Re: FBSD PowerPak
Rob, I can download the Ports collection and burn to DVD or CD-R. Would you be willing to pay for this? Will --- Kris Kennaway [EMAIL PROTECTED] wrote: On Thu, Jul 17, 2003 at 01:37:48PM +0800, Robert Storey wrote: I recently ordered and received the 4-CD set of FBSD 5.1. I had presumed that this would give me a pretty complete desktop setup. Alas, I was wrong. A lot of very commmon apps are missing, such as Xemacs and Mplayer. It's disappointing. I only have a dialup modem. I don't have broadband and have no hope of getting it where I live, so I was counting on the 4-CD set to fill in the gaps. xemacs21 is scheduled for disc1 if possible, but I suppose it was bumped because of lack of space. There are some xemacs and mplayer support packages on disc 3 and 4, but xemacs and mplayer themselves are missing. It looks like the CD layout could do with some tweaking. I noticed on the FreeBSDmall web site that they sell a PowerPak with 10 CDs. This is supposed to be the entire ports collection. Sounds like just what I need - except it's based on FBSD 4.6 which is one year old. So my question - I am wondering if the distfiles in this PowerPak are going to be of much use? Shelling out $40 isn't such a great hardship if the disfiles work as advertised, but I'm going to be more than a little pissed if it generates nothing but error messages. Does anybody know if the PowerPak will work with 5.1? Has anyone actually tried it? As you noted, it's based on 4.6, so the contents are a year old. If you don't mind getting year-old versions of ports, then go for it. Kris ATTACHMENT part 2 application/pgp-signature = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ISO images of ports collection
Other than the 4.6 version of ports sold at Freebsd, are there ISO images of the newer collections posted for download? If not, what is the best method of downloading them so I can make the images myself? The reason I ask is because I'd like to burn to disk (DVD or CD-R). Will = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Gigabit ethernet SMC Tigercard 1000
Does anyone know how to configure this. I have installed the card and connected to my switch. have noticed I now have interfaces inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto not sure why listed twice...or if this even relates to the card seeing how it doesnt say 1000base-SX here is what the entire interface section looks like (from DMESG): fxp0: Intel Pro 10/100B/100+ Ethernet port 0x5400-0x543f mem 0xfb00-0xfb0f,0xfb201000-0xfb201fff irq 10 at device 3.0 on pci0 fxp0: Ethernet address 00:d0:b7:b7:66:eb inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: Intel Pro 10/100B/100+ Ethernet port 0x5440-0x547f mem 0xfb10-0xfb1f,0xfb202000-0xfb202fff irq 5 at device 6.0 on pci0 fxp1: Ethernet address 00:02:b3:10:e4:13 inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Here is the output of ifconfig: fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 inet6 fe80::2d0:b7ff:feb7:66eb%fxp0 prefixlen 64 scopeid 0x1 ether 00:d0:b7:b7:66:eb media: Ethernet autoselect (100baseTX full-duplex) status: active fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::202:b3ff:fe10:e413%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:10:e4:13 media: Ethernet autoselect (100baseTX full-duplex) status: active ppp0: flags=8010POINTOPOINT,MULTICAST mtu 1500 sl0: flags=c010POINTOPOINT,LINK2,MULTICAST mtu 552 faith0: flags=8002BROADCAST,MULTICAST mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff00 I am running two 100baseT nics on this box... appreciate any help. Will = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gigabit ethernet SMC Tigercard 1000
ok, that was dumb, the inphy0 doesnt relate to the gig-e card...do I need to activate something in the kernel to support? Does anyone know how to configure this. I have installed the card and connected to my switch. have noticed I now have interfaces inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto not sure why listed twice...or if this even relates to the card seeing how it doesnt say 1000base-SX here is what the entire interface section looks like (from DMESG): fxp0: Intel Pro 10/100B/100+ Ethernet port 0x5400-0x543f mem 0xfb00-0xfb0f,0xfb201000-0xfb201fff irq 10 at device 3.0 on pci0 fxp0: Ethernet address 00:d0:b7:b7:66:eb inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: Intel Pro 10/100B/100+ Ethernet port 0x5440-0x547f mem 0xfb10-0xfb1f,0xfb202000-0xfb202fff irq 5 at device 6.0 on pci0 fxp1: Ethernet address 00:02:b3:10:e4:13 inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Here is the output of ifconfig: fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 inet6 fe80::2d0:b7ff:feb7:66eb%fxp0 prefixlen 64 scopeid 0x1 ether 00:d0:b7:b7:66:eb media: Ethernet autoselect (100baseTX full-duplex) status: active fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::202:b3ff:fe10:e413%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:10:e4:13 media: Ethernet autoselect (100baseTX full-duplex) status: active ppp0: flags=8010POINTOPOINT,MULTICAST mtu 1500 sl0: flags=c010POINTOPOINT,LINK2,MULTICAST mtu 552 faith0: flags=8002BROADCAST,MULTICAST mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff00 I am running two 100baseT nics on this box... appreciate any help. Will = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Stop this from clogging DMESG
arp: 192.168.0.2 is on lo0 but got reply from 00:d0:b7:b7:66:eb on fxp1 Hi, how do I stop this line from appearing 50,000,000 times per day in my DMESG output. I am sure it has something to do with the two nics I am running on this box. ** fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 inet6 fe80::2d0:b7ff:feb7:66eb%fxp0 prefixlen 64 scopeid 0x1 ether 00:d0:b7:b7:66:eb media: Ethernet autoselect (100baseTX full-duplex) status: active fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::202:b3ff:fe10:e413%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:10:e4:13 media: Ethernet autoselect (100baseTX full-duplex) status: active ppp0: flags=8010POINTOPOINT,MULTICAST mtu 1500 sl0: flags=c010POINTOPOINT,LINK2,MULTICAST mtu 552 faith0: flags=8002BROADCAST,MULTICAST mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff00 = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Stop this from clogging DMESG
--- Dan Nelson [EMAIL PROTECTED] wrote: In the last episode (Apr 02), W. J. Williams said: arp: 192.168.0.2 is on lo0 but got reply from 00:d0:b7:b7:66:eb on fxp1 Hi, how do I stop this line from appearing 50,000,000 times per day in my DMESG output. I am sure it has something to do with the two nics I am running on this box. ** fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 You have overlapping networks, for one. fxp0's network range is 192.168.0.0 - 192.168.7.255 fxp1's network range is 192.168.1.0 - 192.168.1.255 The 192.168.1/24 subnet is accessible to both cards, so the fxp1 interface is redundant. Try removing the card completely. * this box is in a lab-learning environment...how do I stop and keep both cards...should I make range for fxp1 192.168.8.x? = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gigabit ethernet SMC Tigercard 1000
God, I need to learn to read before I send...my kernel is recompiling right now with the lge device (already had the miibus device)...will see how this works then...two minutes later...yes it works now...still sending hoping it might benefit someone else... Will --- W. J. Williams [EMAIL PROTECTED] wrote: ok, that was dumb, the inphy0 doesnt relate to the gig-e card...do I need to activate something in the kernel to support? Does anyone know how to configure this. I have installed the card and connected to my switch. have noticed I now have interfaces inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto not sure why listed twice...or if this even relates to the card seeing how it doesnt say 1000base-SX here is what the entire interface section looks like (from DMESG): fxp0: Intel Pro 10/100B/100+ Ethernet port 0x5400-0x543f mem 0xfb00-0xfb0f,0xfb201000-0xfb201fff irq 10 at device 3.0 on pci0 fxp0: Ethernet address 00:d0:b7:b7:66:eb inphy0: i82555 10/100 media interface on miibus0 inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto fxp1: Intel Pro 10/100B/100+ Ethernet port 0x5440-0x547f mem 0xfb10-0xfb1f,0xfb202000-0xfb202fff irq 5 at device 6.0 on pci0 fxp1: Ethernet address 00:02:b3:10:e4:13 inphy1: i82555 10/100 media interface on miibus1 inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto Here is the output of ifconfig: fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 inet6 fe80::2d0:b7ff:feb7:66eb%fxp0 prefixlen 64 scopeid 0x1 ether 00:d0:b7:b7:66:eb media: Ethernet autoselect (100baseTX full-duplex) status: active fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::202:b3ff:fe10:e413%fxp1 prefixlen 64 scopeid 0x2 ether 00:02:b3:10:e4:13 media: Ethernet autoselect (100baseTX full-duplex) status: active ppp0: flags=8010POINTOPOINT,MULTICAST mtu 1500 sl0: flags=c010POINTOPOINT,LINK2,MULTICAST mtu 552 faith0: flags=8002BROADCAST,MULTICAST mtu 1500 lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x6 inet 127.0.0.1 netmask 0xff00 I am running two 100baseT nics on this box... appreciate any help. Will = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] = Will Williams = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Stop this from clogging DMESG
--- Dan Nelson [EMAIL PROTECTED] wrote: In the last episode (Apr 02), W. J. Williams said: --- Dan Nelson [EMAIL PROTECTED] wrote: In the last episode (Apr 02), W. J. Williams said: arp: 192.168.0.2 is on lo0 but got reply from 00:d0:b7:b7:66:eb on fxp1 Hi, how do I stop this line from appearing 50,000,000 times per day in my DMESG output. I am sure it has something to do with the two nics I am running on this box. fxp0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.0.2 netmask 0xf800 broadcast 192.168.7.255 fxp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 You have overlapping networks, for one. fxp0's network range is 192.168.0.0 - 192.168.7.255 fxp1's network range is 192.168.1.0 - 192.168.1.255 The 192.168.1/24 subnet is accessible to both cards, so the fxp1 interface is redundant. Try removing the card completely. * this box is in a lab-learning environment...how do I stop and keep both cards...should I make range for fxp1 192.168.8.x? That's probably a good idea. Also make sure the NICs are not plugged into the same ethernet segment, since if they are they will see the same broadcast packets and start complaining about other things. Use IP aliases on a single card if you only have one ethernet segment available. Dan, thx...yes, I only have one ethernet switch, but i believe it is capable of handling virtual LANs...should I build VLANS on the switch to separate the ethernet segments? I am running 8 pcs and simulating various things (VPNS, firewalls, etc) .It is a 24-port 3com 3300 switch. I just got my gig-e nic running now as well, so will experiment with routing traffic through it. thoughts? = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CCEVS or NIST Validation
Does anyone know if FreeBSD is being evaluated for validation through the the Common Criteria Evaluation and Validation Scheme (CCEVS) or the National Institute of Standards and Technology (NIST) thus making them FIPS 140-2 compliant and candidates for use in Government Organizations? = Will Williams ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW firewall rules not complete
see picture below... --- Henrik Hudson [EMAIL PROTECTED] wrote: On Thursday 20 March 2003 14:20, W. J. Williams wrote: ok, will try that...oddly enough though, mail comes in just fine, just going out farts...should have put that in the initial email...still think its NAT related? Mail as in POP fetching or mail as in SMTP mail server running? ANSWER: mail as in SMTP mail server (Sendmail). I have drafted a little visual of what my network looks like...this sort of grew out of what used to be just a wireless router connecting my laptops, but now includes FreeBSD which almost makes it's firewalling capabilities redundant; so I know the build is not necessarily ideal. I would like to keep it where it is for now, until I am brave enough to place behind a freebsd firewall. I am just looking for a simple starter ruleset that allows ports 22,25,80,1, 53 to keep working. I also would like to still be able to perform pings and traceroutes out of my network, but not from the outside in. |DSL modem | |DHCP from provider| ^ | PPOE | V - |wireless router | |192.168.0.1/29 | |serves laptops; | |does NAT, | |port forwarding | |as well for port| |25, 80, 1 | - ^ | 100bT | v |switch 24P| | 192.168.0.3/29 | | IP for snmp only)| ^ | 100bT | v - |IPFW box | |fxp0 192.168.0.2/29| | | |---| |fxp1 gatway for clients| |192.168.1.1/24 | - ^ | 100bT | v -- |clients | |192.168.1.2 through 8/24| -- = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
IPFW firewall rules not complete
sorry about last message...!! I am experimenting with IPFW firewalls and have hit a roadblock. I am trying to allow ssh, mail, dns requests, pings and traceroutes out, but not in and webmin (port 1). I am hitting a roadblock on mail and pings out. Hope someone can help me...I am new to this and don´t understand firewall rules syntax fully. I have funded my own lab to experiment with this fun and powerful stuff... some more notes. Firewall:two intefaces fxp0: 192.168.0.2/29 connected to router connected to DSL demarc (eventually I will get rid of this router and replace with BSD firewall, but for now, I need for it to stay...partly because I can only experiment with one thing at a time and because I have wireless laptops that connect to this router.:-) fxp1: 192.168.1.1/255.255.255.0: is gateway for 10 other hosts all in the 192.168.1 network. Rules I am using: add 21 deny log all from any to any in frag via fxp0 add 1000 allow tcp from any to any established add 2000 allow tcp from any to 192.168.0.0/29 22,25,1 setup add 3000 allow udp from 192.168.0.0/29 to any 53 add 4000 allow udp from any 53 to 192.168.0.0/29 add 5000 pass all from any to any via lo0 add 6000 pass all from any to 127.0.0.0/8 Would appreciate comments on what this simple rules file should look like. thx! = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: IPFW firewall rules not complete
--- Henrik Hudson [EMAIL PROTECTED] wrote: I am experimenting with IPFW firewalls and have hit a roadblock. I am trying to allow ssh, mail, dns requests, pings and traceroutes out, but not in and webmin (port 1). I am hitting a roadblock on mail and pings out. Hope someone can help me...I am new to this and don´t understand firewall rules syntax fully. I have funded my own lab to experiment with this fun and powerful stuff... Did you setup NAT and IPDIVERT in your kernel? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/natd.html Even though you have 2 private networks, you still need to run NAT accross those subnets or add static routes to your DSL modem, otherwise any traffic coming back in from the DSL modem won't know where to go to find the fxp1 network. Check out the handbook, it should work for you. -- ok, will try that...oddly enough though, mail comes in just fine, just going out farts...should have put that in the initial email...still think its NAT related? Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: IPFW firewall rules not complete
--- Henrik Hudson [EMAIL PROTECTED] wrote: On Thursday 20 March 2003 13:38, W. J. Williams wrote: I am experimenting with IPFW firewalls and have hit a roadblock. I am trying to allow ssh, mail, dns requests, pings and traceroutes out, but not in. I am hitting a roadblock on mail and pings out Assuming that 192.168.0.0/29 is your internal block you've got the rules backwords. add 2000 allow tcp from any to 192.168.0.0/29 22,25,1 setup This will let anything come in and establish a connection to a service running on 22, 25, 1 but says nothing about outgoing. I think you want: add 2000 allow tcp from 192.168.0.0/29 to any 22,25,1 setup 192.168.0.0/29 is used for my wireless router, a switch, the incoming port on the firewall, and some test pcs that I don´t have behind the firewall. 192.168.1.0 is the network hosting the hosts... Does this still mean they are backwards? Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: five networks
ps: yes! very interested in your links as well as your perl script...I also have been doing research and decided on Racoon as the program to use to setup my vpn...I was planning on following a doc written by Dru Lavigne http://www.onlamp.com/lpt/a/3043 what do you think? --- IAccounts [EMAIL PROTECTED] wrote: yes, purely for experimenting...I have a lab of different pc'S and am LEARNING as much as possible about FreeBSD. Once I iron out this routing thing (that I don`t understand as well as most), I will move on to simulating a VPN between different sites throughout America. All the machines are currently in the same network, same subnet 192.168.0 If you are doing complete development, with no Internet in between, the following diagram below may help. There are a couple of things to note: - When setting up a net-net vpn, the internal network id's must be different from each other. Note that I have used 192.168.0.0 on one side, and 192.168.2.0 on the other. This has to be, due to routing issues, and they will become more apparent when you search google for VPN setup howto's. - Note the 172.16.x.x addresses. This is the simulated WAN Link between your VPN gateways. For testing, you will need these two router addresses to be on the same subnet. IN the real world, any external Internet IP will work, but they need to stay static so each VPN box can see each other all of the time. Instead of using a DSL router, turn your Free box into a PPPoE server so you can plug the modem directly into your server, as opposed to going through a residental gateway. This will alleviate many issues when setting up the VPN. - To bring yourself up to speed with routing, search google for 'subnetting' and I think it will help clear up some misconceptions you have. - I did develop an automated Perl VPN setup program, where it will ask you several questions, including IP's, hostnames and such, and will generate 2 scripts: 1 for the local gateway and one for the remote. These scripts are put into the /usr/local/etc/rc.d directories and are run at startup. They take the liberty of creating all required information for the vpn tunnel, including configuring gif interfaces, configuring routing, setting up natd, and configuring IPSec and the associated keys. Note that it is ONLY capable of using manual keys at this time, but will be changed soon to use Raccoon. Advise if you would like to try it out and I will put it on one of my sites for you. Took me a few months to get this exact setup up and running, but patience, diligence and many hours of reading users notes got me through it. I did go in with a very strong knowledge of routing though. If you like, I can send you some of the docs that I found. Let me know and when I get home I can send you the links. *** All hosts up here will have: IP: 192.168.0.x SN: 255.255.255.0 (/24)(default) GW: 192.168.0.1 *** This router will need these routes set up: (shown as unix commands): # route add 192.168.2.0/24 172.16.1.2 192.168.0.0 (all of your hosts get IP's on this network) | | | - 192.168.0.1 (your FBSD router, this is your internal interface) 172.16.1.1 (external interface simulating WAN) - | | | (Simluated Internet link for VPN Experiment Setup) | (Just use an X/0 cable) | | - 172.16.1.2 (external interface on remote network router) 192.168.2.1 (internal iface. Note the different subnet!!!) | | | -- 192.168.2.0 (your hosts on your remote network get these ip's) *** This router will need these routes set up: (shown as unix commands): # route add 192.168.0.0/24 172.16.1.1 *** Hosts down here will have: IP: 192.168.2.x SN: 255.255.255.0 (/24)(default) GW: 192.168.2.1 Following these minimum directions, you will be able to ping any host from any host over the simulated WAN link, provided you don't have any IPFW (or firewall) rules blocking traffic. Once this config is complete, then you can proceed with the VPN config, which is a whole other world. If you are doing this over the Internet, be advised that you will not be able to ping a host on 192.168.2 from 192.168.0 as the first true INternet router will drop this traffic. The above setup will ONLY work in a test environment. When you go hot online for real, in order to ping across, you will need the VPN tunnel in place. Hope this gives you at least some direction to where you are headed. Steve Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
five networks
why isn`t this working: 1. I would like to configure a separate network on five freebsd boxes. 192.168.0 192.168.1 192.168.2 192.168.3 192.168.4 2. My DSL router has network 192.168.0, I also have one of my fbsd boxes in this network (192.168.0.2) 3. I can add the other machines to the 192.168.0 network, no problem, using default router 192.168.0.1, broadcast 255.255.255.0, 4. I tried to configure 192.168.2.1 on one box, using gateway_enable=YES, router_enable=YES, defaultrouter=192.168.2.1doesnt work. what am i doing wrong in getting this box up and running? Thx, Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
five networks
why isn`t this working: 1. I would like to configure a separate network on five freebsd boxes. 192.168.0 192.168.1 192.168.2 192.168.3 192.168.4 2. My DSL router has network 192.168.0, I also have one of my fbsd boxes in this network (192.168.0.2) 3. I can add the other machines to the 192.168.0 network, no problem, using default router 192.168.0.1, broadcast 255.255.255.0, 4. I tried to configure 192.168.2.1 on one box, using gateway_enable=YES, router_enable=YES, defaultrouter=192.168.2.1doesnt work. what am i doing wrong in getting this box up and running? Thx, Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: five networks
Bill Moran, New people to this stuff are very fortunate to have people like you lend their expertise...especially to point out what we do and don't understand...the rest of you newbies out there, this guy is aces. Bill, please learn not to slam, but to help. Will --- Bill Moran [EMAIL PROTECTED] wrote: W. J. Williams wrote: why isn`t this working: 1. I would like to configure a separate network on five freebsd boxes. 192.168.0 192.168.1 192.168.2 192.168.3 192.168.4 2. My DSL router has network 192.168.0, I also have one of my fbsd boxes in this network (192.168.0.2) 3. I can add the other machines to the 192.168.0 network, no problem, using default router 192.168.0.1, broadcast 255.255.255.0, 4. I tried to configure 192.168.2.1 on one box, using gateway_enable=YES, router_enable=YES, defaultrouter=192.168.2.1doesnt work. what am i doing wrong in getting this box up and running? You don't understand routing. If you ifconfig a box to be 192.168.2.1/24 and then set the default router to be 192.168.2.1: the machine sends all traffic not destined for 192.168.2.0/24 to itself to be routed. However, it didn't know how to route the traffic the first time, thus it isn't going to work the second time either. One good rule to remember is that a default gateway should always be a different machine, and one that has _more_ routing capability that the one you're configuring. If I understand your description correctly, the default gateway should be 192.168.0.1 for all these machines. I can only assume that you're configuring the system in such a manner for experimental purposes, as I can see no reason for such a configuration in practice. You leave netmasks off in your description, but I'm assuming that you're using /24 for everything. This means you'll have to put static routes in each machine to allow them to get to 192.168.0.1, as they'll have no way to automatically reach that machine. The default router will also need routes manually configured in order to be able to communicate back to them (unless it's running some sort of route discovery program). If you're not configuring the network like this for experimental reasons, then you're configuring it very poorly. A small network like you describe should have all the machines on the same subnet: 192.168.0.2, 192.168.0.3, 192.168.0.4, etc -- Bill Moran Potential Technologies http://www.potentialtech.com = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: five networks
Dax, thx...I will give this a try again... --- Daxbert [EMAIL PROTECTED] wrote: Quoting Daxbert [EMAIL PROTECTED]: example: tl0 and fxp0 as interfaces... ifconfig_tl0=inet 192.168.1.10 netmask 255.255.255.0 ifconfig_fxp0=inet 192.168.2.1 netmask 255.255.255.0 defaultrouter=192.168.1.1 gateway_enable=YES router_enable=NO *-- Correction -- * I usually avoid the '0' networks, and so... I mistakenly specified .1 as your DSL network. ifconfig_tl0=inet 192.168.1.10 netmask 255.255.255.0 should be ifconfig_tl0=inet 192.168.0.10 netmask 255.255.255.0 defaultrouter=192.168.1.1 should be defaultrouter=192.168.0.1 --daxbert To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: five networks
--- Bill Moran [EMAIL PROTECTED] wrote: W. J. Williams wrote: why isn`t this working: 1. I would like to configure a separate network on five freebsd boxes. 192.168.0 192.168.1 192.168.2 192.168.3 192.168.4 2. My DSL router has network 192.168.0, I also have one of my fbsd boxes in this network (192.168.0.2) 3. I can add the other machines to the 192.168.0 network, no problem, using default router 192.168.0.1, broadcast 255.255.255.0, 4. I tried to configure 192.168.2.1 on one box, using gateway_enable=YES, router_enable=YES, defaultrouter=192.168.2.1doesnt work. what am i doing wrong in getting this box up and running? You don't understand routing. If you ifconfig a box to be 192.168.2.1/24 and then set the default router to be 192.168.2.1: the machine sends all traffic not destined for 192.168.2.0/24 to itself to be routed. However, it didn't know how to route the traffic the first time, thus it isn't going to work the second time either. One good rule to remember is that a default gateway should always be a different machine, and one that has _more_ routing capability that the one you're configuring. If I understand your description correctly, the default gateway should be 192.168.0.1 for all these machines. I can only assume that you're configuring the system in such a manner for experimental purposes, as I can see no reason for such a configuration in practice. You leave netmasks off in your description, but I'm assuming that you're using /24 for everything. This means you'll have to put static routes in each machine to allow them to get to 192.168.0.1, as they'll have no way to automatically reach that machine. The default router will also need routes manually configured in order to be able to communicate back to them (unless it's running some sort of route discovery program). If you're not configuring the network like this for experimental reasons, then you're configuring it very poorly. A small network like you describe should have all the machines on the same subnet: 192.168.0.2, 192.168.0.3, 192.168.0.4, etc -- Bill Moran Potential Technologies http://www.potentialtech.com yes, purely for experimenting...I have a lab of different pc'S and am LEARNING as much as possible about FreeBSD. Once I iron out this routing thing (that I don`t understand as well as most), I will move on to simulating a VPN between different sites throughout America. All the machines are currently in the same network, same subnet 192.168.0 Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
NIS not working
hi hope someone knows the answer to this riddle...I am trying to get NIS up and running. 1. one master, no slave...domain name is lab-nis-domain 2. Master rc.conf file contains enabling commands to start nis server as well as nis_yppasswdd. The build of the /var/yp/lab-nis-domain indicated built with no errors 3. client machine rc.confs contain domain name, nis_client_enable, rpcbind_enable. 4. when I run ypcat passwd from any client machine I get a list of avail passwords from the master domain... all looked good... 5. created a new user on master, ran make lab-nis-domain and it said domain already current...so I copied the updated master.passwd file to /var/yp and ran make again...still same message. 6. as last resort I ran ypinit -m again to rebuild the entire domain..then ran ypcat passwd from client machine and was able to see the new account. 7. MY PROBLEM: I can't log into the client machine using the new account...I have added the +: string to master.passwd and +:*:: string to group file...but still no work. any ideas? Will To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: NIS not working
see bottom.. --- Mike Galvez [EMAIL PROTECTED] wrote: On Wed, Mar 12, 2003 at 02:42:53AM -0800, W. J. Williams wrote: hi hope someone knows the answer to this riddle...I am trying to get NIS up and running. 1. one master, no slave...domain name is lab-nis-domain 2. Master rc.conf file contains enabling commands to start nis server as well as nis_yppasswdd. The build of the /var/yp/lab-nis-domain indicated built with no errors 3. client machine rc.confs contain domain name, nis_client_enable, rpcbind_enable. 4. when I run ypcat passwd from any client machine I get a list of avail passwords from the master domain... all looked good... 5. created a new user on master, ran make lab-nis-domain and it said domain already current...so I copied the updated master.passwd file to /var/yp and ran make again...still same message. How where did you create the new user on the master? The user should not exist in the client machine master.passwd. Try adding a test user with: pw useradd -Y -y /var/yp/master.passwd testuser Try logging into the master with the new user. Success? Try the client. HTH -Mike 6. as last resort I ran ypinit -m again to rebuild the entire domain..then ran ypcat passwd from client machine and was able to see the new account. 7. MY PROBLEM: I can't log into the client machine using the new account...I have added the +: string to master.passwd and +:*:: string to group file...but still no work. any ideas? Will To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- Michael Galvez http://www.people.virginia.edu/~mrg8n University of VirginiaMessenger Mail: Carruthers Hall Teamwork is essential -- it allows you to blame someone else. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message *** ok, thx. tried that...no dice...after adding the user with pw...I had to do a passwd testuser and add a password. could not log client though. I am trying to open a ssh connection from master to clientany other ideas? = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: NIS not working (now it is :-)
--- Mike Galvez [EMAIL PROTECTED] wrote: On Wed, Mar 12, 2003 at 12:19:01PM -0800, W. J. Williams wrote: see bottom.. Try adding a test user with: pw useradd -Y -y /var/yp/master.passwd testuser Try logging into the master with the new user. Success? Try the client. HTH -Mike *** ok, thx. tried that...no dice...after adding the user with pw...I had to do a passwd testuser and add a password. could not log client though. I am trying to open a ssh connection from master to clientany other ideas? Was that passwd or yppasswd? After the yppasswd, you will need to run make in /var/yp to propagate the change. ** Hi Mike, thx for helping...seems it works now..here's what I did/learned. I mirrored the rc.conf of all of my clients in my lab AND touched all master.passwd files with vipw instead of vi I can log into all of them now with the testuser account. Some more things I learned (correct me if I am wrong) 1. always use vipw if you have to mess with master.passwd 2. the order of what you call in rc.conf is important (I still don't know what f order that is supposed to be, but it seemed to make a difference. 3. after changing mapped files, you need to manually run make =/etc/XXX nisdomain to udpate the files. 4. per your email below...I made the account using your string, and then did a passwd testuser to add a password. should i have used yppassword? hope someone else is gaining from this as well... thx Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: how do i invoke the command ee or vi when system fails to load
ironic...I dorked something up last night in my lab and found myself in the same predicament...my mentor had me invoke the mount -a command which brought me out of read only mode so I could run vi to fix my rc.conf...hope this helps... --- Tom Parquette [EMAIL PROTECTED] wrote: NOEL BALANSAG wrote: hello. pardon my stupid question, but how do i invoke the command ee or vi? i recently removed partition no. 2 on my disk, and fbsd resides on partition no. 3, so now i have 2 partitions, windoze on partition 1 and = fbsd on partition 2. but when i boot into fbsd, the system cannot see the files, and drops me into the # prompt. how do i invoke ee or vi? is it ok to just edit the file /etc/fstab and reboot? is there anything else i need to do? thanks in advance. pls. cc any response because this email address of mine is not subscribed, bec. any mail from my other subscribe addy gets bounced due to a spammer on my isp. i hate spammers!!! they should be shot! __ Do you Yahoo!? Yahoo! Web Hosting - establish your business online http://webhosting.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message Noel, From your description I'm assuming you are going into single user mode. It sounds like fstab is pointing in the wrong place. If you can figure out where your /usr filesystem is you can issue a mount command to remount it. Once you have /usr mounted, ee should work for you. Hope this helps. Cheers... To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: slice extends beyond end of disk error on install
Physician heal thyself... I recreated my install disks and the problem disappeared... Will --- W. J. Williams [EMAIL PROTECTED] wrote: I keep getting the following error when trying to install FreeBSD 4.7 ad0: 9773MB FUJITSU MPF3102AT [19857/16/63] at ata0-master UDMA 33 Mounting root from ufs:/dev/md0c md0s4: slice extends beyond end of disk: truncating from 5 to 8640 sectors . after this message the system just hangs. I have low-level formatted the disk twice now, but still the same error. Does anyone know what I am doing wrong? Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
slice extends beyond end of disk error on install
I keep getting the following error when trying to install FreeBSD 4.7 ad0: 9773MB FUJITSU MPF3102AT [19857/16/63] at ata0-master UDMA 33 Mounting root from ufs:/dev/md0c md0s4: slice extends beyond end of disk: truncating from 5 to 8640 sectors . after this message the system just hangs. I have low-level formatted the disk twice now, but still the same error. Does anyone know what I am doing wrong? Will = Will Williams To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
