Re: where to get the release notes for 9.2
On 28/07/2013 02:27, Aryeh Friedman wrote: There is a specific feature I need to see if it is in 9.2 or just 10 where can I find the draft release notes for 9.2? http://www.freebsd.org/relnotes.html lists 9-stable release notes (http://www.freebsd.org/relnotes/9-STABLE/relnotes/index.html) which says it was last updated 2013-06-16 So I believe this would be the place. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: poudriere keeps rebuilding apache22 on every run
On 05/06/2013 16:45, Arthur Chance wrote: On 06/05/13 16:06, Vincent Hoffman wrote: I'm not certain if this is the best place to ask but I seem to be having issues with apache22 and poudriere. on every run I get Creating the reference jail... done Mounting system devices for 8amd64-default Mounting ports/packages/distfiles Mounting packages from: /usr/local/poudriere_data/packages/8amd64-default Mounting /var/db/ports from: /usr/local/etc/poudriere.d/8amd64-options Logs: /usr/local/poudriere_data/logs/bulk/8amd64-default/2013-06-05_12:55:43 Appending to make.conf: /usr/local/etc/poudriere.d/8amd64-make.conf /etc/resolv.conf - /usr/local/poudriere_data/build/8amd64-default/ref/etc/resolv.conf Starting jail 8amd64-default Calculating ports order and dependencies Sanity checking the repository Options changed, deleting: apache22-2.2.24.txz the options were set a while back and havent changed. root@bsdpkgbuild:~ # ls -la /usr/local/etc/poudriere.d/8amd64-options/apache22/ total 13 drwxr-xr-x2 root wheel 3 May 21 17:44 . drwxr-xr-x 241 root wheel 242 Jun 4 22:41 .. -rw-r--r--1 root wheel 3191 May 21 17:44 options root@bsdpkgbuild:~ # any suggestions? Its not a big problem but it means that apache and everything that depends on it gets rebuild every time poudriere runs. I get similar problems, but it's often a random subset of packages. Usually the ones that take a long time to build :-( for me I tracked it down to my somehow having OPTIONS_FILE_SET+=PROXY_FTP OPTIONS_FILE_SET+=PROXY_HTTP but not OPTIONS_FILE_SET+=PROXY in my apache22/options file not sure how that happened but it meant that what the package got built with wasnt what i had in my options file, thus rebuilding every time. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
poudriere keeps rebuilding apache22 on every run
I'm not certain if this is the best place to ask but I seem to be having issues with apache22 and poudriere. on every run I get Creating the reference jail... done Mounting system devices for 8amd64-default Mounting ports/packages/distfiles Mounting packages from: /usr/local/poudriere_data/packages/8amd64-default Mounting /var/db/ports from: /usr/local/etc/poudriere.d/8amd64-options Logs: /usr/local/poudriere_data/logs/bulk/8amd64-default/2013-06-05_12:55:43 Appending to make.conf: /usr/local/etc/poudriere.d/8amd64-make.conf /etc/resolv.conf - /usr/local/poudriere_data/build/8amd64-default/ref/etc/resolv.conf Starting jail 8amd64-default Calculating ports order and dependencies Sanity checking the repository Options changed, deleting: apache22-2.2.24.txz the options were set a while back and havent changed. root@bsdpkgbuild:~ # ls -la /usr/local/etc/poudriere.d/8amd64-options/apache22/ total 13 drwxr-xr-x2 root wheel 3 May 21 17:44 . drwxr-xr-x 241 root wheel 242 Jun 4 22:41 .. -rw-r--r--1 root wheel 3191 May 21 17:44 options root@bsdpkgbuild:~ # any suggestions? Its not a big problem but it means that apache and everything that depends on it gets rebuild every time poudriere runs. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Max top end computer for Freebsd to run on
On 02/06/2013 21:34, Fbsd8 wrote: I'm a sub second speed freak. What is the max number of cpu's and memory size that Freebsd can handle? Can it handle 16 4ghz cpu's and 32gb of memory? I need a gaming server with some really big balls for hundreds of jails. Money is not a deciding factor here, horse power is. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org It'll certainly support it, the biggest server I FreeBSD on at the moment is: root@parisnfsen:~ # head -20 /var/run/dmesg.boot Copyright (c) 1992-2013 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 9.1-STABLE #4 r249837: Wed Apr 24 13:37:24 CEST 2013 r...@parisnfsen.nottellingyou.net:/usr/obj/usr/src/sys/PARISNFSEN amd64 gcc version 4.2.1 20070831 patched [FreeBSD] CPU: Intel(R) Xeon(R) CPU E5620 @ 2.40GHz (2394.05-MHz K8-class CPU) Origin = GenuineIntel Id = 0x206c2 Family = 0x6 Model = 0x2c Stepping = 2 Features=0xbfebfbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE Features2=0x29ee3ffSSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,POPCNT,AESNI AMD Features=0x2c100800SYSCALL,NX,Page1GB,RDTSCP,LM AMD Features2=0x1LAHF TSC: P-state invariant, performance statistics real memory = 34359738368 (32768 MB) avail memory = 33090797568 (31557 MB) Event timer LAPIC quality 600 ACPI APIC Table: DELL PE_SC3 FreeBSD/SMP: Multiprocessor System Detected: 16 CPUs FreeBSD/SMP: 2 package(s) x 4 core(s) x 2 SMT threads as other people have said though, one big server is often not the best answer, keep things like disk io and resiliency in mind. This is a PowerEdge R410 seems to be pretty happy trundling along on 9-STABLE Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Cdorked.A
On 09/05/2013 23:12, pete wright wrote: On Thu, May 9, 2013 at 2:52 PM, Joshua Isom jri...@gmail.com wrote: On 5/9/2013 12:19 PM, Per olof Ljungmark wrote: Hi, Is Apache on FreeBSD affected? Thanks, Technically, Apache isn't the problem. The hole's in cPanel probably, not Apache. The attackers replace Apache, probably patching the source code and replacing the host's with a trojaned copy. If they're patching the source code, then yes, FreeBSD, Windows, OS X, Solaris, OpenBSD, et al are possibly infected. I am not sure that is the case from the research I have been doing on this topic. For example there are reports of it being detected on lighttpd, nginx and systems that do not use cpanel: http://www.welivesecurity.com/2013/05/07/linuxcdorked-malware-lighttpd-and-nginx-web-servers-also-affected/ If anyone has a better rundown of this it would be great if you could point me in the right direction. I am having problems finding a proper examination/explanation of this backdoor. As far as I can follow from the articles I have read the exploit involves replacing the apache/lighttpd/nginx binary, this should require root privileges which indicates you have much bigger problems anyway. As Joshua's reply stated they seem to be patching apache/lighttpd/nginx so in theory at least cdorked could probably be complied for FreeBSD, however as yet I haven't heard of any cases of this happening, my guess at this time would be that the malicious binaries have only been compiled for Linux since this has a much greater deployed base to attack. Vince cheers, -pete -- pete wright www.nycbug.org @nomadlogicLA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sh script code to get file size.
On 18/01/2013 23:26, Fbsd8 wrote:
In a script in am working on I need to find out the allocated
size of a sparse file.
The only command that comes to mind is ls -lh
The du -h command is not appropriate because it will show
the occupied size and not the allocated size.
I don't know how to parse out to the position in the output of that
ls -lh command to pickup the file size value.
Is there some other way to do this?
cut or awk spring to mind. I'm sure there are more :)
(23:31:48 ~) 0
jhary@ostracod $ ls -lh Cisco-vpn-Profiles.zip | cut -f 5 -w
16k
(23:32:15 ~) 0
jhary@ostracod $ ls -lh Cisco-vpn-Profiles.zip | awk '{print $5}'
16k
(23:32:25 ~) 0
jhary@ostracod $ ls -lh Cisco-vpn-Profiles.zip
-rw-r--r-- 1 jhary wheel16k 11 Jul 2004 Cisco-vpn-Profiles.zip
(23:32:32 ~) 0
jhary@ostracod $
Vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: HELP: some process eat my /var
On 05/11/2012 09:32, Eugen Konkov wrote: Здравствуйте, Robert. # du -h /var | sort -nr | head -n 25 976k/var/db/mysql/mysql 892k/var/mail/freeline.in.ua/luda 888M/var/log/radius/radacct/10.11.19.50 858M/var/crash 840k/var/mail/freeline.in.ua/luda/cur 836k/var/db/firebird/help 608k/var/spool 564k/var/db/pkg/perl-threaded-5.14.1_3 552k/var/spool/postfix 512B/var/named/dev 432k/var/db/ports 412k/var/db/pkg/python26-2.6.7_2 392k/var/spool/postfix/defer 354M/var/mail 264k/var/db/pkg/libX11-1.4.4,1 244k/var/db/pkg/en-freebsd-doc-20110521 236k/var/tmp 236k/var/mail/freeline.in.ua/znz2 224k/var/monit 223M/var/log/radius/radacct/10.10.0.2 172M/var/mail/freeline.in.ua 171M/var/mail/freeline.in.ua/office 170M/var/mail/freeline.in.ua/office/cur 158M/var/mail/kes.net.ua 157M/var/mail/kes.net.ua/kes Something mistery take space, because of files take only 6.4G # du -h -d 0 /var 6.4G/var bug df says that there are more space was taken: df -h /dev/ada0s1d 30G 24G3.5G87%/var 6.4G vs 24G Its possible that a process is holding open an unlinked file (some processes do this for tmp files as they are automatically deleted if the program exit, I believe mysql does it for tmp tables for example) I've had this happen when a log got rotated but the process wasnt notified so it kept writing to the file. I believe lsof +L1 will show unlinked but open files. Vince Вы писали 3 ноября 2012 г., 5:01:49: RH Gary Aitken writes: Looks like /var/log has most of it. If you're running X, check for a huge Xorg.0.log. I had this problem as a result of a radeon graphics card that would get into some kind of reinitialization loop. In any case, look at the files in /var/log RH A way to check disk usage: RH du /var | sort -nr | head -n 25 RH If you see something you don't recognize or that seems wrong RH RH Robert Huff RH ___ RH freebsd-questions@freebsd.org mailing list RH http://lists.freebsd.org/mailman/listinfo/freebsd-questions RH To unsubscribe, send any mail to RH freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Anyone Tried to use iPXE to boot with iSCSI?
On 19/09/2012 06:53, dweimer wrote: I was just trying some proof of concept testing to see if I could get a system booting with no local disk using iSCSI running from my FreeNAS box. I got started, by first booting a 9.1-RC1 CD, into live CD, created a /tmp/iscsi.conf used kldload to load the iscsi initiator, connected to the target, created a gpt boot partition, swap partition and just a single / volume using remianing space. Copied the bootcode, created the file system, extracted the system etc. Created a loader.conf file, added the iscsi_initiator_load=YES option, copied my /tmp/iscsi.conf file to the new file system at /etc/iscsi.conf created a /etc/fstab file using the gpart labels to mount / and swap partitions. Booted the system from the iPXE.iso, ran the necessary configuration options, connected to the iscsi volume, and booted from it. It does launch the bootcode, as expected, and then breaks failing to mount root. Whoch I actually expected, I have proved I can install to an iSCSI volume, I can connect to that iSCSI volume prior to loading the kernel, and load the kernel from it. What I can't seem to find any information on is how to mount iSCSI volumes at boot on FreeBSD, so that the kernel can mount the root partition. Does anyone have any idea how to do this, or if its even possible? Sounds like you need this http://freebsd.1045724.n5.nabble.com/iSCSI-boot-driver-0-2-5-isboot-ko-has-been-released-td5736301.html Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Where are the mechancs of config(8) descibed
On 11/09/2012 01:30, Robert Bonomi wrote: (This is probably a bit techical for 'questions' -- I'd welcome a suggesstion of a more appopriae forum.) If you dont get any joy, try freebsd-hack...@freebsd.org Vince Is there a detailed description anywhere of the mechanics of *how* config(8) does what it doess? I'm looking fo the gory detail of how, sayi, 'device bpf' causes the creation of the file 'opt_bpf.h' containing '#define DEV_BPF 1 _Part_ of the magic is the sys/conf/files* and sys/conf/options* files, but their format/content isn't defined anywhee I've found. rerason for asking -- I want to addd a cutom device driver into the kernel. I have sources, and can build the .o, if i convert it to a .ko, it loads and run. *BUT* I want to embed it in the kernel at build time. Somewhere, I have do define 'device foo', specify that that name adds 'myfoo_sys.o' to the kernel object-files list, and that myfoo_sys.o depends on a list of source files, and requires a particular sequence of commands to build from those shources. I know the 'what', just not the 'where' or 'how'. Any pointers appreciated. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
anyone here use poudriere ?
I've been playing with poudriere and pkg as per http://fossil.etoilebsd.net/poudriere/doc/trunk/doc/pkgng_repos.wiki in the hope that it will be an easier way to maintain a custom internal package repository for work not I'va managed to get a few FreeBSD boxes into service there. I'm liking it lots more than the traditional package build but I am having some problems working out how to set custom build options for ports. Does anyone else use poudriere for this and if so how do they handle this. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: anyone here use poudriere ?
On 13/07/2012 16:04, Patrick Lamaiziere wrote: Le Fri, 13 Jul 2012 12:32:48 +0100, Vincent Hoffman vi...@unsane.co.uk a écrit : I've been playing with poudriere and pkg as per http://fossil.etoilebsd.net/poudriere/doc/trunk/doc/pkgng_repos.wiki in the hope that it will be an easier way to maintain a custom internal package repository for work not I'va managed to get a few FreeBSD boxes into service there. I'm liking it lots more than the traditional package build but I am having some problems working out how to set custom build options for ports. Does anyone else use poudriere for this and if so how do they handle this. You can copy options into your jail (see man poudriere). But I agree there is a lack of an interactive mode into poudriere. When I install a new port, I don't know which options are available and I would like to choose them once time. /FACEPALM I could swear I read the man page properly, obviously not. Thank you Vince Regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: encrypted ZFS root and encrypted swap OOTB?
On 11/07/2012 16:25, Joseph Lenox wrote: On 07/09/2012 06:55 PM, David Christensen wrote: I wrote: https://www.dan.me.uk/blog/2012/05/06/full-disk-encryption-with-zfs-root-for-freebsd-9-x/ On 07/09/2012 09:43 AM, Colin Barnabas wrote: Perhaps this will help- http://www.aisecure.net/2011/11/28/root-zfs-freebsd9/ Thanks for the reply. :-) STFW I already found various manual instructions. I'm looking for something easier/ simpler that is built in to the installer, similar to Debian and Windows. It appears FreeBSD doesn't have that feature. That's because nobody has decided to implement that feature in the installer (which was just completely re-done and simplified). If you wanted to put something together (using the freebsd-installer source as a base) that adds a menu system for queuing up the relevant commands, I don't think anyone will complain. I seem to recall the pc-bsd installer does some/all of this. and you can use it to just install freebsd if you dont want the pc-bsd desktop stuff. I havent actually every tried it though so YMMV. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
for loops with /bin/sh on command line.
I'm sure I'm being dim, but why cant I do a for loop on the command line using /bin/sh ? am I suffering from too much use of bash and as such shouldnt expect it to work? banshee# for foo in 1 2 3 ; do echo $foo ; done for: Command not found. foo: Undefined variable. banshee# echo 'for foo in 1 2 3; do echo $foo ; done' bahh.sh banshee# sh bahh.sh 1 2 3 banshee# Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: for loops with /bin/sh on command line.
On 08/07/2012 17:51, Wojciech Puchar wrote: banshee# for foo in 1 2 3 ; do echo $foo ; done for: Command not found. foo: Undefined variable. banshee# echo 'for foo in 1 2 3; do echo $foo ; done' bahh.sh banshee# sh bahh.sh 1 2 3 banshee# echo $SHELL is it /bin/sh really? Doh, yes that was it. Cant believe I forgot to check. I was running csh for no good reason. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: Linux EXT4 dump/restore equivalent?
On 28/06/2012 21:39, Peter A. Giessel wrote: On Jun 28, 2012, at 11:59, Vincent Hoffman vi...@unsane.co.uk wrote: We use dump to backup ext4 filesystems on linux (Centos6) at work You can find a version of dump for Linux that supports ext4. What I have been completely unable to find is a linux boot disk that has a version of restore that supports ext4. If anyone knows of one, I would be very interested. I am very hesitant to use a backup scheme that doesn't have a clear recovery path. Fair point. I've used the rescue mode on the centos boot CD before, but its not too hard to build a custom centos livecd. I made a pxe bootable version for use at work so we can ssh into it without needing an IP KVM, but I'll try and make a new ISO for you if you like. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: CLANG vs GCC tests of fortran/f2c program
On 25/06/2012 13:56, Wojciech Puchar wrote: C++ libraries can be limiting, but... wasn't replaced. If it would be truly about removing GPLv3 code that hurts, replacing libstdc++ would be first thing to do. I assume you mean like the new libc++? http://wiki.freebsd.org/NewC%2B%2BStack For now we have removed GPL code that doesn't hurt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Occassional permission denied in the middle of a large transfer over NFS
I seem to have run into the problems described in this old thread. http://lists.freebsd.org/pipermail/freebsd-questions/2004-April/044927.html tl:dr mountd may give incorrect permission denied errors when it is refreshing the exports list, /sbin/mount has code that sends SIGHUP to mountd on any mount operation. Which implies that any manual mount request, including NFS mounts would cause the problem. Does anyone know if this is still the case with the new NFS server? thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: where is linux-f10-flashplugin ?
On 22/02/2012 20:16, Chuck Bacon wrote:
Looks like FreeBSD mirrors have been hacked; more than one has an empty
pub/FreeBSD directory, and those which have a ports/distfiles directory
don't have an linux directory at all. I've faithfully followed the
FreeBSD handbook for 8.2, and it says the last port is that one. Help,
please?
Chuck Bacon c...@cape.com
from the makefile
MASTER_SITES=
http://fpdownload.macromedia.com/get/flashplayer/pdc/${PORTVERSION:C/r/\./}/:plugin
\
ftp://ftp.ipt.ru/pub/download/
but for me cd /usr/ports/www/linux-f10-flashplugin11; make fetch worked.
vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Dump Restore on ZFS root system
On 07/02/2012 11:00, dick wrote: I run a ZFS on root FreeBSD system. I know I can backup with snapshots but I want a dump/restore action because I want to transfer this system to a UFS virtual FreeBSD machine. My question is: will dump / (root) make a dump of *ALL* other directories? Dump works at the filesystem level and will not work on a zfs filesystem [root@banshee /backup/local/zfs]# dump -b 64 -f - ./ dump: ./: unknown file system I'd use tar or cpio or pax or something. On a UFS filesystem dump will only dump the filesystem specified and will not cross mountpoints. Vince yanta# df -h Filesystem SizeUsed Avail Capacity Mounted on zroot56G335M 55G 1%/ devfs1.0K1.0K 0B 100%/dev zroot/tmp56G 42M 55G 0%/tmp zroot/usr 60G4.7G 55G 8%/usr zroot/usr/home 58G2.4G 55G 4%/usr/home zroot/usr/ports 56G253M 55G 0% /usr/ports zroot/usr/ports/distfiles56G291M 55G 1% /usr/ports/distfiles zroot/usr/ports/packages 55G 21K 55G 0% /usr/ports/packages zroot/var 56G571M 55G 1%/var zroot/var/crash 55G 23K 55G 0% /var/crash zroot/var/db56G337M 55G 1%/var/db zroot/var/db/pkg55G3.7M 55G 0%/var/db/pkg zroot/var/empty 55G 21K 55G 0%/var/empty zroot/var/log 55G827K 55G 0% /var/log zroot/var/mail 55G 22K 55G 0% /var/mail zroot/var/run 55G 53K 55G 0% /var/run zroot/var/tmp 55G143K 55G 0%/var/tmp devfs 1.0K1.0K 0B 100%/var/named/dev ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Where to send bugs?
On 14/01/2012 15:02, Коньков Евгений wrote: Hi, Freebsd-questions. What is better: 1. Send PR to freebsd-current 2. Send PR via site or I must to send to both? Normally I ask on the relevant mailing list first in case its simple enough to get it resolved that way and to raise a little awareness ;) , then it's if not resolved or if i get asked to submit a PR I usually use http://www.freebsd.org/send-pr.html to submit a pr. If you are asking about using /usr/bin/send-pr I believe the default site is the correct one. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: BWN Driver
On 20/12/2011 00:26, Chris Brennan wrote: I've got an HP Pavillian laptop with a Broadcom BCM4312 card. Below is what I've loaded so far and the result from /var/log/messages. [root@blackdragon ~]# kldstat | grep bwn 141 0x82035000 28a9abwn_v4_ucode.ko 191 0x8205e000 2982cif_bwn.ko 201 0x82088000 6183 siba_bwn.ko [root@blackdragon ~]# Dec 19 19:10:53 blackdragon kernel: fwohci0: 1394 Open Host Controller Interface mem 0xc7f5-0xc7f507ff irq 10 at device 9.0 on pci1 Dec 19 19:10:53 blackdragon kernel: fwohci0: [ITHREAD] Dec 19 19:10:53 blackdragon kernel: fwohci0: OHCI version 0.0 (ROM=0) Dec 19 19:10:53 blackdragon kernel: fwohci0: invalid OHCI version Dec 19 19:10:53 blackdragon kernel: fwohci0: fwohci_init failed with err=6 Dec 19 19:10:53 blackdragon kernel: device_attach: fwohci0 attach returned 5 Dec 19 19:10:53 blackdragon kernel: siba_bwn0: Broadcom BCM4312 802.11b/g Wireless mem 0xfc00-0xfc003fff irq 23 at device 0.0 on pci8 Dec 19 19:10:54 blackdragon kernel: bwn0 on siba_bwn0 Dec 19 19:10:54 blackdragon kernel: bwn0: WLAN (chipid 0x4312 rev 15) PHY (analog 6 type 5 rev 1) RADIO (manuf 0x17f ver 0x2062 rev 2) Dec 19 19:10:54 blackdragon kernel: bwn0: DMA (64 bits) Dec 19 19:10:54 blackdragon kernel: bwn0: Using 1 MSI messages Dec 19 19:10:54 blackdragon kernel: bwn0: [FILTER] I get a nice bwn0 device with ifconfig, but I am unable to do anything with it and the little blue light on the front of my laptop stays red, even after playing with the switch for my Wireless device. I've gotten it to work in linux but not reliably and of course it does work in Windows. So I am a bit stumped as to what is wrong or what I am missing. When you say you are unable to do anything with it, what have you tried? ie have you run though ifconfig /wlan0/ create wlandev bwn0 ifconfig wlan0 up ifconfig wlan0 list scan to check that its not just the light thats not coming on? Sorry if i'm asking stupidly obvious questions but the whole create thing still throws some people. Vince -- Chris Brennan A: Yes. Q: Are you sure? A: Because it reverses the logical flow of conversation. Q: Why is top posting frowned upon? http://xkcd.com/84/ | http://xkcd.com/149/ | http://xkcd.com/549/ GPG: D5B20C0C (6741 8EE4 6C7D 11FB 8DA8 9E4A EECD 9A84 D5B2 0C0C) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Disabling geom_journal
Hi all, I'm sure I have seen this come up before but a google doesnt help. I am trying to disable gjournal on a disk so i can move to suj as part of moving on to the 9.x series, I have umounted the FS but when i try to stop the journal it automatically starts it on the gtpid of the device and if i stop that it goes back to the original device name. [root@ostracod ~/doc]# gjournal list Geom name: gjournal 2909580316 ID: 2909580316 Providers: 1. Name: ada1p2.journal Mediasize: 494739118080 (460G) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: ada1p2 Mediasize: 495812860416 (461G) Sectorsize: 512 Stripesize: 0 Stripeoffset: 17408 Mode: r1w1e1 Jend: 495812859904 Jstart: 494739118080 Role: Data,Journal [root@ostracod ~/doc]# gjournal stop ada1p2.journal [root@ostracod ~/doc]# gjournal list Geom name: gjournal 2909580316 ID: 2909580316 Providers: 1. Name: gptid/9e1798be-b5f3-11de-a1eb-00012e273257.journal Mediasize: 494739118080 (460G) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: gptid/9e1798be-b5f3-11de-a1eb-00012e273257 Mediasize: 495812860416 (461G) Sectorsize: 512 Stripesize: 0 Stripeoffset: 17408 Mode: r1w1e1 Jend: 495812859904 Jstart: 494739118080 Role: Data,Journal Any idea how to stop this without setting kern.geom.label.gptid.enable=0 in my loader.conf and rebooting? Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Disabling geom_journal
On 13/12/2011 19:34, Nikos Vassiliadis wrote: On 12/13/2011 5:59 PM, Vincent Hoffman wrote: Hi all, I'm sure I have seen this come up before but a google doesnt help. I am trying to disable gjournal on a disk so i can move to suj as part of moving on to the 9.x series, I have umounted the FS but when i try to stop the journal it automatically starts it on the gtpid of the device and if i stop that it goes back to the original device name. snip You don't have to reboot, just set kern.geom.label.gptid.enable to zero, gjournal stop ada1p2, gjournal clear ada1p2 and re-enable gptid labels. HTH, Nikos Thanks Nikos, I assumed it was a boot time only option for some reason. That worked a treat. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ath0 + wlan0 + spa + Apple Airport Extreme = No Joy
On 11/12/2011 19:31, Christopher Hilton wrote:
Good day,
I'm trying to get FreeBSD going on a soekris box with an atheros based D-Link
PCI wifi card. I intend to use this combination to bridge a difficult network
back to ethernet but right now I'm just trying to get the soekris associated
to the network. The network is managed by an Apple Airport Extreme. Note that
this combination connects just fine to my MiFi 4082. I only have a problem
connecting to the Airport.
The soekris box is running FreeBSD 8.2-STABLE built from source about
11/15/2011.
I have this in my /etc/wpa_supplicant.conf:
network={
ssid=Vindaloo
psk=
}
network={
ssid=Vindaloo-Mobile
psk=**
}
If I read the wireless setup document right I need this in my /etc/rc.conf:
wlans_ath0=wlan0
ifconfig_wlan0=ssid Vindaloo WPA DHCP
This box appears to associate with the network just fine but then it doesn't
receive anything except broadcast traffic.
If you then manually run
dhclient wlan0
once its booted and associated do you get a DHCP address?
Vince
Chris Hilton e: chris /at/ vindaloo /dot/ com
All I was doing was trying to get home from work!
-- Rosa Parks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sed vs gnu sed
On 10/11/2011 07:00, per...@pluto.rain.com wrote: Vincent Hoffmanvi...@unsane.co.uk wrote: bsd sed (correctly according to SUS at least, I believe[1]) appends a newline when writing to standard out, gnu sed doesnt. The wonderful thing about standards is that there are so many to choose from -- Tanenbaum is there any easy way to make our sed do the same as gnu sed here? As long as it is OK to remove _all_ newlines -- which seems to be the case here -- you could pipe the output through tr -d '\012' Thanks to all for suggestions, I'll move to using tr at some point i think but the overhead of any of the approaches is pretty negligable (except for firing up python/perl ;) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
sed vs gnu sed
'Hi all, I'm trying to move a script from a linux box to a freebsd box. All going well as its just a bash script and bash is bash, however there is one line I'm unable to use directly, as bsd sed (correctly according to SUS at least, I believe[1]) appends a newline when writing to standard out, gnu sed doesnt. example BSD [backup@banshee ~]$ echo -n /boot:7:1:5; /:7:1:5; /var:7:1:5 | sed -n 's/[[:space:]]*;[[:space:]]*/;/gp' /boot:7:1:5;/:7:1:5;/var:7:1:5 [backup@banshee ~]$ LINUX [backup@amber ~]$ echo -n /boot:7:1:5; /:7:1:5; /var:7:1:5 | sed 's/[[:space:]]*;[[:space:]]*/;/g' /boot:7:1:5;/:7:1:5;/var:7:1:5[backup@amber ~]$ is there any easy way to make our sed do the same as gnu sed here? for now I have encapsulated the whole thing in a subshell [backup@banshee ~]$ echo -n $(echo -n /boot:7:1:5; /:7:1:5; /var:7:1:5 | sed -n 's/[[:space:]]*;[[:space:]]*/;/gp') /boot:7:1:5;/:7:1:5;/var:7:1:5[backup@banshee ~]$ Which works but seems a little hackish. Vince [1]http://pubs.opengroup.org/onlinepubs/007908799/xcu/sed.html ' Whenever the pattern space is written to standard output or a named file, /sed/ will immediately follow it with a newline character. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Request for Reproduction Rights (Oxford University Press Spain)
On 07/11/2011 11:30, Noelia.Sacristán wrote: Dear = Sir, We are a = Spanish Publishing House, Oxford University Press Spain, that publishes = textbooks for Spanish primary and secondary school. We are interested in = including, in a textbook of secondary education of Computing, the logo = of FreeBSD. The logo = will be reproduce with educational purposes only. Therefore we would = appreciate if you can tell us these reproductions will cause any = problem. If there is = no problem with the reproduction, please send me by e-mail an = authorisation and the copyright line to credit you in our = textbook. The current logo is registered to the freebsd foundation, see http://www.freebsd.org/logo.html Guidelines on its use can be found at http://www.freebsdfoundation.org/documents/Guidelines.shtml Vince = o:p Thank you = very much in advance. Best = regards, Noelia ___ Noelia Sacristán Ruiz Departamento de documentación Oxford University Press España, S.A. Tlf: +34 91 660 26 00 Fax: +34 91 660 26 29 ___ 3DDescripción: [1]= Pincha aquí para ver los videos= /p La información transmitida es para la persona o = entidad a la que va expresamente dirigida y puede contener material = confidencial. Queda prohibido el examen, la retransmisión, la = diseminación o cualquier otro uso de la información al igual que = cualquier acción tomada en relación con la misma por personas o = entidades distintas a los destinatarios expresos del mensaje. Si Vd. = recibe esto por error, se ruega contacte con el remitente y elimine elmensaje de cualquier ordenador. P Antes de imprimir este correo electrónico = piense si es necesario hacerlo. El medio ambiente también es cosa = nuestra. References 1. 3Dhttp://www.myoxfordenglish.es/moe/videos-ingles-my-oxford-english ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: nfs client speed lower than expected.
iperf [ ID] Interval Transfer Bandwidth [ 3] 0.0-60.2 sec 6.22 GBytes 887 Mbits/sec transfers in via ssh are nice and nifty too. Vince On 02/11/2011 23:55, Gary Gatten wrote: Is the interface really at 1Gb? Have you tested with iperf, ftp, or anything other than nfs? -Original Message- From: owner-freebsd-questi...@freebsd.org [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Vincent Hoffman Sent: Wednesday, November 02, 2011 6:52 PM To: FreeBSD-Questions@freebsd.org Subject: nfs client speed lower than expected. Hi all, What kind of speed should I be expecting over an NFS mount from a linux box using a gig interface (igb)? I'm seeing linux clients getting approx 2 or 3 times the throughput rsyncing files from a linux nfs server that i get from a 8-stable FreeBSD client. representative results 7.26MB/s - Freebsd client 21.10MB/s liunx client I've tried a variety of files to try and take caching out of the equation, I've tweaked a few sysctls after much googling kern.ipc.maxsockbuf=400 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.recvbuf_inc=524288 net.inet.udp.recvspace=65535 net.local.stream.recvspace=65535 net.local.stream.sendspace=65535 with no obvious improvement. freebsd mount options ro,noatime,noexec,nosuid,udp,nfsv3,rsize=1024,wsize=1024,bg,hard,intr,timeout=4,retrans=4 linux mount options _netdev,ro,noatime,nodev,noexec,nosuid,proto=udp,vers=3,rsize=1k,wsize=1k,bg,hard,intr,timeo=4,retrans=4 I have seen that using the linux server as an nfs client to write to the NFS server on the freebsd box gives similar performance to a linux client pulling from the linux server so I'm guessing its something to do with the freebsd nfs client? Any suggestions/clues welcome. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org font size=1 div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in' /div This email is intended to be reviewed by only the intended recipient and may contain information that is privileged and/or confidential. If you are not the intended recipient, you are hereby notified that any review, use, dissemination, disclosure or copying of this email and its attachments, if any, is strictly prohibited. If you have received this email in error, please immediately notify the sender by return email and delete this email from your system. /font ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: nfs client speed lower than expected.
I'll give it a try when i get a moment, These servers are all on gigabit LAN (sadly 1500 mtu until I can get the network guy to schedule an outage to reboot the switches and enable jumbo frames,) same subnet so i would expect UDP to have similar or better performance. Vince On 02/11/2011 23:53, Michael Sierchio wrote: Mount via tcp. On Wed, Nov 2, 2011 at 4:51 PM, Vincent Hoffman vi...@unsane.co.uk wrote: Hi all, What kind of speed should I be expecting over an NFS mount from a linux box using a gig interface (igb)? I'm seeing linux clients getting approx 2 or 3 times the throughput rsyncing files from a linux nfs server that i get from a 8-stable FreeBSD client. representative results 7.26MB/s - Freebsd client 21.10MB/s liunx client I've tried a variety of files to try and take caching out of the equation, I've tweaked a few sysctls after much googling kern.ipc.maxsockbuf=400 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.recvbuf_inc=524288 net.inet.udp.recvspace=65535 net.local.stream.recvspace=65535 net.local.stream.sendspace=65535 with no obvious improvement. freebsd mount options ro,noatime,noexec,nosuid,udp,nfsv3,rsize=1024,wsize=1024,bg,hard,intr,timeout=4,retrans=4 linux mount options _netdev,ro,noatime,nodev,noexec,nosuid,proto=udp,vers=3,rsize=1k,wsize=1k,bg,hard,intr,timeo=4,retrans=4 I have seen that using the linux server as an nfs client to write to the NFS server on the freebsd box gives similar performance to a linux client pulling from the linux server so I'm guessing its something to do with the freebsd nfs client? Any suggestions/clues welcome. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
nfs client speed lower than expected.
Hi all, What kind of speed should I be expecting over an NFS mount from a linux box using a gig interface (igb)? I'm seeing linux clients getting approx 2 or 3 times the throughput rsyncing files from a linux nfs server that i get from a 8-stable FreeBSD client. representative results 7.26MB/s - Freebsd client 21.10MB/s liunx client I've tried a variety of files to try and take caching out of the equation, I've tweaked a few sysctls after much googling kern.ipc.maxsockbuf=400 net.inet.tcp.sendbuf_max=16777216 net.inet.tcp.recvbuf_max=16777216 net.inet.tcp.sendbuf_inc=16384 net.inet.tcp.recvbuf_inc=524288 net.inet.udp.recvspace=65535 net.local.stream.recvspace=65535 net.local.stream.sendspace=65535 with no obvious improvement. freebsd mount options ro,noatime,noexec,nosuid,udp,nfsv3,rsize=1024,wsize=1024,bg,hard,intr,timeout=4,retrans=4 linux mount options _netdev,ro,noatime,nodev,noexec,nosuid,proto=udp,vers=3,rsize=1k,wsize=1k,bg,hard,intr,timeo=4,retrans=4 I have seen that using the linux server as an nfs client to write to the NFS server on the freebsd box gives similar performance to a linux client pulling from the linux server so I'm guessing its something to do with the freebsd nfs client? Any suggestions/clues welcome. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [zfs-discuss] ZFS on Dell with FreeBSD
On 28/10/2011 06:53, Albert Shih wrote: Le 27/10/2011 à 13:34:50-0400, David Magda a écrit On Thu, October 27, 2011 11:32, Albert Shih wrote: I also recommend LSI 9200-8E or new 9205-8E with the IT firmware based on past experience Do you known if the LSI-9205-8E HBA or the LSI-9202-16E HBA work under FreBSD 9.0 ? Check the man page for mpt(4): http://www.freebsd.org/cgi/man.cgi?query=mptmanpath=FreeBSD+9-current http://www.freebsd.org/cgi/man.cgi?query=mptmanpath=FreeBSD+8.2-RELEASE WellI don't find this LSI in the mpt driver. I find the chipset of the http://www.lsi.com/products/storagecomponents/Pages/LSISAS9202-16e.aspx in the mps drivers. But I don't known if it's enough to support le card. Or LSI's site: http://www.lsi.com/products/storagecomponents/Pages/LSISAS9205-8e.aspx this one use 2308 chip and I definitely don't find this chip on mps driver. http://www.lsi.com/products/storagecomponents/Pages/LSISAS9202-16e.aspx Do you know how to use a search engine? Don't knwon you tell me ;-) I going to spend lot of money to buy some card, I just hope I can sure the card going to work There is a fair chance for any newer LSI/PERC that supports sas it may be supported under the mfi driver. for example on dell R410 mfiutil -u0 show adapter mfi0 Adapter: Product Name: PERC H700 Adapter Serial Number: 0CP00UO Firmware: 12.10.0-0025 RAID Levels: JBOD, RAID0, RAID1, RAID5, RAID6, RAID10, RAID50 Battery Backup: present NVRAM: 32K Onboard Memory: 512M Minimum Stripe: 8k Maximum Stripe: 1M mfi0@pci0:3:0:0:class=0x010400 card=0x1f161028 chip=0x00791000 rev=0x05 hdr=0x00 vendor = 'LSI Logic / Symbios Logic' device = 'MegaRAID SAS 2108 [Liberator]' class = mass storage I am currently having some issues with a similar controller but thats a different firmware and rebadged by supermicro. so far i havent had any issues with this dell but its been under very light load and only up for a month. Vince Thanks Regards. JAS ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Can carp(4) run daemons or scripts?
On 24/08/2011 05:39, Pavel Timofeev wrote: Big thanks! I'll stop on carp and devd! I think such example (from your link) must be in handbook. Because it's good native solution from base system. Or at least link from carp section to devd section. Who do I need to write with this idea? Too late :) I should have looked here first but i just did a quick Google. http://www.freebsd.org/doc/handbook/disks-hast.html You could suggest on freebsd-dochttp://docs.freebsd.org/mail/archive/freebsd-doc.html@ to have a link from the carp section though. Vince 2011/8/23 Vincent Hoffman vi...@unsane.co.uk On 23/08/2011 17:21, Pavel Timofeev wrote: Oh, thank you very much! I didn't know about ifstated. I'll try it. Also may be with devd How? What do you mean? devd is the freebsd device state change daemon, it will track device state changes and you can tell it to act on them. A quick google for devd and carp gives http://blather.michaelwlucas.com/archives/224 which looks like it covers the kind of thing you want. Vince 2011/8/23 Patrick Lamaiziere patf...@davenulle.org Le Tue, 23 Aug 2011 17:50:43 +0400, Pavel Timofeev tim...@gmail.com a écrit : Hello, Can carp(4) run daemons or scripts when backup server come into the work? As I know ucarp and heartbeat can do this. No, carp only works at the interface level. In ports you will find ifstated(8) (from OpenBSD). It can react to a change on an interface and run tests. Also may be with devd, but imo ifstated will do the trick. Regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Can carp(4) run daemons or scripts?
On 23/08/2011 17:21, Pavel Timofeev wrote: Oh, thank you very much! I didn't know about ifstated. I'll try it. Also may be with devd How? What do you mean? devd is the freebsd device state change daemon, it will track device state changes and you can tell it to act on them. A quick google for devd and carp gives http://blather.michaelwlucas.com/archives/224 which looks like it covers the kind of thing you want. Vince 2011/8/23 Patrick Lamaiziere patf...@davenulle.org Le Tue, 23 Aug 2011 17:50:43 +0400, Pavel Timofeev tim...@gmail.com a écrit : Hello, Can carp(4) run daemons or scripts when backup server come into the work? As I know ucarp and heartbeat can do this. No, carp only works at the interface level. In ports you will find ifstated(8) (from OpenBSD). It can react to a change on an interface and run tests. Also may be with devd, but imo ifstated will do the trick. Regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: BHyve
On 19/08/2011 16:01, Net Warrior wrote: Hi Does anyone know if there is any progress on this project or how can I track/test it? It was imported into svn http://svnweb.freebsd.org/base/projects/bhyve_ref/ so you could check it out and have a try ;) I'm hoping to hear that its being ported to 9 as thats based off 8.1 at the moment. Vince Thanks you- Regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is the forum dead?
On 17/08/2011 20:20, Evan Busch wrote: I have a confirmation link from the vBulletin software asking me to go to http://forums.freebsd.org/ Yet this host appears to be down and has been since last night. Who do I ask about this? Or is this an unannounced scheduled downtime? http://www.downforeveryoneorjustme.com/forums.freebsd.org Just down for you perhaps? Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: atheros 9285 wifi
On 15/07/2011 03:15, freebsd-questi...@herveybayaustralia.com.au wrote: On Thu 14/07/11 9:28 PM , Maciej Milewski wrote:On czwartek, 14 lipca 2011 04:25:59 Polytropon wrote: On Thu, 14 Jul 2011 12:02:02 +1000, freebsd- wrote: So are you saying I can't just grab the ath module? Depends. Maybe a newer version of the module requires a more recent version of the kernel, because a new interface or function was added... I'd rather stick to release, but I guess if I'm having to rebuild the kernel each update... You _can_ try to just compile (1st step) and load (2nd step) the module with the RELEASE kernel, but it's not guaranteed to work. Both steps may require updates in sources or in the running kernel as illustrated above. You may try to get ath driver from -HEAD and compile it with your RELENG_8 tree[1]. There are many fixes for this chipset in the -HEAD. The coming 9 will have it(I don't know the timeframe for the release though) [1] http://lists.freebsd.org/pipermail/freebsd-wireless/2011-May/000224.html [2] target=_blankhttp://lists.freebsd.org/pipermail/freebsd-wireless/2011-May/000224.html Ok, I tried that- I did look into running stable as well, something Polytropon mentioned which twigged and I thought I might go that way, but looking into it further it is still a development branch. I think I need a bit more stability for my users. I bit the bullet and built subversion (which I'm more comfortable with than cvs) and pulled down ath from head (specifically head/sys/dev/ath, head/sys/modules/ath, head/sys/modules/ath_pci - tried stable as well, but got the same result as now). I'm having trouble building though (if I need to switch to a different list let me know - just a little painful with no working network): I get some odd file not found errors on some includes (headers from ath_hal specifically), and when I fix that I get HAL_PHYERR_PARAM not defined errors which I can't quite figure out. A point in the right direction will do; right now I'm getting lost in the maze a bit. I'm going to keep trying to untangle this, but some assistance would be appreciated. are you following the instructions from Adrian (currently the ath maintainer) here http://forums.freebsd.org/showthread.php?t=23594 I do this myself and its working well. (atheros 9280 though) Vince Cheers - Message sent via Atmail Open - http://atmail.org/ Links: -- [2] http://webmail.unitedinsong.com.au/parse.php?redirect=a href= ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SEBSD is dead?
On 17/12/2010 15:27, Jerry McAllister wrote: On Fri, Dec 17, 2010 at 08:14:22AM -0500, Outback Dingo wrote: SeBSD is a FreeBSD project for security enhancement... ACLs and stuff... its part of FreeBSD Something like SeLinux those other guys use??? Good job that wasnt FBI sponsored, those NSA guys are far more trustworthy ;) jerry On Fri, Dec 17, 2010 at 8:02 AM, Odhiambo Washington odhia...@gmail.comwrote: 2010/12/17 zY zhangyuan5...@gmail.com guys, I have a question. SEBSD is dead? Please tell me its latestprogress. Thanks. What is it? A FreeBSD port? Here we discuss FreeBSD, unless you are porting something from somewhere:) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Damn!! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Continuing problem with portsnap
On 02/11/2010 11:34, Jerry wrote: Since portsnap' has been failing on my system, I tried a different approach and decided to rebuild the port entirely rather than just download an updated snapshot. This is the result of just such a venture: portsnap fetch extract Looking up portsnap.FreeBSD.org mirrors... 5 mirrors found. Fetching snapshot tag from portsnap1.FreeBSD.org... failed. Fetching snapshot tag from portsnap5.FreeBSD.org... failed. Fetching snapshot tag from portsnap2.FreeBSD.org... failed. Fetching snapshot tag from portsnap6.FreeBSD.org... failed. Fetching snapshot tag from portsnap4.FreeBSD.org... failed. No mirrors remaining, giving up. You will notice that all the mirrors appear broken. Now, I can reach the FreeBSD web site, and every other site I commonly visit without a problem; therefore, I believe the problem resides somewhere with the portsnap mirrors. Can anyone confirm or further thesis this thesis? Working from the UK [r...@seaurchin ~]# portsnap fetch Looking up portsnap.FreeBSD.org mirrors... 5 mirrors found. Fetching snapshot tag from portsnap1.FreeBSD.org... done. Fetching snapshot metadata... done. Updating from Tue Nov 2 02:25:26 GMT 2010 to Tue Nov 2 11:26:20 GMT 2010. Fetching 4 metadata patches... done. Applying metadata patches... done. Fetching 0 metadata files... done. Fetching 9 patches. done. Applying patches... done. Fetching 3 new ports or files... done. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Continuing problem with portsnap
On 02/11/2010 13:37, Jerry wrote: On Tue, 2 Nov 2010 05:32:44 -0700 Rob Farmer rfar...@predatorlabs.net articulated: This is a separate issue due to bad DNS - the list of mirrors is obtained from: host -t srv _http._tcp.portsnap.freebsd.org and falls back to just portsnap.freebsd.org if it doesn't work. Results: $ fetch http://portsnap1.freebsd.org/pub.ssl fetch: http://portsnap1.freebsd.org/pub.ssl: No address record $ fetch http://portsnap1.freebsd.org/snapshot.ssl fetch: http://portsnap1.freebsd.org/snapshot.ssl: No address record $ host -t srv _http._tcp.portsnap.freebsd.org ;; connection timed out; no servers could be reached Yes, I would say that something is broken somewhere, I just am not sure where. Sounds like DNS to me. what output do you get from dig +trace portsnap.freebsd.org Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Continuing problem with portsnap
On 02/11/2010 14:33, Jerry wrote: On Tue, 02 Nov 2010 13:48:12 + Vincent Hoffman vi...@unsane.co.uk articulated: Sounds like DNS to me. what output do you get from dig +trace portsnap.freebsd.org $ dig +trace portsnap.freebsd.org ; DiG 9.6.2-P2 +trace portsnap.freebsd.org ;; global options: +cmd . 18158 IN NS h.root-servers.net. . 18158 IN NS a.root-servers.net. . 18158 IN NS d.root-servers.net. . 18158 IN NS k.root-servers.net. . 18158 IN NS g.root-servers.net. . 18158 IN NS i.root-servers.net. . 18158 IN NS f.root-servers.net. . 18158 IN NS e.root-servers.net. . 18158 IN NS j.root-servers.net. . 18158 IN NS b.root-servers.net. . 18158 IN NS c.root-servers.net. . 18158 IN NS l.root-servers.net. . 18158 IN NS m.root-servers.net. ;; Received 228 bytes from 209.18.47.62#53(209.18.47.62) in 10 ms ;; connection timed out; no servers could be reached Hmm you should be seeing something like jh...@ostracod (13:48:49 ~) 0 $ dig +trace portsnap.freebsd.org ; DiG 9.6.2-P2 +trace portsnap.freebsd.org ;; global options: +cmd .424412INNSc.root-servers.net. .424412INNSl.root-servers.net. .424412INNSf.root-servers.net. .424412INNSg.root-servers.net. .424412INNSk.root-servers.net. .424412INNSh.root-servers.net. .424412INNSb.root-servers.net. .424412INNSi.root-servers.net. .424412INNSj.root-servers.net. .424412INNSd.root-servers.net. .424412INNSa.root-servers.net. .424412INNSm.root-servers.net. .424412INNSe.root-servers.net. ;; Received 332 bytes from 127.0.0.1#53(127.0.0.1) in 1 ms org.172800INNSd0.org.afilias-nst.org. org.172800INNSc0.org.afilias-nst.info. org.172800INNSb0.org.afilias-nst.org. org.172800INNSa2.org.afilias-nst.info. org.172800INNSb2.org.afilias-nst.org. org.172800INNSa0.org.afilias-nst.info. ;; Received 440 bytes from 128.8.10.90#53(d.root-servers.net) in 125 ms freebsd.org.86400INNSns3.isc-sns.info. freebsd.org.86400INNSns2.isc-sns.com. freebsd.org.86400INNSns1.isc-sns.net. ;; Received 126 bytes from 2001:500:b::1#53(c0.org.afilias-nst.info) in 69 ms portsnap.freebsd.org.3600INA204.109.56.116 freebsd.org.3600INNSns1.isc-sns.net. freebsd.org.3600INNSns3.isc-sns.info. freebsd.org.3600INNSns2.isc-sns.com. ;; Received 246 bytes from 2001:5a0:10::1#53(ns3.isc-sns.info) in 47 ms It should recurse through the DNS hierarchy, starting at the servers for . then the servers for org then the servers for freebsd and finally give you a result. I guess this means either you or your ISP is filtering access on port 53 other than to their severs, or else your ISP has a connectivity issue. can you currently resolve any .org domains? (netbsd.org or openbsd.org or apache.org spring to mind) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail as client via smarthost and ssl
On 29/10/2010 11:19, Christopher Illies wrote: I added U:smmsp and M:PLAIN to my /etc/mail/auth/client-info file, but that did not change anything. When I left out the square brackets around the server name in that file, I got another error message in /val/log/maillog: Oct 29 12:05:22 muck sm-mta[42252]: o9TA5Mtt042250: to=christopher.ill...@web.de, ctladdr=ch...@muck.ks.se (1001/1001), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30466, relay=send.ki.se. [130.229.20.28], dsn=4.0.0, stat=Deferred: Name server: send.ki.se.: host name lookup failure ... odd http://www.sendmail.org/~ca/email/sm-812.html#812AUTH has an example with no square brackets. Not sure why this would break it for you. (I also set up SSL separately as i'm using plain method but you seem to have that covered.) Could you explain this a bit further, please? I am not clear on how this works. Setting up SSL is done by compiling sendmail with sasl, isn't it? Or is there something else to do? Also, the term plain method confuses me: This does not refer to whether or not you are using ssl? Sorry wrong terminology. That should have been plain mechanism not method. PLAIN mechanism mean that i'm sending the password/user in plain rather than using something like DIGEST-MD5 or any of the other possible mechanisms that can be listed in confAUTH_MECHANISMS in your sendmail .mc file to get a list of whats supported by your relay telnet to it on port 25 and issue an EHLO command. the supported mechanisms are listed following the AUTH keyword. for example for me (11:59:59 ~) 1 $ telnet RELAY.ISP.net 25 Trying 213.xxx.xxx.53... Connected to RELAY.ISP.net. Escape character is '^]'. 220 RELAY.ISP.net ESMTP Sendmail 8.13.8/8.13.8; Fri, 29 Oct 2010 12:00:08 +0100 ehlo unsane.co.uk 250-RELAY.ISP.net Hello foo.ISP.net [195.x.x.102], pleased to meet you 250-ENHANCEDSTATUSCODES 250-PIPELINING 250-8BITMIME 250-SIZE 250-DSN 250-ETRN 250-AUTH LOGIN PLAIN ---THIS ONE. 250-STARTTLS 250-DELIVERBY 250 HELP Ignore the ssl comment, I was obviously half asleep, the ssl config I have is for receiving mail over ssl (server side) not sending (client side) I have tried copying your steps for testing, dnl define(`SMART_HOST', `RELAY.ISP.net')dnl FEATURE(`authinfo',`hash /etc/mail/auth/client-info')dnl to ostracod.unsane.co.uk.mc (my machines mc file) [r...@ostracod /etc/mail]# make all /usr/bin/m4 -D_CF_DIR_=/usr/local/share/sendmail/cf/ /usr/local/share/sendmail/cf/m4/cf.m4 ostracod.unsane.co.uk.mc ostracod.unsane.co.uk.cf [r...@ostracod /etc/mail]# make install install -m 444 ostracod.unsane.co.uk.cf /etc/mail/sendmail.cf install -m 444 ostracod.unsane.co.uk.submit.cf /etc/mail/submit.cf [r...@ostracod /etc/mail]# then created /etc/mail/auth/client-info with [r...@ostracod /etc/mail]# cat /etc/mail/auth/client-info AuthInfo:RELAY.ISP.net U:smmsp I:USER P:PASSWORD M:PLAIN and then makemap hash client-info client-info restarted sendmail echo This is a test | mail -s Smarthost test vhoff...@domainitdoesntrelayfor.co.uk and it worked. If I made the entry in client-info AuthInfo:[RELAY.ISP.net] U:smmsp I:USER P:PASSWORD M:PLAIN it stopped working. Sorry to bother you with all these questions. Thats fine, what sendmail I do know will be forgotten if i dont use it.. hope these data-points help but it looks like a bit of a works for me without solving your issue. Vince Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail as client via smarthost and ssl
On 29/10/2010 14:49, Christopher Illies wrote: Thanks for your explanations, Vince. It got me one step further (I think). ... Ok, when I use telnet, this happens: telnet send.ki.se 587 Trying 130.xxx.xxx.26... Connected to send.ki.se. Escape character is '^]'. 220 KIMSX09.user.ki.se Microsoft ESMTP MAIL Service ready at Fri, 29 Oct 2010 14:55:51 +0200 EHLO 250-KIMSX09.user.ki.se Hello [136.xxx.xxx.214] 250-SIZE 10485760 250-PIPELINING 250-DSN 250-ENHANCEDSTATUSCODES 250-STARTTLS 250-AUTH GSSAPI NTLM 250-8BITMIME 250-BINARYMIME 250 CHUNKING Although I have no idea what GSSAPI and NTLM are, I remembered that I have seen these abbreviations before: NTLM is an OPTION for cyrus-sasl2, and yes, it is compiled in (WITH_NTLM=true). And GSSAPI appeared first in the mc file: define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl So I changed the authinfo/client-info file to: AuthInfo:[send.ki.se] U:smmsp I:XXX P:YYY M:GSSAPI Still, it does not work: 530 5.7.1 Client was not authenticated I'd guess from here that the microsoft mail server (i'd say exchange but its part of IIS these days i think) is being awkward. GSSAPI is kerberos related i believe, NTLM is a windows method from what i remember. I'm not familiar with either i'm afraid. Vince Christopher ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sendmail as client via smarthost and ssl
On 28/10/2010 15:25, Christopher Illies wrote:
2010-10-28 14:49, Christopher Illies:
To send email from my computer at work I need to send through a
smarthost. In the past I had added the line:
define(`SMART_HOST', `[smpt.ki.se]')
Brackets are only needed for ipaddresses.
What happens when you remove the brackets, like so
define(`SMART_HOST', `your.mail.server')
Nothing changes. I get the same error messages as with
the brackets.
I'm a bit late here, but...
All I had to do for was add
AuthInfo:relay.isp.net U:smmsp I:username P:PassWord M:PLAIN
to /etc/mail/access
and the smarthost directive.
I assume from your config this would go in /etc/mail/auth/client-info
From /usr/share/sendmail/cf/README
Providing SMTP AUTH Data when sendmail acts as Client
-
If sendmail acts as client, it needs some information how to
authenticate against another MTA. This information can be provided
by the ruleset authinfo or by the option DefaultAuthInfo. The
authinfo ruleset looks up {server_name} using the tag AuthInfo: in
the access map. If no entry is found, {server_addr} is looked up
in the same way and finally just the tag AuthInfo: to provide
default values. Note: searches for domain parts or IP nets are
only performed if the access map is used; if the authinfo feature
is used then only up to three lookups are performed (two exact
matches, one default).
(I also set up SSL separately as i'm using plain method but you seem to
have that covered.)
Hope thats useful to you.
Vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Dual booting with OSX without bootcamp
Hi all,
Work has kindly supplied a shiny new macbook pro (6,2) so
I've re-partitioned it (OSX's grow/shrink partitions/filesystems online
is handy) and now have an EFI partition (hidden,) OSX partition, FreeBSD
/ partition, ZFS partition for the rest and a swap partition. I've
stuck with GPT to avoid reinstalling and the fiddly process that is
installing anything but windows via bootcamp without trashing the
system. FreeBSD was installed by using the DVD with the livefs,
Partitioning of free space done with gpart, and install done with the
shell scripts (in /dist/8.1-RELEASE/{kernel,base,whatever} adapted from
the instructions here
http://typo.submonkey.net/articles/2006/3/20/installing-freebsd-onto-a-usb-stick
)
The problem is booting it, my initial hope was that rEFIt would just
work, but no joy. Next I looked for an EFI loader for freebsd and found
http://blogs.freebsdish.org/rpaulo/2008/09/03/so-you-want-to-test-the-freebsdi386-efi-boot-loader/
but it still wont quite boot a kernel so no joy. Next came grub2 as this
will boot freebsd and also has EFI support, however the EFI support
doesnt support FreeBSD, so I cant find a way to boot . So currently I
can only boot FreeBSD by booting a grub2 CDROM, tellit it to look at the
config file on my mac partition, then booting freebsd using that, If
anyone has a better suggestion I'd welcome it.
Other than that it seems to be working ok, no wireless support as
its a broadcom 43224 which doesn't seem to be supported, however I see
that broadcom have just opensourced their linux drivers (including for
the 43224) so maybe that will open the way to more support in the BSDs
too. In the mean time I'll try ndiswrapper or just use a usb device, I
may try take it up to 9-CURRENT so i get atp(4) and see if anything else
relevant has been improved.
If anyone else has a simpler way of booting (without needing to use
bootcamp/the fakembr etc as I'm happy to never have to use
fdisk/bsdlabel again ;) then I'd be interested to hear it, I did see if
i could use grub2efi to boot grub2 (non efi), or use rEFIt to boot grub2
(non efi) from a file to avoid the cdrom but no joy.
Vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: this is probably a little touchy to ask...
On 09/09/2010 22:02, Jules Gilbert wrote: About Java. Using java with freebsd/mozilla or another browser. Some questions: Is GNU java sufficient? I need to be able to run a browser with Java. No alternative -- and no I don't want to run windoz. I'm trying to do an 8.1 install. Looks like you might be in luck the thread here http://lists.freebsd.org/pipermail/freebsd-gecko/2010-September/001099.html shows that there are 2 ports of icedtea including a plugin for firefox 3.6 in progress. It looks like the one at http://lists.freebsd.org/pipermail/freebsd-java/2010-September/008806.html is in a better state at the moment. Vince Does this problem exist with Sun's x86 OS? Does anyone have a website or even a set of notes as to the right way to do this. Now an opinion. If Oracle isn't going to help us, we should look around for an alternative, even inventing something else, something that isn't Sun/Oracle/Java. Because this problem has been getting progressively worse for the past three or four years or so (longer?,) and, look around, it's hurting the FreeBSD community. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Applying a patch to a port
On 03/09/2010 08:53, bsd wrote: Hello, I have a patch for clamav that was submited by a developer of clamav. I don't know how to apply It to the source code of the port. What I would like to do: 1. Get the source code 2. cd to the source directory 3. Apply the patch 4. Recompile 5. Test If this is ok, then as an option: 6. validate changes updates 7. submit patch to the FBSD port Not too hard, the infrastructure for patching ports is there already. 1) cd /usr/ports/catagory/portname (obviously make this the port directory you want 2) make patch (this will fetch the source if you need it and extract it and apply any patches already needed/supplied ) 3) cd work (this is where the tarball is extracted.) and possibly into the clamav-$version directory 4) apply your patchfile :) 5) cd back into the port directory 6) make (or make install if you want to install it. All current patches are in the files directory of the port so you can use them as a template for naming etc so the port can automatically use you patch once your happy its working. The porters handbook is well worth a look though if your planing on doing much with a port. (http://www.freebsd.org/doc/en/books/porters-handbook/) Vince Thanks for your support. Gregober --- PGP ID -- 0x1BA3C2FD bsd @at@ todoo.biz ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPv6 rtadv on FreeBSD 8.1?
On 30/07/2010 18:48, Carl Johnson wrote: I have running versions of 7.3 and 8.0, so I tried experimenting with 8.1 in VirtualBox, but I ran into a couple of problems. I have an 8.0 system that is running a IPv6 tunnel to sixxs.net, and it is running rtadvd to act as the gatway for my network. On the 8.1 system I enabled IPv6 in rc.conf, but it is not picking up the advertised address. I can add it manually, and have put it in rc.local for now, but it seems it should work automatically as my others do. I noticed that the ifconfig output shows a new line that is not in 8.0: nd6 options=3PERFORMNUD,ACCEPT_RTADV Is there something that has changed in 8.1 that I have to enable, or is there a problem with 8.1? IPv6 is working to the extent that it did assign a link-local address, and I can use that address as long as I specify the interface. My configuration is the same, and I didn't have to enable anything on the others to get the global address assigned automatically. Thanks for any advice. I dont knw if its expected or not but try running sysctl net.inet6.ip6.accept_rtadv=1 (to make it persistent echo net.inet6.ip6.accept_rtadv=1 /etc/sysctl.conf ) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gmultipath woes
On 28/07/2010 08:17, Corey Smith wrote: Has anyone tried gmultipath under 8.1-RELEASE/amd64 yet? This is my first attempt at multipathing so it is possible I'm doing something wrong but anyways: # uname -a FreeBSD host 8.1-RELEASE FreeBSD 8.1-RELEASE #0: Mon Jul 19 02:36:49 UTC 2010 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64 # dmesg | egrep '^(isp|da1|da2)' isp0: Qlogic ISP 2432 PCI FC-AL Adapter port 0xd800-0xd8ff mem 0xdf4f8000-0xdf4fbfff irq 38 at device 0.0 on pci6 isp1: Qlogic ISP 2432 PCI FC-AL Adapter port 0xdc00-0xdcff mem 0xdf4fc000-0xdf4f irq 45 at device 0.1 on pci6 da1 at isp0 bus 0 scbus1 target 0 lun 0 da1: HITACHI DF600F Fixed Direct Access SCSI-4 device da1: 400.000MB/s transfers da1: Command Queueing enabled da1: 2097152MB (4294967296 512 byte sectors: 255H 63S/T 267349C) da2 at isp1 bus 0 scbus2 target 0 lun 0 da2: HITACHI DF600F Fixed Direct Access SCSI-4 device da2: 400.000MB/s transfers da2: Command Queueing enabled da2: 2097152MB (4294967296 512 byte sectors: 255H 63S/T 267349C) # camcontrol devlist Dell VIRTUAL DISK 1028 at scbus0 target 0 lun 0 (pass0,da0) DP BACKPLANE 1.07at scbus0 target 8 lun 0 (pass1,ses0) HITACHI DF600F at scbus1 target 0 lun 0 (pass2,da1) HITACHI DF600F at scbus2 target 0 lun 0 (pass3,da2) # camcontrol inquiry da1 -S 870405180007 # camcontrol inquiry da2 -S 870405180007 # gmultipath label -v FRED /dev/da1 /dev/da2 gmultipath: Unknown verb add # gmultipath status Name Status Components multipath/FRED N/A da1 # gmultipath list Geom name: FRED Providers: 1. Name: multipath/FRED Mediasize: 2199023255040 (2.0T) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: da1 Mediasize: 219902322 (2.0T) Sectorsize: 512 Mode: r0w0e0 -- EOT -- I'm wondering what is going on with the Unknown verb add and why is it only listing da1 in the components? Does the disk need to be in a particular state (unpartitioned, glabel, etc...) or does it not I dont have any storage with multiple paths handy other than creating md devices, however doing that as you have (and as the manpage says) gives the same results. [r...@ostracod /mnt]# mdconfig -a -t vnode -f /scratch/test.dsk -u 12 [r...@ostracod /mnt]# mdconfig -a -t vnode -f /scratch/test.dsk -u 13 [r...@ostracod /mnt]# sysctl kern.geom.multipath.debug=1 kern.geom.multipath.debug: 1 - 1 [r...@ostracod /mnt]# gmultipath label -v TEST /dev/md12 /dev/md13 gmultipath: Unknown verb add [r...@ostracod /mnt]# gmultipath list Geom name: TEST Providers: 1. Name: multipath/TEST Mediasize: 52428288 (50M) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: md12 Mediasize: 52428800 (50M) Sectorsize: 512 Mode: r0w0e0 [r...@ostracod /mnt]# gmultipath status Name Status Components multipath/TEST N/A md12 However doing echo 1 /dev/md13 made geom re-taste the device so I get [r...@ostracod /mnt]# gmultipath list Geom name: TEST Providers: 1. Name: multipath/TEST Mediasize: 52428288 (50M) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: md12 Mediasize: 52428800 (50M) Sectorsize: 512 Mode: r0w0e0 2. Name: md13 Mediasize: 52428800 (50M) Sectorsize: 512 Mode: r0w0e0 Also doing mdconfig -a -t vnode -f /scratch/test.dsk -u 12 gmultipath load gmultipath label -v FRED /dev/md12 mdconfig -a -t vnode -f /scratch/test.dsk -u 13 gave me Jul 28 10:32:43 ostracod kernel: md12 is not MULTIPATH Jul 28 10:32:43 ostracod kernel: MULTIPATH: FRED/12a41222-9a2b-11df-aa80-00012e273257 Jul 28 10:32:43 ostracod kernel: GEOM_MULTIPATH: adding md12 to FRED/12a41222-9a2b-11df-aa80-00012e273257 Jul 28 10:32:43 ostracod kernel: GEOM_MULTIPATH: md12 now active path in FRED Jul 28 10:32:43 ostracod kernel: multipath/FRED is not MULTIPATH Jul 28 10:33:37 ostracod kernel: MULTIPATH: FRED/12a41222-9a2b-11df-aa80-00012e273257 Jul 28 10:33:37 ostracod kernel: GEOM_MULTIPATH: adding md13 to FRED/12a41222-9a2b-11df-aa80-00012e273257 [r...@ostracod /mnt]# gmultipath list Geom name: FRED Providers: 1. Name: multipath/FRED Mediasize: 52428288 (50M) Sectorsize: 512 Mode: r0w0e0 Consumers: 1. Name: md12 Mediasize: 52428800 (50M) Sectorsize: 512 Mode: r0w0e0 2. Name: md13 Mediasize: 52428800 (50M) Sectorsize: 512 Mode: r0w0e0 [r...@ostracod /mnt]# gpart create -s gpt multipath/FRED multipath/FRED created [r...@ostracod /mnt]# gpart add -s 10M -t freebsd-ufs multipath/FRED multipath/FREDp1 added [r...@ostracod /mnt]# newfs /dev/multipath/FREDp1 /dev/multipath/FREDp1: 10.0MB (20480 sectors) block size 16384, fragment size 2048 using 4 cylinder groups of 2.52MB, 161 blks, 384 inodes. super-block backups (for fsck -b #) at: 160, 5312, 10464, 15616 [r...@ostracod /mnt]# mount /dev/multipath/FREDp1 /mnt/foo/ [r...@ostracod /mnt] so it all seems to works but not as expected/documented. Also I
Re: new jail utility is available. announcement.
On 21/07/2010 10:08, krad wrote: Anyone tried using it yet? Not much info out there apart from the announcments it seems. In my quick play with it this morning, it didnt seem to be binding the ips to the jails. Not sure if you are supposed to have the ip bound to the box before you use the jail. Would make sense if you did have to, but it would be nice if the util added it for you or at least prompted you if it wasnt there. Not yet, when I have a spare box I might, although I quite like using zfs for jails as you can limit the disk usage dynamically per zfs filesystem and I didnt see any support there yet, even basic support like there is with ezjail would be nice. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Clarification: Jail -vs- Chroot
On 14/07/2010 00:30, Aiza wrote: Ed Flecko wrote: Hi folks, I'm reading about jails and chroot, and I'm not clear about the differences so I'm hoping someone can clarify this for me. Here's what I think is correct: 1.) FreeBSD has both chroot capability as well as jail capability. 2.) Only FreeBSD has true, jail functionality? Yes?...No? 3.) When reading something (book, article, etc.), is there a way to determine if the author is, in fact, talking about truly a jail or are they really just referring to a chroot environment? For example, I have a book (Preventing web attacks with Apache) that says: Chroot is short for change root and essentially allows you to run programs in a protected or jailed environment. The main benefit of a chroot jail is that the jail will limit the portion of the file system the daemon can see to the root directory of the jail. Additionally, since the jail only needs to support Apache, the programs available in the jail can be extremely limited. 4.) Jail is the more secure of the two options? 5.) When would you typically use a jail -vs- a chroot? The new, 2nd edition of Absolute FreeBSD says: Chrooting is useful for web servers that have multiple clients on one machine—that is, web servers with many virtual hosts. Comments??? Suggestions??? Thank you! Ed Well let me take a shot at this. First of all we are only talking about the FreeBSD operating system. The ability to chroot a directory tree has been available since RELEASES 2.0. The jail utility first appeared in RELEASE 4.0. The jail utility is just a basic effort to automate the building and administration of an chrooted directory tree which is pretty much useless unless it contains a complete copy of the Freebsd operating system binaries. Actually as the manpage says In the other extreme case a jail might contain only one file: the executable to be run in the jail. you put in a jail what you need. It doesnt have to be a complete install its just commonly for that purpose. Also a jail offers more features than chroot, such as sperate securelevels from the host, limits on number of child jails (Hierarchical Jails) etc. The major short coming of the jail command jail system is each jail has it's own copy of the hosts running system binaries. Freebsd reserves a limited number of control structures for storing files and directories, called inodes. Creating a few jails consumes many of these valuable inodes, eventually preventing the creation of new jails and new files on the host. Worst yet is each jail loads it's own copy of it's running binaries into memory which causes thrashing on the swap device as memory pages are swapped in and out as the limited memory is shared between the host and jails. Besides consuming resources and creating performance degradation, this also causes a major administration headache when wanting to update the host running system, because the host and the jails all have to be running the same RELEASE version. you can run other (lower) version userland if you want to as long as the host has the correct COMPAT options in its kernel config. I'll agree on the administration headache though. Now with some considerable hand jobbing per the jail section of the handbook, a jail environment can be created where by a single copy of the jailed running binaries are shared among all the jails. But this still leaves you with an administration nightmare as the number of jails deployed grows past 5. Now there are some ports in the port system that are utility wrappers around the jail command that tries to address this administration nightmare. My experience with these are they are very poorly documented and you really need to have a good grasp on how jails work and network ip address usage before they are useful. Their easy of use quickly evaporates as the number of jails deployed reaches 10. The next generation of a jail utility for the deployment of a large number of jails is in project phase right now. Keep checking the ports system for qjail. I quite like ezjail but I'll be sure to keep an eye open for qjail. Vince Now about what to run in a jail. Well since each jail is like a complete stand-a-lone operating system, you can populate it with any application you want. The real limitation is how is that jail going to gain public internet access so the domain name of your apache website can be found and accessed. A static ip address is pretty much required, though with some creative ip address assignments this can be circumvented. Thats a whole other subject area. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list
Re: sparse image
On 30/06/2010 06:19, Aiza wrote: Thanks Vince this was very helpful. I was able to create a sparse image jail, but when I used cpio to duplicate the sparse file to other jails I lost the sparseness of the file. Is there a way to copy a sparse file and keep it intact? I havent tested but tar has -S (x mode only) Extract files as sparse files. For every block on disk, check first if it contains only NULL bytes and seek over it otherwise. This works similiar to the conv=sparse option of dd. which might work. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sparse image
On 23/06/2010 11:26, Aiza wrote: Is there an equivalent of the MAC sparseimage on FreeBSD? If you mean you would like to make a sparse file and attach it using mdconfg then dd if=/dev/zero of=/path/to/outfile bs=1M seek=1024 count=0 This will give you a sparse file that reports a gig in size, but only uses whats actually in use. you can then use mdconfig(8) to allow this to be partitioned formatted and mounted. Example below. see also http://www.freebsd.org/doc/en/books/handbook/disks-virtual.html although that example doesnt use a spare file. [r...@ostracod /scratch/media]# dd if=/dev/zero of=foo.img bs=1M seek=1024 count=0 0+0 records in 0+0 records out 0 bytes transferred in 0.66 secs (0 bytes/sec) [r...@ostracod /scratch/media]# ls -lh foo.img -rw-r--r-- 1 root wheel 1.0G Jun 23 11:45 foo.img [r...@ostracod /scratch/media]# du -h foo.img 48Kfoo.img [r...@ostracod /scratch/media]# mdconfig -a -t vnode -f foo.img md0 [r...@ostracod /scratch/media]# gpart create -s gpt md0 md0 created [r...@ostracod /scratch/media]# gpart add -t freebsd-ufs md0 md0p1 added [r...@ostracod /scratch/media]# newfs /dev/md0p1 /dev/md0p1: 1024.0MB (2097084 sectors) block size 16384, fragment size 2048 using 6 cylinder groups of 183.72MB, 11758 blks, 23552 inodes. super-block backups (for fsck -b #) at: 160, 376416, 752672, 1128928, 1505184, 1881440 [r...@ostracod /scratch/media]# !ls ls -lh foo.img -rw-r--r-- 1 root wheel 1.0G Jun 23 11:46 foo.img [r...@ostracod /scratch/media]# !du du -h foo.img 736Kfoo.img [r...@ostracod /scratch/media]# mount /dev/md0p1 /mnt/foo/ [r...@ostracod /scratch/media]# df -h | grep foo /dev/md0p1 989M4.0K910M 0%/mnt/foo [r...@ostracod /scratch/media]# Hope this is helpful. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Alternate method for fetching source
On 04/06/2010 19:20, Ross Penner wrote: I'm trying to update my system and when I run cvsup, the connection repeatedly has problems (TreeList failed: Network write failure: Connection closed). I'm wondering if anybody can suggest any other method to grab the current source files? svn works (http://wiki.freebsd.org/SubversionPrimer) or if you are ok not to have the absolute bleeding edge http://pub.allbsd.org/FreeBSD-snapshots/ has a daily -CURRENT snapshot (including source) Vince Thanks for any ideas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re : Possible to run Linux distro in a jail?
On 30/05/2010 08:10, Matthew Seaman wrote: On 29/05/2010 22:15:37, Alexandre L. wrote: I have this link to a French Blog : http://blog.etoilebsd.net/post/Emprisonner_une_debian_dans_un_FreeBSD This describe how to jail a Linux Debian in FreeBSD. I hope this will help you. I haven't used it. Thanks to its author : Baptiste Daroussin. This is technically not Debian *Linux* at all -- it's a Debian project to merge a BSD kernel with all the GNU shlibs and the various other utilities used on Debian systems. See http://www.debian.org/ports/kfreebsd-gnu/ and http://wiki.debian.org/Debian_GNU/kFreeBSD Actually my reading of it is a linux userland running under linux compatibility mode as a jail. So no not linux but not quite kFreeBSD either. Vince jail(8) uses the same kernel image in the jail as in the base system. So, in general, jails have to contain pretty much the same OS as the base. There are some variations possible, like running a 32-bit world in a jail on a 64-bit box, or running alternate FreeBSD versions to the main system (takes a bit of tweaking to make work properly, but this is used by the ports build cluster for example). Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: real time files mirroring ?
On 20/05/2010 15:12, Frank Bonnet wrote: Hello I'm searching for a software that could perform some kind of real time mirroring between two (or more) freebsd servers. My meaning is to keep up to date some files ( flat and db maps ) used by Postfix on our MX servers and propagate every change of one or more files to all the others. HAST (http://wiki.freebsd.org/HAST in -STABLE now.) or ggate sound like your best bet, although they could be overkill for a few files. you could put something together with sysutils/wait_on and rsync that would probably do. Vince Thank you ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Really simple spam trap - /dev/pf permissions?
On 27/04/2010 20:31, John wrote: This seems to be working pretty well, and I'll eventually take the print statement out, but I'm not sure why I had to make /dev/pf public read/write in order to get the pfctl command to work. What is the best solution to be able to add to my spammers table in pf without making it public read/write? It would probably make more security sense to add the user that the script is running as to a group (say pfctl) then make the /dev/pf device group owned by the pfctl group and group writable. Other options include sudo access for your scripts user to run a specific pfctl command. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD 8.0 with geom_journal and fsck
On 22/04/2010 16:10, Paulo Fragoso wrote: Hi, Is realy necessary check fsck on boot for journaled file sistem? Yes, but it should be a very quick check, see these for some more details http://lists.freebsd.org/pipermail/freebsd-geom/2008-August/003020.html http://lists.freebsd.org/pipermail/freebsd-geom/2008-August/003026.html Vince Can I put this line in fstab? # DeviceMountpoint FStype Options DumpPass# /dev/ad0s3d.journal/var/db ufs rw,async0 0 I can't boot if set Dump, Pass to 2 2 im /etc/fstab. Pulo. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [OT] Was: Disabling DNS
Hi Jorge, While the term dummy has been used in the sense of basic or beginner (for instance the for dummies series of books,) The most common context means stupid, or silly and has negative connotations for the person referred to. Vince On 20/04/2010 20:48, Jorge Biquez wrote: Hello all. My English is not perfect at all since it is not my native language. With that in mind I read the comments about the dummy word, interpreted as a basic task, simple task In th eeffort of learning... can you explain why you considered the comments unfriendly and non-professional? Thanks in advance Jorge Biquez At 12:30 p.m. 20/04/2010, you wrote: In response to Alberto Mijares amijar...@gmail.com: I have a FreeBSD server that, among other things, used to provide DNS for a handful of domain names and a small network. All DNS is now provided by new machines. On the old machine, DNS starts when the machine boots, and bind continues to run lots of useless named and named-xfer processes throughout the day. How do I turn off the DNS processes on the old machine and stop it from starting every time the machine boots? Hi, FreeBSD has an excelent documentation. Just reading the manual you will know how to acomplish dummy sysadmin tasks like this. ^ Maybe you have a language problem, but this looks very much like inappropriate response. We do no call names on this list. It is unhelpful, unfriendly and non-professional. jerry When you give a specific answer, you are just giving that: one single answer. When you give the source of this answer instead, you are giving many answers at once. Now, it's obvious that the OP hasn't read the handbook ever and I think he didn't try, at least, a google search before asking this question. So, why is it inappropiate, unhelpful, unfriendly or non-professional my advise? Ain't it a tacit rule in every list to do some research before asking help? Just in case, I made a search of every word I used in a dictionary; and no offensive nor annoying meaning was found (OK, I misstyped accomplish, sorry about that. My native language is spanish). Please let me know if I'm missing something else. I suspect that jerry had a problem with the use of dummy, which is generally considered an insult when directed at a person. I.e. You're being a dummy. is an insult. Since your use of the term was associated with the task and not the individual, the whole thing enters a grey area of interpretation. Some might consider the sentence an insult, others might simply consider the use of dummy task as another way to say beginner task or basic task. In any event, it's my experience that if you spend time on the Internet, you will eventually end up offending someone. Just apologize for any misunderstanding and move on. -- Bill Moran http://www.potentialtech.com http://people.collaborativefusion.com/~wmoran/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: DJB and root ns server dnssec signing
On 19/04/2010 12:12, krad wrote: Hi, Not strictly a freebsd question this but I'm feeling jittery about this as I cant afford it to go wrong. As you are probably aware the root zones are going to be signed soon. I run a number of heavily used dns caches (~ 600-900 queries / sec) running djb dnscache. From what I can see dnscache doesn't support dnssec and edns and as these boxes are caches they will be querying the root ns a lot. They are also not behind a discreet firewall, so its not that dropping the large udp packets. I cant find any categoric answer to whether I will get an issue here and this makes me nervous. Can anyone offer any advice or pointers on this? $ dig @test.server +short rs.dns-oarc.net txt rst.x476.rs.dns-oarc.net. rst.x485.x476.rs.dns-oarc.net. rst.x490.x485.x476.rs.dns-oarc.net. 212.139.132.43 DNS reply size limit is at least 490 212.139.132.43 lacks EDNS, defaults to 512 Tested at 2010-04-19 10:42:04 UTC I would upgrade the ns to bind, but historically there were issues with bind on these boxes so if i were to do this I would need to upgrade to 8-stable (they are a mixture of 4,5,6) where i can safely use threaded bind. All of these boxes are remote and heavily active so with the time constraints isn't that desirable. dns/unbound (http://unbound.net/) might be a better way to go than bind if you just want a dnssec aware caching resolver. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH root login with keys only
On 05/04/2010 10:01, Matthew Seaman wrote: On 04/04/2010 22:04:35, Marcin Wisnicki wrote: Is it possible to configure sshd such that both conditions are met: 1. Root will be able to login only by using keys 2. Normal users will still be able to use pam/keyboard-interactive Only by running two instances of sshd on different ports / IP numbers. I missed the rest of this thread so sorry its its been said already. As far as I knew the directive PermitRootLogin without-password in /etc/ssh/sshd_config should accomplish what was requested. However a note later in the default sshd_config file regarding the UsePAM setting says 'Depending on your PAM configuration, PAM authentication via ChallengeResponseAuthentication may bypass the setting of PermitRootLogin without-password.' So I'd be interested to know if by default this is the case. Vince Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SSH root login with keys only
On 05/04/2010 10:17, Vincent Hoffman wrote: On 05/04/2010 10:01, Matthew Seaman wrote: On 04/04/2010 22:04:35, Marcin Wisnicki wrote: Is it possible to configure sshd such that both conditions are met: 1. Root will be able to login only by using keys 2. Normal users will still be able to use pam/keyboard-interactive Only by running two instances of sshd on different ports / IP numbers. I missed the rest of this thread so sorry its its been said already. As far as I knew the directive PermitRootLogin without-password in /etc/ssh/sshd_config should accomplish what was requested. However a note later in the default sshd_config file regarding the UsePAM setting says 'Depending on your PAM configuration, PAM authentication via ChallengeResponseAuthentication may bypass the setting of PermitRootLogin without-password.' So I'd be interested to know if by default this is the case. And sure enough when I have a look in the archive, my suggestion has been discussed at length. sorry for noise. Vince Vince Cheers, Matthew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How customized can an mfsroot be?
On 05/04/2010 18:03, Peter Steele wrote: We have a USB boot stick based cloning process that we're considering porting to a DVD based media. I'm not sure though that it's possible due to the restrictions I've seen in the mfsroot environment we'd have to use. For example, in our USB disk procedure, we create partitions using gpart and set up mirroring for the OS partitions. We even recognize 3Ware controllers and automatically create logical RAID sets from the available drives. In some earlier work I did with a pxe boot server a couple of years ago, I know that I could not setup mirrors via sysinstall and I assume that hasn't changed in FreeBSD 8. Is it possible to customize the mfsroot environment to run a larger variety of commands to allow us to duplicate the cloning process we use with USB boot sticks or is this project likely not doable? It sounds like http://mfsbsd.vx.sk/ would be helpful to you. (I havent used it yet due to lack of time but it looks good.) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
lighttpd in a jail says address is already in use (its not)
Hi all, I'm hoping i'm doing something silly. I have an 8.0-RELEASE machine with one jail that i'm intending to run lighttpd. I have nothing running on the host other than sendmail on 127.0.0.1 and sshd bound to the primary IP. The jail is also now running sshd fine. when i try and start lighttpd i get Starting lighttpd. 2010-03-23 17:13:35: (network.c.345) can't bind to port: 192.168.10.221 80 Address already in use /usr/local/etc/rc.d/lighttpd: WARNING: failed to start lighttpd however [r...@krill /usr/ports/www/lighttpd]# netstat -an netstat: kvm not available: /dev/mem: No such file or directory Active Internet connections (including servers) Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp4 0 0 192.168.10.221.25 *.*LISTEN tcp4 0 0 192.168.10.221.22 *.*LISTEN udp4 0 0 192.168.10.221.514 *.* and i can make nc listen on port 80 using nc -l 192.168.10.221 80 and make connections to it from remote vincenthoff...@macbook (17:18:13 ~) 130 $ telnet 192.168.10.221 80 Trying 192.168.10.221... Connected to jail.home.unsane.co.uk. Escape character is '^]'. So the port definitely isnt in use. Any suggestions if there is a sysctl or anything i need to change to get this to work? Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: lighttpd in a jail says address is already in use (its not)
Sorry for noise, pebkac
I had defined
$SERVER[socket] == 192.168.10.221:80 { }
but not server.bind
bahh.
Vince
On 23/03/2010 17:21, Vincent Hoffman wrote:
Hi all,
I'm hoping i'm doing something silly. I have an 8.0-RELEASE
machine with one jail that i'm intending to run lighttpd.
I have nothing running on the host other than sendmail on 127.0.0.1 and
sshd bound to the primary IP. The jail is also now running sshd fine.
when i try and start lighttpd i get
Starting lighttpd.
2010-03-23 17:13:35: (network.c.345) can't bind to port: 192.168.10.221
80 Address already in use
/usr/local/etc/rc.d/lighttpd: WARNING: failed to start lighttpd
however
[r...@krill /usr/ports/www/lighttpd]# netstat -an
netstat: kvm not available: /dev/mem: No such file or directory
Active Internet connections (including servers)
Proto Recv-Q Send-Q Local Address Foreign Address (state)
tcp4 0 0 192.168.10.221.25 *.*LISTEN
tcp4 0 0 192.168.10.221.22 *.*LISTEN
udp4 0 0 192.168.10.221.514 *.*
and i can make nc listen on port 80 using
nc -l 192.168.10.221 80
and make connections to it from remote
vincenthoff...@macbook
(17:18:13 ~) 130 $ telnet 192.168.10.221 80
Trying 192.168.10.221...
Connected to jail.home.unsane.co.uk.
Escape character is '^]'.
So the port definitely isnt in use.
Any suggestions if there is a sysctl or anything i need to change to get
this to work?
Vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sftp server with speed throttling
On 22/03/2010 11:53, Ghirai wrote: On Sun, 21 Mar 2010 19:55:00 + Vincent Hoffman vi...@unsane.co.uk wrote: On 21/03/2010 13:53, Dan Naumov wrote: What are my options if I want to run an sftp server with speed throttling? My understanding is that openssh (which includes sftp) in base does not support this directly, so I would have to either use a custom kernel with ALTQ (and I would really rather stick to GENERIC so I can use freebsd-update) which sounds like a bit too much configuration work or pass sftp traffic through PF and throttle it (ugly, would also affect ssh traffic). Are there any sftp servers with directly built-in functionality for this? I just would to be able to set limits for upload speed globally for the entire server and preferably to also be able to do speed settings on a per-user basis. A quick google indicates there are at least 2 sftp servers with this functionality, http://www.proftpd.org/docs/contrib/mod_sftp.html http://mysecureshell.sourceforge.net/en/index.html Proftpd with mod_sftp needs the proftp-devel port so I'm guessing its still in testing but at least its in ports. No idea about the mysecureshell program, its not in ports. I havent actually tried with of these so no idea how well they work, good luck. I used pure-ftpd, and it's pretty awesome. http://www.pureftpd.org/project/pure-ftpd Unfortunately pureftpd doesn't do sftp as far as I'm aware (it does do ftps/ftp with tls but thats not the same thing.) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sftp server with speed throttling
On 21/03/2010 13:53, Dan Naumov wrote: What are my options if I want to run an sftp server with speed throttling? My understanding is that openssh (which includes sftp) in base does not support this directly, so I would have to either use a custom kernel with ALTQ (and I would really rather stick to GENERIC so I can use freebsd-update) which sounds like a bit too much configuration work or pass sftp traffic through PF and throttle it (ugly, would also affect ssh traffic). Are there any sftp servers with directly built-in functionality for this? I just would to be able to set limits for upload speed globally for the entire server and preferably to also be able to do speed settings on a per-user basis. A quick google indicates there are at least 2 sftp servers with this functionality, http://www.proftpd.org/docs/contrib/mod_sftp.html http://mysecureshell.sourceforge.net/en/index.html Proftpd with mod_sftp needs the proftp-devel port so I'm guessing its still in testing but at least its in ports. No idea about the mysecureshell program, its not in ports. I havent actually tried with of these so no idea how well they work, good luck. Vince Thanks. - Sincerely, Dan Naumov ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ezjail
On 21/03/2010 21:53, Mark Shroyer wrote: Until recently, the method for creating ezjail's basejail was to issue the ezjail-admin update command, which compiles the basejail from /usr/src. Just recently an ezjail-admin install command was added, which downloads binaries from a FreeBSD FTP server instead. So you shouldn't need sources to get started, however I'm not sure what the update mechanism is if you use the install command. you can use ezjail-admin update -u which uses freebsd-update, for some reason this isnt in the manpage. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD8.0 with AHCI
On 18/02/2010 08:54, Valentin Bud wrote: Hello community, I have an Intel server and I must activate AHCI from BIOS so I can use all the 6 HDDs. Can anybody tell me if FBSD8.0 is stable using AHCI. This is the first I have to use so I thought I'd ask the community opinion first. AHCI is working very well for me, you can either use the old ataahci (part of the standard ata subsystem) or the newer ahci driver which moves ahci into the CAM subsystem, gives ada disk devices and is being very actively developed in STABLE/CURRENT. Vince Thank you, v ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: yikes! MAC address changed ??
On 11/02/2010 11:00, James Smallacombe wrote: Sorry for replying to myself (AND top-posting!) twice in a row, but this is become a huge concern. My first thought is that my provider changed routers or router Ethernet ports, hence the MAC address change. They deny this, plus I find the two MAC addresses: 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 If it wasnt for the 00:17 to 00:13 change I would suggest that it was a HSRP/VRRP change, (Virtual ip used by 2 routers in a fail over fashion) as I see this message often on one of my boxes which are on a LAN with a pair of ZXTM Load balancers, when one moves from active to passive and the other takes over (at least I assume thats what they are doing as apparently they arent running active-active.) arp: 85.233.xxx.xxx moved from 00:30:48:d4:8c:2a to 00:30:48:d4:8e:86 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:86 to 00:30:48:d4:8c:2a on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8c:2a to 00:30:48:d4:8e:86 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:86 to 00:30:48:d4:8c:2a on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8b:c9 to 00:30:48:d4:8e:d1 on em0 arp: 85.233.xxx.xxx moved from 00:30:48:d4:8e:d1 to 00:30:48:d4:8b:c9 on em0 However in your case, while 00:17:E0 is reasonable (a cisco mac address) 00:13:E0 is a little worrying as apparently its a Murata Manufacturing(whoever they are) mac address (see http://www.coffer.com/mac_find/?string=00%3A13%3Ae0%3A4f%3Ab9%3Ac0) you can check if its a static entry in your arp tables using arp -a | grep permanent The only permanent entries should be your local IPs (whatever you have configured on your interfaces) unless you have any others you have put in yourself. so for my server i have r...@seaurchin ~]# arp -a | grep permanent seaurchin.the.namesco.net (85.233.xxx.xxx) at 00:11:43:d8:2c:df on em0 permanent [ethernet] ? (10.20.0.3) at 00:11:43:d8:2c:df on em0 permanent [ethernet] (10.20.0.3 is a jail) If i manually add an arp entry [r...@seaurchin ~]# arp -s 85.233.xxx.254 00:30:48:b8:55:ff [r...@seaurchin ~]# arp -a | grep permanent ? (85.233.xxx.254) at 00:30:48:b8:55:ff on em0 permanent [ethernet] seaurchin.the.namesco.net (85.233.xxx.xxx) at 00:11:43:d8:2c:df on em0 permanent [ethernet] ? (10.20.0.3) at 00:11:43:d8:2c:df on em0 permanent [ethernet] Hope this helps a little. Vince too close to each other for comfort. My obvious concern here is that the recent php compromises somehow allowed an attacker to alter the ARP table entry of the default gateway. Specific questions are as follows: 1) If this were done via a perl or php script, presumably executing an 'arp -s' command, would it show up in the log like that? I've never changed an ARP entry (except to delete it using 'arp -d'), so I've only seen log entries like that due to external changes, like somebody changing IPs on the LAN from one Ether to another. 2) Could an Ethernet card defect or re0 driver problem cause anything like this? Other bug? 3) If this was an attacker using a local script, how the hell does he get a php or perl script owned by UID 80 (or worst case, a user), to do this? Thanks again for any insight...appreciate a reply to both list and directly. On Wed, 10 Feb 2010, James Smallacombe wrote: Please disregard this...sleep deprication...the IP in questions (which I should have disfuised anyway) was not my server's IP, but that of the default gateway...the problem was external. On Wed, 10 Feb 2010, James Smallacombe wrote: This freaked me out a bit, so I'm just running it past the list to make sure this is just a hardware issue...I've never seen it before. My dedicated server provider replaced my defective server that had been up for 6 months after it had apparent failures of a NIC and hard drives. It had also recently been the victim of the Zen Cart exploits (I posted about this not long ago). Tonight I lost connectivity to it, got in via KVM/IP and saw this in the syslog: Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0 on re0 My first reaction was that somebody else on the LAN had used my IP address, which would have explained the connectivity issues. However, the IP couldn't be pinged and I also noticed that only one number in the address had changed...the odds of somebody else having it were long. ifconfig showed the I/F down, no carrier. I rebooted and then it came up with yet a third MAC address, 00:14:d1:3c:1e:31 Not really even close. Still no carrier. Provider swaps out the Realtek NIC for a new one and it's working (for now). Questions that come to mind: could their be a DoS perhaps from a bot or c99shell I didn't find? Even if their was, would it be possible for the www user, with no priveleges to even cause this kind of problem? I had disabled suhosin after customers patched their Zen Carts, because it interfered with it. Or...could this be a bug in the
Re: sftp from home wireless box to work - get is much faster that put
On 09/02/2010 23:16, Anton Shterenlikht wrote: I was trying to measure the file transfer rates between my home and my office boxes. Both are 9.0-current. At home I've wireless, TL-WN851N, using ath(4) driver. I used sftp(1), which I launch from the home box. I made files sized 10MB, 100MB and 1GB via dd if=/dev/zero of=/home/mexas/1gb bs=1m count=10 dd if=/dev/zero of=/home/mexas/1gb bs=1m count=100 dd if=/dev/zero of=/home/mexas/1gb bs=1m count=1024 respectively. What I discovered is put(mput) is much slower than get(mget). Here is a sample of timings: 10MB file # sftp put 1gb Uploading 1gb to /usr/home/mexas/1gb 1gb 100% 10MB 59.2KB/s 02:53 sftp mget 1gb Fetching /usr/home/mexas/1gb to 1gb /usr/home/mexas/1gb 100% 10MB 330.3KB/s 00:31 100MB file ## sftp mput 1gb Uploading 1gb to /usr/home/mexas/1gb 1gb 100% 100MB 58.6KB/s 29:07 sftp mget 1gb Fetching /usr/home/mexas/1gb to 1gb /usr/home/mexas/1gb 100% 100MB 1.0MB/s 01:41 sftp mget 1gb Fetching /usr/home/mexas/1gb to 1gb /usr/home/mexas/1gb 100% 100MB 930.9KB/s 01:50 1GB file sftp mget 1gb Fetching /usr/home/mexas/1gb to 1gb /usr/home/mexas/1gb 100% 1024MB 796.8KB/s 21:56 sftp mput 1gb Uploading 1gb to /usr/home/mexas/1gb 1gb 7% 79MB 56.3KB/s 4:46:28 ETA (I interrupted the last transfer, just too long to wait). So putting (sending) a file is about 5-17 times faster than getting (receiving) it. What is the reason behind this? Just a thought, Since you are in the uk, do you have ADSL at home? If so the upload on ADSL is much lower than the download. On the other hand your office line is likely to be a symmetric connection so would have the same speed in both directions. Vince many thanks anton ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: booting off GPT partitions
GPT booting is I believe only natively supported using an EFI BIOS. However if you wish to use GPT booting with FreeBSD its not too hard, you just cant install using sysinstall. The Examples section of the gpart manpage is what i used to configure the disk for my home server, a zotac ion atom based board (dont have any production servers at work using it at the moment.) Then i just installed using the files on the usb image. From what I understand gpart installs the pmbr file as a basic bootstrap in the protective MBR present in the GPT partition scheme, this is bootable by a standard bios and is able to understand enough GPT to look for a freebsd boot partition, load the bootcode in that, which loads the kernel etc. So no they arent completely misguided, but its certainly possible to use a GPT scheme without an EFI BIOS. What I would like is an efi bootloader for i386 so I can get my powerbook to run FreeBSD again as it has got an efi bios and bootcamp wont boot freebsd for me at the moment :( Vince Dan Naumov wrote: Hey I was under the impression that everyone and their dog is using GPT partitioning in FreeBSD these days, including for boot drives and that I was just being unlucky with my current NAS motherboard (Intel D945GCLF2) having supposedly shaky support for GPT boot. But right now I am having an email exchange with Supermicro support (whom I contacted since I am pondering their X7SPA-H board for a new system), who are telling me that booting off GPT requires UEFI BIOS, which is supposedly a very new thing and that for example NONE of their current motherboards have support for this. Am I misunderstanding something or is the Supermicro support tech misguided? - Sincerely, Dan Naumov ___ freebsd-sta...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Blocking a slow-burning SSH bruteforce
David Rawling wrote: On 2/01/2010 2:07 AM, J.D. Bronson wrote: Few options I can think of in random order...I use #1: 1. Run SSH on an obscure port. Seriously, thats one of the easiest things to do. Since I have done that, I have had ZERO attempts and it works perfectly as long as users know the odd port. In fact, I dont know anyone in our IT circle of friends that runs SSH on port 22. 2. Consider controlling/limiting access via 'pf' if your running 'pf'. Of course with your examples coming from all different IPs, thats not likely gonna help much. 3. Just ignore it - they aren't getting in...similar to spammers being rejected by RBLsits traffic, but cant be a whole lot. 4. Limit login time window too...I run a very narrow window of time to login and a LOW number of attempted logins per session. Darn. 1 is out because 22 is the one port that most organisations (including mine) allow out of their networks for administering routers. 2 is unfortunately not an option (as a consultant I do work from many networks) 4 - again I might have to log in any time ... 3 seems the best approach. Thanks for your thoughts, it's good to get second opinions. A final option is something like port knocking. (http://www.portknocking.org/) basicly a demon that checks if a specific packet/sequence has been blocked by the firewall and opens a port if the conditions are met. I havent actually tried it and it sounds a bit fiddely to be honest but it should work and theres security/knock in ports if you want to try it. Vince Dave. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: is there a newer write up on BIND than '04?
Gary Kline wrote: Anybody know if there is a new FBSD writeup on BIND than what is listed near the top in google's output? Seems like the folks at ISC changed the bind/named stuff from /etc to /var sometime after 2005. gary PS: I'll share everything I have/am still learning when my old - new server migration is done... . for me at least /etc/namedb is a symlink (10:14:00 /etc) 0 $ ls -la /etc/namedb lrwxr-xr-x 1 root wheel 21 Dec 3 21:00 /etc/namedb@ - /var/named/etc/namedb I tend to access it via /etc though habit. (been using pretty much the same config since 5.x with some minor changes that i cant remember off hand.) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Problems with wifi and macbook
FW wrote: I have successfully installed freebsd on my macbook (yay!), but I can't figure out how to make the wifi work. Wired networking works great. I am following the directions here : http://www.freebsd.org/doc/en/books/handbook/network-wireless.html, but I have only got up to section 31.3.3.1, since I can't get past the scanning part. My ifconfig output is attached (can't figure out cutting and pasting in icewm with the single mouse thing). When I try run ifconfig ath0 scan, I get ifconfig: unable to get scan results. My loader.conf is attached to -- I presume that the kernels are loadd, but I can't figure out how to check. I DO see ath0 in the dmesg. Any help is appreciated! Are you running 8.0 ? if so the way wireless works has changed somewhat. instead of using the ath0 device directly you need to make a wlan0 device which uses the ath0 device. I think the command line is ifconfig wlan0 create wavelandev ath0 wlanmode (pick from sta hostap adhoc or whatever) see wlan(4) and ifconfig(8), see also the entry dated 20080420 in /usr/src/updating (or in http://svn.freebsd.org/viewvc/base/release/8.0.0/UPDATING?revision=199625view=markup) if you dont have a source tree installed. Once thats done, the rest should be as per the handbook i think. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD only on MacBook? Having problems...
w s wrote: (x posted to http://forums.freebsd.org/showthread.php?t=8827, my apologies, but no one seems interested there...) I am trying to follow the steps to install FreeBSD 8.0 on my MacBook. I don't want to dual boot or anything, so I am following along here: http://wiki.freebsd.org/AppleMacbook...15739bad407a8a (Note that earlier I managed to stomp all over the slices trying to partition without reading the directions...) However, it doesn't match my experience exactly, and I don't really have the FreeBSD background to compensate (long time Linux user, and never very hardware focused at all), so here are some starting questions (Note I am in the Fixit shell from the livefs CD): 1. Is gpart the same as gpt? Almost, gpart is the successor of gpt. the wiki still needs a little updating, (seems to be part gpt and part gpart based) 2. How can I lose the GPT? When I run # gpart destory ad5 I get gpart: Device busy. I presume that it is because / is mounted to run the livefs CD. So ... Not quite, if you run gpart show you should get a list of stuff on ad5, so before you can destroy the GPT you have to delete the stuff using it,a quick example using an md device: (reminder just in case, this will remove ANY partitions on the disk, but you already know that :) [r...@ostracod /scratch]# gpart show md0 = 34 19933 md0 GPT (9.8M) 34 199331 freebsd-ufs (9.7M) [r...@ostracod /scratch]# gpart destroy md0 gpart: Device busy [r...@ostracod /scratch]# gpart delete -i 1 md0 md0p1 deleted [r...@ostracod /scratch]# gpart destroy md0 md0 destroyed 3. Umm, what do I do now If I run gpart show ad5 I get a bunch of stuff which I would have to type in manually -- let me know which pieces are important and I will do it. Hope that helps, gpart (and GPT) is great once you get used to it but its got a learning curve. Vince TIA! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pf nuttyness
krad wrote: 2009/11/24 Brian McCann bjmcc...@gmail.com I'm at the end of my rope here with PF. I have a ruleset loaded, that is long and complicated...but I've shortened to to a pass all rule. The box has 4 interfaces, one for pfsync, one for me to connect to it, and two bridged interfaces. The only traffic on the bridged interfaces is STP and IP multicast traffic from my EIGRP routers. When I run pfctl -s rules -v, the EIGRP multicast traffic never hits any rules...yet it's allowed. I'm on FreeBSD 7.1. Has anyone else come across this before? I'm ready to throw out FreeBSD 7.1 and try OpenBSD for pf use...which would be a shame since I use FreeBSD for all my other servers, and having 2 OpenBSD boxes would just be... weird... --Brian Have you read the if_bridge(4) manpage? I'd reccommend starting at the heading PACKET FILTERING and checking you have the correct sysctl settings. pf certainly can filter bridge interfaces according to the manpage. That said I've never tried it. Vince -- _-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_-=-_ Brian McCann I don't have to take this abuse from you -- I've got hundreds of people waiting to abuse me. -- Bill Murray, Ghostbusters ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org pf works at layer3 (ip) bridging works at layer 2 (ethernet/datalink) therefore the traffic probably never get to the upper layer of the ip stack where pf works. You can do l2 filtering with ipfw if you enable the sysctl variable net.link.bridge.ipfw=1. However im not sure if you can do it with pf on freebsd. I had a quick scout through the man pages and cant see anything. However im fairly sure you can to l2 stuff with pf in openbsd. As your traffic is multicast you could always configure you bsd box as a multicast router rather than bridging the traffic. pf should see the traffic then as your working at l3 and above ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
freebsd.org problems?
Is www.freebsd.org haiving problems? http://downforeveryoneorjustme.com/www.freebsd.org seems to indicate a general problem. (not that I cant just use a mirror but I'm curious) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: GPUs on FBSD?
Chris Rees wrote:
2009/11/20 Robert Huff roberth...@rcn.com:
Chris Rees writes:
Anybody knows of working GPUs under FBSD on any arch?
Any advice?
Nvidia GPUs work on IA-32 machines, but AFAIK there's still no
amd64 driver.
There was a posting within the last 24 hours on one of the
FreeBSD mailing lists that pointed to a post indicating nVidia is
working on native {i386, amd64} drivers. The post was dated
November 5th; it provided no expected release date beyond when it's
done. My personal _estimation_ would be when 8.0 ships, or soon
after.
Robert Huff
Now that could be very interesting
Thanks for your alertness! I couldn't find the post you mentioned,
though there is
http://www.nvnews.net/vbulletin/showpost.php?p=2078598postcount=415
Chris
The link was
http://www.nvnews.net/vbulletin/showthread.php?t=41545page=37 and the
essence is that they have a driver that works but its still pre-beta (no
date for a public beta yet)
Vince
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ssh-agent and ordering of keys
Hi all, I've a bit of an annoying problem that hopefully someone here has delt with before. I have a large(ish) number of ssh keys as i like to keep things nicely seperated, I also use longish passphrases. To deal with long pass phrases I have started to use ssh-agent, which is working nicely but since i have a large number of keys and ssh-agent doesnt let you specify a particular key for a particular machine (I was using host and IdentiyFile lines in ~/.ssh/config before) I'm starting to hit a problem where I'm unable to log in to a machine as I'm hitting the MaxAuthTries value in sshd_config. I know i could just bung the MaxAuthTries value up to 20 or so on all my servers but I dont really want to, I'd rather a way of specifying which ssh key ssh-agent uses for a specific host, (like i said it ignores the IdentiyFile lines in the config file and ignores the -i switch to ssh itself.) Any ideas welcome. Thanks, Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: about Intel 3945 wlan card in Freebsd 8-CURRENT
PstreeM China wrote: hi , everyone : some time ago , i use Freebsd7.2 and the wpi driver for my Inter 3945 wlan card .. after that , i upgrade to FreeBSD8-current ,but i find that my wlan is not work . i want to know that is a bug or the driver is not wall on 8-current ??? anyone can tell me ?? thank ! 8.x and later uses a different format for the wireless interfaces. See the entry dated 20080420 in /usr/src/UPDATING Vince the /boot/loader.conf ; legal.intel_wpi.license_ack=1 if_wpi_load=YES wlan_load=YES wlan_amrr_load=YES firmware_load=YES wpifw_load=YES and after the command #/etc/rc.d/netif restart ### bsd# /etc/rc.d/netif restart wpa_supplicant not running? (check /var/run/wpa_supplicant/wpi0.pid). Stopping Network: lo0 wpi0 bge0 plip0. lo0: flags=8048LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 2290 ether 00:18:de:bc:31:7b media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) status: no carrier bge0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:17:a4:d2:67:b6 media: Ethernet autoselect (none) status: no carrier plip0: flags=8810POINTOPOINT,SIMPLEX,MULTICAST metric 0 mtu 1500 Starting wpa_supplicant. ioctl[SIOCG80211, op 98, len 32]: Invalid argument ELOOP: remaining socket: sock=5 eloop_data=0x28407140 user_data=0x2840e040 handler=0x8069f40 /etc/rc.d/wpa_supplicant: WARNING: failed to start wpa_supplicant Starting Network: lo0 wpi0 bge0. lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST metric 0 mtu 16384 options=3RXCSUM,TXCSUM inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff00 wpi0: flags=8802BROADCAST,SIMPLEX,MULTICAST metric 0 mtu 2290 ether 00:18:de:bc:31:7b media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) status: no carrier bge0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 options=9bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM ether 00:17:a4:d2:67:b6 media: Ethernet autoselect (none) status: no carrier ## ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'make release' on ZFS filesystem fails: chflags: operation not permitted
O. Hartmann wrote: I followed the steps making a release on FreeBSD 8.0-RC2/AMD64 on my box, the target CHROOTDIR is located on a ZFS volume. I searched the list for a solution, but did not find any. sysctl kern.securelevel shows kern.securelevel: -1 Is there any solution? I guess those with complete ZFS infrastructure will not be able performing a make release, or do they? Odd I though flags were now supported on the newer zfs versions. Try NO_SCHG=yes in /etc/make.conf as a workaround. Vince Thanks in advance, Oliver ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How do I replace the built-in OpenSSL with a source tarball ?
George Sanders wrote: - Original Message From: Gary Gatten ggat...@waddell.com To: George Sanders gosand1...@yahoo.com; freebsd-questions@freebsd.org Sent: Wed, October 28, 2009 11:01:35 AM Subject: RE: How do I replace the built-in OpenSSL with a source tarball ? Maybe remove the existing package first? And try to use a pkg if you can for the new one. Yes, but I still won't know how to put the new version in _exactly the same place_ as the one I just removed. For complex reasons of space and tools (embedded system, etc.) I do indeed need to use the source tarball. So I'd like to know what configure directive to feed to it to properly and _exactly_ replace the existing FreeBSD default OpenSSL... Thanks. Well the base openssl is held in /usr/src/crypto/openssl but the makefile is in /usr/src/secure/usr.bin/openssl so I'd look at those. I'm in no way knowledgeable about openssl or how its integrated into freebsd though, this is just from a quick look at the sources. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: /tmp on mfs
Christopher Hilton wrote: Reading the list yesterday I came across a little controversy about swap backed /tmp filesystems. I've been using this in my /etc/rc.conf tmpmfs=YES# Set to YES to always create an mfs /tmp, NO to never tmpsize=1g# Size of mfs /tmp if created tmpmfs_flags=-S -o async,noexec # Extra mdmfs options for the mfs /tmp To mount /tmp on a swap backed filesystem. I've been assuming that data stored in the /tmp directory was held in RAM and then written to the swap space only when the system had a more pressing need for the RAM. I typically configure my systems with swap == 2 * RAM or more. And on the systems in question I have at least 1Gb of RAM. I was hoping to use this trick to enhance the performance of the postgresql database (temp_tablespace=/tmp/pgsql/) Is my assumption about where the data in a temporary file is stored incorrect? Thats certainly always been my interpretation of the manpage. Storage for this type of memory disk is allocated from buffer memory. Pages get pushed out to the swap when the system is under memory pressure, otherwise they stay in the operating memory. If thats not the case I'd be interested to know how it does work. Vince -- Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: scalable FreeBSD based LNS (with L2TPv2)
Rogelio wrote: Has anyone created/used/found/seen a FreeBSD based LNS that supports thousands L2TPv2 tunnels? Right now, the only solution I see that scales to this level is Redback, and if not a Redback box, then lots of Cisco 7200 boxes. I understand MPD (ports/net/mpd5) is used in large scale deployments. I've only ever used it as a proof of concept though, (for which it worked great, sadly they went for a pair of 7200s instead.) Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: I hate to bitch but bitch I must
PJ wrote: michael wrote: PJ wrote: Why is it that the manual pages, as thorough as they may be, are very, very confusing. Perhaps I am being too wary, but I find that too many instructions/examples are stumbling blocks to appreciation of the whole system: for instance, let's look at the instructions for changing disk labels with glabel or is it tunefs ? man glabel(8): for UFS the file system label is set with tunefs(8) http://www.freebsd.org/cgi/man.cgi?query=tunefssektion=8apropos=0manpath=FreeBSD+7.2-RELEASE. what happened to glabel? man tunefs(8) The *tunefs* utility cannot be run on an active file system. To change an active file system, it must be downgraded to read-only or unmounted. So, you have to run tunefs from an active file system to modify another disk? but from man tunefs: BUGS This utility should work on active file systems. What in hades does this mean--just above it says cannot be run on active file systems. ??? To change the root file system, the system must be rebooted after the file system is tuned. You can tune a file system, but you cannot tune a fish. How cute... And fish eat bugs. Seriously, now to the manual: To create a permanent label for a UFS2 file system without destroying any data, issue the following command: # tunefs -L /home/ /dev/da3 Oh? home is what? What does this have to do with the partitions? Here's from man glabel(8): EXAMPLES The following example shows how to set up a label for disk ``da2'', cre- ate a file system on it, and mount it: glabel label -v usr /dev/da2 newfs /dev/label/usr mount /dev/label/usr /usr [...] umount /usr glabel stop usr glabel unload The next example shows how to set up a label for a UFS file system: tunefs -L data /dev/da4s1a mount /dev/ufs/data /mnt/data Am I to understand that glabel is only for a new system? What's with the newfs... I'm trying to set labels on an system that is already set up. And, the glabel examle above is not for UFS file systems? Oh, that's for tunefs? So why are we even dealing with this glabel? from manual: # tunefs -L /home/ //dev/da3/ A label should now exist in /dev/ufs which may be added to /etc/fstab: /dev/ufs/home /home ufs rw 2 2 Why? Is this necessary? and somewhere I saw tunefs -L volume /dev/da0s1a or something like that. Does that mean that each partition should be tunefsd? Maybe the guys who programmed this stuff understand; I sure don't. I just want to be able to set the labels according to what they say can be done... so shy not have a clear and concise explanation? Do people who write this stuff ever read it? Tell me that its clear and simple and to the point... so far, I have been running back and forth between half a dozen web pages trying to understand what is going on... and doing things through a dense fog does not produce creative results! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ok, in short since i didn't see anyone answer this directly, your question of tunefs vs glabel: tunefs is for UFS: it labels a UFS filesystem, no matter the device, ie: ad or da. tunefs is part of the filesystem utilities for UFS. good example, can't tunefs -L SWAP /dev/ad0s1b if it is a swap. you can glabel it. glabel is for labeling a device itself. you can glabel an ntfs filesystem or ext2, whatever. Thanks for that, Michael. But can you explain what this means? It just is not clear for me. # tu;nefs -L home /dev/da3 This puts a label on that disk? So now it can be referred to as home? da3 = home ? yes. this makes a ufs label which you can access via /dev/ufs for example (my home system) jh...@ostracod (23:08:34 ~) 0 $ ls /dev/ufs SCRATCH SSDROOT SSDUSR SSDVAR jh...@ostracod (23:08:39 ~) 0 $ mount /dev/ufs/SSDROOT on / (ufs, local, noatime) devfs on /dev (devfs, local, multilabel) /dev/ufs/SSDUSR on /usr (ufs, local, noatime, soft-updates) /dev/ufs/SSDVAR on /var (ufs, local, noatime, soft-updates) /dev/ufs/SCRATCH on /scratch (ufs, local, noatime, gjournal) tmpfs on /tmp (tmpfs, local) devfs on /var/named/dev (devfs, local, multilabel) jh...@ostracod (23:08:41 ~) 0 $ cat /etc/fstab /dev/ufs/SSDROOT/ ufs rw,noatime 1 1 /dev/ufs/SSDUSR /usrufs rw,noatime 2 2 /dev/ufs/SSDVAR /varufs rw,noatime 2 2 /dev/label/SWAP noneswapsw 0 0 /dev/ufs/SCRATCH/scratchufs rw,noatime 2 2 tmpfs /tmptmpfs rw 0 0 note there I have also used glabel on the swap (command used was glabel label /dev/ad10p1) One thing to note with label, if you mount/use the device by is raw node, the label disapears. ie: [r...@ostracod ~]# swapoff -a swapoff: removing
Re: I hate to bitch but bitch I must
Polytropon wrote: On Sat, 17 Oct 2009 23:17:29 +0100, Vincent Hoffman vi...@unsane.co.uk wrote: yes. this makes a ufs label which you can access via /dev/ufs for example (my home system) jh...@ostracod (23:08:34 ~) 0 $ ls /dev/ufs SCRATCH SSDROOT SSDUSR SSDVAR [...] /dev/ufs/SCRATCH on /scratch (ufs, local, noatime, gjournal) ^^^ Wow! Last time I saw this was on EAW's WEGA (a UNIX System III compatible UNIX developed in the GDR for the P8000 workstation). There even was /etc/mount and /etc/fsck. :-) Heh nothing so arcane here, I just use it as a scratch (disposable content) disk. /dev/ufs/SSDVAR /varufs rw,noatime 2 2 /dev/label/SWAP noneswapsw 0 0 These two lines illustrate the different use of the results of glabel label for generic labels and tunefs -L for UFS labels very well. note there I have also used glabel on the swap (command used was glabel label /dev/ad10p1) A really honest question: What does the p in ad10p1 indicate? I always thought swap partitions are something like ad10b (an own partition right after the root partition a). I partitioned my disk as GPT using gpart. no real reason, just because i could ;) this give partitions (p) instead of slices (s) (I think, not certain thats what the p and s stand for but it makes sense) I could also have used the gpt labels instead of generic glabel labels. [r...@ostracod /scratch]# dd if=/dev/zero of=dsk bs=1m count=10 10+0 records in 10+0 records out 10485760 bytes transferred in 0.055245 secs (189804954 bytes/sec) [r...@ostracod /scratch]# mdconfig -a -t vnode -f dsk -u 10 [r...@ostracod /scratch]# gpart add -l MDDISK -t freebsd-ufs md10 md10p1 added [r...@ostracod /scratch]# ls /dev/gpt/ MDDISK One thing to note with label, if you mount/use the device by is raw node, the label disapears. [...] This used to confuse me greatly :) Why make a label available for something to mount that is already mounted and cannot be accessed through this label while being mounted? :-) The kernel messages show such messages about removing labels as soon as devices are mounted in the traditional way. Indeed, that makes sense. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: All in one printer?
Patrick Lamaiziere wrote: Hello, I'm looking for an all in one printer (scanner + printer). Do you know some models well supported by our favorit OS (8.0) (and a cheep one of course)? I've had 2 HP cheap printer/scanners that have both worked well using the hplip port with cups and sane. Off hand I cant remember model numbers but http://hplipopensource.com/hplip-web/supported_devices/index.html should list most if not all the ones it supports. Vince Thanks, regards. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: gmirror, gjournal and glabel - which order?
krad wrote: 2009/10/13 Daniel Bye freebsd-questi...@slightlystrange.org On Tue, Oct 13, 2009 at 01:08:46AM +0300, Manolis Kiagias wrote: Daniel Bye wrote: Hi all, I'm having a hard time trying to work out which order I should set up gmirror, glabel and gjournal on a new system. I want to journal my /home partition, label all the partitions for ease of reference, and use gmirror to save me in the event a disk goes bad. I am struggling to fit the pieces together conceptually in my mind. I understand the processes involved in setting each part separately - my problem is in trying to build this up in the right order so that it all makes sense. So far, I have labelled the primary drive and set up the journal. I have edited fstab to reflect the labels and journalled file system on /home. If I now build a mirror, don't I need to alter fstab to mount that and not the stuff in /dev/label? In which case, I guess I need to build the mirror first, and then set up labels and journals? I'm going round and round in circles here and none of the stuff I've read on the web enlightens me... :-/ Any insights or suggestions would be taken as a great kindness! Dan When not mirroring, I first create the journals and then label the resulting ad.journal devices In case you are doing a gmirror device, you would not really need the separate label step - the gm device name won't change and gmirror is not affected if the device names of the individual disks change (the disks are marked as part of a mirror and scanned at startup). When you are creating the composite gmirror device you are effectively labeling it anyway i.e. gmirror label gm0... Now if you follow the usual tutorials found in the web you would be using gm0 / gm1 but you actually name it any way you wish. If you really need to label the separate gmirrored partitions, do it after setting up the mirror. Concerning the order of journals and mirroring, I create the journals first, then mirror the result. This has always worked fine for me. Thanks much, Manoli. After posting, I came to more or less the same conclusion, but it's good to get confirmation from someone who clearly knows more about this stuff than I do! I'd still be interested to hear what others think/do. As ever, thanks for your time. Dan -- Daniel Bye _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ I've always gmirrored 1st, then created the gjournal then newfs the journal device with the -L and -J flags to label it. I'm not sure if this is correct but ufs2 has hooks into gjournal, and if the journal class inst directly below the ufs layer these hooks might not work correctly. I've always done it this way too (mirror then journal,) both for the reason given and because of the following from the gjournal(8) manpage: When gjournal is configured on top of gmirror(8) or graid3(8) providers, it also keeps them in a consistent state, thus automatic synchronization on power failure or system crash may be disabled on those providers. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Capturing netflows
Jay Hall wrote: I have run into a need to capture netflows from the internal interface of my FreeBSD 6 server. The internal interface is em0 and the external interface is em1. I am using the following to setup the netflows. /usr/sbin/ngctl -f- SEQ mkpeer em0: netflow lower iface0 name: em0: lower netflow connect em0: netflow: upper out0 mkpeer netflow: ksocket export inet/dgram/udp msg netflow:export connect inet/1.2.3.4:12345 SEQ When I run the commands above, I receive the following message. ngctl: send msg: No such file or directory ngctl: line 1: error in file I am at a complete loss here. My understanding of netgraph is poor at best. Any suggestions would be appreciated. Been a while since I used it but I used to use this script based on this email http://www.mail-archive.com/freebsd-questions@freebsd.org/msg103671.html #!/usr/sbin/ngctl -f mkpeer fxp0: tee lower right connect fxp0: fxp0:lower upper left mkpeer fxp0:lower netflow right2left iface0 name fxp0:lower.right2left netflow mkpeer netflow: ksocket export inet/dgram/udp msg netflow:export connect inet/w.x.y.x:6667 hope that helps, Vince Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Partions per slice limitation removed?
Mak Kolybabi wrote: On 2009-08-13 13:41, Doug Poland wrote: I thought I recalled reading, within the last few months, that there is no longer a 8 partition/slice limitation in FreeBSD. I've been googling and reading man pages to verify that but cannot find any documentation to support it. Was I dreaming? (Forgot to send this reply to the list the first time, not just the OP.) No, you were not dreaming. When in doubt, check the source. From head/sbin/bsdlabel/bsdlabel.c [1]: Allow bsdlabel to operate on labels that have at most 26 partitions by virtue of there not being any (lower-case) letters avaliable for more partitions. [1] http://svn.freebsd.org/viewvc/base?view=revisionrevision=174501 Indeed and from http://ivoras.sharanet.org/freebsd/freebsd8.html (a reasonably complete list of whats comming in 8.0) it says bsdlabel gets extended to 26 partitions Status: Committed to -CURRENT Will appear in 8.0: sure Author: Marcel Moolenaar web: http://lists.freebsd.org/pipermail/cvs-src/2007-December/084949.html bsdlabel is (finally!) extended to support more than 8 partitions. The new limit of 26 partitions comes from the number of lower-case letters. To make use of this change, GEOM_PART needs to be used instead of GEOM_BSD (this requires custom kernel configurations). Vince -- Matthew Anthony Kolybabi (Mak) m...@kolybabi.com () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Boot failure
Identry wrote: Try downloading and booting the livefs environment (I think you need cd1 and the livefs cd or just the DVD) and see if you can mount it from that, if not it could be a controller issue. If you can then its probably your OS/kernel but at least you now have access to your data/configs etc etc not to mention you could try extracting the GENERIC kernel from the install media (use the install.sh script in the kernels directory.) Okay! Good news, I think. I used the 'fixit' mode, that is available through the installation disk, to mount the disk that fails to mount during boot up. What I did was: mount /dev/mfid0s1a /test It mounts successfully and I can see everything in that partition. So I guess the question now is, if I can mount it manually, why doesn't it mount during the boot process? I'd give it an fsck or two (more than one has been needed once or twice), also has anything changed with the server (updates etc etc) for example why was it rebooted? I seem to recall a verbose boot mode in the boot menu. does that give any hints beyond the freeze you see when you try and boot? Are you using the GENERIC kernel, if not have you tried it? Vince -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: net-mgmt/flowd - broken ?
Kalle Møller wrote: Damn have no clue how to build fix or anything with plist ... Except it seemd to be a list of the files used ?? Pretty much, the porters handbook has a decent section on it if your interested. Any installed files except man pages and documentation (which are specified in the makefile) should be listed as far as i can tell. Have a read at http://www.freebsd.org/doc/en/books/porters-handbook/porting-desc.html#AEN100 and http://www.freebsd.org/doc/en/books/porters-handbook/plist.html I think this is a simple one, if no one else does then I'll try and look at it tomorrow. my guess is that %%with_per...@dirrm %%SITE_PERL%%/%%PERL_ARCH%%/auto should be %%with_per...@dirrmtry %%SITE_PERL%%/%%PERL_ARCH%%/auto and possibly lib/perl5/5.8.9/mach/perllocal.pod (or the appropriate variables in place of a static path) need to be added. Vince On Wed, Aug 5, 2009 at 8:48 PM, Mel Flynn mel.flynn+fbsd.questi...@mailing.thruhere.netmel.flynn%2bfbsd.questi...@mailing.thruhere.net wrote: On Wednesday 05 August 2009 10:35:02 Kalle Møller wrote: make WITH_PERL=YES But it returns that it is broken ? flowd-0.9.1_1 is marked as broken: Incomplete pkg-plist. Without perl it installs fine. The problem is that I need the perl part to get some of the other tools to work :S Anything I can do to get this not broken ... You could fix the plist and ping the maintainer (added to CC). -- Mel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Boot failure
Identry wrote: Well, the bad day has come... My primary server won't boot. I have backups of databases and user directories, but I need to try to get this server back up again. During the boot sequence, it freezes at the statement: Trying to mount root from ufs:/dev/mfid0s1a I tried booting into single user mode, but same issue (of course). I don't want to just start hacking at this for fear of making things work... what is my best, most conservative next step? Try downloading and booting the livefs environment (I think you need cd1 and the livefs cd or just the DVD) and see if you can mount it from that, if not it could be a controller issue. If you can then its probably your OS/kernel but at least you now have access to your data/configs etc etc not to mention you could try extracting the GENERIC kernel from the install media (use the install.sh script in the kernels directory.) Vince -- John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Opera in your repos
Hi, Opera is indeed already in the ports (and packages) and has been since November 5th 2000 according to the Makefile in ports/www/opera. and it appears the port is maintained by one of the staff at opera MAINTAINER= freebsd-maintai...@opera.com Keep up the good work :) Vince Vince Ilya Shpan'kov wrote: Hi, I work in Opera Software - yes, we make a proprietary browser ;) Last 7 years I use GNU/Linux and know that, for example, in Russia the Opera browser is very popular in BSD Community. Well, there is a question: whether Opera is included to your distro and if not - how we can fix this problem? We are ready for any discussions, technical help or agreement, if necessary. Thanks in advance, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Analyze load of the channel to Internet
Anton wrote:
Hello Gary,
Due to what I've read about ntop - it is not really what I need.
I dont have any Cisco routers, nor switches with port-mirroring - so I
c=uld not collect any traffic. I have only 2 freebsd routers - and
need to k=ow - when the outgoing channel of first gets overflowed
and I need to redi=ect outgoing traffic to second
Freebsd comes with bsnmp or if you prefer ports try net-snmp from ports,
these will let you query the snmp OID's mentioned.
I use a little perl script to query them and graph them myself for my
home router.
If you dont like snmp for some reason, putting something together using
netstat shouldnt be too hard. For example
(12:45:12 ~) 0 # netstat -b -f inet -I fxp1
NameMtu Network Address Ipkts Ierrs Ibytes
Opkts Oerrs Obytes Coll
fxp1 1500 10.0.0.0/25 intgate 806889 - 118190683
1247743 - 1621177480 -
(excuse word wrap but it shouldnt be too hard to work out)
running this every minute from cron would make it easy to grab the in
(Ibytes) or out (Obytes) traffc and perform actions accordingly.
very quick and dirty example:
-cut
#!/bin/sh
IFNAME=fxp0
OLDIN=$(netstat -b -I $IFNAME | awk '/Link/{print $7}')
OLDOUT=$(netstat -b -I $IFNAME | awk '/Link/{print $10}')
sleep 10
NEWIN=$(netstat -b -I $IFNAME | awk '/Link/{print $7}')
NEWOUT=$(netstat -b -I $IFNAME | awk '/Link/{print $10}')
INBPS=$(echo ( $NEWIN - $OLDIN ) / 10 | bc )
OUTBPS=$(echo ( $NEWOUT - $OLDOUT ) / 10 | bc )
echo $IFNAME is doing $INBPS bytes a second inbound
echo $IFNAME is doing $OUTBPS bytes a second outbound
--cut
sample output:
(13:50:09 ~) 0 # sh foo.sh
fxp0 is doing 1247 bytes a second inbound
fxp0 is doing 51175 bytes a second outbound
Vince
Monday, August 3, 2009, 4:55:00 AM, you wrote:
almost any NIC / OS will support SNMP MIB-II counter=, which
includes octets Tx and Rx. MANY tools available for getting snmp mib
values.
If you want util AND details on IP, ports, etc. - ch=ck out nTop.org
- Original Message -
From: owner-freebsd-questi...@freebsd.org owner-
freebsd-questions@freebsd.org
To: freebsd-questions@freebsd.org freebsd-questi...@freebsd.org
Sent: Sun Aug 02 15:08:38 2009
Subject: Analyze load of the channel to Internet
Hello everybody...
Need to view and get real-time reporting of outgoing=hannel to
Internet?
I think, that this is may be realized by means of ip=w (e.g. - get
counters
of count rules for Internet and divide them to time,=hich passed
between
analyzing)
But, maybe, there is an utility, to which I can comm=nicate (or
which could
analyze) my outgoing channel to Internet - and repor= me (mean some
redirection script) when an outgoing channel gets ov=rflowed, and I
need to
redirect all other outgoing traffic to another chann=l.
I would like to clear: I have to channels for Intern=t, meaned for
gaming
club - but I don't have enough finance to afford buy=ng some Cisco
device
and this 2 channel are 512 kilobits and 768 kilobits=f outgoing
traffic
Please, help
___
freebsd-questions@freebsd.org mailing list
[1]http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-
unsubscr...@freebsd.org
This email is intended to be reviewed by only the i=tended
recipient and may contain information that is privileged and/or con
fidential. If you are not the intended recipient, you are hereby
notified t=at any review, use, dissemination, disclosure or copying
of this email and=ts attachments, if any, is strictly prohibited. If
you have received this=mail in error, please immediately notify the
sender by return email and d=lete this email from your system.
--
Best regards,
Anton nbs=;[2]mailto:an...@sng.by
Administrator
Feel free to contact me
via ICQ 363780596
via Skype dobryak47
via phone +375 29 3320987
References
1. 3Dhttp://lists.freebsd.org/mailman/listinfo/freeb 2.
3Dmailto:an...@sng.by;
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: documentation for gpart(8)/GPT?
Robert Huff wrote: Is there anything - official, or unofficial but reliable - about working with gpart/GPT?I've read the man page, and am still a little wobbly. I found http://lists.freebsd.org/pipermail/freebsd-geom/2009-April/003440.html reasonably informative. Vince Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: source code licensing questions
Jonathan Chen wrote: 4.Suppose the answer for 1-3 is no, s there any other reason why I need to open the code. Only if you feel like it. I'd make that, Only if you feel like it or would like the warm glow of giving back to the community (and of course all those extra eyes to audit and improve your code ;) ) That said their is no obligation at all. Vince ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: eSATA and/or Firewire 800|400 card, cardbus or expresscard 54mm
On 30/6/09 14:42, p...@pair.com wrote: In message 20090624121036.ga3...@holstein.holy.cow on -mobile list[0], I asked for suggestions for a firewire or eSATA card to be put in Thinkpad T61 PCMCIA or EtherExpress slot, while most likely running FreeBSD 7. After about 6 days getting no replies but still dwindling hard disk space, where should I ask the question again: -hardware, -firewire, -stable, here[1]? The only one I have ever used was a cheapy one from deal extreme[0] This actually worked fine (minimal testing other than formatting and some file copies.) It was being picked up before the internal sata controller and reordering the drives which was a pain. I cant be sure if you would get one with the same chipset as me or anything though as its a noname brand from somewhere in china. Vince [0] http://www.dealextreme.com/details.dx/sku.22074 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: SAN FreeBSD Server
On 8/6/09 12:10, Friedrich Locke wrote: Dear gentleman, i would like to configure a FreeBSD installation as storage server solution. Iwould like to use iSCSI. Is it possible to configure a server running FreeBSD as a iSCSI server (i.e., i mean as a target)? Indeed it is, although as yet I've never needed to. (12:46:14 /usr/ports) [jh...@crab] 0 $ make search key=iscsi Port: iscsi-target-20080207_2 Path: /usr/ports/net/iscsi-target Info: Implementation of userland ISCSI target (from NetBSD) Maint: m...@foster.cc B-deps: R-deps: WWW:http://www.netbsd.org/ Port: istgt-20090428 Path: /usr/ports/net/istgt Info: An iSCSI target for FreeBSD 7.x with ZFS Maint: aoy...@peach.ne.jp B-deps: R-deps: WWW:http://shell.peach.ne.jp/aoyama/ Thanks a lot for your time and cooperation. Best regards, FL. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Remotely edit user disk quota
On 28/5/09 15:04, Kirk Strauser wrote: On Thursday 28 May 2009 08:53:23 am Wojciech Puchar wrote: depends, between pentium I and core2 quad. what's a difference? Well, I can transfer 25MB/s between hosts on the LAN without my CPU ever breaking 10% CPU usage. I'm of the opinion that most people don't need to optimize for CPU in such cases when the security payoffs are so great. There is also the option of the HPN patches (http://www.psc.edu/networking/projects/hpn-ssh/ included as options in the openssh-portable port) which allows a none cypher so you have the security of the encrypted key authentication but no encryption overhead for transferring files. However the OP doesnt seem to want to transfer files over it so the encryption overhead will be pretty minimal anyway. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
