Hello
Here are my ftp rules:
[snip
# FTP
ipfw add allow tcp from any to any 20 keep-state
ipfw add allow tcp from any to any 21 keep-state
ipfw add allow tcp from any 20 to me 1024-49151 keep-state # aktives FTP
ipfw add allow tcp from any 20 to 192.168.1.1/24 1024-49151 keep-state
ipfw add
matthew wrote:
On Fri, 13 Feb 2004, Louis LeBlanc wrote:
[...]
So, how can I get a process to run automatically on startup for an
unprivileged user?
cd /usr/local/etc/rc.d
make a small sh script like so:
#!/bin/sh
su username -c command
For scripts in '/usr/local/etc/rc.d' one should stick to
[EMAIL PROTECTED] wrote:
All,
We've got a FreeBSD 4.7 box that's been running great for the last year and a
half or so. We host our customer's email on this box using postfix. Before
the FreeBSD box, we had two Linux boxes that hosted all of the email. We've
since migrated over the accounts
Hi folks,
When my new DNS server is finished I'm planning to create
around a 512MB memory file system. An Onlamp article gives
some basics. But how would I cp (say), gcc, sendmail, and
bind to this new fs? Or am I looking at this the wrong way?
On Sat, Feb 14, 2004 at 02:48:18AM -0800, Gary Kline wrote:
When my new DNS server is finished I'm planning to create
around a 512MB memory file system. An Onlamp article gives
some basics. But how would I cp (say), gcc, sendmail, and
bind to this new fs? Or am I
Gary,
On Sat, Feb 14, 2004 at 11:09:00AM +, Matthew Seaman wrote:
On Sat, Feb 14, 2004 at 02:48:18AM -0800, Gary Kline wrote:
Your mailing system anti-spam filters are a bit too hair triggered.
You're bouncing the ham as well as the spam...
- The following addresses had permanent
Hello, I am running a new bsd-il mailing list for israeli BSD users,
seems like the bsd-il mailing list on the freebsd web site is inactive
If you can add it to the user groups lists on the web site..
it's [EMAIL PROTECTED], subscribe bsd-il
thanks
--
Gal Ben-Haim, EMAIL:[EMAIL PROTECTED],
Huh. It was there! I thought that there might be a second sshd
config file somewhere on the system, but locate and find never reported
it. Weird. But everything's working as required, so I'm very
happy. Thanks for all the help guys!!
At 10:54 PM 2/13/04 -0500, matthew wrote:
On
Hello list,
Which of the processes can I safely block from the internet via ipfw? Here's
an nmap output from one of my servers. I would really like to tame this
down:
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-02-14 06:41 CST
Interesting ports on localhost (127.0.0.1):
On Sat, Feb 14, 2004 at 06:28:29AM -0600, Eric F Crist wrote:
On Saturday 14 February 2004 03:01 am, Uwe Doering wrote:
matthew wrote:
On Fri, 13 Feb 2004, Louis LeBlanc wrote:
[...]
So, how can I get a process to run automatically on startup for an
unprivileged user?
cd
I've got 172.16.0.0/24 network that is connected to internet via vpn gre
tunnel.
And now I've had bit hard time doing bandwidth control, maybe I'm missing
something.
I've set ipfw pipes like this:
ipfw add queue 1 gre from any to 172.16.0.0/24
ipfw queue 1 config weight 5 pipe 2 mask dst-ip
Someone PLEASE help me figure this out?
I am baffled.
I have 2 100% identical IBM servers. Same everything. Purchased at the same
time/date.
P4-3.06
512MB ram
18GB scsi u160 10Krpm drive
One machine runs FreeBSD-5.2 and the other Solaris9x86.
FTP transfers via machine to machine or via LAN
On Fri, 13 Feb 2004 11:39:28 -0500
JJB [EMAIL PROTECTED] probably wrote:
When an FBSD system crooks, and It reboots it's self, very seldom
does any of issued problem messages have time to be posted
completely before the rug is pulled out from under the log write
process by the reboot
JJB wrote:
Very interesting reading about net.inet.tcp.syncookies 'knob'.
Thank you for such an curious and informative reply.
I am running 4.9 and net.inet.tcp.syncookies=1 is the default.
I am writing an 'Harding you FBSD system' article for the local
FBSD club, would you please review the
matthew wrote:
On Thu, 12 Feb 2004, Brent Bowman wrote:
Oh boy, I guess that I've either got to find more RAM, find an
older/stripped down version of FreeBSD, or give up.
Well, if i was you i would get on the phone and call every
household that you think has a basement full of junk.
They
At 2004-02-14T12:42:55Z, Eric F Crist [EMAIL PROTECTED] writes:
I mainly need to get rid of 783, 587. What are those anyways?
587 is half of the new Sendmail install - the submission function runs as a
seperate process listening on its own !25 port.
Also, what's the name of that app that
I'm trying to use a Samsung ML1710 laster printer on FreeBSD. It's
connected via USB and is detected:
ulpt0: Samsung Electronics Co., Ltd. Samsung ML-1710, rev 1.10/1.00,
addr 3, iclass 7/1
It is Linux-drivers on the CD that does not work with FreeBSD (not Linux
either), but the Samsung ML1210
This port map is only showing you what ports are open to accept
start requests from the public internet. Looks like you are using
IPFW with stateless rules which just provides an very basic level
of security. Use stateful rules with 'out' and 'via' keywords to
separate your firewall into out
On Saturday 14 February 2004 10:26 am, JJB wrote:
This port map is only showing you what ports are open to accept
start requests from the public internet. Looks like you are using
IPFW with stateless rules which just provides an very basic level
of security. Use stateful rules with 'out' and
On Saturday 14 February 2004 10:45 am, Eric F Crist wrote:
Forgot to mention in regards to my basic network structure. As I've got 5
usable IP addresses, I've got a linksys wifi/router that does my basic
network needs. i.e. my laptop is connected via wifi and they all share a
private network
Bingo! Thanks a bunch!
I'll check out gettytab too, but the @reboot is exactly what I needed
for this.
Lou
On 02/13/04 08:04 PM, Craig Reyenga sat at the `puter and typed:
man 5 crontab -- check out @reboot
Or, for something crazy, man gettytab; you can autologin on a tty and then
use a
Hello,
Need to upgrade to FreeBSD 4.9 so all my ports will run. Not sure,
however if
I want/need:
RELENG_4_9
The release branch for FreeBSD-4.9, used only for security
advisories and other critical fixes.
or,
RELENG_4_9_0_RELEASE
FreeBSD 4.9
I understand that the Release tag
Antoine Jacoutot wrote:
On Friday 13 February 2004 16:02, Heinrich Rebehn wrote:
Hi Ivan,
did you get any reply to your posting? I am having the same problem:
Maxtor 250 GB external USB2 drive, Belkin USB2 card, FreeBSD 5.1, but i
get only 1MB/sec.
Does FreeBSD support USB 2.0 at all?
Did you
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Perry
Sent: 14 February 2004 17:17
To: FreeBSD-Questions
Subject: Branch Tags vs Release Tags
Hello,
Need to upgrade to FreeBSD 4.9 so all my ports will run. Not sure,
however if
I
Edmund Craske wrote:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bob Perry
Sent: 14 February 2004 17:17
To: FreeBSD-Questions
Subject: Branch Tags vs Release Tags
Hello,
Need to upgrade to FreeBSD 4.9 so all my ports will run. Not sure,
however
Eric F Crist wrote:
On Saturday 14 February 2004 10:26 am, JJB wrote:
This port map is only showing you what ports are open to accept
start requests from the public internet. Looks like you are using
IPFW with stateless rules which just provides an very basic level
of security. Use stateful
On Saturday 14 February 2004 11:51 am, Kevin D. Kinsey, DaleCo, S.P. wrote:
Sample FTP/SMTP/DNS/HTTP entry:
add allow tcp from any to {$me} in via ${oif} 22 setup
add allow tcp from any to {$me} in via ${oif} 25 setup
add allow tcp from any to {$me} in via ${oif} 53 setup
add
Hi,
Benjamin Walkenhorst wrote:
Hello,
On Thu, 12 Feb 2004 23:51:19 -0600
Quintin Riis [EMAIL PROTECTED] wrote:
mp3 is outdated, use vorbis.
I wouldn't say so.
Unless you show me an affordable hardware-vorbis-player. There's plenty
of CD-Players that will also play mp3-CDs, just like
here is a example from my ftp server...
ipfw add 200 pipe 2 tcp from me to any out gid ftpusersBWL
ipfw pipe config 2 bw 16KBps queue 100
this will pipe any thing from that gid into pipe 2... and pipe 2 is bw
limited at 16KBps... the only dif is that you will have to change the
packet matching
I guess that 's what so confusing. Who would benefit using
RELENG_4_9_0_RELEASE?
Noone really, except for diagnosis purposes. It's just a tag
to mark the release of 4.9, so more an administrative
reference than of everyday use.
Ed
___
[EMAIL
Hello all,
I've got the following ruleset, but I can't ssh into my server anymore. What
did I miss?
grog# ipfw show
00100 0 0 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 7 1562 allow ip from
Hello. I didn't use FreeBSD with SMB much, so I'm not sure it is a bug
or not.
When I run 'smbutil lookup smth' it works well but 'smbutil view //smth'
and 'smbutil lc' produce error messages:
$ smbutil lookup moon
Warning: no cfg file(s) found.
Got response from 192.168.1.3
IP address of
On Sat, Feb 14, 2004 at 12:47:01PM -0600, Eric F Crist wrote:
Hello all,
I've got the following ruleset, but I can't ssh into my server anymore. What
did I miss?
You missed allowing IP packets going from your server to the outside.
You only allow packets from the outside to you.
I also
On Saturday 14 February 2004 12:58 pm, Erik Trulsson wrote:
On Sat, Feb 14, 2004 at 12:47:01PM -0600, Eric F Crist wrote:
Hello all,
I've got the following ruleset, but I can't ssh into my server anymore.
What did I miss?
You missed allowing IP packets going from your server to the
On Wed, 2004-02-11 at 02:49, Mipam wrote:
Hi,
I wish to run freebsd on some servers (hp blade servers).
Each server will be supplied with two nic's, both will have the same ip
and network mask.
like this:
snip
Suppose one switch will fail, then the link on one nic will be inactive.
Thanks, Matthew; found and fixed I was 550'ing '[*].co.uk'
in /etc/mail/access.
(I figured my sledge-hammer approach would break eventually;
didn't realize it would break in this manner. :-| )
appreciated!
gary
On Sat, Feb 14, 2004 at
Hi list,
Is there a way to limit background processes ? I need to separate these
from foreground processes, but can't find a way to. Any ideas?
Thanks in advance.
--
http://www.6s-gaming.com - your online store!
___
[EMAIL PROTECTED] mailing list
On Sat, Feb 14, 2004 at 08:11:59PM +0100, Hugo (6s-gaming.com) wrote:
Is there a way to limit background processes ? I need to separate these
from foreground processes, but can't find a way to. Any ideas?
You can restrict the maximum number of processes a UID is allowed to run
concurrently by
On Sat, Feb 14, 2004 at 01:15:07PM -0600, Eric F Crist wrote:
Hey, thanks! I changed all the rules so they read:
allow ip from any to me port
and added the rule:
allow ip from me to any at rule 50
All seems to work now! Does anyone have any suggestions on how to make this
system
Hello,
Are there any other approaches to checking/repairing disks besides fsck
after a power outage?
Thanks, Mark Hessler
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail
On Sat, Feb 14, 2004 at 08:11:59PM +0100, Hugo (6s-gaming.com) wrote:
Is there a way to limit background processes ? I need to separate these
from foreground processes, but can't find a way to. Any ideas?
There isn't really any way of distinguishing foreground and background
processes apart
Hello,
Is it necessary to separately/manually upgrade the boot files (or
anything else) after rebuilding userland and kernel, or does mergemaster
take care of everything? (5.1-release - 5.2-release upgrade.)
Mark Hessler
___
[EMAIL PROTECTED]
On Saturday 14 February 2004 12:46 pm, Mark Hessler wrote:
Hello,
Are there any other approaches to checking/repairing disks besides
fsck after a power outage?
You have to remember that it is your fs that is most likely fouled up
and that is what fsck checks. The next step lower, from my
Mark Hessler wrote:
Are there any other approaches to checking/repairing disks besides fsck
after a power outage?
Certainly, however it would help to know what types of problems you are
concerned about reparing: physical media errors, data corruption within the
filesystem (truncated files,
On Saturday 14 February 2004 12:53 pm, Mark Hessler wrote:
Hello,
Is it necessary to separately/manually upgrade the boot files (or
anything else) after rebuilding userland and kernel, or does
mergemaster take care of everything? (5.1-release - 5.2-release
upgrade.)
In my installworld
How would I track down what is touching the hard drive every 10 or so seconds?
It seems to be multiple things because the delay changes if I remove xmd from
/etc/ttys, or if I add/remove the noatime option in /etc/fstab.
To complicate matters, it sounds like the hard drive is seeking and then
I'm still having some sort of issues with ipfw rules on my server. I've got a
cgi based irc client installed, and I can't connect. Also, it seems as if my
DNS server isn't able to send queries out. An ipfw show displays the
following for me:
00050 54632 4640473 allow ip from me to any
00100
On Thu, Feb 12, 2004 at 08:26:24PM +0100, gaf wrote:
Hello.
Im a newbie to unix and FreeBSD. I have 5.2 installed. When installing I
followed the advice in The Complete FreeBSD and made the following
partitions:
/ 4G
swap 800M
/home 35G
I have KDE
Just wondering why when i send email to yahoo or lycos and probably
hotmail too it always ends up in there bulk mail folder. This is a
great inconvience do i need to be on or off some sort of list or
something. Any help would be aprciated
___
I wanted to see how the anonymous FTP option worked on FreeBSD so I
enabled it on my test box. I haven't been able to find out much info
about locking down to a default directory. Is there a way to lets say block
all directories when logging in and open right up to the /incoming
directory?
Just wondering why when i send email to yahoo or lycos and probably
hotmail too it always ends up in there bulk mail folder. This is a
great inconvenience do i need to be on or off some sort of list or
something. Any help would be appreciated
___
FreeBSD team, anyone gotten the Xvnc server out of this to compile correctly from
source
on 4.9-STABLE? if so, whats the secret? ;) Ive tried building with make and gmake and
get
errors both ways. Googling didnt seem to get me any answers.
regards,
Jason
On Saturday 14 February 2004 01:47, Louis LeBlanc wrote:
Hey everyone. Here's a general question for you.
I have a FreeBSD 4.8 system that runs fetchmail for me as an
unprivileged everyday userid. The problem is that the machine isn't
on the most reliable powergrid one could hope for.
So
On Saturday 14 February 2004 23:39, RYAN vAN GINNEIKEN wrote:
Just wondering why when i send email to yahoo or lycos and probably
hotmail too it always ends up in there bulk mail folder. This is a
great inconvenience do i need to be on or off some sort of list or
something. Any help would be
On Sat, Feb 14, 2004 at 03:27:35PM -0600, Eric F Crist wrote:
I'm still having some sort of issues with ipfw rules on my server. I've got a
cgi based irc client installed, and I can't connect. Also, it seems as if my
DNS server isn't able to send queries out. An ipfw show displays the
On Sat, Feb 14, 2004 at 12:25:22PM -0600, Vulpes Velox wrote:
Markus Kovero [EMAIL PROTECTED] wrote:
On Sat, 14 Feb 2004 15:19:28 +0200
I've got 172.16.0.0/24 network that is connected to internet via vpn
gre tunnel.
And now I've had bit hard time doing bandwidth control, maybe I'm
On Sat, Feb 14, 2004 at 08:11:59PM +0100, Hugo (6s-gaming.com) wrote:
Hi list,
Is there a way to limit background processes ? I need to separate these
from foreground processes, but can't find a way to. Any ideas?
Thanks in advance.
Dear Hugo,
As an addition to what others already have
On Sat, Feb 14, 2004 at 03:39:13PM -0700, RYAN vAN GINNEIKEN wrote:
Just wondering why when i send email to yahoo or lycos and probably
hotmail too it always ends up in there bulk mail folder. This is a
great inconvenience do i need to be on or off some sort of list or
something. Any help
Howdy,
I have a problem with powering down my system. When I give the command
shutdown -p now then the system powers down, waits a couple of seconds
and the reboots. I've checked the BIOS but can't find anything wrong
with it.
I was wondering if anything i can do to fix this? I did look in the
-Original Message-
From: Jez Hancock [mailto:[EMAIL PROTECTED] On Behalf Of Jez Hancock
Sent: Saturday, February 14, 2004 5:36 PM
To: Eric F Crist
Cc: FreeBSD questions List
Subject: Re: continued IPFW issues... (actually a lack of ability on my
part)
On Sat, Feb 14, 2004 at 03:27:35PM
On Sat, Feb 14, 2004 at 05:59:14PM -0600, Eric F Crist wrote:
On Sat, Feb 14, 2004 at 03:27:35PM -0600, Eric F Crist wrote:
I'm still having some sort of issues with ipfw rules on my server.
I've got a
cgi based irc client installed, and I can't connect. Also, it seems
as if my
DNS
On Sun, 15 Feb 2004 08:29, GRF . wrote:
I wanted to see how the anonymous FTP option worked on FreeBSD so I
enabled it on my test box. I haven't been able to find out much info
about locking down to a default directory. Is there a way to lets say
block all directories when logging in and
On Saturday 14 February 2004 06:59 pm, Jez Hancock wrote:
On Sat, Feb 14, 2004 at 05:59:14PM -0600, Eric F Crist wrote:
On Sat, Feb 14, 2004 at 03:27:35PM -0600, Eric F Crist wrote:
I'm still having some sort of issues with ipfw rules on my server.
I've got a
cgi based irc client
On Sat, Feb 14, 2004 at 07:42:28PM -0600, Eric F Crist wrote:
On Saturday 14 February 2004 06:59 pm, Jez Hancock wrote:
On Sat, Feb 14, 2004 at 05:59:14PM -0600, Eric F Crist wrote:
On Sat, Feb 14, 2004 at 03:27:35PM -0600, Eric F Crist wrote:
I'm still having some sort of issues with
Bob Perry [EMAIL PROTECTED] writes:
Edmund Craske wrote:
No problem, in fact it would make little sense not to use this branch.
I guess that 's what so confusing. Who would benefit using
RELENG_4_9_0_RELEASE?
Look at it this way.
If someone installed the 4.9 release, from a set of
My bad, I found the log entry after your prodding. After enabling logging in
the ruleset and enabling the sysctl variable, I get the following output in a
tail /var/log/security:
Feb 14 19:59:44 grog kernel: ipfw: 65534 Deny UDP 192.168.0.1:51598
255.255.255.255:61112 in via dc0
Feb 14
On Sat, Feb 14, 2004 at 08:01:07PM -0600, Eric F Crist wrote:
My bad, I found the log entry after your prodding. After enabling logging in
the ruleset and enabling the sysctl variable, I get the following output in a
tail /var/log/security:
Feb 14 19:59:44 grog kernel: ipfw: 65534 Deny
On Saturday 14 February 2004 08:09 pm, Erik Trulsson wrote:
On Sat, Feb 14, 2004 at 08:01:07PM -0600, Eric F Crist wrote:
My bad, I found the log entry after your prodding. After enabling
logging in the ruleset and enabling the sysctl variable, I get the
following output in a tail
On Saturday 14 February 2004 08:14 pm, Eric F Crist wrote:
Well, from what I understand, isn't udp a state-less protocol? How would
established/keepstate/check-state work with that?
Ok, so I read that check-state/keep-state should be able to work with udp.
According to the man page, I should
I can't get the APM on this to work for anything. I have tried putting:
apm_load=YES
in my /boot/loader.conf file, and the lines:
apm_enable=YES
apmd_enable=YES
in my /etc/rc.conf file.
I run apm -a and it tells me:
apm: can't open /dev/apm: Device not configured
Any ideas?
TIA
Sara T.
On Sat, 14 Feb 2004, Sara Trice wrote:
I can't get the APM on this to work for anything. I have tried putting:
apm_load=YES
in my /boot/loader.conf file, and the lines:
apm_enable=YES
apmd_enable=YES
in my /etc/rc.conf file.
I run apm -a and it tells me:
apm: can't open /dev/apm:
Sorry about the earlier question, that was more or less just blank
Hello,
About a week ago I started noticing 3,000 or more requests coming from
several ips for the following DNS queries:
XX+/128.255.203.200/./ANY/ANY
XX+/193.201.105.4/./ANY/ANY
Those are just two examples, but
Lowell Gilbert wrote:
Bob Perry [EMAIL PROTECTED] writes:
Edmund Craske wrote:
No problem, in fact it would make little sense not to use this branch.
I guess that 's what so confusing. Who would benefit using
RELENG_4_9_0_RELEASE?
Look at it this way.
If someone
On Sat, 14 Feb 2004, matthew wrote:
On Sat, 14 Feb 2004, Sara Trice wrote:
I can't get the APM on this to work for anything. I have tried putting:
apm_load=YES
in my /boot/loader.conf file, and the lines:
apm_enable=YES
apmd_enable=YES
in my /etc/rc.conf file.
I run
Hello,
I started seeing this in late 5.1 and now in 5.2 as well. When i am
compiling a port the first message is get is Vulnerability check disabled
What is this? Should i be worried about it?
Thanks.
Dave.
___
[EMAIL PROTECTED] mailing list
On Sun, Feb 15, 2004 at 01:22:51AM -0500, dave wrote:
Hello,
I started seeing this in late 5.1 and now in 5.2 as well. When i am
compiling a port the first message is get is Vulnerability check disabled
What is this? Should i be worried about it?
See /usr/ports/CHANGES
Kris
Hello list,
I noticed, that if I create refuse file (/usr/sup/refuse) and do:
# cvsup -L 0 ~/supfiles/ports
it ignores my refuse file. As I remember, this used to work.
I'm using 5.2-CURRENT, and refuse file looks like:
arabic
astro
benchmarks
...
ports supfile is:
*default
77 matches
Mail list logo
