hosts? Have you actually tried restarting Apache since you editted the Listen line? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Clock running fast
On 5/4/05, Ryan Winograd [EMAIL PROTECTED] wrote: Hi all, I recently noticed that the system clock on a machine i recently set up is running very quickly, about 2x realtime by my measuring. What can i do to solve/investigate this problem? What information would be helpful? Thanks, Ryan Have you considered running an ntp service on the box? I run OpenNTPd on a few of my systems and it seems to work quite well. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Multiple routes
On 5/3/05, Andrei Iarus [EMAIL PROTECTED] wrote: How can I have multiple gateways, and, all the packets to be sent using all the gateways simultaneously under FreeBSD 4.11? Is this possible only modyfing the kernel? :) Thank you very much for your help. Under 5.3-RELEASE I have 3 DSL connections set to round-robin using PF. Under 4.11 I had used IPF and IPNAT and had half of the net range set to utilize one gateway, the other half to use another. I find the PF round-robin solution to be much more effective. I am unsure if you can use IPF/IPFW to round-robin nat, at least as easily as PF. In short though, you won't need to modify your kernel, short of including whichever firewall module you choose to utilize. I'm curious, when you say simultaneously, do you mean you want the same duplicated data to be sent out all of your gateways at the same time? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: wifi limited to 180KBps
On 4/29/05, Chris Richards [EMAIL PROTECTED] wrote: Hi Everyone, I have installed a Netgear 802.11b (MA311) PCI card into my freebsd box but I can't get it to transfer data faster than 180KBps in either direction. I have tried the card in 2 freebsd boxes one running 5.1 Release and the other 5.4 Stable, no difference. I also ran trafshow on wi0 and the traffic looks to come in bursts. I have included my config below, can anyone see a problem? Thank you. -Chris Have you considered the possibility that it's because you are running 802.11b, which is stuck at 11Mbps. Rough math puts that at 1MB/s. Rougher math says after overhead etc., perhaps theres a large CONCRETE wall between yourself and the WAP. All things to consider. I haven't ever used wireless on anything other than my laptop, but I do notice this TX rate (selection):[ 11 ] TX rate (actual speed): [ 2 ] Could that be assumed to be 11Mbps selected, and 2Mbps actual speed. Again after rough math, 2Mbps would equate to around 200KB/s, or in your case 180KB/s. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: test test test
On 4/28/05, Chris [EMAIL PROTECTED] wrote: Carpenter, Rohan S wrote: test test test test --- test tets test test Rohan Carpenter Information Security Analyst EDS - Navy Marine Corp Intranet (NMCI) MS-Bldg 87, 300 Lexington Blvd Honolulu, HI 96818 * Phone: 808-356-6308 - IA watch * Phone: 808-356-6000 (ext 7505) - direct line * mailto:[EMAIL PROTECTED] *Sigh* Some users just don't have a clue - do they. -- Best regards, Chris The light at the end of the tunnel can be a helluva nuisance, especially if your're using the tunnel as a darkroom. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Wow I'm very glad you brought this constructive piece of information to the group. Thank you for sharing. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: pf's ftp-proxy outside inetd (with pure-ftpd)
On 4/28/05, Fafa Diliha Romanova [EMAIL PROTECTED] wrote: i am trying to disable inetd. Why? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Connecting to the Internet
On 4/25/05, Broming plutonium [EMAIL PROTECTED] wrote: Firstly, by telling the DHCP server to assign a static-IP address to a specific system on the network, what sort of DHCP server are you speaking of. Are you asking about your ISPs DHCP, a Linksys/Dlink/other SOHO DHCP device, or are you attempting to setup your own internal DHCP server such as ISC-DHCP for your LAN. Sorry--my DHCP server is a Linksys router which is supposed to assign an internal IP address automatically, whenever a computer asks for it. Secondly, the quick and easy way to change around things so that sl0 pulls an IP is to run /stand/sysinstall and reconfigure your Network Interfaces. Umm...how do I do that again? Do I just go to /stand/sysinstall, click on Index, and click on Network Interfaces? What do I put down for the host and domain? The host is the computer name, I suppose, but I don't think I assigned my LAN a domain. I accidentally put something for the domain, and now I can't erase it because whenever I leave a textbox my computer automatically refills it with what I wrote earlier. In fact, I can't change any settings because it will refill itself whenever I try to. You could also edit rc.conf manually and set up the sl0 interface that way, to either pull a static or dynamic IP. I tried that a minute ago, but it only got me into even deeper trouble. I'm so careless that I forgot to put a quote, and now my computer wouldn't boot properly. It only allows me to log on as a single user, and has # thing instead of $ or computername: How do I open a text editor to edit the rc.conf file while I'm not logged in (I don't think so), and while every command has # in front of it? vi wouldn't work, and view and ex don't work either. I also have a copy of the original rc.conf file; how do I dump the data into the current rc.conf file which is driving me crazy because I made an error in it? Is sl0 internal or external? Is the FreeBSD box going to NAT for your second computer? I don't know--I think sl0 is the network card, and if I'm right it's internal. Also, I'll be 80 when I even dare to think about making FreeBSD NAT for my other computer. My Linksys router is the NAT router for all my computers. Tomas Quintero [EMAIL PROTECTED] wrote: On 4/25/05, Broming plutonium wrote: Hello everyone...for the first time. I have two computers. I very recently installed FreeBSD on my first computer because the operating system it used to have, Microsoft Windows, was infected by so many viruses that my computer took a million years to open a program. I've only had 2 days of experience with FreeBSD, so I don't know anything about it. How do I connect it to the Internet using Ethernet? My computer seemed to be telling me it had three network interfaces. I'm guessing that the ones called plip0 and ppp0 are all wrong; sl0 is the right one. FreeBSD tries to establish an Internet connection on plip0 every time it boots. How do I change that to sl0? How do I tell it to tell DHCP server to assign IP address xxx.xxx.xxx.xxx on subnet mask xxx.xxx.xxx.xxx USING the sl0 network interface? What do I have to do to establish an Internet connection? Any help would be appreciated. Thanks! Firstly, by telling the DHCP server to assign a static-IP address to a specific system on the network, what sort of DHCP server are you speaking of. Are you asking about your ISPs DHCP, a Linksys/Dlink/other SOHO DHCP device, or are you attempting to setup your own internal DHCP server such as ISC-DHCP for your LAN. Secondly, the quick and easy way to change around things so that sl0 pulls an IP is to run /stand/sysinstall and reconfigure your Network Interfaces. You could also edit rc.conf manually and set up the sl0 interface that way, to either pull a static or dynamic IP. Is sl0 internal or external? Is the FreeBSD box going to NAT for your second computer? -- -Tomas Quintero Post your free ad now! Yahoo! Canada Personals FreeBSD performing NAT is really really easy. If you do a little research perhaps into PF which I'm currently trying to learn, it's pretty simple to do, compared to what I've seen from IPFW. How do I open a text editor to edit the rc.conf file while I'm not logged in (I don't think so), and while every command has # in front of it? vi wouldn't work, and view and ex don't work either. I also have a copy of the original rc.conf file; how do I dump the data into the current rc.conf file which is driving me crazy because I made an error in it? You could just do: cat rc.conf.backup rc.conf If I'm not mistaken if you have a backup copy of your rc.conf. As several people have said in this chain of emails, sl0 is not actually one of your NICs. I believe it is a serial port or something, but I don't quite remember. If you could, please post the results from 'ifconfig' and perhaps your
Re: 5.8TB RAID5 SATA Array Questions - UPDATE
I am almost a bit curious why you didn't go with a Microsoft based solution in a situation like this, where you are needing to provide SMB based file sharing to obviously Windows client desktops. Another solution would be to setup a dedicated NAS of some sort. But I suppose it's too late for all of that. On 4/25/05, Edgar Martinez [EMAIL PROTECTED] wrote: No flaming here, when dealing with projects this big, you cannot be bias obviously because generally it is someone else's time and money that is on the line. Thanks for the info, I didn't know the whole second array thing, that would explain some of the weirdness that I have been seeing. -Original Message- From: Brent Wiese [mailto:[EMAIL PROTECTED] Sent: Monday, April 25, 2005 12:54 PM To: [EMAIL PROTECTED]; freebsd-questions@freebsd.org Subject: RE: 5.8TB RAID5 SATA Array Questions - UPDATE Any one else think they know of a better method?? Well, I'm probably going to get totally flamed for this, but since you asked... The better method is to install Windows 2003 Server. Assemble your drives into 2TB or less RAID5 volumes (btw, you only want 1 per 3Ware card, more on that in a second) and use Windows 2003 to span those volumes. It'll show up as one drive after that. There is some limit, but I can't remember what it is. Its huge though. And in case you didn't know, 3Ware cards are only speed-optimized for the first array. Subsequent arrays on a card run painfully slow. They won't say it in any of their lit, but if you corner their support people, they'll admit it (it obvious if you try it). Sorry to mention M$ here, but it sounds like you invested incredible amounts of time, and even Windows 2003 can be cheaper than your time at some point. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.8TB RAID5 SATA Array Questions - UPDATE
Ah my mistake, I hadn't read all of what was said in its entirety. On 4/25/05, Edgar Martinez [EMAIL PROTECTED] wrote: Easy answer...the desktops are actually not windows based...they are Apple OSX / Linux systems...SMB is just for the transient Windows based systems that will need to access the array, but do not run NFS. -Original Message- From: Tomas Quintero [mailto:[EMAIL PROTECTED] Sent: Monday, April 25, 2005 6:06 PM To: [EMAIL PROTECTED] Cc: Brent Wiese; freebsd-questions@freebsd.org Subject: Re: 5.8TB RAID5 SATA Array Questions - UPDATE I am almost a bit curious why you didn't go with a Microsoft based solution in a situation like this, where you are needing to provide SMB based file sharing to obviously Windows client desktops. Another solution would be to setup a dedicated NAS of some sort. But I suppose it's too late for all of that. On 4/25/05, Edgar Martinez [EMAIL PROTECTED] wrote: No flaming here, when dealing with projects this big, you cannot be bias obviously because generally it is someone else's time and money that is on the line. Thanks for the info, I didn't know the whole second array thing, that would explain some of the weirdness that I have been seeing. -Original Message- From: Brent Wiese [mailto:[EMAIL PROTECTED] Sent: Monday, April 25, 2005 12:54 PM To: [EMAIL PROTECTED]; freebsd-questions@freebsd.org Subject: RE: 5.8TB RAID5 SATA Array Questions - UPDATE Any one else think they know of a better method?? Well, I'm probably going to get totally flamed for this, but since you asked... The better method is to install Windows 2003 Server. Assemble your drives into 2TB or less RAID5 volumes (btw, you only want 1 per 3Ware card, more on that in a second) and use Windows 2003 to span those volumes. It'll show up as one drive after that. There is some limit, but I can't remember what it is. Its huge though. And in case you didn't know, 3Ware cards are only speed-optimized for the first array. Subsequent arrays on a card run painfully slow. They won't say it in any of their lit, but if you corner their support people, they'll admit it (it obvious if you try it). Sorry to mention M$ here, but it sounds like you invested incredible amounts of time, and even Windows 2003 can be cheaper than your time at some point. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Connecting to the Internet
On 4/25/05, Broming plutonium [EMAIL PROTECTED] wrote: Hello everyone...for the first time. I have two computers. I very recently installed FreeBSD on my first computer because the operating system it used to have, Microsoft Windows, was infected by so many viruses that my computer took a million years to open a program. I've only had 2 days of experience with FreeBSD, so I don't know anything about it. How do I connect it to the Internet using Ethernet? My computer seemed to be telling me it had three network interfaces. I'm guessing that the ones called plip0 and ppp0 are all wrong; sl0 is the right one. FreeBSD tries to establish an Internet connection on plip0 every time it boots. How do I change that to sl0? How do I tell it to tell DHCP server to assign IP address xxx.xxx.xxx.xxx on subnet mask xxx.xxx.xxx.xxx USING the sl0 network interface? What do I have to do to establish an Internet connection? Any help would be appreciated. Thanks! Firstly, by telling the DHCP server to assign a static-IP address to a specific system on the network, what sort of DHCP server are you speaking of. Are you asking about your ISPs DHCP, a Linksys/Dlink/other SOHO DHCP device, or are you attempting to setup your own internal DHCP server such as ISC-DHCP for your LAN. Secondly, the quick and easy way to change around things so that sl0 pulls an IP is to run /stand/sysinstall and reconfigure your Network Interfaces. You could also edit rc.conf manually and set up the sl0 interface that way, to either pull a static or dynamic IP. Is sl0 internal or external? Is the FreeBSD box going to NAT for your second computer? -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Test
Test -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: GMail Users Blocked by Spamcop
On 4/22/05, Shantanoo [EMAIL PROTECTED] wrote: On 4/22/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I would like to bring it to the attention of the mailing list as a final act of desperation that GMail users have been blacklisted by SpamCop apparently. It also seems the FreeBSD Project utilizes SpamCop as part of their filtering process. I appeal to all those reading this concerned for the community to strongly urge FreeBSD to either circumvent this particular blacklist, or to urge SpamCop directly to remove their unnesscessary blacklisting. I feel it is ridiculous to black the masses which utilize such a useful email service as GMail. Thank You, Tomas Quintero [EMAIL PROTECTED] If this mail reaches, then freebsd's server isn't blocking gmail :) Shantanoo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Yeah as I noticed today I guess its no longer being blocked. Sorry for my anger :p -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Build kernel vs build world
If your supfile was set to RELENG_5 then you getting 5.4-PRERELEASE is correct, as -STABLE becomes the next -RELEASE, so on and so forth. On Apr 8, 2005 12:25 PM, Joshua Lewis [EMAIL PROTECTED] wrote: I was getting ready to build world and I noticed (to my utmost suprise) that my system is running 5.4-PRERELEASE. I must have had the wrong tag in my supfile and downloaded the src for 5.4. So I am already running 5.4 I guess I will upgrade totaly. Are there any gotcha's I should now about. At this point I think I am running 5.4 kernel with 5.3 binaries. So should I just to a CVSup with the 5.4 tag and then use the instructions below from Pat? Thank you, Joshua Lewis Pat Maddox You're right, building the world is building all the base binaries. It should be done while you're building the kernel: # make buildworld # make buildkernel kernconf=CONF # make installkernel kernconf=CONF # make installworld # mergemaster Here's a good guide on everything you need to do to update your machine: http://layer0.layeredtech.com/showthread.php?t=2 On Apr 8, 2005 10:00 AM, Joshua Lewis [EMAIL PROTECTED] wrote: Is there a difference between building a world and building a kernel? Common sence is telling me building world rebuilds all the execuables and config files or something a little more intense then just the kernel. However I have not been able to find any instructions on how to build world not even in the handbook. I found building a kernel and was able to do that with no problems. But I would like to update my system with any security updates that have occured since 5.3 has come out. Thanks for any tips. Thank you, Joshua Lewis ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: beastie 5.X boot menu
Theres a few ways to disable beastie, and sorry for the top posting: Firstly, there was a large discussion about this started by someone and it is on marc.theaimsgroup http://marc.theaimsgroup.com/?l=freebsd-questionsw=2r=1s=Stupid+ASCII+loader+prompt+q=b I didn't feel like reading them all again, but the answer to your problem IS in one of those. The way to disable the beastie loader is: in /boot/loader.conf set beastie_disable=YES Enjoy, Tomas On 07 Apr 2005 18:05:11 -0400, Lowell Gilbert [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] writes: The boot menu has changed between 4.x and 5.x releases. I have searched the handbook and can not find any written documentation about the new beastie boot options, what they are and when each one is intended to be used. I see a lot of posts about the beastie figure but nothing about what the options mean. If it's written somewhere can someone point me to it and if not can I get an explanation? Seriously? Well, let's see. ACPI: see man acpi for a start. Safe Mode: configures the system to avoid all possible hardware compatibility problems, at a severe cost in performance. single user mode: see the Handbook. verbose logging: many informational messages will be logged (by the kernel) to the console in the process of booting. Escape to loader prompt: see man loader. USB keyboard: take your computer to your nearest computer store and ask them whether you have a USB keyboard or not. Generally, default will be the right answer unless you know you need something else. Good luck. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Help needed Secure Http Tunneling
putty also supports tunneling if you're connecting from a Windows desktop. I'm sure other SSH clients do as well. On Wed, 30 Mar 2005 22:37:23 +0530 (IST), Mangesh Bhalerao [EMAIL PROTECTED] wrote: Thanx, dan for the great help I am trying to configure it . Regards Mangesh Bhalerao M.Tech. (II nd Sem) DA-IICT ,(www.da-iict.org) Gandhinagar - 382009 Ph#. 9426366185 -- On Tuesday 29 March 2005 09:04, Mangesh Bhalerao wrote: Friends, Can some one let me know what are the tools avilable to have a secure tunneling through a http proxy + firewall combination. Any help on the configuration would be a great help. Perhaps stunnel? You can set it up at some port and it can proxy for your http proxy. It's been awhile since I used it, but it was very easy to setup. Performance was ok but it's not for very heavy traffic sites I'd think. Http over ssl is always slower. If performance isn't the greatest concern but rather functionality and managability this might be just what you're looking for. It's in /usr/ports/security/stunnel Using a high level (scripting) language which has ssl functionality it would also be quite easy to write your own if it needs some specific (exotic) local requirements. HTH, Dan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Setting up network
Essentially, the host is the 'name of the machine' if you will. So if you want, you can name it betty, or uberserver1. It doesn't matter. For that fact, as far as I really know, nor does the domain matter. However commonly when naming servers and such, they have corresponding names and domains so that they can be labeled and people who need to know, know what these machines do. In short, no, the names do not matter for your internal home network. On Thu, 31 Mar 2005 16:52:52 -0500, Jonathan Arnold [EMAIL PROTECTED] wrote: Something I've never been able to figure out. When installing a new machine, and you come to the Network Configuration dialog, what do you put in for the Host: and Domain: if it is a machine on an internal network (ie., 192.168.1.149)? Does it matter? Just give it a simple hostname and be done with it? Make something up? -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD weblog: http://freebsd.amazingdev.com/blog/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A Riddle
I'm glad this has to deal with FreeBSD related question. Thank you for expanding the minds of those subscribed to this mailing list with your intricate question outlining in the most detail the problem you're having with your specific task. You're either a dumbass, or a 12 year old. I prefer to choose the latter and hope for the best in your growth and development. Many Thanks, Tomas On Fri, 25 Mar 2005 16:22:45 -0500, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: There are 2 kinds of people in America, Jerry. The Rich and those who complain about the Rich. The difference here as opposed to some other countries is that which group you belong to is a personal choice. I respect your choice. You seem very happy in your ignorance of virtually every subject. You taking a shot at me is about as entertaining as it gets, Jerry. It really, really is. -Original Message- From: Jerry McAllister [EMAIL PROTECTED] Q: Why are FreeBSD users like Liberals? A: They panic and start to call you names when you tell them the truth. Last I knew that was a technique most perfected by the right wing especially when they begin noticing that reality does not correspond to their need to support sagging egos. Sorry about clogging the bandwidth. Could resist taking a shot at a troll. Jerry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Unsubscribe?
The line you're looking for resembles a little something like this: ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] On Fri, 25 Mar 2005 13:04:37 -0800 (PST), Doug Paquette [EMAIL PROTECTED] wrote: Group, Sorry to have to ask this question here, but does anyone have the address to where I unsubscribe to the various free bsd mailing lists? Thanks Doug __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: how to auto connect to freebsd
Have you tried setting up a DHCP server on your FreeBSD box? On Fri, 25 Mar 2005 17:51:25 -0500, David Banning [EMAIL PROTECTED] wrote: My win boxes are using freebsd as a gateway to the internet through a hub. I have to set the ip address for each machine and setup the gateway address in each winbox. They do not find the gateway address automatically. I have been doing it this way for years. I am just wondering if it is possible to have the win boxes auto detect the gateway address and agree with freebsd what each win IP address will be automatically as is done with a router-switch. -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Slow Performance with OpenBSD's PF on 5.3-RELEASE
I recently setup a box with 5.3 release and enabled PF in order to do NAT and eventually firewalling and bandwidth control when I become more acustom to the workings of PF. Regardless of which however, I'm having tremendous speed issues with the box currently. Here is my pf.conf: ext_if=rl1 int_if=xl0 int_net=192.168.1.0/24 nat on $ext_if from $int_net to any - $ext_if pass in all keep state pass out all keep state Here is my rc.conf: defaultrouter=63.135.xxx.xxx gateway_enable=YES hostname=ORCA. ifconfig_rl1=inet 63.135.xxx.xxx netmask 255.255.255.240 ifconfig_xl0=inet 192.168.1.1 netmask 255.255.255.0 linux_enable=YES sshd_enable=YES usbd_enable=YES pf_enable=yes pf_rules=/etc/pfrules.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Slow Performance with OpenBSD's PF on 5.3-RELEASE
I wasn't quite sure where to start, so I just gave conf lines. The machine is not yet running DNS, DHCPd, etc. however once I have this ironed out I do intend to setup caching DNS and DHCPd. The problem seems to be with Internal LAN clients getting extremely slow speeds. Web pages load extremely slow, if at all. Externally, when I am fetching etc. to determine what speeds the actual machine is getting, it starts off slow then accelerates to 250-300KB/s, which it should be getting. On Sun, 20 Mar 2005 11:56:16 -0800, Thomas Foster [EMAIL PROTECTED] wrote: I think more information might be required than just your conf files. What slow performance are you seeing? Are internal LAN clients having issues with using this computer as a firewall/router? Are you running an internal DNS? DHCPd? Just a start.. T - Original Message - From: Tomas Quintero [EMAIL PROTECTED] To: freebsd-questions@freebsd.org Sent: Sunday, March 20, 2005 11:36 AM Subject: Slow Performance with OpenBSD's PF on 5.3-RELEASE I recently setup a box with 5.3 release and enabled PF in order to do NAT and eventually firewalling and bandwidth control when I become more acustom to the workings of PF. Regardless of which however, I'm having tremendous speed issues with the box currently. Here is my pf.conf: ext_if=rl1 int_if=xl0 int_net=192.168.1.0/24 nat on $ext_if from $int_net to any - $ext_if pass in all keep state pass out all keep state Here is my rc.conf: defaultrouter=63.135.xxx.xxx gateway_enable=YES hostname=ORCA. ifconfig_rl1=inet 63.135.xxx.xxx netmask 255.255.255.240 ifconfig_xl0=inet 192.168.1.1 netmask 255.255.255.0 linux_enable=YES sshd_enable=YES usbd_enable=YES pf_enable=yes pf_rules=/etc/pfrules.conf pf_flags= pflog_enable=YES pflog_logfile=/var/log/pflog pflog_flags= -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- -Tomas Quintero -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Adaptec
I'm sorry, but aside from the chain of emails subject'd Adaptec AAC raid support, what good does this email serve to the freebsd-questions@ mailing lists? The only thing this is doing is perpetuating the cycle of emails which is simply clogging inboxes. While some of the discussion may be constructive or useful in the other thread, this is not. Try and keep your subjects together so I can archive them more easily and not be forced to read over more. If anything, this sort of email belongs entirely on your misc lists, not the freebsd lists. -Tomas Quintero FreeBSD User On Sun, 20 Mar 2005 15:10:29 -0700, Theo de Raadt [EMAIL PROTECTED] wrote: Since the original Adaptec guy Doug has blocked his mail, here is the email address of the next person at Adaptec who is involved in this. He has also previously indicated that he would be involved in any decision to provide documentation on the aac RAID management interface. Marty Turner [EMAIL PROTECTED] Product Manager Adaptec, Inc. (919) 287-2045 Sorry Marty, but you are only getting comments from your customers. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [repost] ip.forwarding with pf
On Thu, 03 Mar 2005 06:30:52 -0600, J.D. Bronson [EMAIL PROTECTED] wrote: No one replied to this and I thought it was easy for someone on this list to help me? I am going to run pf and setup FBSD as a router (3 NICs). And I see there are some options: net.inet.ip.fastforwarding or net.inet.ip.forwarding Can someone tell me which is appropriate when FreeBSD 5.4-PRE is used as a router running pf with built in NAT ? And what is the difference on these 2 options? -- J.D. Bronson Aurora Health Care // Information Services // Milwaukee, WI USA Office: 414.978.8282 // Email: [EMAIL PROTECTED] // Pager: 414.314.8282 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Are you entirely sure you want to do it using PF? Has PF even been fully implemented into the 5.x series? I recently setup an FBSD router with 3 external NICs and 1 internal, using NAT and open ipfw rules for now, until I learn a bit more about ipfw. -- -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Help!Help!Help!
On Tue, 01 Mar 2005 18:50:53 -0800, Replies [EMAIL PROTECTED] wrote: Hi, I have just spent over the last two years developing a unique classified ads service which was online and had Free BSD as the security on it. We ended up with a very aggressive and belligerent programmer who left us but left us some nasty little bugs behind to really screw us up.. who we now can't find. I need to know how to change or eliminate a root password. As I still have our test server in my possession is there any way to actually remove the folder that the passwords are held in.the reason I ask this is that when we actually changed the password on our production server it released some sort of worm that totally crashed and eliminated our online site, and all our data we have spent two years developing. It also started trying to access other sites which we only found out about this when our site crashed and we got compalints our from our ISP that our server was trying to agressively access other servers out there on the net. The Only saving grace is that we had it all backed up on our test server but it has the same problem...I expect...I believe that he has probably left us the same worm in our test serverthe unfortunate thing is that because we do not know the root password we are worried that if we try to crack or eliminate it the same thing may happen...and then we are automatically out of business. Is there any way around thisI can prove I am the owner of the site...the URL and the server and any other information you may need if necessary I really need help as this is 2/12 years work as it stands gone. Thanks God Bless Freddy You may also consider ghosting/copying your test server drive to your now ruined production server drive (or any other available drive), incase during your tinkering this worm is once again launched and trashes your only working copy. Changing a root password physically is quite easy as well, and as Chris said, it is located on the FreeBSD site in the handbook. -Tomas Quintero www.orcagamecenters.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sshd
Hello Eric, that meens also to change the port at the ssh-client with ssh -p ??, isn't it? With regards Stevan Tiefert Yes, you'd need to use ssh -p in order to connect to the new port, instead of the default port (22). -Tomas Quintero ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
