Procmail: how to deliver email over an ssh-tunnel to my smtp server.
Hello, I'm having 4.11 and 5.3 FreeBSD PCs. All incoming email arrives through fetchmail (using imap protocol). I then filter all email with procmail, which is configured such that it trashes spam, or delivers to local mailbox, or forwards to another external address. For external delivery, I have set up an ssh tunnel to my smtp server: ssh -N -f -L 2525:localhost:25 smtp.server.it What do I have to do next, to have the delivery work properly? Can I tell procmail to push the email directly onto the port 2525 of the ssh tunnel? Or do I have to reconfigure sendmail for this? (sendmail reconfiguration info looks like a nightmare to me though). Do I have other options? Thanks, Rob. __ Do you Yahoo!? Yahoo! Personals - Better first dates. More second dates. http://personals.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
too many illegal connection attempts through ssh
hello, shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? thank you in advance! -edwin Mar 26 05:00:00 pawikan newsyslog[11879]: logfile turned over due to size100K Mar 26 22:49:29 pawikan sshd[66637]: Illegal user test from 211.176.33.46 Mar 26 22:49:32 pawikan sshd[66639]: Illegal user guest from 211.176.33.46 Mar 26 22:49:35 pawikan sshd[66641]: Illegal user admin from 211.176.33.46 Mar 26 22:49:37 pawikan sshd[66643]: Illegal user admin from 211.176.33.46 Mar 26 22:49:40 pawikan sshd[66645]: Illegal user user from 211.176.33.46 Mar 26 22:49:50 pawikan sshd[66654]: Illegal user test from 211.176.33.46 Mar 27 02:50:12 pawikan sshd[69369]: Illegal user test from 210.0.141.89 Mar 27 02:50:14 pawikan sshd[69463]: Illegal user guest from 210.0.141.89 Mar 27 02:50:15 pawikan sshd[69650]: Illegal user admin from 210.0.141.89 Mar 27 02:50:17 pawikan sshd[69745]: Illegal user admin from 210.0.141.89 Mar 27 02:50:18 pawikan sshd[69858]: Illegal user user from 210.0.141.89 Mar 27 02:50:24 pawikan sshd[70319]: Illegal user test from 210.0.141.89 Mar 27 04:10:58 pawikan sshd[5171]: Illegal user test from 218.188.9.202 Mar 27 04:10:59 pawikan sshd[5173]: Illegal user guest from 218.188.9.202 Mar 27 04:11:00 pawikan sshd[5175]: Illegal user admin from 218.188.9.202 Mar 27 04:11:01 pawikan sshd[5190]: Illegal user admin from 218.188.9.202 Mar 27 04:11:02 pawikan sshd[5192]: Illegal user user from 218.188.9.202 Mar 27 04:11:07 pawikan sshd[5200]: Illegal user test from 218.188.9.202 Mar 27 12:13:21 pawikan sshd[9236]: Did not receive identification string from 61.59.143.27 Mar 27 12:23:03 pawikan sshd[13482]: Illegal user jordan from 61.59.143.27 Mar 27 12:23:07 pawikan sshd[13484]: Illegal user michael from 61.59.143.27 Mar 27 12:23:11 pawikan sshd[13486]: Illegal user nicole from 61.59.143.27 Mar 27 12:23:14 pawikan sshd[13488]: Illegal user daniel from 61.59.143.27 Mar 27 12:23:18 pawikan sshd[13490]: Illegal user andrew from 61.59.143.27 Mar 27 12:23:21 pawikan sshd[13492]: Illegal user nathan from 61.59.143.27 Mar 27 12:23:25 pawikan sshd[13494]: Illegal user matthew from 61.59.143.27 Mar 27 12:23:29 pawikan sshd[13496]: Illegal user magic from 61.59.143.27 Mar 27 12:23:33 pawikan sshd[13498]: Illegal user lion from 61.59.143.27 Mar 27 12:23:37 pawikan sshd[13500]: Illegal user david from 61.59.143.27 Mar 27 12:23:41 pawikan sshd[13502]: Illegal user jason from 61.59.143.27 Mar 27 12:23:45 pawikan sshd[13504]: Illegal user ben from 61.59.143.27 Mar 27 12:23:49 pawikan sshd[13506]: Illegal user carmen from 61.59.143.27 Mar 27 12:23:53 pawikan sshd[13510]: Illegal user justin from 61.59.143.27 Mar 27 12:23:57 pawikan sshd[13512]: Illegal user charlie from 61.59.143.27 Mar 27 12:24:02 pawikan sshd[13514]: Illegal user steven from 61.59.143.27 Mar 27 12:24:06 pawikan sshd[13517]: Illegal user brandon from 61.59.143.27 Mar 27 12:24:09 pawikan sshd[13519]: Illegal user brian from 61.59.143.27 Mar 27 12:24:13 pawikan sshd[13521]: Illegal user stephen from 61.59.143.27 Mar 27 12:24:17 pawikan sshd[13523]: Illegal user william from 61.59.143.27 Mar 27 12:24:21 pawikan sshd[13525]: Illegal user angel from 61.59.143.27 Mar 27 12:24:27 pawikan sshd[13527]: Illegal user emily from 61.59.143.27 Mar 27 12:24:31 pawikan sshd[13529]: Illegal user eric from 61.59.143.27 Mar 27 12:24:36 pawikan sshd[13531]: Illegal user joe from 61.59.143.27 Mar 27 12:24:39 pawikan sshd[13533]: Illegal user tom from 61.59.143.27 Mar 27 12:24:43 pawikan sshd[13535]: Illegal user billy from 61.59.143.27 Mar 27 12:24:47 pawikan sshd[13537]: Illegal user buddy from 61.59.143.27 Mar 27 12:24:50 pawikan sshd[13540]: Illegal user jeremy from 61.59.143.27 Mar 27 12:24:54 pawikan sshd[13542]: Illegal user vampire from 61.59.143.27 Mar 27 12:24:57 pawikan sshd[13544]: Illegal user betty from 61.59.143.27 Mar 27 12:25:00 pawikan sshd[13546]: Illegal user henry from 61.59.143.27 Mar 27 12:25:04 pawikan sshd[13749]: Illegal user max from 61.59.143.27 Mar 27 12:25:07 pawikan sshd[14024]: Illegal user nicholas from 61.59.143.27 Mar 27 12:25:11 pawikan sshd[14336]: Illegal user robin from 61.59.143.27 Mar 27 12:25:15 pawikan sshd[14644]: Illegal user system from 61.59.143.27 Mar 27 12:25:18 pawikan sshd[14904]: Illegal user johnny from 61.59.143.27 Mar 27 12:25:22 pawikan sshd[15221]: Illegal user lucy from 61.59.143.27 Mar 27 12:25:26 pawikan sshd[15521]: Illegal user market from 61.59.143.27 Mar 27 12:25:32 pawikan sshd[15673]: Illegal user lp from 61.59.143.27 Mar 27 12:25:37 pawikan sshd[15675]: Illegal user maria from 61.59.143.27 Mar 27 12:25:42
Re: too many illegal connection attempts through ssh
On Wednesday 06 April 2005 00:15, Edwin D. Vinas [EMAIL PROTECTED] wrote: hello, shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? The easiest way to fix this problem most of the time is just change the ssh port to something else, like a high numbered port that's otherwise unassigned. can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? Yes, the best way to deal with this is through the firewall rather than sshd, if you still get people hammering away at your ssh port even after you change it. What are you using? You might want to check in chapter 24 of the handbook ... - jt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: too many illegal connection attempts through ssh
Edwin D. Vinas wrote: hello, shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has My solution is not full proof, but appears to be good enough to stop these bulk attacks on my server. I use a combination of firewall alternative sshd port. For example, in /etc/rc.conf, I have: sshd_enable=YES sshd_flags=-p 22 -p 1234 (choose 1234 whatever alternative port number you prefer) Then add two tcp rules to your firewall: ipfw add allow log tcp from 55.44.33.22/11 to \ ${oip} ssh in via ${oif} setup ipfw add allow log tcp from any to ${oip} 1234 \ in via ${oif} setup where 55.44.33.22/11 represents your, more or less, trusted nearby network, ${oip} your outbound IP and ${oif} your outbound interface (e.g. rl0). I suppose you're familiar enough with firewall rules. These firewall rules allow 'regular' ssh connections only from within your nearby network; all other parties must connect over the alternative port number, 1234 in this example. Regards, Rob. __ Do you Yahoo!? Yahoo! Sports - Sign up for Fantasy Baseball. http://baseball.fantasysports.yahoo.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Viewing DNS cache entries
In the last episode (Apr 05), Martin Petraschek said: On Tue, 5 Apr 2005 10:36:35 -0500, Dan Nelson wrote: In the last episode (Apr 05), Martin Petraschek said: The operating system is caching DNS name resolutions in order to avoid repeated DNS requests for the same hostname. Is it possible to display the entries of that DNS cache? Under Windows, the command ipconfig /displaydns exists, and I would need that functionality under FreeBSD. You can use the rndc dump command, which will create a file that contains all of the currently-cached DNS entries. If you are The rndc command does not exist on my 4.10 box. It was called ndc in bind 8 (which is what comes with 4.*). Anyhow, I am not running a nameserver on this machine. Is this a prequisite for your suggestion to work? Yes; if you are not running a nameserver, then the OS won't cache any DNS entries at all. Every lookup will result in a DNS request to one of the servers listed in /etc/resolv.conf. Maybe you have some static entries in /etc/hosts? That file is checked before DNS; edit /etc/host.conf to change the lookup order. Thank you, Dan. I was not aware of the fact that FreeBSD does not cache DNS entries unless you are running a name server. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPv6 ICMP multicast response
Hi, By default, FreeBSD does not reply to ICMP multicast echo requests. For IPv4 this behaviour can be changed with sysctl net.inet.icmp.bmcastecho=0|1 Is there a similar control for IPv6? Thank you, Martin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: shell question
In article [EMAIL PROTECTED], mrspock (m) writes: m The problem is that I don't want to use the temporary m file that I used above (stdout, stderr, out), I just m want a filter If you want to rearange the output so that all the errors are after all the non errors, then you are going to need storage of some sort. I think that is logically unavoidable. There may be some kind of shuffle you can do with named pipes or something, but those kind of things have limited storage. Any time your command produces more error output than that space can hold, it will be stopped. Since you are not reading that stream until the main output is finished you'd then have a deadlock. -- Mail me as [EMAIL PROTECTED]_O_ | ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
6-CURRENT installation from boot cd
Hi there, I'm looking for a 6-CURRENT bootonly CD image. http://www.freebsd.org/where.html ... tells me the following: If you're interested in a purely experimental snapshot release of FreeBSD-CURRENT (AKA 6.0-CURRENT), aimed at developers and bleeding-edge testers only, then please see the daily snapshot server FTP site. Unfortunately I didn't find an appropriate image there. ftp://current.freebsd.org/pub/FreeBSD/snapshots/i386/ISO-IMAGES/00SNAPSHOTS_CD_README The readme file above, does not mention the 6-CURRENT release and everything on this server looks quite old to me. Am I looking at the wrong place? Where can I find a bootonly cd image which lets me boot with it and download a 6-CURRENT snapshot via FTP? If there does not exist something like that, what is the best and recommended way to install a 6-CURRENT release? (Yes, I want to develop on this machine if someone is going to ask me that.) If someone could point me in the right direction it would be greatly appreciated. Thanks. _ Highlight Viewer - heben Sie von Ihnen gesuchte Wörter auf Webseiten hervor. http://toolbar.msn.ch?DI=165XAPID=2170 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: make nodes for new disk with devfs
# Tetsuji Maverick Rai: Hi, I'm having a problem with devfs in 6-current. I used to use FreeBSD about 7-8 years ago, but since then I've been using Linux, and got back to freebsd these days, and found MAKEDEV has gone!! Jup. My question is simple: how to make nodes in /dev for ad1 slice/partitions? Well, that's the neat thing about devfs: you don't. Once you slice your disks, the respective nodes are created automagically. :) Cheers, Mario ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: too many illegal connection attempts through ssh
Edwin D. Vinas wrote: shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? This question is asked on the list ever so often - see the archives for suggestions. These are automated attacks, they come regularly as crackers, black hats or script kidies scan across the net. You can avoid the automated scanning by chaning port, but this won't stop the determined cracker - he will scan all your ports and identify which services are running on which ports. Ask yourself a few questions: * Do you need to allow ssh from anywhere? If not, restrict to the relevant ip blocks. * Do you need to allow password based authentication? If not, disable it and use only ssh keys, in sshd_config: PasswordAuthentication no PubkeyAuthentication yes * Do all users need to have ssh access? If not, restrict to specific groups of users, in sshd_config, eg: AllowGroups staff * Is it a problem appart from the log messages? Trying to login with a nonexistent username is usually not a problem. Other tips: Disable ssh1, reduce the number of simultaneous non-authen- ticated connections, set timeouts etc. Cheers, Erik -- Ph: +34.666334818 web: http://www.locolomo.org S/MIME Certificate: http://www.locolomo.org/crt/2004071206.crt Subject ID: A9:76:7A:ED:06:95:2B:8D:48:97:CE:F2:3F:42:C8:F2:22:DE:4C:B9 Fingerprint: 4A:E8:63:38:46:F6:9A:5D:B4:DC:29:41:3F:62:D3:0A:73:25:67:C2 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: dummynet problems
I don't use dummynet myself, but surely it would be easier to help you if you described what the actual problem is? Well, actual problem description: FreeBSD-5.3 router; rl0 - internal interface rl1 - external. rl1 is connected to ADSL modem from provider; The link bandwidth is 64kbps. ${fwcmd} -f flush ${fwcmd} -f pipe flush ${fwcmd} pipe 1 config bw 64Kbit/s queue 10KBytes ${fwcmd} queue 4 config pipe 1 weight 1 mask dst-ip 0x buckets 10 queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 780 queue 4 log logamount 10 tcp from any to 192.168.0.30/32 out via rl0 ${fwcmd} queue 10 config pipe 1 weight 100 mask dst-ip 0x queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 790 queue 10 log logamount 10 tcp from any to 192.168.0.99/32 out via rl0 ${fwcmd} queue 25 config pipe 1 weight 30 mask dst-ip 0x buckets 15 queue 10 gred 0.002/7/21/0.1 ${fwcmd} queue 20 config pipe 1 weight 100 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} queue 30 config pipe 1 weight 20 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} queue 40 config pipe 1 weight 10 mask dst-ip 0x buckets 100 queue 9 gred 0.002/7/21/0.1 ${fwcmd} add 891 queue 20 log logamount 10 tcp from any 5190 to 192.168.0.1/25 out via rl0 ${fwcmd} add 892 queue 25 log logamount 10 tcp from any to 192.168.0.6 out via rl0 ${fwcmd} add 893 queue 25 log logamount 10 tcp from any to 192.168.0.29 out via rl0 ${fwcmd} add 894 queue 25 log logamount 10 tcp from any to 192.168.0.62 out via rl0 ${fwcmd} add 895 queue 25 log logamount 10 tcp from any to 192.168.0.27 out via rl0 ${fwcmd} add 898 queue 30 log logamount 10 tcp from any 25,110,43,53,119,123,143,953 to 192.168.0.1/25{1-3,5,7-26,28,31-61,63-98,100} out via rl0 ${fwcmd} add 897 queue 40 log logamount 10 tcp from any 80,443,3128,21,20 to 192.168.0.1/25{1-3,5,7-26,28,31-61,63-98,100} out via rl0 ipfw pipe show: 1: 99.000 Kbit/s0 ms 10 KB 0 queues (1 buckets) droptail mask: 0x00 0x/0x - 0x/0x q4: weight 1 pipe 19 sl. 1 queues (10 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 2 ip 0.0.0.0/0192.168.0.30/0 2198 1821083 00 43 q00010: weight 100 pipe 19 sl. 1 queues (64 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 51 ip 0.0.0.0/0192.168.0.99/09 813 00 0 q00020: weight 100 pipe 19 sl. 13 queues (100 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 2 ip 0.0.0.0/0192.168.0.30/0 42 6662 00 0 5 ip 0.0.0.0/0 192.168.0.1/0 36 6054 00 0 13 ip 0.0.0.0/0 192.168.0.9/0 37 5021 00 0 15 ip 0.0.0.0/0192.168.0.11/0 6116333 00 0 25 ip 0.0.0.0/0192.168.0.53/0 23 3463 00 0 29 ip 0.0.0.0/0192.168.0.85/0 20123807 00 0 33 ip 0.0.0.0/0192.168.0.61/0 65 6704 00 0 34 ip 0.0.0.0/0192.168.0.62/0 16639971 00 0 38 ip 0.0.0.0/0192.168.0.94/0 36 7726 00 0 39 ip 0.0.0.0/0192.168.0.35/0 15162681 00 0 47 ip 0.0.0.0/0192.168.0.71/0 20717475 00 0 88 ip 0.0.0.0/0192.168.0.16/0 25 4751 00 0 98 ip 0.0.0.0/0192.168.0.26/0 44 8235 00 0 q00025: weight 30 pipe 1 10 sl. 2 queues (15 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 5 ip 0.0.0.0/0 192.168.0.6/0 1093 518028 00 51 14 ip 0.0.0.0/0192.168.0.62/0 3604 2254945 4 3098 50 q00030: weight 20 pipe 19 sl. 8 queues (100 buckets) GRED w_q 0.001999 min_th 7 max_th 21 max_p 0.01 mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 15 ip 0.0.0.0/0192.168.0.11/0 20 1081 00 0 33 ip 0.0.0.0/0192.168.0.61/0 14224203 00 0 38 ip 0.0.0.0/0192.168.0.94/0 21 1008 00 0 39 ip 0.0.0.0/0192.168.0.35/0 21 3090 00 0 53 ip 0.0.0.0/0192.168.0.77/0 848
Re: Unusual dmesg output
Hi Chuck On 06 apr 2005, at 02:22, Chuck Teal wrote: I saw this roll by the screen on bootup. It came up 2X during the boot up process. What does it mean? It is something to be worried about? I had this too some times ago when i first started playing with sysctl settings set at boot time I think i had: sysctl kermaxfiles=2448 in /etc/sysctl.conf in stead of just: kermaxfiles=2448 this sysctl command will show all these settings at the time of boot. You probably have something similar. Arno I have not noticed any problems with my system. It just bothers me not knowing what this is about. Here is a portion of the output. 534 numposzaps R *Handler 535 numposhits R *Handler 536 numnegzaps R *Handler 537 numneghits R *Handler 538 nchstats R *Handler Opaque/struct 543 numcwdcalls R *Handler 544 numcwdfail1 R *Handler 545 numcwdfail2 R *Handler 546 numcwdfail3 R *Handler 547 numcwdfail4 R *Handler 548 numcwdfound R *Handler 550 numfullpathcalls R *Handler 551 numfullpathfail1 R *Handler 552 numfullpathfail2 R *Handler 553 numfullpathfail3 R *Handler 554 numfullpathfail4 R *Handler 555 numfullpathfound R *Handler 556 write_behind RW *Handler Int 557 read_max RW *Handler Int 558 opv_numops R *Handler Int 559 usermount RW *Handler Int 561 numvnodes R *Handler 562 wantfreevnodes RW *Handler 563 freevnodes R *Handler 564 reassignbufcalls RW *Handler Int 565 nameileafonly RW *Handler Int 572 timestamp_precision RW *Handler Int 573 worklist_len R *Handler Int 574 conflist R *Handler 575 ctl W *Handler 685 ffs RW Node 1 adjrefcnt W *Handler Opaque/struct 2 adjblkcnt W *Handler Node 3 freeblks W *Handler Node 4 freedirs W *Handler Node 5 freefiles W *Handler Node 6 setflags W *Handler Node 686 doasyncfree RW *Handler Int 687 doreallocblks RW *Handler Int 4 net RW Node 1 local RW Node 1 stream RW Node 483 sendspace RW *Handler Int 484 recvspace RW *Handler Int 489 pcblist R *Handler 2 dgram RW Node 485 maxdgram RW *Handler Int 486 recvspace RW *Handler Int 488 pcblist R *Handler 487 inflight R *Handler Int 2 inet RW Node 0 ip RW Node 0 portrange RW Node 605 lowfirst RW *Handler Int 606 lowlast RW *Handler Int 607 first RW *Handler Int 608 last RW *Handler Int 609 hifirst RW *Handler Int 610 hilast RW *Handler Int 611 reservedhigh RW *Handler Int 612 reservedlow RW *Handler Int 613 randomized RW *Handler Int 1 forwarding RW *Handler Int 2 redirect RW *Handler Int 3 ttl RW *Handler Int 5 rtexpire RW *Handler Int 6 rtminexpire RW *Handler Int 7 rtmaxcache RW *Handler Int 8 sourceroute RW *Handler Int 10 intr_queue_maxlen RW *Handler Int 11 intr_queue_drops R *Handler Int 12 stats RW *Handler Opaque/struct 13 accept_sourceroute RW *Handler Int 15 keepfaith RW *Handler Int 16 gifttl RW *Handler Int 604 subnets_are_local RW *Handler Int 614 fastforwarding RW *Handler Int 621 process_options RW *Handler Int 622 maxfragpackets RW *Handler Int 623 maxfragsperpacket RW *Handler Int 624 sendsourcequench RW *Handler Int 625 random_id RW *Handler Int 626 check_interface RW *Handler Int 1 icmp RW Node 1 maskrepl RW *Handler Int 2 stats RW *Handler Opaque/struct 3 icmplim RW *Handler Int 615 maskfake RW *Handler 616 drop_redirect RW *Handler Int 617 log_redirect RW *Handler Int 618 icmplim_output RW *Handler Int 619 reply_src RW *Handler String 620 bmcastecho RW *Handler Int 2 igmp RW Node 1 stats RW *Handler Opaque/struct 6 tcp RW Node 1 rfc1323 RW *Handler Int 2 rfc1644 RW *Handler Int 3 mssdflt RW *Handler Int 4 stats RW *Handler Opaque/struct 6 keepidle RW *Handler Int 7 keepintvl RW *Handler Int 8 sendspace RW *Handler Int 9 recvspace RW *Handler Int 10 keepinit RW *Handler Int 11 pcblist R *Handler 12 delacktime RW *Handler Int 13 v6mssdflt RW *Handler Int 630 hostcache RW Node 631 cachelimit R *Handler Int 632 hashsize R *Handler Int 633 bucketlimit R *Handler Int 634 count R *Handler Int 635 expire RW *Handler Int 636 purge RW *Handler Int 637 list R *Handler String 638 log_in_vain RW *Handler Int 639 blackhole RW *Handler Int 640 delayed_ack RW *Handler Int 641 rfc3042 RW *Handler Int 642 rfc3390 RW *Handler Int 643 reass RW Node 644 maxsegments R *Handler Int 645 cursegments R *Handler Int 646 maxqlen RW *Handler Int 647 overflows R *Handler Int 648 path_mtu_discovery RW *Handler Int 649 slowstart_flightsize RW
difficulty installing 5.3-R i386
Hi all, I have an old old pentium, scsi HDD + floppy + CDROM, 16 MB of somewhat dubious ram... I have 5.3R CDs 1 and 2 I have 3 seemingly working floppies (after writing to 6 disks... ofcourse!) boot goes like this... boot disk. kern1 kern2 boot boot screen with about 8 options, none of which seem to be the installation option... then reboots back to floppy... I do not seem to have a way of getting to sysinstall!!! -- ## Paul van den Bergen, # Gabrielle Harrison # # # Anja van den Bergen # # 848 High Street Rd ## Glen Waverley VIC 3150 Australia # ## [EMAIL PROTECTED] # # ph: +613 9886 3160 # mob: 042 886 3160 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: difficulty installing 5.3-R i386
On Wed, Apr 06, 2005 at 09:29:02PM +1000, Gabrielle Harrison Paul van den Bergen wrote: Hi all, I have an old old pentium, scsi HDD + floppy + CDROM, 16 MB of somewhat dubious ram... I don't think 16MB RAM is enough to install 5.x You probably need to increase the RAM. I have 5.3R CDs 1 and 2 I have 3 seemingly working floppies (after writing to 6 disks... ofcourse!) boot goes like this... boot disk. kern1 kern2 boot boot screen with about 8 options, none of which seem to be the installation option... then reboots back to floppy... I do not seem to have a way of getting to sysinstall!!! -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: [PATCH TO TEST] VESA [1024x768] mode support for FreeBSD-CURRENT
Hi, I've updated the vidcontrol sources to those in the current cvs and was able to compile and install the patch on stable. High resolution console is fantastic have 1400x1050 (MODE_322) on my laptop now. I get an pfctl -sa, on one screen ... amazing :-)) It does make freebsd so much better ... I would be great to integrate these patches in future releases, please! The mouse actually works without problem in the console but I've a small mouse bug after a reboot. I assume the /etc/rc.d/mouse script needs a tiny patch. After a reboot and while launching the different services/daemon, there are about 10 lines of vidcontrol errors. Here a sample output: vidcontrol: showing the mouse: invalid argument Is there a patch available for the rc.d mouse script? Thank you Didier I believe Didier used broken vidcontrol.c file. The patch was for current and needs to be applied to clean vidcontrol.c ver 1.48. It works for me (on CURRENT anyways). Michal ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: difficulty installing 5.3-R i386
On Wed, 06 Apr 2005 15:34:01 +0400, Erik Trulsson [EMAIL PROTECTED] wrote: I have an old old pentium, scsi HDD + floppy + CDROM, 16 MB of somewhat dubious ram... I don't think 16MB RAM is enough to install 5.x You probably need to increase the RAM. strange, i've got the same error and it was gone after adding another 8 mb of ram after install i removed them back and system works on 16 mb without errors. is this normal? -- Best Regards, Michael ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: suspending login
On Tue, 2005-04-05 at 18:50 -0400, Ean Kingston wrote: On April 5, 2005 06:42 pm, Bob Ababurko wrote: Hello all- I am trying to figure out how to suspend a login for a user. Do I have to do this with password aging or is there an easier(read brute force) way to disallow a user from logging in? the safest way is to set the shell to /sbin/nologin and the home directory to /nonexistant in your auth system. The latter is especially needed if you allow ssh for remote login since the public-key authentication mechanisms sometimes bypass the normal login restrictions. Am I mistaken here, or will doing that only deny the user a shell and home directory? The user will still be able to authenticate against the password database right? To the best of my knowledge the correct way of doing this is either the asterisk method in the password field using vipw or the more user friendly way of using pw(8) with the lock command. Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
image: ive got your os right here?
i realize this is a bit of a trivial and semi-topical trivial post and I apologize, but does anyone remember seeing a image of a parody of the Rosie the Riveter posters that had been converted to a bsd promo with something like I've got your os right here! Does anyone happen to have this image saved somewhere?? I remember seeing it somewhere and haven't been able to find it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: difficulty installing 5.3-R i386
On Wed, Apr 06, 2005 at 03:47:32PM +0400, Michael Lednev wrote: On Wed, 06 Apr 2005 15:34:01 +0400, Erik Trulsson [EMAIL PROTECTED] wrote: I have an old old pentium, scsi HDD + floppy + CDROM, 16 MB of somewhat dubious ram... I don't think 16MB RAM is enough to install 5.x You probably need to increase the RAM. strange, i've got the same error and it was gone after adding another 8 mb of ram after install i removed them back and system works on 16 mb without errors. is this normal? Yes, that is normal. After installation you have got a swap configured and the system can use it if the physical RAM is not sufficient. During installation you do not have any swap available and therefore the RAM must be large enough to fit everything in it at once. If you really wanted to you could almost certainly *run* (but not install) 5.3 with only 8 MB RAM (at least if you had a customized kernel) but I wouldn't recommend it. -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: difficulty installing 5.3-R i386
On Wed, 06 Apr 2005 16:27:21 +0400, Erik Trulsson [EMAIL PROTECTED] wrote: Yes, that is normal. After installation you have got a swap configured and the system can use it if the physical RAM is not sufficient. During installation you do not have any swap available and therefore the RAM must be large enough to fit everything in it at once. If you really wanted to you could almost certainly *run* (but not install) 5.3 with only 8 MB RAM (at least if you had a customized kernel) but I wouldn't recommend it. that's not completely true. when i ran install on 16 mb system rebooted at boot loader start (i didn't saw beastie :) ), and after install it loads ok -- Best Regards, Michael ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6-CURRENT installation from boot cd
Manuel Manuel wrote: Hi there, I'm looking for a 6-CURRENT bootonly CD image. http://www.freebsd.org/where.html ... tells me the following: If you're interested in a purely experimental snapshot release of FreeBSD-CURRENT (AKA 6.0-CURRENT), aimed at developers and bleeding-edge testers only, then please see the daily snapshot server FTP site. Unfortunately I didn't find an appropriate image there. ftp://current.freebsd.org/pub/FreeBSD/snapshots/i386/ISO-IMAGES/00SNAPSHOTS_CD_README The readme file above, does not mention the 6-CURRENT release and everything on this server looks quite old to me. Am I looking at the wrong place? Where can I find a bootonly cd image which lets me boot with it and download a 6-CURRENT snapshot via FTP? If there does not exist something like that, what is the best and recommended way to install a 6-CURRENT release? (Yes, I want to develop on this machine if someone is going to ask me that.) If someone could point me in the right direction it would be greatly appreciated. Thanks. You need to subscribe to the FreeBSD-Current list for questions like this. Next, on the FBSD site, on the right side, seek Snapshot Releases. It only takes a little thinking and reading of the site. -- Best regards, Chris If there are only two shows worth watching, they will be on together. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 6-CURRENT installation from boot cd
Manuel Manuel wrote: Hi there, I'm looking for a 6-CURRENT bootonly CD image. http://www.freebsd.org/where.html ... tells me the following: If you're interested in a purely experimental snapshot release of FreeBSD-CURRENT (AKA 6.0-CURRENT), aimed at developers and bleeding-edge testers only, then please see the daily snapshot server FTP site. Unfortunately I didn't find an appropriate image there. ftp://current.freebsd.org/pub/FreeBSD/snapshots/i386/ISO-IMAGES/00SNAPSHOTS_CD_README The readme file above, does not mention the 6-CURRENT release and everything on this server looks quite old to me. Am I looking at the wrong place? Where can I find a bootonly cd image which lets me boot with it and download a 6-CURRENT snapshot via FTP? If there does not exist something like that, what is the best and recommended way to install a 6-CURRENT release? (Yes, I want to develop on this machine if someone is going to ask me that.) If someone could point me in the right direction it would be greatly appreciated. Thanks. But - in answer to you, and via what I posted: ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/Mar_2005/ See? It's not hard if you simply read. -- Best regards, Chris Before ordering a test decide what you will do if it is, (1) positive, or (2) negative. If both answers are the same, don't do the test. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ad* read errors
since i updated the ports/src/kernel 2 days ago i have had the followings error splague me .. are these related or am i looking at hdd failure ? ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=1519103 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=5266559 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=5266559 ad0: FAILURE - READ_DMA timed out ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=15383527 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=1484415 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=25769279 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=5126031 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=25089095 ad0: TIMEOUT - READ_DMA retrying (2 retries left) LBA=26332807 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=26332807 ad0: TIMEOUT - WRITE_DMA retrying (2 retries left) LBA=115046303 ad1: TIMEOUT - READ_DMA retrying (2 retries left) LBA=189786975 -- Yours Sincerely Shinjii http://www.shinji.nq.nu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Procmail: how to deliver email over an ssh-tunnel to my smtp server.
Rob wrote: Hello, I'm having 4.11 and 5.3 FreeBSD PCs. All incoming email arrives through fetchmail (using imap protocol). I then filter all email with procmail, which is configured such that it trashes spam, or delivers to local mailbox, or forwards to another external address. For external delivery, I have set up an ssh tunnel to my smtp server: ssh -N -f -L 2525:localhost:25 smtp.server.it What do I have to do next, to have the delivery work properly? Can I tell procmail to push the email directly onto the port 2525 of the ssh tunnel? Or do I have to reconfigure sendmail for this? (sendmail reconfiguration info looks like a nightmare to me though). Do I have other options? I'll answer my own question here, just for the record. Use msmtp, which is highly configurable, for example defining its own outgoing port. In the .procmailrc file I only need to add: :0 | /usr/local/bin/msmtp [EMAIL PROTECTED] to forward the email with msmtp, over my own ssh tunnel port. Works like a charm. Rob. __ Yahoo! Messenger Show us what our next emoticon should look like. Join the fun. http://www.advision.webevents.yahoo.com/emoticontest ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: .iso
bertybadboy wrote: Which .iso files do i download and burn onto a cd? I was all set with a big explanation of what the ISOs were, and to complain that there wasn't a nice, easy to find, concise description in the handbook, when I actually looked for it and found it with no problem. The place to start, of course, when installing FreeBSD is Chapter Two in the handbook, entitled, appropriately enough, Installing FreeBSD: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install.html As part of section 2.2, Pre-installation Tasks, there is section 2.2.6 Obtain the FreeBSD Installation Files. And it points you to section 2.13 Preparing Your Own Installation Media: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-diff-media.html And that has an excellent and concise description of the ISO files. The gist of that is you should download the -miniinst version (not the -mini version as described in the handbook) if you have a fast internet connection and want to install the packages online, or the -disc1 version if you want to have a CD with it prepackage. The biggest advantage to using the miniinst version is that you are sure to get the latest version of the package, while the -disc1 version is what was available when the ISO was created. Hope this helps. -- Jonathan Arnold (mailto:[EMAIL PROTECTED]) Daemon Dancing in the Dark, a FreeBSD weblog: http://freebsd.amazingdev.com/blog/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: suspending login
What you need is nologin(5). Check nologin(5) and nologin(8) man pages. As the nologin(8) man page says: To disable all logins, investigate nologin(5) David On April 5, 2005 06:42 pm, Bob Ababurko wrote: Hello all- I am trying to figure out how to suspend a login for a user. Do I have to do this with password aging or is there an easier(read brute force) way to disallow a user from logging in? -- David Robillard UNIX systems administrator [EMAIL PROTECTED] Notarius (TSIN) Inc. 465, rue St-Jean, suite 200 Montreal, Quebec, H2Y 2R6 Tel. : +1 514 966 0122 Fax. : +1 514 281 1226 http://www.notarius.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: vesa 1024x768 mode in future version? to the freebsd community
Hello, Yes, I do agree that stability is the major argument for not using it. But isn't it worth to have a high resolution console on freebsd? Sorry, to be a bit self-confident ;-) but I'm rather sure that hundreds/thousands of freebsd would use it (on laptop, workstation and servers) if there would be an available solid implementation. One of the main arguments I've always reread, is, when you are physically at the console and require high definition consoles, use X. On servers, security is the main factor and of course stability is part of good security. I personally don't tend to install X on servers, I'm sure there are other much better freebsd admins than me that don't install X on servers. Most security-related paper do not recommand to install X (and compilers of course etc). So at least on these kind of servers a high resolution (and of course) stable/solid console would be a real step forward for freebsd. In my NON-specialist opinion, comparing to linux distributions, it is the only main feature that bsd lacks. I personally don't like linux (but this is another discussion) but I've always missed the higher definition consoles on freebsd and/or even openbsd. Didier -Original Message- From: Robert Backhaus [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 06, 2005 14:59 To: Didier Wiroth Cc: freebsd-current@freebsd.org Subject: Re: vesa 1024x768 mode in future version? to the freebsd community On Apr 6, 2005 5:12 AM, Didier Wiroth [EMAIL PROTECTED] wrote: I was wondering if the patches (see link below) have any chances to make their ways into a future release version or may be in the ports collection? I agree that it would make life more enjoyable for some people, but the console is increasingly a fail-safe debugging/configuring interface, as more people use X for any work. Yes, I would use it myself in places, especially laptops, but I would not like it there if it possibly made the console less stable. It would want to be very well tested. I'd slate it for 6.Stable, when it occours. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Bourn Shell Scripts that Produce Multiple Files
Mario Hoerich writes: This sounds a bit like a truncation issue. If you do something like command1 bar # some code command2 bar then the second redirect will truncate the file to 0 bytes before redirecting the output from command2 into it. Yes. My code was very similar to what you describe only more like: command1 bar #some code command2 bar2 #should leave bar alone and open bar2 #Instead, bar and bar2 both end up empty of anything. Try using instead of , as it appends to the file. What's sad is, I think I tried that but forgot to remove some older versions of the same files created by a less elegant method so it looked like the new files had too many lines in them and I figured that appending didn't work either. I should have cleaned house first and things would have been fine. Appending did solve the problem. If this doesn't help, please post the script (or a simplified version thereof). We're not clairvoyant, you know... :) Here is the simplified origin of the problem: #! /bin/sh searchfor () { #line of awk that produces standard output return 0 } while read currentnumber; do #This line does work according to your suggestion. searchfor $currentnumber.txt #This line was what I had which opens new files but never fills them: #searchfor $currentnumber.txt done ~/numbers The value held in $currentnumber.txt changes with each loop iteration so we should be writing to bar2, bar3, etc and leaving bar1 alone. It apparently does not work that way. It reminds me of what happens in C if a program ends without closing an open file for whatever reason. The buffer never gets emptied so the file is left either empty or partially filled depending upon luck and how much data got written to the disk before the abnormal end. My short-term problem is solved so thanks again, but it appears that even opening new files without appending them confuses the shell on previously-opened files such that you do not receive any data in any of the files. Martin McCormick WB5AGZ Stillwater, OK OSU Information Technology Division Network Operations Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
WLAN card -- chip used list
dear list, i once came across a list on the web (i think maintained by the linux community) which listed the chip used on the wireless cards on the market. unfortunatelly i cannot remember the url ... can someone help me? TIA zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: too many illegal connection attempts through ssh
Am Mittwoch, 6. April 2005 12:07 schrieb Erik Nørgaard: Edwin D. Vinas wrote: shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? This question is asked on the list ever so often - see the archives for suggestions. These are automated attacks, they come regularly as crackers, black hats or script kidies scan across the net. Does anybody know what robots beeing used? And on what systems? All you mention later in your posting is true of course and I needn't care about these logs, but it's like like somebody unknown puts 10 flyers in your letterbox every night. I'm sure, one night you'll hide and build a trap for that person. I'm too lazy to enter those net-circles for finding these robots, but maybe some other has already done that? -Harry You can avoid the automated scanning by chaning port, but this won't stop the determined cracker - he will scan all your ports and identify which services are running on which ports. Ask yourself a few questions: * Do you need to allow ssh from anywhere? If not, restrict to the relevant ip blocks. * Do you need to allow password based authentication? If not, disable it and use only ssh keys, in sshd_config: PasswordAuthentication no PubkeyAuthentication yes * Do all users need to have ssh access? If not, restrict to specific groups of users, in sshd_config, eg: AllowGroups staff * Is it a problem appart from the log messages? Trying to login with a nonexistent username is usually not a problem. Other tips: Disable ssh1, reduce the number of simultaneous non-authen- ticated connections, set timeouts etc. Cheers, Erik pgpo6V3WWtJqM.pgp Description: PGP signature
docs
Hi, I have a number of machines running FreeBSD and I would like to create a local mirror of the documentation available on the FreeBSD website. My problem is that I currently have a dial up connection (rural living :-) Is there a simple way to obtain a tarball of a mirror of the docs so that I can access the docs via a browser on my machine. I will have access to high speed for a couple of days next week so I would like to grab the info then. Better yet would be if the info is available via something like offline explorer so that I could set it to only grab updates on a regular basis. Any tips or suggestions would be greatly appreciated don ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
About MBR
Hi all, Can you tell me if FreeBSD boot manager is able to manage darwin partitions? thanks --- The man who follows the crowd will usually get no further than the crowd. The man who walks alone is likely to find himself in places no one has ever been. (Alan Ashley-Pitt) Luigi Iannone - Laboratoire D'Informatique Paris 6 Address: 8, rue du Cap. Scott 75015 Paris (France) e.mail: [EMAIL PROTECTED] Tel: +33 (0)1 44 27 71 28 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: docs
On 2005-04-06 11:14, Don Kuzenko [EMAIL PROTECTED] wrote: Hi, I have a number of machines running FreeBSD and I would like to create a local mirror of the documentation available on the FreeBSD website. My problem is that I currently have a dial up connection (rural living :-) Is there a simple way to obtain a tarball of a mirror of the docs so that I can access the docs via a browser on my machine. If you only need HTML docs, I can build you a snapshot with a couple of formats, like FORMATS=html html-split, and upload it somewhere where you can grab it at your leisure. If you prefer copying the files yourself, you can recursively retrieve a copy of /pub/FreeBSD/doc/en_US.ISO8859-1 from one of the FTP mirrors. - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[Fwd: Re: WLAN card -- chip used list]
On behalf of Ben Pratt: I have no idea how current/accurate the list is but I just found one that's fairly long here: http://www.linux-wlan.org/docs/wlan_adapters.html.gz Also, this probably won't get to the list because my mail server isn't set up for reverse lookup so could you please forward it on? Thanks, Ben FreeBSD Deamon wrote: dear list, i once came across a list on the web (i think maintained by the linux community) which listed the chip used on the wireless cards on the market. unfortunatelly i cannot remember the url ... can someone help me? TIA zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: too many illegal connection attempts through ssh
On Wednesday 06 April 2005 06:58, Emanuel Strobl [EMAIL PROTECTED] wrote: Am Mittwoch, 6. April 2005 12:07 schrieb Erik Nørgaard: Edwin D. Vinas wrote: shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? This question is asked on the list ever so often - see the archives for suggestions. These are automated attacks, they come regularly as crackers, black hats or script kidies scan across the net. Does anybody know what robots beeing used? And on what systems? All you mention later in your posting is true of course and I needn't care about these logs, but it's like like somebody unknown puts 10 flyers in your letterbox every night. I'm sure, one night you'll hide and build a trap for that person. I'm too lazy to enter those net-circles for finding these robots, but maybe some other has already done that? It's painfully easy to write a script which checks for the existence of ssh on all the IPs in an IP block, at least if all you're checking is port 22. A lot of these guys just write a bot which does that and sends the live IPs back to someone, either the originator or another bot, which then will do things like dictionary attack each one. You have tools in ports which can serve as the vehicle to do this - nmap is an oldie but a goodie. Don't misunderstand - it's also a security tool. This type of attack is pretty old, actually, it's just now more people are online on bigger pipes, so there are thousands (millions?) of zombied computers due to the more recent trojan horses and worms which are unwitting accomplices to this sort of thing. It's much harder to trace now. All you need is a bunch of zombies, maybe a proxy or three and an irc bot. You have a massive scanning machine with quite a bit of distributed computing power, which isn't easily traceable. The way to avoid it is to not be an obvious target, and not allow password logins at all. - jt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: difficulty installing 5.3-R i386
Michael Lednev wrote: On Wed, 06 Apr 2005 16:27:21 +0400, Erik Trulsson [EMAIL PROTECTED] wrote: Yes, that is normal. After installation you have got a swap configured and the system can use it if the physical RAM is not sufficient. During installation you do not have any swap available and therefore the RAM must be large enough to fit everything in it at once. If you really wanted to you could almost certainly *run* (but not install) 5.3 with only 8 MB RAM (at least if you had a customized kernel) but I wouldn't recommend it. that's not completely true. when i ran install on 16 mb system rebooted at boot loader start (i didn't saw beastie :) ), and after install it loads ok I think you misunderstood. In order to get sysinstall and the kernel from the install floppies up, modules and all, you need greater than 16MB system RAM. The Doc team was in the process of addressing this in the documentation recently, but I've not read the update doc yet, so I don't know if it's been done.* Erik's point is that an *installed* system could be slimmed down to the point of possibly working with 8MB system RAM by configuring and building a very tiny *custom* kernel. I'm not sure really who'd want to do that ... perhaps for some type of embedded system? Anyway, if the docs haven't been updated, it needs to be known that you need more than 16MB RAM to run the FreeBSD installer for versions = 5.3-RELEASE. For reference, see PR docs/77304. Kevin Kinsey * Looks like it has, see bmah's commit note ref: same PR... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IBM eServer 346 ServeRaid is too slow
Hi List I've got Subj and FreeBSD-5.4PRE on it. But RAID0 is too slow: [EMAIL PROTECTED]:eugene# dd if=/dev/zero of=/var/tmp/1 bs=1m count=100 100+0 records in 100+0 records out 104857600 bytes transferred in 31.949508 secs (3281979 bytes/sec) Also what does the following mean? Interrupt storm detected on irq16: bge0 bge1+; throttling interrupt Kernel boot messages: Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 5.4-PRERELEASE #3: Wed Apr 6 17:46:08 MSD 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/BETA Timecounter i8254 frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 3.00GHz (3000.13-MHz 686-class CPU) Origin = GenuineIntel Id = 0xf34 Stepping = 4 Features=0xbfebfbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE real memory = 3221016576 (3071 MB) avail memory = 3153862656 (3007 MB) ACPI APIC Table: IBMSERONYXP FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs cpu0 (BSP): APIC ID: 0 cpu1 (AP): APIC ID: 6 ioapic2 Version 2.0 irqs 48-71 on motherboard ioapic1 Version 2.0 irqs 24-47 on motherboard ioapic0 Version 2.0 irqs 0-23 on motherboard npx0: math processor on motherboard npx0: INT 16 interface acpi0: IBM SERONYXP on motherboard acpi_bus_number: can't get _ADR acpi_bus_number: can't get _ADR acpi0: Power Button (fixed) acpi_bus_number: can't get _ADR acpi_bus_number: can't get _ADR Timecounter ACPI-fast frequency 3579545 Hz quality 1000 acpi_timer0: 24-bit timer at 3.579545MHz port 0x588-0x58b on acpi0 cpu0: ACPI CPU on acpi0 cpu1: ACPI CPU on acpi0 pcib0: ACPI Host-PCI bridge on acpi0 pci0: ACPI PCI bus on pcib0 pci0: unknown at device 0.1 (no driver attached) pcib1: ACPI PCI-PCI bridge at device 2.0 on pci0 pci2: ACPI PCI bus on pcib1 pcib2: ACPI PCI-PCI bridge at device 4.0 on pci0 pci3: ACPI PCI bus on pcib2 pcib3: ACPI PCI-PCI bridge at device 0.0 on pci3 pci4: ACPI PCI bus on pcib3 mpt0: LSILogic 1030 Ultra4 Adapter port 0x4000-0x40ff mem 0xcffe-0xcffe,0xcfff-0xcfff irq 28 at device 1.0 on pci4 pcib4: ACPI PCI-PCI bridge at device 0.2 on pci3 pci5: ACPI PCI bus on pcib4 pcib5: ACPI PCI-PCI bridge at device 6.0 on pci0 pci6: ACPI PCI bus on pcib5 bge0: Broadcom BCM5721 Gigabit Ethernet, ASIC rev. 0x4001 mem 0xcdff-0xcdff irq 16 at device 0.0 on pci6 miibus0: MII bus on bge0 brgphy0: BCM5750 10/100/1000baseTX PHY on miibus0 brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto bge0: Ethernet address: 00:0d:60:9a:8d:08 pcib6: ACPI PCI-PCI bridge at device 7.0 on pci0 pci7: ACPI PCI bus on pcib6 bge1: Broadcom BCM5721 Gigabit Ethernet, ASIC rev. 0x4001 mem 0xcbff-0xcbff irq 16 at device 0.0 on pci7 miibus1: MII bus on bge1 brgphy1: BCM5750 10/100/1000baseTX PHY on miibus1 brgphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 1000baseTX-FDX, auto bge1: Ethernet address: 00:0d:60:9a:8d:09 pci0: base peripheral at device 8.0 (no driver attached) uhci0: Intel 82801EB (ICH5) USB controller USB-A port 0x2200-0x221f irq 16 at device 29.0 on pci0 usb0: Intel 82801EB (ICH5) USB controller USB-A on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: Intel 82801EB (ICH5) USB controller USB-B port 0x2600-0x261f irq 19 at device 29.1 on pci0 usb1: Intel 82801EB (ICH5) USB controller USB-B on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered ehci0: EHCI (generic) USB 2.0 controller mem 0xf000-0xf3ff irq 23 at device 29.7 on pci0 ehci_pci_attach: companion usb0 ehci_pci_attach: companion usb1 usb2: EHCI version 1.0 usb2: companion controllers, 2 ports each: usb0 usb1 usb2: EHCI (generic) USB 2.0 controller on ehci0 usb2: USB revision 2.0 uhub2: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub2: single transaction translator uhub2: 4 ports with 4 removable, self powered pcib7: ACPI PCI-PCI bridge at device 30.0 on pci0 pci1: ACPI PCI bus on pcib7 drm0: ATI Radeon QY RV100 7000/VE port 0x3000-0x30ff mem 0xdfff-0xdfff,0xd000-0xd7ff irq 16 at device 1.0 on pci1 info: [drm] Initialized radeon 1.11.0 20020828 on minor 0 isab0: PCI-ISA bridge at device 31.0 on pci0 isa0: ISA bus on isab0 atapci0: Intel ICH5 SATA150 controller port 0x480-0x48f,0x376,0x170-0x177,0x3f6,0x1f0-0x1f7 at device 31.2 on pci0 ata0: channel #0 on atapci0 ata1: channel #1 on atapci0 ichsmb0: Intel 82801EB (ICH5) SMBus controller port 0x440-0x45f irq 17 at device 31.3 on pci0 smbus0: System Management Bus on ichsmb0 smb0: SMBus generic I/O on smbus0 atkbdc0: Keyboard controller (i8042) port 0x60,0x64 irq 1 on acpi0 atkbd0: AT Keyboard irq 1 on atkbdc0 atkbd: unable to set the command byte. kbd0 at
Owner permissions suddenly set to -x, possible compromise?
Hi! I came in the morning and discovered that the file permissions on every cgi I have on my webserver had been set to u-x,go+x. This seems to have changed at about 4:30a this morning. I'm a bit worried by this, as I can't think of anything that would cause this, and there's nothing in any of the log files that would explain it. Has anyone run into this before? Can you direct me to a place I might find more information on it? A quick google search on owner cannot exec didn't turn up anything... Thanks, Ricky ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: docs
Giorgos Keramidas [EMAIL PROTECTED] writes: On 2005-04-06 11:14, Don Kuzenko [EMAIL PROTECTED] wrote: Hi, I have a number of machines running FreeBSD and I would like to create a local mirror of the documentation available on the FreeBSD website. My problem is that I currently have a dial up connection (rural living :-) Is there a simple way to obtain a tarball of a mirror of the docs so that I can access the docs via a browser on my machine. If you only need HTML docs, I can build you a snapshot with a couple of formats, like FORMATS=html html-split, and upload it somewhere where you can grab it at your leisure. If you prefer copying the files yourself, you can recursively retrieve a copy of /pub/FreeBSD/doc/en_US.ISO8859-1 from one of the FTP mirrors. I think the data cvsup collection might serve the purpose nicely too. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hyperthreading not working on my 5.3 FreeBSD
Ed Stover writes: don't you need apic as well ? device apic# I/O APIC I didn't have to add it on my machine, so presumably it is there by default in the generic configuration. -- Anthony ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: docs
On 06 Apr 2005 10:59:07 -0400 Lowell Gilbert [EMAIL PROTECTED] wrote: Giorgos Keramidas [EMAIL PROTECTED] writes: On 2005-04-06 11:14, Don Kuzenko [EMAIL PROTECTED] wrote: Hi, I have a number of machines running FreeBSD and I would like to create a local mirror of the documentation available on the FreeBSD website. My problem is that I currently have a dial up connection (rural living :-) Is there a simple way to obtain a tarball of a mirror of the docs so that I can access the docs via a browser on my machine. If you only need HTML docs, I can build you a snapshot with a couple of formats, like FORMATS=html html-split, and upload it somewhere where you can grab it at your leisure. If you prefer copying the files yourself, you can recursively retrieve a copy of /pub/FreeBSD/doc/en_US.ISO8859-1 from one of the FTP mirrors. I think the data cvsup collection might serve the purpose nicely too. if the modem is a 2400bps then it might also be good to look at /usr/share/doc, as e.g. the handbook is there ;-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Donating to FreeBSD.
Hello everyone, We would like to donate to the FreeBSD project. Unfortunateley, the FreeBSD Foundation website is actually down with no link to the appropriate contact information. Can anybody point me in the right direction as on how to proceed besides waiting for the site to come back online? And for those of you who donated to the FreeBSD project. May I ask how much did you decided to give? I'm just looking for ball park figures, just for curiosity's sake. Many thanks, David -- David Robillard UNIX systems administrator [EMAIL PROTECTED] Notarius (TSIN) Inc. 465, rue St-Jean, suite 200 Montreal, Quebec, H2Y 2R6 Tel. : +1 514 966 0122 Fax. : +1 514 281 1226 http://www.notarius.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: .iso
On Wed, 06 Apr 2005 09:23:03 -0400 Jonathan Arnold [EMAIL PROTECTED] wrote: bertybadboy wrote: Which .iso files do i download and burn onto a cd? I was all set with a big explanation of what the ISOs were, and to complain that there wasn't a nice, easy to find, concise description in the handbook, when I actually looked for it and found it with no problem. The place to start, of course, when installing FreeBSD is Chapter Two in the handbook, entitled, appropriately enough, Installing FreeBSD: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install.html As part of section 2.2, Pre-installation Tasks, there is section 2.2.6 Obtain the FreeBSD Installation Files. And it points you to section 2.13 Preparing Your Own Installation Media: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-diff-media.html And that has an excellent and concise description of the ISO files. The gist of that is you should download the -miniinst version (not the -mini version as described in the handbook) if you have a fast internet connection and want to install the packages online, or the -disc1 version if you want to have a CD with it prepackage. The biggest advantage to using the miniinst version is that you are sure to get the latest version of the package, while the -disc1 version is what was available when the ISO was created. The original poster didn't say which version he wanted to install but I would presume its something very recent. I think that information is good for anything prior to 5.4 but it seems to be changing somewhat starting with the 5.4-RC1. From the announcement ( http://docs.freebsd.org/cgi/mid.cgi?20050405144935.GA54439 ): The layout of the installation CDs is slightly different than previous releases. The disc1 image should be used to start the install. It contains a live filesystem and the set of packages that normally get installed as part of a minimal install (perl, the baseline Xorg windowing system, and on i386 the base Linux emulation package). The disc2 image contains a larger variety of packages (kde3, gnome2, etc) that can be installed while doing the initial installation of the machine, but if you just want to do a minimal install disc1 should be all you need. I gather that the miniinst.iso won't be available as a separate iso since its essentially now -disc1. I like the idea of a base install and live filesystem on the same disc. However, it appears that someone wanting to do a fresh install with KDE/Gnome/etc will now need to download both -disc1 and -disc2. Its more to download but the selection of packages on the CDs is probably larger. If I am misreading the announcement I'm sure someone will correct me. Hope this helps more than confuses! Randy -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Owner permissions suddenly set to -x, possible compromise?
On Wed, 6 Apr 2005 10:55:04 -0400 Richard Morse [EMAIL PROTECTED] wrote: Hi! I came in the morning and discovered that the file permissions on every cgi I have on my webserver had been set to u-x,go+x. This seems to have changed at about 4:30a this morning. I'm a bit worried by this, as I can't think of anything that would cause this, and there's nothing in any of the log files that would explain it. 4:30a sounds like a cronjob might have done this, but it does not ring a bell Has anyone run into this before? Can you direct me to a place I might find more information on it? A quick google search on owner cannot exec didn't turn up anything... i suggest (since you're worried) you do some reading about security in general for FreeBSD, e.g. starting here : http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security.html personally i would : - take the machine down - compare md5sums with a freshly installed machine - do some more forensic research with things like sleuthkit - for the future use a tripwire-style program like yafic (from ports) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
strange kern.ngroups problems
Hi questions list, I have a set of users in a NIS/YP database who may login on multiple machines. Now for some reason, on one of those machines (5.3-RELEASE-p6), any user who belongs to more groups than 4 on the NIS/YP server cannot login any more. If I'm using su as root to become this user I get: su: setusercontext: Invalid argument This is only the case on this one 5.3-R-p6 machine. All machines have kern.ngroups set to 16. While I'm certain I have not changed a lot from the default install, is there any place other than the kern.ngroups sysctl variable that I may have changed by accident to decrease the max groups per user? I could also provide output from truss down to: setgroups(0x11,0xbfbfe660) ERR#22 'Invalid argument' Thanks, -- br. j. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: shell question
On Tue, 5 Apr 2005, Björn König wrote: mrspock at esfm dot ipn dot mx wrote: I need to concatenate the standard output and then standard error output in a file, but I need to convert the standard output into PostScript before the concatenation. program stdin stdout 2 stderr cat stdout out a2ps stderr out a2ps is in the ports and it converts plain text into PostScript. The problem is that I don't want to use the temporary file that I used above (stdout, stderr, out), I just want a filter program stdin 31 12 23 | a2ps Regards Björn Thanks for your help, Björn. I think I'd better study a little more this redirection operators. Thanks again. Eduardo. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Donating to FreeBSD.
On 2005-04-06 11:10, David Robillard [EMAIL PROTECTED] wrote: Hello everyone, We would like to donate to the FreeBSD project. Unfortunateley, the FreeBSD Foundation website is actually down with no link to the appropriate contact information. You can always contact [EMAIL PROTECTED] or browse the donations web site, looking for things that are currently needed by some of the contributors. http://www.freebsd.org/donations/ Can anybody point me in the right direction as on how to proceed besides waiting for the site to come back online? And for those of you who donated to the FreeBSD project. May I ask how much did you decided to give? I'm just looking for ball park figures, just for curiosity's sake. Providing some of the things listed in the want list of the donations pages is a great idea :-) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw firewall mailing list ?
can u guys tell me , is there any ipfw firewall i can subscribe to to learn it or ask daily usage questions to ? thanks *º¤., ¸¸,.¤º*¨¨¨*¤ Allah-hu-Akber*º¤., ¸¸,.¤º*¨¨*¤ God is the Greatest __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange kern.ngroups problems
In the last episode (Apr 06), jonas said: I have a set of users in a NIS/YP database who may login on multiple machines. Now for some reason, on one of those machines (5.3-RELEASE-p6), any user who belongs to more groups than 4 on the NIS/YP server cannot login any more. If I'm using su as root to become this user I get: su: setusercontext: Invalid argument This is only the case on this one 5.3-R-p6 machine. All machines have kern.ngroups set to 16. While I'm certain I have not changed a lot from the default install, is there any place other than the kern.ngroups sysctl variable that I may have changed by accident to decrease the max groups per user? I could also provide output from truss down to: setgroups(0x11,0xbfbfe660)ERR#22 'Invalid argument' 0x11 = 17, which is a whole lot more than 4. Is the user a member of any local groups (see /etc/group)? What does id nisuser print? -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: docs
On 2005-04-06 17:26, Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2005-04-06 11:14, Don Kuzenko [EMAIL PROTECTED] wrote: Is there a simple way to obtain a tarball of a mirror of the docs so that I can access the docs via a browser on my machine. If you only need HTML docs, I can build you a snapshot with a couple of formats, like FORMATS=html html-split, and upload it somewhere where you can grab it at your leisure. Ok, I just uploaded a snapshot build from today's doc/ tree at: http://keramida.serverhive.com/freebsd/doc/snapshots/current/en/ The compressed tarballs of html-split and html output formats are relatively small (about 2.7 MB each), and they have been built with URL_RELPREFIX=yes to make local browsing easier. I have been planning to install a local tinderbox for the doc/ tree for a while now, so this may be a good chance to do it and add the necessary smarts for automatic uploading of successful builds ;-) - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw firewall mailing list ?
On 2005-04-06 08:53, faisal gillani [EMAIL PROTECTED] wrote: can u guys tell me , is there any ipfw firewall i can subscribe to to learn it or ask daily usage questions to ? The freebsd-questions list is the best place to ask about configuration details of ipfw. There is a freebsd-ipfw mailing list, but that's aimed towards more technical, in-depth discussions about the internals of ipfw dummynet; so, it's probably not a good idea to post usage questions to that list. Post them here... Since a lot of people have already asked a thousand and one things about ipfw, you may also search the mailing list archives and see if any questions you have have already been answered: http://lists.freebsd.org/pipermail/freebsd-questions/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: strange kern.ngroups problems
Hi Dan, On Wednesday 06 April 2005 17:54, Dan Nelson wrote: Is the user a member of any local groups (see /etc/group)? no, /etc/group is untouched since install. What does id nisuser print? A whole lot more. Groups coming through winbind 17 total... Of course this is the only machine running winbind. Thanks! -- br. j. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PHP / Apache bus error
Peter Risdon helpful contributes: You don't _have_ to boot into single user mode. See below. Okay, cool. I did it. Upgraded to 4.11 without any problems. However ... I still have the following problems: 1. child pid 28305 exit signal Segmentation fault (11) messages (lots of 'em) in httpd error logs. 2. Gallery doesn't work. Returns an empty page, and I get a Signal 10 in the error log. 3. Drupal doesn't work. Blank php page is returned. I'm fairly confident this is php / mysql / httpd related. So, for your reference, I have: apache+mod_ssl-1.3.33+2.8.22 php4-4.3.10_2 php4-gettext-4.3.10_2 php4-mysql-4.3.10_2 php4-pcre-4.3.10_2 php4-pear-4.3.10_2 php4-pgsql-4.3.10_2 php4-session-4.3.10_2 php4-xml-4.3.10_2 mysql-client-3.23.58 mysql-client-4.0.15 mysql-server-3.23.58 php4-mysql-4.3.10_2 zope-zmysqlda-2.0.8_1 I do not know HOW I ended up with two installs of mysql client .. but there ya go. So if anyone sees anything obvious in those versions ... I would love to hear about it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: too many illegal connection attempts through ssh
shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? This question is asked on the list ever so often - see the archives for suggestions. These are automated attacks, they come regularly as crackers, black hats or script kidies scan across the net. Does anybody know what robots beeing used? And on what systems? All you mention later in your posting is true of course and I needn't care about these logs, but it's like like somebody unknown puts 10 flyers in your letterbox every night. I'm sure, one night you'll hide and build a trap for that person. I'm too lazy to enter those net-circles for finding these robots, but maybe some other has already done that? I haven't done that, but if you don't like them you can block them fairly easily... I wrote a little script in PHP (not that it would be hard to re-write in perl or whatever) that watches /var/log/auth.log and if it sees an invalid login, it adds a firewall rule to block that IP. Then I've got a separate cronjob that removes those firewall rules a couple minutes later. Yes, I have locked myself out of my own server when I mistype my password, but I just wait a minute and it lets me back in. I thought about modifying it so instead of outright blocking it, it put it into a pipe that limited it's bandwidth to almost nil just to hold the thing up a bit, but this works for me.. http://www.pjkh.com/sshmonitor/ -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Recommended search engine for web pages and maybe email?
Hi all - Recently I've found myself searching the freebsd ports web site quite frequently as well as some other online documentation (php, mysql, postgresql, freebsd faq/handbook) and it always bothers me because I know I can mirror that stuff and search it locally and in general cut down on their load. It's been a long time since I've setup any search engines/spiders to do this sort of thing. In the past I've used htdig and mnogosearch. I was hoping someone out there could tell me which one of those (or a third such as openfts?) I should install and get going to save me some time trying them all out. I think the only feature I really care about is being able to limit the search to a particular collection (freebsd ports, php manual, etc.) As an aside, I've got about 60mb (~ 5,000 messages) stored in pine's mbox format that I occasionally grep through, but would be nice if it was little more advanced... I've also thought maybe I should just host it on an external server, and only allow my hosts and google's indexer to crawl it and just rely on google. Suggestions? recommendations? Thanks! -philip ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Viewing DNS cache entries
Martin Petraschek wrote: [ ... ] Thank you, Dan. I was not aware of the fact that FreeBSD does not cache DNS entries unless you are running a name server. At least some versions of the standard C library will cache the last DNS looked up, and reuse that value if the process asks about the same host again. That turns out to be almost free to do, and is still reasonably helpful for many cases. However, FreeBSD does not have a global cache the way Windows does, or things like nscd (Solaris) or lookupd (MacOS X)... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: suspending login
On Tue, 2005-04-05 at 18:50 -0400, Ean Kingston wrote: On April 5, 2005 06:42 pm, Bob Ababurko wrote: Hello all- I am trying to figure out how to suspend a login for a user. Do I have to do this with password aging or is there an easier(read brute force) way to disallow a user from logging in? the safest way is to set the shell to /sbin/nologin and the home directory to /nonexistant in your auth system. The latter is especially needed if you allow ssh for remote login since the public-key authentication mechanisms sometimes bypass the normal login restrictions. Am I mistaken here, or will doing that only deny the user a shell and home directory? The user will still be able to authenticate against the password database right? To the best of my knowledge the correct way of doing this is either the asterisk method in the password field using vipw or the more user friendly way of using pw(8) with the lock command. Yes, that will allow the user to authenticate against the password database but the user has no home directory and a shell that kicks the user out right away. If you change the password entry then, when you want to enable the user again, the user has to enter a new password. This way, the user keeps his/her old password. Note, the question asked for suspend, not remove. I read suspend as implying that the account may be used again. If what is wanted is a permanent removal of the user then the entire home-directory and it's contents should be removed as well. Also, a search for all files owned by that user needs to be done and those files need to be cleaned up. -- Ean Kingston E-Mail: ean_AT_hedron_DOT_org PGP KeyID: 1024D/CBC5D6BB URL: http://www.hedron.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: shell question
On Wed, 6 Apr 2005, Richard Caley wrote: In article [EMAIL PROTECTED], mrspock (m) writes: m The problem is that I don't want to use the temporary m file that I used above (stdout, stderr, out), I just m want a filter If you want to rearange the output so that all the errors are after all the non errors, then you are going to need storage of some sort. I think that is logically unavoidable. There may be some kind of shuffle you can do with named pipes or something, but those kind of things have limited storage. Any time your command produces more error output than that space can hold, it will be stopped. Since you are not reading that stream until the main output is finished you'd then have a deadlock. -- Mail me as [EMAIL PROTECTED]_O_ | Thank you, Richard. Efectively, I found that is easier to create a temporary file with one of the output files, in this case stderr. Stderr is used, in this case to create a listing of the data that the program is using and, occasionally, it issues an error message, in this case the program stops. I finally programmed this process in this way: program 2 tempfile | (cat a2sp tempfile) | ps2pdf As I already stated, my program is creating a PostScript output in its stdout and a listing in the stderr file. a2ps is converting this listing to PostScript and both of them, finally, are converted to a PDF document with GhostScripts [in the ports]. Finally, the name pipes is very precise to describe what is happening with the streams; obviously, if I want to process one of the streams after the other one, I need to contain the water of the second temporally. Thanks for your time and your help. Eduardo. PS. Perhaps you are interested in visiting my page: http://michelle.esfm.ipn.mx/~mrspock/superspiro Cut Paste one of the examples and execute the program at the end of the page. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
unable to mount secondary hard disks now
Im running FreeBSD 5.3, its an almost fresh install. Its been running for about 7 days now. I have an internal IDE drive that the OS runs from, then I have two external firewire drives (da0, da1) that are only used as Samba shares. This morning i found that one of the firewire drives are no longer mounted (da1), this might have happened when I uninstalled Samba 2.x and installed 3.x yesterday, then rebooted. but im not sure, because i didnt check to see if the drive was still mounted after the reboot. So i figured i would just mount it again (even though da1 in the fstab) FileServer# mount /dev/da1s1c /mnt/jabba mount: /dev/da1s1c on /mnt/jabba: incorrect super block So now im not realy sure what to do, this drive was working perfectly before the reboot. someone told me to run fsck on the drive, but that gives me the following error. FileServer# fsck /dev/da1s1c ** /dev/da1s1c Cannot find file system superblock /dev/da1s1c: NOT LABELED AS A BSD FILE SYSTEM (unused) here is what fdisk returns... FileServer# fdisk /dev/da1s1c *** Working on device /dev/da1s1c *** parameters extracted from in-core disklabel are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: UNUSED The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 0, size 5 (24 Meg), flag 80 (active) beg: cyl 0/ head 0/ sector 1; end: cyl 1023/ head 254/ sector 63 Here are the relevant lines from my fstab... /dev/da0c /mnt/yoda ufs rw 2 2 /dev/da1s1c /mnt/jabba ufs rw 2 2 Thanks in advance -Shea ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freebsd-questions@FreeBSD.org
hello!! how do you feel? I'm rookie to use freebsd. I have a question. How I can change my resolution of my consola. I use freebsd 5.3 on laptop, just I want to know how I can change that resolution 640x400 something like that to a 1024x768. how I change. thks I wish you can help me to do it _ Want to meet David Beckham? http://www.msn.co.in/gillette/ Fly to Madrid with Gillette! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
automount usb flash drive?
I was trying to figure out how to have a usb flash drive automount when I plug it in. I currently have the following line in /etc/fstab /dev/da0s1 /mnt/usbkey msdos rw,-m700,noauto 0 0 and the following in /etc/devfs.conf perm da0s1 0666 when I do the following command line command the usb flash drive mount fine # mount /mnt/usbkey But, when I'm in KDE viewing media:/ Removable Device (da0s1) is shown is unmounted. At the user level command line and in KDE, I receive /dev/da0s1: Operation not permitted. I'm not sure if part of the issue is permissions or if I'm missing a piece for the auto-mounting to happen. Any thoughts? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: unable to mount secondary hard disks now
I'm not entirely sure, but it sure looks like da1s4c to me. Why is one drive da0c and the other da1s1c? How did you set them up? Shea Frederick wrote: Im running FreeBSD 5.3, its an almost fresh install. Its been running for about 7 days now. I have an internal IDE drive that the OS runs from, then I have two external firewire drives (da0, da1) that are only used as Samba shares. This morning i found that one of the firewire drives are no longer mounted (da1), this might have happened when I uninstalled Samba 2.x and installed 3.x yesterday, then rebooted. but im not sure, because i didnt check to see if the drive was still mounted after the reboot. So i figured i would just mount it again (even though da1 in the fstab) FileServer# mount /dev/da1s1c /mnt/jabba mount: /dev/da1s1c on /mnt/jabba: incorrect super block So now im not realy sure what to do, this drive was working perfectly before the reboot. someone told me to run fsck on the drive, but that gives me the following error. FileServer# fsck /dev/da1s1c ** /dev/da1s1c Cannot find file system superblock /dev/da1s1c: NOT LABELED AS A BSD FILE SYSTEM (unused) here is what fdisk returns... FileServer# fdisk /dev/da1s1c *** Working on device /dev/da1s1c *** parameters extracted from in-core disklabel are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: UNUSED The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 0, size 5 (24 Meg), flag 80 (active) beg: cyl 0/ head 0/ sector 1; end: cyl 1023/ head 254/ sector 63 Here are the relevant lines from my fstab... /dev/da0c /mnt/yoda ufs rw 2 2 /dev/da1s1c /mnt/jabba ufs rw 2 2 Thanks in advance -Shea -- __ Paul T. Root /_ \ 1977 MGB / /|| \\ ||\/ || _ | || || || \ ||__// \__/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Domainname
I didn't think when I was doing my last install, and now my system has a domainname it shouldn't have. Too many different operating systems compete for space in my brain and I can't seem to find any information about fully qualified domainname in the fine manual, since all it talks about is NIS/YP, which isn't my problem. Any hints? /andreas -- A: Because it fouls the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing on usenet and in e-mail? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: automount usb flash drive?
On Wed, Apr 06, 2005 at 03:32:14PM -0400, Todd Shirk wrote: I was trying to figure out how to have a usb flash drive automount when I plug it in. I currently have the following line in /etc/fstab /dev/da0s1 /mnt/usbkey msdos rw,-m700,noauto 0 0 and the following in /etc/devfs.conf perm da0s1 0666 devfs.conf only works for devices available at boot time. For devices you can plug in at runtime you should use /etc/devfs.rules: [foobar=10] add path 'da*s*' mode 0666 And you should have the following in /etc/rc.conf: devfs_system_ruleset=foobar The contents of devfs.rules are fed to devfs(8), so see it's manual page. when I do the following command line command the usb flash drive mount fine # mount /mnt/usbkey But, when I'm in KDE viewing media:/ Removable Device (da0s1) is shown is unmounted. At the user level command line and in KDE, I receive /dev/da0s1: Operation not permitted. For a user to be able to use a filesystem, there are a couple of things that need to be done: - The sysctl variable vfs.usermount must be set to 1 (in /etc/sysctl.conf). - The user in question must own the mount point. I'm not sure if part of the issue is permissions or if I'm missing a piece for the auto-mounting to happen. I think the latter. Normally usbd(8) is notified of USB events, but in this case it seems to get events for the umass* device, not the da*s* device that you'll want to use. There have been people who've used a shell-script called by usbd to figure out the connection between umass-da from dmesg output and then mount the filesystem, but that doesn't do umounts. It's also complicated if you want it to work for multiple users, unless you give it 777 permissions. You could also give amd(8) a try. I found that making a one-line shell script to do the mounting is much less hassle. Roland -- R.F. Smith /\ASCII Ribbon Campaign r s m i t h @ x s 4 a l l . n l \ /No HTML/RTF in e-mail http://www.xs4all.nl/~rsmith/ X No Word docs in e-mail public key: http://www.keyserver.net / \Respect for open standards pgpWB18oH083P.pgp Description: PGP signature
Re: Domainname
Andreas Davour wrote: I didn't think when I was doing my last install, and now my system has a domainname it shouldn't have. Too many different operating systems compete for space in my brain and I can't seem to find any information about fully qualified domainname in the fine manual, since all it talks about is NIS/YP, which isn't my problem. Any hints? /andreas Rerun sysinstall, then configure, then network, then interfaces, then pick your nic - the rest you ought to be able to manage. Best regards, Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Domainname
I didn't think when I was doing my last install, and now my system has a domainname it shouldn't have. Too many different operating systems compete for space in my brain and I can't seem to find any information about fully qualified domainname in the fine manual, since all it talks about is NIS/YP, which isn't my problem. Any hints? Have a look at /etc/rc.conf (the hostname setting). -- Ean Kingston E-Mail: ean_AT_hedron_DOT_org PGP KeyID: 1024D/CBC5D6BB URL: http://www.hedron.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Domainname
Andreas Davour writes: I didn't think when I was doing my last install, and now my system has a domainname it shouldn't have. Too many different operating systems compete for space in my brain and I can't seem to find any information about fully qualified domainname in the fine manual, since all it talks about is NIS/YP, which isn't my problem. Any hints? Well, you don't say quite what you want to know about fully qualified domain name.It means the full namexxx.yyy.zzz.org instead of just xxx or whatever. As for changing it, change the hostname=xx.yy.zz.org in your /etc/rc.conf file and the domain in /etc/resolv.conf. jerry /andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: iSCSI (revisited?)
- Original Message - From: Justin Bennett [EMAIL PROTECTED] To: FreeBSD Hackers freebsd-hackers@freebsd.org Cc: FreeBSD Questions freebsd-questions@freebsd.org Sent: Monday, April 04, 2005 5:30 PM Subject: iSCSI (revisited?) All, I was wondering what people thought of iSCSI and FreeBSD. Is it a viable option for creating SANs? I want to move away from tape backups, and have numerous production FreeBSD machines that I need to back up data from. Any other ideas for a disk to disk backup solution that people have used? Thanks, Justin Justin, what I'm currently using is the following for just that: Promise Vtrak 15100 with 15 250gb sata's, connected to a dual channel Adaptec 39160 housed in a Compaq ML 330 running FreeBSD 5.3. The Vtrak has 2 logical arrays assigned, where my other 14 servers (windows and freebsd alike) back up to one or the other arrays. I have one array shared via nfs for the bsd boxes to back up to and the other is samba shared so that windows systems can back up to that one. So far, it's worked well for me. All I need to do now is get the company to realize they still need tape if they want long term storage and then I can chain that to the Promise raid and have it back up to take during the day and still have my backup window in the early morning hours. -- Micheal Patterson Senior Communications Systems Engineer 405-917-0600 Confidentiality Notice: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Temperature Sensors on a Mini-ITX Board
Does anyone know how to read the temperature sensors on a VIA Mini-ITX board? I've tried xmbmon, lmmon and healthd but nothing seems to read it/them. I can't find anything under the dev sysctl hierachy either. I can't see anything relevant in dmesg apart from this perhaps: acpi0: VT9174 AWRDACPI on motherboard Thanks, Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Maintaining a Minimal Installation for a Small HDD
hi lowell, The recommended path is to do a binary upgrade. 5.4 will be out in a few weeks, and release candidate builds are available now. to what extent does building the sources on my machine affect the resulting binaries? to be more specific: i read the freebsd handbook section on maintaining multiple systems from one 'build machine'. if i were to allocate one of the machines on my network to build sources into binaries, say my HP PII, would those binaries be appropriate to install on my thinkpad? my understanding is that i could take a subset of those binaries and install them on my laptop, and then build the kernel from the thinkpad and this would work (assuming i got all the binaries right). is that correct? cheers iain _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Maintaining a Minimal Installation for a Small HDD
Yep, that's pretty much right. Use one of the systems to build everything as packages, and then install all those packages onto your other machines. You'll still need to compile the kernel and source on each individual machine. On Apr 6, 2005 4:18 PM, Iain Dooley [EMAIL PROTECTED] wrote: hi lowell, The recommended path is to do a binary upgrade. 5.4 will be out in a few weeks, and release candidate builds are available now. to what extent does building the sources on my machine affect the resulting binaries? to be more specific: i read the freebsd handbook section on maintaining multiple systems from one 'build machine'. if i were to allocate one of the machines on my network to build sources into binaries, say my HP PII, would those binaries be appropriate to install on my thinkpad? my understanding is that i could take a subset of those binaries and install them on my laptop, and then build the kernel from the thinkpad and this would work (assuming i got all the binaries right). is that correct? cheers iain _ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: unable to mount secondary hard disks now
I just noticed, this isn't going to the group. Always, keep the thread with the group. I don't know everything. In fact, I haven't done usb disks on FreeBSD. Anyway, there's a couple of disturbing things here. 1. You need to find out which drive is which. Because, what we do could be distructive to the disk. Especially if it's not the disk you think it is. Run dmesg and look for the da device references, maybe that will give you an idea as to which disk is which. Ok, let's assume for a minute that da2 became da1. That would explain why the disklabel is wrong. Since it was configured as da2c not da2s1c. try disklabel da1 disklabel da2 disklabel da1s1 disklabel da2s1 mount let's see what's what. 2. That disklabel is wrong. That's why you can't access the partition. Back in the old days, it was frowned upon to use 'C' as a live filesystem. It was always the whole disk. I generally will make an 'a' or 'e' or something that is also the whole disk There are 2 problems with this disklabel, if it is the right disk. 1. The file type is unused. It should be 4.2BSD 2. The C partition extends past the end of the unit. That's probably because it starts at 63 instead of 0. Which actually leads me to believe that this is the old da2. Run the dmesg, disklabels and mount for us (the whole list, I can easily miss things). And see if we can't figure out what drive is what. Paul. Shea Frederick wrote: FileServer# disklabel /dev/da1s1c # /dev/da1s1c: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] c: 156296322 63unused0 0 # raw part, don't edit partition c: partition extends past end of unit disklabel: partition c doesn't start at 0! disklabel: An incorrect partition c may cause problems for standard system utilities but something else interesting came up while i was poking around.I went to write some files to my da2 drive, and noticed that the access light on drive da1 was blinking. So somehow after re-booting, my da1 and da2 drives switched places (i sware i didnt switch the cables) -Shea On Apr 6, 2005 2:28 PM, Paul T. Root [EMAIL PROTECTED] wrote: Ok, so that was a bad guess. The disk may have gotten wiped. You can try running fsck with the next superblock. fsck -b 32 /dev/da1s1c What does disklabel give you? disklabel da1s1 Shea Frederick wrote: The first drive (da0) was setup using the instructions here... http://www.freebsd.org/doc/en_US.ISO8859-1/articles/formatting-media/article.html The 2nd drive (da1) was setup using sysinstall come to think of it, thats the only difference, so maybee thats part of the problem. I have no da1s4c FileServer# ll /dev/da* crw-r- 1 root operator4, 19 Apr 6 22:59 /dev/da0 crw-r- 1 root operator4, 23 Apr 6 17:01 /dev/da0c crw-r- 1 root operator4, 20 Apr 6 22:59 /dev/da1 crw-r- 1 root operator4, 65 Apr 6 22:59 /dev/da1a crw-r- 1 root operator4, 66 Apr 6 22:59 /dev/da1c crw-r- 1 root operator4, 34 Apr 6 22:59 /dev/da1s1 crw-r- 1 root operator4, 55 Apr 6 22:59 /dev/da1s1c crw-r- 1 root operator4, 21 Apr 7 04:38 /dev/da2 crw-r- 1 root operator4, 69 Apr 7 04:39 /dev/da2c I forgot to mention that drive 3 (setup just like da0) also works fine -Shea On Apr 6, 2005 1:42 PM, Paul T. Root [EMAIL PROTECTED] wrote: I'm not entirely sure, but it sure looks like da1s4c to me. Why is one drive da0c and the other da1s1c? How did you set them up? Shea Frederick wrote: Im running FreeBSD 5.3, its an almost fresh install. Its been running for about 7 days now. I have an internal IDE drive that the OS runs from, then I have two external firewire drives (da0, da1) that are only used as Samba shares. This morning i found that one of the firewire drives are no longer mounted (da1), this might have happened when I uninstalled Samba 2.x and installed 3.x yesterday, then rebooted. but im not sure, because i didnt check to see if the drive was still mounted after the reboot. So i figured i would just mount it again (even though da1 in the fstab) FileServer# mount /dev/da1s1c /mnt/jabba mount: /dev/da1s1c on /mnt/jabba: incorrect super block So now im not realy sure what to do, this drive was working perfectly before the reboot. someone told me to run fsck on the drive, but that gives me the following error. FileServer# fsck /dev/da1s1c ** /dev/da1s1c Cannot find file system superblock /dev/da1s1c: NOT LABELED AS A BSD FILE SYSTEM (unused) here is what fdisk returns... FileServer# fdisk /dev/da1s1c *** Working on device /dev/da1s1c *** parameters extracted from in-core disklabel are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=9728 heads=255 sectors/track=63 (16065 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information
Re: Change console resolotion [was: freebsd-questions@FreeBSD.org]
On Wednesday 06 April 2005 20:17, gfdggdfg fdgdret wrote: hello!! how do you feel? I'm rookie to use freebsd. I have a question. How I can change my resolution of my consola. I use freebsd 5.3 on laptop, just I want to know how I can change that resolution 640x400 something like that to a 1024x768. how I change. thks I wish you can help me to do it I think vidcontrol is what you are looking for. `man vidcontrol` for more info. -- /Xian You're not fully trained until you have done everything wrong once Martin Stannard ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sending mail between local computers
I have two FreeBSD boxes running sendmail, how would make it so mail can be sent from one box to the other? I have just managed to make them masquerade so I can send mail out on to the Internet. I did come across this on my 'quest': http://www.clanger9.org.uk/computer/explain.html ;-) -- /Xian C lets you shoot yourself in the foot. C++ lets you reuse the bullet Unknown Author ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sending mail between local computers
On Thu, 7 Apr 2005, Xian wrote: I have two FreeBSD boxes running sendmail, how would make it so mail can be sent from one box to the other? Assuming they are both on your local network, as suggested in the subject... You shouldn't have to do anything with sendmail. Just configure the machines so each hostnames resolves, from the perspective of the other machine. You could either create an /etc/hosts file on each machine, or run DNS locally. Probably other ways as well. Let's say that their hostnames are foo and bar - make it so that from foo you can 'ping bar', and vice versa. Once that works, you ought to be able to log in to foo and send mail via your favorite MUA to '[EMAIL PROTECTED]' - note, that's just bar, not bar.com or anything. Likewise you ought to be able to log in to bar and send mail via your favorite MUA to '[EMAIL PROTECTED]'. Assuming the user exists on both machines, of course. I'm doing something like this with my internal mail at home, and it works fine. http://www.clanger9.org.uk/computer/explain.html Cute. -- Chris Hill [EMAIL PROTECTED] ** [ Busy Expunging | ] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IBM eServer 346 ServeRaid is too slow
Hi Eugene, Eugene Mitrofanov wrote: I've got Subj and FreeBSD-5.4PRE on it. But RAID0 is too slow: [EMAIL PROTECTED]:eugene# dd if=/dev/zero of=/var/tmp/1 bs=1m count=100 100+0 records in 100+0 records out 104857600 bytes transferred in 31.949508 secs (3281979 bytes/sec) mpt0: LSILogic 1030 Ultra4 Adapter port 0x4000-0x40ff mem 0xcffe-0xcffe,0xcfff-0xcfff irq 28 at device 1.0 on pci4 da0 at mpt0 bus 0 target 0 lun 0 da0: LSILOGIC 1030 IM IM 1000 Fixed Direct Access SCSI-2 device da0: 320.000MB/s transfers (160.000MHz, offset 127, 16bit), Tagged Queueing Enabled da0: 34678MB (71020544 512 byte sectors: 255H 63S/T 4420C) I'd say you are seeing the same as I am with the same card in a Dell 1855. There is something wrong with the mpt driver and the disks when they are setup in a raid0 set. If you split the disks and use them as individual drives then you will get full performance. Carl. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
nvraid setup
I recently purchased a msi motherboard with an nforce 2 chipset. It has nvraid support. Is it possible to use it in freebsd? If so, can it be used as a boot volume? I've attempted a boot with a 5.3 release cd and found that it detects the two drives individually. i'm trying to do raid 0 across 2 SATA disks. My goal is to setup a home file/print server. I'd even consider using software raid if i can't get the nvraid to work. Is it possible to create a bootable software raid setup in freebsd? I do have an old 10 gig drive i could through in for a root partition in a pinch but i'd like to stick to the new sata disks if possible. Thanks. Please CC me as i'm not on the list. Lucas Holt [EMAIL PROTECTED] FoolishGames.com (Jewel Fan Site) JustJournal.com (Free blogging) FoolishGames.net (Enemy Territory IoM site) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
multiprocessors
Is there a comand to use so as to see if freebsd is using both processors? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
xorg -configure fails
Im trying to install Xorg. I get an error message failed to open /dev/io for extended IO Any help? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
What's the definition of the stale port?
What is stale port? How do I end up having stale ports? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiprocessors
Bill wrote: Is there a comand to use so as to see if freebsd is using both processors? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] try top(1) the output of top should contain a C column. if this column contains 0s and 1s both your CPUs are used zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: What's the definition of the stale port?
On Wed, Apr 06, 2005 at 08:49:00PM -0700, Sergei Gnezdov wrote: What is stale port? It's not entirely clear what context you're talking about, but the answer is probably One for which a newer version is available. How do I end up having stale ports? As time marches on :-) Kris pgpLJTpM3D3AN.pgp Description: PGP signature
Re: xorg -configure fails
In the last episode (Apr 06), Bill said: Im trying to install Xorg. I get an error message failed to open /dev/io for extended IO First check: Do you have a /dev/io device? Make sure you haven't removed device io from your kernel config file. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Sound Help
I upgraded my ports/src/kernel yesterday and after i rebooted i no longer have any sound installed. Being as i have onboard sound and honestly have no idea the chipset the sound uses etc .. i was wondering if someone could give me a guide to how to get my sound back and working? -- Yours Sincerely Shinjii http://www.shinji.nq.nu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiprocessors
There is a line for cpu put it only shows one. Im used to linux and when I do a top in Linux I see two lines for my cpus. Is the stock kernel that gets installed when doing a new install smp enabled? Do i need to rebuild my kernel for smp? On Wed, 2005-04-06 at 21:16, FreeBSD Deamon wrote: Bill wrote: Is there a comand to use so as to see if freebsd is using both processors? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] try top(1) the output of top should contain a C column. if this column contains 0s and 1s both your CPUs are used zheyu ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiprocessors
On Wed, Apr 06, 2005 at 10:34:43PM -0700, Bill wrote: There is a line for cpu put it only shows one. Im used to linux and when I do a top in Linux I see two lines for my cpus. Is the stock kernel that gets installed when doing a new install smp enabled? No (on i386). Do i need to rebuild my kernel for smp? Yes, see the handbook. Kris pgpciUvWForwb.pgp Description: PGP signature
Re: xorg -configure fails
I found it. seems that xorkcfg doesnt like security. I removed two lines from my rc.conf file one for security enable and the other for security level. weird that it wouldnt alow root access to dev/io On Wed, 2005-04-06 at 21:13, Dan Nelson wrote: In the last episode (Apr 06), Bill said: Im trying to install Xorg. I get an error message failed to open /dev/io for extended IO First check: Do you have a /dev/io device? Make sure you haven't removed device io from your kernel config file. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: multiprocessors
Well then maybe i should build a new kernel then. Im running freeBSD 5.3 on a dual 450mhz Compaq Proliant 3000 On Wed, 2005-04-06 at 21:39, Kris Kennaway wrote: On Wed, Apr 06, 2005 at 10:34:43PM -0700, Bill wrote: There is a line for cpu put it only shows one. Im used to linux and when I do a top in Linux I see two lines for my cpus. Is the stock kernel that gets installed when doing a new install smp enabled? No (on i386). Do i need to rebuild my kernel for smp? Yes, see the handbook. Kris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
old compaq 4840 problems - freebsd 4.3
I have a old compaq presario 4840. I want to install freebsd 5.3 onto it but it just won't install... It boots the installation and process everything accordingly until when it starts to format the disk and starts installing... First off I notice it has problems fsck, it will error with a message like could not fsck something /x /mnt/x. Sorry I forgot to write down the exact message. Then it will tell me it is preparing an emergency holo shell? It will then proceed to try and install from (CD/FTP- tried both) and toward the end of the install it will error and tell it is going to reboot or i can enter a command prompt. But! on freebsd 4.11 and previous versions I remember worked fine. Same thing with Openbsd 3.x and netbsd 2.0 installations... Any ideas? I really want to give freebsd 5.3 a go... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Windows XP Partition Magic
Can FreeBSD be installed if I use Partition Magic. I am currently running on Windows XP environment. (That is the only primary partition) ..If so how..I keep getting error messages Could not find Primary Descriptor..when installing FreeBSD from CD. Am I partitioning wrong, or is XP not compatable? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: What's the definition of the stale port?
On 2005-04-07, Kris Kennaway [EMAIL PROTECTED] wrote: --y0ulUmNC+osPPQO6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Wed, Apr 06, 2005 at 08:49:00PM -0700, Sergei Gnezdov wrote: What is stale port? It's not entirely clear what context you're talking about, but the answer is probably One for which a newer version is available. I'd say that installed port is stale if its version is older then the version of the port in the /usr/ports/ How do I end up having stale ports? As time marches on :-) I am guessing, that port becomes stale after running cvsup. So, what exactly are we supposed to accomplish in respect to stale ports, when we run pkgdb -F (deinstall, some kind of fix, simple ignore)? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]