too late to change to security branch?

2007-09-26 Thread Bill Stwalley
I have servers running 6.1 and 6.2.  I use freebsd-update in cron jobs to
install binary security update to the base system, and use cvsup/portupgrade
in cron jobs to install port updates.  By default, cvsup uses CURRENT
branch.

I am tired of some updates breaking something unnecessarily, and am thinking
of changing to SECURITY branch in cvsup.  Is that possible?  Some of my
ports are already locally compiled with customized options.

If that's impossible, can I wait until the release of 6.3, upgrading to it,
and then switch to SECURITY branch in cvsup?

If those are entirely impossible, can I switch to STABLE branch?

I'm confused by this system, please let me know if anything I do doesn't
make sense.

Best, Bill
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Research About FreeSBD

2007-09-26 Thread Daniel Gerzo
Hello Danilo,

Thursday, September 27, 2007, 8:12:59 AM, you wrote:

> Good Night !

> I am working on an Open Source Project and specifically I am researching
> about Freebsd as a Company. I would like to know more about your current
> market position , financial performance , etc.

> Can I find this information in your web page or may be contact somebody
> in your Organization ? 

Although FreeBSD is not a company, you will find some financial
information and some other things about the project at
http://www.freebsdfoundation.org/.

-- 
Best regards,
 Danielmailto:[EMAIL PROTECTED]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Research About FreeSBD

2007-09-26 Thread Sanchez, Danilo
Good Night !

I am working on an Open Source Project and specifically I am researching
about Freebsd as a Company. I would like to know more about your current
market position , financial performance , etc. 

Can I find this information in your web page or may be contact somebody
in your Organization ? 


Kind Regards, 

Danilo B. Sanchez M.
MBA Candidate '08 
F.W. Olin Graduate School of Business 
Babson College 
[EMAIL PROTECTED] 
Phone: 781-879-2445

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dumb IPFW Question

2007-09-26 Thread Ian Smith
On Wed, 26 Sep 2007 20:46:29 +0100 Chris Yocum <[EMAIL PROTECTED]> wrote:

 >  Just to explain a bit, I have installed a FreeBSD 6.2 system on a
 > machine to act as a natd router.  I turned on the firewall and set the
 > firewall rule script to the one from the handbook
 > (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html)
 > (Example Ruleset #2 at the bottom).

Despite lots of useful tips, especially regarding stateful rules, there
are a number of problems with some of the information on that page, and
I wouldn't rely on it as a substitute for a thorough study of ipfw(8). 
At the risk of being called on to submit a PR and diff, be particularly
wary of the sections in which the word 'mandatory' appears, and perhaps
compare those rulesets with those in /etc/rc.firewall.  But anyway ..

 >  After some investigation when I could not get www, I discovered
 > that somehow port 53 is blocked even when I explicitly open it.  This
 > happens when I uncomment the rule "# Reject & Log all unauthorized out
 > going connections to the public Internet
 > $cmd 450 deny log all from any to any out via $pif".  So essentially,
 > when I use that line, I loose my DNS and my www will not work anymore.

I see Chuck already caught your use of 'setup' with udp, which was the
immediate problem.  In fact, the ruleset #2 you used as basis has a rule
for TCP port 53 (needed if you need to transfer zone/s with an outside
DNS server) but had entirely omitted UDP 53 (though the earlier examples
included it), which it seems you must have already noticed.

 >  Otherwise, it all works great and I could not be happier.  Thank
 > you in advance for any help that you may be able to provide.  I am
 > sure that it is some small blunder on my part.

One thing lacking in that ruleset is stopping of _outbound_ spoofing of
RFC 1918 etc addresses; refer to the 'simple' section of rc.firewall,
particularly the placement of anti-spoofing rules wrt NATD diversion. 

 > # Dup these lines if your ISP has more than one DNS server

Or use an address list in one rule, like addr1,addr2,addr3

 > # Get the IP addresses from /etc/resolv.conf file
 > $cmd 023 $skip udp from any to  53 out via $pif setup keep-state
 > $cmd 024 $skip udp from any to  53 out via $pif setup keep-state
 > $cmd 025 $skip udp from any to  53 out via $pif setup keep-state

As you've found, dropping 'setup' will make these work.

 > # Allow out ping
 > $cmd 080 $skip icmp from any to any out via $pif keep-state

I'm not sure if this is sufficient to allow icmptypes needed by TCP for
MTU discovery? but I allow these types specifically and not statefully. 
  
 > # Deny all Netbios service. 137=name, 138=datagram, 139=session
 > # Netbios is MS/Windows sharing services.
 > # Block MS/Windows hosts2 name server requests 81
 > $cmd 320 deny tcp from any to any 137 in via $pif
 > $cmd 321 deny tcp from any to any 138 in via $pif
 > $cmd 322 deny tcp from any to any 139 in via $pif
 > $cmd 323 deny tcp from any to any 81  in via $pif

I've noticed other people just copying these rules from this example,
but 137 and 138 are on UDP, not TCP, while 139 is a TCP service.  Still,
unless you wanted to count these individually, the 'deny everything not
specifically allowed' rule will catch these anyhow.  And if you've got
windows boxes NAT'd on the inside you should block these going OUT too.

eg for TCP:
#% first take out the VAST bulk of TCP bogons / background noise:
crap="135,139,445,1433,2967,2968,4899,5900"
crap="${crap},8000,8080,3128"
${fwadd} deny log $afew tcp from any to any ${crap} in via ${ext_if} 
setup
# Reject&Log all other setup of incoming connections from the outside
${fwadd} deny log $lots tcp from any to any in via ${ext_if} setup
and for UDP:
#% first cut out most of the heavy duty noise (incl broken insiders)
junk="137,138,1433,1434"
junk="${junk},3544" # XP home calls home? MS ipV6 'Toredo'
${fwadd} deny udp from any to any ${junk} via ${ext_if}

 > #allow in information from the ISP's DNS
 > $cmd 361 allow udp from  53 to any in via $pif keep-state
 > $cmd 362 allow udp from  53 to any in via $pif keep-state

These are not useful, since you're using outbound UDP keep-state on 53.
If you're running a public DNS server, you'd need to allow inbound DNS
in from anyone, not (just) your ISP.

HTH, Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Eric Osterweil

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Sep 26, 2007, at 10:35 PM, Matthew Seaman wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Erich Dollansky wrote:


Paul Schmehl wrote:

--On September 26, 2007 9:06:57 PM -0700 Eric Osterweil
<[EMAIL PROTECTED]> wrote:


On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:


Eric Osterweil wrote:





Ahh... To do this, do I just specify the CPUTYPE in the /etc/ 
make.conf

as:
CPUTYPE=amd64
?


No.  Add options SMP to GENERIC or use the SMP conf file that's
already there (and includes GENERIC).  Then recompile the kernel per
the handbook.


he still has to set the CPU type also in this config file to amd64.


If the OP has installed FreeBSD i386 then changing the CPU type in
/etc/make.conf won't magically get him FreeBSD amd64 --- it will just
get him FreeBSD i386 optimized for AMD processors running in 32bit
mode.

As far as I know, there is no simple way to start with a 32-bit
system and the FreeBSD sources and recompile and reinstall everything
into a 64-bit system.  (Although the opposite direction is apparently
possible on 7-CURRENT, but it's a guru-only level of difficulty.)

The best and most effective answer here is to start by downloading
an amd64 installation CD and redo the whole thing from scratch.

Cheers,

Matthew


Ahh... gotcha.  I guess it's good that I asked before I loaded the  
machine up and invested a lot of time in it.  I can nuke it if that's  
what has to be done.


Thanks,

Eric

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG+0UIK/tq6CJjZQIRAuwwAJ9X0MIlij9g+O6TNvflq1dOAE+GMwCeJDpL
PVjv3wiYxhbrj01FcPqwzDw=
=ySXY
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Matthew Seaman
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Erich Dollansky wrote:

> Paul Schmehl wrote:
>> --On September 26, 2007 9:06:57 PM -0700 Eric Osterweil
>> <[EMAIL PROTECTED]> wrote:
>>
>>> On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:
>>>
 Eric Osterweil wrote:

> make use of it's 6GB of memory, and FreeBSD can only see about 4GB
> of it.
> Can anyone help me figure out how to make use of the missing GB?
> FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007

 this looks like a 32 bit binary to me.

 You either need a 64 bit binary or you need to enable PAE.

 Just build a custom kernel for 64 bits.

>>>
>>> Ahh... To do this, do I just specify the CPUTYPE in the /etc/make.conf
>>> as:
>>> CPUTYPE=amd64
>>> ?
>>>
>> No.  Add options SMP to GENERIC or use the SMP conf file that's
>> already there (and includes GENERIC).  Then recompile the kernel per
>> the handbook.
>>
> he still has to set the CPU type also in this config file to amd64.

If the OP has installed FreeBSD i386 then changing the CPU type in
/etc/make.conf won't magically get him FreeBSD amd64 --- it will just
get him FreeBSD i386 optimized for AMD processors running in 32bit
mode.

As far as I know, there is no simple way to start with a 32-bit
system and the FreeBSD sources and recompile and reinstall everything
into a 64-bit system.  (Although the opposite direction is apparently
possible on 7-CURRENT, but it's a guru-only level of difficulty.)

The best and most effective answer here is to start by downloading
an amd64 installation CD and redo the whole thing from scratch.

Cheers,

Matthew

- -- 
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
  Kent, CT11 9PW
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.4 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG+0E58Mjk52CukIwRCETCAKCMup1KJEH3jZNewCNG0Faz2IqiLACdGvpc
ObU/d7KOx+4qvJ3IY/QcsTY=
=1mOs
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


what cpu type to use for a intel duo e6850 (i386 or amd64)

2007-09-26 Thread Aryeh Friedman
Currently I have done a build/installworld build/install/kernel using
a i386 CPUTYPE (w/ SMP and APIC set in the kernel (I am using the
default sys/i386/conf/GENERIC) do I need to change this to amd64 for a
intel duo e6850?  (I have had several seemingly unrelated problems
that no one seems to be able to reproduce)... btw it is a P35 chipset
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Erich Dollansky

Hi,


Paul Schmehl wrote:
--On September 26, 2007 9:06:57 PM -0700 Eric Osterweil 
<[EMAIL PROTECTED]> wrote:



On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:


Eric Osterweil wrote:


make use of it's 6GB of memory, and FreeBSD can only see about 4GB
of it.
Can anyone help me figure out how to make use of the missing GB?
FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007


this looks like a 32 bit binary to me.

You either need a 64 bit binary or you need to enable PAE.

Just build a custom kernel for 64 bits.



Ahh... To do this, do I just specify the CPUTYPE in the /etc/make.conf
as:
CPUTYPE=amd64
?

No.  Add options SMP to GENERIC or use the SMP conf file that's already 
there (and includes GENERIC).  Then recompile the kernel per the handbook.



he still has to set the CPU type also in this config file to amd64.

Erich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


FreeBSD Tomcat

2007-09-26 Thread Yance Kowara

Hi All,

 

A web and database developer requested me to build atomcat server.

 

Is there any good integrated doco on FreeBSD andTomcat?

 

All I get when I googled it is old docs on JDK 1.3(e.g. 
http://www.osnews.com/story.php/3558/Deploying-Apache-Tomcat-on-FreeBSD/)and

http://www.pl.freebsd.org/doc/en_US.ISO8859-1/articles/java-tomcat/article.html

 

Many of the docs pointed out the need to switch onLinux emulation option in the 
kernel (Docs using FreeBSD 4.10). Is it stillnecessary to do this or is it now 
handled by KLDload?

 

Attached is pkg_info output. I tried installingeverything from ports 
collection. Any missing software?

 

I am now reading on Apache Tomcat connector. Is itstill necessary to install it?

 

Kind regards,

 

 

Yance

 


   
-
Catch up on fall's hot new shows on Yahoo! TV.  Watch previews, get listings, 
and more!apache-2.2.6_1  Version 2.2 of Apache web server with prefork MPM.
apache-ant-1.7.0_1  Java- and XML-based build tool, conceptually similar to mak
autoconf-2.13.000227_6 Automatically configure source code on many Un*x 
platforms
autoconf-2.59_3 Automatically configure source code on many Un*x platforms
autoconf-2.61_2 Automatically configure source code on many Un*x platforms
autoconf-wrapper-20070404 Wrapper script for GNU autoconf
automake-1.4.6_4GNU Standards-compliant Makefile generator (1.4)
automake-wrapper-20070404 Wrapper script for GNU automake
bash-3.1.10_1   The GNU Project's Bourne Again SHell
expat-2.0.0_1   XML 1.0 parser written in C
gettext-0.14.5_2GNU gettext package
gmake-3.80_2GNU version of 'make' utility
help2man-1.36.4_1   Automatically generating simple manual pages from program o
jakarta-tomcat-5.0.30_6 Open-source Java web server by Apache, 5.0.x branch
javavmwrapper-2.3   Wrapper script for various Java Virtual Machines
libiconv-1.9.2_2A character set conversion library
libtool-1.5.22_4Generic shared library support script
linux-expat-1.95.8  Linux/i386 binary port of Expat XML-parsing library
linux-fontconfig-2.2.3_7 Linux/i386 binary of Fontconfig
linux-sun-jdk-1.5.0.12,2 Sun Java Development Kit 1.5 for Linux
linux-xorg-libs-6.8.2_5 Xorg libraries, linux binaries
linux_base-fc-4_10  Base set of packages needed in Linux mode (for i386/amd64)
m4-1.4.9GNU m4
p5-gettext-1.05_1   Message handling functions
perl-5.8.8  Practical Extraction and Report Language
popt-1.7_4  A getopt(3) like library with a number of enhancements, fro
rpm-3.0.6_13The Red Hat Package Manager
wget-1.10.2 Retrieve files from the Net via HTTP and FTP
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Dual Opterons don't see all memory

2007-09-26 Thread Eric Osterweil

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Sep 26, 2007, at 9:20 PM, Paul Schmehl wrote:

--On September 26, 2007 9:06:57 PM -0700 Eric Osterweil  
<[EMAIL PROTECTED]> wrote:



-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:


Hi,


Eric Osterweil wrote:


make use of it's 6GB of memory, and FreeBSD can only see about 4GB
of it.
Can anyone help me figure out how to make use of the missing GB?
FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007


this looks like a 32 bit binary to me.

You either need a 64 bit binary or you need to enable PAE.

Just build a custom kernel for 64 bits.



Ahh... To do this, do I just specify the CPUTYPE in the /etc/ 
make.conf

as:
CPUTYPE=amd64
?

No.  Add options SMP to GENERIC or use the SMP conf file that's  
already there (and includes GENERIC).  Then recompile the kernel  
per the handbook.


That was the first thing I did. This is the kernel that's failing to  
see the memory. :-/


Is there anything else I might need to do too?

Eric
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG+zAzK/tq6CJjZQIRAi7/AKCNt/t1rDreSpku/RzhZBi4EK+pcQCfUHdU
IZk9CxLq9BlLb0IUWUBkuN8=
=Vobp
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Paul Schmehl
--On September 26, 2007 9:06:57 PM -0700 Eric Osterweil 
<[EMAIL PROTECTED]> wrote:



-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:


Hi,


Eric Osterweil wrote:


make use of it's 6GB of memory, and FreeBSD can only see about 4GB
of it.
Can anyone help me figure out how to make use of the missing GB?
FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007


this looks like a 32 bit binary to me.

You either need a 64 bit binary or you need to enable PAE.

Just build a custom kernel for 64 bits.



Ahh... To do this, do I just specify the CPUTYPE in the /etc/make.conf
as:
CPUTYPE=amd64
?

No.  Add options SMP to GENERIC or use the SMP conf file that's already 
there (and includes GENERIC).  Then recompile the kernel per the handbook.


Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/


Re: Dual Opterons don't see all memory

2007-09-26 Thread Eric Osterweil

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


On Sep 26, 2007, at 8:57 PM, Erich Dollansky wrote:


Hi,


Eric Osterweil wrote:

make use of it's 6GB of memory, and FreeBSD can only see about 4GB  
of it.

Can anyone help me figure out how to make use of the missing GB?
FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007


this looks like a 32 bit binary to me.

You either need a 64 bit binary or you need to enable PAE.

Just build a custom kernel for 64 bits.



Ahh... To do this, do I just specify the CPUTYPE in the /etc/ 
make.conf as:

CPUTYPE=amd64
?

Thanks a lot for the quick response!

Eric

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG+yxhK/tq6CJjZQIRAjpiAKCInEOQtDgn4o6yU1T/8gyaeCqFPQCfdJK5
6q5BBIEz+Kqq3O8nB3LmDFE=
=hU8Z
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Aryeh Friedman
I have the same problem on a intel duo x6850 what options/flags do I
need to set in /usr/src/Makefile and/or /usr/src/sys/i386/conf/GENERIC
to make it compile 64 bit not 32?

--Aryeh

PS I think some of the nvidia issues I have posted might be due to this

On 9/27/07, Erich Dollansky <[EMAIL PROTECTED]> wrote:
> Hi,
>
>
> Eric Osterweil wrote:
>
> > make use of it's 6GB of memory, and FreeBSD can only see about 4GB of it.
> >
> > Can anyone help me figure out how to make use of the missing GB?
> >
> > FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007
>
> this looks like a 32 bit binary to me.
>
> You either need a 64 bit binary or you need to enable PAE.
>
> Just build a custom kernel for 64 bits.
>
> > real memory  = 4227792896 (4031 MB)
> > avail memory = 4139991040 (3948 MB)
>
> Erich
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dual Opterons don't see all memory

2007-09-26 Thread Erich Dollansky

Hi,


Eric Osterweil wrote:


make use of it's 6GB of memory, and FreeBSD can only see about 4GB of it.

Can anyone help me figure out how to make use of the missing GB?

FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007


this looks like a 32 bit binary to me.

You either need a 64 bit binary or you need to enable PAE.

Just build a custom kernel for 64 bits.


real memory  = 4227792896 (4031 MB)
avail memory = 4139991040 (3948 MB)


Erich
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Dual Opterons don't see all memory

2007-09-26 Thread Eric Osterweil

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hey everyone,

I've recently taken ownership of a server (dual Opterons) in my  
research group.  Whereas it was previously running linux, it is now  
running FreeBSD.  Everything seems to be going great, except linux  
was able to make use of it's 6GB of memory, and FreeBSD can only see  
about 4GB of it.


Can anyone help me figure out how to make use of the missing GB?

I'm happy to copy and paste any information I can to see if anyone  
can help, but for starters, here's the head of dmesg:


# dmesg | head -40
Copyright (c) 1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights  
reserved.

FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.2-RELEASE #0: Fri Jan 12 11:05:30 UTC 2007
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: AMD Opteron(tm) Processor 246 (1992.65-MHz 686-class CPU)
  Origin = "AuthenticAMD"  Id = 0xf5a  Stepping = 10
   
Features=0x78bfbffMCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2>

  AMD Features=0xe0500800
real memory  = 4227792896 (4031 MB)
avail memory = 4139991040 (3948 MB)
ACPI APIC Table: 
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
cpu0 (BSP): APIC ID:  0
cpu1 (AP): APIC ID:  1
MADT: Forcing active-low polarity and level trigger for SCI
ioapic0  irqs 0-23 on motherboard
ioapic1  irqs 24-27 on motherboard
ioapic2  irqs 28-31 on motherboard
kbd1 at kbdmux0
ath_hal: 0.9.17.2 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413,  
RF5413)

acpi0:  on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x5008-0x500b on acpi0
cpu0:  on acpi0
acpi_throttle0:  on cpu0
cpu1:  on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
pcib1:  at device 6.0 on pci0
pci3:  on pcib1
ohci0:  mem 0xfeafc000-0xfeafcfff irq  
19 at device 0.0 on pci3

ohci0: [GIANT-LOCKED]
usb0: OHCI version 1.0, legacy support
usb0:  on ohci0
usb0: USB revision 1.0
uhub0: AMD OHCI root hub, class 9/0, rev 1.00/1.00, addr 1

Eric
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Darwin)

iD8DBQFG+yIEK/tq6CJjZQIRAheHAJ4peCDmRvoyqlWvdfaC0ED31uZHeACfUoWp
hMzExpJUMw+sp+qu5LWogSI=
=xavJ
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Backup Solution

2007-09-26 Thread Uwe Laverenz
On Thu, Sep 27, 2007 at 10:40:52AM +1000, Terry Sposato wrote:

> I will be very grateful for suggestions or ways people have tackled this
> kind of problem in a production environment.

I'd use a separate machine with a set of cheap SATA disks and connect my
tape drives to this machine. Then I would mirror the data from the
virtual machines to this backup server with rsync and write them to tape.
This would be a quick solution and has worked well for me in the past.

If you need more features and have some spare time you should have a look
at amanda or bacula.

http://www.amanda.org/
http://www.bacula.org/

Uwe

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Rob

> No, it's your way of saying STFU let invalid.org deal with it.
> Example.com is set-up for this. Use that if you must.

My apologies...  I did some homework after your post and realized that 
is a valid domain name (though apparently inactive.)  I won't use it.


My STFU was self-referential.  I didn't mean to cause insult or 
inconvenience to anyone;  just trying to avoid it myself.


> RFC2606 defines some domains that are reserved for use in examples 
and the


Cool, Thanks Erik!  That's what I was trying to do.

[update]  The reserved domains seem to all get rejected or held, so I'll 
just try gmail.


  -Rob

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


beta nvidia driver xorg 7.3 is out

2007-09-26 Thread Aryeh Friedman
ftp://download.nvidia.com/freebsd/71.86.01/NVIDIA-FreeBSD-x86-71.86.01.tar.gz

It still officially lists itself as being 5-STABLE compatible but
commenting out the #ifdefs in the effected files will get around
this...   I tried it *DID NOT* resolve any of my issues but I at least
no longer get a ABI mismatch

I think we may want to start a small temp clearing house list for nvidia issues.

BTW the other driver that was released to day seems to not compile at
all on 7-current.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


PF & NAT, how to forward GRE?

2007-09-26 Thread Paul Fraser
Hello list,

I've got a box serving as a router between a wired and wireless network,
as well as providing NAT services for a WAN link to the two
aforementioned systems.

I'd like to forward all incoming GRE traffic on the WAN link to a system
on the wired network. Could anyone advise how?

I thought the PF manual was perhaps a bit vague about forwarding
specific protocols (or for that matter, if it's even possible)...

Cheers,

Paul.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Backup Solution

2007-09-26 Thread Terry Sposato
Hello everyone,

 

I am relatively new to the FreeBSD game and have a bit of a problem which I
am not sure how to tackle. I recently build a server running VMWare ESX
Server 3 which will eventually run 6-7 small production VM's. These Virtual
Machines obviously have the need for backups and it poses quite a problem
for me unless I connect 6-7 external tape drives and give each VM it's own
tape device. I have looked into a few solutions using VM products
(consolidated backup) but it can only be done if you utilise a SAN. 

 

The server is running RAID 5 with around 700GB of space. Each VM may take up
to 50GB and backups might be around 15-20GB per VM. The machine itself has
an internal LTO3 tape drive, has anyone come across this kind of situation
before, and if so what would be a good way to backup each VM? It is easy
enough to backup the image files from the host machine but I need file level
backups within each VM also.

 

I will be very grateful for suggestions or ways people have tackled this
kind of problem in a production environment.

 

Thanks.

 

Regards,

 

Terry

http://www.sucked-in.com

Have you been sucked in?

 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Mel
On Wednesday 26 September 2007 23:40:26 Aliya Harbouri wrote:

> I did not know I COULD split swap.  Hum.  How does the system
> use/allocate each across the split ... Ok, ok. That's what Googling's
> for :-)

Actually, swapon(8) tells a lot ;)

>
> > > Unless you're a packrat where logs are concerned,
>
> I'm not, really.  I probably SHOULD be.
>
> > you can probably do with:
> > > /var 10G (on disk 1)
> > > And use:
> > > /var/db 100G - this will house MySQL primarily
> > > /var/spool 10-50G - any queues, most notably mail, disable softupdates.
> > > Adjust size to match your mail payload.
> > > /var/mail - "rest" - possibly disable softupdates.
>
> Good thoughts. Need to better understand why I care about softupdates
> one way or the other, though.

Generally, a mailserver doesn't benefit from softupdates, because it will wait 
for "committed to disk" signal from OS, to prevent mail from being lost. Over 
time you will also get a good idea of what kind of mail you're dealing with 
and tunefs(8) might be beneficial. It's one major reason I dislike "/data" 
mountpoints containing all different kinds of services. Over time budget and 
usage have a way of conflicting and you'll be happy to get any extra 
performance outof your machines.

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: http://dev.mysql.com/qualitycontribution.html

2007-09-26 Thread Kris Kennaway

Philip M. Gollucci wrote:

Hi All, I noticed that 'Debian user community' was listed here.

Maybe we should start funneling all the mysql related stuff to a single
FreeBSD managed user?




ale@ maintains the ports, so he's the obvious one.

Kris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: courier-imap

2007-09-26 Thread Pollywog
On Wednesday 26 September 2007 18:22:09 Bill Banks wrote:
> When I try to login , in my maillog it saids no such file. How do I tell
> it to use /etc/passwd
>

Which file is missing?  I recently installed Courier-Imap on FreeBSD and some 
file was missing but I don't recall which one.  Make 
sure /usr/local/etc/authlib/authdaemonrc has a line that looks like this

authmodulelist="authuserdb authpam authmysql"

You should have at least authuserdb and authpam listed.

Also do 'touch /usr/local/etc/courier-imap/shared/index' because Courier will 
complain if the file is missing, though it will still work.  I have to do 
that in Debian as well because the "index" file is missing.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Aliya Harbouri
Hi guys!

Some great ideas & advice. Thanks a lot :-)

> > /boot *needs* to be on /. A loader looks for [bootdisk][bootslice]
> > [a]/boot/loader.

Ok, gotcha.

> > Since you have 2 physical drives, you may want to do 8G on each drive. In 
> > the
> > rare case it's needed, your system is in trouble and being able to swap on
> > using 2 drives will be a plus.

Sigh.

I did not know I COULD split swap.  Hum.  How does the system
use/allocate each across the split ... Ok, ok. That's what Googling's
for :-)

> > Unless you're a packrat where logs are concerned,


I'm not, really.  I probably SHOULD be.

> you can probably do with:
> > /var 10G (on disk 1)
> > And use:
> > /var/db 100G - this will house MySQL primarily
> > /var/spool 10-50G - any queues, most notably mail, disable softupdates. 
> > Adjust
> > size to match your mail payload.
> > /var/mail - "rest" - possibly disable softupdates.

Good thoughts. Need to better understand why I care about softupdates
one way or the other, though.


> > I'm generally a fan of separating trees that can grow out of proportion over
> > time, so that you can dump(8) the partition and restore(8) it on a new drive
> > without too much worry. Your mileage may vary.

Sounds like good advice.

> > Also have a look at hier(7) manpage, it's quite informative about the 
> > default
> > filesystem layout BSD uses.

Missed that. :-(  Very useful, though!

> Um, from what I've understood, it's going to be a jail server, those
> defaults would
> be all well and good for a normal server, but in this case we want a big
> /data. and moderate /jails.
>
> Here are my recommendations:
[]

This all sounds good.

> This should be just fine, and you can have your disks in RAID 1.
> As for performance, RAID 1 doubles read speed.

I nvere really thought of RAID 1 as a performance improvement, R or W,
but more fault-tolerance.  I should read up some more.

> PS) I take you know how to use NullFS and the like?

I'm currenly at "can".  Working on getting to "know";-)

Thanks all!

Ali
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Jerry McAllister
On Wed, Sep 26, 2007 at 02:02:09PM -0700, Aliya Harbouri wrote:

> > > drive 2:
> > > /   2GB
> > A bit big, but fine
> 
> I though so, but with drives this big & cheap ... :-)
> 
> > > /boot   2GB
> > Nope, FreeBSD doesn't need / want a /boot
> 
> I didn't realize :-/
> 
> Just to be sure, you DO mean it doesn't want a separate
> slice/partition, right?  Because, I'm looking at a "/boot" directory

Yes, you should not put /boot in a separate filesystem.
It should be in root.

You have a lot for stuff like /usr, but really, how much you need
in any file system depends on how you will use it.   Try it and
gain some experience with the setup and go from there.   You can
change it the next time you do a major upgrade.   

jerry

> ...
> 
> > > /tmp2GB
> > Fine
> 
> OK.
> 
> > > /swap   16GBMachine has 8GB RAM, so swap = 2X RAM
> > A bit of overkill, but what the hell, you have the space
> 
> I've had 2X RAM drummed into me for ages. Not the way of things in FreeBSD?
> 
> > > /usr50GB
> > What exactly do you plan on running on the host?
> 
> Normally, not a whole lot.  I'll have a full Development environment
> there, of course. cron, sshd, snmpd (haven't figured out yet if I need
> that in EACH jail yet), etc -- "small stuff" mainly.  Eventually some
> VPN service via an an encryption card, but that's later.
> 
> If I'm forced to do so, maybe KDE4 for rare/occassional use.  Prefer not to 
> ...
> 
> > > /jails  178GB
> > Fine...
> >
> >
> > > drive 2:
> > > /var100GB
> > Huh? Refer to /usr above.
> 
> My guess @ /var sizing came as a result of,
> 
> http://barryp.org/blog/entries/ezjail_ports/
> 
> "To keep both jailed and non-jailed systems from trying to put any
> port-building working-directories or downloaded distribution files in
> /usr/ports, the /etc/make.conf files (both the "real" one and the ones
> inside jails) should contain something like:
> 
> WRKDIRPREFIX=   /var/ports
> DISTDIR=/var/ports/distfiles
> PACKAGES=   /var/ports/packages"
> 
> And having multiple ports copies ... But, now, as I'm re-reading that,
> I think I got it backwards.  This'll PREVENT having multiple, wasteful
> copies.
> 
> I think.
> 
> > > /data   100GB   MailStore, DBs, www source files, etc.
> > Fine again...
> > > /home   20GB
> > Fine again..
> >
> > >
> > > I'll betcha some of that's silly or wasteful.
> > You'd be correct there :)
> 
> Give a girl a break! I must've missed the really-easy-and-clear
> documentation on the whole thing!
> 
> At least I asked first ;-p
> 
> > I'm sure you could fit everything on one disk... Jails are really small, 
> > it's
> > just your data that takes up space. If you could get everything in 250GB
> > (which i think you could easily) RAID 1 might be a nice thing to have
> 
> Now that's an interesting thought.  My Mobo has 1 SATA-2 port (3
> devices), and 2 SATA-1 ports (1 device each).  And it does support
> SATA RAID 0/1.
> 
> I'm NOT AT ALL sure what running RAID on 2 drives on a single SATA-2
> port does for performance, but it IS an interesting option. Tanks!
> 
> > HTH
> 
> It does :-)
> 
> Thanks a lot!
> 
> Ali
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Federico Lorenzi
On 9/26/07, Mel <[EMAIL PROTECTED]> wrote:
> On Wednesday 26 September 2007 22:20:11 Aliya Harbouri wrote:
> > Hi!
> >
> > I'm setting up a jailed server. I'm hoping to eventually use
> > sysutils/ezjail to deaden the pain a bit!
> >
> > First step, have to get the disks partitioned! They're unpacked, at least
> > ;-)
> >
> > I've read lots of comments like,
> >
> >   "You should never setup your FreeBSD systems the way Linux or other
> > *nix's set them up."
> >
> > So, I'm looking for some Wisdom on how best to partition for the usage
> > I'm planning.
> >
> > The server's goal state is 4 jails, plus the non-jailed host:
> >
> > jail-1: DNS services {Bind9 & RBLDNSD}
> > jail-2: WebServer{Apache 22x + PHP5 + Perl 588 + MySQL 50x}
> > jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
> > jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}
> >
> > I've got two identical 250 GB SATA2 drives available for this box.
> >
> > Although I have not yet grokked the whole "What's in a jail's dirs?"
> > issue, my initial stab at 'slices' is ~:
> >
> >   drive 2:
> >   /   2GB
> >   /boot   2GB
>
> /boot *needs* to be on /. A loader looks for [bootdisk][bootslice]
> [a]/boot/loader.
>
> >   /tmp2GB
> >   /swap   16GBMachine has 8GB RAM, so swap = 2X RAM
>
> Since you have 2 physical drives, you may want to do 8G on each drive. In the
> rare case it's needed, your system is in trouble and being able to swap on
> using 2 drives will be a plus.
>
> >   /usr50GB
> >   /jails  178GB
> >
> >   drive 2:
> >   /var100GB
> >   /data   100GB   MailStore, DBs, www source files, etc.
>
> Unless you're a packrat where logs are concerned, you can probably do with:
> /var 10G (on disk 1)
> And use:
> /var/db 100G - this will house MySQL primarily
> /var/spool 10-50G - any queues, most notably mail, disable softupdates. Adjust
> size to match your mail payload.
> /var/mail - "rest" - possibly disable softupdates.
>
> Allthough, I think MySQL will generally use less space then a mail storage,
> but this all depends on your users.
>
> >   /home   20GB
>
> By default, the WWW root on bsd for apache is /usr/local/www and generally on
> servers like this, home can be done with 2G or less. *Unless* you plan on
> providing /~username/ service, then home might be on the light side.
>
> I'm generally a fan of separating trees that can grow out of proportion over
> time, so that you can dump(8) the partition and restore(8) it on a new drive
> without too much worry. Your mileage may vary.
>
> Also have a look at hier(7) manpage, it's quite informative about the default
> filesystem layout BSD uses.
> --

Um, from what I've understood, it's going to be a jail server, those
defaults would
be all well and good for a normal server, but in this case we want a big
/data. and moderate /jails.

Here are my recommendations:
/
-> Small, painfully so. 512MB

/var
-> Nothing should really go in here if you are using Jails. Including
EZjail, that should
be somewhere under /usr... 2GB

/tmp
-> Not to big really, remember everything goes in a Jail... 2GB
--> Symlink /var/tmp to here

/usr
-> Again, and now i sound like a broken record. However, since ports
can get quite
big be a little more generous... 15GB

/jails
-> Doesn't really need to be too big, the max I say one jail could
reach is 10GB without
data, which falls under /data... 50GB

/home
-> Should be medium sized... 20GB

/data
-> I have no clue what your requirements will be, so 100GB should
cover everything
a few times over... Rest of disk... ~170GB

This should be just fine, and you can have your disks in RAID 1.
As for performance, RAID 1 doubles read speed.

Cheers
Federico

PS) I take you know how to use NullFS and the like?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Software Lojack

2007-09-26 Thread RW
On Wed, 26 Sep 2007 12:34:15 -0400
Jerry McAllister <[EMAIL PROTECTED]> wrote:

> On Tue, Sep 25, 2007 at 06:12:56PM +0200, Roland Smith wrote:
> 
> 
> I know all about various precautions to be taken.   
> 
> I also know I could write something.  I just wanted
> to know if something like that is already written.

You could run fetch from a crontab entry, and log the downloads. 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: anyone have a favorite laptop?

2007-09-26 Thread Emanuel Marufo
Asus is the best for me,  in my case Asus A6JC
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Stress testing/burning in HDD's

2007-09-26 Thread Jonathan Horne
On Wednesday 26 September 2007 15:59:25 Don O'Neil wrote:
> I have an array that has a drive that keeps timing out/failing... So I need
> to replace it. However, I want to stress test/burn in a replacement disk
> first.
>
> What is the best way to do this?
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

it will surely get plenty of burn-in as it replicates the array.

for a server's disk, i dont think there is any way, or technical reason 
to "ease it into service".  just swap it in.  its either gonna run right 
away, or be DOA out of the box.  (well, thats my experience, at least).

cheers,
-- 
Jonathan Horne
http://dfwlpiki.dfwlp.org
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: anyone have a favorite laptop?

2007-09-26 Thread Bob Johnson
On 9/25/07, Bill Campbell <[EMAIL PROTECTED]> wrote:
> I used Thinkpads for about 10 years with various Linux systems.
> My last one was a Thinkpad 600 which I used continuously from
> August 1999 through March 2007 when I got a Mac Powerbook (now if
> only I could run OS X on a Thinkpad :-).
>
> We have used a fair variety of Thinkpads with our auction
> software for the last 10 years or so with excellent results.

Fortunately you were using Linux. For some Thinkpads, IBM arbitrarily
picked a system ID for their suspend-to-disk partition that was the
same as FreeBSD UFS (165). The result was you could not boot the
Thinkpad after you installed FreeBSD, until IBM changed the sysid and
you updated your BIOS. I ran into this about six years ago when I got
a hand-me-down Thinkpad.  Info at
http://www.unixguide.net/freebsd/faq/03.10.shtml.  This was a problem
for some new Thinkpads at least as late as 2002.

Moral: the ability to run Linux does not imply the ability to run FreeBSD.

- Bob
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Mel
On Wednesday 26 September 2007 22:20:11 Aliya Harbouri wrote:
> Hi!
>
> I'm setting up a jailed server. I'm hoping to eventually use
> sysutils/ezjail to deaden the pain a bit!
>
> First step, have to get the disks partitioned! They're unpacked, at least
> ;-)
>
> I've read lots of comments like,
>
>   "You should never setup your FreeBSD systems the way Linux or other
> *nix's set them up."
>
> So, I'm looking for some Wisdom on how best to partition for the usage
> I'm planning.
>
> The server's goal state is 4 jails, plus the non-jailed host:
>
> jail-1: DNS services {Bind9 & RBLDNSD}
> jail-2: WebServer{Apache 22x + PHP5 + Perl 588 + MySQL 50x}
> jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
> jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}
>
> I've got two identical 250 GB SATA2 drives available for this box.
>
> Although I have not yet grokked the whole "What's in a jail's dirs?"
> issue, my initial stab at 'slices' is ~:
>
>   drive 2:
>   /   2GB
>   /boot   2GB

/boot *needs* to be on /. A loader looks for [bootdisk][bootslice]
[a]/boot/loader.

>   /tmp2GB
>   /swap   16GBMachine has 8GB RAM, so swap = 2X RAM

Since you have 2 physical drives, you may want to do 8G on each drive. In the 
rare case it's needed, your system is in trouble and being able to swap on 
using 2 drives will be a plus.

>   /usr50GB
>   /jails  178GB
>
>   drive 2:
>   /var100GB
>   /data   100GB   MailStore, DBs, www source files, etc.

Unless you're a packrat where logs are concerned, you can probably do with:
/var 10G (on disk 1)
And use:
/var/db 100G - this will house MySQL primarily
/var/spool 10-50G - any queues, most notably mail, disable softupdates. Adjust 
size to match your mail payload.
/var/mail - "rest" - possibly disable softupdates.

Allthough, I think MySQL will generally use less space then a mail storage, 
but this all depends on your users.

>   /home   20GB

By default, the WWW root on bsd for apache is /usr/local/www and generally on 
servers like this, home can be done with 2G or less. *Unless* you plan on 
providing /~username/ service, then home might be on the light side.

I'm generally a fan of separating trees that can grow out of proportion over 
time, so that you can dump(8) the partition and restore(8) it on a new drive 
without too much worry. Your mileage may vary.

Also have a look at hier(7) manpage, it's quite informative about the default 
filesystem layout BSD uses.
-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Aliya Harbouri
> > drive 2:
> > /   2GB
> A bit big, but fine

I though so, but with drives this big & cheap ... :-)

> > /boot   2GB
> Nope, FreeBSD doesn't need / want a /boot

I didn't realize :-/

Just to be sure, you DO mean it doesn't want a separate
slice/partition, right?  Because, I'm looking at a "/boot" directory
...

> > /tmp2GB
> Fine

OK.

> > /swap   16GBMachine has 8GB RAM, so swap = 2X RAM
> A bit of overkill, but what the hell, you have the space

I've had 2X RAM drummed into me for ages. Not the way of things in FreeBSD?

> > /usr50GB
> What exactly do you plan on running on the host?

Normally, not a whole lot.  I'll have a full Development environment
there, of course. cron, sshd, snmpd (haven't figured out yet if I need
that in EACH jail yet), etc -- "small stuff" mainly.  Eventually some
VPN service via an an encryption card, but that's later.

If I'm forced to do so, maybe KDE4 for rare/occassional use.  Prefer not to ...

> > /jails  178GB
> Fine...
>
>
> > drive 2:
> > /var100GB
> Huh? Refer to /usr above.

My guess @ /var sizing came as a result of,

http://barryp.org/blog/entries/ezjail_ports/

"To keep both jailed and non-jailed systems from trying to put any
port-building working-directories or downloaded distribution files in
/usr/ports, the /etc/make.conf files (both the "real" one and the ones
inside jails) should contain something like:

WRKDIRPREFIX=   /var/ports
DISTDIR=/var/ports/distfiles
PACKAGES=   /var/ports/packages"

And having multiple ports copies ... But, now, as I'm re-reading that,
I think I got it backwards.  This'll PREVENT having multiple, wasteful
copies.

I think.

> > /data   100GB   MailStore, DBs, www source files, etc.
> Fine again...
> > /home   20GB
> Fine again..
>
> >
> > I'll betcha some of that's silly or wasteful.
> You'd be correct there :)

Give a girl a break! I must've missed the really-easy-and-clear
documentation on the whole thing!

At least I asked first ;-p

> I'm sure you could fit everything on one disk... Jails are really small, it's
> just your data that takes up space. If you could get everything in 250GB
> (which i think you could easily) RAID 1 might be a nice thing to have

Now that's an interesting thought.  My Mobo has 1 SATA-2 port (3
devices), and 2 SATA-1 ports (1 device each).  And it does support
SATA RAID 0/1.

I'm NOT AT ALL sure what running RAID on 2 drives on a single SATA-2
port does for performance, but it IS an interesting option. Tanks!

> HTH

It does :-)

Thanks a lot!

Ali
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Stress testing/burning in HDD's

2007-09-26 Thread Don O'Neil
I have an array that has a drive that keeps timing out/failing... So I need
to replace it. However, I want to stress test/burn in a replacement disk
first.

What is the best way to do this?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Jonathan Horne
On Wednesday 26 September 2007 15:33:12 Federico Lorenzi wrote:
> On 9/26/07, Aliya Harbouri <[EMAIL PROTECTED]> wrote:
> > Hi!
> >
> > I'm setting up a jailed server. I'm hoping to eventually use
> > sysutils/ezjail to deaden the pain a bit!
>
> I gave that a shot once, but I found manual jail configuration to be
> better.
>
> > First step, have to get the disks partitioned! They're unpacked, at least
> > ;-)
> >
> > I've read lots of comments like,
> >
> >   "You should never setup your FreeBSD systems the way Linux or other
> > *nix's set them up."
>
> You shouldn't ^-^
>
> > So, I'm looking for some Wisdom on how best to partition for the usage
> > I'm planning.
> >
> > The server's goal state is 4 jails, plus the non-jailed host:
> >
> > jail-1: DNS services {Bind9 & RBLDNSD}
> > jail-2: WebServer{Apache 22x + PHP5 + Perl 588 + MySQL 50x}
> > jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
> > jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}
> >
> > I've got two identical 250 GB SATA2 drives available for this box.
> >
> > Although I have not yet grokked the whole "What's in a jail's dirs?"
> > issue, my initial stab at 'slices' is ~:
> >
> > drive 2:
> > /   2GB
>
> A bit big, but fine
>
> > /boot   2GB
>
> Nope, FreeBSD doesn't need / want a /boot
>
> > /tmp2GB
>
> Fine
>
> > /swap   16GBMachine has 8GB RAM, so swap = 2X RAM
>
> A bit of overkill, but what the hell, you have the space
>
> > /usr50GB
>
> What exactly do you plan on running on the host?
>
> > /jails  178GB
>
> Fine...
>
> > drive 2:
> > /var100GB
>
> Huh? Refer to /usr above.
>
> > /data   100GB   MailStore, DBs, www source files, etc.
>
> Fine again...
>
> > /home   20GB
>
> Fine again..
>
> > I'll betcha some of that's silly or wasteful.
>
> You'd be correct there :)
>
> I'm sure you could fit everything on one disk... Jails are really small,
> it's just your data that takes up space. If you could get everything in
> 250GB (which i think you could easily) RAID 1 might be a nice thing to have
>
> HTH
>
> Federico
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"

youll do just as fine to hit 'A-S-Q" during the partitioning portion, and 
taking the defaults.  FreeBSD installer will take the best options, and put 
all the remaining space as /usr.

i just put my jails under /usr/jails.

keep the host as simple as possible, as building multiple jails will just 
multiply your complexity quickly enough.

i would also agree with Frederico... do a RAID1 with your (2) 250GB drives.

cheers,

-- 
Jonathan Horne
http://dfwlpiki.dfwlp.org
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dumb IPFW Question

2007-09-26 Thread Chris Yocum
Hi,
 Yep, it was a blunder by me.  Thank you very much!

Chris

On 9/26/07, Chuck Swiger <[EMAIL PROTECTED]> wrote:
> On Sep 26, 2007, at 12:46 PM, Chris Yocum wrote:
> [ ... ]
> >  I also get "Sep 26 20:09:17 routy kernel: ipfw: 450 Deny UDP  > router outside IP>:53 :53 out via sis0" in my
> > /var/log/security file.  I have appended the ipfw rules below so you
> > can see all the changes that I made from the original.
>
> The setup keyword should only be used with TCP packets; trying to use
> it with UDP traffic will cause your pass-through rules (#23-25) to
> not match the traffic you want them to match...
>
> --
> -Chuck
>
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Federico Lorenzi
On 9/26/07, Aliya Harbouri <[EMAIL PROTECTED]> wrote:
> Hi!
>
> I'm setting up a jailed server. I'm hoping to eventually use
> sysutils/ezjail to deaden the pain a bit!
I gave that a shot once, but I found manual jail configuration to be better.
>
> First step, have to get the disks partitioned! They're unpacked, at least ;-)
>
> I've read lots of comments like,
>
>   "You should never setup your FreeBSD systems the way Linux or other
> *nix's set them up."
You shouldn't ^-^


> So, I'm looking for some Wisdom on how best to partition for the usage
> I'm planning.
>
> The server's goal state is 4 jails, plus the non-jailed host:
>
> jail-1: DNS services {Bind9 & RBLDNSD}
> jail-2: WebServer{Apache 22x + PHP5 + Perl 588 + MySQL 50x}
> jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
> jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}
>
> I've got two identical 250 GB SATA2 drives available for this box.
>
> Although I have not yet grokked the whole "What's in a jail's dirs?"
> issue, my initial stab at 'slices' is ~:
>
> drive 2:
> /   2GB
A bit big, but fine
> /boot   2GB
Nope, FreeBSD doesn't need / want a /boot
> /tmp2GB
Fine
> /swap   16GBMachine has 8GB RAM, so swap = 2X RAM
A bit of overkill, but what the hell, you have the space
> /usr50GB
What exactly do you plan on running on the host?
> /jails  178GB
Fine...


> drive 2:
> /var100GB
Huh? Refer to /usr above.
> /data   100GB   MailStore, DBs, www source files, etc.
Fine again...
> /home   20GB
Fine again..

>
> I'll betcha some of that's silly or wasteful.
You'd be correct there :)

I'm sure you could fit everything on one disk... Jails are really small, it's
just your data that takes up space. If you could get everything in 250GB
(which i think you could easily) RAID 1 might be a nice thing to have

HTH

Federico
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dumb IPFW Question

2007-09-26 Thread Chuck Swiger

On Sep 26, 2007, at 12:46 PM, Chris Yocum wrote:
[ ... ]

 I also get "Sep 26 20:09:17 routy kernel: ipfw: 450 Deny UDP :53 :53 out via sis0" in my
/var/log/security file.  I have appended the ipfw rules below so you
can see all the changes that I made from the original.


The setup keyword should only be used with TCP packets; trying to use  
it with UDP traffic will cause your pass-through rules (#23-25) to  
not match the traffic you want them to match...


--
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Warren Block

On Wed, 26 Sep 2007, Bill Campbell wrote:


I think that the Scroll Lock key simply toggles this, sending
alternate ctrl-s, ctrl-q to stop and start traffic.


In a system console, Ctrl-S and -Q work as usual, but Scroll Lock lets 
you scroll through console history.


man syscons | less +/Back\ Scrolling

-Warren Block * Rapid City, South Dakota USA
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Any advice for a Partition Plan for a multi-jailed Server?

2007-09-26 Thread Aliya Harbouri
Hi!

I'm setting up a jailed server. I'm hoping to eventually use
sysutils/ezjail to deaden the pain a bit!

First step, have to get the disks partitioned! They're unpacked, at least ;-)

I've read lots of comments like,

  "You should never setup your FreeBSD systems the way Linux or other
*nix's set them up."

So, I'm looking for some Wisdom on how best to partition for the usage
I'm planning.

The server's goal state is 4 jails, plus the non-jailed host:

jail-1: DNS services {Bind9 & RBLDNSD}
jail-2: WebServer{Apache 22x + PHP5 + Perl 588 + MySQL 50x}
jail-3: mail server  {Exim 468 + Spamassassin + ClamAV, etc.}
jail-4: an analysis/monitoring toolkit {Snort, Nagios, Nessus, etc.}

I've got two identical 250 GB SATA2 drives available for this box.

Although I have not yet grokked the whole "What's in a jail's dirs?"
issue, my initial stab at 'slices' is ~:

drive 2:
/   2GB
/boot   2GB
/tmp2GB
/swap   16GBMachine has 8GB RAM, so swap = 2X RAM
/usr50GB
/jails  178GB

drive 2:
/var100GB
/data   100GB   MailStore, DBs, www source files, etc.
/home   20GB

I'll betcha some of that's silly or wasteful.

Any insighful comments or better advice on this ^^ would make me a happy gal :-)

Thanks a lot!

Ali
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Dumb IPFW Question

2007-09-26 Thread Chris Yocum
Hi Everyone,
 Just to explain a bit, I have installed a FreeBSD 6.2 system on a
machine to act as a natd router.  I turned on the firewall and set the
firewall rule script to the one from the handbook
(http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html)
(Example Ruleset #2 at the bottom).
 After some investigation when I could not get www, I discovered
that somehow port 53 is blocked even when I explicitly open it.  This
happens when I uncomment the rule "# Reject & Log all unauthorized out
going connections to the public Internet
$cmd 450 deny log all from any to any out via $pif".  So essentially,
when I use that line, I loose my DNS and my www will not work anymore.
 I also get "Sep 26 20:09:17 routy kernel: ipfw: 450 Deny UDP :53 :53 out via sis0" in my
/var/log/security file.  I have appended the ipfw rules below so you
can see all the changes that I made from the original.
 Otherwise, it all works great and I could not be happier.  Thank
you in advance for any help that you may be able to provide.  I am
sure that it is some small blunder on my part.

Thanks!,
Chris

#!/bin/sh
cmd="ipfw -q add"
skip="skipto 800"
pif="sis0" # public interface name of NIC
  # facing the public Internet

#
# No restrictions on Inside LAN Interface for private network
# Change xl0 to your LAN NIC interface name
#
$cmd 005 allow all from any to any via xl0

#
# No restrictions on Loopback Interface
#
$cmd 010 allow all from any to any via lo0

#
# check if packet is inbound and nat address if it is
#
$cmd 014 divert natd ip from any to any in via $pif

#
# Allow the packet through if it has previous been added to the
# the "dynamic" rules table by a allow keep-state statement.
#
$cmd 015 check-state

#
# Interface facing Public Internet (Outbound Section)
# Interrogate session start requests originating from behind the
# firewall on the private network or from this gateway server
# destine for the public Internet.
#

# Allow out access to my ISP's Domain name server.
# x.x.x.x must be the IP address of your ISP's DNS
# Dup these lines if your ISP has more than one DNS server
# Get the IP addresses from /etc/resolv.conf file
$cmd 023 $skip udp from any to  53 out via $pif setup keep-state
$cmd 024 $skip udp from any to  53 out via $pif setup keep-state
$cmd 025 $skip udp from any to  53 out via $pif setup keep-state

# Allow out access to my ISP's DHCP server for cable/DSL configurations.
$cmd 030 $skip udp from any to  67 out via $pif keep-state

# Allow out non-secure standard www function
$cmd 040 $skip tcp from any to any 80 out via $pif setup keep-state

# Allow out secure www function https over TLS SSL
$cmd 050 $skip tcp from any to any 443 out via $pif setup keep-state

# Allow out send & get email function
$cmd 060 $skip tcp from any to any 25 out via $pif setup keep-state
$cmd 061 $skip tcp from any to any 110 out via $pif setup keep-state
#for some reason this is the university's IMAP setting
$cmd 062 $skip tcp from any to any 993 out via $pif setup keep-state

# Allow out FreeBSD (make install & CVSUP) functions
# Basically give user root "GOD" privileges.
$cmd 070 $skip tcp from me to any out via $pif setup keep-state uid root

# Allow out ping
$cmd 080 $skip icmp from any to any out via $pif keep-state

# Allow out Time
$cmd 090 $skip tcp from any to any 37 out via $pif setup keep-state

# Allow out nntp news (i.e. news groups)
$cmd 100 $skip tcp from any to any 119 out via $pif setup keep-state

# Allow out secure FTP, Telnet, and SCP
# This function is using SSH (secure shell)
$cmd 110 $skip tcp from any to any 22 out via $pif setup keep-state

# Allow out whois
$cmd 120 $skip tcp from any to any 43 out via $pif setup keep-state

# Allow ntp time server
$cmd 130 $skip udp from any to any 123 out via $pif keep-state

# allow out VPN
$cmd 140 $skip tcp from any to any 1723 out via $pif keep-state

#
# Interface facing Public Internet (Inbound Section)
# Interrogate packets originating from the public Internet
# destine for this gateway server or the private network.
#

# Deny all inbound traffic from non-routable reserved address spaces
$cmd 300 deny all from 192.168.0.0/16  to any in via $pif  #RFC 191

Re: Dell Servers and FreeBSD

2007-09-26 Thread Tim Kellers
Thanks to everyone who has replied so far.  This is very good 
information to know!


Tim

Philip M. Gollucci wrote:

Eric Crist wrote:
  

On Sep 26, 2007, at 1:01 PMSep 26, 2007, Philip M. Gollucci wrote:



Martin McCormick wrote:
  

[snip]



real memory  = 9395240960 (8960 MB)
avail memory = 8291303424 (7907 MB)
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  2
 cpu3 (AP): APIC ID:  3
 cpu4 (AP): APIC ID:  4
 cpu5 (AP): APIC ID:  5
 cpu6 (AP): APIC ID:  6
  

Philip,

Why are only 6 CPU's shown,


Because I did a 'head -25 .. ' there are correctly 8 listed and in use
sorry for the confusion.

I'm actually not sure why real memory is 9GB -- The box is an 8GB box so
the avail is correct. and also correctly reported in 'top' and other things.



 and why is 1GB of memory not available
  

for use?
-
Eric F Crist
Secure Computing Networks





  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Erik Trulsson
On Wed, Sep 26, 2007 at 03:24:24PM -0400, Rob wrote:
> Duane Hill wrote:
>> On Wed, 26 Sep 2007 at 14:44 -0400, [EMAIL PROTECTED] confabulated:
>>>  -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]
>> Not to take this off topic, so you own invalid.org?
> 
> Uhh, no.  Seems like I've seen it for years in examples, documentation and 
> whatnot.  So I was thinking it was like a domain equivalent of a RFC1918 
> address.  Guess that's not the case? 

That is not the case.  invalid.org is a real domain whose owner is probably
not happy about getting extra spam.

> Is there such a thing?  I could use 
> .aol.com -- I certainly don't have any qualms about annoying them ;)

RFC2606 defines some domains that are reserved for use in examples and the
like and which will not be assigned to anybody.
The domains in question are the following:

.test
.example
.invalid
.localhost
example.com
example.org
example.net



> 
> I just want to participate on the list semi-anonymously and not get spammed 
> to hell.  And NO I DON'T WANT TO START THAT DISCUSSION again -- everyone 
> spoke their piece several times over;  this is just my way of STFU and deal 
> with it.
> 
>  -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]


-- 

Erik Trulsson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Mel
On Wednesday 26 September 2007 21:24:24 Rob wrote:
> Duane Hill wrote:
> > On Wed, 26 Sep 2007 at 14:44 -0400, [EMAIL PROTECTED] confabulated:
> >>  -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]
> >
> > Not to take this off topic, so you own invalid.org?
>
> Uhh, no.  Seems like I've seen it for years in examples, documentation and
> whatnot.  So I was thinking it was like a domain equivalent of a RFC1918
> address.  Guess that's not the case?  Is there such a thing?  I could use
> .aol.com -- I certainly don't have any qualms about annoying them ;)
>
> I just want to participate on the list semi-anonymously and not get spammed
> to hell.  And NO I DON'T WANT TO START THAT DISCUSSION again -- everyone
> spoke their piece several times over;  this is just my way of STFU and deal
> with it.

No, it's your way of saying STFU let invalid.org deal with it.
Example.com is set-up for this. Use that if you must.

-- 
Mel
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Bill Campbell
On Wed, Sep 26, 2007, Harry Matthiesen Jensen wrote:
>On Wed, Sep 26, 2007 at 11:22:39AM -0700, Bill Campbell wrote:
>> >
>> >just for info, if you happens to buy a keyboard without the Scroll Lock
>> >key, as I did (Logitech EX110), and are missing this function in consoles,
>> >I found a solution with re-configuring the keymap (I'm probably not the
>> 
>> A far simpler way is to use xoff/xon, ctrl-s stops things, and
>> ctrl-q restarts.
>
>Is there a set-up I need to perform before it works, because simply
>pressing "Ctrl+Q"/"Ctrl+S" does not give me anything.

You will only see the effect of these if the system is sending
data to the screen.  Try typing ``cat /etc/termcap'', the
pressing ctrl-s to stop the flow, and ctrl-q to restart it.

This is basic serial software flow control, used by terminals to
slow down traffic from the system to allow the terminal to catch
up with the traffic.  This protocal dates back to the days of
slow teletypes which ran at speeds around 110baud (10 characters
per second).

I think that the Scroll Lock key simply toggles this, sending
alternate ctrl-s, ctrl-q to stop and start traffic.  Scrolling
back through the stream is a function of the underlying system,
and has nothing to do with the flow of data.

Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

During times of universal deceit, telling the truth becomes
a revolutionary act.  --George Orwell
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Rob

Duane Hill wrote:

On Wed, 26 Sep 2007 at 14:44 -0400, [EMAIL PROTECTED] confabulated:

 -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]


Not to take this off topic, so you own invalid.org?


Uhh, no.  Seems like I've seen it for years in examples, documentation and 
whatnot.  So I was thinking it was like a domain equivalent of a RFC1918 
address.  Guess that's not the case?  Is there such a thing?  I could use 
.aol.com -- I certainly don't have any qualms about annoying them ;)

I just want to participate on the list semi-anonymously and not get spammed to 
hell.  And NO I DON'T WANT TO START THAT DISCUSSION again -- everyone spoke 
their piece several times over;  this is just my way of STFU and deal with it.

 -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Harry Matthiesen Jensen
On Wed, Sep 26, 2007 at 02:44:43PM -0400, Rob wrote:
>>> just for info, if you happens to buy a keyboard without the Scroll Lock
>>> key, as I did (Logitech EX110), and are missing this function in 
>>> consoles,
>> A far simpler way is to use xoff/xon, ctrl-s stops things, and
>> ctrl-q restarts.
> 
> another key sequence for that?  the normally useless "scroll lock" will let 
> you page back several screenfulls.

...exactly, and that is what I need it for, when I'm on the text console 8-)

-- 
Mvh/Brgds Harry
FreeBSD mugin.localhost 7.0-CURRENT #8: i386
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: troubles with ftp access via browser

2007-09-26 Thread Eric Crist

On Sep 26, 2007, at 1:27 PMSep 26, 2007, Walter wrote:


Hi,

I've placed some files on a FBSD 6.2 server using the
standard ftpd to access them.  The content in question
is a video clip, but could be anything that I wanted to
share with people unknown.

I can access the file list with a browser on my internal
network - I do this to check that my links are good.

But I (or anyone else) can't access these files externally
with a browser, but I can access them with ftp itself.  Even
if I force a 'ftp' (for anon access) login via the browser
URL, it stalls.  I thought this had worked at one time...
(Trembles with uneasy expectation) Here's the URL:
ftp://72.40.22.156/incoming/
for anyone who wants to look at it.

On a side note, I see lots of rejected log-in attempts in
the logs from sites trying to do ftp access with "Administrator".
Is there an easy way to allow that?

TIA.


It appears to me that you've got some firewall issues, perhaps.   
Passive FTP connections are failing.  You'll need to setup a port  
range for ftpd to utilize for passive FTP, and allow those  
connections through your firewall.


HTH

-
Eric F Crist
Secure Computing Networks


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Multiple Instances of OpenVPN

2007-09-26 Thread Darren Spruell
On 9/26/07, Marcos Vinicius Buzo <[EMAIL PROTECTED]> wrote:
> Good afternoon.
> I would like to know how could I run multiple instances of openvpn
> with one startup script for each config file.
> I'm running one instance with the /usr/local/etc/rc.d/openvpn script
> and another with the command openvpn --config configfile.

Read the rc script that controls openvpn
(/usr/local/etc/rc.d/openvpn). It has information about running
multiple tunnels.

DS
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Tim Kellers

Thanks!  I plan on using RAID 5

Philip M. Gollucci wrote:

Tim Kellers wrote:
  

Does anyone have any recommendations or experience with any of the newer
Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production
environment?


Hi,

I've got 860, 1435, 1600, 1950, 2950 all running 6.2-relelase-p7 with
custom kernels.

Watch out though the RAID-1 write speed on w/ FreeBSD is known to be
pathetically the worst thing ever with this raid card:
SAS 5IR internal RAID adapter, PCI-Express
Read speed seems fine though.

mpt0: [GIANT-LOCKED]
mpt0: MPI Version=1.5.12.0
da0 at mpt0 bus 0 target 0 lun 0
da0:  Fixed Direct Access SCSI-5 device
da0: 300.000MB/s transfers, Tagged Queueing Enabled
da0: 237464MB (486326272 512 byte sectors: 255H 63S/T 30272C)


My other RAID cards doing RAID0, RAID5, and RAID1+0 are all stellar.



  


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Duane Hill

On Wed, 26 Sep 2007 at 14:44 -0400, [EMAIL PROTECTED] confabulated:


 -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]


Not to take this off topic, so you own invalid.org?

--
  _|_
 (_| |
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Rob

Bill Campbell wrote:

just for info, if you happens to buy a keyboard without the Scroll Lock
key, as I did (Logitech EX110), and are missing this function in consoles,


A far simpler way is to use xoff/xon, ctrl-s stops things, and
ctrl-q restarts.


Yeah, but that won't retrieve the stuff that already vanished;  or is there another key 
sequence for that?  the normally useless "scroll lock" will let you page back 
several screenfulls.

  -Rob  [don't cc me; I'm subscribed and the reply addy is bogus]


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


troubles with ftp access via browser

2007-09-26 Thread Walter

Hi,

I've placed some files on a FBSD 6.2 server using the
standard ftpd to access them.  The content in question
is a video clip, but could be anything that I wanted to
share with people unknown.

I can access the file list with a browser on my internal
network - I do this to check that my links are good.

But I (or anyone else) can't access these files externally
with a browser, but I can access them with ftp itself.  Even
if I force a 'ftp' (for anon access) login via the browser
URL, it stalls.  I thought this had worked at one time...
(Trembles with uneasy expectation) Here's the URL:
ftp://72.40.22.156/incoming/
for anyone who wants to look at it.

On a side note, I see lots of rejected log-in attempts in
the logs from sites trying to do ftp access with "Administrator".
Is there an easy way to allow that?

TIA.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Harry Matthiesen Jensen
On Wed, Sep 26, 2007 at 11:22:39AM -0700, Bill Campbell wrote:
> >
> >just for info, if you happens to buy a keyboard without the Scroll Lock
> >key, as I did (Logitech EX110), and are missing this function in consoles,
> >I found a solution with re-configuring the keymap (I'm probably not the
> 
> A far simpler way is to use xoff/xon, ctrl-s stops things, and
> ctrl-q restarts.

Is there a set-up I need to perform before it works, because simply
pressing "Ctrl+Q"/"Ctrl+S" does not give me anything.

-- 
Mvh/Brgds Harry
FreeBSD mugin.localhost 7.0-CURRENT #8: i386
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: http://dev.mysql.com/qualitycontribution.html

2007-09-26 Thread Abdullah Ibn Hamad Al-Marri
On 9/26/07, Philip M. Gollucci <[EMAIL PROTECTED]> wrote:
> Hi All, I noticed that 'Debian user community' was listed here.
>
> Maybe we should start funneling all the mysql related stuff to a single
> FreeBSD managed user?
>
>
> --
> 
> Philip M. Gollucci ([EMAIL PROTECTED]) c:323.219.4708 o:703.749.9295x206
> Senior System Admin - Riderway, Inc.
> http://riderway.com / http://ridecharge.com
> 1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF
>
> Work like you don't need the money,
> love like you'll never get hurt,
> and dance like nobody's watching.

Very interesting :)


-- 
Regards,

-Abdullah Ibn Hamad Al-Marri
Arab Portal
http://www.WeArab.Net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: courier-imap

2007-09-26 Thread Bill Banks
When I try to login , in my maillog it saids no such file. How do I tell 
it to use /etc/passwd


Rakhesh Sasidharan wrote:


Bill Banks wrote:


i think that it not validating the username & passwd


Have you started courier-authdaemond in /usr/local/etc/rc.d? Added 
users to UserDB or whatever auth method you are using?


I have some notes on installing Courier IMAP here: 
http://rakhesh.net/mail/courier-imap.


That gives you the steps I followed while installing Courier IMAP on 
my home machine.


HTH,


- Rakhesh
http://rakhesh.net/




--
---
Bill Banks 508-829-2005
Wachusett Programming  Ourweb
http://www.ourweb.net
http://www.ourwebtemplates.com
 



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Keyboard without Scroll Lock

2007-09-26 Thread Bill Campbell
On Wed, Sep 26, 2007, Harry Matthiesen Jensen wrote:
>Hi,
>
>I don't know where to post this, except from this list, so maybe someone
>will add it to a FAQ ;-).
>
>just for info, if you happens to buy a keyboard without the Scroll Lock
>key, as I did (Logitech EX110), and are missing this function in consoles,
>I found a solution with re-configuring the keymap (I'm probably not the
>first, but did not find a short solution on the web).

A far simpler way is to use xoff/xon, ctrl-s stops things, and
ctrl-q restarts.

...
Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

It is practically impossible to teach good programming style to
students that have had prior exposure to BASIC: as potential
programmers they are mentally mutilated beyond hope of
regeneration.
-- Dijkstra
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Philip M. Gollucci
Eric Crist wrote:
> On Sep 26, 2007, at 1:01 PMSep 26, 2007, Philip M. Gollucci wrote:
> 
>> Martin McCormick wrote:
> 
> [snip]
> 
>> real memory  = 9395240960 (8960 MB)
>> avail memory = 8291303424 (7907 MB)
>> FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
>>  cpu0 (BSP): APIC ID:  0
>>  cpu1 (AP): APIC ID:  1
>>  cpu2 (AP): APIC ID:  2
>>  cpu3 (AP): APIC ID:  3
>>  cpu4 (AP): APIC ID:  4
>>  cpu5 (AP): APIC ID:  5
>>  cpu6 (AP): APIC ID:  6
> 
> Philip,
> 
> Why are only 6 CPU's shown,
Because I did a 'head -25 .. ' there are correctly 8 listed and in use
sorry for the confusion.

I'm actually not sure why real memory is 9GB -- The box is an 8GB box so
the avail is correct. and also correctly reported in 'top' and other things.



 and why is 1GB of memory not available
> for use?
> -
> Eric F Crist
> Secure Computing Networks
> 


-- 

Philip M. Gollucci ([EMAIL PROTECTED]) c:323.219.4708 o:703.749.9295x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Eric Crist

On Sep 26, 2007, at 1:01 PMSep 26, 2007, Philip M. Gollucci wrote:


Martin McCormick wrote:


[snip]


real memory  = 9395240960 (8960 MB)
avail memory = 8291303424 (7907 MB)
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  2
 cpu3 (AP): APIC ID:  3
 cpu4 (AP): APIC ID:  4
 cpu5 (AP): APIC ID:  5
 cpu6 (AP): APIC ID:  6


Philip,

Why are only 6 CPU's shown, and why is 1GB of memory not available  
for use?

-
Eric F Crist
Secure Computing Networks


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Philip M. Gollucci
Martin McCormick wrote:
 one of the boot messages we see is
> that all memory above 4 gigs is ignored or something to that
> effect.
> real memory  = 3489300480 (3327 MB)
> avail memory = 3414794240 (3256 MB)
Thats not freebsd and if its its because you are using i386 and not amd64

>From a 1950

head -25 /var/run/dmesg.boot
Copyright (c) 1992-2007 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 6.2-RELEASE-p7 #0: Fri Jan 12 08:43:30 UTC 2007
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/SMP
ACPI APIC Table: 
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU   E5310  @ 1.60GHz (1595.93-MHz
K8-class CPU)
  Origin = "GenuineIntel"  Id = 0x6f7  Stepping = 7

Features=0xbfebfbff

Features2=0x4e33d,CX16,,,>
  AMD Features=0x20100800
  AMD Features2=0x1
  Cores per package: 4
real memory  = 9395240960 (8960 MB)
avail memory = 8291303424 (7907 MB)
FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
 cpu2 (AP): APIC ID:  2
 cpu3 (AP): APIC ID:  3
 cpu4 (AP): APIC ID:  4
 cpu5 (AP): APIC ID:  5
 cpu6 (AP): APIC ID:  6


-- 

Philip M. Gollucci ([EMAIL PROTECTED]) c:323.219.4708 o:703.749.9295x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Philip M. Gollucci
Tim Kellers wrote:
> Does anyone have any recommendations or experience with any of the newer
> Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production
> environment?
Hi,

I've got 860, 1435, 1600, 1950, 2950 all running 6.2-relelase-p7 with
custom kernels.

Watch out though the RAID-1 write speed on w/ FreeBSD is known to be
pathetically the worst thing ever with this raid card:
SAS 5IR internal RAID adapter, PCI-Express
Read speed seems fine though.

mpt0: [GIANT-LOCKED]
mpt0: MPI Version=1.5.12.0
da0 at mpt0 bus 0 target 0 lun 0
da0:  Fixed Direct Access SCSI-5 device
da0: 300.000MB/s transfers, Tagged Queueing Enabled
da0: 237464MB (486326272 512 byte sectors: 255H 63S/T 30272C)


My other RAID cards doing RAID0, RAID5, and RAID1+0 are all stellar.



-- 

Philip M. Gollucci ([EMAIL PROTECTED]) c:323.219.4708 o:703.749.9295x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Multiple Instances of OpenVPN

2007-09-26 Thread Marcos Vinicius Buzo
Good afternoon.
I would like to know how could I run multiple instances of openvpn
with one startup script for each config file.
I'm running one instance with the /usr/local/etc/rc.d/openvpn script
and another with the command openvpn --config configfile.

Thanks in advance.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Jerry McAllister
On Wed, Sep 26, 2007 at 12:18:49PM -0400, Tim Kellers wrote:

> Does anyone have any recommendations or experience with any of the newer 
> Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production 
> environment?
> 
> My old Dell 2400 hardware is quickly expiring and I need to replace it 
> with something that will support FreeBSD 6.2 and have enough horsepower 
> to host a substantial (50 or so) number of concurrent Moodle logins.  
> The database (pgsql) is already on another server so I won't be chewing 
> up server resources by hosting a database, too.

I have put FreeBSD (6.2 I think) on 2950-s.   It worked fine.
The only problem was some confusion about the raid driver identifier.
I needed to do some rummaging through dmesg and it was not at first
obvious as it was a little unnoticed line amidst lots of others that
looked more likely.   But, I found it and had no problems after that.

Unfortunately I had to give those machines up to another project and
can't look and see what it was now.

jerry

> 
> Tim
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Software Lojack

2007-09-26 Thread Paul Schmehl
--On Wednesday, September 26, 2007 12:34:15 -0400 Jerry McAllister 
<[EMAIL PROTECTED]> wrote:



On Tue, Sep 25, 2007 at 06:12:56PM +0200, Roland Smith wrote:


I know all about various precautions to be taken.

I also know I could write something.  I just wanted
to know if something like that is already written.

Dell offers this in a hardware solution.  I'm sure they're buying it from 
someone, so you might be able to find out who.  Doesn't matter if the 
thieves wipe the drive.  The device phones home anyway.  (Bet it only works 
in Windows, though, but it might spark an idea or two.)


--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/


Keyboard without Scroll Lock

2007-09-26 Thread Harry Matthiesen Jensen
Hi,

I don't know where to post this, except from this list, so maybe someone
will add it to a FAQ ;-).

just for info, if you happens to buy a keyboard without the Scroll Lock
key, as I did (Logitech EX110), and are missing this function in consoles,
I found a solution with re-configuring the keymap (I'm probably not the
first, but did not find a short solution on the web).

As root:

Dump the keyboard map to a file
kbdcontrol -d >mykeys

Change the file so "Ctrl+NumLock" will set
"Scroll Lock".

Find line with scancode "base" 069, or where "nlock" fills
the entire line.

Edit column 3 from "nlock" to "slock"

The line now looks like:
"069   nlock  nlock  slock  nlock  nlock  nlock  nlock  nlock   O"

Edit /etc/rc.conf:
keymap="/home/xxx/mykeys" #where the file is

Reboot, and now "Ctrl+NumLock" will toggle the Scroll Lock bit.

Before you reboot it is possible to try if it works.

As root, issue the command:
kbdcontrol -l mykeys

-- 
Mvh/Brgds Harry
FreeBSD mugin.localhost 7.0-CURRENT #8: i386
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Dell Servers and FreeBSD

2007-09-26 Thread Martin McCormick
Tim Kellers writes:
> Does anyone have any recommendations or experience with any of the newer
> Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production
> environment?

We recently installed Dell 2950's for DNS and DHCP
server applications. They work great but some of their
horsepower never gets used. one of the boot messages we see is
that all memory above 4 gigs is ignored or something to that
effect.

Here is part of a dmesg capture.

FreeBSD 6.2-RELEASE-p2 #0: Tue Mar 13 15:09:34 CDT 2007
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/-
ACPI APIC Table: 
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Xeon(R) CPU5160  @ 3.00GHz (2992.51-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0x6f6  Stepping = 6
  
Features=0xbfebfbff
  
Features2=0x4e3bd,CX16,,,>
  AMD Features=0x2010
  AMD Features2=0x1
  Cores per package: 2
real memory  = 3489300480 (3327 MB)
avail memory = 3414794240 (3256 MB)
ioapic0: Changing APIC ID to 2
ioapic1: Changing APIC ID to 3
ioapic1: WARNING: intbase 64 != expected base 24
ioapic0  irqs 0-23 on motherboard
ioapic1  irqs 64-87 on motherboard
kbd1 at kbdmux0
ath_hal: 0.9.17.2 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413)
acpi0:  on motherboard
acpi0: Power Button (fixed)
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
cpu0:  on acpi0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
pcib1:  at device 2.0 on pci0
pci6:  on pcib1
pcib2:  at device 0.0 on pci6
pci7:  on pcib2
pcib3:  at device 0.0 on pci7
pci8:  on pcib3
pcib4:  at device 0.0 on pci8
pci9:  on pcib4
bce0:  mem 
0xf400-0xf5ff irq 16 at device 0.0 on pci9
bce0: ASIC ID 0x57081010; Revision (B1); PCI-X 64-bit 133MHz
miibus0:  on bce0
brgphy0:  on miibus0
brgphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 
1000baseTX-FDX, auto
bce0: Ethernet address: 00:19:b9:af:94:b4
pcib5:  at device 1.0 on pci7
pci10:  on pcib5
pcib6:  at device 0.3 on pci6
pci11:  on pcib6
pcib7:  at device 3.0 on pci0
pci1:  on pcib7
pcib8:  at device 0.0 on pci1
pci2:  on pcib8
mfi0:  mem 0xd80f-0xd80f,0xfc4e-0xfc4f irq 78 at 
device 14.0 on pci2
mfi0: 1513 (242761804s/0x0020/0) - Shutdown command received from host
mfi0: 1514 (4278190080s/0x0020/0) - PCI 0x041028 0x0415 0x041028 0x041f03: 
Firmware initialization started (PCI ID 0015/1028/1f03/1028)
mfi0: 1515 (4278190080s/0x0020/0) - Type 18: Firmware version 1.00.02-0157
mfi0: 1516 (4278190097s/0x0008/0) - Battery Present
mfi0: 1517 (4278190115s/0x0004/0) - PD 08(e1/s255) event: Enclosure (SES) 
discovered on PD 08(e1/s255)
mfi0: 1518 (4278190115s/0x0002/0) - PD 08(e1/s255) event: Inserted: PD 
08(e1/s255)
mfi0: 1519 (4278190115s/0x0002/0) - Type 29: Inserted: PD 08(e1/s255) Info: 
enclPd=08, scsiType=d, portMap=00, sasAddr=500180b052f14500,
mfi0: 1520 (4278190115s/0x0002/0) - PD 00(e1/s0) event: Inserted: PD 00(e1/s0)
mfi0: 1521 (4278190115s/0x0002/0) - Type 29: Inserted: PD 00(e1/s0) Info: 
enclPd=08, scsiType=0, portMap=01, sasAddr=1221,
mfi0: 1522 (4278190115s/0x0002/0) - PD 01(e1/s1) event: Inserted: PD 01(e1/s1)
mfi0: 1523 (4278190115s/0x0002/0) - Type 29: Inserted: PD 01(e1/s1) Info: 
enclPd=08, scsiType=0, portMap=02, sasAddr=12210100,
mfi0: 1524 (242772342s/0x0020/0) - Adapter ticks 242772342 elapsed 36s: Time 
established as 09/10/07 20:45:42; (36 seconds since power on)
pcib9:  at device 0.2 on pci1
pci3:  on pcib9
pcib10:  at device 4.0 on pci0
pci12:  on pcib10
pcib11:  at device 5.0 on pci0
pci13:  on pcib11
pcib12:  at device 6.0 on pci0
pci14:  on pcib12
pcib13:  at device 7.0 on pci0
pci15:  on pcib13
pcib14:  at device 28.0 on pci0
pci4:  on pcib14
pcib15:  at device 0.0 on pci4
pci5:  on pcib15
bce1:  mem 
0xf800-0xf9ff irq 16 at device 0.0 on pci5
bce1: ASIC ID 0x57081010; Revision (B1); PCI-X 64-bit 133MHz
miibus1:  on bce1
brgphy1:  on miibus1
brgphy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseTX, 
1000baseTX-FDX, auto
bce1: Ethernet address: 00:19:b9:af:94:b2
uhci0:  port 0xdce0-0xdcff irq 21 at device 29.0 
on pci0
uhci0: [GIANT-LOCKED]
usb0:  on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1:  port 0xdcc0-0xdcdf irq 20 at device 29.1 
on pci0
uhci1: [GIANT-LOCKED]
usb1:  on uhci1
usb1: USB revision 1.0
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2:  port 0xdca0-0xdcbf irq 21 at device 29.2 
on pci0
uhci2: [GIANT-LOCKED]
usb2:  on uhci2
usb2: USB revision 1.0
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
ehci0:  mem 0xfc600400-0xfc6007ff irq 21 at 
device 29.7 on pci0
ehci0: [GIANT-LOCKED]
usb3: EHCI version 1.0
usb3: companion controllers, 2 ports each: usb0 usb1 usb2
u

Re: Dell Servers and FreeBSD

2007-09-26 Thread falz
On 9/26/07, Tim Kellers <[EMAIL PROTECTED]> wrote:
> Does anyone have any recommendations or experience with any of the newer
> Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production
> environment?
>
> My old Dell 2400 hardware is quickly expiring and I need to replace it
> with something that will support FreeBSD 6.2 and have enough horsepower
> to host a substantial (50 or so) number of concurrent Moodle logins.
> The database (pgsql) is already on another server so I won't be chewing
> up server resources by hosting a database, too.

We have many many 2950, 1950, 860, etc servers running FreeBSD. 6.2
without issue. Many of which are in a fairly taxing environment
(webmail cluster with 25k users), as well as other purposes.

I've only run across one issue, and it was on an earlier one. This was
related more to the raid controller than anything, and required some
'camcontrol' setting to be changed:

http://lists.freebsd.org/pipermail/freebsd-stable/2007-February/033071.html

However, I wouldnt worry about that unless you have a problem.

--falz
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Dell Servers and FreeBSD

2007-09-26 Thread Tim Kellers
Does anyone have any recommendations or experience with any of the newer 
Dell servers (2900, 2950 for example) and FreeBSD 6.2 in a production 
environment?


My old Dell 2400 hardware is quickly expiring and I need to replace it 
with something that will support FreeBSD 6.2 and have enough horsepower 
to host a substantial (50 or so) number of concurrent Moodle logins.  
The database (pgsql) is already on another server so I won't be chewing 
up server resources by hosting a database, too.


Tim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Software Lojack

2007-09-26 Thread Jerry McAllister
On Tue, Sep 25, 2007 at 06:12:56PM +0200, Roland Smith wrote:


I know all about various precautions to be taken.   

I also know I could write something.  I just wanted
to know if something like that is already written.

jerry



> On Mon, Sep 24, 2007 at 06:33:30PM -0400, Jerry wrote:
> > Hi All,
> > 
> > I am wondering if there is already written (in the ports) some utility 
> > that would either periodically and/or on boot up, take note of if the
> > machine is connected to the net and if so, send some information to a
> > configured address giving some basic information such as date/time
> > and the network address where it is connected.   
> 
> You could write a shell-script that does this and run it as a cron(8) job.
> 
> > The intent would be to put this in laptops/notebooks belonging to an
> > organization/business to track where they were, especially if they
> > were stolen.   I know, if they got in to the hands of professional
> > theft ring, the first thing they would do is wipe them, but it could
> > help track them otherwise.
> 
> Since most windows users wouldn't have a clue what to do with a FreeBSD
> machine, I think _every_ laptop would be wiped.
> 
> To secure your laptops and mitigate the consequences of theft there are
> several things you can do;
> - Encrypt the /home partitions. This will not prevent theft but will
>   reduce the chance of your data falling into the wrong hands.
> - Make frequent backups to prevent data loss.
> - Glue engraved labels to the machine, e.g. to the lid where it can't be
>   removed without damaging the LCD screen. This might make the machine
>   less desirable to a stolen goods dealer.
> 
> Roland
> -- 
> R.F.Smith   http://www.xs4all.nl/~rsmith/
> [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
> pgp: 1A2B 477F 9970 BA3C 2914  B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


http://dev.mysql.com/qualitycontribution.html

2007-09-26 Thread Philip M. Gollucci
Hi All, I noticed that 'Debian user community' was listed here.

Maybe we should start funneling all the mysql related stuff to a single
FreeBSD managed user?


-- 

Philip M. Gollucci ([EMAIL PROTECTED]) c:323.219.4708 o:703.749.9295x206
Senior System Admin - Riderway, Inc.
http://riderway.com / http://ridecharge.com
1024D/EC88A0BF 0DE5 C55C 6BF3 B235 2DAB  B89E 1324 9B4F EC88 A0BF

Work like you don't need the money,
love like you'll never get hurt,
and dance like nobody's watching.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Capturing data on the serial port

2007-09-26 Thread Chris Boyd

On Sep 26, 2007, at 10:42 AM, [EMAIL PROTECTED] wrote:

I have a need to temporarily capture data from our phone system via  
the

serial port on one of my FreeBSD servers.

What would be the best way to do this?


I've done this with Minicom set up to log to a file.

/usr/ports/comms/minicom

--Chris

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: pf redirect question

2007-09-26 Thread Nikos Vassiliadis
On Wednesday 26 September 2007 17:42, Jonathan Horne wrote:
> On Wednesday 26 September 2007 08:10:18 Nikos Vassiliadis wrote:
> > Please CC me when replying to me, since I will
> > see your replies in no time. Otherwise your reply
> > might not be seen, since it ends up in another
> > directory in my maildir.
> >
> > On Wednesday 26 September 2007 15:18, Jonathan Horne wrote:
> > > On Wednesday 26 September 2007 02:28:48 Nikos Vassiliadis wrote:
> > > > No, don't use the IP on your server. Why you should do such a
> > > > thing?
> > >
> > > why not?  i did specify that the old server is decommissioning and
> > > would be permenantly downed.
> >
> > Because the IP you will use on the host running FreeBSD and PF has
> > nothing to do with FreeBSD and PF. If you do this, you understand
> > that packets will be processed locally by FreeBSD's TCP/IP stack
> > and not forwarded to the new server, right?
> >
> > You only want PF to alter the address from old server to new server
> > as I said previously. Not accept the packet as if destined for
> > localhost!
> >
> > > > You just have to make sure that packets ($old_server <-> $world)
> > > > are routed through your $pf box. I guess that's the case for you.
> > > > pf will just translate the destination address from $old_server
> > > > to $new_server.
> > >
> > > yes, any client or server would be able to route across the wan to
> > > the new ip at the other end.
> >
> > Something like this:
> > client-aclient-b
> >
> > ( internet cloud )
> >
> > (pf)(new-server)
> >
> >
> > (old-server)
> >
> > > > BUT, which is this service you are talking about? Cause that's not
> > > > feasible with everything.
> > >
> > > ultimately, i want to route some Mcafee ePolicy clients to use
> > > another server.
> >
> > Yes, I know nothing about it. Is redirecting TCP port 8080 enough?
> >
> > [snip]
> >
> > > was my syntax in my example incorrect?
> >
> > Yes, try removing the interface, just to be more general,
> > until you figure it out. Something like:
> > rdr inet proto tcp from any to x.x.x.x port = ssh -> y.y.y.y port 22
> >
> > And use "pfctl -vsnat" to check the state of the rdr command, like
> > this: [ Evaluations: 3434  Packets: 14Bytes: 840
> > States: 0 ]
> >
> > Be sure that every host involved is reachable from the pf box.
> >
> > Nikos
>
> well, the example you sent me worked... but just for a moment.  as soon
> as i changed it (and restarted pf, its not worked since.  if im going to
> get this to work, this is actually more of the diagram im working with
> here:
>
> (pf) --- (old server) -- client-a
>
> (SITE-A)  (vpn-client-b)
>
> (internet-cloud)  (SITE-B) --- (new server)
>
> (SITE-C)
>
> (client-c)
>

No, you can't with such topology. Let's examine client-c:
1) client-c sends request to old-server
2) pf translates the destination from old-server to new-server
3) packet arrives to new-server
4) new-server replies to client-c, not going through pf this time though
5) client-c gets a reply from new-server. Remember, it tried to connect
to old-server, not to new-server.

So, change of plans...
You have to use a TCP redirector, (net/redir) comes in mind.
Install redir, have redir listen to a port on your lo0 and
proxy this to old-server:port
e.g.
redir --laddr=127.0.0.1 --lport=45876 --caddr=old-server --cport=80

then use pf and rdr to redirect the old-server:port to 127.1:45876
pseudo-pf.conf:
rdr inet proto tcp from any to x.x.x.x port = 80 -> 127.0.0.1 45876

That's all.

> where you see SITE-x, consider that the appropricate clusters of
> routers, vpn-endpoints/concentrators.  client-a, old server, and pf are
> same-lan, other objects are all across a wan at different subnets, but
> all can reach all. 
  ^
That's more of a problem in your situation. Hopefully not for long.

Nikos
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Capturing data on the serial port

2007-09-26 Thread jhall
I have a need to temporarily capture data from our phone system via the
serial port on one of my FreeBSD servers.

What would be the best way to do this?

Thanks,


Jay

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: 6.2 Headless Installs Don't Seem to Work.

2007-09-26 Thread Martin McCormick
Jonathan McKeown writes:
> (tar now does this, I believe), add the line
> 
> console="comconsole"
> 
> to boot/loader.conf in the directory which is the root of the CD, and then
> make a new ISO and burn a new serial install CD.

When I do

tar vxf 6.2-RELEASE-i386-disc1.iso

It mostly works as expected except for the following strange
error message observed while extracting:

x INSTALL.HTM
x INSTALL.TXT
x README.HTM
x README.TXT
x RELNOTES.HTM
x stand
x sys
tar: Ignoring out-of-order file
x RELNOTES.TXT
x .cshrc
x root/.cshrc

There is only that one error and I wonder,
A.  What did I miss?
B. Is there a way to work around this?

As always, thanks.

Martin McCormick WB5AGZ  Stillwater, OK 
Systems Engineer
OSU Information Technology Department Network Operations Group
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: anyone have a favorite laptop?

2007-09-26 Thread Jerry McAllister
On Tue, Sep 25, 2007 at 09:24:55PM -0400, Bob Johnson wrote:

I have installed FreeBSd on IBM/Lenova and Dell with little problem.

But, I wonder if anyone here has had any dealings with a nice little
notebook from a Japanese company called 'Kojinsha'.   I saw them the
last time I was in Japan, of course, running MS-something.   They
are very compact, but still with a typable keyboard unlike some other
compact notebooks and a very sharp looking display.   I am hoping I
can find them sold with an English Language setup in the USA.  (I
have seen an European (British?) English Language version.  

So, has anyone seen these or better yet, tried one?

jerry



> I've been happy with FBSD on Dell Inspirons, although the newest I've
> used it on is an 8600 (it's what I'm using now). Some things have been
> problems (e.g. on the 7500 the sound input never had a driver, on the
> 8600 it took a while to find a driver that would make a working NDIS
> driver for the wireless).
> 
> In general, if you get something new on the market you are far more
> likely to have trouble getting it working. In that regard in
> particular, I've had better luck with nVidia rather than ATI video
> (nVidia publishes FreeBSD drivers).
> 
> - Bob
> 
> On 9/25/07, Bill Campbell <[EMAIL PROTECTED]> wrote:
> > On Mon, Sep 24, 2007, Arend P. van der Veen wrote:
> > >We have used Thinkpads for a long time.  I am currently using a T60.
> > >Never had any problems.
> >
> > I used Thinkpads for about 10 years with various Linux systems.
> > My last one was a Thinkpad 600 which I used continuously from
> > August 1999 through March 2007 when I got a Mac Powerbook (now if
> > only I could run OS X on a Thinkpad :-).
> >
> > We have used a fair variety of Thinkpads with our auction
> > software for the last 10 years or so with excellent results.
> >
> > Bill
> > --
> > INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
> > URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
> > FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
> >
> > Liberty don't work as good in practice as it does in speeches.
> > Will Rogers
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> >
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Bandwidth filter with ipfw don't work

2007-09-26 Thread Lowell Gilbert
"Edgardo Nuevo" <[EMAIL PROTECTED]> writes:

> Hi
> I have Freebsd 6,2 with 2 cards of network, vr1 (10.0.1.10 with access
> to Internet), vr0 (192.168.1.1 internal network), I have configured
> ipfw + dummynet, when I configure a PC with 192.168.1.x does not work,
> but I put an IP type 10.0.1.x its works, what's error?

Can't tell from that.  Have you checked ipfw counters to see which
rules are dropping the packets (if any)?  Have you tried with no drop
rules at all?  Do you have a route for the 192.168.1.x subnet on the
router?  

> ### firewall.rules ###
> -f flush
> add 0012 skipto 20 all from any to any not layer2 in via vr0
> # Define MAC's users
> add 0013 skipto 20 all from any to any { MAC 00:1b:24:3b:4f:xx any or
> MAC any 00:1b:24:3b:4f:xx } layer2
> add 0014 skipto 20 all from any to any { MAC 00:1b:24:25:yy:69 any or
> MAC any 00:1b:24:25:yy:69 } layer2
>
> #Deny MACs not defined
> add 0019 deny log logamount 100 ip from any to any MAC any any layer2 via vr0
>
> # Enable NAT
> add 0020 divert natd all from any to any via vr1
>
> # Define pipe per MAC's
> add pipe 1 ip from any to any MAC 00:1b:24:3b:4f:xx any in via vr0
> add pipe 2 ip from any to any MAC any 00:1b:24:3b:4f:xx in via vr0
>
> add pipe 3 ip from any to any MAC 00:1b:24:25:yy:69 any
> add pipe 4 ip from any to any MAC any 00:1b:24:25:yy:69
>
> # Define bandwith per pipe
> pipe 1 config bw 50Kbit/s
> pipe 2 config bw 50Kbit/s
>
> pipe 3 config bw 6Kbit/s
> pipe 4 config bw 6Kbit/s
>
> add 0500 allow all from any to any
> ###
>
> ### sysctl.conf ###
> net.link.ether.bridge.enable=1
> net.link.ether.bridge_cfg=vr1:1,vr0:2
> net.link.ether.bridge_ipfw=1
> net.ip.dummynet.debug=1
> net.inet.ip.fw.enable=1
> net.link.ether.ipfw=1
> ###
>
> Thanks
>
> Dark Night Rider
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
>

-- 
Lowell Gilbert, embedded/networking software engineer, Boston area
http://be-well.ilk.org/~lowell/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: IPFW + NATD FORWARDING

2007-09-26 Thread Lowell Gilbert
"mr. phreak" <[EMAIL PROTECTED]> writes:

> Hi, I am having trouble with my IPFW+NATD forwarding. I know a lot of
> people have
> and I've googled my ass off. Still I can't get it right. I'm trying to
> forward port 1213 in/out for dc++ usage.
>
> this is my setup:
>
>  __WAN router (192.168.1.1)
>  |
>  |
> (FreeBSD gateway/fw NIC1:ath0 (public) NIC2:rl0 (LAN) )
>  |
>  |__
>   LAN (10.10.10.0/24)
>
> I use stateful rules and I'd like to forward port 1213 both ways using
> natd. I know NATD should take care of this as long as i allow port
> 1213 in/out from the firewall. I've tried this at almost every
> position in the ipfw.rules and now i ask where i should put it?? i.e
> it's not there right now.
>
> I've tried:
>
> $cmd [num] allow all from any to any 1213 (at various positions in
> ipfw.rules) still doesn't work.
>
> $cmd [num] divert natd all from any to any 1213.
>
> Can someone help me?

Your firewall configuration is rather unconventional, but the basic
idea makes sense.  What isn't clear is how you want to use this "dc++"
program within your infrastructure.  Because you are using dynamic
rules, I assume that you want the connections to always originate
inside your network.  If that is the case, you shouldn't need any
special configuration to natd (because every connection will be
learned from the initial packet).  If that's not the case, you will
need to pick one internal machine to receive the connections coming in
from outside.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Enlighten me nt Please

2007-09-26 Thread Wojciech Puchar

Would it be easy, or maybe "not too difficult" to setup Enlightenment
with FreeBSD which I am determined to get back into soon? Even possibly
use the Elive approach, or is that a specific Linux executable?

use ports
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


RE: SSH login banner?

2007-09-26 Thread takhoos
I really appreciate the time and effort you took to answer my questionThank 
you for a clear and concise answer!  --Joe 

> Date: Wed, 26 Sep 2007 09:12:35 -0500> From: [EMAIL PROTECTED]> To: [EMAIL 
> PROTECTED]> CC: freebsd-questions@freebsd.org> Subject: Re: SSH login 
> banner?> > On Wed, 26 Sep 2007 09:15:38 -0400> <[EMAIL PROTECTED]> wrote:> > 
> > I need to apply an SSH user agreement policy so users agrees to the> > AUP 
> _before_ they login. Everything I read puts the police on the> > screen after 
> login. Any ideas? --Joe> > Have a look under /etc/sshd/> > There is an sshd 
> conf file. Open it, look for Banner.> I created a /etc/welcome.msg and put 
> that location within the conf> file.> > Restart sshd and viola.> > Now, wasnt 
> this easier then someone telling you to have a look at some> man page?!> > -- 
> > Best regards,> Chris> Registerd Linux user number 448639
_
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: pf redirect question

2007-09-26 Thread Jonathan Horne
On Wednesday 26 September 2007 08:10:18 Nikos Vassiliadis wrote:
> Please CC me when replying to me, since I will
> see your replies in no time. Otherwise your reply
> might not be seen, since it ends up in another
> directory in my maildir.
>
> On Wednesday 26 September 2007 15:18, Jonathan Horne wrote:
> > On Wednesday 26 September 2007 02:28:48 Nikos Vassiliadis wrote:
> > > No, don't use the IP on your server. Why you should do such a thing?
> >
> > why not?  i did specify that the old server is decommissioning and would
> > be permenantly downed.
>
> Because the IP you will use on the host running FreeBSD and PF has
> nothing to do with FreeBSD and PF. If you do this, you understand
> that packets will be processed locally by FreeBSD's TCP/IP stack
> and not forwarded to the new server, right?
>
> You only want PF to alter the address from old server to new server
> as I said previously. Not accept the packet as if destined for localhost!
>
> > > You just have to make sure that packets ($old_server <-> $world)
> > > are routed through your $pf box. I guess that's the case for you.
> > > pf will just translate the destination address from $old_server
> > > to $new_server.
> >
> > yes, any client or server would be able to route across the wan to the
> > new ip at the other end.
>
> Something like this:
> client-aclient-b
>
> ( internet cloud )
>
> (pf)(new-server)
>
>
> (old-server)
>
> > > BUT, which is this service you are talking about? Cause that's not
> > > feasible with everything.
> >
> > ultimately, i want to route some Mcafee ePolicy clients to use another
> > server.
>
> Yes, I know nothing about it. Is redirecting TCP port 8080 enough?
>
> [snip]
>
> > was my syntax in my example incorrect?
>
> Yes, try removing the interface, just to be more general,
> until you figure it out. Something like:
> rdr inet proto tcp from any to x.x.x.x port = ssh -> y.y.y.y port 22
>
> And use "pfctl -vsnat" to check the state of the rdr command, like this:
>   [ Evaluations: 3434  Packets: 14Bytes: 840 States: 0 
>]
>
> Be sure that every host involved is reachable from the pf box.
>
> Nikos

well, the example you sent me worked... but just for a moment.  as soon as i 
changed it (and restarted pf, its not worked since.  if im going to get this 
to work, this is actually more of the diagram im working with here:

(pf) --- (old server) -- client-a
|
(SITE-A)  (vpn-client-b)
|
(internet-cloud)  (SITE-B) --- (new server)
|
(SITE-C)
|
(client-c)

where you see SITE-x, consider that the appropricate clusters of routers, 
vpn-endpoints/concentrators.  client-a, old server, and pf are same-lan, 
other objects are all across a wan at different subnets, but all can reach 
all.  (client-b's vpn concentrator is located in the SITE-A routers).

so, if it worked one time and then stopped after a change... where could i be 
going wrong now?  after a change like that, do arp or routing tables need to 
be flushed (and if so, at both the pf, and possibly test subject (but maybe 
not the recieving end of the rdr... i cant see how the receiver would care)

man, if i can get this to work reliably, this is going to save a ton of time 
and trouble!

thanks,
-- 
Jonathan Horne
http://dfwlpiki.dfwlp.org
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Can't boot new disk unless it's on the 2nd IDE channel

2007-09-26 Thread Joe in MPLS

Should have included this the first time:

When the disk is on the first channel, the BIOS reports and "invalid 
partition table" then the boot loader runs anyway until I end up at a 
"mountroot>" prompt. Whatever I try to enter at the prompt I'm told the 
disk doesn't exist. It doesn't matter which disk my fstab mount points say.


If I have the disk on the second channel it boots just fine regardless 
of whether there's a disk on the first channel or not.


 ..jgm




Joe in MPLS wrote:
Several months ago I bought a bigger (IDE) disk and set about the task 
of moving a FreeBSD 6.1 STABLE #0 system to teh new disk. I did the 
fdisk, boot0cfg and bsdlabel stuff and dumps piped to restores to get 
all the bytes moved. I thought all was well so I got lazy and never 
removed the old disk.


After doing an update this week via make buildworld etc, I realized 
that the box was still booting from the old small drive and loading an 
old kernel before mounting everything mentioned in /etc/fstab.


I used fdisk to make the 1st slice of teh new disk active, edited 
fstab to change all the ad2s1x entries to ad0s1x, disconnected the 
first drive and moved the new drive to the first IDE channel. No joy.


I used bsdlabel -e to change my "/" partition from ad2s1d to ad2s1a 
(sysinstall disklabel would not let me assign "a" to a partition on 
the second disk). Still no joy and worse, it wouldn't boot even with 
the first disk in place.


I managed to get it booting with both drives installed again, but now 
it wants my fstab entries to be "ad2a", "ad2e" etc. It doesn't like 
the "ad2s1x" stuff in there any more. Then for the heck of it, I 
disconnected the first drive, left the new drive on the second channel 
and it booted just fine!


here's fdisk output:

[EMAIL PROTECTED] ~]# fdisk
*** Working on device /dev/ad2 ***
parameters extracted from in-core disklabel are:
cylinders=119705 heads=16 sectors/track=255 (4080 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=119705 heads=16 sectors/track=255 (4080 blks/cyl)

Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:

The data for partition 2 is:

The data for partition 3 is:

The data for partition 4 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
   start 0, size 5 (24 Meg), flag 80 (active)
   beg: cyl 0/ head 0/ sector 1;
   end: cyl 1023/ head 254/ sector 63

I don't know why part #4 is active when I marked #1 active earlier 
tonight... and the disk is way bigger than 24 MB as shown by df -h:

[EMAIL PROTECTED] ~]# df -h
FilesystemSizeUsed   Avail Capacity  Mounted on
/dev/ad2a 1.9G191M1.6G10%/
devfs 1.0K1.0K  0B   100%/dev
/dev/ad2e 1.9G2.4M1.8G 0%/tmp
/dev/ad2g 176G7.8G154G 5%/usr
/dev/ad2f  44G558M 40G 1%/var
devfs 1.0K1.0K  0B   100%/var/named/dev

and here's bsdlabel:

[EMAIL PROTECTED] ~]# bsdlabel ad2
# /dev/ad2:
8 partitions:
#size   offsetfstype   [fsize bsize bps/cpg]
 a:  419430404.2BSD 2048 16384 28552
 b:  4194304  4194304  swap
 c: 4883971680unused0 0 # "raw" part, 
don't edit

 e:  4194304  83886084.2BSD 2048 16384 28552
 f: 94371840 125829124.2BSD 2048 16384 28552
 g: 381442416 1069547524.2BSD 2048 16384 28552

How do I make this "ad0" instead of "ad2"?

TIA   ...jgm







___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Enlighten me nt Please

2007-09-26 Thread Hensley, Ed - Edward D

NOTICE:
All information in and attached to the e-mail(s) below may be proprietary, 
confidential, privileged and otherwise protected from improper or erroneous 
disclosure.  If you are not the sender's intended recipient, you are not 
authorized to intercept, read, print, retain, copy, forward, or disseminate 
this message.  If you have erroneously received this communication, please 
notify the sender immediately by phone (704-758-1000) or by e-mail and destroy 
all copies of this message (electronic, paper, or otherwise).  Thank you.


I first started using FreeBSD with the 4.5 release, and for the record I
still think your documentation (manual included with the release) is the
best I have seen.

However, since that release (and several ago) I have been experimenting
with numerous Linux's and have been favorably impressed with several
different distros, especially Elive...

So, my question is:

Would it be easy, or maybe "not too difficult" to setup Enlightenment
with FreeBSD which I am determined to get back into soon? Even possibly
use the Elive approach, or is that a specific Linux executable?

Thank you,

Edward Hensley

[EMAIL PROTECTED]

 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


qmail+wu-imap+squirrelmail

2007-09-26 Thread Bill Banks
I'm trying to setup qmail with squirrelmail thus wu-imap on  Freebsd 
6.2  .  imap is  not authenticating  the user and I dont know why.


Try:

telnet 216.236.255.45 143
a1 login test 0

and  see what I'm talking about.

--
---
Bill Banks 508-829-2005
Wachusett Programming  Ourweb
http://www.ourweb.net
http://www.ourwebtemplates.com
 



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: SSH login banner?

2007-09-26 Thread Chris
On Wed, 26 Sep 2007 09:15:38 -0400
<[EMAIL PROTECTED]> wrote:

> I need to apply an SSH user agreement policy so users agrees to the
> AUP _before_ they login.  Everything I read puts the police on the
> screen after login.   Any ideas?  --Joe

Have a look under /etc/sshd/

There is an sshd conf file. Open it, look for Banner.
I created a /etc/welcome.msg  and put that location within the conf
file.

Restart sshd and viola.

Now, wasnt this easier then someone telling you to have a look at some
man page?!

-- 
Best regards,
Chris
Registerd Linux user number 448639
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


sbcl/lisp question

2007-09-26 Thread P.U.Kruppa

Hi,

while playing with SBCL and the editor slime, I found that slime 
needs some ("fast loadable") files in /usr/local/lib/sbcl/.. 
(with .fasl suffix) to be set executable.


Was this forgotten by the port authors or is there some tricky 
LISP way to do it automatically (i.e. is it a bug or a feature)?


This is on FreeBSD 7.0 amd64.

Greetings,

Uli.

Peter Ulrich Kruppa
Wuppertal
Germany

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Confusion on SSH and PAM

2007-09-26 Thread Pollywog
On Wednesday 26 September 2007 11:02:26 Rakhesh Sasidharan wrote:
> CyberLeo Kitsana wrote:
> > Rakhesh Sasidharan wrote:
> >> Any ideas or nudges in the right direction as to why this is happening?
> >> Looks like I've understood the interaction between SSH and PAM wrong
> >> here, so would appreciate some enlightenment.
> >
> > According to my understanding of the SSH protocol, you're continually
> > asked because an authentication failure is not a fatal error.
> >
> > When authenticating an SSH session, a list of mutually supported methods
> > is compiled (public-key, challenge-response, S/Key,
> > keyboard-interactive, plaintext) and the client cycles through the list
> > based on what it thinks is most likely to work.
> >
> > It's perfectly acceptable for a client to attempt password
> > authentication before public-key, or even interleave them. All the
> > server can do is say yay or nay to an attempt with a restricted method,
> > because it cannot know if the next attempt may utilize an allowed method.
> >
> > After the requisite three or five failed attempts (depending on the
> > server config), it may send a general failure code (too many failed
> > attempts) and disconnect the client at it's discretion.
>
> Here's another oddity I encountered today.
>
> If "PermitRootLogin" is set to "forced-commands-only", my understanding is
> the SSHD will permit root logins if a command to be executed is given. But
> that doesn't seem to be the case in practice! I have keys setup for root
> to login, but instead of letting me in with those keys, SSHD ignores them,
> passes me to PAM for password prompting (three times) and the denies me
> out! Very strange.
>
> I even setup a "Match User" clause for root and specified a command to
> run. Still, SSHD refuses to let me in with/ without key and for a specific
> command.

PermitRootLogin without-password  won't allow what you want to do?
To use it, you have to set up a passphrase (public key).
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: SSH login banner?

2007-09-26 Thread Erik Trulsson
On Wed, Sep 26, 2007 at 09:15:38AM -0400, [EMAIL PROTECTED] wrote:
> I need to apply an SSH user agreement policy so users agrees to the AUP
> _before_ they login.  Everything I read puts the police on the screen
> after login.  Any ideas?  --Joe

The sshd_config(5) manpage documents the following option:

 Banner  In some jurisdictions, sending a warning message before authenti-
 cation may be relevant for getting legal protection.  The con-
 tents of the specified file are sent to the remote user before
 authentication is allowed.  This option is only available for
 protocol version 2.  By default, no banner is displayed.


Sounds like exactly what you want.



-- 

Erik Trulsson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


SSH login banner?

2007-09-26 Thread takhoos
I need to apply an SSH user agreement policy so users agrees to the AUP 
_before_ they login.  Everything I read puts the police on the screen after 
login.   Any ideas?  --Joe 
_
News, entertainment and everything you care about at Live.com. Get it now!
http://www.live.com/getstarted.aspx___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: pf redirect question

2007-09-26 Thread Nikos Vassiliadis
Please CC me when replying to me, since I will
see your replies in no time. Otherwise your reply
might not be seen, since it ends up in another
directory in my maildir.

On Wednesday 26 September 2007 15:18, Jonathan Horne wrote:
> On Wednesday 26 September 2007 02:28:48 Nikos Vassiliadis wrote:
> > No, don't use the IP on your server. Why you should do such a thing?
>
> why not?  i did specify that the old server is decommissioning and would
> be permenantly downed.
>

Because the IP you will use on the host running FreeBSD and PF has
nothing to do with FreeBSD and PF. If you do this, you understand
that packets will be processed locally by FreeBSD's TCP/IP stack
and not forwarded to the new server, right?

You only want PF to alter the address from old server to new server
as I said previously. Not accept the packet as if destined for localhost!

> > You just have to make sure that packets ($old_server <-> $world)
> > are routed through your $pf box. I guess that's the case for you.
> > pf will just translate the destination address from $old_server
> > to $new_server.
>
> yes, any client or server would be able to route across the wan to the
> new ip at the other end.

Something like this:
client-aclient-b
 ||  
( internet cloud )
 |
(pf)(new-server)
 |
 |
(old-server)

> > BUT, which is this service you are talking about? Cause that's not
> > feasible with everything.
>
> ultimately, i want to route some Mcafee ePolicy clients to use another
> server. 

Yes, I know nothing about it. Is redirecting TCP port 8080 enough?

[snip]

> was my syntax in my example incorrect?

Yes, try removing the interface, just to be more general,
until you figure it out. Something like:
rdr inet proto tcp from any to x.x.x.x port = ssh -> y.y.y.y port 22

And use "pfctl -vsnat" to check the state of the rdr command, like this:
  [ Evaluations: 3434  Packets: 14Bytes: 840 States: 0 ]

Be sure that every host involved is reachable from the pf box.

Nikos
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


RE: xfce-4.4.1_1 strange behavior with Launch Desktop Icons.

2007-09-26 Thread Lisandro Grullon
I try reinstalling Thunar and see if that would fix the problem. I still 
experiencing the same problem, those two icons would not launch propery, I am 
pasting my .xsession-errors.

/usr/local/etc/gdm/PreSession/Default: Registering your session with wtmp and 
utmp
/usr/local/etc/gdm/PreSession/Default: running: /usr/local/bin/sessreg -a -w 
/var/log/wtmp -u /var/run/utmp -x "/var/gdm/:0.Xservers" -h "" -l ":0" 
"lgrullon"
/usr/local/etc/gdm/Xsession: Beginning session setup...
To see the last 10 lines of a long file, use "tail filename". To see the
first 10 lines, use "head filename".
-- Dru <[EMAIL PROTECTED]>
/usr/local/etc/gdm/Xsession: Setup done, will execute: /usr/bin/ssh-agent -- 
/usr/local/etc/gdm/Sessions/XFce4
/usr/local/bin/startxfce4: X server already running on display :0
xscreensaver: not found
** Message: This build doesn't include support for XF86Misc extension
** Message: Querying Xkb extension
** Message: Xkb extension found
** Message: Querying Xkb extension
** Message: Xkb extension found
 
** (xfce-mcs-manager:44045): CRITICAL **: find_master: assertion `mixer_handle 
!= -1' failed
 
** (xfce-mcs-manager:44045): WARNING **: oss: No master volume
 
(xfdesktop:44048): thunar-vfs-WARNING **: Failed to connect to the HAL daemon: 
Failed to connect to socket /var/run/dbus/system_bus_socket: No such file or 
directory
 
** (xfce4-session:44042): WARNING **: xfsm-shutdown-helper.c:94: Failed to 
connect to the system message bus: Failed to connect to socket 
/var/run/dbus/system_bus_socket: No such file or directory
** Message: xfsm-shutdown-helper.c:215: HAL not available or does not permit to 
shutdown/reboot the computer, trying sudo fallback instead.


Any light to this weird issue would be appreciated. I hope is not a software 
bug. Lisandro

BTW. Thank you for your response Norberto.



> Date: Wed, 26 Sep 2007 11:07:20 +1000
> From: [EMAIL PROTECTED]
> To: [EMAIL PROTECTED]
> CC: freebsd-questions@freebsd.org
> Subject: Re: xfce-4.4.1_1 strange behavior with Launch Desktop Icons.
> 
> On Tue, 25 Sep 2007 13:26:04 -0400
> Lisandro Grullon <[EMAIL PROTECTED]> wrote:
> 
> > Dear FBSD users,
> > I am running FBSD 6.2R with most of my ports upgrade to the latest. I just 
> > finish doing a upgrade of Xorg 7.2 to 7.3 because I was having an issue 
> > with my keyboard and mouse using 7.2. In any case the reason I am posting 
> > this is because after the upgrade, I launch xfce4 using startx and all went 
> > ok, yet when I am in my desktop and I try assessing the "home" or 
> > "filesystem" icons, they just appear to blink and never get launched, is 
> > any of you having this issue, I am not sure if this is a software bug that 
> > xfce4 is having. If any experience this, please elaborate. Lisandro
> 
> 
> Hi Lisandro,
> have you got Thunar installed? those icons launch your file manager, which by 
> default is the Thunar file manager. I am not sure if there is a way to 
> replace it for other.
> 
> You may want to check ~/.xsession-errors to see if there are any errors being 
> issued by xfdesktop or Thunar itself.
> 
> B
> _
> {Beto|Norberto|Numard} Meijome
> 
> A "No" uttered from deepest conviction is better and greater than a
> "Yes" merely uttered to please, or what is worse, to avoid trouble.
>Mahatma Ghandi
> 
> I speak for myself, not my employer. Contents may be hot. Slippery when wet. 
> Reading disclaimers makes you go blind. Writing them is worse. You have been 
> Warned.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"

_
Discover the new Windows Vista
http://search.msn.com/results.aspx?q=windows+vista&mkt=en-US&form=QBRE___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: pf redirect question

2007-09-26 Thread Jonathan Horne
On Wednesday 26 September 2007 02:28:48 Nikos Vassiliadis wrote:
> No, don't use the IP on your server. Why you should do such a thing?
>

why not?  i did specify that the old server is decommissioning and would be 
permenantly downed.

> You just have to make sure that packets ($old_server <-> $world)
> are routed through your $pf box. I guess that's the case for you.
> pf will just translate the destination address from $old_server
> to $new_server.
>

yes, any client or server would be able to route across the wan to the new ip 
at the other end.

> BUT, which is this service you are talking about? Cause that's not
> feasible with everything.
>
> Nikos

ultimately, i want to route some Mcafee ePolicy clients to use another server.  
weve installed our new agent on all our machines, but i still have a handful 
of clients that are "roamers" who are checking in via the vpn concentrator, 
which i cannot physically get to their machines to perform their upgrade.  if 
i can re-route their check-in server to our new server (and yes, the inbound 
vpn also uses all the same routes  to other sites as our internal core 
switches),  that would a) not knock those roaming clients off antivirus 
updates, b) i could also use the same trick to upgrade our server farm, and 
c) our new york office is lagging way behind on their client upgrades, and 
this would help them out as well (by directing anyone remaining over to the 
new server, which is in chicago).

so far, i was trying it out, by trying to redirect port 80 on my laptop, to a 
monitoring service on the server at 10.22.192.131:8080, but it would just die 
if i tried to telnet to my laptops port 80 (from some other machine, not the 
laptop or test server).

was my syntax in my example incorrect?

thanks,
-- 
Jonathan Horne
http://dfwlpiki.dfwlp.org
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Confusion on SSH and PAM

2007-09-26 Thread Rakhesh Sasidharan


CyberLeo Kitsana wrote:


Rakhesh Sasidharan wrote:

Any ideas or nudges in the right direction as to why this is happening?
Looks like I've understood the interaction between SSH and PAM wrong
here, so would appreciate some enlightenment.


According to my understanding of the SSH protocol, you're continually
asked because an authentication failure is not a fatal error.

When authenticating an SSH session, a list of mutually supported methods
is compiled (public-key, challenge-response, S/Key,
keyboard-interactive, plaintext) and the client cycles through the list
based on what it thinks is most likely to work.

It's perfectly acceptable for a client to attempt password
authentication before public-key, or even interleave them. All the
server can do is say yay or nay to an attempt with a restricted method,
because it cannot know if the next attempt may utilize an allowed method.

After the requisite three or five failed attempts (depending on the
server config), it may send a general failure code (too many failed
attempts) and disconnect the client at it's discretion.


Here's another oddity I encountered today.

If "PermitRootLogin" is set to "forced-commands-only", my understanding is 
the SSHD will permit root logins if a command to be executed is given. But 
that doesn't seem to be the case in practice! I have keys setup for root 
to login, but instead of letting me in with those keys, SSHD ignores them, 
passes me to PAM for password prompting (three times) and the denies me 
out! Very strange.


I even setup a "Match User" clause for root and specified a command to 
run. Still, SSHD refuses to let me in with/ without key and for a specific 
command.


Regards,
- Rakhesh
http://rakhesh.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: xfce-4.4.1_1 strange behavior with Launch Desktop Icons.

2007-09-26 Thread Karsten Rothemund
On Wed, Sep 26, 2007 at 11:07:20AM +1000, Norberto Meijome wrote:
> On Tue, 25 Sep 2007 13:26:04 -0400
> Lisandro Grullon <[EMAIL PROTECTED]> wrote:
> 
> > Dear FBSD users,
> > I am running FBSD 6.2R with most of my ports upgrade to the latest. I just 
> > finish doing a upgrade of Xorg 7.2 to 7.3 because I was having an issue 
> > with my keyboard and mouse using 7.2. In any case the reason I am posting 
> > this is because after the upgrade, I launch xfce4 using startx and all went 
> > ok, yet when I am in my desktop and I try assessing the "home" or 
> > "filesystem" icons, they just appear to blink and never get launched, is 
> > any of you having this issue, I am not sure if this is a software bug that 
> > xfce4 is having. If any experience this, please elaborate. Lisandro
> 
> 
> Hi Lisandro,
> have you got Thunar installed? those icons launch your file manager, which by 
> default is the Thunar file manager. I am not sure if there is a way to 
> replace it for other.
> 
> You may want to check ~/.xsession-errors to see if there are any errors being 
> issued by xfdesktop or Thunar itself.
> 

Hi.

I also got into "trouble" after upgrade 7.2 -> 7.3: Starting xfce took a
very long time. I find the following in my .xsession-errors:

** (xfdesktop:43005): WARNING **: org.xfce.Trash.QueryTrash failed: The
name org.xfce.FileManager was not provided by any .service files
...
** (xfce4-menu-plugin:43029): CRITICAL **: Unable to get keyboard/mouse
grab.

** (xfce4-menu-plugin:43029): CRITICAL **: Unable to get keyboard/mouse
grab.

** (xfce4-menu-plugin:43029): CRITICAL **: Unable to get keyboard/mouse
grab.

** (xfce4-menu-plugin:43029): CRITICAL **: Unable to get keyboard/mouse
grab.


I thought, this is because I can't run hald (crashes the machine
instantly) and Thunar complains about not finding hald (saw this, when I
startet xfce via startx on console I think; I can't find it now in the
logs - so not the exact message, sorry).

Maybe, this information can help you (and me ;) with xfce

Ciao,

Karsten

-- 

Karsten Rothemund <[EMAIL PROTECTED]> /"\
PGP-Key: 0x7019CAA5   \ /
Fingerprint: E752 C759 B9B2 2057 E42F  \  ASCII Ribbon Campaign
 50EE 47AC A7CE 7019 CAA5 / \ Against HTML Mail and News


pgpMc7ENlPPyl.pgp
Description: PGP signature


Re: Is your Thunderbird OK?

2007-09-26 Thread Byung-Hee HWANG
On Tue, 2007-09-25 at 17:47 +0200, Christian Baer wrote:
> On Wed, 26 Sep 2007 00:41:53 +0900 Byung-Hee HWANG wrote:
> 
> > Yeah I also like text based MUAs such as mutt or pine. Sometimes I get
> > HTML messages from my co-workers who use webmail. I must read those HTML
> > messages for my work, study. That's why I need windows-like MUAs, not
> > text based MUAs. Is there any other best MUA? I _really_ feel thirsty
> > for best MUA.. anytime..
> 
> If you can live without the pretty pictures, you can configure Mutt to use
> an external browser like lynx or links to display HTML.
> 
> Otherwise, you could give Claws a closer look.
^
After I read your replying mail, I investigated the Claws. I am
considering for moving from this Evolution to the Claws.

But still Thunderbird will remain as the best MUA to me.

Thank you so much!

Byung-Hee
   


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Is your Thunderbird OK?

2007-09-26 Thread Byung-Hee HWANG
On Tue, 2007-09-25 at 17:47 +0200, Christian Baer wrote:
> On Wed, 26 Sep 2007 00:41:53 +0900 Byung-Hee HWANG wrote:
> 
> > Yeah I also like text based MUAs such as mutt or pine. Sometimes I get
> > HTML messages from my co-workers who use webmail. I must read those HTML
> > messages for my work, study. That's why I need windows-like MUAs, not
> > text based MUAs. Is there any other best MUA? I _really_ feel thirsty
> > for best MUA.. anytime..
> 
> If you can live without the pretty pictures, you can configure Mutt to use
> an external browser like lynx or links to display HTML.
> 
> Otherwise, you could give Claws a closer look.
^
After I read your replying mail, I investigated the Claws. I am
considering for moving from this Evolution to the Claws.

But still Thunderbird will remain as the best MUA to me.

Thank you so much!

Byung-Hee

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: pf redirect question

2007-09-26 Thread Nikos Vassiliadis
On Wednesday 26 September 2007 04:48, Jonathan Horne wrote:
> > > i was wondering if it feasable to down the server, take its IP and
> > > stick it on our FreeBSD server, and then use pf with rdr statements
> > > to redirect any traffic from stragglers to the service on the other
> > > new server?

No, don't use the IP on your server. Why you should do such a thing?

You just have to make sure that packets ($old_server <-> $world)
are routed through your $pf box. I guess that's the case for you.
pf will just translate the destination address from $old_server
to $new_server.

BUT, which is this service you are talking about? Cause that's not
feasible with everything.

Nikos


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Re: Sharing application jail and host?

2007-09-26 Thread Albert Shih
 Le 26/09/2007 à 08:47:05+0800, Aminuddin a écrit
> Hi freebsd gurus,
> I'm playing with jail setup and wanted to provide a virtual server to my
> external remote users to login by ssh and run a couple of applications.
> 
> Do I need to install the application using the ports in the jail itself or
> can I just install the application in the host environment? Is there any
> methods to enable sharing of the application across the jail and host?
> 
Yes it's possible, but if you just begin use jail and if you don't have
disk space problem it's better simple to install all applications in each
jail.

But if don't want to do this this is what you can do :

Make on reference jail (don't let user have access) only for
reference for example you can install this in

/jail/REF


After that you create a new jail in

/jail/new-jail

with in root dir

total 15
drwxr-xr-x  18 root  wheel   512 Jan 15  2007 REF
lrwxr-xr-x   1 root  wheel 7 Dec 19  2006 bin -> REF/bin
lrwxr-xr-x   1 root  wheel 8 Dec 19  2006 boot -> REF/boot
dr-xr-xr-x   4 root  wheel   512 Mar 12  2007 dev
drwxr-xr-x  18 root  wheel  2048 Feb  1  2007 etc
drwxr-xr-x  19 root  wheel  1024 Dec 19  2006 etc-local
lrwxr-xr-x   1 root  wheel 7 Dec 19  2006 lib -> REF/lib
lrwxr-xr-x   1 root  wheel11 Dec 19  2006 libexec -> 
REF/libexec
dr-xr-xr-x   1 root  wheel 0 Sep 26 09:24 proc
drwxr-xr-x   4 root  wheel   512 Jul  5 21:56 root
lrwxr-xr-x   1 root  wheel 8 Dec 19  2006 sbin -> REF/sbin
drwxr-xr-x   3 root  wheel   512 Dec 18  2006 share
drwxrwxrwt   6 root  wheel   512 Sep 26 03:01 tmp
lrwxr-xr-x   1 root  wheel 7 Dec 19  2006 usr -> REF/usr
drwxr-xr-x  22 root  wheel   512 Mar 12  2007 var

the

/jail/new-jail/usr/local/etc is a link to /etc-local

After that you mount in nullfs the /jail/REF in /jail/new-jail/REF
by using

/jail/REF   /jail/new-jail/REF nullfs  rw  0
   0

in your fstab.


When you finish you can install the application only in your REF
jail and automaticaly is install in all your jail.

The «danger» with this method is when you in the new-jail-21 (for example)
after some time you forget you using nullfs and  you erase something
useless for new-jail-21 but absolutly need by new-jail-19Because in a
jail you cannot see it's using nullfs.

Regards.



--
Albert SHIH
Observatoire de Paris Meudon
SIO batiment 15
Téléphone : 01 45 07 76 26
Heure local/Local time:
Mer 26 sep 2007 09:20:27 CEST
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"