Re: Mail back-up system
That`s preatty interesting.. I read the article and the idea is good. But i would like to know what MTA are you using..In the paper you said that at first the email is strored in Mailbox format. Isn`t that a bottleneck. WHat are the loads of the machines. Thanks On 2/9/06, Olivier Nicole [EMAIL PROTECTED] wrote: Hi, As a sys-admin, I am often bugged by users who had mistakenly deleted some very important email, and could I recover it from the tape back-up. I try to explain to them that back-up is only run once per 24 hours and maybe their message arrived since the last run, and that tapes are there to recover disk crash, not user bad moves, it still eats up quite some amount of my time (and it is a stupid task). So I came up with a system whereby messages are duplicated on a second server and users can use a web page to browse that second server and recover emails. Kust in case someone maybe interested, the system is explained there: http://www.cs.ait.ac.th/laboratory/email/mailback.shtml Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Replacing cron with mcron
Has anyone tried this? I even think of proposing this to the base system - cron is such an old idea.. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel high definition audio
On 2/9/06, RYAN vAN GINNEKEN [EMAIL PROTECTED] wrote: Hello i am having trouble getting my sound to work in gnome I have an intel D925XECV2 mainboard has intel high definition audio built in. Try this: http://www.opensound.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
fine grained firewall?
Is it possible to configure the FreeBSD firewall to block ports on a per-user or per-executable basis? eg. - Block /usr/local/bin/irc from connecting to TCP port 6667 - Block user 'johnsmith' from connecting to TCP port 21 etc. Thanks. Regards Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Large imap server.
Bill Campbell wrote: On Wed, Feb 08, 2006, Erik Norgaard wrote: AFAIK cyrus-imap uses a database backend to store mail and has been designed to scale to enterprise systems. The database backend makes indexing and mail lookup faster, but I don't think there's any difference when it comes to retrieving the actual mail. Cyrus scaling? Perhaps on one mongo server. We have installed multiple servers with courier-imap delivering and serving pop and imap from a central server housing home directories, and have seen essentially linear performance as servers are added. One can index mail stores with something like glimpse, but that's probably an issue only were there are huge numbers of messages in individual folders. I don't claim that courier-imap does not scale, in fact, I don't claim anything about courier-imap at all. I simply remark that cyrus-imap has been designed to scale well and this is achieved by using a data base backend. Your comment does not prove me wrong: You seem to indicate that cyrus-imap doesn't scale and refer to a successful install of courier-imap. This doesn't make sense - that logic is flawed. You can only claim that you have found courier-imap scales fine. Well, that's good, then there is choice. Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
Kristian Vaaf wrote: Hello! Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. http://www.rhymer.com is a great place, but unfortunately it requires a browser. Or maybe this is a feature that extends beyond the purpose of shell scripting, and that maybe for such I should start looking into languages like Ruby? Hoping for generous expert advise. Thank you, peasants and poets :) Vaaf (wuff) Hello, writing sentences isn't an easy task for a program, because you need some understanding of the meaning of the sentence and some times a good grab of the peculiar grammar quirks of a language. Have a look at google translate to have an example of the results :-D A rhyming dictionnary should be possible to do, with a database of syllabes and pronunciation, but you need to fill the database first... For writing funny sentences, have a look at the polygen program: it writes sentences according to a defined grammar: http://freshmeat.net/projects/polygen/ I know it has a debian package and works under macosx and windows, so I don't think there should be problems compiling it under freebsd. The main site is in italian, though, I haven't found an english version. urs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
one virtual IP interface on two ethernet ports ?
Hello Is it possible with FreeBSD to setup a virtual IP interface with load balancing that use two or more ethernet ports ? thank you -- Cordialement Frank Bonnet ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mail back-up system
I read the article and the idea is good. But i would like to know what MTA are you using..In the paper you said that at first the email is strored in Mailbox format. Isn`t that a bottleneck. WHat are the loads of the machines= Considering we have only 200 users and 3000 messages per day, whatever would do. MTA is sendmail/milter. I plan to change that mailbox thing when I get budget for a new machine to play with (I don't want to take the risk to break the working configuration). Bests, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel high definition audio
I am already working on it but something is not right still get errors in gnome no volume control elements and/or devices found when i click on mixer but oss seems to thing everything is great during the test but do not hear anyhthing. I still do not see anything in my dmesg to do with audio what should it be sio1 or dsp0 or what need help ps using gnome if that helps at all? sio1: configured irq 3 not in bitmap of probed irqs 0 sio1: port may not be enabled [EMAIL PROTECTED] /usr/local/lib/oss/bin/osstest *** Scanning sound adapter #-1 *** /dev/dsp0 Intel High Definition Audio pcm-front output (adapter0, subdev0) - Performing audio playback test... left OK right OK stereo OK real srate 47974.00 Hz (-0.05%) /dev/dsp1 Intel High Definition Audio pcm-center/LFE output (adapter0, subdev1)- Performing audio playback test... left OK right OK stereo OK real srate 47988.00 Hz (-0.03%) /dev/dsp2 Intel High Definition Audio pcm-side output (adapter0, subdev2) - Performing audio playback test... left ^C [EMAIL PROTECTED] /usr/local/lib/oss/bin/osstest *** Scanning sound adapter #-1 *** /dev/dsp0 Intel High Definition Audio pcm-front output (adapter0, subdev0) - Performing audio playback test... left OK right OK stereo OK real srate 47965.00 Hz (-0.07%) /dev/dsp1 Intel High Definition Audio pcm-center/LFE output (adapter0, subdev1)- Performing audio playback test... left OK right OK stereo OK real srate 47983.00 Hz (-0.04%) /dev/dsp2 Intel High Definition Audio pcm-side output (adapter0, subdev2) - Performing audio playback test... left OK right OK stereo OK real srate 47988.00 Hz (-0.03%) /dev/dsp3 Intel High Definition Audio pcm-rear output (adapter0, subdev3) - Performing audio playback test... left OK right OK stereo OK real srate 47988.00 Hz (-0.03%) /dev/dsp4 Intel High Definition Audio pcm-spdifout output (adapter0, subdev4) - Performing audio playback test... left OK right OK stereo OK real srate 47981.00 Hz (-0.04%) /dev/dsp5 Intel High Definition Audio rec1 input (adapter0, subdev5) - Skipping input only device /dev/dsp6 Intel High Definition Audio rec2 input (adapter0, subdev6) - Skipping input only device /dev/dsp7 Intel High Definition Audio rec3 input (adapter0, subdev7) - Skipping input only device /dev/dsp8 Intel High Definition Audio spdifin1 input (adapter0, subdev8) - Skipping input only device *** Scanning sound adapter #0 *** /dev/dsp9 OSS Virtual Mixer v2.5 Playback CH #0 (adapter1, subdev0) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp10 OSS Virtual Mixer v2.5 Playback CH #1 (adapter1, subdev1) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp11 OSS Virtual Mixer v2.5 Playback CH #2 (adapter1, subdev2) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp12 OSS Virtual Mixer v2.5 Playback CH #3 (adapter1, subdev3) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp13 OSS Virtual Mixer v2.5 Playback CH #4 (adapter1, subdev4) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp14 OSS Virtual Mixer v2.5 Playback CH #5 (adapter1, subdev5) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp15 OSS Virtual Mixer v2.5 Playback CH #6 (adapter1, subdev6) - Skipping virtual device (use -V to force test) *** Scanning sound adapter #0 *** /dev/dsp16 OSS Virtual Mixer v2.5 Playback CH #7 (adapter1, subdev7) - Skipping virtual device (use -V to force test) *** All tests completed OK *** On Thu, 2006-02-09 at 11:32 +0300, Andrew Pantyukhin wrote: On 2/9/06, RYAN vAN GINNEKEN [EMAIL PROTECTED] wrote: Hello i am having trouble getting my sound to work in gnome I have an intel D925XECV2 mainboard has intel high definition audio built in. Try this: http://www.opensound.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel high definition audio
my sound card is also intel high definition. but i havent heard anything for months ;) if you find a solution please let us learn too. [ps: common advice from this list was to buy a cheaper sound card but i still wait for high definition audio's driver ;)] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
Kristian Vaaf wrote: Hello! Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. http://www.rhymer.com is a great place, but unfortunately it requires a browser. Or maybe this is a feature that extends beyond the purpose of shell scripting, and that maybe for such I should start looking into languages like Ruby? Hoping for generous expert advise. Thank you, peasants and poets :) Vaaf (wuff) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Hello, writing sentences isn't an easy task for a program, because you need some understanding of the meaning of the sentence and some times a good grab of the peculiar grammar quirks of a language. Have a look at google translate to have an example of the results :-D A rhyming dictionnary should be possible to do, with a database of syllabes and pronunciation, but you need to fill the database first... For writing funny sentences, have a look at the polygen program: it writes sentences according to a defined grammar: http://freshmeat.net/projects/polygen/ I know it has a debian package and works under macosx and windows, so I don't think there should be problems compiling it under freebsd. The main site is in italian, though, I haven't found an english version. urs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
Brian Astill wrote: program runs on Windows 2000/XP only. Why would anyone in their right mind NOT port a program as sensible as this to a SECURE OS? I should say that Windows XP is not intrinsically insecure. You can secure it, and I don't mean trivially by removing the network connection, but by shutting down unneeded services, replacing iexplorer.exe with firefox where possible, and so on. I have heard that Dragon Naturally Speaking is very good, and that seems like a good reason to run Windows. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel high definition audio
have u sent message to opensound yet?? On Thu, 2006-02-09 at 11:21 +0200, Mehmet Fatih AKBULUT wrote: my sound card is also intel high definition. but i havent heard anything for months ;) if you find a solution please let us learn too. [ps: common advice from this list was to buy a cheaper sound card but i still wait for high definition audio's driver ;)] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jdk1.4.2 port and incorrect manpath
I read in man(1) that the MANPATH is comiled into the man binary; after building the jdk14 port (1.4.2p7_2), I find that the man pages for java are in /usr/local/jdk1.4.2/man and thus are not accessible except by specifying them in particular. 1) Do I need recompile man? 2) Is the port broken?: I did not see a bug for it, nor a list post. 3) Is there something else I'm missing? I'm currently cvsupping to get 1.4.2p8_2. -- Ian Tegebo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
On Wed, Feb 08, 2006 at 12:44:00PM -0800, Gary Kline wrote: On Wed, Feb 08, 2006 at 08:29:21PM +0100, Kristian Vaaf wrote: Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. You mean something like this to group words by endings? % rev /usr/share/dict/words | sort | rev This may dovetail into something I was actively working on several years ago: a C/C++ program that took unmetered text as input and output N-syllabic lines as output. Interesting. I created a dictionary of thousands of words with one, two, three, or more syllabes in my database. I played around with this idea until I realized that real poetry demands imagery (metaphor, simile), and not simply meter or rhyme. After 7 years of my writing group I've learned how DIFFICULT it is to write a good poem. Or prose. Absolutely! Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix Regards, -cpghost. -- Cordula's Web. http://www.cordula.ws/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: intel high definition audio
El día Thursday, February 09, 2006 a las 02:14:32AM -0700, RYAN vAN GINNEKEN escribió: I am already working on it but something is not right still get errors in gnome no volume control elements and/or devices found when i click on mixer but oss seems to thing everything is great during the test but do not hear anyhthing. I still do not see anything in my dmesg to do with ... See (google) the details of my reply in [EMAIL PROTECTED] Date: Wed, 11 Jan 2006 09:44:12 +0100 Subject: Re: Intel High Definition Audio (azalia) support now available in OSS/FreeBSD 6.0 matthias -- Matthias Apitz / Sisis Informationssysteme GmbH ein Tochterunternehmen der OCLC PICA B.V. Leiden (NL) D-82041 Oberhaching, Gruenwalder Weg 28g Fon: +49 89 / 61308-351, Fax: -399, Mobile +49 170 4527211 http://www.sisis.de/~guru/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: need some advice on our cisco routers..
The best practice I follow for securing routers, is to disable any remote access unless remote access is really necessary. If remote access is required, I always limit the access to a small number, usually 1-3 remote IP's. It is also a good idea to enable remote logging to keep a record of events and access as all routers have limited logging space internally. Cisco among other brands all have had a number of exploits found and reported on the web. I expect that is how your telnet users got into your router. So it also is in your best interest and practices to regularly check and update any firmware on your routers. Hope this helps. -Derek At 12:07 AM 2/9/2006, Mark Jayson Alvarez wrote: Hi, We have a couple of cisco routers. There was one time when suddenly we cannot login remotely via telnet. I investigate further and was shocked when I found out that there where 16 telnet connections coming from outsiders ip addresses. I immediately called our Director(the only cisco certified guy in the office) and he begin kicking each of the telnet connections one by one. He then replaced every secret/password and deleted all unnecessary local accounts. However, we're still wondering how those hackers got into the system. Now this cisco's aaa is default to a radius server. Since then, outsiders have gone away.. Perhaps the hackers got one of the router's local accounts, and trying to brute force their way to enable mode. Now, I have few questions: 1. Is it possible to think that they still haven't cracked the enable password yet or they already know it and just silently been playing with our router?? What for? If you are a hacker, what would you do if you got an access to an ISP's router??:-) 2. What will you do if the same thing happened to you?? 3.How do you secure your cisco routers in your office?? Our director said that we should look for best practices in securing our routers. Our company is an ISP for broadband internet for RD institutions. We offer no dial up connections, only E1's etc. We have 2 stm1(155Mbps) outgoing pipes. One cisco 7206 and one cisco 7304. We have a radius server running some old version of freebsd(4.6 I guess) but the accounting is not working anymore. Only authentication, and radius uses the accounts listed in /etc/passwd. Now, I am trying to configure a new radius server(to replace the old server configured by the former net/sys admins) only not sure if it is really what we need.. My initial idea of radius is that it ties up authentication, authorization and accounting.. however as I have said, I guess we don't need any accounting since we don't offer dial up services. In authentication, I tried once to make our router work with our kerberos setup so that telnet password doesnt have to be sent but unfortunately, I failed to make it work with our heimdal installation(seems like they are having incompatibility issues with encryption, though I haven't tried it with MIT yet). Authorization: We currently have an ldap directory used only for email services, don't know if it is still needed. We also have remote logging through that radius server also, and guess what, its not working anymore. I compared the config of that compromised router with the other one and found out that the logging lines are gone(hmmm..) I need some tips here. The tools you are currently using. Also some of the best practices you are implementing in your noc.. I'm the new admin and the services are poorly documented.. Now I am trying to start everything from scratch, this time documenting everything I am doing.. Load balancer, proxy server, email, dns, web, ldap, kerberos, etc. Unfortunately I don't have any cisco training yet and I'm glad that my supervisor is kind enough to lend me the enable password (the rest, google and google) Thank's for your time. Sincerely -jay - Brings words and photos together (easily) with PhotoMail - it's free and works with Yahoo! Mail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: fine grained firewall?
I believe IPFW has uid option on rules as in 070 deny tcp from me to any out via $pif setup keep-state uid bob -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of andrew clarke Sent: Thursday, February 09, 2006 3:49 AM To: freebsd-questions@freebsd.org Subject: fine grained firewall? Is it possible to configure the FreeBSD firewall to block ports on a per-user or per-executable basis? eg. - Block /usr/local/bin/irc from connecting to TCP port 6667 - Block user 'johnsmith' from connecting to TCP port 21 etc. Thanks. Regards Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: showdown transfering files with scp
[EMAIL PROTECTED] wrote: I was using scp to copy several large (300-800mb) each files between two Freebsd machines. Both are on the same hub, 100MB Ethernet connection. The source box is FreeBSD 5.4 stable at a late October build date. The target is running 6.0 stable at a current build date. The first three files showed a transfer rate of about 3mb/sec and transfer took about a 5-7 minutes for each file. After the third one however the transfer rate dropped to 100-200 KB/sec. There was nothing else going on in the internal network at the time. scp can be surprisingly crap and slow. If the machines are both internal try using ftp and see how that does. If that's slow too then you have a problem :-) If it isn't slow, then try the ssh-hpn port which, among other things, supports a -z flag to scp which turns off all the encryption after the initial authentication. It's also possible that one of the machines got loaded with something else around the time of your slowdown and it couldn't keep up the the encryption/description. Other things to try: 1) repeat what you did and see if it happens again. If it doesn't, then there was something going on the first time. 2) If it does happen again, try transferring the files individually, inside a for loop perhaps, and see if the problem persists. If it does, try ssh-hpn and see if that works better. Hth, --Alex ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IP Banning (Using IPFW)
On 2/9/06, Chris [EMAIL PROTECTED] wrote: On 07/02/06, David Scheidt [EMAIL PROTECTED] wrote: On Tue, Feb 07, 2006 at 12:40:22AM +0200, Atis wrote: On Sun, 5 Feb 2006 18:55:13 -0500 David Scheidt [EMAIL PROTECTED] wrote: Nonsense. There may be some people that only scan well-known ports, but it's much more common to scan every port on a machine. If you're running a server on a non-standard port, an attacker will find it. sure, but 99% of the time the machines attacking your server are zombies that do not care to do a full portscan. i suppose the purpose is to find other misconfigured, easy-to-hack computers on the network. by putting your services on non-standard ports you get rid of these mindless drones and don't pollute log files with useless garbage. now if somebody _does_ actually target your server in particular then this is definitely not the solution. anywayz, putting things on non-standard ports helps a lot, and is one of the first and easiest security measures an administrator may consider. Taking your clothes off and painting yourself blue is also one of the first and easiest security measures to consider. It's even more effective, too. I know of no machine that's been cracked that had a wheel naked and painted blue. I've seen lots running standard services on non-standard ports. Security through obscurity doesn't work, it makes tracking down other problems harder, and creates work to maintain non-standard configurations. I understand his point, I see 2 types of problems we have to deal with. The thousands of drones that scan for boxes that are vulnerable to a specific exploit, they will often scan ip ranges on a specific port and if its open see if its vulnerable. For these types of intruders chnging ports is very effective since you would simply be skipped past on their scan, for most of us 99% of attempted intrusions are zombie based or some script a kid has downloaded of the web. The argument against changing ports is of course when you have a persistent hacker who wants in, he will of course scan all the ports and find the service and this type of protection is nullified. In this scenario if you havent taken additional measures to secure the box then you may be in trouble, I personally move things like sshd of its normal port simply to stop my logs been flooded with brute force logins and since I am the only one who uses ssh there is no downside to it, I of course dont rely on this alone and keep my software up to date amongst other security measures it is simply an extra layer of skin on the onion. For things like httpd I keep on port 80 as I think moving the port of that is more hassle then its worth. I've seen someone mention how to move httpd to a non-reserved port (ie 8080), and let that change be transparent for the end-user by using ipf. I dont know how, though. Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
On Thu, 9 Feb 2006 08:10 pm, David Newall wrote: Brian Astill wrote: program runs on Windows 2000/XP only. Why would anyone in their right mind NOT port a program as sensible as this to a SECURE OS? I should say that Windows XP is not intrinsically insecure. You can secure it, and I don't mean trivially by removing the network connection, but by shutting down unneeded services, replacing iexplorer.exe with firefox where possible, and so on. Yes - that does seem to be a useful possibility. I have heard that Dragon Naturally Speaking is very good, and that seems like a good reason to run Windows. Interesting. The spiel on the Nuance website gave me that impression, too. However the Royal Society for the Blind in Adelaide tried v 7 (current is 8) and were VERY unimpressed. -- Regards, Brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: showdown transfering files with scp
This is a home network. Cable modem to OpenBSD firewall. Firewall to router/hub. Three PC's attached to hub. The transfer was between two of the PC's. Mark Jacobs -Original Message- From: Bill Schmitt (SW) [mailto:[EMAIL PROTECTED] Sent: Wednesday, February 08, 2006 3:52 PM To: Jacobs, Mark - Data Center Operations [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: showdown transfering files with scp [EMAIL PROTECTED] wrote: I was using scp to copy several large (300-800mb) each files between two Freebsd machines. Both are on the same hub, 100MB Ethernet connection. The source box is FreeBSD 5.4 stable at a late October build date. The target is running 6.0 stable at a current build date. The first three files showed a transfer rate of about 3mb/sec and transfer took about a 5-7 minutes for each file. After the third one however the transfer rate dropped to 100-200 KB/sec. There was nothing else going on in the internal network at the time. Any ideas on what happened? Mark Jacobs ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I can't be sure if it's the issue, but at one point some individuals on the network where I worked installed hubs of their own (the non-intelligent variety of connection) and it didn't just slow them down, it dragged down the entire network segment. Since hubs are not intelligent, there are an awful lot of collisions and putting a hub downstream from the routers means that all bets are off on performance. Hope that helps. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: fine grained firewall?
andrew clarke wrote: Is it possible to configure the FreeBSD firewall to block ports on a per-user or per-executable basis? eg. - Block /usr/local/bin/irc from connecting to TCP port 6667 - Block user 'johnsmith' from connecting to TCP port 21 Yes to users (if the connections originate from the firewall box), no to per-executables. The latter seems useless when cp irc myirc is all it would take to defeat it. Frankly, neither option is very useful or would be needed for a good ruleset... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: need some advice on our cisco routers..
Mark Jayson Alvarez wrote: We have a couple of cisco routers. There was one time when suddenly we cannot login remotely via telnet. I investigate further and was shocked when I found out that there where 16 telnet connections coming from outsiders ip addresses. I immediately called our Director(the only cisco certified guy in the office) and he begin kicking each of the telnet connections one by one. He then replaced every secret/password and deleted all unnecessary local accounts. However, we're still wondering how those hackers got into the system. Now this cisco's aaa is default to a radius server. Since then, outsiders have gone away.. Perhaps the hackers got one of the router's local accounts, and trying to brute force their way to enable mode. Did you keep careful logs of who was connecting from where so someone could start tracking things down? Have you contacted your local police and FBI, or whatever the local equivalent is? (Don't bother unless you can claim more than $2000 or so in damages, however.) Most importantly, have you contacted Cisco? Asking for security advice about their routers here is not the right place to gain such information. cisco.com's got a large, informative site -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IEEE 802.11 Wireless Multimedia Extension (WME) and raw sockets
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I've been playing around with WME to test various network performance,
and come across a problem that I can't quite understand.
I have an application that generates traffic with various TOS
(BACKGROUND, BEST EFFORT, VOICE, VIDEO). It uses raw sockets to transmit
the IP packets. This all works well if ip-ip_len is less than 192
bytes. If ip_ip_len is larger than 192, the call to ieee80211_classify
(/usr/src/sys/net80211/ieee80211_output.c) will classify the packet as
BEST EFFORT no matter what value my application set the TOS field as.
Debugging ieee80211_classify, I see that both ip-ip_tos and ip-ip_len
are set to zero when a I send a packet with ip-ip_len larger than 192
bytes.
Sniffing the network, I can see my packets have the correct TOS and
length, but they don't get the correct WME classification.
- -ieee80211_output.c(iee80211_classify)
if (eh-ether_type == htons(ETHERTYPE_IP)) {
const struct ip *ip = (struct ip *)
(mtod(m, u_int8_t *) + sizeof (*eh));
/*
* IP frame, map the TOS field.
*/
//added by myself
printf(IP_TOS: %d, IP_LEN: %d\n,ip-ip_tos,ntohl(ip-ip_len));
//end
switch (ip-ip_tos) {
case 0x08:
case 0x20:
d_wme_ac = WME_AC_BK; /* background */
break;
case 0x28:
case 0xa0:
d_wme_ac = WME_AC_VI; /* video */
break;
case 0x30: /* voice */
case 0xe0:
case 0x88: /* XXX UPSD */
case 0xb8:
d_wme_ac = WME_AC_VO;
break;
default:
d_wme_ac = WME_AC_BE;
break;
}
- -
When I use SOCK_DGRAM socket instead of raw, everything works fine.
I use FreeBSD 6.0-STABLE and my wireless NIC uses an atheros chipset.
Has anyone got an idea what is going on ?
regards,
Geir Egeland
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFD6zZAAsOHgqjtXwERAqO6AKDVrEBmrlBvIu5qEx/1WSsYryQTGQCgidwv
6U4vVby9nDjEabmtsPzZoeE=
=r/wF
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
Kind of reminds me of the time I took an eggdrop bot for IRC, added a HAL AI script to it, then fed it a bunch of lines of poetry by various artists, and got amazed at its output when various users joined the channel and began chatting. At one point a new user joined the channel, said his gratuatous hello's and the like and began chatting with the bot never realizing it was a bot.. I had that bot for a few years before I lost it. And had the log file for good measure and humour. I always wished to try and recreate that bot, sure was entertaining, and for a while was quite adept at creating/hashing together some interesting lines of poetry mixed in from the AI HAL bot had learned from others conversations.. Enjoy the day! Unix forever.. JSP On Thursday 09 February 2006 05:27 am, cpghost wrote: On Wed, Feb 08, 2006 at 12:44:00PM -0800, Gary Kline wrote: On Wed, Feb 08, 2006 at 08:29:21PM +0100, Kristian Vaaf wrote: Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. You mean something like this to group words by endings? % rev /usr/share/dict/words | sort | rev This may dovetail into something I was actively working on several years ago: a C/C++ program that took unmetered text as input and output N-syllabic lines as output. Interesting. I created a dictionary of thousands of words with one, two, three, or more syllabes in my database. I played around with this idea until I realized that real poetry demands imagery (metaphor, simile), and not simply meter or rhyme. After 7 years of my writing group I've learned how DIFFICULT it is to write a good poem. Or prose. Absolutely! Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix Regards, -cpghost. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Mount changing mount point rights?
hi all, I'm mounting a GELI encrypted, file backed vnode on ~/mount_folder. I am member of wheel. I start with Home directory: drwxr-x--- 51 betom betom 3072 Feb 9 23:38 betom file and folder which i want to mount in. drwxrwx--- 2 betom betom 512 Feb 9 17:42 mount_folder -rw-rw 1 betom betom 614400 Feb 9 23:38 geli.dsk I then define the md device, attach it to geli (it was already init and newfs -U run on it), fsck sudo mdconfig -a -t vnode -f ./_1.dsk -u 13 sudo geli attach /dev/md13 fsck -p -t ufs /dev/md13.eli the devices look like this : $ ls -l /dev/md* crw-r- 1 root wheel0, 121 Feb 9 22:24 /dev/md13 crw-r- 1 root wheel0, 122 Feb 9 23:23 /dev/md13.eli crw-rw 1 root wheel0, 87 Feb 9 22:24 /dev/mdctl Then mount it: sudo mount /dev/md13.eli /home/betom/mount_folder PROBLEM : the mount folder has changed it's access from 770 betom:betom to 750 root:wheel drwxr-xr-x 3 root wheel 512 Feb 9 18:51 mount_folder -rw-rw 1 betom betom 614400 Feb 9 23:50 geli.dsk umask : $ umask 0022 [EMAIL PROTECTED] [Thu Feb 9 23:48:53 2006] ~ $ sudo umask 0022 WHY is it doing that?! Since I want to use this folder as my own user , not root, I have to do the extra step of changing owner of the folder every time...quite annoying. how can I fix this? thanks! Beto ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replacing cron with mcron
On 2/9/06, Iantcho Vassilev [EMAIL PROTECTED] wrote: Has anyone tried this? I even think of proposing this to the base system - cron is such an old idea.. But old ideas are not necessarily bad ideas... I've implemented mcron on two hosts that needed to have custom cron jobs replicated. I didn't need any of the power of mcron, just didn't want to mess around with moving cron's files back and forth. I personally like mcron where it is, as a port. If I need basic scheduling, the base system's cron is fine. If i need something more powerful, I research it, install and configure it. -- Regards, Doug ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: one virtual IP interface on two ethernet ports ?
On 2/9/06, Frank Bonnet [EMAIL PROTECTED] wrote: Hello Is it possible with FreeBSD to setup a virtual IP interface with load balancing that use two or more ethernet ports ? I think you should have a look at carp -- Regards, Doug ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Dealers -Why assemble- We do it cheaper
[header.jpg] [navbar_top_f07.jpg] [1][navbar_top_f06.jpg] [2][navbar_top_f05.jpg] [3][navbar_top_f04.jpg] [4][navbar_top_f03.jpg] [5][navbar_top_f02.jpg] [6][navbar_top_f01.jpg] [callemailbar_top_f03.jpg] [7][callemailbar_top_f02.jpg] [callemailbar_top_f01.jpg] [PC-12.jpg] Seattle PC * Intel Celeron 2.1Ghz Processor- 478Pinn * Foxconn MB (F661FX4MR-ES) w/ V+S+L AGP8x * 256MB DDR (PC400) RAM * 40GB 5400RPM HDD * NO SDD * Black Premium ATX Tower + 300W ATX PSU * 52x-CD ROM Drive * Optical Wheel Mouse - PS/2 * 104 Windows Keyboard * One Year Warranty * No Monitor Included * Product may differ to actual picture only 1,350.00 excl VAT Ranger PC * Intel Pentium 4-3.0Ghz Processor - EMT64(2MB) * Foxconn MB (F661FXM7) w/ V+S+L AGP8x * 512MB DDR (PC400) RAM * 80GB 7200RPM HDD (Hitachi/2yr) * 1.44MB SDD * Black Premium ATX Tower + 300W ATX PSU * DVD+/-RW DL Drive * Optical Wheel Mouse - PS/2 * 104 Windows Keyboard * One Year Warranty * No Monitor Included * Product may differ to actual picture only R2,499.00 excl VAT [callemailbar_bottom_f03.jpg] [8][callemailbar_bottom_f02.jpg] [callemailbar_bottom_f01.jpg] [navbar_bottom_f09.jpg] [9][navbar_bottom_f08.jpg] [10][navbar_bottom_f07.jpg] [11][navbar_bottom_f06.jpg] [12][navbar_bottom_f05.jpg] [13][navbar_bottom_f04.jpg] [14][navbar_bottom_f03.jpg] [15][navbar_bottom_f02.jpg] [navbar_bottom_f01.jpg] [16]To Unsubscribe Please click Here [sendopen.php?MemberID=12834SendID=238Type=Send] References 1. http://www.email.smplmail.com/users/link.php?LinkID=504UserID=12834Newsletter=190List=36LinkType=Send 2. http://www.email.smplmail.com/users/link.php?LinkID=505UserID=12834Newsletter=190List=36LinkType=Send 3. http://www.email.smplmail.com/users/link.php?LinkID=506UserID=12834Newsletter=190List=36LinkType=Send 4. http://www.email.smplmail.com/users/link.php?LinkID=507UserID=12834Newsletter=190List=36LinkType=Send 5. http://www.email.smplmail.com/users/link.php?LinkID=508UserID=12834Newsletter=190List=36LinkType=Send 6. http://www.email.smplmail.com/users/link.php?LinkID=509UserID=12834Newsletter=190List=36LinkType=Send 7. mailto:[EMAIL PROTECTED] 8. mailto:[EMAIL PROTECTED] 9. http://www.email.smplmail.com/users/link.php?LinkID=504UserID=12834Newsletter=190List=36LinkType=Send 10. http://www.email.smplmail.com/users/link.php?LinkID=505UserID=12834Newsletter=190List=36LinkType=Send 11. http://www.email.smplmail.com/users/link.php?LinkID=506UserID=12834Newsletter=190List=36LinkType=Send 12. http://www.email.smplmail.com/users/link.php?LinkID=507UserID=12834Newsletter=190List=36LinkType=Send 13. http://www.email.smplmail.com/users/link.php?LinkID=508UserID=12834Newsletter=190List=36LinkType=Send 14. http://www.email.smplmail.com/users/link.php?LinkID=509UserID=12834Newsletter=190List=36LinkType=Send 15. http://www.email.smplmail.com/users/link.php?LinkID=510UserID=12834Newsletter=190List=36LinkType=Send 16. http://www.email.smplmail.com/users/unsub.php?Mem=12834ConfirmCode=81c9bae56b81cc4d21753ff2e93af9ce ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Konsole Font Color
I have my desktop set to a dark blue, and my knosole transparent ... but directories show ip black, as do the text in conf files. How do you specify the color of fonts for different things ? Thanks Peter ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
error ltdl
dear all i use freebsd 6.0 to install openldap , when i configure from source not port i get error such like this the error : ecking dependency style of cc... (cached) none checking for cc depend flag... -M checking for afopen in -ls... no checking ltdl.h usability... no checking ltdl.h presence... no checking for ltdl.h... no configure: error: could not locate libtool ltdl.h how to solved that . My regards My Regard's SONJAYA ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
Thursday 09 February 2006 07:51、Peter Marshall さんは書きました: I have my desktop set to a dark blue, and my knosole transparent ... but directories show ip black, as do the text in conf files. How do you specify the color of fonts for different things ? If you mean directories when you ls, you could try reading the man page for ls which should describe the LSCOLORS environment variable. Should work, Eric -- The signature is a location used to give a personalised feel to each E-mail without having to personalise each E-mail. pgpoex3SLniOj.pgp Description: PGP signature
Re: Mail back-up system
Olivier Nicole [EMAIL PROTECTED] writes: I read the article and the idea is good. But i would like to know what MTA are you using..In the paper you said that at first the email is strored in Mailbox format. Isn`t that a bottleneck. WHat are the loads of the machines= Considering we have only 200 users and 3000 messages per day, whatever would do. MTA is sendmail/milter. I plan to change that mailbox thing when I get budget for a new machine to play with (I don't want to take the risk to break the working configuration). Mailbox format might not be a bottleneck in this application. It's fairly efficient at appending new messages, and that is the only common operation being performed on these backup mail spools. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
configure acls on remote machine
I have a remote freebsd host with root access via ssh user login and su. I would like to configure acls for the /home mount, but am unsure if I can do this remotely. Last time I tried to reboot the machine via su root it went dead for 24h while a human was sent to press a button or something. I see possible options as 1) switch to single user mode somehow and then unmount /home and configure acls with tunefs 2) su to root kill processes using /home do the umount and so on with /home unmounted. remount /home 3) some other method. I imagine it might be quite hard to do 1 and 2 seems difficult unless I have an ssh to a home folder which isn't under /home. Any ideas welcome. -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replacing cron with mcron
Iantcho Vassilev [EMAIL PROTECTED] writes: Has anyone tried this? It is in ports, so I think some people are probably using it. I even think of proposing this to the base system - cron is such an old idea.. mcron is Gnu licensed, so it would have a difficult time being accepted for the base system. As to cron being an old idea: I do not think that mcron is really a newer idea, but rather mcron is more of a new implementation of the same idea. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: one virtual IP interface on two ethernet ports ?
Doug Poland [EMAIL PROTECTED] writes: On 2/9/06, Frank Bonnet [EMAIL PROTECTED] wrote: Hello Is it possible with FreeBSD to setup a virtual IP interface with load balancing that use two or more ethernet ports ? I think you should have a look at carp Or may ng_one2many is more what he is looking for... -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: configure acls on remote machine
Robin Becker wrote: I have a remote freebsd host with root access via ssh user login and su. I would like to configure acls for the /home mount, but am unsure if I can do this remotely. Last time I tried to reboot the machine via su root it went dead for 24h while a human was sent to press a button or something. I see possible options as 1) switch to single user mode somehow and then unmount /home and configure acls with tunefs 2) su to root kill processes using /home do the umount and so on with /home unmounted. remount /home 3) some other method. I imagine it might be quite hard to do 1 and 2 seems difficult unless I have an ssh to a home folder which isn't under /home. Any ideas welcome. Why don't you just create a user for this specific task with home dir on some other partition? Then you will ssh to a folder not under /home and you can do 2). Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: update problems
On Wednesday February 8 2006 20:14, James Long wrote: Date: Wed, 8 Feb 2006 13:25:38 -0500 From: Chuck Teal [EMAIL PROTECTED] Subject: Re: update problems To: freebsd-questions@freebsd.org Message-ID: [EMAIL PROTECTED] Content-Type: text/plain; charset=iso-8859-1 On Wednesday February 8 2006 10:40, Iantcho Vassilev wrote: If you haven`t delete the megremaster store directory(usually /var/) just rerun it. - mergemaster and ask all the quesions by hand But first i would suggest to find the problem On 2/8/06, zhang [EMAIL PROTECTED] wrote: I've just update to 6.1-PRERELEASE from 6.0. Before I mergemaster -cv , the system could work well . But when I mergemaster , I don't check the differents carefully and choose the i option directly most of the time . Now , all the network programmes can't work , I can't ping localhost/127.0.0.1 , I can't use tcpdump , the c/s kinds like xserver also go bad ; when the system start , many warnings such as ...see rc.conf(5) after dmesg messages. How can I deal with it ? Thanks! I had a similar problem just yesterday. Running mergemaster again did not fix the issue. In my situation I messed up the /etc/defaults/rc.conf. It gave me several error messages on boot up similar to yours. I just copied the rc.conf from the examples directory and replaced the rc.conf in /etc/defaults/rc.conf. Then I did a: shutdown now exit It was working okay when I left this morning. I am not sure if this is a good idea or not. I just know it seems to have solved my problem. I would keep a backup of the original file somewhere in case you need to revert back to the original. [EMAIL PROTECTED]'s advice is too narrow, IMO. The best practice I know is to back up the entire /etc directory tree before running mergemaster: ... rm -rf /etc.old cp -RLp /etc /etc.old mergemaster -v ... Then, if something goes wrong in mergemaster, you can just restore the backup and re-run mergemaster. Jim I agree. It would be much safer this way. Thanks for pointing this out. Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: More Than 1GB of RAM
On Wed, Feb 08, 2006 at 08:37:59PM +0300, Dinosaur wrote: Hello! If I install FreeBSD 6.0, will it be able to use all my 1.5GB of RAM? I.e., is its kernel HIGHMEM-enabled? I don't know what kernel HIGHMEM-enabled means. But 6.0 works for me: Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.0-STABLE #10: Thu Feb 2 20:42:54 CST 2006 [EMAIL PROTECTED]:/usr5/obj/usr/src/sys/OPUS Timecounter i8254 frequency 1193182 Hz quality 0 CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793.01-MHz 686-class CPU) Origin = GenuineIntel Id = 0xf29 Stepping = 9 Features=0xbfebfbffFPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE Features2=0x4400CNTX-ID,b14 Hyperthreading: 2 logical CPUs real memory = 2146910208 (2047 MB) avail memory = 2096074752 (1998 MB) -- David Kelly N4HHE, [EMAIL PROTECTED] Whom computers would destroy, they must first drive mad. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
Hey. Thanks for the help. I just tried that and it works great. However, there does not seem to be an option for the text inside a file. ie. I am trying to edit httpd.conf, and the text inside the file is black. Peter Eric Kjeldergaard wrote: Thursday 09 February 2006 07:51、Peter Marshall さんは書きました: I have my desktop set to a dark blue, and my knosole transparent ... but directories show ip black, as do the text in conf files. How do you specify the color of fonts for different things ? If you mean directories when you ls, you could try reading the man page for ls which should describe the LSCOLORS environment variable. Should work, Eric ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
#:Failed to force tx and rx idle state
Hi, I've had troubles with a ethernet adapter dc It send the mensage ::: = dc0: Failed to force tx and rx idle state= ::: What's it? - Yahoo! Acesso Grátis Internet rápida e grátis. Instale o discador agora! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
n Thu, 9 Feb 2006, Peter Marshall wrote: Hey. Thanks for the help. I just tried that and it works great. However, there does not seem to be an option for the text inside a file. ie. I am trying to edit httpd.conf, and the text inside the file is black. Applications which can use color generally have to be configured one by one. Check the man page for your editor. -- Lars Eighner [EMAIL PROTECTED] http://www.larseighner.com/index.html 8800 N IH35 APT 1191 AUSTIN TX 78753-5266 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
On Feb 8, 2006, at 11:02 PM, Brian Astill wrote: Greetings, all. Can anyone help with this issue? Person with deteriorating vision has discovered Dragon Naturally Speaking which not only allows the construction of text from speech but can also speak from received text. ie letter writing and email conversing etc become possible for the visually impaired. All of which is wonderful except - you guessed it - the [EMAIL PROTECTED] program runs on Windows 2000/XP only. Why would anyone in their right mind NOT port a program as sensible as this to a SECURE OS? Not being a wise-ass here, but... 1) discourage saying your passwords out loud? 2) Unix is traditionally a server operating system, not targeted to end users, so applications like Dragon Naturally Speaking isn't top priority? 3) Most applications in Linux/FBSD are created to scratch an itch; the reason people now face usability problems is because most apps are written by and for people who are technically minded and/or programmers. I would guess that there aren't too many visually impaired programmers active in the field, or that the current crop of speech translators have trouble with translating programming language to text. 4) You can't port a program you don't have the source to. Dragon sounds proprietary, and the algorithms they use for transforming sound to text are probably considered proprietary. To make a clone would mean working from scratch. We're lucky sound OUTPUT is getting to a level where it almost works among applications without a ton of fiddling...let alone getting input translated properly to text. Those are just my ideas of why someone in their right mind wouldn't bother with the port off the top of my head. If the visually impaired are a minority and there aren't many programmers in that minority, it may take a long time to scratch that itch unless you are willing to offer some kind of open-source bounty and pay for said program to be developed. Windows programs are more often than not proprietary and profit driven as an incentive to get a product like Dragon to market. Linux/FBSD is driven by whims and itches of programmers and techies... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
Peter Marshall wrote: Hey. Thanks for the help. I just tried that and it works great. However, there does not seem to be an option for the text inside a file. ie. I am trying to edit httpd.conf, and the text inside the file is black. Peter Settings-Schema or Settings-Configure Konsole-Schema HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[Fwd: Re: Porblem with Openoffice 2.0.1]
Original Message Subject: Re: Porblem with Openoffice 2.0.1 Date: Wed, 8 Feb 2006 21:20:57 -0500 (EST) From: [EMAIL PROTECTED] To: Per olof Ljungmark [EMAIL PROTECTED] References: [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] I was able to fix the problem, I think there is something wrong with patch 8 for jdk14. Delete the openoffice2 directory in /usr/ports. Cvsup, then build OOo WITHOUT Java. For example, make -DWITHOUT_JAVA install. This worked for me. It's only that java is required for many features to work. I think I'll wait a while and see if the problem gets fixed. Furthermore, a make clean in the openoffice-2.0 directory should be sufficient to clear out the previous build. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
Brian Astill writes: Interesting. The spiel on the Nuance website gave me that impression, too. However the Royal Society for the Blind in Adelaide tried v 7 (current is 8) and were VERY unimpressed. While the OP seems stuck with Dragon, I'll point out that I.B.M. has (or had at one point) a Linux-native version of ViaVoice. Robert Huff ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recovering from failed cvsup upgrade
Greetings. I need help recovering a system that became unresponsive during an upgrade. Steps: 1. Using cvsup, I tried to upgrade a system from RELENG_5_2 to RELENG_5_3 with the usual sequence: cvsup -g -L 2 (cvsup file) make -j 4 buildworld make buildkernel KERNCONF=SMP make installkernel KERNCONF=SMP mergemaster -p make installworld This last step complained about the lack of some attributes needed for pf. After several attempts to repeat the whole cycle, I gave up and tried to roll back to RELENG_5_2. To do this, I repeated all steps above starting with a cvsup for the RELENG_5_2 branch. I did all this via ssh and the system became unreponsive (on all ports, not just ssh) during the downgrade. The machine is at a different location but I will go there in a couple of hours. Thanks in advance for any clues as to how I can recover this system. If it matters, the system is a Compaq Proliant 1850R with dual 550-MHz Pentium III CPUs and 512 Mbytes RAM. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
It does not seem like you can specify what color for what thing I know in Redhat (sorry) there was a grid of colors, each of which was assigned to a different thing within the console. I was hopeing there was something simular, or evern a text file that I could edit, that would do the same ... Peter Micah wrote: Peter Marshall wrote: Hey. Thanks for the help. I just tried that and it works great. However, there does not seem to be an option for the text inside a file. ie. I am trying to edit httpd.conf, and the text inside the file is black. Peter Settings-Schema or Settings-Configure Konsole-Schema HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Replacing cron with mcron
In the last episode (Feb 09), Lowell Gilbert said: Iantcho Vassilev [EMAIL PROTECTED] writes: Has anyone tried this? It is in ports, so I think some people are probably using it. I even think of proposing this to the base system - cron is such an old idea.. mcron is Gnu licensed, so it would have a difficult time being accepted for the base system. As to cron being an old idea: I do not think that mcron is really a newer idea, but rather mcron is more of a new implementation of the same idea. Not to mention it's written in guile, so you'd have to import that too. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: error ltdl
sonjaya wrote: dear all i use freebsd 6.0 to install openldap , when i configure from source not port i get error such like this the error : ecking dependency style of cc... (cached) none checking for cc depend flag... -M checking for afopen in -ls... no checking ltdl.h usability... no checking ltdl.h presence... no checking for ltdl.h... no configure: error: could not locate libtool ltdl.h how to solved that . My regards My Regard's SONJAYA Well, use the port comes to mind. The porter has done a good bit of work to make sure that when make runs configure, configure knows it is on a FreeBSD system and the header file in question in under /usr/local/share/libtool15/libltdl/ ;-) That said, if you must compile from source (and there could be some valid reasons, though I can't guess what they are), there is probably some way to tell configure to do this via the command line. IANAE, though, and don't know what it is; and I started to make the port but didn't see anything. Might be an exercise you could use. Or, just install the port. KDK PS the .sig file is random, nothing personal -- Without fools there would be no wisdom. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: jdk1.4.2 port and incorrect manpath
In the last episode (Feb 09), Ian A. Tegebo said: I read in man(1) that the MANPATH is comiled into the man binary; after building the jdk14 port (1.4.2p7_2), I find that the man pages for java are in /usr/local/jdk1.4.2/man and thus are not accessible except by specifying them in particular. 1) Do I need recompile man? 2) Is the port broken?: I did not see a bug for it, nor a list post. 3) Is there something else I'm missing? Add OPTIONAL_MANPATH /usr/local/jdk1.4.2/man to /etc/manpath.config, and you should be set. -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: one virtual IP interface on two ethernet ports ?
Doug Poland [EMAIL PROTECTED] writes: On 2/9/06, Frank Bonnet [EMAIL PROTECTED] wrote: Hello Is it possible with FreeBSD to setup a virtual IP interface with load balancing that use two or more ethernet ports ? I think you should have a look at carp Or may ng_one2many is more what he is looking for... CARP is good for sharing one IP between several machines, ng_one2many is for one IP between several interfaces. Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: recovering from failed cvsup upgrade
wo_shi_big_stomach wrote: Greetings. I need help recovering a system that became unresponsive during an upgrade. Steps: Download the FreeBSD 5.4 .iso image, and do a binary upgrade installation from that. You should have run mergemaster -p before the initial buildworld, and you should run mergemaster without the flag afterwards... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: need some advice on our cisco routers..
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Swiger Sent: Thursday, February 09, 2006 4:41 AM To: Mark Jayson Alvarez Cc: freebsd-questions@freebsd.org Subject: Re: need some advice on our cisco routers.. Mark Jayson Alvarez wrote: We have a couple of cisco routers. There was one time when suddenly we cannot login remotely via telnet. I investigate further and was shocked when I found out that there where 16 telnet connections coming from outsiders ip addresses. I immediately called our Director(the only cisco certified guy in the office) and he begin kicking each of the telnet connections one by one. He then replaced every secret/password and deleted all unnecessary local accounts. However, we're still wondering how those hackers got into the system. Now this cisco's aaa is default to a radius server. Since then, outsiders have gone away.. Perhaps the hackers got one of the router's local accounts, and trying to brute force their way to enable mode. Did you keep careful logs of who was connecting from where so someone could start tracking things down? Have you contacted your local police and FBI, or whatever the local equivalent is? (Don't bother unless you can claim more than $2000 or so in damages, however.) The last I looked the limit was $5000 for the FBI to accept a complaint; however, due to manpower limitations, a more realistic limit is well over $100,000 (aggregate damage for one attacker, multiple victims) for them even to pay attention. Dealing with the FBI is better these days - they have some good people now. -gayn Bristol Systems Inc. 714/532-6776 www.bristolsystems.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IEEE 802.11 Wireless Multimedia Extension (WME) and raw sockets
Geir Egeland wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I've been playing around with WME to test various network performance,
and come across a problem that I can't quite understand.
I have an application that generates traffic with various TOS
(BACKGROUND, BEST EFFORT, VOICE, VIDEO). It uses raw sockets to transmit
the IP packets. This all works well if ip-ip_len is less than 192
bytes. If ip_ip_len is larger than 192, the call to ieee80211_classify
(/usr/src/sys/net80211/ieee80211_output.c) will classify the packet as
BEST EFFORT no matter what value my application set the TOS field as.
Debugging ieee80211_classify, I see that both ip-ip_tos and ip-ip_len
are set to zero when a I send a packet with ip-ip_len larger than 192
bytes.
Sniffing the network, I can see my packets have the correct TOS and
length, but they don't get the correct WME classification.
- -ieee80211_output.c(iee80211_classify)
if (eh-ether_type == htons(ETHERTYPE_IP)) {
const struct ip *ip = (struct ip *)
(mtod(m, u_int8_t *) + sizeof (*eh));
/*
* IP frame, map the TOS field.
*/
//added by myself
printf(IP_TOS: %d, IP_LEN: %d\n,ip-ip_tos,ntohl(ip-ip_len));
//end
switch (ip-ip_tos) {
case 0x08:
case 0x20:
d_wme_ac = WME_AC_BK; /* background */
break;
case 0x28:
case 0xa0:
d_wme_ac = WME_AC_VI; /* video */
break;
case 0x30: /* voice */
case 0xe0:
case 0x88: /* XXX UPSD */
case 0xb8:
d_wme_ac = WME_AC_VO;
break;
default:
d_wme_ac = WME_AC_BE;
break;
}
- -
When I use SOCK_DGRAM socket instead of raw, everything works fine.
I use FreeBSD 6.0-STABLE and my wireless NIC uses an atheros chipset.
Has anyone got an idea what is going on ?
I'll check but the raw socket path must not have the ip header in the
expected spot in the mbuf. Most of my testing has been done with a
modified version of netperf that slaps a TOS on the socket based on a
command line argument so only UDP and TCP (not raw) traffic.
Ideally the 802.11 layer should not be doing classification; packets
should be tagged and the 802.11 layer then does the mapping according to
the standard. Groveling around inside packets to extract stuff like
this is evil.
Sam
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Multiple routes to same destination
Qing Li wrote: I use mpd to greate one VPN between the sites, using Multilink PPP, so that data is sent across both links (eitehr round-robon or split packet). I use MPD's udp transport mode to open two UDP sockets and send packets from R1 to R4 and from R2 to R3 (in the diagram below). MPD will automatically detect if on e link is down and redirect everything through the remaining link. Sounds like a good idea, but would that not cause the MTU to get smaller due to the overhead of a MPPP link? Windoze hosts have a horrible time with MTU detection! I have a private patch that's based on radix_mpath for FreeBSD 5.4. I believe [EMAIL PROTECTED] is working on a solution. -- Qing -Original Message- From: [EMAIL PROTECTED] [mailto:owner-freebsd- [EMAIL PROTECTED] On Behalf Of Webster, Andrew Sent: Wednesday, February 08, 2006 10:51 AM To: [EMAIL PROTECTED]; Ian Lord; freebsd-questions@freebsd.org Subject: RE: Multiple routes to same destination? Well, in that case, an ISP wouldn't want to use FreeBSD in their core routers :( :( In this particular case, I have redundant links (L1 and L2) between two locations (Loc 1 and Loc 2) with two FreeBSD routers at each location (R1/R2, and R3/R4) which are running OSPF to redistribute routing information between locations. Since FreeBSD limits the entries for a particular network to only one active entry, the all the traffic for would either go on R1-L1-R4 or R2-L2-R3, but not both. Loc 1___ /---R1--L1--R4---\___ Loc 2 \---R2--L2--R3---/ Andrew ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Regarding QuickCam webcams and FreeBSD
Ted, First of all, I am a fan of your FreeBSD and the Corporate Networking Guide. You have done an excellent job writing that book and I often refer to it for suggestions on specific topics. Regarding self-contained webcams, I realize that these gizmos are out there. But so far none of them have the two criteria I am looking for: 1) Wireless connectivity (802.11g preferred), and 2) VPN / IPsec capable. The reason is that I want to be able to move the camera at a moment's notice, and I don't want the images of my bedroom / study / backyard to be broadcast in the clear. However, I have not seen any webcam that has those two capabilities, so that's why I am trying to get them to work with Free and OpenBSD. SC On 2/1/06, Ted Mittelstaedt [EMAIL PROTECTED] wrote: The reason there's little interest in this is that webcams are rapidly becoming completely self-contained. Lots of them today have an ethernet port, and integrated webserver in the camera. The need for a PC to be involved here for anything other than running a web browser to display output is pretty questionable. When network address translation first came out the only way you could get it was to used a modded open source UNIX on a PC with 2 nics. Then Cisco came out with it so you could use their routers to get it. Then linksys came out with cheap routers that had it. Nowadays, only the diehards are running FreeBSD nat routers with 2 nics in them. The same thing is happening with webcams. Ted -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Simon Chang Sent: Tuesday, January 31, 2006 12:49 PM To: freebsd-questions@freebsd.org Subject: Regarding QuickCam webcams and FreeBSD Howdy, I happen to have been doing quite a bit of research in this area. What I wanted to do was to set up a *nix box with a webcam and a wireless NIC, so that I can mount the headless machine in the bedroom to keep an eye on our seven-month-old baby. (Link between the *nix box and the home private network will be encrypted using IPsec VPN.) What I have found so far are the following: 1) The apps that I have found do not work with a wide variety of more recent makes of webcams. If you do a Google search on FreeBSD webcam or OpenBSD webcam, you actually see some tools that purportedly work with QuickCam Express or QuickCam B/W (or Color), and a handful of other models. 2) Logitech, the maker of QuickCam, used to make available technical specs and docs for the developers to write drivers with. Unfortunately, the company does not do that anymore, and anyone who wants to make a QuickCam-series work has to either reverse-engineer it, use available drivers and hope for the best, or run it under Windows. 3) By contrast, NetBSD and some Linux distros (so far I've heard promising things about Fedora Core 4 and I think Gentoo) have more development work going on for webcams. If FreeBSD doesn't work for you, try some of the other *nixes. HTH, SC - Hide quoted text - On 1/29/06, Xn Nooby [EMAIL PROTECTED] wrote: I bought a fancy Quickcam (face-tracking), though I have no idea how to make it work with FreeBSD. I installed qcamview, but when I run it as root, it says Not found Quickcam, or Permission denied. Anyone know anything about Quickcams on FreeBSD? I don't expect it to work, but it would be cool if it did. There seems to be very little information on the net about qcamview. I'd be happy to just snapshots with it. I'm using FreeBSD 6.0 and Fluxbox. The cam is USB 2.0. Any suggestions? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/240 - Release Date: 1/25/2006 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem with fdisk -i
Hi I have a problem with fdisk -i on one of my FreeBSD server: # fdisk -i fdisk: cannot open disk /dev/twed0: No such file or directory But: # ls -al /dev/twed0 crw-r- 1 root operator4, 11 9 oct 17:57 /dev/twed0 And more strange: # fdisk *** Working on device /dev/twed0 *** parameters extracted from in-core disklabel are: cylinders=10011 heads=255 sectors/track=63 (16065 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=10011 heads=255 sectors/track=63 (16065 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 63, size 16771797 (8189 Meg), flag 80 (active) beg: cyl 0/ head 1/ sector 1; end: cyl 1023/ head 254/ sector 63 The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: UNUSED I have tried with sysinstall, error is error when writing to disk. Nothing in /var/log/console or /var/log/messages... Useful informations: # uname -a FreeBSD ---..--- 5.4-RELEASE-p7 FreeBSD 5.4-RELEASE-p7 #1: Sun Sep 25 15:12:43 CEST 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/KERNEL i386 # dmesg | grep ^tw twe0: 3ware Storage Controller. Driver version 1.50.01.002 port 0xa000-0xa00f mem 0xf100-0xf17f irq 24 at device 1.0 on pci2 twe0: 2 ports, Firmware FE8S 1.05.00.068, BIOS BE7X 1.08.00.048 twed0: Unit 0, TwinStor, Normal on twe0 twed0: 78532MB (160834432 sectors) Any help welcome :) -- Clement Moulin SimpleRezo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPTV
Helo, Did any one know IPTV solutions for FreeBSD? I need some sofware that allow resive multicast TV and cast them to STB and PC... -- Georg mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: fine grained firewall?
[mailto:[EMAIL PROTECTED] On Behalf Of Chuck Swiger Sent: Thursday, February 09, 2006 4:30 AM To: andrew clarke Cc: freebsd-questions@freebsd.org Subject: Re: fine grained firewall? andrew clarke wrote: Is it possible to configure the FreeBSD firewall to block ports on a per-user or per-executable basis? eg. - Block /usr/local/bin/irc from connecting to TCP port 6667 - Block user 'johnsmith' from connecting to TCP port 21 Yes to users (if the connections originate from the firewall box), no to per-executables. The latter seems useless when cp irc myirc is all it would take to defeat it. Frankly, neither option is very useful or would be needed for a good ruleset... You can block certain types of use, e.g. block irc, by blocking the outbound ports they use. You can block user access to some things on the internet by only allowing a proxy server such access and then having users authenticate themselves to the proxy server (squid is an example with a lot of functionality, and it runs on FreeBSD.) A lot of people like to block all but a list of applications access to the Internet. This blocking function is often bundled with Anti-spyware programs. The thought is that something not on the list might well be new spyware or other malware that has snuck through your security defenses. These programs need to run on the local workstation, and I don't know of any for FreeBSD. While this feature is a pain to manage, it is probably here to stay as the anti-virus vendors gobble up the anti-spyware vendors who seem to like it. Also, don't be surprised if Microsoft eventually puts this functionality into their base OS. A lot of firewall vendors are adding non-traditional functionality to their products. (Anti-virus, anti-spam, proxy server functionality, outbound policy controls, ...) You can do this with your FreeBSD firewall as well. This has the disadvantages of complexity, management, and performance problems. Good luck with your firewall, -gayn Bristol Systems Inc. 714/532-6776 www.bristolsystems.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Acoustic management for ATA Harddisks?
Hi, Is there a way to turn on acoustic management for ATA harddisks? atactl tells me the disk is capable of automatic acoustic management: # atacontrol cap 0 0 ATA channel 0, Master, device ad0: Protocol ATA/ATAPI revision 6 device model HDS722516VLAT80 . . . Feature Support EnableValue Vendor write cacheyes yes read ahead yes yes dma queued yes yes 31/0x1F SMART yes yes microcode download no no security yes no power management yes yes advanced power management yes no 0/0x00 automatic acoustic management yes no 254/0xFE128/0x80 # What's the proper way to turn acoustic management on under FreeBSD (5.4). Thanks in advance for your help, -ewald ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mail back-up system
Olivier Nicole [EMAIL PROTECTED] writes: I read the article and the idea is good. But i would like to know what MTA are you using..In the paper you said that at first the email is strored in Mailbox format. Isn`t that a bottleneck. WHat are the loads of the machines= Considering we have only 200 users and 3000 messages per day, whatever would do. MTA is sendmail/milter. I plan to change that mailbox thing when I get budget for a new machine to play with (I don't want to take the risk to break the working configuration). Mailbox format might not be a bottleneck in this application. It's fairly efficient at appending new messages, and that is the only common operation being performed on these backup mail spools. I could see this as an advantage of the Maildirs format. Since every mail is stored in its own file (versus concatenation in Mbox), it's much cheaper to backup. Just copy all the new/touched files, not all your mail. I just have a second disk on the server that I rsync everything to on an hourly basis. I use Matt Simerson's excellent Mail Toaster scripts for FreeBSD, which create a full mail server using vpopmail, courier, maildirs, spam/virus filtering, webmail. If you are switching to Maildirs anyway, I recommend trying it out. http://www.tnpi.biz/internet/mail/toaster/ -Rafi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
On Wed, Feb 08, 2006 at 04:49:47PM -0600, [EMAIL PROTECTED] wrote: On 2/8/06, Gary Kline [EMAIL PROTECTED] wrote: On Wed, Feb 08, 2006 at 08:29:21PM +0100, Kristian Vaaf wrote: Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. As below, but textproc/dadadodo is about it so far as meaningfulness in computer generated text can get. This may dovetail into something I was actively working on several years ago: a C/C++ program that took unmetered text as input and output N-syllabic lines as output. . . . Quite the task, that. Reading Spenser, Shakespeare, and older metrical and rhyming poetry can give you an indication of how difficult even the bland, mechanical regurgiation of poetry can be: Most words ending in -ed have one more syllable than we usually enunciate. Room and Rome can rhyme. Wawain, Gawain, Gawaine are exactly the same person. Most of this can be scripted around, double entries in the syllabary for possible pronunciations and known obscure rhymes, etc. Still leaves no way to innovate structure that's not coded in. Anyway, this gets into AI, and as jwz points out, most of modern AI research is fairly intellectually dishonest. Yeh, given the way the English has stolen, borrowed words from Everywhere--and still is--it just makes sense to spend a few years taking poetry classes than invest decades trying to invent an AI tool. Poetry, creativity, philosophy (for starters) are just a few areas where we poor humans still beat any program. Thanks the gods. gary PS: among my Jottings stuff I dreamed up something like: the reign of depression ... . AI? Foo! -- Gary Kline [EMAIL PROTECTED] www.thought.org Public service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: fine grained firewall?
On Thu, Feb 09, 2006 at 07:30:17AM -0500, Chuck Swiger wrote: Is it possible to configure the FreeBSD firewall to block ports on a per-user or per-executable basis? eg. - Block /usr/local/bin/irc from connecting to TCP port 6667 - Block user 'johnsmith' from connecting to TCP port 21 Yes to users (if the connections originate from the firewall box), no to per-executables. The latter seems useless when cp irc myirc is all it would take to defeat it. Frankly, neither option is very useful or would be needed for a good ruleset... The latter may not be so useless if the firewall automatically blocked all executables that were not registered with it. The full path, filename, md5sum of the executable could be recorded and matched with its database. Some Windows firewall software works this way. It may also be useful for logging (not blocking) connections to/from a certain executable, for traffic accounting. I see now the option for per-user control in the ipfw manpage. Not sure why I missed that before. uid user Match all TCP or UDP packets sent by or received for a user. A user may be matched by name or identification number. Thanks, Regards Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
CD installation and file flags
Hello all! I installed FreeBSD 6.0 from CD and noticed that file flags were not applied by default to /boot, /bin, /sbin. I set kernel_securelevel to 3 but it does not help a lot while there are no schg flags on system files. Is there any script to set proper flags for all files in the default installation? ===[ End of message ]=== Best Regards, Alex Renn [EMAIL PROTECTED] ---[ Nothing is random, just uncertain. ]--- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem installing 6.0 - Help
Hi, I'm trying to install FreeBSD 6 on a new pc. After creating the partitions and choosing the packages to install, when te transfer of the base system from the DVD-drive (with a standard CD inside) to the hard disk starts, an error message appears saying: Write failure on transger! (wrote 0 bytes of...) and I can se on the second console something like: acd0: FAILURE - READ_BIG HARDWARE ERROR asc=0x08 ascq=0x03 error=0 Thanks everybody. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Konsole Font Color
Peter Marshall wrote: It does not seem like you can specify what color for what thing I know in Redhat (sorry) there was a grid of colors, each of which was assigned to a different thing within the console. I was hopeing there was something simular, or evern a text file that I could edit, that would do the same ... Peter Micah wrote: Peter Marshall wrote: Hey. Thanks for the help. I just tried that and it works great. However, there does not seem to be an option for the text inside a file. ie. I am trying to edit httpd.conf, and the text inside the file is black. Peter Settings-Schema or Settings-Configure Konsole-Schema HTH, Micah Unless you have a weird editor it should obey the foreground and background settings in Settings-Configure Konsole-Schema. My konsole has a black background image and I've never had problems with black text in directory listings, vi, emacs, or even sshing into Linux and AIX boxes. If you don't like how konsole does it, choose a different emulator form the ports collection. HTH, Micah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
On Thu, Feb 09, 2006 at 02:32:44PM +1030, Brian Astill wrote: Person with deteriorating vision has discovered Dragon Naturally Speaking which not only allows the construction of text from speech but can also speak from received text. ie letter writing and email conversing etc become possible for the visually impaired. All of which is wonderful except - you guessed it - the [EMAIL PROTECTED] program runs on Windows 2000/XP only. Why would anyone in their right mind NOT port a program as sensible as this to a SECURE OS? I don't know of any such software for Linux or BSD. Does similar software exist for Mac OS X? It might. There is a bigger market for it. To me, the usual routine of securing Windows seems to be the wisest choice in this instance, eg. not allowing end-users to have Admin rights, and where possible, using open source software (Firefox, Thunderbird, OpenOffice, Abiword, ...) that's written and updated regularly by security-conscious people, etc. Some simple words of advice (beware of email attachments, etc) may also help. Running a simple standalone FreeBSD/Linux firewall in front of the Windows may also help security somewhat, preventing attackers connecting directly to the Windows machine. Note that many broadband cable/DSL routers perform the same task when working in Internet sharing mode (sometimes known as NAT). Regards Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw and if_bridge
Hello all. I had my firewall crash using releng_6(sata corruption/failure of some sort) and during rebuild I decided to move to ipfw + if_bridge instead of using ipfw + bridge(4) since bridge(4) is becoming obsolete. Anyway, i had some problems getting ruleset to work. I've cut ruleset down to pertinent parts to show what I am seeing. I have a system with 2 cards, em0 and em1, being used as a filtering bridge. em0 faces router and em1 faces internal lan. network = 10.1.1.0/24 em0 address = (has none) em1 address = 10.1.1.17 some internal lan machine = 10.1.1.12 --begin ruleset- -f flush add 100 pass layer2 mac-type arp add 200 check state add 300 deny log tcp from any to any established in via em0 add 400 allow icmp from any to 10.1.1.0/24 icmptypes 0,3,11,12,13,14 add 500 pass tcp from 10.1.1.17 to any setup keep-state add 600 pass udp from 10.1.1.17 to any keep-state add 700 pass ip from 10.1.1.17 to any add 800 deny log ip from 10.1.1.0/24 to any in via em0 add 900 pass tcp from 10.1.1.0/24 to any in via em1 setup keep-state add 1000 pass udp from 10.1.1.0/24 to any in via em1 keep-state add 1100 pass ip from 10.1.1.0/24 to any in via em1 add 1200 deny log ip from any to any end ruleset- Sysctl variables: net.link.bridge.pfil_member=1 net.link.bridge.ipfw=1 rc.conf entries: ifconfig_em1=inet 10.1.1.17 netmask 255.255.255.0 cloned_interfaces=bridge0 ifconfig_bridge0=addm em0 addm em1 up firewall_enable=YES firewall_type=/etc/firewall/ipfw.conf With bridge(4) I could ping from inside machine(10.1.1.12) to router or any other out-of-lan address. After if_bridge i would get in logs after same ping attempt: 1200 Deny ICMP:8.0 10.1.1.12 to (router ip address) out via em0 TCP outbound connections work. After changing rulesets from in via to recv, icmp now works. (ex: add 1100 pass ip from 10.1.1.0/24 to any recv em1) This blocking of the icmp packet out via em0 even though the ruleset says to allow it because it came in via em1 doesn't seem to be correct behavior to me. The tcp/udp rulesets work even though there is intermittant pop-ups in the logs saying the connections were blocked out via em0. Any enlightenment on this is appreciated. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: fine grained firewall?
andrew clarke wrote: On Thu, Feb 09, 2006 at 07:30:17AM -0500, Chuck Swiger wrote: [ ... ] Yes to users (if the connections originate from the firewall box), no to per-executables. The latter seems useless when cp irc myirc is all it would take to defeat it. Frankly, neither option is very useful or would be needed for a good ruleset... The latter may not be so useless if the firewall automatically blocked all executables that were not registered with it. The full path, filename, md5sum of the executable could be recorded and matched with its database. Some Windows firewall software works this way. Sure. While Windows benefits from this, an end-user workstation which can run arbitrary executables the user downloads from who-knows-where, is not something I would call a firewall. It's a workstation running firewall software. A firewall is the component of a network topology which enforces a security policy by granting or forbidding access at a chokepoint that network traffic cannot circumvent, and functions best (ie, most securely) when the firewall is locked down and running zero or as few services or programs as are required for baseline functionality and remote management. It may also be useful for logging (not blocking) connections to/from a certain executable, for traffic accounting. I see now the option for per-user control in the ipfw manpage. Not sure why I missed that before. uid user Match all TCP or UDP packets sent by or received for a user. A user may be matched by name or identification number. That's the one, yes. :-) I think it's only useful where one end of the connection is local, though -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mail back-up system
Considering we have only 200 users and 3000 messages per day, whatever would do. MTA is sendmail/milter. I plan to change that mailbox thing when I get budget for a new machine to play with (I don't want to take the risk to break the working configuration). Mailbox format might not be a bottleneck in this application. It's fairly efficient at appending new messages, and that is the only common operation being performed on these backup mail spools. I could see this as an advantage of the Maildirs format. Since every mail is stored in its own file (versus concatenation in Mbox), it's much cheaper to backup. Just copy all the new/touched files, not all your mail. Yes, that's a good point. Because these files are *already* backups, I assumed that they wouldn't be backed up themselves, but that may well not be the case. The other approach is the one I use for a lot of automatic archives on my own system; rotate the files on an appropriate schedule. [Where appropriate is an administrative call, but probably related to the backup schedule.] I just have a second disk on the server that I rsync everything to on an hourly basis. That doesn't solve the original poster's mail backup problem, though. In fact, the original problem from this thread is different than any other kind of backup issue I had considered before. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Question of Interest
Hello! Just a question of interest: How have you packed so much software to just two CDs? Thank you. P.S.: I was very impressed by your quick answer to my previous question. There're not much places where the support is so good. Thank you again. ;) -- Dinosaur ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: recovering from failed cvsup upgrade
--- Chuck Swiger [EMAIL PROTECTED] wrote: wo_shi_big_stomach wrote: Greetings. I need help recovering a system that became unresponsive during an upgrade. Steps: Download the FreeBSD 5.4 .iso image, and do a binary upgrade installation from that. You should have run mergemaster -p before the initial buildworld, and you should run mergemaster without the flag afterwards... Thanks -- I have that system back. Whew. The upgrade routine warned that it could not replace the /usr/src tree and that cvsup was the right way to do this. To get this system from 5.4-RELEASE to RELENG_5_4, am I ok just cvsup'ing src-all followed by the rest of the steps you indicated? If not, what steps will get the sources in sync? thanks again! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nforce2 digital audio output support? (or spdif support at all?)
Am Montag, 6. Februar 2006 21:54 schrieb FreeBSD Prospect: I was searching for more info about support for DOLBY DIGITAL pass-through to a digital audio output, but nothing recent came up. This matter seems to be a serious shortage in FreeBSD, because the only useable info which came up on www.google.com/bsd was concerning NetBSD (http://bsd-crew.de/index.php/5.1-Surround-Sound_mit_NetBSD, which is in German language). There something of an audio-layer is mentioned. Is it really possible, that NetBSD is ahead of FreeBSD in that particular matter? I have a workstation with Asus A7N8X-deluxe motherboard, which features the nforce2 chipset, and has an electrial digital audio output. On my first few tests with FreeBSD 6.0 (-RELEASE), after loading the snd_ich driver, I got analog sound working, but the digital output was not recognized and did not show up in sysctl. Any idea, if spdif support is already in -CURRENT, and if not, if somebody is working on that issue? Now that's strange, I really thought, I am not the only one interested in being able to use a DOLBY DIGITAL signal output in FreeBSD. Does really nobody here have a clue? -- Sincerely, Michael A FreeBSD Prospect, who is actually using Gentoo Linux ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: one virtual IP interface on two ethernet ports ?
Lowell Gilbert [EMAIL PROTECTED] wrote: Doug Poland [EMAIL PROTECTED] writes: On 2/9/06, Frank Bonnet [EMAIL PROTECTED] wrote: Hello Is it possible with FreeBSD to setup a virtual IP interface with load balancing that use two or more ethernet ports ? I think you should have a look at carp Or may ng_one2many is more what he is looking for... Maybe OpenBSD's trunk(4) will be integrated in FreeBSD sometime. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SDR GEM312P
Hello. I'm building a new server and stumbled upon this: ses0 at ahd0 bus 0 target 8 lun 0 ses0: SDR GEM318P 1 Fixed Processor SCSI-2 device ses0: 3.300MB/s transfers ses0: SAF-TE Compliant Device I guess it has something to do with a SCSI hot-swap device, but I didn't find any info on it. What is it? What's its purpose? Can I do something nice with it? bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Multiple routes to same destination
Webster, Andrew wrote: Qing Li wrote: I use mpd to greate one VPN between the sites, using Multilink PPP, so that data is sent across both links (eitehr round-robon or split packet). I use MPD's udp transport mode to open two UDP sockets and send packets from R1 to R4 and from R2 to R3 (in the diagram below). MPD will automatically detect if on e link is down and redirect everything through the remaining link. Sounds like a good idea, but would that not cause the MTU to get smaller due to the overhead of a MPPP link? Windoze hosts have a horrible time with MTU detection! I think you can now do mtu munging in teh newer mpd if not you could use the daemon to do it from ports. I have a private patch that's based on radix_mpath for FreeBSD 5.4. I believe [EMAIL PROTECTED] is working on a solution. -- Qing -Original Message- From: [EMAIL PROTECTED] [mailto:owner-freebsd- [EMAIL PROTECTED] On Behalf Of Webster, Andrew Sent: Wednesday, February 08, 2006 10:51 AM To: [EMAIL PROTECTED]; Ian Lord; freebsd-questions@freebsd.org Subject: RE: Multiple routes to same destination? Well, in that case, an ISP wouldn't want to use FreeBSD in their core routers :( :( In this particular case, I have redundant links (L1 and L2) between two locations (Loc 1 and Loc 2) with two FreeBSD routers at each location (R1/R2, and R3/R4) which are running OSPF to redistribute routing information between locations. Since FreeBSD limits the entries for a particular network to only one active entry, the all the traffic for would either go on R1-L1-R4 or R2-L2-R3, but not both. Loc 1___ /---R1--L1--R4---\___ Loc 2 \---R2--L2--R3---/ Andrew ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions- [EMAIL PROTECTED] ___ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Remote backup solutions
Goran, Although I haven't used Bacula in a production environment, I am currently using it to perform automated full/incremental backups of my Windows machines at home and it works perfectly. For my purposes it's a bit of overkill, but does the job with minimal fuss. Of all the researching I had done (way back), this was the best solution and will probably suit your needs. Not to mention it has some of the best documentation you could hope to find for an open source solution. -David On 2/8/06, Göran Nilsson [EMAIL PROTECTED] wrote: Thanks Ian. This sure looks like a good solutions. Are there anyone that have tried out bacula on FreeBSD 6.0 in a production enviroment? /Goran 2006/2/7, Ian Lord [EMAIL PROTECTED]: You might want to look into http://www.bacula.org/ Didnt try it myself, planning to test it soon... They have a windows client from what they say... At 17:25 2006-02-07, Göran Nilsson wrote: Hi all. Im looking for som software (opensource) that's scalable to to plenty of remote backups over the Internet. The idea about this is offering small companys to do theire backup to a remote distance, and don't have to concern that much about it. The companys servers are generally NT 4.0 Server up to Windows2003. The backup system should be based on a FreeBSD 6.0 system. In the beginning it won't be that many companys doing remotebackups still, it should be easy grow with the jobs needed. Anyone have a pointer to what i should look for? Shoud the backups be done via a vpn solutions like OpenVPN and rsync? Or should i look for something else? Are there any pitfalls i should lookout for? Anyway any/all feedback is most appriciated. /Goran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ~~ Ian Lord MSD Informatique 1711 Montée Major Terrebonne (Québec) J7M 1E6 Tél.: (514) 776-MSDI- (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Question about routing and an ssh based vpn.
quick summary I have set up an ssh based vpn between a -STABLE laptop and a 5.3 server. I can ping either end from the other. I'd like to route traffic from the laptop to the public IP address of the server but it doesn't seem to work. I can, as a sanity test, route packets from the server to the laptop's ath0 IP address. I can't figure out why I can get it to work one way and not the other. Help? /quick summary I have a laptop that I roam around with and a server for mail and stuff. The laptop is running FreeBSD 6.0-STABLE #7: Thu Jan 26 11:53:51 PST 2006 and the server is running (the cobbler's kids don't have any shoes...) FreeBSD 5.3-STABLE #10: Sun Feb 6 17:25:02 PST 2005 I've been working on setting up an ssh based vpn between the laptop and one of my servers, based on various recipes on the net. The way it's currently set up, the laptop end of the ppp link is 192.168.72.178 and the server end of the link is 192.168.72.177 (using addresses cribbed from one of the HOWTOs). I can bring the link up and pinging one end from the other works fine (e.g. the laptop can ping 192.168.72.177 and the server can ping 192.168.72.178). If I change various references to the server's name/IPADDR (e.g. DS in sendmail.cf, pop3s server) to refer to the server end of the ppp link, then mail etc... work as desired. I'd rather not have to swap them around when I want to use the vpn. The laptop is connecting to the net via it's wireless interface, and gets a private (10.xxx.yyy.zzz) address. As expected, even with the vpn up trying to ping that address from the server fails. If I add a route on the server route add -host 10.xxx.yyy.zzz 192.168.72.178 then the server is able to ping the laptop's private address. That's not really useful to me but I tried it as a sanity check whilst trying to debug my real problem. I'd like to be able to connect to the public ip address of my server (A.B.C.D) from the laptop over the vpn. If I add a route on the laptop route add -host A.B.C.D 192.168.72.177 I am unable to ping A.B.C.D *and* I am no longer able to ping 192.168.72.177. net.inet.ip.forwarding is 0 on both machines. I am not running any firewalls on the server. Here is /etc/ppp/ppp.conf for the server: # setup for nomadic ppp vpn via ssh. nomadic-ppp: set ifaddr 192.168.72.177 192.168.72.178 255.255.255.255 And here is /etc/ppp/ppp.conf from the laptop: nomadic-ppp: set ifaddr 192.168.72.178 192.168.72.177 255.255.255.255 set dial set device !env SSH_ASKPASS= SSH_AUTH_SOCK= ssh -e none -i /etc/ppp/nomadic-pp I bring up the link with /usr/sbin/ppp -auto nomadic-ppp Does anyone have any suggestions? I've thrashed about with proxy and proxy_all and setting net.inet.ip.forwarding=1 and anything else that occurs to me. I'd happily just assume that I don't know what I'm doing, except that I can get it to work in reverse. Is/was there a difference between 5.3 and 6.0 that might be tripping me up? Thanks for any help, g. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Protecting Windows
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Brian Astill wrote: Interesting. The spiel on the Nuance website gave me that impression, too. However the Royal Society for the Blind in Adelaide tried v 7 (current is 8) and were VERY unimpressed. anything they recommend that we could test on crossover or wine? r:) - -- Romana Branden Forget not that the earth delights to feel your bare feet and the winds long to play with your hair. - Kahlil Gibran -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD65zYdXQlYmpAnCIRAnL2AKCJF8Wu/7u8eqJgwz+ozusK7YpKUwCghHIu 34pHjdkn7hFLhL2BUdcLW/c= =t/ba -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
daemontools - djbdns
Ok. trying to follow Matt Simenson's DJBDNS on FreeBSD how-to from here: http://matt.simerson.net/computing/dns/djbdns-freebsd.shtml Now it writes that I must get the start up script from here: http://matt.simerson.net/computing/mail/toaster/services.txt All OK, just that the .txt file is missing. Can anyone please email it to me? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SDR GEM312P
Andrea Venturoli wrote: Hello. I'm building a new server and stumbled upon this: ses0 at ahd0 bus 0 target 8 lun 0 ses0: SDR GEM318P 1 Fixed Processor SCSI-2 device ses0: 3.300MB/s transfers ses0: SAF-TE Compliant Device I guess it has something to do with a SCSI hot-swap device, but I didn't find any info on it. What is it? What's its purpose? Can I do something nice with it? bye Thanks av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] It's your scsi processor...i guess it's nice because it allows you to use scsi hardware. -Tom ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Gtk-WARNING **: cannot open display:
Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? __ Find your next car at http://autos.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
Hello! You can use gtk-su. On Thu, 9 Feb 2006 15:00:54 -0500 (EST) Peter [EMAIL PROTECTED] wrote: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? __ Find your next car at http://autos.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: A script for poets
Kristian Vaaf wrote: Hello! Again with my script requests, this time I'm wondering if anybody has ever felt like writing a shell script that makes it easy to write rhymes, poems or just make up funny lines. http://www.rhymer.com is a great place, but unfortunately it requires a browser. Or maybe this is a feature that extends beyond the purpose of shell scripting, and that maybe for such I should start looking into languages like Ruby? Hoping for generous expert advise. Thank you, peasants and poets :) Vaaf (wuff) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Hmm, maybe you could use LWP (libwww-perl) to execute search queries to a site like rhyme.poetry.com and then get the results in an array and do whatever you want with the output. Basically LWP is capable of printing out the raw HTML format, so a little bit of handy dandy perl functions would help a lot. LWP is a very nice perl module, and I suggest you look into that if you want to use an existing site to get your rhymes out. Cheers, Jorn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
try ssh -X -C -l root localhost as the normal user of X then run the program Eric * Peter [EMAIL PROTECTED] [060209 15:00]: Date: Thu, 9 Feb 2006 15:00:54 -0500 (EST) From: Peter [EMAIL PROTECTED] To: freebsd-questions freebsd-questions@freebsd.org Subject: Gtk-WARNING **: cannot open display: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? __ Find your next car at http://autos.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- === Eric I. Ekong[EMAIL PROTECTED] FreeBSD - The Power to Serve http://www.freebsd.org K Desktop Environment on FreeBSD http://freebsd.kde.org === Laws of Serendipity: (1) In order to discover anything, you must be looking for something. (2) If you wish to make an improved product, you must already be engaged in making an inferior one. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
--- Eric Ekong [EMAIL PROTECTED] wrote: try ssh -X -C -l root localhost as the normal user of X then run the program Eric * Peter [EMAIL PROTECTED] [060209 15:00]: Date: Thu, 9 Feb 2006 15:00:54 -0500 (EST) From: Peter [EMAIL PROTECTED] To: freebsd-questions freebsd-questions@freebsd.org Subject: Gtk-WARNING **: cannot open display: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? I tried the X11 forwarding but my password for root is not being accepted. __ Find your next car at http://autos.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: nforce2 digital audio output support? (or spdif support at all?)
FreeBSD Prospect wrote: Am Montag, 6. Februar 2006 21:54 schrieb FreeBSD Prospect: [ ... ] Any idea, if spdif support is already in -CURRENT, and if not, if somebody is working on that issue? Now that's strange, I really thought, I am not the only one interested in being able to use a DOLBY DIGITAL signal output in FreeBSD. Does really nobody here have a clue? There are plenty of people who'd have a clue if you wanted to configure a FreeBSD system as a server or firewall. Doing digital audio isn't what most people use the OS for, but you may have a reasonable chance if you try the drivers here: http://www.opensound.com/ ...I believe they have S/PDIF support in their mixer. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Using dd to Make a Clone of a Drive
After installing FreeBSD5.4, the ISC dhcp server and ISC bind on a hard drive, I wanted to clone that drive to a second drive so as to generate a second server, using what I had already installed as a template. I used the following command: dd if=/dev/da0 of=/dev/da1 bs=512 It turns out that dd defaults to 512-byte blocks so I didn't really need the bs=512, but I am not sure I haven't made some other type of mistake. The dd command has been running for about 4 hours on a very fast system, with a 1-gig processor, 1 gig of RAM and two 31-GB drives. One would think it should have finished by now, but it is still running. Is this a valid method of copying the entire contents of one drive to another? Thank you. Martin McCormick WB5AGZ Stillwater, OK Systems Engineer OSU Information Technology Department Network Operations Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
check /etc/ssh/sshd_config there is a line that says grep Root /etc/ssh/sshd_config ~ PermitRootLogin no change that grep Root /etc/ssh/sshd_config ~ PermitRootLogin yes * Peter [EMAIL PROTECTED] [060209 15:31]: Date: Thu, 9 Feb 2006 15:31:33 -0500 (EST) From: Peter [EMAIL PROTECTED] To: Eric Ekong [EMAIL PROTECTED], freebsd-questions@freebsd.org Subject: Re: Gtk-WARNING **: cannot open display: --- Eric Ekong [EMAIL PROTECTED] wrote: try ssh -X -C -l root localhost as the normal user of X then run the program Eric * Peter [EMAIL PROTECTED] [060209 15:00]: Date: Thu, 9 Feb 2006 15:00:54 -0500 (EST) From: Peter [EMAIL PROTECTED] To: freebsd-questions freebsd-questions@freebsd.org Subject: Gtk-WARNING **: cannot open display: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? I tried the X11 forwarding but my password for root is not being accepted. __ Find your next car at http://autos.yahoo.ca -- === Eric I. Ekong[EMAIL PROTECTED] FreeBSD - The Power to Serve http://www.freebsd.org K Desktop Environment on FreeBSD http://freebsd.kde.org === Laws of Serendipity: (1) In order to discover anything, you must be looking for something. (2) If you wish to make an improved product, you must already be engaged in making an inferior one. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: daemontools - djbdns
On Feb 9, 2006, at 10:56 AM, Cristian Mijea wrote: Ok. trying to follow Matt Simenson's DJBDNS on FreeBSD how-to from here: http://matt.simerson.net/computing/dns/djbdns-freebsd.shtml Now it writes that I must get the start up script from here: http://matt.simerson.net/computing/mail/toaster/services.txt All OK, just that the .txt file is missing. Can anyone please email it to me? All Matt's stuff has moved to his tnpi.biz domain. http://www.tnpi.biz/internet/dns/djbdns-freebsd.shtml and http://www.tnpi.biz/internet/mail/toaster/start/services.txt -Rafi ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: recovering from failed cvsup upgrade
wo_shi_big_stomach wrote: Thanks -- I have that system back. Whew. [ ... ] You're welcome. The upgrade routine warned that it could not replace the /usr/src tree and that cvsup was the right way to do this. To get this system from 5.4-RELEASE to RELENG_5_4, am I ok just cvsup'ing src-all followed by the rest of the steps you indicated? You're probably better off deleting /usr/src and /usr/ports, installing the more recent version of them off the the CD image, and then using CVSup to update them from there. Not only is this likely to be faster, it will avoid inheriting any stale source files that may be lurking... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
graphics/librsvg2 fails to build.
Hello, I've tried to update my Freebsd 5.4 p10 system to Gnome 2.12 and a required package for Nautilus fails to build /graphics/librsvg2 when running make with the following error: /usr/bin/ld: /usr/local/lib/libgsf-1.a(gsf-utils.o): relocation R_X86_64_32 can not be used when making a shared object; recompile with -fPIC /usr/local/lib/libgsf-1.a: could not read symbols: Bad value gmake[2]: *** [librsvg-2.la] Error 1 gmake[2]: Leaving directory `/usr/ports/graphics/librsvg2/work/librsvg-2.12.7' gmake[1]: *** [all-recursive] Error 1 gmake[1]: Leaving directory `/usr/ports/graphics/librsvg2/work/librsvg-2.12.7' gmake: *** [all] Error 2 *** Error code 2 Stop in /usr/ports/graphics/librsvg2. Can anyone help? how do i recompile with -fPIC? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SDR GEM312P
Andrea Venturoli wrote: Hello. I'm building a new server and stumbled upon this: ses0 at ahd0 bus 0 target 8 lun 0 ses0: SDR GEM318P 1 Fixed Processor SCSI-2 device ses0: 3.300MB/s transfers ses0: SAF-TE Compliant Device I guess it has something to do with a SCSI hot-swap device, but I didn't find any info on it. What is it? What's its purpose? Can I do something nice with it? ses stands for SCSI Environmental Services, and seems to be a standard for managing hot-plug enclosures, fault-tolerance, drive temperatures, and voltages, etc. See man ses and /usr/share/examples/ses. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
forgot to say /etc/rc.d/sshd restart and then try again * Eric Ekong [EMAIL PROTECTED] [060209 15:37]: Date: Thu, 9 Feb 2006 15:37:06 -0500 From: Eric Ekong [EMAIL PROTECTED] To: Peter [EMAIL PROTECTED] Cc: Eric Ekong [EMAIL PROTECTED], freebsd-questions@freebsd.org X-Mailer: Mutt http://www.mutt.org/ Subject: Re: Gtk-WARNING **: cannot open display: check /etc/ssh/sshd_config there is a line that says grep Root /etc/ssh/sshd_config ~ PermitRootLogin no change that grep Root /etc/ssh/sshd_config ~ PermitRootLogin yes * Peter [EMAIL PROTECTED] [060209 15:31]: Date: Thu, 9 Feb 2006 15:31:33 -0500 (EST) From: Peter [EMAIL PROTECTED] To: Eric Ekong [EMAIL PROTECTED], freebsd-questions@freebsd.org Subject: Re: Gtk-WARNING **: cannot open display: --- Eric Ekong [EMAIL PROTECTED] wrote: try ssh -X -C -l root localhost as the normal user of X then run the program Eric * Peter [EMAIL PROTECTED] [060209 15:00]: Date: Thu, 9 Feb 2006 15:00:54 -0500 (EST) From: Peter [EMAIL PROTECTED] To: freebsd-questions freebsd-questions@freebsd.org Subject: Gtk-WARNING **: cannot open display: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? I tried the X11 forwarding but my password for root is not being accepted. __ Find your next car at http://autos.yahoo.ca -- === Eric I. Ekong[EMAIL PROTECTED] FreeBSD - The Power to Serve http://www.freebsd.org K Desktop Environment on FreeBSD http://freebsd.kde.org === Laws of Serendipity: (1) In order to discover anything, you must be looking for something. (2) If you wish to make an improved product, you must already be engaged in making an inferior one. -- === Eric I. Ekong[EMAIL PROTECTED] FreeBSD - The Power to Serve http://www.freebsd.org K Desktop Environment on FreeBSD http://freebsd.kde.org === Laws of Serendipity: (1) In order to discover anything, you must be looking for something. (2) If you wish to make an improved product, you must already be engaged in making an inferior one. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using dd to Make a Clone of a Drive
On Thu, Feb 09, 2006 at 02:36:18PM -0600, Martin McCormick wrote: After installing FreeBSD5.4, the ISC dhcp server and ISC bind on a hard drive, I wanted to clone that drive to a second drive so as to generate a second server, using what I had already installed as a template. I used the following command: dd if=/dev/da0 of=/dev/da1 bs=512 It turns out that dd defaults to 512-byte blocks so I didn't really need the bs=512, but I am not sure I haven't made some other type of mistake. The dd command has been running for about 4 hours on a very fast system, with a 1-gig processor, 1 gig of RAM and two 31-GB drives. One would think it should have finished by now, but it is still running. Is this a valid method of copying the entire contents of one drive to another? Thank you. The reason it is taking so long is almost certainly because you are using such a small blocksize. As it is 'dd' will read 512 bytes from da0, write those 512 bytes to da1, read another 512 bytes from da0 (which will probably mean waiting a couple of milliseconds for the head to get into the right position since the disk will have rotated sinc the last read), etc. The speed of your CPU, or the amount of RAM you have, is quite irrelevant in this case. If you try with bs=64k I can almost guarantee it will be a lot faster. Otherwise it is a perfectly good way of making a copy of a disk, provided both disks have the same size and geometry. -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Gtk-WARNING **: cannot open display:
--- Eric Ekong [EMAIL PROTECTED] wrote: forgot to say /etc/rc.d/sshd restart and then try again * Eric Ekong [EMAIL PROTECTED] [060209 15:37]: Date: Thu, 9 Feb 2006 15:37:06 -0500 From: Eric Ekong [EMAIL PROTECTED] To: Peter [EMAIL PROTECTED] Cc: Eric Ekong [EMAIL PROTECTED], freebsd-questions@freebsd.org X-Mailer: Mutt http://www.mutt.org/ Subject: Re: Gtk-WARNING **: cannot open display: check /etc/ssh/sshd_config there is a line that says grep Root /etc/ssh/sshd_config ~ PermitRootLogin no change that grep Root /etc/ssh/sshd_config ~ PermitRootLogin yes * Peter [EMAIL PROTECTED] [060209 15:31]: Date: Thu, 9 Feb 2006 15:31:33 -0500 (EST) From: Peter [EMAIL PROTECTED] To: Eric Ekong [EMAIL PROTECTED], freebsd-questions@freebsd.org Subject: Re: Gtk-WARNING **: cannot open display: --- Eric Ekong [EMAIL PROTECTED] wrote: try ssh -X -C -l root localhost as the normal user of X then run the program Eric * Peter [EMAIL PROTECTED] [060209 15:00]: Date: Thu, 9 Feb 2006 15:00:54 -0500 (EST) From: Peter [EMAIL PROTECTED] To: freebsd-questions freebsd-questions@freebsd.org Subject: Gtk-WARNING **: cannot open display: Hello, I am running FreeBSD 5.4 with the Fluxbox window manager. I have installed a MySQL GUI but I cannot run it as root: (mysql-administrator-bin:814): Gtk-WARNING **: cannot open display: I logged in locally as a non-privileged user (who can open the program) and su'd to root. I then set my DISPLAY variable: # DISPLAY=LOCALHOST:0.0 Here are the programs (mysql-administrator calls mysql-administrator-bin): -rwxr-xr-x 1 root wheel 546B Feb 8 03:10 /usr/X11R6/bin/mysql-administrator -rwxr-xr-x 1 root wheel 2.3M Feb 8 03:10 /usr/X11R6/bin/mysql-administrator-bin What should I do? I tried the X11 forwarding but my password for root is not being accepted. That was the first thing I looked at. The superuser is permitted to log in. I didn't edit this file. __ Find your next car at http://autos.yahoo.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
AtapiCam Failing on CD Burner
Hello all, Whilew trying to get CD burning working under FreeBSD 6.0 (and 6.1-PreRelease), I keep getting the following error in my dmesg and cd1 is never created. The drive is a Philips CDRW4012P. It shows up as /dev/acd1 and reports correctly in dmesg. However, once atapicam tries to query it, it just repeats the follwoing (output from dmesg with boot -v): ata1: reiniting channel .. ata1: reset tp1 mask=03 ostat0=50 ostat1=00 ata1: stat0=0x00 err=0x01 lsb=0x14 msb=0xeb ata1: stat1=0x00 err=0x01 lsb=0x14 msb=0xeb ata1: reset tp2 stat0=00 stat1=00 devices=0xcATAPI_SLAVE,ATAPI_MASTER acd0: setting PIO4 on ICH5 chip acd0: setting UDMA33 on ICH5 chip acd1: setting PIO4 on ICH5 chip acd1: setting UDMA33 on ICH5 chip ata1: reinit done .. (probe8:ata1:0:1:0): INQUIRY. CDB: 12 0 0 0 24 0 (probe8:ata1:0:1:0): CAM Status: SCSI Status Error (probe8:ata1:0:1:0): SCSI Status: Check Condition (probe8:ata1:0:1:0): ILLEGAL REQUEST asc:20,0 (probe8:ata1:0:1:0): Invalid command operation code (probe8:ata1:0:1:0): (probe8:ata1:0:1:0): INQUIRY. CDB: 12 0 0 0 24 0 (probe8:ata1:0:1:0): ILLEGAL REQUEST asc:20,0 (probe8:ata1:0:1:0): Invalid command operation code Unretryable error (probe8:ata1:0:1:0): error 22 (probe8:ata1:0:1:0): Unretryable Error I have looked all over the internet and everywhere says it should have been fixed in 4.7. Any advice on what else to try? Jason ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
suggestions for FreeBSD development
Where are suggestions (for FreeBSD development) to be sent? To this (the questions site), or the hackers site, or some other site? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
