Re: ssh -X (X11 forwarding) not working from 6.1 to 8.1
On Tue, Jul 12, 2011 at 03:18:07AM -0700, per...@pluto.rain.com wrote: DISPLAY is not getting set in a remote shell started by ssh -X. $ echo $DISPLAY :0.0 $ ssh -X [server] 'echo DISPLAY=%$DISPLAY%' DISPLAY=%% How would I go about debugging this? DISPLAY _is_ set correctly on the ssh client -- I am running in an xterm there, and can successfully start another (local) one -- and the word DISPLAY is not present in any of the shell startup files (.bash*, .cshrc, .login, .profile, .shrc) on either the ssh client or the ssh server. The ssh client is FreeBSD 6.1 and the ssh server is FreeBSD 8.1. It does work correctly in the other direction (using the 8.1 system as the ssh client and the 6.1 system as the ssh server), and I can run X11 programs on the 8.1 system, displaying on the 6.1 system, provided I set DISPLAY appropriately on the 8.1 system. It's only the ssh X11 forwarding that's broken, and only in one direction. Have you tried putting: DISPLAY=:0.0 in ~/.ssh/environment on the machine that's not setting DISPLAY properly? Regards, -- Frank Contact info: http://www.shute.org.uk/misc/contact.html pgpL3UspxCyWi.pgp Description: PGP signature
Solved: Re: ssh -X (X11 forwarding) not working from 6.1 to 8.1
Mark Felder f...@feld.me wrote: On Tue, 12 Jul 2011 00:06:33 -0500, Michael Sierchio ku...@tenebras.com wrote: xauth not in your path? ssh -Y skips all auth stuff so you don't need xauth; he said that didn't work either :-( Well, apparently, even -Y needs xauth (which was not installed on the 8.1 system) on the ssh server -- although not on the ssh client. After installing it: $ ssh -Y fbsd81 'echo DISPLAY=%$DISPLAY%' /usr/local/bin/xauth: creating new authority file /home/perryh/.Xauthority DISPLAY=%localhost:10.0% and -X also works :) so this turns out to have been the solution. Next question: shouldn't I have gotten some kind of error message when attempting ssh -X or ssh -Y when xauth wasn't available? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ssh -X (X11 forwarding) not working from 6.1 to 8.1
Frank Shute fr...@shute.org.uk wrote: On Tue, Jul 12, 2011 at 03:18:07AM -0700, per...@pluto.rain.com wrote: DISPLAY is not getting set in a remote shell started by ssh -X. ... Have you tried putting: DISPLAY=:0.0 in ~/.ssh/environment on the machine that's not setting DISPLAY properly? Wouldn't that cause the remote app -- which is running on the ssh server -- to (try to) use that machine's own local display? A port-forwarded connection normally has something along the lines of DISPLAY=localhost:10.0 (but it can't be hard-coded, because the 10 part will vary depending on what-all port-forwarded connections exist). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Transparent load balancing
On 7/11/11 6:49 PM, Unga wrote: Hi all I need to implement a transparent load balancing daemon in C. That is, the daemon accept a TCP connection, get more info from the client, and forward the communication transparently to another server to handle it. How this could be implemented on FreeBSD? What basic primitives I should study more? Many thanks in advance. Best regards Unga Hey up, 2 questions come to mind: 1/ get more info from the client - what kind of info ? 2/ have you considered HAProxy ? It does offer a TCP mode. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
mutt and slrn
I've been a GUI man for the last couple of years. Recently I wanted to change back to the two programs I used most: mutt (email) and slrn (news) only to find out they were not in ports anymore. Yes I know, there'se japanese versions, but what ever happened to the 'normal' programs? Are they gone? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mutt and slrn
Op 12-7-2011 11:39 schreef Dick Hoogendijk: I've been a GUI man for the last couple of years. Recently I wanted to change back to the two programs I used most: mutt (email) and slrn (news) only to find out they were not in ports anymore. Yes I know, there'se japanese versions, but what ever happened to the 'normal' programs? Are they gone? I stand corrected. Must have overlooked something in doing the make search name= thing in /usr/ports. They do exist in the normal places (news/slrn and mail/mutt) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Transparent load balancing
--- On Tue, 7/12/11, Damien Fleuriot m...@my.gd wrote: From: Damien Fleuriot m...@my.gd Subject: Re: Transparent load balancing To: Unga unga...@yahoo.com Cc: freebsd-questions@freebsd.org Date: Tuesday, July 12, 2011, 4:11 PM On 7/11/11 6:49 PM, Unga wrote: Hi all I need to implement a transparent load balancing daemon in C. That is, the daemon accept a TCP connection, get more info from the client, and forward the communication transparently to another server to handle it. How this could be implemented on FreeBSD? What basic primitives I should study more? Many thanks in advance. Best regards Unga Hey up, 2 questions come to mind: 1/ get more info from the client - what kind of info ? 2/ have you considered HAProxy ? It does offer a TCP mode. Hi Damien and Chuck Appreciate for replying on this. I want to ask from the client, eg. where do you want to go?, If north, I want to forward to the north server, if south, to the south server. I need to get developed something probably similar to the Proto Balance (http://www.protonet.co.za/whitepaper.html). It says connections are transparently forwarded to an instance chosen by Proto Balance. I want my daemon to make that choice. Unga ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW Firewall NAT inbound port-redirect
From: Dan Nelson dnel...@allantgroup.com To: Michael Sierchio ku...@tenebras.com Cc: freebsd-questions@freebsd.org Sent: Mon, July 11, 2011 1:07:31 PM Subject: Re: IPFW Firewall NAT inbound port-redirect In the last episode (Jul 11), Michael Sierchio said: Sorry for the naive question, but most of my old rulesets still use natd, and I've only used built-in nat for outbound traffic. I'd like to redirect certain ports on certain addresses to the same ports on internal (RFC1918) addresses. The examples in the man page aren't helpful, and the handbook still seems very natd-centric in its examples. Thanks in advance. I use this at the top of my /etc/ipfw.conf file (re0.2 is the interface corresponding to my internet connection) : nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 22 add nat 123 ip from any to any via re0.2 , which redirects incoming port 22 connections to 10.0.0.3. If you want to redirect more ports, add more redirect_port tcp host:port port expressions to the end of your nat line. I believe you can run the nat config command manually with a new list (as in ipfw nat 123 ...) to add/remove entries dynamically. I'm not at home to try it, and don't want to risk losing my remote connection if I mess up :) -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I have used IPFW for many years now. As for forwarding traffic from your gateway to internal machines I've always used the following in my /etc/natd.conf file: dynamic redirect_port tcp 10.0.0.254:80 80 # Apache Webserver inside my LAN redirect_port udp 10.0.0.214:1194 1194 # OpenVPN Port redirect_port tcp 10.0.0.213:443 443 # OpenVPN Port Of course you will need a line like this in your /etc/rc.conf to get natd to read this file: natd_flags=-f /etc/natd.conf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: What is xz ?
Robert Bonomi bon...@mail.r-bonomi.com wrote: Correct. I'm currently on 7-STABLE where it's not yet part of the base system, but my new 8.2-STABLE also has it in /usr/bin. I believe it has been introduced with version 8... It is part of '7.2-RELEASE', It is not. -- Christian naddy Weisgerber na...@mips.inka.de ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW Firewall NAT inbound port-redirect
Is there a way of specifying a particular public address if there is more than one bound to the external interface? A la nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 102.10.22.1: ? On Tue, Jul 12, 2011 at 5:19 AM, Bill Tillman btillma...@yahoo.com wrote: From: Dan Nelson dnel...@allantgroup.com To: Michael Sierchio ku...@tenebras.com Cc: freebsd-questions@freebsd.org Sent: Mon, July 11, 2011 1:07:31 PM Subject: Re: IPFW Firewall NAT inbound port-redirect In the last episode (Jul 11), Michael Sierchio said: Sorry for the naive question, but most of my old rulesets still use natd, and I've only used built-in nat for outbound traffic. I'd like to redirect certain ports on certain addresses to the same ports on internal (RFC1918) addresses. The examples in the man page aren't helpful, and the handbook still seems very natd-centric in its examples. Thanks in advance. I use this at the top of my /etc/ipfw.conf file (re0.2 is the interface corresponding to my internet connection) : nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 22 add nat 123 ip from any to any via re0.2 , which redirects incoming port 22 connections to 10.0.0.3. If you want to redirect more ports, add more redirect_port tcp host:port port expressions to the end of your nat line. I believe you can run the nat config command manually with a new list (as in ipfw nat 123 ...) to add/remove entries dynamically. I'm not at home to try it, and don't want to risk losing my remote connection if I mess up :) -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org I have used IPFW for many years now. As for forwarding traffic from your gateway to internal machines I've always used the following in my /etc/natd.conf file: dynamic redirect_port tcp 10.0.0.254:80 80 # Apache Webserver inside my LAN redirect_port udp 10.0.0.214:1194 1194 # OpenVPN Port redirect_port tcp 10.0.0.213:443 443 # OpenVPN Port Of course you will need a line like this in your /etc/rc.conf to get natd to read this file: natd_flags=-f /etc/natd.conf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW Firewall NAT inbound port-redirect
In the last episode (Jul 12), Michael Sierchio said: Is there a way of specifying a particular public address if there is more than one bound to the external interface? A la nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 102.10.22.1: Yes; the redirect_port syntax is described in the natd manpage: redirect_port proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mergemaster confusion
On Thu, 7 Jul 2011, d...@safeport.com wrote: I have a mergemaster question. I assume this is my error but do not see what I did. I am testing remote update procedures so I started with a 7.0 IS0 and updated it to 7.4. My mergemaster.rc has the following directives: FREEBSD_ID=yes AUTO_UPGRADE=yes AUTO_INSTALL=yes DELETE_STALE_RC_FILES=yes COMP_CONFS=yes plus some diff options. As this was a system with nothing changed except for group, passwd, and csh.cshrc, I expected mergemaster to update all the other files. I think from the code the value does not matter for the first three so yes would be ok (if I am correct). As this did not work (as I expected), I retried with mergemaster -rFUi getting the same result. What did I do wrong? I was afraid that was the answer. Dusting off my script seems to be it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW Firewall NAT inbound port-redirect
We're not talking about natd. The question was about the use of ipfirewall nat. On Tue, Jul 12, 2011 at 9:03 AM, Dan Nelson dnel...@allantgroup.com wrote: In the last episode (Jul 12), Michael Sierchio said: Is there a way of specifying a particular public address if there is more than one bound to the external interface? A la nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 102.10.22.1: Yes; the redirect_port syntax is described in the natd manpage: redirect_port proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW Firewall NAT inbound port-redirect
In the last episode (Jul 12), Michael Sierchio said: On Tue, Jul 12, 2011 at 9:03 AM, Dan Nelson dnel...@allantgroup.com wrote: In the last episode (Jul 12), Michael Sierchio said: Is there a way of specifying a particular public address if there is more than one bound to the external interface? A la nat 123 config if re0.2 log same_ports redirect_port tcp 10.0.0.3:22 102.10.22.1: Yes; the redirect_port syntax is described in the natd manpage: redirect_port proto targetIP:targetPORT[-targetPORT] [aliasIP:]aliasPORT[-aliasPORT] [remoteIP[:remotePORT[-remotePORT]]] We're not talking about natd. The question was about the use of ipfirewall nat. Right, but ipfw nat is basically the userland libalias library loaded as a kernel module, so the config parameters are the same. $ grep MODULE_DEPEND /sys/netinet/ipfw/ip_fw_nat.c MODULE_DEPEND(ipfw_nat, libalias, 1, 1, 1); MODULE_DEPEND(ipfw_nat, ipfw, 2, 2, 2); also, man ipfw: NETWORK ADDRESS TRANSLATION (NAT) ipfw support in-kernel NAT using the kernel version of libalias(3). [..] REDIRECT AND LSNAT SUPPORT IN IPFW Redirect and LSNAT support follow closely the syntax used in natd(8). See Section EXAMPLES for some examples on how to do redirect and lsnat. -- Dan Nelson dnel...@allantgroup.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org