DNS/BIND Question
Hey all, I was wondering how to make one subdomain resolve to multiple IP addresses? I have www.mydomain.com which has only had 1 IP address for a long time. Now, I want to create a second server with a mirror of that web server. I'd like lookups of www.mydomain.com to resolve to two different IP addresses. Also, what is your recommendation of how to maintain the correct mirror data? One server is the primary, which has ftp access for the web designers. I'm thinking of either, real-time, or once every 24 hours, updating that information so that both servers have all the correct web sites. What is the best way to accomplish this? Thanks, in advance, for your help! Eric F Crist -- Keep your pecker hard and your powder dry, and the world WILL turn. pgpngO2qnBKSK.pgp Description: signature
Bridging with multiport ethernet cards
My box has 3 ethernet cards, fxp0, xl0 and another 4-port card. Is it possible to bridge all the interfaces like this: net.link.ether.bridge.enable=1 net.link.ether.bridge_cfg=xl0,fxp0 net.link.ether.bridge_cfg=vr0,fxp0 net.link.ether.bridge_cfg=vr1,fxp0 net.link.ether.bridge_cfg=vr2,fxp0 net.link.ether.bridge_cfg=vr3,fxp0 Thanks. -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ Bipolar, adj.: Refers to someone who has homes in Nome, Alaska, and Buffalo, New York ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DNS/BIND Question
* Eric Crist [EMAIL PROTECTED] [20040612 10:07]: wrote: Hey all, I was wondering how to make one subdomain resolve to multiple IP addresses? I have www.mydomain.com which has only had 1 IP address for a long time. Now, I want to create a second server with a mirror of that web server. I'd like lookups of www.mydomain.com to resolve to two different IP addresses. www.mydomain.comIN A 1.2.3.4 www.mydomain.comIN A 3.4.5.6 Also, what is your recommendation of how to maintain the correct mirror data? One server is the primary, which has ftp access for the web designers. I'm thinking of either, real-time, or once every 24 hours, updating that information so that both servers have all the correct web sites. What is the best way to accomplish this? I am not experienced in that, but if it is possible to put your web data in a DB, then that would be sleek! Dynamic pages ;) -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ According to the obituary notices, a mean and unimportant person never dies. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
upgrading the perl installation problems.
Hello list, I'm trying to install mimedefang from ports, but I get the error: === mimedefang-2.43_1 Port requires perl 5.6.1 or later. Install lang/perl5 or lang/perl5.8 then try again. I cd to the correct directory, type make install clean, get the 'all ok' from installation telling me it's reinstalled, and type: #perl --version and get: This is perl, version 5.005_03 built for i386-freebsd What am I missing in this process? TIA. -- Keep your pecker hard and your powder dry, and the world WILL turn. pgpvRmB8xRw5Y.pgp Description: signature
Re: Sony AIT SDX-420 ATAPI tape drive on FreeBSD 5.2.1
* [EMAIL PROTECTED] [EMAIL PROTECTED] [20040612 06:58]: wrote: I have added a Sony SDX-420 ATAPI tape drive to a FreeBSD 5.2.1-RELEASE system. The tape successfully does a dump and restore on this system but when the tape is taken to a Sony SDX-400 SCSI tape drive on a FreeBSD 4.7-RELEASE system, restore insists that the tape blocks are 512 bytes and this is not a multiple of 1024 (the tape was created with a -b 32). Could this be something to do with differences in ufs2 and old time ufs? 5.2.1 uses ufs2. I am not sure if that is compatible with the old ufs in 4.x - and I am not expert on file systems either ;) Just blubbing around, to see if this might be a clue... -Wash http://www.netmeister.org/news/learn2quote.html -- +==+ |\ _,,,---,,_ | Odhiambo Washington[EMAIL PROTECTED] Zzz /,`.-'`'-. ;-;;,_ | Wananchi Online Ltd. www.wananchi.com |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 +254 20 313922 '---''(_/--' `-'\_) | GSM: +254 722 743223 +254 733 744121 +==+ I am more bored than you could ever possibly be. Go back to work. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: upgrading the perl installation problems.
- Original Message - From: Eric Crist [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, June 12, 2004 2:13 AM Subject: upgrading the perl installation problems. Hello list, I'm trying to install mimedefang from ports, but I get the error: === mimedefang-2.43_1 Port requires perl 5.6.1 or later. Install lang/perl5 or lang/perl5.8 then try again. I cd to the correct directory, type make install clean, get the 'all ok' from installation telling me it's reinstalled, and type: #perl --version and get: This is perl, version 5.005_03 built for i386-freebsd What am I missing in this process? TIA. --- You're missing one of the last warnings during the make of perl5.x from the ports tree.. use.perl. Usage: /usr/local/bin/use.perl port - /usr/bin/perl is the perl5 port /usr/local/bin/use.perl system - /usr/bin/perl is the system perl -- Micheal Patterson TSG Network Administration 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: upgrading the perl installation problems.
On Saturday 12 June 2004 02:25, you wrote: You're missing one of the last warnings during the make of perl5.x from the ports tree.. use.perl. Usage: /usr/local/bin/use.perl port - /usr/bin/perl is the perl5 port /usr/local/bin/use.perl system - /usr/bin/perl is the system perl Excellent! That's what I was missing. I've gotta quit trying to do this stuff at 0200! Thanks Micheal! Eric F Crist -- Keep your pecker hard and your powder dry, and the world WILL turn. pgpzomLPBPeo0.pgp Description: signature
Re: native xpdf vs static xpdf for linux (couldn't create a font for...)
Hello ;) On 04 06 12, Jonathan Chen wrote: You need to install ghostscript fonts for it to display properly. Easiest way to do this is to install print/ghostscript. I've asked the xpdf maintainer to put in a note about this, but it's been ignored... I forgot to mention, that I had ~/.xpdfrc with mappings to Ghostscript fonts (which I installed by hand ;), which was mentioned in Problems section at foolabs. But this doesn't help ;( Paulius ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: native xpdf vs static xpdf for linux (couldn't create a font for...)
Hello, On 04 06 12, horio shoichi wrote: What is your /usr/X11R6/etc/xpdfrc like ? It seems a lot of lines necessary for font handling are commented out in default install. well, /usr/X11R6/etc/xpdfrc is almost commented out, I copied it to ~/.xpdfrc, but option 'displayFontX' is not supported anymore, and it looks that it could help (of course how do I know since it doesn't work ;) Paulius ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Website Mirroring [was DNS/BIND Question]
Eric Crist wrote: Also, what is your recommendation of how to maintain the correct mirror data? One server is the primary, which has ftp access for the web designers. I'm thinking of either, real-time, or once every 24 hours, updating that information so that both servers have all the correct web sites. What is the best way to accomplish this? Rsync is an excellent tool for this sort of thing, and it's quite easy to use. It doesn't do real-time updates, but you can have cron run it frequently to keep your mirrors up to date. http://samba.anu.edu.au/rsync/ In fact, there is an Rsync mirroring howto/faq located here: http://sunsite.dk/info/guides/rsync/rsync-mirroring.html Thanks, -David Fuchs BCIS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Platforms, OSes,etc.
[EMAIL PROTECTED] wrote: Hi there. I have a question or two if you folks don't mind. I would like to migrate to a better, more stable OS for surfing, making music and data cd's as well as dvd's, and importing images ( vhs and photo) to cd/dvd. As far as I'm concerned, the only thing that Windows is good for is my games, probably because I'm tired of all the bs (crashes,bugs, holes etc.). I have a Gigabyte GA-7VM400M motherboard with an Athelon XP 2400+ (Thorton). My question then is this, What platform do I have (i386, pc98 ? ), and what OS would you recommend for my purposes ( FreeBSD, Red Hat, SUSE?) irregardless of brand names, and multi-boot setups are not a problem. Please respond in non-geek english, and thank you very much for your assistance.. Welcome to FreeBSD! The platform for all Intel/AMD based PCs is i386. You may want to try FreeBSD 4.10. It is not only rock solid; it is also very easy to configure, once you get the hang of it :-) Please have a look at the Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.html to get an idea how the installation looks like and how to perform typical tasks. Feel free to ask more questions here. Cheers, -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
want sudo but not sudo su - how
Greetings, freebsd-questions I want to put operators in sudo BUT I don't want them to sudo su - because after they do that, subsequent commands enacted as root don't appear in the logs. The desired behaviour would be sudo su command (any command) but not sudo su -, for these users. Is there a way of enforcing this? The reason being that if they do something and the server eg goes titsup, I want to see what was done in the logs. Would be grateful for any assistance the list may have. -- John ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Version query for a new machine
On Fri, Jun 11, 2004 at 08:39:58PM -0400, Louis LeBlanc wrote: Now to decide whether to change my IMAP server. Any recommendations? Try mail/dovecot -- works very nicely for me, and seems to be able to cope with the ideosyncracies of pretty much every commonoly used IMAP client out there. Supports both mbox and maildir style mailboxes, and it will chroot the mail reading process into the ~/Mail directory for the user, plus other very nice security enhancements. I'm using Cyrus now, but I suspect it may be paramount to using a shotgun to kill a gnat. I have like 3 users, and each one has a login anyway (to accomodate Samba shares). I definitely want to keep IMAP, but adding POP3 will depend entirely on the associated pain factor. If you've got IMAP, why on earth would you want POP3? Unless you're getting annoyed at the amount of space people are using and you want to try and force them to download all their e-mail onto their own machines? Which doesn't necessarily work, even if you force people to access your server via POP3 -- much better to implement quotas on your mail spool. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpGob3O1KEHr.pgp Description: PGP signature
Postfix+Cyrus IMAP+Cyrus SASL+Mysql+pam_mysql --- Configuration problems
Hi, I am trying to install Postfix+Cyrus-IMAP+Cyrus-SASL-authd+MySQL+pam_mysql on FreeBSD system. I've installed all these s/w ... but I face some problems 1) #saslpasswd2 username #setpass succeeded for cyrus #saslpasswd2 : Couldn't update db (== ) but I can create a new user option -c and also I can delete user with option -d but receiving the same error msg (saslpasswd2 : Couldn't update db) 2) #cyradm --user cyrus localhost #IMAP Password: *** Login failed: auththendication failure at /usr/local/lib/perl5/site_perl/5.005/i386-freebsd/Cyrus/IMAP/Admin.pm line 118 cyradm: can't authenticate to server with as cyrus (But actually the sasld successfully authendicate the request and logs in the database-mail, table-log) 3)SMTP #telnet localhost smtp # # ... #QUIT everything went fine ...but later the I found these messages in the log file * postfix/pipe: fatal: user= command-line attribute specifies mail system owner postfix group id mail * settings in master.cf are ... old-cyrus unix - nn - - pipe flags= user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m ${extension} ${user} cyrus unix - nn - - pipe flags= user=cyrus argv=/usr/local/cyrus/bin/deliver -r ${sender} -m ${extension} ${user} * -- I have set the following options in the imapd.conf file. pwcheck_method: saslauthd sasl_mech_list: plain (*) -- Used the ports colection to install all the s/w, updated ports using CVSup, upgraded all installed s/w using portupgrade. -- Created a symlink ln -s /usr/local/lib/sasl /usr/lib/sasl (**) -- Is there anyone to help me out? If someone of u experienced same problems and solved somehow please help me to solve these problems. Thanks Kumaran __ Do You Yahoo!? Download the latest ringtones, games, and more! http://sg.mobile.yahoo.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Routing question
Well the reason is that our dsl connections are limited to a max speed of 512K in this country. So I thought of splitting the load between two dsl lines. If the box is able to do that dynamically then great. My question is how? -Original Message- From: Ben Timby [mailto:[EMAIL PROTECTED] Sent: 11 June 2004 18:16 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Routing question Perhaps if you post more info, we can come up with creative solutions for you. My big question is why? AFAIK, you cannot have more than one default gateway, unless you are using netgraph to balance between network interfaces. However, you could NAT C D to their respective public interfaces. If E is a real IP, then the NATed traffic should flow to that interface. I would suggest using pf, as it is a most excellent firewall package. Here is the section of a PF guide regarding NAT. http://www.openbsd.org/faq/pf/nat.html Your rules would look like this (these are from memory, so sanity check them): -- #define your interfaces as macros: A = fxp0 B = fxp1 C = fxp2 D = fxp3 E = fxp4 #define your NAT translations using our macros: nat on $A from ($C:network) to any - $A nat on $B from ($D:network) to any - $B #define your filtering rules: ... -- However, you will find that route add will not allow multiple default routes. You must use another package to allow for that, or at least it is beyond my knowledge. Let me know if you figure it out, I would be very interested. Leon Botes wrote: I have a box with 5 nics. Cal them A,B,C,D,E. A B are different internet connections. E is a connection to a mail server on a public /29 C D are connections for 2 differnet client networks. Is it possible to have all traffic coming in via C sent to a default gateway on A's network and all traffic coming in via D sent to a default gateway on B's network. And secondly will both client networks be able to see the E/29? If so how? Thanks Leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Routing question
Greed the static route for E is best. But how do you add a route that applies only to connections coming into C or D Route add (if source from net C then use interface A) ?? Adding failover would be an even bigger bonus. -Original Message- From: Thompson, Jimi [mailto:[EMAIL PROTECTED] Sent: 11 June 2004 18:12 To: [EMAIL PROTECTED] Subject: RE: Routing question Leon, This is possible, but will require you to run static routes so that you can manually manage the connections. You should be able to set the routing metrics so that all your traffic from client D goes to B and if they want email, B will have to have the appropriate records to send them back to E, which is a remarkably BAD idea. Your better bet would be put in a static route with a lower routing metric than the Internet connection (say 2) from D to E for a specific IP/range so that they can get to the mail server without going out to the Internet to do so. Give the Internet connection a routing metric of 3. The same applies for C. This way, for the IP/range that you specify for the mail server(s), your email traffic from these guys will go straight to the mail server without traversing the Internet first. The next part depends on how you want to manage the Internet connections. Do you want Customer C to use D's Internet connection if Customer C's connection fails and vice versa? If so then you put a route in your routing table and give that a really high metric (like 90) from C to B and the same for D to A. Give their normal connection a really low metric (like 3) and their traffic will go out the preferred connection unless that connection fails or becomes really congested. If you don't want them to be able to use each other's connections EVER, just don't add a route for it at all. HTH, Jimi -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leon Botes Sent: Friday, June 11, 2004 10:15 AM To: [EMAIL PROTECTED] Subject: Routing question I have a box with 5 nics. Cal them A,B,C,D,E. A B are different internet connections. E is a connection to a mail server on a public /29 C D are connections for 2 differnet client networks. Is it possible to have all traffic coming in via C sent to a default gateway on A's network and all traffic coming in via D sent to a default gateway on B's network. And secondly will both client networks be able to see the E/29? If so how? Thanks Leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
chroot versus jail for the name daemon
Newbie Fodder (skip down the page if old and wise): The FreeBSD Handbook describes running BIND (named) in a sandbox, i.e. using chroot to force the named to think that its place in the filesystem is actually the filesystem root when it's not, so it sees /somewhere/deep/inthe/file/jungle as /. So if hackers break named they theoretically cannot attack the real root of the filesystem, only what is within the chroot path. Then the Handbook rather offhandedly mentions that some people would recommend putting named into a jail instead. So I've been looking into the jail system in FreeBSD, and comments suggest that it offers better security. On the surface, jail seems to do the same thing: deceive a process into believing that its place in the filesystem is root, and stopping access to directories outside that path. Questions (for the old and wise): So, are there any FreeBSD-internals masters who can answer the following: 1) What happens if named is broken with neither chroot nor jail, assuming named is running as user and group bind (rather than as root)? 2) What happens if named is broken while using chroot? 3) What happens if named is broken while in a jail, and how is this less dangerous than using chroot? Also, can FreeBSD run as a gateway with NAT while using a jail? A jail needs its own IP address, and that seems to intefere with the way other services need to be configured. -- Bob London, UK ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: want sudo but not sudo su - how
On Sat, Jun 12, 2004 at 11:14:02AM +0100, John wrote: Greetings, freebsd-questions I want to put operators in sudo BUT I don't want them to sudo su - because after they do that, subsequent commands enacted as root don't appear in the logs. The desired behaviour would be sudo su command (any command) but not sudo su -, for these users. Is there a way of enforcing this? You might be able to do it by limiting the commands that are accessible to the person, but if they run any shell, or run any program that drops to a shell (e.g. one they wrote themselves in 2 minutes) then they would have an unrestricted root shell again. The reason being that if they do something and the server eg goes titsup, I want to see what was done in the logs. Would be grateful for any assistance the list may have. It might be best to just say I don't want you doing this and then punish people who do, since you do have logs. If you're trying to restrict what people can do with sudo it will be better to explicitly list each binary they can run as root and make sure there's no way they can modify those binaries. -- http://freebsdwiki.org/ - Encrypted mail welcome - keyid 0xBF15490B pgpiVlgjhcNY3.pgp Description: PGP signature
httpd processes caught in loop
Hey My httpd processes are caught in sbwait and eating my ram on a webserver. Does anyone know what i could do or what i should look for here because it's bringing down the server and i can't think of anything else to try. I've been checking processes, socket usage and so on but can't find anything responsible. I'm thinking a runaway script but i can't find it. Some server confs: kern.ipc.nmbclusters=32768 kern.maxproc=4096 kern.maxprocperuid=2048 and kern.ipc.somaxconn=1024 kern.maxfiles=65536 kern.maxfilesperproc=32768 Med vänliga hälsningar Stefan Midjich, Swebase AB Tel: 042-20 15 00 Fax: 042-20 15 03 E-post: [EMAIL PROTECTED] Webb: http://swebase.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
finding ram eating process
Hey I have a process thats eating up all my ram, in my case it's actually child processes of apache who are doing it and i tried joining the apache mailing list but got no reply from the list. The server in question has about a gig of ram and after less then work day of running it has 150MB left, has not touched it's swap and tons of httpd processes in sbwait mode. I would like to track down the source of this ram stealer but i don't know how. Med vänliga hälsningar Stefan Midjich, Swebase AB Tel: 042-20 15 00 Fax: 042-20 15 03 E-post: [EMAIL PROTECTED] Webb: http://swebase.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: XFree86 Config (continued)
Daniela said the following on 6/11/2004 6:39 PM: On Friday 11 June 2004 20:36, LW Ellis wrote: OK thanx to all the help, I think I'm getting close. I have a config file that works fineonly as long as I am signed in as root. KDE-Lite loads and works fine... However If I sign in as a user, I get a grey-green screen with some white windows. I put the config file in etc/X11/XF86Config. There maybe other copies somewhere, but I think I got most of them. Do I have the config file in the right place? Copy the file '.xinitrc' from root's home directory to the respective user's home directory. This is because every user can have his own desktop, so every user will have to specify one in order not to get the default one. It's also possible to set a system-wide default, but I've never done this. Ack.. I knew it was .xsomething ;) G. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
What's the big difference between Linux and Unix??
Linux is UNIX, but why is Fedora Core a Linux and FreeBSD a UNIX? I searched on the internet for an answer, but after visiting 10 sites I gave up. If U could please help me, I'm getting confused. Greetings, Grauwmans Steven ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: What's the big difference between Linux and Unix??
Grauwmans Steven wrote: Linux is UNIX, but why is Fedora Core a Linux and FreeBSD a UNIX? I searched on the internet for an answer, but after visiting 10 sites I gave up. If U could please help me, I'm getting confused. Linux is a kernel. Fedora uses this kernel, and therefore is a Linux *distribution*, such as many other (see http://www.distrowatch.com for example). All distributions (note this term) which use this common kernel are Linux, so to say. All these distributions look and feel like Unix, they are Unix clones. FreeBSD does not use the Linux kernel, but has its own. FreeBSD is based on one of the original Unices, namely BSD Unix. Therefore, it is Unix, but not Linux. HTH. -PU ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: chroot versus jail for the name daemon
On Sat, Jun 12, 2004 at 12:53:41PM +0100, Robert Downes wrote: Questions (for the old and wise): So, are there any FreeBSD-internals masters who can answer the following: 1) What happens if named is broken with neither chroot nor jail, assuming named is running as user and group bind (rather than as root)? 2) What happens if named is broken while using chroot? 3) What happens if named is broken while in a jail, and how is this less dangerous than using chroot? Without the restriction of the named process either by using jail(8) or chroot(2) anyone that can subvert the BIND process (presumably by some sort of buffer overflow exploit) would be able to write files anywhere on the system. That means an attacker can set things up so that they can log in remotely as the bind UID, and once an attacker has local access to your system, breaking root is a lot easier for them. Now, that assumes that there is a buffer overflow or some such in named(8) that a remote user can exploit. Unfortunately it has been shown again and again that in any project of the scale of BIND, such things are almost impossible to avoid. chroot'ing named does limit the damage that an attacker can do if they break in via named -- there won't be any tools within the chroot'ed area that an attacker can use, or any simple means whereby they can copy those tools onto the system via the network. The same thing goes for thin jails, but the tendency does seem to be for many jails to be set up as fat -- ie. essentially complete BSD environments. People will say, quite accurately, that even if an attacker can break root in the jail, they don't automatically get to break root in the host system. However, you should ask yourself if breaking root in the host system is something an attacker would necessarily need to do, given that they have managed to take over the almost equivalent resources of the fat jail. The thing about these sort of security measures is not that they offer an absolute guarrantee that your system is unhackable -- no one can promise that. The idea is to make attacking your system so difficult and unrewarding that the black-hats go away and attack someone else instead. However, all of those measures take up system resources and management effort: it's a matter of judgement as to whether the costs of imposing such things pay off the benefits of the increased security. My personal judgement is that the chroot(2) function built into named(8) is easy to implement, costs virtually nothing to manage compared to not doing it, and is well worth the bother and suficient for the sort of low impact domains I'm running. Even so, the prime security danger with named is not subversion of the named process, but poisoning the actual DNS database itself. Securing against that sort of thing is another kettle of fish -- there's a good article or two at: http://www.boran.com/security/sp/bind9_20010430.html Also, can FreeBSD run as a gateway with NAT while using a jail? A jail needs its own IP address, and that seems to intefere with the way other services need to be configured. It can, but it is quite a bit more complex to manage, and there's the whole 'split horizon' problem to deal with. (ie. you can create a jail to contain a webserver on your NAT gateway, and you can make it accessible either to your internal networks or to the Internet at large, but making it accessible to both is rather harder.) If you are particularly concerned about security, then it's a good idea to keep your NAT gateway/firewall machine as simple as possible. Ideally, it should run *only* the NAT/firewalling service. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpqeHT4E5PFZ.pgp Description: PGP signature
Re: What's the big difference between Linux and Unix??
On Sat, Jun 12, 2004 at 10:06:49AM +0200, Grauwmans Steven wrote: Linux is UNIX, but why is Fedora Core a Linux and FreeBSD a UNIX? I searched on the internet for an answer, but after visiting 10 sites I gave up. If U could please help me, I'm getting confused. Because FreeBSD code is derived from the 4.4 BSD release by the CSRG at Berkeley, and they developed their code based on Unix code from ATT who were the original authors of Unix. Linux on the otherhand was a cleanroom implementation of a unix-like operating system not incorporating any code from previous Unix systems. (Despite what SCO is claiming, which IMHO is a load of tosh). Mind you, there has been significant cross fertilization between Linux, the BSD and SysV Unix camps. I tend to think that Linux passes the duck test as far as being a Unix variant, and that it should be known as such. I also think that the unix vs Unix(TM) distinction -- i.e. whether the OS has licensed code from ATT or it's heirs -- is pretty much irrelevant nowadays. For more detail that you could possibly want about the descent of Unix, see: http://www.levenez.com/unix/ (Very much up-to-date, that site -- already mentions FreeBSD 4.10.) Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way PGP: http://www.infracaninophile.co.uk/pgpkey Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK pgpSEI6czncB0.pgp Description: PGP signature
swap size and zombie
*This message was transferred with a trial version of CommuniGate(tm) Pro* Looking at a web/email server with the following from top ... last pid: 29494; load averages: 0.00, 0.00, 0.00 up 85+12:33:05 23:07:44 39 processes: 1 running, 37 sleeping, 1 zombie CPU states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle Mem: 197M Active, 545M Inact, 176M Wired, 51M Cache, 112M Buf, 33M Free Swap: 2048M Total, 184K Used, 2048M Free Does it look like the swap file is way too big? The box has been online for awhile, yet it seems like the swap file is not utilized very much at all. For that matter, the server is clearly overpowered for what it does, but better than underpowered I suppose. Also, I cannot seem to get rid of that zombie... it happens at boot time: root 0 0.0 0.0 00 ?? ZW - 0:00.00 (perl) Thanks, Chris _ Email harvesters eat this: [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: two tar issues: man page and --totals behaviour
On Fri, Jun 11, 2004 at 08:50:17AM -0400, Lowell Gilbert wrote: Stefan A. Deutscher [EMAIL PROTECTED] writes: Hi folks, just noticed two issues with tar on FreeBSD 5.1 (actually, it is GNU tar 1.13.25): It's a heavily modified version of Gnu tar, actually. (1) The man page is somewhat out of sync with what tar --help shows in terms of options Should I submit a PR for that one, or send a bug report to the gnu tar maintainers, or both? The man page isn't a primary documentation method; the *real* manual is in Gnu info. [info tar] It's probably the local (FreeBSD) changes that haven't gotten documented. Ah, didn't think of info. Usually, man pages which have been abandoned in favour of online info docs do say so. Will try to submit a patch for that one, at least :-) (2) The option --totals, according to the docs and --help, is supposed to show the bytes _written_. It does not quite: - When running plain 'tar c', it actually shows the bytes written. - When running tar with any of the built-in compression flags, such as 'tar -c -{z,Z,y}', it shows the exact same number of bytes as when invoked without these flags. While, technically, it might show the bytes written _to_ the compression program, for all practical purposes it appears to show what was _read_ from disk. The space used on tape may be significantly smaller. I understand that for backwards compatibility one cannot just change the behaviour of this flag from one day to another. Fixing the docs might be the easy way out, but I'd like to suggest the addition of some flag that reports what was actually written _to_ the tape device. Even if the device-internal HW compression may change what actually ends up on tape (i.e. compressing uncompressed stuff somewhat while probably not gaining anything on gzip or bzip2), this would give a better indicator of tape usage and space left on a tape. This would be fairly tricky to implement with an external compression filter in software, never mind in hardware. Hm. I thought tar talk to the tape directly, even when it invokes an external (or internal) compression algorithm? If it was to do something like 'tar cf - . | gzip -dc - | dd if=- of=/dve/sa0' I'd understand that counting what hits the tape _device_ from within tar is next to impossible. However, I didn't see it do that. So, if tar talks to the tape device directly and sends it blocks of (compressed) data, it shouldn't be too hard to have it count 'em as well? I have no idea whether this has been discussed here already, google didn't like me enough to turn up relevant threads. Nor do I know how the upcoming bsdtar handles that flag's behaviour. I don't think bsdtar has such a flag, actually. Again, should I submit a PR for that one, or send a bug report to the gnu tar folks, or both? If you have written the code to do what you're saying, please do submit it. Don't have any code to submit and didn't even look at the code yet. But it does make a worthwhile project for one of those rainy evenings, I'll put it on my to do list. Cheers, Stefan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: finding ram eating process
[EMAIL PROTECTED] wrote: Hey I have a process thats eating up all my ram, in my case it's actually child processes of apache who are doing it and i tried joining the apache mailing list but got no reply from the list. The server in question has about a gig of ram and after less then work day of running it has 150MB left, has not touched it's swap and tons of httpd processes in sbwait mode. I would like to track down the source of this ram stealer but i don't know how. How do you know that RAM is leaking? Does it hit swap eventually? Free RAM is wasted RAM. FreeBSD doesn't free ram until it needs it. When no long used, it's moved to the buffer or the cache. It's not unusual for a machine that's been running for a while to show very, very little free RAM. This is by design. Ram in the buffer or cache can be converted to free RAM with very little effort, and if the buffer or cache RAM can be reused instead of freed, it improves performance greatly. Make sure there's an actual process or processes and there really is a memory leak before wasting time chasing this around. Run top -osize and watch to see what processes at the top are using. Look at the active RAM in top and see if that fills up without end. And leave the system running for a few days. If there's a true leak, it'll need to use swap sooner or later. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hardware compatability list query (of d00m)
On Fri, Jun 11, 2004 at 06:53:17PM +0100, Mike Woods wrote: Anyway, to the point, is there a big hardware compatability list anyway, i dont mean like the one on freebsd.org rather a site stating actual tried and tested cards and the like as opposed to chipsets and controllers ? for laptops and pcmcia cards there is: http://gerda.univie.ac.at/freebsd-laptops/ hth, toni -- Wer es einmal so weit gebracht hat, dass er nicht | toni at stderror dot at mehr irrt, der hat auch zu arbeiten aufgehoert| Toni Schmidbauer -- Max Planck | pgpiHhbNjhYQI.pgp Description: PGP signature
Re: want sudo but not sudo su - how
On Sat, Jun 12, 2004 at 11:59:59AM +, Andy Smith wrote: It might be best to just say I don't want you doing this and then punish people who do, since you do have logs. yeah, thought this might be the case :| thanks for confirming it. If you're trying to restrict what people can do with sudo it will be better to explicitly list each binary they can run as root and make sure there's no way they can modify those binaries. yeah, but too many binaries (or roles too diffuse, tightening up of which would be another way of handling it) cheers -- John ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 64 bits PCI gigabit Network card
On Wed, Jun 09, 2004 at 12:54:56PM -0400, Peter Kok wrote: Does freebsd support 64 bits PCI gigabit Network card? how about D Link DGE-550SX http://www.freebsd.org/releases/5.2.1R/hardware.html or http://www.freebsd.org/releases/4.10R/hardware.html hth, toni -- Wer es einmal so weit gebracht hat, dass er nicht | toni at stderror dot at mehr irrt, der hat auch zu arbeiten aufgehoert| Toni Schmidbauer -- Max Planck | pgpPiEX7mzS98.pgp Description: PGP signature
RE: What's the big difference between Linux and Unix??
This is a hard one to answer. Most people disagree slightly on this question. It all depends on your perspective. If you go by companies that are allowed to use the UNIX copyright, then only IBM AIX and Sun Solaris are UNIX. If you go by the posix specification, then most operating systems can be considered UNIX as many implement portions of the posix specification if not all of it. Even windows NT/2k/XP have a posix subsystem. (not unix though as they don't have a userland remotely close) I used to get real gun ho on the idea that *BSD is older than GNU/Linux. That was false in one sense. The linux kernel is actually older than the *BSD code that all BSDs are based on. The reason is that most of the BSD kernel was rewritten and implemented AFTER the first public linux kernel release. So on one hand only system V implementations contain any original UNIX code. (aside from a small portion that was considered ok during the lawsuit) I'm sure several others will disagree with me, but this is what I've learned from websites and part of an O'reilly book on the history of open source. I forget the exact title. Also, I don't think a true linux fan would consider linux as UNIX. The reason is the title.. GNU/Linux is the proper name and if you lookup what GNU stands for, you'll see my point. :) As for SCO, I don't think they have much claim over linux code. They might not even own the UNIX code as Novell claims. Either way, SCO UNIX was based on Microsoft Unix (Xenix?) so I laugh at the idea anyway. To summarize, it depends how you interpret the *facts*. I don't think anyone really remembers all the details anymore. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grauwmans Steven Sent: Saturday, June 12, 2004 4:07 AM To: [EMAIL PROTECTED] Subject: What's the big difference between Linux and Unix?? Linux is UNIX, but why is Fedora Core a Linux and FreeBSD a UNIX? I searched on the internet for an answer, but after visiting 10 sites I gave up. If U could please help me, I'm getting confused. Greetings, Grauwmans Steven ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
known error building expat2
Could someone take pity on me - I am not a C programmer. The following error appears in building expat2, it has been reported as a bug in the port and it doesn't look like it will get attention soon. Unfortunately I need to get through this port. I've done some investigation. Short of a crash course in C programming, I am quite lost trying to figure out the error. In /usr/ports/textproc/expat2 xmlwf/xmlwf.c:24: syntax error before `characterData' *** Error code 1 Stop in /usr/ports/textproc/expat2/work/expat-1.95.7. *** Error code 1 This has been reported as an error: ports/64259: expat-1.95.7 compile fails with non-obvious syntax error (http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2004-March/027615.html) and has been assigned a severity - low, rightly so -- Joe S. praxis makes perfect. - anon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mod_frontpage
Hi all, the continuing saga of my new server setup uing ONLY things from ports finds that mod_php and mod_ssl are installed and working, However, when I try to do the mod_frontpage I get an error telling me that the I need to install the extensions, when I try to install, I get this nasty error about c.3 not being available. Any ideas? === frontpage-5.0.2.2623_1 depends on shared library: c.3 - not found ===Verifying install for c.3 in /usr/ports/misc/compat3x === compat3x-i386-4.4.20020925 is forbidden: FreeBSD-SA-03:05.xdr, FreeBSD-SA-03:08.realpath - not fixed / no lib available. -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: want sudo but not sudo su - how
At 2004-06-12T10:14:02Z, John [EMAIL PROTECTED] writes: Is there a way of enforcing this? No. For example, if you let them run vim as root, then they can open a shell from there and run commands in it. Either configure a list of commands that they can use safely, or set down a clear policy and enforce it. -- Kirk Strauser 94 outdated ports on the box, 94 outdated ports. Portupgrade one, an hour 'til done, 82 outdated ports on the box. pgp3wobwNt6Re.pgp Description: PGP signature
NAT vs Public IP Range info needed, please
Hello, I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle access, firewall and nat duties. The ISP's DSL package includes 8 static ip addresses: - 1 - network addr 1 - broadcast addr 1 router address 5 usable ip addresses I have been reading up on NAT and address redirection in the HandBook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html) and have come accross section 19.13.5 Address Redirection. Here it reads: The -redirect_address syntax is as follows: -redirect_address localIP publicIP localIP The internal IP address of the LAN client. publicIPThe external IP address corresponding to the LAN client. In the example, this argument would read: -redirect_address 192.168.0.2 128.1.1.2 -redirect_address 192.168.0.3 128.1.1.3 What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? I'd appreciate any pointers to where I might find more information that might assist me, or an explanation of what it is that I am not understanding when reading the HandBook. Thanks for the time. Regards, Stacey pgpmAIbnXhIeY.pgp Description: PGP signature
Resource temporarily unavailable crash in vi
Hello, I'm lately experiencing the Resource temporarily unavailable crash in vi a lot. I've had the same thing happen in other programs (eg, cvs, while it was waiting for input), so it's not something that's specific to vi. Someone even had it happen with cat: http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2003-08/0497.html I went about investigating this occurance. I added an abort() to strerror() so I would get a coredump before the error message is printed. The results are a bit surprising: #0 0x2814406f in kill () from /lib/libc.so.5 #1 0x28138da8 in raise () from /lib/libc.so.5 #2 0x281ae493 in abort () from /lib/libc.so.5 #3 0x28193be3 in strerror () from /lib/libc.so.5 #4 0x08053e15 in free () #5 0x0804bcc0 in free () #6 0x0804b929 in free () #7 0x08050b85 in free () #8 0x0807e331 in free () #9 0x0807d12e in free () #10 0x0807cb8c in free () #11 0x08053307 in free () #12 0x0804b063 in free () #13 0x0804a3b9 in free () I then found these two postings that seem to point in the correct direction: http://unix.derkeiler.com/Mailing-Lists/FreeBSD/stable/2003-08/0094.html http://monkey.org/openbsd/archive/misc/0310/msg01101.html This vi thing has happened most often while i working in KDE's Konsole. I'd open a new window, switch back to the old one, and vi would have crashed. It also happens when I'm starting vi in a Konsole. Now, I think the problem (or one of the programs that make it apparent) is Konsole. However, before filing a bug report, I'd like to get some more information. If you've ever encountered this bug, what were the circumstances? If you've researched it some, what did you find out? Greetings Benjamin Lutz pgpC6E6COJItW.pgp Description: PGP signature
RE: NAT vs Public IP Range info needed, please
-Original Message- Hello, I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle access, firewall and nat duties. The ISP's DSL package includes 8 static ip addresses: - 1 - network addr 1 - broadcast addr 1 router address 5 usable ip addresses I have been reading up on NAT and address redirection in the HandBook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/net work-natd.html) and have come accross section 19.13.5 Address Redirection. Here it reads: The -redirect_address syntax is as follows: -redirect_address localIP publicIP localIP The internal IP address of the LAN client. publicIPThe external IP address corresponding to the LAN client. In the example, this argument would read: -redirect_address 192.168.0.2 128.1.1.2 -redirect_address 192.168.0.3 128.1.1.3 What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? I'd appreciate any pointers to where I might find more information that might assist me, or an explanation of what it is that I am not understanding when reading the HandBook. Stacey, The public IP address for the gateway WILL be used for NAT'ing, if you choose to do so. In order to get things to work correctly, you're going to need three NICs installed in this machine (counting one of them as the DSL PCI card). Their use are as follows: Sis0: This is your DSL interface (probably not going to be called sis0) Sis1: This is your internal, non-DMZ interface, i.e. NAT'd. Sis2: This is your DMZ interface, i.e. non-NAT'd. If you read the man pages on NAT (man nat, iirc), you'll learn the syntax and such to use within your rc.conf file to configure the correct interfaces. When I've got more time, if you can't figure it out, I'll post a more elaborate configuration for you. HTH Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NAT vs Public IP Range info needed, please
On Sat, 12 Jun 2004, Stacey Roberts wrote: Hello, I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle access, firewall and nat duties. The ISP's DSL package includes 8 static ip addresses: - 1 - network addr 1 - broadcast addr 1 router address 5 usable ip addresses I have been reading up on NAT and address redirection in the HandBook (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-natd.html) and have come accross section 19.13.5 Address Redirection. Here it reads: The -redirect_address syntax is as follows: -redirect_address localIP publicIP localIP The internal IP address of the LAN client. publicIPThe external IP address corresponding to the LAN client. In the example, this argument would read: -redirect_address 192.168.0.2 128.1.1.2 -redirect_address 192.168.0.3 128.1.1.3 What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) All entirely reasonable As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? You havent missed anything in the hand book but I suggest reading the natd manpage, specificly -alias_address | -a address Use address as the aliasing address. Either this or the -interface option must be used (but not both), [more here but no need to post it as you have it all already] Also it might be worth looking at at the ipf/ipnat ipfilter stuff and seeing which you find easier to use. (examples in /usr/share/examples/ipfilter for ipfilter , see the handbook or manpage for ipfw.) I'd appreciate any pointers to where I might find more information that might assist me, or an explanation of what it is that I am not understanding when reading the HandBook. Thanks for the time. Regards, Stacey ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
aix
hi all my company is sending me on an aix/rs6000 course next month Ive been using Linux as my main OS for 2 years (thats when M$ went for good from my home :) )and been playing with BSD for about 6 months are there any fundamental differences i should be aware of before admitting any knowledge of *nix Arden ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
XFree86 5.2.1 question
The question is really where to ask about a suspected issue between the two. I have a very old Dell Inspiron 7500 and a Dell PE300 that work with 4.x. With 5.2.1 XFree85 freezes the system making power-down being the only way out. Where (or should) I post this? _ Douglas Denault http://www.safeport.com [EMAIL PROTECTED] Voice: 301-469-8766 Fax: 301-469-0601 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problems to install FreeBSD 5.0 with USB keyboard
Rafael Oliveira Ribeiro [EMAIL PROTECTED] writes: I'm trying to install FreeBSD 5 using a bootable CD-ROM, but I can get my USB keyboard working. Is there any way to solve this problem? Start by trying 5.2.1... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
TransGaming WineX 3.3.2
Anybody of you have successfully run WineX under FreeBSD env? Share the experience! Thank you. _ Check out the coupons and bargains on MSN Offers! http://youroffers.msn.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
emu10k1 gamepad support
I'm currently running 4.10-STABLE, and I have a SB Live 5.1 card in my box. I've been dying to get my Microsoft Sidewinder gamepad working through the gamepad/MIDI port. However, I couldn't figure out how to get the joy device working properly. The original code appeared to support an ISA device, but this is a PCI card. I have a license for OSS, so I've been using that for sound support for the past two weeks. Dev informed me that OSS enables the joystick port on the gamepad, but doesn't load a driver for it. I'm kinda stuck right now. I can read code, but I don't know enough C to actually write sophisticated code by myself, much less port drivers. I'd like to find a driver that will interact with the OSS drivers, but I'd also like to work on finding a driver that will interact with the default pcm driver, so that individuals who wish to use FreeBSD's native sound system can benefit from having gamepad support. Dev recommended I look into porting the emu10k1-gp driver to FreeBSD. I had also seen a patch floating around a while ago on Usenet for modifying the actual joy driver, but that didn't really get me anywhere. Does anybody have any suggestions? Any help would be welcome. If anybody is porting/has ported/is willing to port gamepad drivers to FreeBSD, that would definitely make my day. I'd like to help the FreeBSD project move forward with its multimedia support. Once I can get PCI gamepad support running, I won't have any reasons to boot into Windows anymore, and I'm sure my sentiment is shared. Thanks, Bill Sawyer Information Systems Six Flags St. Louis (636) 938-5300 x. 231 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NAT vs Public IP Range info needed, please
On Jun 12, 2004, at 09:46, Stacey Roberts wrote: The ISP's DSL package includes 8 static ip addresses: - 1 - network addr 1 - broadcast addr 1 router address 5 usable ip addresses The -redirect_address syntax is as follows: -redirect_address localIP publicIP localIP The internal IP address of the LAN client. publicIPThe external IP address corresponding to the LAN client. What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) Not sure I understand (it would help if you used a real public /29 to illustrate, your example doesn't follow legal subnet rules). in 1) above, the gateway host ip has to come out of the usable address pool, which you designate .4 - .8. So in 1) you could have the gateway IP as .4. In 2) You have .5 assigned for many-one NATing (in the Linux world they'd call this ip masquerading). In 3) you'd have THREE public addressed left that could be used for one-one NAT. As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? It is AFAIK, they just don't use it in the example. KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NAT vs Public IP Range info needed, please
On Jun 12, 2004, at 12:11, Kevin Stevens wrote: As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? It is AFAIK, they just don't use it in the example. Sorry, should have elaborated. This would be done by using the -alias_address option in natd, rather than the -interface option. man natd for more info. KeS -alias_address | -a address Use address as the aliasing address. Either this or the -interface option must be used (but not both), if the -proxy_only option is not specified. The specified address is usually the address assigned to the ``public'' network interface. All data passing out will be rewritten with a source address equal to address. All data coming in will be checked to see if it matches any already-aliased outgoing connection. If it does, the packet is altered accordingly. If not, all -redirect_port, -redirect_proto and -redirect_address assign- ments are checked and actioned. If no other action can be made and if -deny_incoming is not specified, the packet is delivered to the local machine using the rules specified in -target_address option below. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NAT vs Public IP Range info needed, please
Hello Eric, - Original Message - From: Eric Crist [EMAIL PROTECTED] To: To 'Stacey Roberts' Date: Sat, 12 Jun, 2004 18:23 BST Subject: RE: NAT vs Public IP Range info needed, please -Original Message- Hello, I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle access, firewall and nat duties. snipped What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? I'd appreciate any pointers to where I might find more information that might assist me, or an explanation of what it is that I am not understanding when reading the HandBook. Stacey, The public IP address for the gateway WILL be used for NAT'ing, if you choose to do so. In order to get things to work correctly, you're going to need three NICs installed in this machine (counting one of them as the DSL PCI card). Their use are as follows: Sis0: This is your DSL interface (probably not going to be called sis0) Sis1: This is your internal, non-DMZ interface, i.e. NAT'd. Sis2: This is your DMZ interface, i.e. non-NAT'd. Yes this is pretty much the set up that is envisaged for the network edge. If you read the man pages on NAT (man nat, iirc), you'll learn the syntax and such to use within your rc.conf file to configure the correct interfaces. I've seen other list-members' responses including a pointer to man natd(8) with respect to the alias switch, which I intend to study. When I've got more time, if you can't figure it out, I'll post a more elaborate configuration for you. Thanks for this, Eric. I've got to get the card first (hopefully with international shipping, it'll be able to get here within a few days so that I can start testing the set up. Given the confidence with which the others' have spoken of the alias switch, I'm now very much happier with the prospects for this solution than before. I'll certainly post back with what results I get. Thanks very much for taking the time to get back to me. Regards, Stacey HTH Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpvO69d1Vu2a.pgp Description: PGP signature
Re: NAT vs Public IP Range info needed, please
Hello Vince, Thanks for the reply. - Original Message - From: Vince Hoffman [EMAIL PROTECTED] To: To Stacey Roberts Date: Sat, 12 Jun, 2004 18:36 BST Subject: Re: NAT vs Public IP Range info needed, please On Sat, 12 Jun 2004, Stacey Roberts wrote: Hello, I am looking to replace a proprietary DSL router/modem with the Sangoma S518 ADSL PCI Controller, thereby placing a FreeBSD (4.10-Stable) server running ipfw to handle access, firewall and nat duties. snipped What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) All entirely reasonable As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? You havent missed anything in the hand book but I suggest reading the natd manpage, specificly -alias_address | -a address Use address as the aliasing address. Either this or the -interface option must be used (but not both), [more here but no need to post it as you have it all already] Excellent! I'll get onto this and see what needs to be done whilst I wait for the card to arrive. Also it might be worth looking at at the ipf/ipnat ipfilter stuff and seeing which you find easier to use. (examples in /usr/share/examples/ipfilter for ipfilter , see the handbook or manpage for ipfw.) I've never used ipfilter before - mainly because the HandBook had historically exclusively used ipfw in its examples since I started with FreeBSD back at 4.2. I'll certainly consider ipfilter as well to see what benefits it offers over ipfw. Thanks for that suggestion. Regards, Stacey I'd appreciate any pointers to where I might find more information that might assist me, or an explanation of what it is that I am not understanding when reading the HandBook. Thanks for the time. Regards, Stacey ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpguDOBfmmJz.pgp Description: PGP signature
Re: NAT vs Public IP Range info needed, please
Hi Kevin, Thanks for replying. - Original Message - From: Kevin Stevens [EMAIL PROTECTED] To: To Stacey Roberts Date: Sat, 12 Jun, 2004 20:11 BST Subject: Re: NAT vs Public IP Range info needed, please On Jun 12, 2004, at 09:46, Stacey Roberts wrote: The ISP's DSL package includes 8 static ip addresses: - 1 - network addr 1 - broadcast addr 1 router address 5 usable ip addresses The -redirect_address syntax is as follows: -redirect_address localIP publicIP localIP The internal IP address of the LAN client. publicIPThe external IP address corresponding to the LAN client. What I would like to know is if it is possible to do to following: - Given that the 5 usable public IP's are: 1.1.1.4, 1.1.1.5, 1.1.1.6, 1.1.1.7 1.1.1.8 1] G'Way host is assigned its own public IP - 1.1.1.3 2] LAN hosts' (all) traffic is NAT'd using one of the other public IP's - 1.1.1.4 3] Remaining 4 public IP addresses are left to be used other purposes (eg: true address redirection to a DMZ-host, that is not a member of the internal LAN subnet) Not sure I understand (it would help if you used a real public /29 to illustrate, your example doesn't follow legal subnet rules). in 1) above, the gateway host ip has to come out of the usable address pool, which you designate .4 - .8. So in 1) you could have the gateway IP as .4. In 2) You have .5 assigned for many-one NATing (in the Linux world they'd call this ip masquerading). In 3) you'd have THREE public addressed left that could be used for one-one NAT. Well.., despite the actual IP addresses used, you've got the general picture correct there. What I'm after is to be able to define an IP address that is *not* that which is assigned to the publicly-facing interface of the gateway as the nat ip address for internal lan hosts. As you see, the g'way's public ip is not being used for NAT'ing internal hosts' outgoing traffic, but another ip from within the assignied public ip address range. My reading of the NAT chapter does not suggest that there is a way to define the public IP with which traffic is to be translate. Is this functionality not supported, or have I missed something when reading the various sections? It is AFAIK, they just don't use it in the example. I've seen your follow-up mail arrive, where you've included the pointer to the alias -switch to natd(8). Cheers for that.., I'll have a read and try to work this out. Thanks again for taking the time. Regards, Stacey KeS ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpAvxhIWLFGd.pgp Description: PGP signature
Netscape not working
Hello everyone, When I try and install any of the netscape ports I get an error. [EMAIL PROTECTED] cd /usr/ports/ [EMAIL PROTECTED] portupgrade -N www/netscape7 * Your choices are saved. You must run the make command again to * complete the build. Ignore the Error code 1 below. *** Error code 1 Stop in /usr/ports/www/netscape7. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade4429.0 make** Fix the problem and try again. ** Listing the failed packages (*:skipped / !:failed) ! www/netscape7 (unknown build error) --- Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed [EMAIL PROTECTED] If i run #portupgrade -NP www/netscape7 it will install the package but won't run I get an error about ( or something any ideas? Bruce ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problems installing ffmpeg port in 5.1: can't find a register in class `GENERAL_REGS' while reloading `asm'
Something is broken in my system, that's for sure - but how can I solve it. I can't [EMAIL PROTECTED]:/usr/ports/multimedia/ffmpeg/ make install clean because (sorry if I copied too much, I'm not sure where the problems starts): i386/dsputil_mmx_rnd.h:362: warning: `avg_no_rnd_pixels8_l2_mmx' defined but not used i386/dsputil_mmx_rnd.h:409: warning: `avg_no_rnd_pixels16_l2_mmx' defined but not used i386/dsputil_mmx_avg.h:57: warning: `put_pixels8_l2_3dnow' defined but not used i386/dsputil_mmx_avg.h:129: warning: `put_pixels16_l2_3dnow' defined but not used i386/dsputil_mmx_avg.h:57: warning: `put_pixels8_l2_mmx2' defined but not used i386/dsputil_mmx_avg.h:129: warning: `put_pixels16_l2_mmx2' defined but not used cc -O -pipe -mcpu=pentiumpro -fPIC -DPIC -I/usr/local/include -I/usr/X11R6/include -Wall -DHAVE_AV_CONFIG_H -I.. -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -D_GNU_SOURCE -c -o i386/mpegvideo_mmx.o i386/mpegvideo_mmx.c In file included from i386/mpegvideo_mmx.c:493: i386/mpegvideo_mmx_template.c: In function `dct_quantize_MMX': i386/mpegvideo_mmx_template.c:89: can't find a register in class `GENERAL_REGS' while reloading `asm' i386/mpegvideo_mmx_template.c:141: can't find a register in class `GENERAL_REGS' while reloading `asm' gmake[1]: *** [i386/mpegvideo_mmx.o] Error 1 gmake[1]: Leaving directory `/usr/ports/multimedia/ffmpeg/work/ffmpeg-0.4.8/libavcodec' gmake: *** [lib] Error 2 *** Error code 2 Any help is much appreciated. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: known error building expat2
Joe [EMAIL PROTECTED] writes: Could someone take pity on me - I am not a C programmer. The following error appears in building expat2, it has been reported as a bug in the port and it doesn't look like it will get attention soon. Unfortunately I need to get through this port. I've done some investigation. Short of a crash course in C programming, I am quite lost trying to figure out the error. In /usr/ports/textproc/expat2 xmlwf/xmlwf.c:24: syntax error before `characterData' *** Error code 1 Stop in /usr/ports/textproc/expat2/work/expat-1.95.7. *** Error code 1 This has been reported as an error: ports/64259: expat-1.95.7 compile fails with non-obvious syntax error (http://lists.freebsd.org/pipermail/freebsd-ports-bugs/2004-March/027615.html) and has been assigned a severity - low, rightly so I *am* a C programmer, and the problem is obviously that the XMLCALL macro isn't getting defined, but I can't see why it wouldn't. The expat.h in the port will define it as long as __GNUC__ is defined, which it should be for any version of gcc I can recall. Non of the usual -questions information is included in the message (see http://www.lemis.com/questions.html for guidance), and the problem does not occur on my system (-STABLE and ports updated within the last week). ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
dynamic DNS issues - invalid TSIG key
FreeBSD-4.9-STABLE bind-9.2.3 okay I am trying to set up dynamic DNS to bind on a FreeBSD box. I have admin on both client and server side. the client is a redhat-8.0 machine with ISC DHCP installed. right now the client side is complaining of an invalid TSIG key. The keys are cut and Pasted and fomatted properly in each configuration file. so I am at a loss as to what to check next. I have attached the error message. I changed the hostnames and IP addresses to protect the inocent - are added to clarify what I did. --- snip --- Jun 12 14:45:44 hostname dhclient: if IN A hostname.domain.com. rrset doesn't exist add 3600 IN A hostname.domain.com. 10.2.1.1 add 3600 IN TXT hostname.domain.com. key_stuff: invalid TSIG key. --- snip --- I am following the forwarding tutorial at: http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html#forward so the configuration on the client side looks like this - --- /etc/dhclient-eth0.conf send fqdn.fqdn hostname.domain.com.; send fqdn.encoded on; send fqdn.server-update off; key hostname.domain.com. { algorithm HMAC-MD5; secret key; } zone domain.com { key hostname.domain.com.; } interface eth0 { send host-name hostname; send dhcp-client-identifier mac_address; send dhcp-lease-time 3600; prepend domain-name-servers 127.0.0.1; request subnet-mask, broadcast-address, time-offset, routers, domain-name, domain-name-servers, host-name; require subnet-mask, domain-name-servers; script /sbin/dhclient-script; } --- /etc/dhclient-eth0.conf and here are the modfifications on the server side. just the snippets that are relevant to this configuration. the file is fairly large. --- /etc/namedb/named.conf key hostname.domain.com. { algorithm HMAC-MD5; secret key; }; ... zone domain.com in { type master; file zones/domain.com; allow-transfer { 64.121.33.4; 216.218.220.21; }; allow-query { any; }; allow-update { none; }; notify yes; update-policy { grant hostname.domain.com. name hostname.domain.com. A TXT; grant hostname.domain.com. name hostname2.domain.com. A TXT; grant * self * A TXT; }; }; --- /etc/namedb/named.conf --- clues please? cheers, Noah ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Passing pwd_mkdb args to pw command
Is there any way to pass an argument to the pw command that could be passed to it when it invokes pwd_mkdb to rebuild the password database. On a system with about 25k users, it takes an inordinate amount of time to rebuild the database using the pw command. Invoking the pwd_mkdb on the master.passwd file using the -s flag (-s 96) speeds up this process immensely (FreeBSD 5.2.1-Release-P8). By immensely I mean from nearly 30 seconds to just under 5 seconds. The following scenario is why I ask: Have a perl script that adds a user to the master.passwd file (yeah I know, dangerous, but it's only bit me twice in as many years and could recover with the backup the script makes). Part of the script involves invoking system commands to make the home directory and change permissions on it. Unfortunately, even though testing for the return status, I still find that that often the chown system call fails with directory not found. It would seem that the mkdir command returns a status of success before the directory tables are actually updated and/or the changes written to disk. (This happens regardless of whether I use the perl builtins or system() calls). So the idea would be to invoke the pw command instead, but having a 30 second rebuild for every user added, deleted, password changed, etc is kind of a show stopper here. Has anyone patched or found a way to make this happen? If not, has anyone done similar to what I am trying to do or found other workarounds? Thanks, Sven ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
40GB harddisk on Creative Soundblaster AWE32 / wavetable/midi support for AWE32?
Hiho! :-) Yesterday I installed an old Creative Soundblaster AWE32 ISA in my computer. During boot I noticed that the ata(4) driver attached to the onboard (cdrom) ide-controller. So I got curious and hooked up my new dvd-drive (Toshiba M1712) . Worked like a charm (PIO4 only, of course :-)). Then I got *really* curious and hooked up my Maxtor 40GB disk to the ide-controller, thinking: this will never ever work. 3 minutes later, I saw, much to my surprise, that it *worked*. The drive was recognized during boot, I could mount my fat32 partitions and got a transfer rate of about 3,3mb/s from the drive. First of all, thanks to Soren, whose great ata driver made that experiment possible. :-) Second, can anybody explain *why* it worked? Creative (and Google) claim that the ide-controller supports cdroms (atapi) only and even if that is wrong, why does it recognize my 40gb drive (the card was made in 1994)? Third, is there any driver that supports the Wavetable/Midi part of the AWE32? :-) I'm running FreeBSD 5.2.1-RELEASE-p8. Thanks in advance! :-) Bye Marc ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: aix
arden [EMAIL PROTECTED] wrote: hi all my company is sending me on an aix/rs6000 course next month Ive been using Linux as my main OS for 2 years (thats when M$ went for good from my home :) )and been playing with BSD for about 6 months are there any fundamental differences i should be aware of before admitting any knowledge of *nix It really depends on what you're going to admit knowledge of, as far as I can see. If you're going to claim that you know your way around a command line, and understand the core concepts of Unix, as well as the fundamentals of admining a Unix system. And if you're going to say that you've been using Linux and FreeBSD for a certain length of time, I think you'll be in a good place. You may be surprised at how AIX behaves on a low level, though. Like if you start looking through it's sysctls (does AIX have sysctls?) or if you peruse the /etc directory to see how things get started at boot time. -- Bill Moran Potential Technologies http://www.potentialtech.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfilter allowing samba
Hi, Need to know how to enable ipfilter to allow samba in. I've got a box that has two interfaces on it. I need to have ipfilter allow samba in on ed0, am not sure how to do this without dropping the firewall, which is not an option. Any help appreciated. This is only from the local network, not the net. Thanks. Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfilter allowing samba
Hey Dave, You need to allow exceptions in ipfilter for ports 137 to 139. The following rules should work: pass in quick on ed0 proto tcp from 192.168.0.0/16 to 192.168.0.1/32 port = 137 keep state pass in quick on ed0 proto tcp from 192.168.0.0/16 to 192.168.0.1/32 port = 138 keep state pass in quick on ed0 proto tcp from 192.168.0.0/16 to 192.168.0.1/32 port = 139 keep state Where 192.168.0.0 is your network and 192.168.0.1 is your server IP. Cheers, Bill Sawyer Information Systems Six Flags St. Louis (636) 938-5300 x. 231 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
apache2 port
Hello, I've got a 5.2.1 machine that has the latest apache on it via ports. Instead of translating my index.html file i am getting a directory listing vs. the page. Like instead of seeing the html home, favorites, and so forth on this page, i'm basically given a directory listing. Any ideas? Thanks. Dave. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: swap size and zombie
In the last episode (Jun 12), Chris said: Looking at a web/email server with the following from top ... last pid: 29494; load averages: 0.00, 0.00, 0.00 up 85+12:33:05 23:07:44 39 processes: 1 running, 37 sleeping, 1 zombie CPU states: 0.0% user, 0.0% nice, 0.0% system, 0.0% interrupt, 100% idle Mem: 197M Active, 545M Inact, 176M Wired, 51M Cache, 112M Buf, 33M Free Swap: 2048M Total, 184K Used, 2048M Free Does it look like the swap file is way too big? The box has been online for awhile, yet it seems like the swap file is not utilized very much at all. For that matter, the server is clearly overpowered for what it does, but better than underpowered I suppose. Sysinstall defaults to creating a swap partition that is 2x RAM, but for large-memory systems it's usually overkill (do you really plan on running 3gb worth of processes in a 1gb system?). 1x RAM is the minimum if you want to be able to save kernel crashdumps though, so it may be useful if you ever double the RAM in the box. Also, I cannot seem to get rid of that zombie... it happens at boot time: root 0 0.0 0.0 00 ?? ZW - 0:00.00 (perl) Run ps axl, find the parent process (PPID column), and fix the bug in it :) -- Dan Nelson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problem building /usr//ports/x11-fonts/fontconfig
Bleh - i tried upgrading from freebsd 4.5 to 4.10 and now I'm having this problem: cfreetype.lo fcfreetype.c: In function `FcFreeTypeQuery': fcfreetype.c:280: syntax error before `psfontinfo' fcfreetype.c:739: `psfontinfo' undeclared (first use in this function) fcfreetype.c:739: (Each undeclared identifier is reported only once fcfreetype.c:739: for each function it appears in.) gmake[2]: *** [fcfreetype.lo] Error 1 gmake[2]: Leaving directory `/f/ports/x11-fonts/fontconfig/work/fontconfig-2.2.2/src' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/f/ports/x11-fonts/fontconfig/work/fontconfig-2.2.2' gmake: *** [all] Error 2 I did upgrade XFree86 to latest version in an attempt to fix this problem (I presume it is related to some library not being up to date - but I would also assume the dependencies would catch that)... Oh well any suggestions ? Alan . ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: aix
In the last episode (Jun 12), arden said: my company is sending me on an aix/rs6000 course next month Ive been using Linux as my main OS for 2 years (thats when M$ went for good from my home :) )and been playing with BSD for about 6 months are there any fundamental differences i should be aware of before admitting any knowledge of *nix AIX feels sort of like Microsoft's Windows Services for UNIX package from my perspective. Most of the commands you will want to use work, but they're sort of on top of something that's not standard Unix at all. It doesn't use syslog, for example; it uses a binary log you must run errpt to read. Memory management is difficult to tune as well (and you will need to tune it almost immediately). There's an rc.d directory, but it's only used for 3rd-party apps; none of the AIX packages use it. After using AIX, I realize why IBM is pushing Linux so much. In other words, Unix knowledge will help, but not as much as it might for other Unix-like systems. Pay attention at the course :) -- Dan Nelson [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Nearly 2.5 Million Active Sites running FreeBSD
Ran across this on Netcraft: http://news.netcraft.com/archives/2004/06/07/nearly_25_million_active_sites_running_freebsd.html Good job people! Beech -- --- Beech Rintoul - System Administrator - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | NorthWind Communications \ / - NO HTML/RTF in e-mail | 201 East 9th Avenue Ste.310 X - NO Word docs in e-mail | Anchorage, AK 99501 / \ - ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Nearly 2.5 Million Active Sites running FreeBSD
Ran across this on Netcraft: http://news.netcraft.com/archives/2004/06/07/nearly_25_million_active_sites_running_freebsd.html Good job people! Beech -- --- Beech Rintoul - System Administrator - [EMAIL PROTECTED] /\ ASCII Ribbon Campaign | NorthWind Communications \ / - NO HTML/RTF in e-mail | 201 East 9th Avenue Ste.310 X - NO Word docs in e-mail | Anchorage, AK 99501 / \ - ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]