Re: Is it possible to suspend to disk with geli+Root on ZFS installation
On Sun, 13 Oct 2013 13:17:20 +1000, yudi v wrote: On Mon, Sep 30, 2013 at 2:47 AM, Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 486, Issue 7, Message: 5 On Sat, 28 Sep 2013 16:25:33 +0200 Roland Smith rsm...@xs4all.nl wrote: On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote: Hi all, Is it possible to suspend to disk (hibernate) when using geli for full disk encryption. [..] I must reiterate, FreeBSD does not support Suspend to Disk (state S4 aka 'hibernate') on ANY platform, except - perhaps - on machines supporting S4 in BIOS (hw.acpi.s4bios=1) which are very rarely spotted in the wild. And even suspend to RAM doesn't work on every machine [2]. [2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk That page IS about Suspend to Disk - but only as a wishlist idea, as it has been for many years. Someone did take it on as a Google SoC project years ago, but nothing ever came of it to my knowledge. [..] Thanks Ian for clarifying that FreeBSD does not support Suspend to Disk. I just assumed all major distros supported all the suspend states. Now I am looking for a UPS that cleanly shuts down the machine when there is a power outage. Hi Yudi, you haven't said what sort of machine (desktop/server/laptop) or how long a mains power fail runtime you're after, so it's impossible to guess what sort of size UPS you might need .. I am looking at a APC Power-Saving Back-UPS ES 8 Outlet 700VA 230V AS 3112http://www.apc.com/products/resource/include/techspec_index.cfm?base_sku=BE700G-AZtotal_watts=200tab=features, I don't know about that model; it makes no mention of shutdown alert / control at all, only 'some models' have a USB connector, and I couldn't find the manual for it there. Certainly not all 'desktop' UPSes support what's needed to communicate and shutdown cleanly, so check carefully both the specs and that software (apcupsd or nut) supports the model. I gather from your timestamp (and that model) that you may be in Australia, in which case you could browse from here for the APCs: http://www.apc.com/products/category.cfm?id=13ISOCountryCode=au [However that page currently throws errors on the various model links of 'Element CACHE.APCTOSECOUNTRYMAPPINGS is undefined in APPLICATION.' :( ] anyone know if apcupsd daemon works fine under FreeBSD or should I be looking at Network UPS Tools (NUT). I'm sure there are people here who can advise. I've only setup Eaton and PowerWare UPSes, and those on a Debian linux server, using NUT. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is it possible to suspend to disk with geli+Root on ZFS installation
In freebsd-questions Digest, Vol 486, Issue 7, Message: 5 On Sat, 28 Sep 2013 16:25:33 +0200 Roland Smith rsm...@xs4all.nl wrote: On Fri, Sep 27, 2013 at 05:37:55PM +1000, yudi v wrote: Hi all, Is it possible to suspend to disk (hibernate) when using geli for full disk encryption. As far as I can tell, FreeBSD doesn't support suspend to disk on all architectures. On amd64 the necessary infrastructure doesn't exist, and on i386 FPU state is lost, there is no multiprocessor support and some MSRs are not restored [1]. [1]: https://wiki.freebsd.org/SuspendResume Roland, sorry, no; you (and that page) are talking about Suspend to RAM, ACPI state S3. What you've said is correct re Suspend to RAM - though some running amd64 have achieved some success on some machines lately; most of the issues are with restoring modern video, backlight and such. Those i386 comments don't apply to my Thinkpad T23s, which suspend and resume, in console mode and X, flawlessly on 9.1-R and properly after various tweaks on 8.x, 7.x and 6.x - but they're a single core P3-M .. I must reiterate, FreeBSD does not support Suspend to Disk (state S4 aka 'hibernate') on ANY platform, except - perhaps - on machines supporting S4 in BIOS (hw.acpi.s4bios=1) which are very rarely spotted in the wild. And even suspend to RAM doesn't work on every machine [2]. [2]: https://wiki.freebsd.org/IdeasPage#Suspend_to_disk That page IS about Suspend to Disk - but only as a wishlist idea, as it has been for many years. Someone did take it on as a Google SoC project years ago, but nothing ever came of it to my knowledge. The last laptop I have that will properly hibernate - ie save RAM and all state to disk and power off, then reload all RAM and state on power return - is a 300MHz Compaq Armada 1500C (mfg '98), but using the older APM BIOS rather than ACPI. (It's still running, 24/7/365 since 2002 :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Is it possible to suspend to disk with geli+Root on ZFS installation
In freebsd-questions Digest, Vol 486, Issue 5, Message: 18 On Fri, 27 Sep 2013 17:37:55 +1000 yudi v yudi@gmail.com wrote: Hi all, Is it possible to suspend to disk (hibernate) when using geli for full disk encryption. My set-up is listed below. So I am going to have an encrypted container and ZFS on top. There are two options for the swap with this set-up, either use a swap file on the ZFS pool or use a separate partition for swap and encrypt that. What I want to know is will either of this work with suspend to disk. FreeBSD does not support suspend to disk (ACPI state S4) at all. It's been some years since I last heard of any attempts to implement STD. Suspend to RAM (state S3) works on some machines, including mine. If it works on yours then I suspect use of ZFS shouldn't be an extra issue. I haven't used ZFS, so can't comment on the rest of your message(s). cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Potential Vulnerabilities list on US Cert
In freebsd-questions Digest, Vol 483, Issue 2, Message: 1 On Mon, 2 Sep 2013 10:41:44 -0400 Jerry je...@seibercom.net wrote: I usually check the US Cert listing every week to see if anything interesting is listed. https://www.us-cert.gov/ncas/bulletins/SB13-245 I discovered that there are two listings for FreeBSD: 1) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-3077 2) http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5209 I just thought that users should be aware of this. Thanks for the thought, Jerry. To add to Lowell's assurance .. If you followed the links in those vuln reports to the FreeBSD Security Advisories and source patches for all supported FreeBSD versions, that were applied prior to their announcement on 22nd August in (at least) the freebsd-security@ and freebsd-announce@ lists, you could have known a week sooner :) Anyone running a FreeBSD system with possibly untrusted local users running multicast (in the case of CVE-2013-3077) or running servers using SCTP (in the case of CVE-2013-5209) would naturally have read these and have applied updates before the CERT advisories appeared. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD on ThinkPad W530
On Wed, 14 Aug 2013 15:40:58 +0200, vermaden wrote: Hi and thanks for reply ;) Yay another FreeBSD laptop user! I use FreeBSD for dekstop/workstation for I do not remember how long: http://vermaden.deviantart.com/art/CorporateBSD-FreeBSD-at-Work-190680188 Please do this: * join the freebsd-mobile list;* create PRs for each of your problems with -10 above!; Here are created PRs: http://www.freebsd.org/cgi/query-pr.cgi?pr=181281 stack trace after successfull 'umount /mnt' (SDHC card mounted as msdosfs) http://www.freebsd.org/cgi/query-pr.cgi?pr=181282 3h of work on battery on FreeBSD while 10h on Windows Hi; I'm only going to address this one, so chopping mercilessly .. http://www.freebsd.org/cgi/query-pr.cgi?pr=181283 acpi_ibm module is useless on ThinkPad W530 http://www.freebsd.org/cgi/query-pr.cgi?pr=181285 x11/xorg does not start if Nvidia Optimus is enabled on * the power utilisation thing is going to be fun to track down - what kind of CPU is in there? Is it a recent Intel? I'm playing around with their tools at the moment; maybe we can look at the power the CPU is consuming and then add on the power from each of the other parts in your laptop until we figure out what's drawing said power Can't fault the comprensiveness of your PR 181282 :) I did notice: dev.cpu.0.cx_lowest: C1 As a starting point, try following mav@'s excellent Tuning Power guide: https://wiki.freebsd.org/TuningPowerConsumption I don't know what the i7 or your BIOS does about C-states, but using C2 and especially if you can get to C3 or equivalent could give a big win; with other tunings Alexander managed to double battery life (on a C2D) You said powerd was 'working' but without indication of effectiveness, such as what CPU speeds correspond to idle/light load/full load etc? You may want to try tuning its default modes/idle/busy settings, and measure real power used at different freqs. I suggest trying the advice there to disable p4tcc and acpi_throttle, reducing number of P-states considerably. Then 'service powerd stop', run powerd -v in a console and measure power consumption at various loads and CPU frequencies. If you have no wattmeter, acpiconf -i0 may serve as a guide (though you do have to wait a while for changes to be reflected); for such monitoring (albeit with working acpi_ibm) I use: smithi on t23% cat ~/bin/t23stat #!/bin/sh echo -n `date` sysctl dev.cpu.0.freq dev.cpu.0.cx_usage sysctl dev.acpi_ibm | egrep 'fan_|thermal' sysctl hw.acpi.thermal.tz0.temperature acpiconf -i0 | egrep 'State|Remain|Present|Volt' smithi on t23% t23stat Mon Aug 19 22:09:15 EST 2013 dev.cpu.0.freq: 733 dev.cpu.0.cx_usage: 0.05% 99.94% 0.00% last 529us dev.acpi_ibm.0.fan_speed: 2254 dev.acpi_ibm.0.fan_level: 1 dev.acpi_ibm.0.thermal: 47 46 42 -1 -1 -1 29 -1 hw.acpi.thermal.tz0.temperature: 47.0C State: discharging Remaining capacity: 95% Remaining time: 2:36 Present rate: 17313 mW Present voltage:12236 mV Cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9.2-RC1: Problem with Kernel
In freebsd-questions Digest, Vol 479, Issue 8, Message: 10
On Sun, 11 Aug 2013 09:43:57 + (UTC) Walter Hurry walterhu...@gmail.com
wrote:
On Sat, 10 Aug 2013 21:29:10 +0200, Polytropon wrote:
On Sat, 10 Aug 2013 19:04:29 + (UTC), Walter Hurry wrote:
This is 9.2-RC1 on amd64 (upgraded from 9.2-BETA1 by refetching the
source from releng/9.2 and rebuilding kernel and world).
The kernel compiles and runs fine using the supplied GENERIC, but when
I try to use my custom kenel config file, on reboot I get this:
Mounting from ufs:/dev/ada0p2 failed with error 19
What module(s) have I missed?
Diff against the GENERIC kernel. Maybe device xhci?
What bootable media is listed when you type ? at the mountroot prompt?
If GENERIC boots and your kernel doesn't, there should be a significant
difference regarding the config file's content. :-)
Thanks for the reply. When I type ? at the mountroot prompt I get:
List of GEOM managed disk devices:
with nothing shown.
After restoring the GENERIC kernel, the output from 'gpart list' is:
Geom name: ada0
[..]
Consumers:
1. Name: ada0
Mediasize: 21474836480 (20G)
Sectorsize: 512
Mode: r2w2e3
(This is a small VirtualBox VM.)
Kernel config is at http://paste2.org/h17Ih0PD
Please Walter, it's not fair to make us do the work of figuring out what
you've changed from GENERIC in that, when all you need to provide is:
# diff -uw /path/to/GENERIC /path/to/YOURKERNEL
More ideal for custom kernel configs - for just these occasions - is:
include GENERIC
ident YOURKERNEL
# custom {no,}device and {no,}options statements
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD slices and the Boot Manager
On Mon, 29 Jul 2013 01:04:04 +0200 (CEST), Conny Andersson wrote: Hi Devin, Apropos sade (sysadmins disk editor). I have it at /usr/sbin/sade and I am running a FreeBSD 8.3. I also mounted FreeBSD 8.1 and FreeBSD 8.2 and found sade at /usr/sbin/ even in these older FreeBSDs. I can't recall if sade was in 6.x but it certainly is in 7.x. I think Devin meant to say 'in 9 and earlier'. Yes it's taken from the fdisk and bsdlabel sections of sysinstall, but existed long before there was talk of deprecating sysinstall, apart from Jordan's self-deprecatory comments some 18 years ago suggesting it should be updated/replaced, as found under BUGS in sysinstall(8) up to at least 8.2, but not in 9.x: This utility is a prototype which lasted several years past its expira- tion date and is greatly in need of death. Regards, Conny On Sun, 28 Jul 2013, Teske, Devin wrote: In this case, sade is (or was) a direct by-product of the death of sysinstall(8). It only exists in 9 or higher. In-fact... sade was (up until recently in HEAD) actual code removed from sysinstall(8). NOTE: In HEAD, sade(8) is now a direct path to bsdinstall partedit Well that will be alright if 'bsdinstall partedit' now does the hitherto missing sade functions, particulary Disklabel Editor functions such as allowing one to toggle newfs on particular (BSD) partitions, toggle softupdates, use custom newfs options, and delete-and-merge partitions? I don't know what the long-term goals are for sade, but it's a nice 4-letter acronym that's a nice keystroke saver (at the very least). As I said, unless you're into the arcane maths needed to run fdisk and bsdlabel manually, sade (or its functions in sysinstall) is the only safe and sane way to manage MBR disks. I'd love to be proven wrong .. And credit to you, Devin, for developing bsdconfig to replace most of sysinstall's other post-installation functions. I'll have a play with that when I upgrade my 9.1 to 9.2 fairly soon. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD slices and the Boot Manager
In freebsd-questions Digest, Vol 477, Issue 8, Message: 10 On Sat, 27 Jul 2013 19:39:30 +0200 (CEST) Conny Andersson atar...@telia.com wrote: Hi, I have a workstation with two factory installed hard disks. The first disk, ada0, is occupied by a Windows 7 Pro OS (mainly kept for the three year warranty of the workstation as Dell techs mostly speak the Microsoft language). Yes, best humour adherents of the Almighty Bill - keeps them sweet. Instead I have configured the BIOS to boot from the MBR on the second disk as I most of the time (99%) use FreeBSD. The MBR on ada1 was installed with sysinstall's option Install the FreeBSD Boot Manager, when I installed the FreeBSD 8.3-RELEASE. Right. sysinstall(8) - or at least the fdisk and bsdlabel modules that constitute sade(8) - remains the only safe and sane way to handle MBR disks. bsdinstall seems fine for GPT, but its paradigm doesn't play so well with trying to do the sorts of manipulations you're talking about here. Why noone's tried to update sade(8) for GPT I don't understand; it's a far better, more forgiving interface, in my old-fashioned? view. (The latest BIOS version 2.4.0 for Dell T1500 does not support UEFI/GPT/GUID.) The second disk ada1, now has three FreeBSD slices: 1) ada1s1 with FreeBSD 8.1-RELEASE 2) ada1s2 with FreeBSD 8.2-RELEASE 3) ada1s3 with FreeBSD 8.3-RELEASE I want to install the new FreeBSD 8.4-RELEASE on ada1s1 by overwriting the now existing two first slices. This means that ada1s3, must become ada1s2 instead. Is this possible to do? Yes and no. Using sysinstall|sade on my 9.1 laptop -- without setting sysctl kern.geom.debugflags=16 so it can't write any inadvertent changes to my disk :) -- in the fdisk screen you can delete the first two slices freeing their space for a new slice (or two) and you can then allocate s1 ok, but the existing s3 is still called s3. Would that be a problem? If you only created one slice there you'd have s1 and s3, with s2 and s4 marked as empty in the MBR shown by fdisk(8). MBR slice order need not follow disk allocations, eg s4 might point to an earlier disk region. sysinstall|sade has undo options for both fdisk and bsdlabel modules; it's easy to play with, no chance of damage - even with foot-shooting flag set, unless/until you commit to changes. If in doubt hit escape until it backs right out, nothing will be written. A very important question is if sysinstall's option Install the FreeBSD Boot Manager detects that I have a FreeBSD 8.3 and detect it as slice 2 on disk 1? So it becomes a boot option when I am rebooting? (Maybe the slice may come up as ad6s2, because AHCI in FreeBSD 8.4 isn't enabled at the time of the install.) If you're running 8.4 sysinstall as init, ie booted into the installer, and you've told it to install to s1, then it should set s1 as the active partition in the disk table and in boot0cfg's active slice table. I've never tried it with a second disk so I can't confirm that will all play nice, but you seem to have installed 3 versions ok before :) If not, you can run boot0cfg(8) anytime to set the active slice etc, so that shouldn't be a worry. Likely need to set debugflags=16 to do that on a running system also .. don't forget to set them back to 0 later! (For anyone) still nervous about sade for setting up MBR disks, play with a spare memstick, setup a couple of slices, boot0cfg etc, allocate and delete slices and partitions. Jordan got that together 15years ago so noone would ever need to do those icky slice/partition maths again. My theory: few have been brave enough to dare mess with $deity's work, though it just needs some updates for modern realities, not abandonment. [ Polytropon, it's not 'obsolete' at all; still in 9 anyway. It'll be obsolete when there are no more MBR-only systems in use - say 7 years - OR when bsdinstall incorporates all the missing good sade(8) features, which requires it making a clear distinction between GPT and MBR and working accordingly, including cleaning up GPT stuff if MBR chosen. At 9.1-R anyway, it doesn't do it so well for MBR. Try installing over an existing desired slice partitioning, newfs'ing everything EXCEPT your valuable /home partition. Not for beginners, yet simple in sade(8) ] If the answer to these questions is yes, then the next two questions arise. Can I mount ada1s2a (FreeBSD 8.3) from the newly installed FreeBSD 8.4 and edit my FreeBSD's 8.3-R /etc/fstab according to the new disk layout, and occasionally run FreeBSD 8.3 without problems? Or do I have to do more to get it to work? Except it likely will still be called ada1s3a, it should be no problem. Once boot0cfg(8) is working right, you can boot from any bootable slice; it 'knows' but doesn't care what (if any) OS is on any other slices. The idea behind this kind of 'reverse' disk layout of mine is to have
Re: Recipie for CPU souffle'
In freebsd-questions Digest, Vol 461, Issue 6, Message: 1 (sorry about the threading) On Wed, 3 Apr 2013 15:12:17 +0200 Polytropon free...@edvax.de wrote: On Tue, 02 Apr 2013 19:10:59 -0700, Ronald F. Guilmette wrote: See how the entire ioctl() interface for these device types is completely documented IN THE MAN PAGE? That's the way it should be... None of this rooting around in the sources for something that should have been documented properly, external to the kernel sources. I agree that especially to developers, that sounds logical and very helpful. Seems that manpages do not aim for that goal anymore... Well I can't help but feel this is being taken a tad more seriously than speaker(4) deserves - but it was first committed to FreeBSD 1.0 in '93, 19 years and 9 months ago in what is now SVN revision 4 (!), originally written by Eric Raymond in '90 then modified by ache(@) from 386bsd only clean version, all SYSV stuff removed, suggesting more ancient origins. So I'm not sure this doesn't rather predate 'anymore' :) One's referred to the source in /sys/dev/speaker/speaker.h (a few lines) and it's not a long jump to peek at /sys/dev/speaker/spkr.c http://svnweb.freebsd.org/base/head/sys/dev/speaker/spkr.c?annotate=4 This original one is easier to follow at the bare metal level, with direct inb() and outb() to the PIT (i8254) timer #2, functions later moved into clock.c, making one have to refer to all of 4 source files for the 'machine independent' modern version, though I wonder if anyone not on x86/pc98 is/was actually using spkr(4)? With r177648 5 years ago, phk@ said If somebody cleaned this code up to proper style(9), it could become a great educational starting point for aspiring kernel hackers. 2 months later: Move speaker a lot closer to style(9). It was one of the first devices I could follow, at any rate. It doesn't have to cover everything. But it _should_ completely describe the programatic interface. At least is leaves questions, like stating use the syscalls in order to..., and the reader is left with the most obvious question: _which_ syscalls? Sometimes examples are the best teachers. spkrtest(8) is just a sh script that writes to the device. For more sophisticated use (!) spkr.c is overcommented, if anything, and it's only ~550 well-spaced lines. But like I said, somewher along the line, a lot of man page writers apparently got lazy... VERY lazy. Mmm, and a few man page readers too? It's really not rocket science .. But keep in mind they're still alive! Judging from the manpages of... *cough* can I say this? YOu know, more prominent open source operating systems for desktops... they're usually much worse _if_ there is a manpage. In most cases, there's none. True. And I can usually get little more sense out of info(1) than from windows 'troubleshooter' :) Second order question: Why can't I just pipe a .wav file to the /dev/speaker device file and have it play? Wouldn't that make quite a lot of sense? No, that does not work. Apparently not. Why it doesn't work (or couldn't work) is less clear. The speaker interface to the _PC speaker_ is not a DSP. It's programming is much simpler. The note language that it uses on FreeBSD is much more than other interfaces offer. Better ones have stuff like pitch, duration, turn off. Not to mention staccato, legato, dotted notes - sophisticated stuff! [..] % echo c /dev/speaker Humm... now _that_ is both interesting and enlightening. I actually remember having used something comparable on BASIC, when my brain wasn't fully developed yet. :-) The note language is _from_ BASIC .. do read the source, Luke(s)! echo cdefgabc /dev/speaker It's still a nice interface to generate attention sounds in case you want to make an audible alarm or signal for some specific action, like a program which has aborted, an unverified backup or the successful completition of a task. Indeed it is. On an old laptop using APM I used to play little tunes as the battery got down to 30, 20, 10%, noiser just before forced suspend, which saved me not a few times. A nice little chirp when fully charged. [..] I wonder if whoever write and distributed this realized that he/she could be sued for copyright infringement for about 5 of the simple tunes that are embedded in that thing. Sad but true. :-( I hope noone's losing too much sleep, after ~20 uneventful years :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: qjail fork attribution was Handbook Jail Chapter rewrite available for critique (fwd)
On Tue, 2 Apr 2013 01:00:44 -0400, Stephen Cook wrote: On 4/1/2013 5:23 AM, Ian Smith wrote: Actually, I forwarded a message that Joe fb...@a1poweruser.com posted to -jail and -ports. Proper attribution is what this issue's all about. It's been pointed out to me privately that cross-posting is frowned upon in FreeBSD lists and I would usually concur, but this matter started in -questions and I believe that it's an issue of some public importance. So, it was Joe who wrote: One does not have to be a lawyer to know the lack of any license verbiage embedded in computer programs released to the public becomes property of public domain forever. Putting license verbiage on your next port version is unenforceable because it's already property of public domain. I don't know enough about the original disagreement to comment on it, but this part is completely untrue. IANAL but I can use Google and common sense. Under the Berne Convention, if there is no notice included with a copyrightable work, it defaults to all rights reserved. Until you receive explicit permission, or a permissive license is included, it is assumed that you *cannot* legally copy or derive from that work. This certainly appears to be the concensus view. So, if there is no license at all attached to ezjail, as you say, you are infringing copyright. Luckily for you, the ezjail web page declares it to be licensed as Beer Ware after all. Hm, let's look at a Beerware licence. There are 106 of them in /usr/src at 8.2-RELEASE; here's an apropos one from /usr/src/usr.sbin/jail/jail.8 .\ .\ Copyright (c) 2000, 2003 Robert N. M. Watson .\ Copyright (c) 2008 James Gritton .\ All rights reserved. .\ [.. standard two-clause BSD licence and disclaimer, followed by ..] .\ .\ THE BEER-WARE LICENSE (Revision 42): .\ p...@freebsd.org wrote this file. As long as you retain this notice you .\ can do whatever you want with this stuff. If we meet some day, and you think .\ this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp .\ As long as you retain this notice is the issue, at least in spirit; that is, as long as qjail's original authorship is properly attributed. As far as I can tell, Dirk is (rightfully) insisting only upon that. Nothing personal, I just tend to correct people when they make up laws, especially after a long enough period where I didn't get to criticize anyone's grammar. :-) Indeed. Feel free to criticise mine, modulo unAmerican spelling :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: qjail fork attribution was Handbook Jail Chapter rewrite available for critique (fwd)
Posted so people following -questions can gather what Joe Barbish is fishing for in the present thread regarding copyright and licensing. cheers, Ian -- Forwarded message -- Date: Tue, 26 Mar 2013 12:26:16 -0400 From: Fbsd8 fb...@a1poweruser.com To: Dirk Engling erdge...@erdgeist.org Cc: po...@freebsd.org, freebsd-j...@freebsd.org Subject: Re:qjail fork attribution was Handbook Jail Chapter rewrite available for critique Dirk Engling wrote: Dear JoeB, since you just threatened me via private email to expose my evil plans of preventing your ubercool project from taking FreeBSD by storm, I would like to comment on your views and your project publicly On 22.03.13 23:12, Fbsd8 wrote: On the subject of qjail being a fork of ezjail, of course it is. So, you've decided to run along with an existing code base to fork a project. Congratulations. You surely must have had reasons, like including features that the original author told you never to implement. Like you found the project abandoned and no one replied to your requests. Well, except you did not. I found out about your fork by chance, after someone directed my attention to your constant bragging and nagging. Why, after all, would you ever feel the need to talk to me directly about the fork? After all, what common interests might we possibly share? So I think the only reason to rip off ezjails code was to boost your ego with some impressive looking column of shell script you obviously had trouble understanding, which comes as no surprise as you _still_ seem to have trouble grasping even the basic concepts of shell scripting: http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/248558.html http://lists.freebsd.org/pipermail/freebsd-questions/2013-January/247723.html Reading this I find it very disturbing that you try to lure users into using your bumbling hack that pokes in one of the core security features of FreeBSD. To put it more plainly: What you do is dangerous. Stop doing it. You're putting your users at risk. British member concluded that the author of ezjail must be British based solely on the spelling of the flavour directory. He also convinced us that his Beerware license was British humor, a joke, and should not be taken serous. In our review of other jail ports we did not see this Then tell your British member to read up on some contemporary literature, maybe Wikipedia http://en.wikipedia.org/wiki/Beerware so he has a chance to understand what connects Beerware and FreeBSD. Do not use your confused team member as pretext to violate the terms of license you obviously found by yourself and chose to ignore. file. It was inserted in the front like they have. We though that was how you make software opensource which was the intention. There are no formal copyright documents; it's just a extrapolation from the FreeBSD comments. Besides completely failing to see the point what the difference between open source and public domain is, you do not have the slightest idea, what a community of people sharing their code as open source is about. The simple fact that you resort to Windows and IIS to serve your web site should have warned me, that you do not actually have any connection to the scene besides your gimme-gimme-gimme attitude. To make my point clear: Open source software is about attribution. For multiple reasons, most important to me: getting to socialize. Beerware is not so much about getting the actual beer, but to have a chance to sit together and talk with people sharing common interests. Now you rob me of the chance to ever hear from people using my code disguised as yours. Another reason, of course, is the pride we take in spending nearly ten years on ezjail and we definitely do not like some script kiddie running around adorn himself with plumes plucked from our asses. section is not appropriate to include qjail under Freebsd opensource type of license, then we can change the comments to say totally free to do as you wish as opensource and leave it at that. If something else is needed, please inform what that is by private email. To continue this this subject in public is not appropriate. Please respect our wish in this matter. No, I will not respect your wishes, as you chose to ignore mine. You are not totally free to do as you wish with the ezjail authors' code and you can not grant that rights to someone else. Regarding your fork: I can not and I will not prevent forks from happening. So I wish you good luck with it. Maybe you learn some shell on the way. The qjail port has been marked RESTRICTED by the ports managers and I will withdraw my concerns once you find a proper way to indicate original authorship in a humble way. Regards, erdgeist Dear Dirk Engling I feel sorry for you. I man with such talent and respect has fallen to such a level of self induced
Re: Handbook Jail Chapter rewrite available for critique
On Thu, 21 Mar 2013 11:21:29 -0400, Alejandro Imass wrote: On Thu, Mar 21, 2013 at 3:35 AM, Ian Smith smi...@nimnet.asn.au wrote: On Tue, 19 Mar 2013 17:53:30 +0100, Dirk Engling wrote: [.. also chopping mercilessly ..] # Copyright 2010, Qjail project. All rights reserved. offensive. I am usually quite open with the license of my software, beerware is as permissive as it gets. I just can not take some script kiddie right out copying my code verbatim and selling it as his, not even acknowledging me as the original author. Anyone here with suggestions how to properly react to this kind of fork? Yes. Publicity. Making sure the FreeBSD community gets to finds out. [...] To that end I'm cross-posting this to -questions, where Mr Barbish has also posted about his proposed rewrite of Chapter 16 of the Handbook, which is nothing but a huge and poorly written manual for 'the qjail way', with its peculiar assumptions and unique jailcell terminology. Fourth Generation, no less! +1 Thank you Ian for cross-posting here. The first thing I did when I got the new chapter for review was search for the work EzJail and I was curious as to why EzJail is not mentioned anywhere in this new proposal and why it isn't mentioned in the current handbook either under in section 16.5.2 High-Level Administrative Tools in the FreeBSD Ports Collection. If there is __any__ tool that should be mentioned in the jails chapter it is EzJail because it's really easy to use and does a damn good job. Actually, ezjail has been explicitly mentioned in '16.6 Application of Jails' http://www.freebsd.org/doc/handbook/jails-application.html since revision 30226 by danger, Mon May 28 20:02:46 2007 UTC, which section was just 6 weeks ago updated with a (preceding) similar port reference to qjail: http://svnweb.freebsd.org/doc?view=revisionrevision=40900 [..] NOW some things start to make sense to me, when I posted a problem with EzJail here last year that very few people, if any, knew what I was talking about. An how could they? if it's not mentioned anywhere in the handbook or that jail man page(s). man pages aren't an appropriate place to recommend particular ports; there are others, and there will be more. The above are mentioned in the handbook page in the context of simpler alternatives to following the more detailed procedures presented to actually teach one how jail technology may be implemented, which - in my view - is the Good Stuff. There have been about 20 messages in freebsd-jail@ referring to ezjail this year so far before this thread, as in previous years; try browsing the archives from http://lists.freebsd.org/pipermail/freebsd-jail/ OTOH, I've seen no prior posts in jail@ about qjail before this thread. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Handbook Jail Chapter rewrite available for critique (fwd)
Joe, your mailer dropped -questions from the ccs on your response. Fixed, Ian -- Forwarded message -- Date: Fri, 22 Mar 2013 18:12:18 -0400 From: Fbsd8 fb...@a1poweruser.com To: freebsd-j...@freebsd.org Cc: Ian Smith smi...@nimnet.asn.au, Dirk Engling erdge...@erdgeist.org Subject: Re: Handbook Jail Chapter rewrite available for critique Ian Smith wrote: On Tue, 19 Mar 2013 17:53:30 +0100, Dirk Engling wrote: On 18.03.13 20:16, s...@tormail.org wrote: to configure things themselves. In my experience, ezjail is a much better solution. I also see that you are the maintainer/author of qjail and like to shovel your opinion as the only solution, both in this rewrite and all over the FreeBSD forums. Taking a look at the qjail code I can not help to notice several odd similarities with the ezjail-admin script, down to the very basic bail out routines. I would not go so far to claim it was just a global search/replace job but to me the code looks familiar enough to find the # Copyright 2010, Qjail project. All rights reserved. offensive. I am usually quite open with the license of my software, beerware is as permissive as it gets. I just can not take some script kiddie right out copying my code verbatim and selling it as his, not even acknowledging me as the original author. Anyone here with suggestions how to properly react to this kind of fork? Yes. Publicity. Making sure the FreeBSD community gets to finds out. You may be polite and un-selfserving enough to not go so far Dirk, but I will. Huge swathes of qjail are direct copies of your code, in most cases only with the names of the variables changed from ezjail_* to qjail_*. I found it cute renaming 'flavour' to the American spelling. Anyone looking at bin/qjail from qjail-2.1.tbz alongside the latest ezjail-admin (mine downloaded from your cvsweb) cannot fail to notice within the first couple of screens. Sure there are changes, additions and deletions, but to fail to acknowledge the original authorship of this code, and the implication that Joe Barbish (aka 'Qjail project') is its original author is entirely outrageous; not ethical, even if legal. To that end I'm cross-posting this to -questions, where Mr Barbish has also posted about his proposed rewrite of Chapter 16 of the Handbook, which is nothing but a huge and poorly written manual for 'the qjail way', with its peculiar assumptions and unique jailcell terminology. Fourth Generation, no less! The idea that the doc gang would entertain the idea of removing all of the worthy content of the present Chapter 16 - even if it does need some updating - and replace it with this effort is laughable, yet stranger things have happened if there's any disconnect between developers and documenters .. witness the Handbook firewalls section, by Joe Barbish. cheers, Ian Boy this simple critique request sure has gotten out of hand. So lets set the record straight. On the subject ezjail not being referenced in the document like it is in the current version of the online handbook is just a writing content error. The document being critiqued is the first public draft. Pointing out over sights like not included ezjail in that section is the type of constructive feedback that is desired. Any inference it was done on purpose is just crazy. When it comes to the question of the handbook jail chapter needing updating, A member of the document team has already offered to partner up with me to get it added to the handbook as fast as possible. To me that means the document team is already aware the current handbook jail chapter is outdated and has just been waiting for someone to write a update which is just what I did. If you people have a beef with that, take it up with the document team not me. If any of you think you can do a better job then NOW is the time to step up or shut up. On the subject of qjail being a fork of ezjail, of course it is. Qjail was developed by the qjail project team who are a group of FreeBSD users who live around Angeles City, Philippines. Of the seven members 2 are foreigners living in the area, one American and one British. Our British member concluded that the author of ezjail must be British based solely on the spelling of the flavour directory. He also convinced us that his Beerware license was British humor, a joke, and should not be taken serous. In our review of other jail ports we did not see this Beerware license again or for that matter, see it in any of the 5000+ ports we looked at or use. So the group coincided to the British members view point as sound advice. If you inspect the qjail source, you should recognize the comments at the beginning as a copy of what is included in every FreeBSD config file. It was inserted in the front like they have. We though that was how you make software opensource which was the intention. There are no formal copyright documents; it's
Re: Handbook Jail Chapter rewrite available for critique
On Tue, 19 Mar 2013 17:53:30 +0100, Dirk Engling wrote: On 18.03.13 20:16, s...@tormail.org wrote: to configure things themselves. In my experience, ezjail is a much better solution. I also see that you are the maintainer/author of qjail and like to shovel your opinion as the only solution, both in this rewrite and all over the FreeBSD forums. Taking a look at the qjail code I can not help to notice several odd similarities with the ezjail-admin script, down to the very basic bail out routines. I would not go so far to claim it was just a global search/replace job but to me the code looks familiar enough to find the # Copyright 2010, Qjail project. All rights reserved. offensive. I am usually quite open with the license of my software, beerware is as permissive as it gets. I just can not take some script kiddie right out copying my code verbatim and selling it as his, not even acknowledging me as the original author. Anyone here with suggestions how to properly react to this kind of fork? Yes. Publicity. Making sure the FreeBSD community gets to finds out. You may be polite and un-selfserving enough to not go so far Dirk, but I will. Huge swathes of qjail are direct copies of your code, in most cases only with the names of the variables changed from ezjail_* to qjail_*. I found it cute renaming 'flavour' to the American spelling. Anyone looking at bin/qjail from qjail-2.1.tbz alongside the latest ezjail-admin (mine downloaded from your cvsweb) cannot fail to notice within the first couple of screens. Sure there are changes, additions and deletions, but to fail to acknowledge the original authorship of this code, and the implication that Joe Barbish (aka 'Qjail project') is its original author is entirely outrageous; not ethical, even if legal. To that end I'm cross-posting this to -questions, where Mr Barbish has also posted about his proposed rewrite of Chapter 16 of the Handbook, which is nothing but a huge and poorly written manual for 'the qjail way', with its peculiar assumptions and unique jailcell terminology. Fourth Generation, no less! The idea that the doc gang would entertain the idea of removing all of the worthy content of the present Chapter 16 - even if it does need some updating - and replace it with this effort is laughable, yet stranger things have happened if there's any disconnect between developers and documenters .. witness the Handbook firewalls section, by Joe Barbish. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: which X driver for NVIDIA Quadro FX 570M?
On Mon, 11 Feb 2013 10:41:31 GMT, Anton Shterenlikht wrote: From: paranormal paranor...@isgroup.com.ua Subject: Re: which X driver for NVIDIA Quadro FX 570M? To: freebsd-questions@freebsd.org Date: Wed, 06 Feb 2013 03:23:40 +0200 I have t61p with mentioned card. x11/nvidia-driver works well for me (at least quake, doom, compiz work). Thanks for all the replies. I bought a T61p for 220 GBP - what bliss! BIOS update - no problem HEAD r246552 - no problem wireless with iwn0: Intel Wireless WiFi Link 4965 - no problem sound with hdac0: Intel 82801H HDA Controller - no problem CD-RW with cd0: HL-DT-ST DVDRAM GSA-U10N 1.05 Removable CD-ROM SCSI-0 device and sysutils/cdrtools-devel - no problem X with nvidia0: Quadro FX 570M and x11/nvidia-driver - no problem flash as per http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/desktop-browsers.html (7.2.1.2 Firefox and Adobe Flash Plugin) - no problem In fact, no problems at all! I can't recommend it enough. Anton Suspend and resume? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: which X driver for NVIDIA Quadro FX 570M?
On Mon, 11 Feb 2013 14:28:30 GMT, Anton Shterenlikht wrote: From smi...@nimnet.asn.au Mon Feb 11 13:49:38 2013 On Mon, 11 Feb 2013 10:41:31 GMT, Anton Shterenlikht wrote: From: paranormal paranor...@isgroup.com.ua Subject: Re: which X driver for NVIDIA Quadro FX 570M? To: freebsd-questions@freebsd.org Date: Wed, 06 Feb 2013 03:23:40 +0200 I have t61p with mentioned card. x11/nvidia-driver works well for me (at least quake, doom, compiz work). Thanks for all the replies. I bought a T61p for 220 GBP - what bliss! BIOS update - no problem HEAD r246552 - no problem wireless with iwn0: Intel Wireless WiFi Link 4965 - no problem sound with hdac0: Intel 82801H HDA Controller - no problem CD-RW with cd0: HL-DT-ST DVDRAM GSA-U10N 1.05 Removable CD-ROM SCSI-0 device and sysutils/cdrtools-devel - no problem X with nvidia0: Quadro FX 570M and x11/nvidia-driver - no problem flash as per http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/desktop-browsers.html (7.2.1.2 Firefox and Adobe Flash Plugin) - no problem In fact, no problems at all! I can't recommend it enough. Anton Suspend and resume? I guess no... However, I'm very ignorant of suspend/resume, so not sure I'm doing the right thing. - the T61p manual details standby and hibernation modes. Is this what you refer to by suspend? I can go into standby with Fn+F4, or with acpiconf -s 3 Ok, state S3 is what we call suspend, more precisely suspend to RAM (STR); windows and so most BIOSes call that state standby. but can't seem to get back. The disk starts, but the screen is corrupted, kind of black with very few white dots. I have to power off/on. A common enough tale these days. I try to remain hopeful someone will get a more modern Thinkpad than the T43s (reportedly) or my older T23s (certainly) resuming in one unbroken piece every time again, one day .. The Fn+F12, hibernation mode code, does not seem to do anything. - I've had a quick look at acpi(4) and apm(8). I have: hw.acpi.supported_sleep_state: S3 S4 S5 hw.acpi.s4bios: 0 S3 is suspend to RAM; S4 suspend to disk (STD, unsupported by FreeBSD); S5 is power off, should work but may bypass some shutdown(8) processing. S4, STD - 'hibernation' - has two varieties; with s4bios the BIOS itself writes machine state and all RAM to disk, usually a preallocated file in an msdosfs slice. I haven't heard of any new boxes supporting this in BIOS for years; windows (since ~'95) and Linux (I'm told) support STD. - Anything I should check/test in BIOS? I see that power management is enabled in BIOS. Is that enough? It should be, but doesn't seem to work on many. When it resumes with messed up screen, can you ping it, or maybe ssh in, or is it dead? If you boot it but don't start X, can it come back from suspend? Frankly, unless you're _really_ keen to get STR working, this could turn into not just a rabbithole, but the whole warren - you'll have to really want to be the bunny! Sounds like a very nice machine otherwise :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: zoneedit.com
In freebsd-questions Digest, Vol 452, Issue 11, Message: 9 On Sat, 2 Feb 2013 11:45:05 -0500 Nick K sur...@gmail.com wrote: I am posting here hoping that a Dan from ZoneEdit.com still monitors this mailing list. I am in a very bad situation and my mail forwarding has been down for over a week -- no response from ZoneEdit support. I found references to people getting help from Dan here: http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2011-01/msg00504.html My issue(s): 1.) I can't login to zoneedit.com's new interface. I used to be able to log in to the legacy interface -- but apparently I'm in the same boat as Mr. Jack L. Stone was -- in that you can no longer manage zones from the legacy interface. The legacy interface tells me my account is active at the new interface, but the new interface tells me my account does not even exist. 2.) My mail forwarding service provided by zoneedit.com stopped working approximately last week monday. It has been working fine since 2002. Don't you just love it when this stuff happens. 3.) I can't change my DNS / mail forwarding service, because the email I used for my domain registration at my registrar is one of the emails that gets forwarded (and the forwarding is not working). If Jack L. Stone or Dan from ZoneEdit can get in contact with me I would be very grateful. I don't know what else to do at this point. The company that currently owns ZoneEdit (Dotster) won't help me -- they say they don't have the ability to provide support for ZoneEdit customers. This is my last hope pretty much. Dan or Jack if you're out there, please get back to me. Nick, we've had some rouble with zoneedit recently also. Someone who's clearly using zoneedit.com's mail services registered on a forum we run, but the auto registration response bounced and continued to bounce for 2 days, with the following response (edited to protect $poor_innocent): === Date: Fri, 25 Jan 2013 14:22:44 +1100 From: Mail Delivery Subsystem mailer-dae...@nimfm.org To: www-d...@folks.nimfm.org Subject: Warning: could not send message for past 4 hours The original message was received at Fri, 25 Jan 2013 10:15:45 +1100 from www-data@localhost [127.0.0.1] - Transcript of session follows - ... while talking to mail.zoneedit.com.: DATA 450 4.7.1 Client host rejected: cannot find your reverse hostname, [220.233.175.114] xxx...@.com... Deferred: 450 4.7.1 Client host rejected: cannot find your reverse hostname, [220.233.175.114] 554 5.5.1 Error: no valid recipients Warning: message still undelivered after 4 hours Will keep trying until message is 2 days old Reporting-MTA: dns; folks.nimfm.org Arrival-Date: Fri, 25 Jan 2013 10:15:45 +1100 Final-Recipient: RFC822; xxx...@x.com Action: delayed Status: 4.7.1 Remote-MTA: DNS; mail.zoneedit.com Diagnostic-Code: SMTP; 450 4.7.1 Client host rejected: cannot find your reverse hostname, [220.233.175.114] Last-Attempt-Date: Fri, 25 Jan 2013 14:16:25 +1100 === I forwarded the above (plus dig results proving there was nothing wrong with our reverse DNS on some big nameservers) to postmas...@zoneedit.com but have received no response, and of course we have no way to contact $poor_innocent. Not a good look. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD and snd_hdspe last-ditch attempt
On Tue, 22 Jan 2013, Ralf Mardorf wrote: Cc: FreeBSD quest freebsd-questions@freebsd.org Hi :) Hi Ralf, I've been following this saga for a while, with interest but no specific knowledge of your gear nor how you intend to use it. All I can comment on is the way you're going about reporting and debugging your issues. I'm not sure repeating these in questions@ will be much use if you can't get answers in multimedia@, but I'll leave that alone for now. I know you're new to FreeBSD from Linux and can't know what advice might be useful and what may be wild goose chases, harder to tell in questions@ I can use Opera to play YouTube by the analog IOs of the HDSPe AIO sound card. I can use Jack with OSS and play a WAV by Audacity and by Audacious and I also can hear ZynAddSubFX. All of them only use the 2 analog IOs. If I test VLC with OSS and /dev/dsp or /dev/dsp* (* is for 0 to 7), it doesn't work. What you're not telling people, now at least, is some of the basics from sound(4), ie which hints and sysctls you have set, for example how many channels and vchans you have enabled, which /dev/dsp* actually exist now (showing with 'ls -l /dev/dsp*' rather than telling), and how thoroughly you've taken the advice in sound(4) re setup and debugging, like setting sysctl hw.snd.verbose to 4 and reporting 'cat /dev/sndstat' results - this will be voluminous I'm sure, but will be needed by whoever is going to look at this. I suggest gathering all the necessary information in one place and submitting a PR, if you can't get direct help on lists. I don't know how to use Gnome Music Player Client. It's asking for an ominous host, it's seemingly not the name of the machine. cat file /dev/dsp is mentioned in the handbook, but it doesn't work. ALSA completely isn't available. Is there nobody able to help? Are there no correct instructions what to do? Is anybody else using snd_hdspe besides the coder and me? I assume you've read what little there is in snd_hdspe(4) and the great deal that there is in sound(4) and are now well familiar with it, though your messages don't particularly indicate such familiarity. I realise that you're an audio professional, but being a new card with few if any other users you may have to do a fair bit of digging, like inspecting /sys/dev/sound/pci/hdspe* and playing around with hw.snd tunables. This is a new driver, first appearing in FreeBSD 10 :) according to snd_hdspe(4). I don't know when it was merged to 9 or what level of testing it's had in the field, but I have to assume you've already discussed your issues with its author, Ruslan Bukin b...@bsdpad.com ? Sorry I can't offer anything more concrete, and good luck. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Reading the handbook from console
In freebsd-questions Digest, Vol 449, Issue 9, Message: 25 [ pardon loss of threading ] On Thu, 10 Jan 2013 15:56:24 -0800 dte...@freebsd.org wrote: From: Polytropon [mailto:free...@edvax.de] [..] There is no text mode web browser in the base system. Installing one is easy: As the HTML files generated for the Handbook are good quality, they display nicely in lynx, links, and w3m (probably the most prominent three text mode web browsers). I must know... What is Polytropon's favorite of those listed? (and perhaps also elinks ?) Hard to say, now that X is everywhere... :-) In the past, I've started using lynx because it was the default. Somehow I even tend to remember that it was part of the default installation in around FreeBSD 4 or so... but that could be wrong. No that's right, it had been lynx since 2.2, if not earlier. Somewhere early in 5.x, by 5.2 at least, it had changed to links: === Options Editor NameValue NameValue - - NFS Secure NO Install Root/ NFS SlowNOBrowser package links NFS TCP NO Browser Exec/usr/local/bin/links NFS version 3 YES Media Type not yet set Debugging NO Media Timeout 300 No Warnings NO Package Temp/var/tmp Yes to All NO Newfs Args -b 16384 -f 2048 DHCPNO Fixit Console serial IPv6NO Re-scan Devices * Skip PCCARD NO Use Defaults[RESET!] FTP usernameftp Editor ee Tape Blocksize 20 Extract Detail high Release Name5.5-STABLE Use SPACE to select/toggle an option, arrow keys to move, ? or F1 for more help. When you're done, type Q to Quit. This is the browser package that will be used for viewing HTML docs === Later on I tried w3m and also found it usable. Today I'd say I prefer links for interactive text mode browsing. Still lynx -dump is a welcome tool in some of my scripts, and never change a running system. :-) I used to use lynx a lot, browsing the web through a 56k modem in the late '90s, however I made far more headway with links as it could deal reasonably well with basic functional javascript where lynx couldn't, at least then, and I seem to recall an issue with upstream maintenance. Ok, the reason I ask is actually because I have this insane (?) idea of shoving one of the aforementioned solutions onto the installation media so that (gasp) we can have that functionality back like we had in the days of sysinstall. Shock horror! :) No, not insane at all. I can't believe the disconnect from newer FreeBSD users' needs that bsdinstall presently represents, especially those with less than the latest awesome kit, and I applaud you carrying on with bsdconfig and improving bsdinstall, about which I have far too many suggestions that might steal this topic :) So naturally, my first question is which one? Thoughts? -- Devin Well I doubt links works any less well that it did, though it's probably not up to all the latest JS, CSS and other recent tricks 'out there'. Certainly for the stated purpose of rendering Handbook and FAQ it will do fine. It does (did then) weigh more than lynx but worth it, I feel: smithi on sola% ls -l `which links` -r-xr-xr-x 1 root wheel 2959956 Oct 25 2006 /usr/local/bin/links smithi on sola% ls -l `which lynx` -r-xr-xr-x 1 root wheel 1078068 Jul 26 2006 /usr/local/bin/lynx Polytropon concludes: However, The FreeBSD Handbook and the FAQ mostly contain text, I mean, that's what they are about, and for reading text I don't see a need for graphics. If I want graphics, I have X. :-) Exactly. Although regarding installing X on 9.1 before newer packages are available - and it IS painful or at least very slow to build on the likes of 1GHz laptops - I can't see any reason the X that was working as of mid-October would be any problem, unless there's been some major revision or security scare since? The 9.x ABI is constant. I grabbed: ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/Latest/en-freebsd-doc.tbz (dated 10/16/12 09:13:00) and pkg_add'ed it, and will do the same for X when I get 9.1 also going on my 'big' 768MB RAM ThinkPad. For those with the horsepower, sure, build X, KDE/GNOME, OpenOffice etc. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pkg_add and 9.1 Release
In freebsd-questions Digest, Vol 448, Issue 3, Message: 24 - please pardon the loss of threading - On Wed, 2 Jan 2013 02:47:41 -0500 (EST) d...@safeport.com wrote: On Wed, 2 Jan 2013, Matthew Seaman wrote: On 02/01/2013 05:20, doug wrote: Is this command being phased out? pkg_add -r uses a default environment of ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9.1-release/Latest/ In fact, yes, pkg_add and the other pkg_tools commands are being phased out in favour of pkgng. However it is early days yet, and the problem you're seeing has nothing to do with that process. pkgng won't become the default in 9.x until the next release: until then the status quo ante persists. Looking forward to using pkgng on my next 9.1 laptop, thanks Matthew. This path does not exist on ftp.freebsd.org. Quite so. It's because of this: http://www.freebsd.org/news/2012-compromise.html As a consequence, large parts of the package building infrastructure are quarantined, pending reinstallation. Also there is a lot of work going into revising the software used to build the packages with security enhancements in mind. So there simply aren't packages available yet to go with 9.1-RELEASE. Ah yes, thank you Matthew. I had forgotten about that. I guess the 9.1RC3 packages were removed for the same reason. ftp://ftp.freebsd.org/pub/FreeBSD/ports/amd64/packages-9-stable/Latest/ is still there, though. I ran into this from the installed 9.1-RELEASE /etc/motd's suggestion of adding Handbook, FAQ etc by using pkg_add -r en-freebsd-doc. I browsed to ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-9-stable/docs/en-freebsd-doc-39278,1.tbz dated October, and figured that should do for now :) I could have set PACKAGESITE but it was as easy to fetch(1) that file then pkg_add it. If I were going to install say X + KDE on that laptop - which I'm not - I'd merrily use what was fresh in October and upgrade as packages become available again, and build anything needing 'more freshness' from ports. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: shell script problem
In freebsd-questions Digest, Vol 447, Issue 1, Message: 13 On Sun, 23 Dec 2012 18:48:12 +0100 Dh?nin Jean-Jacques dhe...@gmail.com 2012/12/23 Polytropon free...@edvax.de #!/bin/sh cat foo.txt | while read LINE1 do cat bar.txt | while read LINE2 do if [ $LINE1 = $LINE2 ]; then sw=1 echo Current value of sw is : $sw * ps -l | grep $$ * # see subshell here Yes indeed. break fi done * echo Process: $$* # And the parent Yep. echo Value of sw is : $sw if [ $sw = 0 ]; then echo DO SOMETHING! fi sw=0 done I suggest : -%- #!/bin/sh cat foo.txt | while read LINE1 do echo 'One' $$tmp cat bar.txt |while read LINE2 do if [ $LINE1 = $LINE2 ]; then echo 'ok' $$tmp break fi done if [ `cat $$tmp` = One ]; then echo One ! fi if [ `cat $$tmp` = ok ]; then echo ok ! fi done Or, to avoid subshell(s) created in pipeline(s), and subsequent loss of variables set in the subshell(s) to their parents, rather than using: cat foo.txt | while read LINE1 [..] cat bar.txt | while read LINE2 [..] done [..] done you can use: while read LINE1 [..] while read LINE2 [..] done bar.txt [..] done foo.txt cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: audio playback with variable tempo
In freebsd-questions Digest, Vol 445, Issue 5, Message: 25
On Fri, 14 Dec 2012 09:52:53 +0100 Polytropon free...@edvax.de wrote:
On Thu, 13 Dec 2012 16:56:51 -0700, Gary Aitken wrote:
On 12/12/12 23:51, Polytropon wrote:
On Wed, 12 Dec 2012 16:27:16 -0700, Gary Aitken wrote:
Can anyone suggest an audio playback application that allows you to
vary the
tempo? I've used audacity on win systems, but I don't see that in
ports.
Except that audacity actually _is_ in ports, if you just
require adjustable speed (without editing / saving the
original file), you could use mplayer -speed n file,
or use mplayer file and use the [ ] and { } keys to
adjust the speed (if you have OSD on, key 'o') you can
see the speed (if the file contains video; if not, the
output will be text only for information purposes).
Thanks.
Speed is not what I want to adjust, as it changes the pitch.
The playback timing needs to be adjusted so everything has the same pitch,
but just comes out faster or slower.
Oh, I see. No problem - Audacity can do that. (And as it has
been suggested, if you need to apply batch operation, you
can use sox, also in ports.)
sox(1) _can_ be daunting, but has this to say on the $subject:
tempo [-q] factor [segment [search [overlap]]]
Change the audio tempo (but not its pitch). The audio is
chopped up into segments which are then shifted in the time
domain and overlapped (cross-faded) at points where their wave-
forms are most similar (as determined by measurement of `least
squares').
By default, linear searches are used to find the best overlap-
ping points; if the optional -q parameter is given, tree
searches are used instead, giving a quicker, but possibly lower
quality, result.
factor gives the ratio of new tempo to the old tempo, so e.g.
1.1 speeds up the tempo by 10%, and 0.9 slows it down by 10%.
The optional segment parameter selects the algorithm's segment
size in milliseconds. The default value is 82 and is typically
suited to making small changes to the tempo of music; for larger
changes (e.g. a factor of 2), 50 ms may give a better result.
When changing the tempo of speech, a segment size of around
30 ms often works well.
The optional search parameter gives the audio length in mil-
liseconds (default 14) over which the algorithm will search for
overlapping points. Larger values use more processing time and
do not necessarily produce better results.
The optional overlap parameter gives the segment overlap length
in milliseconds (default 12).
See also speed for an effect that changes tempo and pitch
together, pitch for an effect that changes tempo and pitch
together, and stretch for an effect that changes tempo using a
different algorithm.
Works for me. Audacity may do more, but explain less what it's doing?
However, I'm a little confused on what all the devices are related to
audio.
For the default device, which I've set to unit 3 (for pcm3),
I see the following in /dev: dsp3.0 mixer3
What are each of these associated with?
The mixer itself shows the following devices:
vol, pcm, mix, rec, igain, ogain, monitor
Can someone point me to documentation on what these are and how they
interact?
It's not obvious to me what the difference between vol and ogain,
or rec and igain, are, for example. What is mix mixing, and what does
monitor do? A schematic would be helpful...
If I remember correctly, monitor is a monitor channel for the
inputs, so this channel contains what will be recorded (even
though only one of its sources can be recorded at a time).
It lets you listen to the recording source.
Gary has a mix device too .. see below.
The manpage mentions several mixer devices:
The list of mixer devices that may be modified are:
vol, bass, treble, synth, pcm, speaker, line, mic, cd, mix, pcm2,
rec, igain, ogain, line1, line2, line3, dig1, dig2, dig3, phin,
phout, video, radio, and monitor.
Not all mixer devices are available.
True, my sound card doesn't have all of them. :-)
:) I was going to challenge you on your 'only one at a time', when I
discovered the AC97 in my Thinkpad T23 doesn't let me record from 'mix'
either, which surprised me as years earlier I'd sometimes record from
mix, usually line + mic, on an ancient Compaq 1500c (Celeron 300MHz,
made in '98, still running 24/7 as a solar-powered small-system mail,
DNS and webserver plus
Re: audio playback with variable tempo
In freebsd-questions Digest, Vol 445, Issue 4, Message: 12 On Wed, 12 Dec 2012 16:27:16 -0700 Gary Aitken free...@dreamchaser.org wrote: Can anyone suggest an audio playback application that allows you to vary the tempo? I've used audacity on win systems, but I don't see that in ports. You'll have found audacity by now, but audio/sox does that and a zillion other things (mixing, pitch bend, all sorts of filtering and effects ..) if you're happy working from commandline or scripts and can handle a HUGE man page that's pretty much a background to audio processing in general. It's very fast and light, too, for recording or playback. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Reprieve [was: Re: FreeBSD 9.1-RC1 Available... (fwd)]
Folks, Seems that those (like me) concerned about 9.1 release branch activity not having been exported to CVS, requiring moving to SVN and abandoning c*sup source updating 'all of a sudden', can relax migration schedules a bit, for now .. though it's been a good 'gee-up' for me, at least. Probably worth mentioning that this only ever affected RELENG_9_1, ie 9.1 BETAs and RCs, not RELENG_9 (ie 9-STABLE) sources. Thanks Bjoern! cheers, Ian -- Forwarded message -- Date: Tue, 18 Sep 2012 12:20:23 + (UTC) From: Bjoern A. Zeeb bzeeb-li...@lists.zabbadoz.net To: FreeBSD Release Engineering Team r...@freebsd.org Cc: freebsd-stable freebsd-sta...@freebsd.org Subject: Re: FreeBSD 9.1-RC1 Available... On Thu, 23 Aug 2012, Ken Smith wrote: Hi, let me reply to the very initial email in this monster of public thread. With both the doc and ports repositories now moved to SVN it has been decided to not export the 9.1 release branch activity to CVS. So csup/cvsup update mechanisms are not available for updating to 9.1-RC1. If you would like to use SVN the branch to use is releng/9.1. RELENG_9_1 is now exported the CVS as well and will be for as long as things will be exported to CVS. It will take another few hours to get near your local mirror as they'll all be chewing on each other the next 12 hours. Enjoy! Any further discussions on src export I'll leave to other people wearing hats. /bz -- Bjoern A. Zeeb You have to have visions! Stop bit received. Insert coin for new address family. ___ freebsd-sta...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: kinternet alternative in FreeBSD
In freebsd-questions Digest, Vol 432, Issue 6, Message: 15
On Fri, 14 Sep 2012 11:26:57 +0200 Polytropon free...@edvax.de wrote:
On Fri, 14 Sep 2012 11:05:03 +0200, suseuse...@lajt.hu wrote:
Matthias, Polytropon:
[..]
Thank you for your answers.
I am using KDE 3.5.10. I would like to use FreeBSD as a desktop machine
for replacing openSUSE if it is possible at all.
I don't see a reason why this shouldn't be possible. Many years
ago, FreeBSD 4 obsoleted Linux as my home desktop, and I do not
regret the choice. Depending on what _you_ actually *do* with
your computer, there _may_ be certain obstacles.
For clarity, I do not need exactly kinternet, I want only an GUI frontend
for pppdial which possibly resides in system tray and can be used to
control
network connections.
As I said, I've heared of a tool named kppp, and according to
the traditional naming convention in KDE (of _that_ time), I
assume this is a KDE program for dealing with ppp. Even though
networking is done at OS level which doesn't have such a tight
integration with desktop environments as this is done in
Linux (as the big three desktop environments are quite
Linux-centric), ppp can be invoked by the user (if he has
been granted the required permissions by the system administrator).
If a KDE program can communicate with the ppp command line
tool, it should work.
Well the trouble is that KPPP only ever supported pppd, and FreeBSD had
finally dropped pppd by 8.0. Many users requested user ppp(8) support
in KDE and specifically KPPP, since nearly everyone was using ppp(8)
even while pppd was supported. KDE folks showed no interest, and noone
on our side worked on adding ppp(8) support - as I recall, anyway :)
No wonder Linux folks hide pppd operation in wrappers and tray gadgets;
manually configuring pppd on Mandrake or Debian with half a zillion conf
files is a job best left to robots, indeed. It wasn't nearly so bad on
FreeBSD, as detailed in: http://www.freebsd.org/doc/handbook/ppp.html
(for FreeBSD 7.X only) but pppd still lacked functionality that had been
straightforward in ppp(8) since at least '98 when I set it up for ISP
dialout and 3 dialup 33.6kbps modems .. no X on that box of course.
In openSUSE kinternet is a frontend for smpppd package.
smpppd requires ppp. I will try to look into it whether smpppd can
work with FreeBSD's ppp.
That sounds like an interesting approach. Good luck!
On this 8.2-R system I checked /usr/ports; no mention of smpppd.
grepping /usr/ports/net/* for pppd|PPPD found a few things, including a
port of pppd itself, presumably one could install that.
t23% find /usr/ports -iname \*smpppd\*
t23% find /usr/ports/net -exec grep -Hi smpppd {} \;
t23% find /usr/ports/net -exec grep -Hi pppd {} \;
[.. snippets ..]
/usr/ports/net/Makefile:SUBDIR += pppd23
[..]
/usr/ports/net/l2tpd/files/patch-Makefile: # pools to pass to pppd ...
/usr/ports/net/poptop/files/patch-pptpctrl.c:
syslog(LOG_DEBUG, CTRL: pppd speed = %s, speed);
/usr/ports/net/poptop/files/patch-pptpctrl.c:+
syslog(LOG_DEBUG, CTRL: BSD userland ppp system label = %s,
[..]
usr/ports/net/pppd23/Makefile:# New ports collection makefile for: pppd 2.3.11
[..]
/usr/ports/net/pptpclient/files/patch-aa:-PPPD = /usr/sbin/pppd
/usr/ports/net/pptpclient/files/patch-aa:+PPPD = /usr/sbin/ppp
/usr/ports/net/rp-pppoe/Makefile:# New ports collection makefile for: popular
pppd pppoe client
[..]
/usr/ports/net/xisp/pkg-descr:The xisp package implements a
user-friendly X interface to pppd/chat
The latter might be of use with the ports pppd 2.3 (or later by now)
The xisp package implements a user-friendly X interface to pppd/chat
and provides maximum feedback from the dial-in and login phases on a
browser screen, as well as a manual login terminal window. It also
provides greater versatility in interrupting a call in progress and in
general enhances the user's feeling of what's going on, especially
if he/she is not all that well acquainted with the intricacies of
system log files. Xisp also has means to track your phonecosts.
WWW: http://xisp.hellug.gr/;
So if suseuser wants to stick with the familiar rather than learning to
use FreeBSD's ppp(8), perhaps some of that may help.
I know that's basically possible. Many years ago, I wrote
a Tcl/Tk-based frontend with buttons to enable / disable
the connection, see the status and the elapsed time. If
that has been possible, chances are good that KDE in its
much advanced manner has something comparable.
Maybe there's something new in KDE4. I'm sticking with 3.5 on my T23;
I only have 768MB RAM :) and it does everything I need on the desktop.
It's not that hard to setup KDE desktop bottons to run whatever scripts
you might need to start/stop/whatever with user ppp(8), but I've never
bothered since mpd does a fine job of fulltime PPPoE, and gkrellm keeps
and displays good
Re: 9.0 release hang in quiescent X [Solved]
On Tue, 21 Aug 2012 09:54:14 -0600, Gary Aitken wrote: Having run for a couple of days now without problems, I'm guardedly optimistic I've solved this problem. It appears the problem had nothing to do with screen blanking. The solution was to disable memory mapping in BIOS, whose purpose is to recover the memory addresses reserved for hardware in old PC architectures. It means some memory will never be used, but that's better than a hang. http://vip.asus.com/forum/view.aspx?id=20110131214116581board_id=1model=M4A89TD+PRO%2fUSB3page=1SLanguage=en-us That's great news Gary, good hunting. I read that forum post, which did look worth trying. Whether it's a BIOS bug or just something to watch out for I don't know, but it seems to be a trap for the unwary; so many BIOS settings are poorly explained. Those guys were losing 768MB or more, but had plenty to spare. You? I'm still running an older Xorg here, so had no idea about any default 10 minute blanktime. I'll remember that .. [..] cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9.0 release hang in quiescent X
In freebsd-questions Digest, Vol 428, Issue 7, Message: 4 On Fri, 17 Aug 2012 13:51:07 -0600 Gary Aitken free...@dreamchaser.org wrote: On 08/16/12 00:04, Matthew Seaman wrote: On 16/08/2012 05:45, Gary Aitken wrote: ... Running 9.0 release on an amd 64 box, standard kernel, 16GB, SSD (/, /usr, /var, /tmp) + HDDs, visiontek 900331 graphics card (ati radeon hd5550). As long as I am using the system, things seem to be fine. However, when I leave the system idle for an extended period of time (e.g. overnight, out for the day, etc.), it often refuses to return from whatever state it is in. The screen is blank and in standby for power saving, and ctlalt Fn won't get me a console prompt. The only way I know to recover is to power off and reboot. ... Can someone suggest a good way to proceed to figure out what's going on? Can you get network access to the machine when it gets into this state? I enabled remote logins and when the system hangs, I can neither log in nor ping it. I can do both of those prior to a hang. Hi Gary. Please wrap text less than 80 columns on freebsd lists; I was going to reply to a later message but it had got too messy. Turned out this one is more useful anyway, so I've taken the liberty .. If you can't, that suggests the OS is hanging or crashing, possibly in response to going into some sort of power-saving mode. Now we know that you can't, what Matthew says is pretty likely the case. As to working out what the underlying cause of the problem is: that's harder. I'd try experimenting with the power saving settings for your graphics display. If you can turn them off as a test, and the machine then survives for an extended period of idleness, you'll have gone a long way towards isolating the problem. Have you yet tried turning off any and all power saving settings, until your monitor quits blanking/suspending, and the machine keeps running? The monitor isn't blanking by itself, BIOS suspend power off settings for screen, disk etc shouldn't affect a running FreeBSD system (but turn them off anyway!) - so we're left with something you've set yourself, presumably via your (which?) window manager, which then has Xorg, using your hardware's particular driver, do the dirty work on the hardware. Just that it's not clear you've yet isolated the main suspect. There's buggy hardware, buggy ACPI/BIOS implementations, buggy video drivers; it makes sense to rule out another hardware problem by leaving video on. My display, a NEC multisync LCD 1970NX, has a menu item for Off Timer but it is set to off As far as I can tell there are no other power saving options on the display itself. Even if the display failed completely, it won't make FreeBSD crash. Could this be related to the sync rates? I'm using whatever X.org and the drivers decided to come up with, which is 63.9kHz H, 59.9Hz V. Again, that could only mess up the display, FreeBSD wouldn't care, but you've said you can't ping or login so it seems more likely software. I have the following in rc.conf: powerd_enable=YES # Run powerd to lower our power usage. powerd_flags=-a hiadaptive -n hiadaptive -p 250 Sure. No relation to video; despite people regularly wanting to add such features, it sticks to its one job like a good little unix tool. I presume screen blanking is independent of cpu frequency rates, but it's not clear to me how the screen blanking is controlled. How does screen blanking interact with BIOS? My screen blanks, but it's not clear to me if it's BIOS or the os that's doing it. Something you set is doing it :) If running say KDE, suspects would include screen'savers' (as many have mentioned), window manager power settings (setting/peripherals/display/powercontrol on kde3), and lastly as Warren mentioned, settings for Xorg itself, in xorg.conf (if any). As for BIOS, well make sure any video messing with is turned off, but except BIOS settings expressed as AML code to ACPI, the OS ignores it. man acpi indicates acpi should not be disabled: Disabling all or part of ACPI on non-i386 platforms (i.e., platforms where ACPI support is mandatory) may result in a non-functional system. That's correct. Systems with more than one CPU rely on ACPI, period. Anyway, in the other thread Polytropon has boldly taken on, we see ACPI enabled. [BTW don't worry about those 'reservation failed' messages if not followed by indications of some failed subsystem; they really should only be shown on verbose dmesg IMO, as they tend to alarm people - QED] On 08/16/12 00:06, Steve O'Hara-Smith wrote: Are you running any kind of screensaver ? Sometimes the OpenGL screen saver modules crash without proper hardware support. If you're running a screensaver try disabling it and just using display blanking. I'm not running a screensaver, just blanking the
Re: weird problem with 9.0 Release and ed0
In freebsd-questions Digest, Vol 427, Issue 6, Message: 16 On Fri, 10 Aug 2012 12:39:36 +0200 Christoph P.U. Kukulies k...@kukulies.org wrote: Am 10.08.2012 11:40, schrieb Christoph P.U. Kukulies: Am 10.08.2012 11:28, schrieb Christoph P.U. Kukulies: The problem need not to be confined to 9.0. It stated to develop under 5.1 already. read: started to develop... I'm running a natd gateway machine that was developing strange behaviour such that the outside interface (ed0, BNC connector) that was connected via a small media converter switch to the providers sync line had dropouts. The machine couldn't ping into the Internet and also couldn't be pinged. I first thought it was the switch/media converter, but another (Windows XP) machine that was on the same BNC cable worked flawlessly. That XP box was directly on the outside, not inside nat'd via this one? So I decided to migrate that 5.1 machine to a 9.0 machine. The situation now is that I have the9.0 machine at the BNC cable and simultanously the old FreeBSD 5.1 gateway on the same BNC cable but through a TP adapter. This was the old machine works fine and I can care about the new machine. Not quite clear .. can you sketch your network configuration? Is there a known problem with ed0 cards that have the Realtek 8029 chipset. Do they need some special flags like memory mapping or irq? Long time since I've run anything with 10base2/BNC, but it used to work ok, on an ed0. When I for example boot the 9.0 machine the comping up of the em0 (on mainboard interface results in a highlighted kernel message on the console. The coming up of the ed0 is not flagged this way. And as a result the ed0 interface seems to be dead. Does the outside interface have a static address, or do you use DHCP via the provider's switch/hub/whatever? Show /etc/rc.conf setup. It smells a bit like the interface may not be up soon enough at that time; the ntpd message below could also indicate something like that re ipv6. Here some excerpts of dmesg: em0: Intel(R) PRO/1000 Network Connection 7.2.3 port 0x4400-0x441f mem 0x9310-0x9311,0x93124000-0x93124fff irq 20 at device 25.0 on pci0 em0: Using an MSI interrupt em0: Ethernet address: 00:1c:c0:37:b2:9f ed0: RealTek 8029 port 0x1000-0x101f irq 22 at device 1.0 on pci7 ed0: Ethernet address: 00:e0:7d:7c:2b:4a I also see this: Jul 30 23:03:54 forum ntpd[1711]: unable to create socket on ed0 (20) for fe80:: 2e0:7dff:fe7c:2b4a#123 You should get more / better clues if you boot with verbose messages. Forgot to add this info: ed0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 00:e0:7d:7c:2b:4a inet 80.72.44.230 netmask 0xfff0 broadcast 80.72.44.239 inet6 fe80::2e0:7dff:fe7c:2b4a%ed0 prefixlen 64 scopeid 0xa nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: Ethernet autoselect (10base2/BNC) Must add some more info: My kernel config: cpu I486_CPU cpu I586_CPU cpu I686_CPU ident DIVERT makeoptions DEBUG=-g# Build kernel with gdb(1) debug symbols options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 options IPDIVERT options IPFIREWALL_DEFAULT_TO_ACCEPT (the rest like in GENERIC). Just to mention: you don't actually need to include FIREWALL* or DIVERT in kernels these days; a GENERIC kernel will work fine, loading modules as needed. Only exception is if you needed FIREWALL_FORWARD, which it appears you don't. Strange thing: I cannot ping neither the outside interface address nor the inside (172.27.2.115) -- Christoph Kukulies Please show output from: # egrep 'ifconfig|firewall|natd|gateway|ntpd' /etc/rc.conf # cat /etc/natd.conf # ipfw show # netstat -finet -rn cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Waking system up from suspend-to-ram at specified time.
In freebsd-questions Digest, Vol 425, Issue 13, Message: 13 On Sat, 28 Jul 2012 21:37:48 +0200 Piotr Czachur zim...@gmail.com wrote: Dear users, Does FreeBSD support waking system up from S3 (suspend to RAM) state at specified time? On Linux, it can be achieved using rtcwake command that uses RTC support in kernel. Not yet, unless I've missed something since 2010 (not impossible :) If it's not supported, maybe I can somehow enable waking from S3 using BIOS autoresume option? It powers my box on from complete off, but fails to wake it up from S3. What works for now is waking from S3 using Wake-on-LAN. Cheers, Piotrek On my Thinkpad T23, BIOS autostart (not autoresume) time setting also works only from a cold start. WoL also worked from 'off' but not from S3, but that was on 8.1-STABLE. What version are you running, and on what machine? Some reports indicate success may depend on which BIOS. I'll forward you offlist a couple of never-completed drafts that turned up in postponed messages from 2010 while hunting mail about this, to (bcc'd) avg@, brucec@ and mav@, after researching this in response to an ACPI PR: http://www.freebsd.org/cgi/query-pr.cgi?pr=kern%2F73823cat= Then at least, you also had to modify Linux shutdown behaviour to avoid writing the clocktime back to the RTC if a wake time had been set, as RTC writes did not preserve the RTC wake interrupt bit, for some reason. FreeBSD also does not preserve (gratuitously zeroes) that bit on all RTC writes, which is easily enough fixable, mostly in writertc.c, with few other places needing mods that I could see. Ah yes, plus a (cleanroom) utility not unlike rtcwake, but once writertc() is fixed that should be relatively trivial, without needing to mess with the shutdown code. Present circumstances don't permit me to work on this further, but I do think it could be a worthwhile and not so hard project for 'someone' :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re[2]: ipfw counters for tables
On Mon, 23 Jul 2012 13:13:47 +0300, Eugen Konkov wrote: , Ian. ?? ?? 23 2012 ?., 8:27:50: IS In freebsd-questions Digest, Vol 424, Issue 10, Message: 10 IS On Sun, 22 Jul 2012 14:55:46 +0300 Eugen Konkov kes-...@yandex.ru wrote: IS Hi Eugen, I use ipfw tables to allow host to access to internet. is there counter for matched packets/bytes for table entry like for ipfw rule? #ipfw show 901 rule packetsbytes 00901 302271108 27717115967 allow ip from 10.10.1.3 to any #ipfw table 7 list ---table(7)--- 10.7.60.41/32 100 No counters here ((( IS No, there are no individual counters for matched entries in tables. IS Apart from extra space cost, the accounting time cost would be huge; IS lookups are fast but updating radix trees per match would be very slow. Sorry, I was likely wrong about time cost. Once you find an entry it's there for the updating, but you will have to use write locking on table entries, perhaps they're just read locked for lookups now? I haven't read ipfw for years. Adding new table entries is what's really slow. IS Also, a table may be referenced in multiple rules, or even twice in the IS same rule, so what could such a count really indicate? I guess you'll know how you want to use them, so objection overruled :) IS Of course, counts for matching the table are in the rule/s concerned: IS 16100583003060562 deny log logamount 20 ip from table(1) to any in recv ng0 IS 16200 4449 226060 deny log logamount 20 tcp from IS table(25) to any dst-port 25,110 in recv ng0 setup IS 23000 45 2700 allow log logamount 100 tcp from IS table(22) to w.x.y.z dst-port 22 in recv ng0 setup but if lookup function will return matched entry, then calling rule may update appropriate counter. Sounds like a good experiment in your local codebase, with some tests for speed and space costs? 64 bit counters? Might as well store the 32 bit timestamp too, just like the rule updating code does, I guess? matchedentry= lookup_table( PACKETDATA ); updatecounter(matchedentry); Code it up :) Post to freebsd-ipfw@ and see what Luigi and crew say. #ipfw show 16100 16100583003060562 deny *counttable* log logamount 20 ip from table(1) to any in recv ng0 5300 10.5.0.1/32 300562 10.5.0.7/32 8000 6 10.5.0.2/32 will this be slow? Well, display is from userland ipfw, where slow isn't very relevant. It'll be what it adds to kernel code and memory requirements that may matter. I'm not sure how you could make this feature optional, short of a kernel config option .. but what do I know? IS Myself, I'd be more interested in a last-match timestamp than a count IS for table entries, but that won't happen either for the above reasons :) I often use ipfw -t show (or -ted show) so I guess with -t or -T it may show last access timestamps along with packet/byte counts too, as usual? I'll be happy to test it when you've got working patches. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw counters for tables
In freebsd-questions Digest, Vol 424, Issue 10, Message: 10 On Sun, 22 Jul 2012 14:55:46 +0300 Eugen Konkov kes-...@yandex.ru wrote: Hi Eugen, I use ipfw tables to allow host to access to internet. is there counter for matched packets/bytes for table entry like for ipfw rule? #ipfw show 901 rule packetsbytes 00901 302271108 27717115967 allow ip from 10.10.1.3 to any #ipfw table 7 list ---table(7)--- 10.7.60.41/32 100 No counters here ((( No, there are no individual counters for matched entries in tables. Apart from extra space cost, the accounting time cost would be huge; lookups are fast but updating radix trees per match would be very slow. Also, a table may be referenced in multiple rules, or even twice in the same rule, so what could such a count really indicate? Of course, counts for matching the table are in the rule/s concerned: 16100583003060562 deny log logamount 20 ip from table(1) to any in recv ng0 16200 4449 226060 deny log logamount 20 tcp from table(25) to any dst-port 25,110 in recv ng0 setup 23000 45 2700 allow log logamount 100 tcp from table(22) to w.x.y.z dst-port 22 in recv ng0 setup Myself, I'd be more interested in a last-match timestamp than a count for table entries, but that won't happen either for the above reasons :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Format a USB flash drive using gpart
On Sun, 8 Jul 2012 21:00:40 +0100, Bruce Cran wrote: On 08/07/2012 16:06, Ian Smith wrote: In general they're not distinct in usage from any other type of disk. The more expensive disks of course support TRIM so you'd want to pass -t to newfs to enable it. Thanks. Next time I blow around AU$455 on a 120GB flashdrive, I'll be glad to be better informed about getting the most out of it :) At least with sysinstall|sade you can set extra newfs options such as -t, and as importantly for me, you can toggle whether or not to newfs particular partition/s, such as leaving say /home alone on an existing partitioning, which didn't seem straightforward with bsdinstall last I tried (admittedly at 9.0-BETA1) but I've not followed later updates. I might take Matthew's suggestion and try the PCBSD 9 installer; I did boot a PCBSD 8 memstick at one stage, and was surprisingly impressed - or I could use freebsd-update instead of sources to go from 7.4 to 9.1 It's the options that drive ya crazy -- Silly Symphony C.'83 cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Format a USB flash drive using gpart
In freebsd-questions Digest, Vol 422, Issue 10, Message: 29 On Sun, 8 Jul 2012 07:41:59 -0400 Carmel carmel...@hotmail.com wrote: On Sat, 7 Jul 2012 20:36:36 -0600 (MDT) Warren Block articulated: On Sat, 7 Jul 2012, Carmel wrote: This is probably a dumb question, but does gpart even work on a USB flash drive? I have not been able to figure out how to do it. I want to erase the entire drive and format it for a FreeBSD UFS2 file system. Yes, gpart will work with pretty much any storage device. If you want the drive to be bootable, it needs boot blocks. This is easier with GPT than MBR. For an 8G drive: # gpart create -s gpt da0 # gpart add -t freebsd-boot -s 512k da0 # gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 da0 # gpart add -t freebsd-ufs -b 1M -s 7G da0 # gpart add -t freebsd-swap da0 # newfs -U /dev/da0p2 Thanks Warren, you win the prize for the most detailed answer. Polytropon gave me the easiest answer if I just want to use the drive as a simple storage device; however, if at some point I actually want to go beyond that your answer is what I would require. Interestingly enough, I searched through the man pages and FreeBSD help but never came across anything that specifically addressed flash drive. Perhaps I was just not looking hard enough. In general they're not distinct in usage from any other type of disk. Perhaps, and I know that this will offend some purists, but a nice GUI that would do what your instructions detail above would be helpful. There is no way that I am going to remember all of those instructions in six months time. Just my 2¢. Well one of the reasons I'm replying to this is to keep a copy of Warren's recipe handy :) Another is to point out that rumours of the death of MBR partitioning, especially on small disks, are premature. I know your question specified gpart, but the easiest way I know of to put UFS filesystems on flash drives is to use sade(8), incorporating the fdisk bsdlabel newfs functions from sysinstall .. it still works as well as ever, however old-fashioned or deprecated some may call it. sade's GUI at the curses level :) and does all the heavy maths for you, both for slicing the disk and partitioning the slice(s). As mentioned in boot0cfg(8), you have to set # sysctl kern.geom.debugflags=16 before sade (or anything) can write to any GEOM disk's boot sectors. Remember to reset it to 0 later. You might even like to put a small msdosfs slice first, so you can use some of that stick to transfer files between UFS and DOS systems. And yes you can multiboot from a memstick if you (or sade) put boot0 on it, assuming your computer supports booting from USB drives. I don't know what the gpart equivalent of boot0 is, if there is one yet? Last I heard, seemed you had to use Linux tools to multiboot GPT disks. There was some muttering about updating sade to handle GPT too .. that would be very welcome, maybe restoring some of the lost functionality from sysinstall/sade back into bsdinstall, both for GPT and MBR systems. cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: Robotics or embedded or hardware programming... what is this called?
On Fri, 22 Jun 2012 06:47:48 -0600 (MDT), Warren Block wrote: On Fri, 22 Jun 2012, Ian Smith wrote: I thought I saw something somewhere (maybe just wishful thinking) about FreeBSD on the Arduino, which normally runs a sort of embedded Linux, that could be very interesting; the hardware is cheap (kits at Jaycar stores in Australia anyway), very modular design, and there are heaps of fascinating projects. I want the quadricopter to follow me around the room at parties - at my age I need something really impressive :) Well, there is devel/arduino. It's not emdedded Linux, but an IDE for writing and downloading code. The Arduino is a small embedded controller based on the Atmel AVR microcontrollers. They are quite powerful, easy to program, and accessible for experimenters. You can skip the Arduino environment if you like, using the same lower-level tools like avr-gcc directly. And the Arduino board can be used as a programmer, downloading code to plain AVR chips and avoiding the need for more Arduino boards. Talk about the Arduino on FreeBSD is generally on the freebsd-embedded mailing list. Thanks Warren. I got the wrong idea that Arduino ran an embedded Linux from a friend, a Linux-using Electrical Engineer, but not a programmer. I'd also (too) briefly glanced at www.arduino.cc and noted Windows, Mac and Linux references, and Linux binaries, but had no idea you had ported the GUI. Could you perhaps try pushing the FreeBSD port upstream to Arduino, so people can find out that it exists from there? I hope to explore further once I get 9.x running; this 8.2-R system is chokka, not enough remaining space for a JDK, nor even a JRE :) The Microchip PIC microcontrollers compete with the AVR. There are some FreeBSD ports for programming those, but there are many varying chips and the hardware needed to program some of them differs. I don't know if there is anything directly comparable to the Arduino IDE. ARM processors have become so cheap that they are starting to compete in this arena also. I looked at PICs ages ago, but just wasn't enticed by their instruction set; as an old S/3[67]0 bod I've always fallen for the more orthogonal processors like the Signetics 2650 (hands up who's heard of that!), 680[59]/68K and more lately AVRs, Harvard architecture despite little- endianness. Not sure there's room left in my head for MIPS or ARM .. On the FreeBSD side there's advanced work, I gather, on ARM and Atmel MEGA 32-bit and MIPS platforms at least. Personally I consider these 'big iron' and far prefer writing in macro assembler for little Atmel Tiny25s and such, but that's strictly Look Ma, no OS! programming. Another option: the freebsd-wireless list has had some very interesting traffic about the TP-Link TL-WR1043ND, a $50 MIPS-based wireless router with Atheros 802.11n chipset, USB, and gigabit Ethernet which can run FreeBSD directly. Not sure how usable it is at present. Interesting. I'm subs'd to wireless@ and embedded@ (previously small@) but obviously haven't been paying enough attention :) Thanks again. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: OT: Robotics or embedded or hardware programming... what is this called?
In freebsd-questions Digest, Vol 420, Issue 10, Message: 17 On Wed, 20 Jun 2012 19:54:27 -0600 Modulok modu...@gmail.com wrote: Sorry for the off-topic post. There are a lot of technically adept people on this list, so I thought I'd try my luck here: On recent volcanic form, this scarcely measures on the OT scale :) I want to get started programming for hardware. Motors, sensors, actuators, etc. I have a programming background, (python, PHP, C++) but no experience with code that drives hardware. (Motors, sensors, etc.) I *don't* want closed-source kit robots where the point is to build the robot the book and thats it. I also don't want ladder logic-based PMC's. Some kind of micro-controller that runs a *nix flavor (or a BSD flavor!) would be great! (If that's what I need.) Basically, I want to do stuff like if input1() is True then apply_voltage_on_output3(), etc. Build my own traffic light, coffee maker, mars rover, automatic-plant waterer, whatever. Sure. Fun and potentially profitable stuff. Wish I had a spare life .. What do you call this? Embedded programming? Generic hardware programming? Robotics programming? Are there prefabricated, standard embedded boards and hardware specs that play together like PC parts do? In short, I don't even know where to start. Try browsing from http://lists.freebsd.org/pipermail/freebsd-embedded/ to see if that's of interest. Getting FreeBSD up on various embedded platforms is the focus there, but I've seen robotics references too. I see also, but haven't explored these (both look moderately busy): http://lists.freebsd.org/pipermail/freebsd-arm/ http://lists.freebsd.org/pipermail/freebsd-mips/ Even general pointers to books/websites would be great. Once I know what it's called I can google much more effectively ;) I think once you find a platform you're interested in, you'll google up a perhaps bewildering array of support websites and forums, with books to suit. For me it's about the processor instruction set and hardware functionality, but I gather you're looking for higher level language implementations, so you'll want to sniff and taste a few. I thought I saw something somewhere (maybe just wishful thinking) about FreeBSD on the Arduino, which normally runs a sort of embedded Linux, that could be very interesting; the hardware is cheap (kits at Jaycar stores in Australia anyway), very modular design, and there are heaps of fascinating projects. I want the quadricopter to follow me around the room at parties - at my age I need something really impressive :) On the FreeBSD side there's advanced work, I gather, on ARM and Atmel MEGA 32-bit and MIPS platforms at least. Personally I consider these 'big iron' and far prefer writing in macro assembler for little Atmel Tiny25s and such, but that's strictly Look Ma, no OS! programming. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: hwpstate0 set frequency err 6
In freebsd-questions Digest, Vol 419, Issue 9, Message: 2 On Wed, 13 Jun 2012 10:33:49 -0400 Lynn Steven Killingsworth blue.seahorse.syndic...@gmail.com wrote: This is the fourth time I have installed FreeBSD while learning the in's and out's. I have a new mainboard this time (ASUS M5A97 EVO + AMD FX 8120.) I have set up dual booting because of a few legacy apps. When the boot of OS gets to the login prompt I begin to get the error message 'hwpstate0 set frequency err 6' During installation my super-workstation started to run as though it were getting the absolutely maximum stress test. The fans on my new Corsair H80 started to whine as well. The 'stress test' effect starts the three next times I have booted so I am not booting into FreeBSD at the moment. Any advice? Only that it seems perhaps similar or related to some threads in May on freebsd-stable@ subject: [stable 9] broken hwpstate calls that may or may not have yet resulted in a patch you could try. http://lists.freebsd.org/pipermail/freebsd-stable/2012-May/thread.html Thread continues in June, as a perhaps more general p-state discussion. Thanks Lynn Steven Killingsworth cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how to allow by MAC
On Mon, 11 Jun 2012 15:18:18 -0700, Randal L. Schwartz wrote: Bill == Bill Yuan byc...@gmail.com writes: Bill I want to create a white list MAC address, Only the machine which it's MAC Bill in the white list will be allowed, all others will be blocked. Bad idea. Since (a) every MAC address that *is* allowed is transmitted in the clear and (b) it's trivial to spoof a MAC address. This. is. no. security. Indeed, that's right Randal. But I got the impression from Bill's mails that this is more likely just something inside his internal network. Please stop even trying. Well I don't think learning how to use ipfw properly at layer2 is a bad idea in itself, and I wouldn't want to discourage anyone from that. For some years I ran a filtering transparent bridge with ipfw + dummynet for a small network of about 20 mostly W98, XP and Mac boxes sharing one slow ADSL gateway between various assorted community groups (talk about herding cats! :) and MAC filtering was one of the handiest tools when some box or other got owned (again!) by some virus and started spewing spam, provider complains and/or cuts access .. you know the deal. In that sort of environment, none of the punters had any clue about forging MACs or anything vaguely like that, and it stopped people randomly plugging boxes into the network. Horses for courses. I replied in more detail to another from Bill privately, copy follows. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Is this something we (as consumers of FreeBSD) need to be aware of?
In freebsd-questions Digest, Vol 418, Issue 19, Message: 23 On Sun, 10 Jun 2012 16:56:49 -0400 Jerry je...@seibercom.net wrote: On Sun, 10 Jun 2012 22:06:26 +0200 Julian H. Stacey articulated: [..] As a start here's : http://berklix.org/uefi/ URLs welcome. Contact names welcome. Volunteers welcome. It is posts like this that basically turn my stomach. A product, any product, should succeed or fail based on its own merits and not because some government agency aided or thwarted it. Most, it not nearly all PC manufacturers exist solely because of Microsoft. The PC market balloons every time Microsoft releases a new version of Windows. Seriously now, how many PC were sold because FreeBSD released version 9 of its OS? If you want to beat someone, you make a better product. You don't go running to your mamma asking for protection. That stinks of socialism/fascism. The UEFI specification has existed for years. Supposedly, Linux has been capable of using it for 8+ years. I have no idea if FreeBSD is even capable of handling it. It wouldn't surprise me it if couldn't though. What this really tells me is that there has been way to much procrastination by the FOSS. Microsoft simply took advantage of an existing standard (remember standards something the FOSS is always crying about) and now FOSS is begging for mercy. This is more than just slightly funny, it is pathetic. If 1% of the effort of spreading this BS over UEFI had gone into working on a solution for UEFI two years ago, we wouldn't be having this discussion at all. I'vw been wondering when this topic would summon our longest-serving resident troll for Microsoft out of the woodwork for a proper full-tilt rant, replete with inimitable socialism/fascism jibe. Gotta love it! Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: how to allow by MAC
In freebsd-questions Digest, Vol 418, Issue 18, Message: 1 On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote: how to allow by MAC in ipfw currently i set the rule like below 1 allow ip from any to any MAC any to MAC Address 1 1 allow ip from any to any MAC MAC Address 1 any 2 deny all from any to any i want to only allow the mac address to go through the freebsd firewall, but I found it is not working on my freebsd but it works on pfsense! so maybe that means the environment is not the same ? and how to setup the ipfw properly to support this ? Bill, you did get some good clues in the earlier thread, but it's not clear if you took note of them. There's also been some confusion .. Firstly, read up on layer2 (ethernet, MAC-level) filtering options in ipfw(8). Thoroughly, several times, until you've got it. Seriously. After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf) ipfw will be invoked 4 times instead of the normal 2, on every packet. Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the inbound pass invoked from ether_demux() and the outbound pass invoked from ether_output_frame() can you test for MAC addresses (or mac-types); the 'normal' layer3 passes examine packets that have no layer2 headers. You could just add 'layer2' to any rules filtering on MAC addresses, and omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using a method like shown there to separate layer2 and layer3 flows early on: # packets from ether_demux ipfw add 10 skipto 1000 all from any to any layer2 in # packets from ip_input ipfw add 10 skipto 2000 all from any to any not layer2 in # packets from ip_output ipfw add 10 skipto 3000 all from any to any not layer2 out # packets from ether_output_frame ipfw add 10 skipto 4000 all from any to any layer2 out So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering rules (remembering the reversed order of MAC addresses vs IP addresses, and to allow broadcasts as well), pass good guys and/or block bad guys, then deal with your normal IPv4|v6 traffic in a separate section(s). Or you could just split the flows into two streams, one for layer2 for your MAC filtering, the other for layer3, ie the rest of your ruleset. HTH, Ian [please cc me on any reply] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Proper Port Forwarding
In freebsd-questions Digest, Vol 418, Issue 10, Message: 7 On Wed, 06 Jun 2012 14:31:24 -0400 Simon si...@optinet.com wrote: Can someone suggest an alternative/proper way to port forward using ipfw. Right now I have the following and some bad clients cause too many FIN_WAIT_2 state fwd IP,PORT2 tcp from any to me dst-port PORT1 keep-state This easily causes DoS for when too many FIN_WAIT_2 are created and IPFW stops forwarding using the rule above because of too many dynamic rules Michael's and Dan's suggestions of adjusting sysctl net.inet.ip.fw.dyn* variables are good; consider also using 'limit' instead of 'keep-state', which works the same except limiting the number of open connections to a specified number. See ipfw(8) /limit and /EXAMPLES for more, but eg: fwd IP,PORT2 tcp from any to me dst-port PORT1 limit src-addr 9 to prevent any one source address opening more than 9 connections, or fwd IP,PORT2 tcp from any to me dst-port PORT1 limit dst-port 42 to limit total open connections by everyone to dst-port PORT1 to 42. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Address to reach human operator regarding problems with list?
In freebsd-questions Digest, Vol 417, Issue 4, Message: 26 On Wed, 30 May 2012 06:31:38 -0400 Thomas Mueller muelle...@insightbb.com wrote: [Matthew Seaman wrote:] freebsd-questions-owner@... is correct, except that to my knowledge there isn't really a moderator for freebsd-questions (it's an open list that anyone can post to without having to be a member) and that address ultimately gets dealt with by postmas...@freebsd.org. 'Ultimately' being operative; I gather it rather depends on workload. It does sound a little odd that writing to freebsd-questions-owner@ is interpreted as mail to a subs-only list (moderators@), which may be well down the TODO queue of the postmaster@ team. The message you got about held for moderation is standard boiler-plate from mailman, and probably not appropriate for your specific circumstances. I think mentioning the whole circumstance to postmaster@, including the result of posting to freebsd-questions-owner@ could be worthwhile; I wouldn't suggest every little mail issue should go to postmaster@, but apart from Tom's immediate problem, there may be a functional issue. On the whole though, you shouldn't need to contact anyone about the warning you received. It generally occurs when your mail system rejects messages from the freebsd-questions@... list as spam. As there is a certain amount of spam that does appear on the list, this is an absolutely legitimate practice: trouble is, it's hard for the FreeBSD mail system to distinguish deliberate non-acceptance of spam from accidental non-acceptance of traffic due to a broken mailer. Indeed. Considering the number of lists and the number of subscribers, I think mailman (and spamassassin recipes) do a great job, though it's always going to be a battle chasing the latest spammer techniques; the recent spamruns with multiple 'From:' addresses being a case in point, not a pretty look seeing spam 'apparently' by FreeBSD committers .. Mailman has an adaptive system that scores you based on how many rejects you generate in a certain time period. If you log into mailman at eg. http://lists.freebsd.org/mailman/options/freebsd-questions you can see your current score. Mine is currently 2.0 (out of 5.0) and has been about that for quite some time. So long as your score is not too large, I wouldn't worry about the message you received. Even if your score does go over the threshold, you can just use that same interface to re-enable delivery. I hadn't checked for ages, but see my score is now 1.0, probably from a couple of days downtime last month ie delayed delivery. This would help Tom see if mailman 'knows' anything about his problem, but not what was happening to cause that? I contacted my Internet service provider, Insight Cable, about the problem, and they need a copy of any message that bounces, so they can see what went awry. Bit strange asking you to provide copies of messages you didn't get :) Are they providing your inbound MX server, ie is that where your mail is received? I gather you're not running your own mailserver. It should not be hard to find any such bounces from/to mx2.freebsd.org in their mail or spam logs, if it was they who bounced them? If not, who did? So I can't just ignore the problem. I rather suspect that even if each bounce is logged at freebsd.org (and it might be some task to find yours, beyond that they've been counted), that it could be non-trivial to locate the offending source messages. Not impossible, Message-IDs are likely logged, but last-resort stuff. OTOH this may be something postmaster@ does routinely, what do I know :) Maybe I should resend the message to postmas...@freebsd.org instead of freebsd-questions-ow...@freebsd.org? This problem relates to FreeBSD emailing lists in general, not just one list such as questions@ . Yes, in this case I think you should, after exploring the options Matthew outlined. Be sure to show complete headers of any and all messages you need to forward to postmaster@. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Newsyslog | Cronjob faulty? (fwd)
Jos, did you not get my response to your original query over a week ago? I see it made the list archives. Anyway this second time around, Robert Bonomi wins gold for the best guess, with even fewer clues to go on :-) cheers, Ian (who probably said too much, but doesn't resile) -- Forwarded message -- Date: Sat, 19 May 2012 05:03:23 +1000 (EST) From: Ian Smith smi...@nimnet.asn.au To: Jos Chrispijn ker...@webrz.net Cc: freebsd-questions@freebsd.org Subject: Re: Newsyslog | Cronjob faulty? In freebsd-questions Digest, Vol 415, Issue 4, Message: 12 On Wed, 16 May 2012 21:44:53 +0200 Jos Chrispijn ker...@webrz.net wrote: At midnight (00.00) I run this cronjob from my crontab: Crontab: 00 * * * * rootnewsyslog By 'my' crontab, do you mean the system crontab, /etc/crontab ? If so, that's nearly but not quite the default syntax of: #minute hourmdaymonth wdaywho command # Rotate log files every hour, if necessary. 0 * * * * rootnewsyslog Note the single '0'. I don't know if '00' is valid. And it doesn't mean 'at midnight', it means whenever the minute is 0, any hour, any day, any month, any weekday; ie newsyslog is run hourly, on the hour. And the default entry in /etc/newsyslog.conf for maillog is: /var/log/maillog640 7 *@T00 JC So it's newsyslog using newsyslog.conf(5) that creates maillog if it doesn't yet exist, rotates it to maillog.0 at midnight (T00), thereafter compressing it with bzip2 (J). For some reason this goes wrong; (if I run 'newsyslog' on any other time, there is no error message). bzip2: Can't open input file /var/log/maillog.0: No such file or directory. newsyslog: `bzip2 -f /var/log/maillog.0' terminated with a non-zero status (1) /var/log: -rw-r- 1 rootwheel 63162 May 16 21:20 maillog -rw-r- 1 rootwheel 109 May 16 00:00 maillog.0.bz2 -rw-r- 1 rootwheel 73674 May 16 00:00 maillog.1 -rw-r- 1 rootwheel 111 May 15 00:00 maillog.2.bz2 -rw-r- 1 rootwheel 73050 May 15 00:00 maillog.3 -rw-r- 1 rootwheel 109 May 14 00:00 maillog.4.bz2 -rw-r- 1 rootwheel184042 May 14 00:00 maillog.5 Can somebody tell me what goes wrong here? Looks likely two instances of newsyslog racing at midnight; one makes maillog.0.bz2 from the just-rolled maillog.0, the other finds maillog.0 has disappeared before getting to run bzip2 on it? So, two files per day, and the above message? On my other FreeBSD server the same cronjob goes ok... Check /etc/crontab and /etc/newsyslog.conf on both, and make sure you're not also trying to run a user crontab for root, apart from /etc/crontab? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw subnetting
In freebsd-questions Digest, Vol 416, Issue 1, Message: 26 On Mon, 21 May 2012 10:06:12 +0100 Paul Macdonald p...@ifdnrg.com wrote: can anyone suggest what i'm doing wrong here. Desired:drop everything from 180.0.0.0 to 180.255.255.255 ipfw -q add 137 deny all from 180.0.0.0/8 to any t23# ipfw -q add 137 deny all from 180.0.0.0/8 to any t23# ipfw show 137 001370 0 deny ip from 180.0.0.0/8 to any So what doesn't work? (apart from scattergun removal of small pieces of a whole lot of Asian countries, incl. Japan, Indonesia, Australia, .. :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw subnetting
On Mon, 21 May 2012 16:30:59 +0100, Paul Macdonald wrote: On 21/05/2012 14:50, Ian Smith wrote: In freebsd-questions Digest, Vol 416, Issue 1, Message: 26 On Mon, 21 May 2012 10:06:12 +0100 Paul Macdonaldp...@ifdnrg.com wrote: can anyone suggest what i'm doing wrong here. Desired:drop everything from 180.0.0.0 to 180.255.255.255 ipfw -q add 137 deny all from 180.0.0.0/8 to any t23# ipfw -q add 137 deny all from 180.0.0.0/8 to any t23# ipfw show 137 001370 0 deny ip from 180.0.0.0/8 to any So what doesn't work? (apart from scattergun removal of small pieces of a whole lot of Asian countries, incl. Japan, Indonesia, Australia, .. :) it was intended as a required temporary measure, but even though it was listed in my ipfw list, i was/am still seeing traffic coming in via addresses such as 180.248.x.x Ok. Coming in to what service/s? A very open firewall test script is as follows: 00010 allow ip from any to any via lo0 00081 deny log ip from 180.0.0.0/8 to any 00100 check-state 00101 allow tcp from any to any established 00102 allow ip from any to any out keep-state 00103 allow icmp from any to any 65535 deny ip from any to any but i'm still seeing traffic from 180.149.29.102 Banglalion Communications Ltd. WiMAX Operator. Bangladesh. 180.234.116.61 180.234.36.44 180.234.237.119 180.234.72.115 Augere Wireless Broadband Bangladesh Limited. (FWIW) I must be doing something wrong! If you're using just that order, denying 180/8 BEFORE the check-state, then incoming traffic from 180/8 not being dropped (and logged) at rule 81 would represent a serious bug in ipfw, worthy of a PR. But this may not be quite as it seems .. for example, even when dropped you'll see such packets from tcpdump, which are hooked before the firewall. Where and how, past the firewall, are you detecting this traffic? What sort of traffic? Are you sure sysctl net.inet.ip.fw.enable=1 ? Seeing `ipfw show` over a period, even better `ipfw -t show` with timestamps, could convince us the firewall was actually otherwise working .. In your later post to Michael you had that rule 137 AFTER check-state, which means that packets from 180/8 - in response to outbound requests by you (or your rootkit :) to those addresses - might indeed pass. 00102 allow ip from any to any out keep-state keep-state for 'ip' or 'all' traffic (rather than specifying tcp, udp or icmp) doesn't make much sense, and could have dangerous consequences of allowing any sort of return traffic from (say) 180/8 initiated from your end, but only if check-state were BEFORE you've denied 180/8 traffic. Rather than show the script, please post results from ipfw show, and a few of the log entries of denied packets (with your addresses obscured if need be). And some logging from where you're detecting those hosts? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: problems with networking and route command
In freebsd-questions Digest, Vol 415, Issue 6, Message: 1 On Fri, 18 May 2012 08:07:16 -0400 David Banning david+dated+1337774837.907...@skytracker.ca wrote: It is machines that connect and receive via DHCP 192.168.1.2 and above that can't connect to the internet though the server. I don't know a whole lot about route - I have been attempting a variation of route commands without success. [Chuck Swiger wrote:] You need to implement NAT on this box, since 192.168.0.0/16 is an RFC-1918 unrouteable private network range. I previously connected to the internet using ppp with the -nat option and now my connection has changed - so that makes sense. So I implemented natd. Unfortunately natd does not work as yet. I followed the setup as laid out in man natd and also used the layout in; http://www.freebsddiary.org/ipfw.php I've since seen Derek's response in the archives (I get the digests) at http://lists.freebsd.org/pipermail/freebsd-questions/2012-May/241035.html and I agree that 1998 is far too old to be of much use. I differ however about advisability of referring to the Handbook IPFW page, which frankly sucks - the only section of the Handbook that does, that I know of; you will find ipfw(8) and /etc/rc.firewall to be much better friends. Here is my natd setup 1. Compiled IPFIREWALL IPDIVERT into my kernel - went fine. Didn't need to, both will load from modules from the /etc/rc.d scripts. Many these days prefer to use in-kernel NAT (firewall_nat_enable=YES) instead, but natd still works as ever; you can always switch later. Here is my rc.conf network related entries; natd_enable=YES natd_interface=rl0 natd_flags=-f /etc/natd.conf gateway_enable=YES ifconfig_rl0=inet 64.40.244.36 netmask 255.255.255.240 defaultrouter=64.40.244.33 ifconfig_vr0=DHCP ifconfig_vr0=up ifconfig_vr0=inet 192.168.1.1 Only the last ifconfig_vr0 counts, but that's ok, DHCP is for clients, not where vr0 gets its address from, right? Ah, you fix that below .. network_interfaces=rl0 vr0 lo0 ifconfig_lo0=inet 127.0.0.1 firewall_enable=YES firewall_script=/etc/firewall.rules firewall_type=simple firewall_logging=YES firewall_type only applies where firewall_script=/etc/rc.firewall, however that would be ignored by your custom /etc/firewall.rules. dhcpd_ifaces=vr0 dhcpd_enable=YES My firewall rules; ipfw add 64000 allow ip from any to any ipfw add divert natd all from any to any via rl0 ipfw add allow tcp from any to 192.168.2.1 139 ipfw add allow tcp from any to 192.168.1.1 139 That won't work; after specifying the current rule as 64000, subsequent unnumbered rules will be placed at 64100, 64200 etc - so they will never be reached. If you put that 'allow all' at the end that would work, although a default policy of 'deny all' is very much safer. ipfw add 6000 deny tcp from any to 64.40.244.36 139 ipfw add 6010 deny tcp from any to 64.40.244.36 445 These two will now be the first rules encountered, being so numbered. You'll also want to deny an awful lot more than NETBIOS packets to your outside address, see below. ipfw add deny tcp from any to any 139 And that will go at the end, again after everything has been allowed. Always use 'ipfw list' or 'ipfw show' to check your running ruleset. I would seriously advise you to consider using the rc.firewall 'simple' ruleset, at least as a basis, for a setup like yours. It's designed specifically to protect small networks, and particularly to place the NAT rules in just the right place between inbound and outbound anti- spoofing rules. See /etc/defaults/rc.conf for the variables you can set that should work more or less out of the box, though you may want to modify rc.firewall (or better, a copy of it, say rc.myfirewall) if you need to any add particular rules for specific services you need. It will also protect your IPv6 network, if that's relevant to you. My /etc/natd.conf; interface rl0 use_sockets yes same_ports yes Should be ok. You already have natd_interface=rl0 in rc.conf. Consider 'unregistered_only yes', particularly if not using the anti-spoofing rules provided in rc.firewall 'simple'. My /etc/services includes the line; natd 8668/divert # Network Address Translation socket Output of ifconfig; # ifconfig fwe0: flags=8802BROADCAST,SIMPLEX,MULTICAST mtu 1500 ether 02:11:d8:b3:0e:43 ch 1 dma -1 vr0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 192.168.1.1 netmask 0xff00 broadcast 192.168.1.255 inet6 fe80::16d6:4dff:fe47:88ae%vr0 prefixlen 64 scopeid 0x2 ether 14:d6:4d:47:88:ae media: Ethernet autoselect (100baseTX full-duplex) status: active rl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 inet 64.40.244.36 netmask 0xfff0 broadcast 64.40.244.47 inet6
Re: Newsyslog | Cronjob faulty?
In freebsd-questions Digest, Vol 415, Issue 4, Message: 12 On Wed, 16 May 2012 21:44:53 +0200 Jos Chrispijn ker...@webrz.net wrote: At midnight (00.00) I run this cronjob from my crontab: Crontab: 00 * * * * rootnewsyslog By 'my' crontab, do you mean the system crontab, /etc/crontab ? If so, that's nearly but not quite the default syntax of: #minute hourmdaymonth wdaywho command # Rotate log files every hour, if necessary. 0 * * * * rootnewsyslog Note the single '0'. I don't know if '00' is valid. And it doesn't mean 'at midnight', it means whenever the minute is 0, any hour, any day, any month, any weekday; ie newsyslog is run hourly, on the hour. And the default entry in /etc/newsyslog.conf for maillog is: /var/log/maillog640 7 *@T00 JC So it's newsyslog using newsyslog.conf(5) that creates maillog if it doesn't yet exist, rotates it to maillog.0 at midnight (T00), thereafter compressing it with bzip2 (J). For some reason this goes wrong; (if I run 'newsyslog' on any other time, there is no error message). bzip2: Can't open input file /var/log/maillog.0: No such file or directory. newsyslog: `bzip2 -f /var/log/maillog.0' terminated with a non-zero status (1) /var/log: -rw-r- 1 rootwheel 63162 May 16 21:20 maillog -rw-r- 1 rootwheel 109 May 16 00:00 maillog.0.bz2 -rw-r- 1 rootwheel 73674 May 16 00:00 maillog.1 -rw-r- 1 rootwheel 111 May 15 00:00 maillog.2.bz2 -rw-r- 1 rootwheel 73050 May 15 00:00 maillog.3 -rw-r- 1 rootwheel 109 May 14 00:00 maillog.4.bz2 -rw-r- 1 rootwheel184042 May 14 00:00 maillog.5 Can somebody tell me what goes wrong here? Looks likely two instances of newsyslog racing at midnight; one makes maillog.0.bz2 from the just-rolled maillog.0, the other finds maillog.0 has disappeared before getting to run bzip2 on it? So, two files per day, and the above message? On my other FreeBSD server the same cronjob goes ok... Check /etc/crontab and /etc/newsyslog.conf on both, and make sure you're not also trying to run a user crontab for root, apart from /etc/crontab? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: help debug bwn(4) wireless
In freebsd-questions Digest, Vol 414, Issue 1, Message: 13 On Sun, 06 May 2012 21:48:19 +0100 Chris Whitehouse cwhi...@onetel.com wrote: On 06/05/2012 17:31, Ian Smith wrote: Anton, I'm not sure what the state of the art is for multiple network profiles for such as wireless vs wired, home and work etc, but look around. I recall one called just 'profile' from years ago, and more recently talk of 'failover' setups for wired/wireless nets (probably in n...@freebsd.org), but I've no time for hunting tonight. Anyone? Would that be lagg? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-aggregation.html It would indeed, thanks Chris. Example 32-3. Failover Mode Between Wired and Wireless Interfaces might almost meet Anton's requirements? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: help debug bwn(4) wireless
In freebsd-questions Digest, Vol 413, Issue 11, Message: 21 On Sat, 5 May 2012 19:26:00 -0400 (EDT) Chris Hill ch...@monochrome.org wrote: On Sat, 5 May 2012, Robert Bonomi wrote: Anton Shterenlikht me...@bristol.ac.uk wrote; [snip] ...I still find the whole networking area perfectly impenetrable. (If you can recommend a really introductory book on the subject, I'd really appreciate it. [snip] See also TCP/IP Network Administration. This is an O'Reilley Associates book. Virtually *everything* they publish is excellent. If they've ever published an even mediocre book, _I_ have never encountered it. Anton, I'll second that recommendation. 'TCP/IP Network Administration' by Craig Hunt is an outstanding book; it taught me a lot about networking, really made the subject comprehensible. The other O'Reilly book that I found indispensable when getting started was 'Essential System Administration' by Aeleen Frisch. In fact, why don't I just me too about O'Reilly. Everything of theirs that I have seen has been excellent. I'll third it Chris. Apart from Tanenbaum's seminal 'Computer Networks' (qv) a decade earlier, I learned most of what I needed to setup mail, DNS, other servers and TCP/IP networking in general from Hunt's book. I also borrowed Frish's excellent book (for about five years :) and found it invaluable for all sorts of sysadmin tasks, including good shell scripting techniques, covering a wide range of unixish OSes. Anton, I'm not sure what the state of the art is for multiple network profiles for such as wireless vs wired, home and work etc, but look around. I recall one called just 'profile' from years ago, and more recently talk of 'failover' setups for wired/wireless nets (probably in n...@freebsd.org), but I've no time for hunting tonight. Anyone? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: help debug bwn(4) wireless
On Fri, 4 May 2012 21:03:07 +0100, Anton Shterenlikht wrote: [..] wlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST metric 0 mtu 1500 ether 00:c0:49:58:00:fe inet 192.168.1.104 netmask 0xff00 broadcast 192.168.1.255 nd6 options=29PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL media: IEEE 802.11 Wireless Ethernet OFDM/36Mbps mode 11g status: associated ssid lagartixa channel 11 (2462 MHz 11g) bssid 00:18:39:e6:46:b6 country US authmode WPA2/802.11i privacy ON deftxkey UNDEF AES-CCM 2:128-bit txpower 30 bmiss 7 scanvalid 450 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS wme roaming MANUAL I run wpa_supplicant: # wpa_supplicant -i wlan0 -c /etc/wpa_supplicant.conf Trying to associate with 00:18:39:e6:46:b6 (SSID='lagartixa' freq=2462 MHz) Associated with 00:18:39:e6:46:b6 WPA: Key negotiation completed with 00:18:39:e6:46:b6 [PTK=CCMP GTK=CCMP] CTRL-EVENT-CONNECTED - Connection to 00:18:39:e6:46:b6 completed (auth) [id=0 id_str=] I got issued the ip address by my wireless router. I see the card on the router: DHCP Active IP Table DHCP Server IP Address: 192.168.1.1 Client Host Name IP Address MAC Address Expires 192.168.1.104 00:c0:49:58:00:fe 23:58:54 I get /etc/resolve.conf set up automatically (through the wired connection): % cat /etc/resolv.conf # Generated by resolvconf search cable.virginmedia.net nameserver 194.168.4.100 nameserver 194.168.8.100 But I just can't get the wireless connection, even to the router: % ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes ping: sendto: No route to host ping: sendto: No route to host ^C What sayeth 'netstat -finet -rn' ? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Limiting closed port RST response
On Wed, 2 May 2012, Arthur Chance wrote: On 05/01/12 20:01, Ian Smith wrote: In freebsd-questions Digest, Vol 413, Issue 4, Message: 7 On Tue, 01 May 2012 12:59:36 +0100 Arthur Chancefree...@qeng-ho.org wrote: Every once in a while the nightly periodic security checks tell me I've got a kernel message Limiting closed port RST response from N to 200 packets/sec where N 200. The problem is that it doesn't say which port was involved. Is there any way to find that out so I can try tracking down the problem? AFAICT tcpdump doesn't have a way saying closed ports on this machine as a filter. % sysctl -ad | grep vain net.inet.tcp.log_in_vain: Log all incoming TCP segments to closed ports net.inet.udp.log_in_vain: Log all incoming UDP packets Thanks, that's what I need. There's another option you may want to consider, especially once you work out who or what's originating these. From an /etc/sysctl.conf: #% 9/8/6 net.inet.tcp.log_in_vain=1 net.inet.udp.log_in_vain=1 #% 7/10/8 # can't use this and respond to traceroutes # net.inet.udp.blackhole: Do not send port unreachables for refused connects # net.inet.udp.blackhole=1 # net.inet.tcp.blackhole: Do not send RST when dropping refused connections #% 14/4/10 was 1, still see some resets sent (see /sys/netinet/tcp_input.c) net.inet.tcp.blackhole=2 With sysctl net.inet.tcp.log_in_vain=1 you get a message per instance, likely aggregated into 'last message repeated N times' at those rates. I add ipfw rules for heavy hitters on particular ports/or from particular hosts to cut both the noise and (albeit slight) load. This is on an internal LAN behind a firewall, so there isn't (I hope!) anything external causing it. There's a motley bunch of hardware and software sharing the LAN and I'd like to identify the source of the problem just for my peace of mind. Good idea. There are a few reasons you may see inbound TCP connections you're not expecting, including general background noise from bots scanning everyone for everything, late responses from genuine outbound connection attempts, and bots hitting other sites using your forged IP address, so you get a bunch of SYN ACK packets out of the blue, most often from port 80 to some random (or particular) port. If using udp.log_in_vain=1 too, you'll see such as late responses from DNS servers (even from localhost) and assorted bot scans, and at times unsolicited responses from DNS servers from someone/s again forging your IP address in requests, possible on a large scale. These may look like attacks on your system, but you're just one of many forged addresses, the attack being on (what you see as) the source system, big in 2010. Happy hunting, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Limiting closed port RST response
In freebsd-questions Digest, Vol 413, Issue 4, Message: 7 On Tue, 01 May 2012 12:59:36 +0100 Arthur Chance free...@qeng-ho.org wrote: Every once in a while the nightly periodic security checks tell me I've got a kernel message Limiting closed port RST response from N to 200 packets/sec where N 200. The problem is that it doesn't say which port was involved. Is there any way to find that out so I can try tracking down the problem? AFAICT tcpdump doesn't have a way saying closed ports on this machine as a filter. % sysctl -ad | grep vain net.inet.tcp.log_in_vain: Log all incoming TCP segments to closed ports net.inet.udp.log_in_vain: Log all incoming UDP packets With sysctl net.inet.tcp.log_in_vain=1 you get a message per instance, likely aggregated into 'last message repeated N times' at those rates. I add ipfw rules for heavy hitters on particular ports /or from particular hosts to cut both the noise and (albeit slight) load. If you'd rather not have these (hardly uncommon) messages spamming /var/log/messages, use something along these lines in /etc/syslog.conf: *.notice;authpriv.none;kern.!=info;mail.crit;news.err;ntp.err;local0.none;ftp.none /var/log/messages kern.=info /var/log/kerninfo.log # touch /var/log/kerninfo.log # service syslogd restart cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Postfix + Courier IMAP local email problems
In freebsd-questions Digest, Vol 410, Issue 12, Message: 2 On Sat, 14 Apr 2012 10:51:36 -0500 (CDT) Robert Bonomi bon...@mail.r-bonomi.com wrote: | Ron rg.li...@rzweb.com wrote: OK, I found the problem. It was the hostname not being set correctly. What threw me was that it was correct in the rc.conf file, but I did not know you needed to reboot the machine to have it take effect. It just never occurred to me to run 'hostname' and see since I was seeing it correctly in the rc.conf. FYI, while it's true tht rc.conf is processed only t boot time, you don't _have_ to reboot when you make a change. What you _do_ need to do is run the same commands the the rc processing does. Unfortunately, with the 'rc.d'-style process, where rc.conf just sets environment variables, and everything else happens 'by magic', it can be a major effort to figure out -what- commands need to be run when you change something, and 'reboot' *is* the simplest way to get the job done. One reason _I_ much prefer the old BSD-style '/etc/rc.boot' and '/etc/rc.local' approch. It was =far= simpler to see exactly what was going on, in what order, and with what params. Tracking stuff through the rc.d/* swamp is a 'project' -- there is a whole nuther 'command language' to master. :(( It's really not all that complicated to change hostname(1) t23# grep hostname /etc/rc.conf hostname=t23.smithi.id.au t23# hostname t23.smithi.id.au t23# hostname boofar t23# hostname boofar t23# csh boofar# exit exit t23# hostname boofar t23# hostname t23.smithi.id.au t23# hostname t23.smithi.id.au cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: current pids per tty
In freebsd-questions Digest, Vol 409, Issue 5, Message: 3
On Wed, 04 Apr 2012 08:03:11 -0700, per...@pluto.rain.com wrote:
ill...@gmail.com ill...@gmail.com wrote:
(there is an executable named /usr/bin/jobs, but . . .
well run cat /usr/bin/jobs see for yourself).
Whoa! Does /usr/bin/jobs even work?
$ cat /usr/bin/jobs
#!/bin/sh
# $FreeBSD: src/usr.bin/alias/generic.sh,v 1.2.10.1.4.1 2010/06/14
02:09:06 kensmith Exp $
# This file is in the public domain.
builtin ${0##*/} ${1+$@}
It looks as if generic.sh intends to have the same effect as the
builtin matching the name under which the script is run, but at
least for jobs I don't think it will DTRT because it will run
in the wrong context:
* The builtin jobs command will report all background jobs known
to the shell in which it is issued.
* Because it is a shebang script, running /usr/bin/jobs will cause
the shell in which it is run to fork/exec an instance of /bin/sh,
and that instance will execute the /usr/bin/jobs script, thus it
will will be the new /bin/sh instance that executes _its_ builtin
jobs command -- reporting nothing, since _that_ instance has not
put anything into the background (and has no knowledge of what-all
its parent shell may have put in the background).
Quite so:
t23# jobs -l
t23# sleep 60
[1] 86793
t23# jobs -l
[1] + 86793 Running sleep 60
t23# /usr/bin/jobs -l
t23# jobs -l
[1] + 86793 Running sleep 60
t23# sh
# jobs -l
# sleep 60
# jobs -l
[1] + 86819 Running sleep 60
# /usr/bin/jobs -l
# jobs -l
[1] + 86819 Running sleep 60
# exit
t23# jobs -l
[1] + 86793 Running sleep 60
t23# jobs -l
[1]86793 Done sleep 60
t23# jobs -l
t23#
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD Security in Multiuser Environments
In freebsd-questions Digest, Vol 408, Issue 10, Message: 5
On Sat, 31 Mar 2012 21:05:00 +0700 Erich Dollansky
erichfreebsdl...@ovitrap.com wrote:
On Saturday 31 March 2012 20:26:14 Julian H. Stacey wrote:
[..]
Da Rock wrote:
On 03/31/12 17:46, Julian H. Stacey wrote:
[..]
schu...@ime.usp.br wrote:
Hello,
I would like to raise a discussion about the security features
of FreeBSD as a whole and how they might be employed to actually
derive some meaningful guarantees.
We have a list specialy for freebsd-security@. Please use it.
I thought this to be sensible advice. Before seeing that I'd thought of
copying it to rwatson@ who I figured might take an interest due to his
involvement with Capsicum, acl(3) and such, but he certainly reads that
list anyway (and more than likely, not this one :)
Hang on, hold the phone: The security list (specifically) is for
security announcements. At least that what it said when I subscribed to
it...
Wrong.
Correct :)
For list of mail lists see:
http://lists.freebsd.org/mailman/listinfo
Specifically:
freebsd-secur...@freebsd.org
http://lists.freebsd.org/mailman/listinfo/freebsd-security
freebsd-security-notificati...@freebsd.org
http://lists.freebsd.org/mailman/listinfo/freebsd-security-notifications
this sounds very confusing for people who have simple question:
'General system administrator questions of an FAQ nature are
off-topic for this list, but the creation and maintenance of a FAQ is
on-topic. Thus, the submission of questions (with answers) for
inclusion into the FAQ is welcome. Such question/answer sets should
be clearly marked as (at least FAQ submission) such in the subject.
'
schultz' post was nothing in the way of an FAQ issue, but a request for
discussion of a wide range of system security issues, far indeed from a
'simple question'. Had you posted the two paragraphs before the one you
quote above, this may have been a little clearer. To wit:
This is a technical discussion list covering FreeBSD security issues.
The intention is for the list to contain a high-signal, low-noise
discussion of issues affecting the security of FreeBSD.
Welcome topics include Cryptography (as it relates to FreeBSD), OS bugs
that affect security, and security design issues. Denial-of-service
(DoS) issues are less important than problems that allow an attacker to
achieve elevated privelige, but are still on-topic.
This sounds that 'schultz' would be wrong there.
Not at all Erich, quite the opposite in my view; as someone who's been
subscribed to freebsd-security@ for 12 or so years, I look forward to
seeing informed responses to some of schultz' issues. In any event,
{s,}he promptly took Julian's advice to post it there, where one aspect
has already attracted responses from des@ and pjd@
The best way to get a good sense of what issues are acceptible and/or
useful topics for which lists, without having to subscribe, is to browse
a list's archives for several months. Works for me. In this case try:
http://lists.freebsd.org/pipermail/freebsd-security/
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW transparent VS dummynet rules
On Sat, 7 Jan 2012, budsz wrote:
Hi folks,
I already found the mistake of my ruleset sequence on my box, for ex:
${fwcmd} add 30 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0x
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0x
With this ruleset sequence, the limiter didn't work but fwd rules working.
If I switching like:
${fwcmd} add 52 pipe 2 ip from any to ${ipclient} via ${ifint0}
${fwcmd} add 53 pipe 3 ip from ${ipclient} to any via ${ifint0}
${fwcmd} pipe 2 config bw ${bwcldown} mask dst-ip 0x
${fwcmd} pipe 3 config bw ${bwclup} mask src-ip 0x
${fwcmd} add 70 fwd ${ipproxy},${portproxy} tcp from ${ipclproxy} to
any dst-port ${porthttp} in via ${ifint0}
The limiter working but fwd didn't work. Anyone have a clue for fix
this dilemma?
Quoting ipfw(8):
fwd | forward ipaddr | tablearg[,port]
Change the next-hop on matching packets to ipaddr, which can be
an IP address or a host name. The next hop can also be supplied
by the last table looked up for the packet by using the tablearg
keyword instead of an explicit address. The search terminates if
this rule matches.
Note particularly the last sentence. You'll have to do your dummynet
piping first, if it is to apply also to forwarded packets.
(sysctl)
net.inet.ip.fw.one_pass: 1
When set, the packet exiting from the dummynet pipe or from
ng_ipfw(4) node is not passed though the firewall again. Other-
wise, after an action, the packet is reinjected into the firewall
at the next rule.
It seems that you may have one_pass set to 1. Set to 0, packets will
continue through the ruleset on exit from pipe/s, so to your fwd rule.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw And ping
In freebsd-questions Digest, Vol 391, Issue 10, Message: 25
On Sun, 04 Dec 2011 01:44:53 -0600 Tim Daneliuk tun...@tundraware.com wrote:
On 12/04/2011 01:04 AM, Ian Smith wrote:
SNIP
For one, google 'icmp redirect attack'
But isn't that handled by setting:
net.inet.icmp.drop_redirect=1
Yes, but generally clearer to allow what you want and drop the rest.
# This is the ICMP rule we generally use:
# ipfw add 10 allow icmp from any to any in icmptypes
0,3,4,11,12,14,16,18
Hmmm I just tried this and it seems to break ping...
That doesn't allow inbound pings, no. Add type 8 if you want to permit
inbound pings from anywhere, or use eg my example to do so selectively.
If you mean outbound pings, well you still have to allow outbound ICMP
after denying what you don't want inbound .. here it is again:
$fwadd pass icmp from any to any in recv ${ext_if} ${recv_types}
# omit the following line if you included type 8 in $recv_types
$fwadd pass icmp from ${pingok} to any in recv ${ext_if} icmptypes 8
$fwadd deny log icmp from any to any in recv ${ext_if}
$fwadd pass icmp from any to any# outbound, and inside
cheers, Ian (Please cc me; I take questions@ as a digest, can be slow)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw And ping
In freebsd-questions Digest, Vol 391, Issue 9, Message: 9
On Fri, 02 Dec 2011 10:35:45 -0600 Tim Daneliuk tun...@tundraware.com wrote:
On 12/01/2011 05:45 PM, Jon Radel wrote:
On 12/1/11 6:25 PM, Tim Daneliuk wrote:
${FWCMD} add allow icmp from any to any
It does work but, two questions:
1) Is there a better way?
Consider allowing only the ICMP that does things you want to do.
Google something like icmp types to allow for some hints and
opinions. Just as an example, you can independently control being
able to ping others and others being able to ping you.
2) Will this cause harm or otherwise expose the server to some
vulnerability?
Well, if you allow all ICMP types, it's possible to make your
little packets go places you didn't really want them to go, and
similar network breakage. You can also find those who feel strongly
that allowing others to ping your machines gives them way too much
information about what you have at which IP address. On the other
hand, working ping and traceroute can be very handy to figure out
what's wrong when the network breaks. But do you open up access on
your server?---well not so much, though having said that I'm ready
for somebody to remind me of some obscure attack that uses ICMP for
more than information gathering. :-)
--Jon Radel
I have been so advised by a number of people to do just this and I am
investigating.
I am not horribly concerned about this, though, because the machine
in question is a NATing front end for a private, non-routable LAN and
the associated nameserver uses split-horizon DNS to make all the
internal name-ip associations invisible outside the LAN. So ... I
don't really see much threat here. I am throttling ICMP rates via
sysctl because - AFAIK - the only overt ICMP attack is to flood a
target in hopes of getting Denial Of Services.
As with you, I remain open to someone presenting a scenario
wherein a particular ICMP protocol could actually cause harm...
For one, google 'icmp redirect attack'
#% stock rc.firewall doesn't permit _ANY_ ICMP, even TCP-required!
#% see http://www.iana.org/assignments/icmp-parameters
#% from 19/1/99 freebsd-security (compacted):
# This is the ICMP rule we generally use:
# ipfw add 10 allow icmp from any to any in icmptypes 0,3,4,11,12,14,16,18
# This allows safe ICMP's to get in, so that ping, traceroute, etc.
# work, while blocking potentially unsafe ICMP's.
# See /sys/netinet/ip_icmp.h for definitions of the ICMP types.
# -Archie
# Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
Since then I've used, on multi-host and NAT'd setups, more or less this:
recv_types='icmptypes 0,3,4,11,12,14,16,18' # reject most pings :(
#% can use keep-state for outbound icmp but then ANY icmptype matches!
#% 26/3/7 still need to generally deny inbound pings except friendlies
# pingok={ was a list of IP addresses[/masks] allowed to ping }
#% XXX better using a pre-loaded table (for OOB on the fly additions)
pingok=table\(8\)
$fwadd pass icmp from any to any in recv ${ext_if} ${recv_types}
$fwadd pass icmp from ${pingok} to any in recv ${ext_if} icmptypes 8
$fwadd deny log icmp from any to any in recv ${ext_if}
$fwadd pass icmp from any to any# outbound, and inside
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 9.0 and bsdinstall - avoiding updating the MBR
In freebsd-questions Digest, Vol 390, Issue 1, Message: 18 On Mon, 21 Nov 2011 01:47:27 + Bruce Cran br...@cran.org.uk wrote: I'm planning to install FreeBSD alongside a whole range of Windows builds for testing. In 8.x it's possible to tell the installer not to bother updating the MBR so you can use something like EasyBCD to boot it via the Windows bootloader instead. Is it still possible on 9.0-RC2 using bsdinstall? I don't seem to remember seeing any option to avoid writing out the new boot code. Hi, I gather not (yet?) Can save the MBR with (eg) 'boot0cfg -f ~/mymbr adaX' for safety, dd it back if need be, and/or use fdisk(8) -p, -t and -f flags to save, test and restore just the slice table. At least they're precautions I'm taking, really not wanting to clobber win2k (for BIOS updates :), 8.2-RELEASE or a shared UFS partition when next trying to install 9.0-RC2 to slice 2, currently 7.4-RELEASE .. % boot0cfg -v ad0 # flag start chs type end chs offset size 1 0x00 0: 1: 1 0x0b 1023: 5:63 63 8385867 2 0x00 1023:255:63 0xa5 1023: 13:63 8385930125821080 3 0x00 1023:255:63 0xa5 1023: 15:63134207010 33543342 4 0x80 1023:255:63 0xa5 1023: 14:63167750730 66685815 version=2.0 drive=0x80 mask=0xf ticks=182 bell=# (0x23) options=packet,update,nosetdrv volume serial ID a8a8-a8a8 default_selection=F4 (Slice 4) % fdisk -p ad0 # /dev/ad0 g c232581 h16 s63 p 1 0x0b 63 8385867 p 2 0xa5 8385930 125821080 p 3 0xa5 134207010 33543342 p 4 0xa5 167750730 66685815 a 4 cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: where to ask about problems with bsdinstall in 9.0RC2?
In freebsd-questions Digest, Vol 389, Issue 8, Message: 6 On Fri, 18 Nov 2011 19:08:22 -0500 William Bulley w...@umich.edu wrote: According to Edward Martinez eam1edw...@gmail.com on Fri, 11/18/11 at 19:53: Have you tried installing with ACPI disabled. http://www.freebsd.org/doc/handbook/bsdinstall-install-trouble.html#Q3.10.2.1. this also may be of some help: http://www.freebsd.org/doc/handbook/bsdinstall-partitioning.html Thanks. I will try disabling ACPI but this wasn't necessary for the install of 8.2-RELEASE from CD which, as I said, went in just as I expected. I doubt that's your problem, going by my experiences with BETA1 and following the freebsd-current archives for a couple of months; others have described similar problems installing over existing slices, and in my mind it points to a relatively large deficiency in bsdinstall versus sysinstall (still available from 'Live CD' mode, at BETA1 anyway) I would not think that much would have changed in 9.0RC2 in this area. Maybe I am wrong about that. The second URL describes the Manual vs. Guided install and partition section of bsdinstall. I had read this several days before the 9.0RC2 install attempt from DVD. It seemed pretty reasonable, but a little bit different from sysinstall. Was worth a try. Unfortunately that concentrates on creating a GPT layout, encouraging a Linux-like single (plus a boot) partition - forget using dump/restore - and says nothing much about installing over an existing setup with MBR partitioning and multiple slices, a not uncommon setup on many existing laptops .. eg here I want to install over a previous 7.2-RELEASE 60GB slice partitioned as I want it - 1GB /, 4GB /var, 16GB /usr and ~37GB /home. Further, I want to preserve /home as is, despite having backups. What I saw when I selected Manual partitioning, was a complete tree: ad0 ad0s1 [FreeBSD Boot Manager from 8.2] ad0s1a [was my previous root partition] ad0s1d [was my previous swap partition] ad0s1d [was my previous /var partition] ad0s1e [was my previous /usr partition] or something very close to that, missing only my mount points from my previous 8.2-STABLE system. I added the mount points (this is the area where I thought bsdinstall had some weaknesses in the User Experience) and went on after selecting Finish. sysinstall's partitioning is more sophisticated; you get to specifically toggle on or off newfs'ing each partition, as well as specifying newfs options if you want. So it's clear whether you'll be newfs'ing / and which other partitions, and which you'll be leaving alone, eg /home. The problem occurred much later after I selected all four install files. When I said the equivalent of Go, it began the process of loading them off the DVD, checking their checksums, and compressing them prior to installing them. It was while processing the first (base.txz) chunk that the popup appeared giving me the unable to write or unable to uncompress message. Can't recall the exact error now some hours later... :-( On BETA1 I recorded Extract Error while extracting base.txz: can't set user=0/group=0 for /var/empty Can't update time for /var/empty .. which someone/s else also reported, which turned out to be misleading .. the basic problem is that the filesystem isn't empty, ie as after newfs. The workaround given then was to boot in Live CD (aka Fixit) mode, and newfs the appropriate partitions, manually or with SADE - in your case probably all of /, /var and /usr - and then rerun the install onto clear partition/s; it's not and never should be required to scrap existing partitioning. Something else not clearly evident to me is (or at least was) that if you don't supply a mountpoint for a partition, it won't be used; in my case I'd have to leave my /home partition unmentioned so it would be left alone .. after all, every partition on every slice is listed as a possible install target. I admit not having tried this again since, after feeling a bit lucky not to have destroyed my whole 7.2 slice, but that was BETA1 after all .. I haven't yet discovered whether or how bsdinstall handles setting boot0cfg for multi-boot systems, and I've seen no mention of boot0cfg or anything similar (apart from Linuxisms like GRUB) for GPT setups at all. So the extraction step failed the first file, and I never made it to the Post-Installation phase, sigh... :-( Yep. I'd hoped this might be fixed (or at least documented?) by now, but I think bsdinstall has to be considered still in development at this stage - ie, for 9.0 - except for such as installing to new systems, for which it appears to be working very well. Some have implied that the sort of installs we're attempting should require prior expertise, but even people who've
Re: recursive copy with spaces in descendants
In freebsd-questions Digest, Vol 387, Issue 10, Message: 34 On Sat, 5 Nov 2011 18:49:29 -0400 Chris cpubur...@gmail.com wrote: On Sat, Nov 5, 2011 at 6:20 PM, Michael Sierchio ku...@tenebras.com wrote: On Sat, Nov 5, 2011 at 3:15 PM, Chris cpubur...@gmail.com wrote: I apologize for the lack of detail. The command I'm using is: ( cd /usr/local/etc/transmission/home/Downloads/ ; tar cf - . ) | ( cd /mnt/usb ; tar xf - ) Show, don't tell. What does tar report when you run it? Indeed this helps, especially now we also know it's msdosfs .. The following messages display: ./: Can't set user=921/group=921 for . ./Reboot S1 - 01 [3FD6C4B2].mkv: Can't create 'Reboot S1 - 01 [3FD6C4B2].mkv' The last message (can't create) repeats for all files in the directory. Running 'ls -al /mnt/usb' yields: drwxr-xr-x 1 rootwheel 32768Dec 31 1979 . drwxr-xr-x 1 rootwheel 512Nov 5 03:04 .. Where /mnt/usb was originally empty in the first place. Something I've seen noone mention is that msdosfs has no concept of user or group, so Can't set user=921/group=921 for . makes perfect sense. Your 'ls -al' above showing root wheel indicates permissions related to the mount point. If you'd mounted it as a normal user it could show user user ownerships, unrelated to what msdosfs stores on the disk. Similarly, mount_msdosfs(8) -u, -g and -m switches don't affect what's written to the disk, but only how the filesystem appears to FreeBSD. For example, a 'cp -pR /etc /mnt/usb also complains about not being able to set the ownership or permissions (other than DOS' read-only attribute) on target files, but it will still copy them ok, including filenames with spaces - but not with ',+' or other non-DOS characters. So maybe tar gives up before writing, because the ownership is wrong? Perhaps the -o and -p options to tar(1) might help here, but the bottom line is that msdosfs is not really a suitable target for UFS files. I tend to use zip(1) - which keeps perms and ownership, though not hard links - to stash dirs and files on msdosfs, but format flash disks - or at least one or more slices on them - as UFS for real backup purposes. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Fast personal printing _without_ CUPS
In freebsd-questions Digest, Vol 386, Issue 9, Message: 5 On Sat, 29 Oct 2011 07:28:24 -0400 Jerry je...@seibercom.net wrote: On Fri, 28 Oct 2011 17:27:03 -0500 (CDT) Robert Bonomi articulated: Your insistance on trying to impose -your- standards on the world, and denying them the 'freedom of choice' to make their own decisions on the matter -- e.g. anyone offering such products should be to some degree held legally responsible to their worth -- is a fascist mind-set. You 'know better' than anybody else, what is 'right' _for_ them. snort BTW, I'd _love_ to see Microsoft held legally respnsible for _their_ product shortcomings. They'd be out of business in a week at the outside. Once again your argument is pathetic. Microsoft has been held legally responsible by laws written to curtail the robber barons (railroad oil) of the 19 and early 20th century.) Of course the EC, or is that the USSREC, strongly backed (pushed) by Opera, a maker of a web browser so pathetic that in two years a new upstart, Chrome actually has a larger market share, led a fight to curtail Microsoft's market share. Actually, it was to curtail modern-day robber barons destroying their competition by the usual raft of monopolistic and anti-competitive techniques, but let's roll on through your gloriously OTT troll .. This is Fascism at its best. A totally free and open market is the best way to insure the survival of the fittest. Of course socialists cannot survive in that environment and rush off to find ways of getting governments involved in protecting their turf. Calling everyone who finds Microsoft's predatory behaviours 'socialist' (let alone 'fascist') and wrongly reducing to absurdity Darwin's theory to this primitive 'survival of the fittest' mantra is counterproductive to your usual function of participating in this list to sow bulk FUD on behalf of Microsoft. If I were Bill, you'd get no $points for this one. I have absolutely no problem with holding Microsoft legally responsible when they release a product with a bug or security flaw. However, this must be enforced across the board and against every entity that releases software irregardless of its price. It should probably even include port maintainers who release defective ports. Lets be honest, if that is even possible for a socialist like yourself, that if you want to go down that road then lets go -- all the way. Microsoft would love that. They can pay fines out of the coffee and biscuit jar without blinking, while non-behemoths would be bankrupt. You would no doubt find this fair enough; survival of the fattest. Microsoft's very existence depends on its ability to create an operating system that allows users to fully use programming and devices that they choose to deploy. If they cannot achieve that goal then they die, or else have a market share equivalent to FreeBSD, virtually undetectable. Microsoft has done a fairly good job of that. FreeBSD, an the other non-windows operating systems, have not achieved that goal although a few forward thinking developers like those associated with Ubuntu have made huge strides in that direction. You are mistaken if you think the raison d'etre of FreeBSD is, or ever has been, or ever will be, to achieve Microsoft's goals of a system so simple (albeit by obfuscation of complexity) that even a fool can use it, aimed at a mass consumer market. You are wrong if you see FreeBSD, or the other BSDs, or other unix-based or unix-inspired systems (apart from Apple and a few more reactionary Linux advocates) as 'competing' in the same 'market' as Microsoft. When it comes to technological advances, FreeBSD is at the bottom of the list. It is there primarily because of people who are simply willing to accept inferiority as the norm. Microsoft's list, for sure. So transparent, Jerry. I know I piss people off by my style of writing. I am just not the sort of person, a socialist primarily, who bends over and takes it up the ass everyday rather than say ENOUGH, lets fix this friggin mess. You cannot even get a decent N - protocol wireless device, or even a not so decent one for that matter, to work on FreeBSD while the rest of the world has had working solutions for 5 years. What the hell are they waiting for -- the second coming of the invisible man in the sky? Friggin PATHETIC. However, our esteemed leadership has managed to bump the version numbers from at least 6 to the soon to be 9 and we still have no working solution for an easy method of securing and installing printer drivers, or any drivers for that matter. Having to modify obscure system files and settings to get a simple sound card to work is always a PLUS. Pathetically enough, there are users who do actually feel that way. Apart from yourself, for obvious reasons, people who want a system that works the One Microsoft Way and
Re: ipfw: getsockopt(IP_FW_ADD): Invalid argument
On Wed, 6 Jul 2011, Unga wrote: On Tue, 7/5/11, Ian Smith smi...@nimnet.asn.au wrote: Does anybody successfully use the ipfw fwd? If so in which FreeBSD version? Not I, but many do. On the face of it the rule looks correct. Do you have a TCP service running on localhost:1234 ? Does wlan0 exist? You may do better posting to the freebsd-ipfw list, with more information. cheers, Ian Hi Ian I have added 'options IPFIREWALL' and rebuilt all, now 'ipfw fwd' works well. So the 'options IPFIREWALL_FORWARD' alone is insufficient, the 'options IPFIREWALL' is also required. Right; I guess if you're building it into kernel you have to configure all relevant options there too. That could be more explicitly stated. Thank you and all others who helped me in this regard. Glad it's working. Another win for the collective wisdom .. cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw: getsockopt(IP_FW_ADD): Invalid argument
In freebsd-questions Digest, Vol 370, Issue 2, Message: 14 On Mon, 4 Jul 2011 09:11:07 -0700 (PDT) Unga unga...@yahoo.com wrote: --- On Mon, 7/4/11, Unga unga...@yahoo.com wrote: From: Unga unga...@yahoo.com Subject: ipfw: getsockopt(IP_FW_ADD): Invalid argument To: freebsd-questions@freebsd.org Date: Monday, July 4, 2011, 11:48 AM Hi all Following ipfw rule develop error indicated in the subject line: ipfw add 100 fwd 127.0.0.1,1234 tcp from any to any 1234 out via wlan0 What I want to do is forward any packet going to port 1234 to 127.0.0.1:1234. I have built the kernel with options IPFIREWALL_FORWARD. What's the error here? Is the rule incorrect? This is FreeBSD 8.1. Many thanks in advance. Unga Does anybody successfully use the ipfw fwd? If so in which FreeBSD version? Not I, but many do. On the face of it the rule looks correct. Do you have a TCP service running on localhost:1234 ? Does wlan0 exist? You may do better posting to the freebsd-ipfw list, with more information. cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mount /unmount
In freebsd-questions Digest, Vol 370, Issue 2, Message: 19 On Mon, 04 Jul 2011 20:43:23 +0100 Matthew Seaman m.sea...@infracaninophile.co.uk wrote: On 04/07/2011 15:53, tethys ocean wrote: If a partition was not unmounted cleanly (eg. the machine crashed, or the power was cut off suddenly) then fsck(8) should be used to check and fix any problems on the filesystem. If you've booted into single-user mode, then definitely fsck any partitions before trying to mount them. *I guess If I can do fsck without unmount partition I can lost all my data isn't it?* fsck on an unmounted partition will change on-disk data structures in ways that the kernel doesn't expect. So, yes, one consequence is that you can lose or corrupt data. You probably wouldn't lose everything in the partition -- but you would tend to cause corruption predominantly in files that are more actively used. So don't do that. Actually fsck is smarter than to damage data on mounted partitions; it forces the -n switch (NO WRITE) on a mounted partition so is perfectly safe to use, as long as you're aware that it can't correct any errors, and indeed will most often list some apparent errors that are merely temporary inconsistencies in the present state of the filesystem such as open files, viz: sola# mount -p /dev/ad0s2a / ufs rw 1 1 devfs /devdevfs rw0 0 /dev/ad0s2d /varufs rw,noatime 2 2 /dev/ad0s2e /usrufs rw,noatime 2 2 devfs /var/named/dev devfs rw0 0 sola# fsck /var ** /dev/ad0s2d (NO WRITE) ** Last Mounted on /var ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts UNREF FILE I=24 OWNER=mysql MODE=100600 SIZE=0 MTIME=Feb 6 23:59 2011 CLEAR? no UNREF FILE I=60 OWNER=mysql MODE=100600 SIZE=0 MTIME=Feb 6 23:59 2011 CLEAR? no UNREF FILE I=86 OWNER=mysql MODE=100600 SIZE=0 MTIME=Feb 6 23:59 2011 CLEAR? no UNREF FILE I=24830 OWNER=root MODE=140666 SIZE=0 MTIME=Mar 2 03:32 2011 CLEAR? no ** Phase 5 - Check Cyl groups 2579 files, 96883 used, 29956 free (1132 frags, 3603 blocks, 0.9% fragmentation) sola# fsck /usr ** /dev/ad0s2e (NO WRITE) ** Last Mounted on /usr ** Phase 1 - Check Blocks and Sizes ** Phase 2 - Check Pathnames ** Phase 3 - Check Connectivity ** Phase 4 - Check Reference Counts UNREF FILE I=804237 OWNER=smithi MODE=100640 SIZE=0 MTIME=Jun 29 20:29 2011 CLEAR? no ** Phase 5 - Check Cyl groups 401132 files, 8584016 used, 3155190 free (88926 frags, 383283 blocks, 0.8% fragmentation) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw nat inbound keep-state with net.inet.ip.fw.one_pass=0
On Thu, 23 Jun 2011, umage wrote: Some points: 1) I did use the handbook as reference, and my ruleset mimics the layout used there. Excuse the late response, I've been away. The best reference, apart from ipfw(8), is /etc/rc.firewall. 'Nuff said. 2) Handbook uses divert natd, which I used until I switched to the kernel nat approach. Assuming that was working, is changing to ipfw nat the only difference? Or is that when you added fwd to the mix? Is 192.168.0.55 another box on the LAN, or an IP alias on this box? What says 'netstat -finet -rn'? Is this on FreeBSD 8.x? 3) I did not find any concrete examples of ipfw nat rule usage, so I'm using them the old natd way. Apart from the 'NAT, REDIRECT AND LSNAT' section in ipfw(8), natd(8) is still useful as fuller reference, given a few less, renamed parameters. As mentioned in that section, libalias(3) gives detail of all functions. I did some more experiments, and noticed that for example, an inbound connection can still communicate both ways after the initial state table rule expires (20 seconds for some reason). ipfw(8) 'SYSCTL VARIABLES' covers timeouts (sysctl net.inet.ip.fw.dyn_*) 20 seconds suggests a SYN timeout, so a TCP connection - but see below. Perhaps that 'works' because you're not denying established connections and using only 'setup' on keep-state rules, again assuming TCP protocol? If they communicate while the state entry is alive, the timeout resets, but it seems like it doesn't matter at all. This leads me to believe that 'ipfw nat' keeps an internal state table, which cannot be viewed, but is checked when doing check-state. Or something... which I have no way of knowing. NAT aliasing tables are entirely distinct from ipfw dynamic rule state tables. Try adding 'log' (and maybe same_ports) to ipfw nat parameters at least while debugging connections. That log, 'ipfw -ted show' and a tcpdump on each interface should show exactly what's going on. 'ipfw nat 1 show config'. Here's a pruned version of the ruleset I used. Rule 600 is the one that adds that remote -- local state table entry that messes everything up. If I omit keep-state on it, then traffic from the local side will be the one creating the states when replying, with a 5-second timeout. sysctl net.inet.ip.fw.dyn_udp_lifetime is 5 seconds by default. So now we're talking UDP? Please be more specific, or best, cutpaste results. $fw add 100 allow all from any to any via $lan_if This passes all packets coming in from the LAN, bound for anywhere - ie this box OR the outside - but before/without performing NAT - as well as passing packets being transmitted to the LAN, whether locally generated or routed after having been NAT'd on inbound pass. Not what you wanted. You mentioned packets mistakenly reaching the outside with 192.168.* source addresses, that'll be this rule. Try specifying 'in recv $if' and 'out xmit $if' avoiding 'via' when it's ambiguous, especially on outbound packets where 'via $if' is also true when they've come _in_ on that specified interface. You need to do outbound NAT first anyway. $fw nat 1 config if $wan_if redirect_port 192.168.0.55:12345 12345 $fw add 200 nat 1 ip4 from any to any in via $wan_if Ok, you're doing inbound NAT before checking state, however you've not specified protocol (tcp or udp) with redirect_port. I can't find any example in ipfw(8), natd(8) or libalias(3) where proto is optional, but I haven't read the code or tried this myself. We can't tell from this (or rule 600) whether your port '12345' is TCP or UDP. $fw add 300 check-state At this point any packet, in or out, matching dynamic state tables will execute the action of the matching keep-state rule. For packets going out to the WAN the action is a skipto, so all ip4 packets matching that flow will execute the 'skipto 800', where you NAT the outbound packets, and allow the corresponding return packets. $fw add 400 skipto 800 ip4 from any to any out via $wan_if keep-state Again, 'out via $wan_if' is ambiguous, and includes packets _received_ on $wan_if and now being transmitted to the inside, again before NAT. Specify 'out xmit' if you only want to apply this to packets being sent out to $wan_if, as I think you do; these are the only ones you want to perform NAT on anyway. $fw add 500 allow all from any to any out keep-state Ok, only inbound packets get to here, and they've already been NAT'd .. $fw add 600 allow all from any to any dst-port 12345 in keep-state $fw add 700 deny all from any to any in While 'all | ip' will work for tcp or udp packets, better to specify the protocol targetted. Ok, not only outbound packets get here, but also the return packets coming in with matching state, from the skipto. $fw add 800 nat 1 ip4 from any to any out $fw add 900 allow all from any to any Bottom line is you need to do NAT on packets outbound
Re: Query about FreeBSD and primary partitions requirements
In freebsd-questions Digest, Vol 366, Issue 8, Message: 5
On Sat, 11 Jun 2011 14:23:48 -0700 per...@pluto.rain.com wrote:
Matthew Seaman m.sea...@infracaninophile.co.uk wrote:
On 11/06/2011 08:18, Bret Busby wrote:
the current FreeBSD Handbook ... states
FreeBSD must be installed into a primary partition.
However, in the last couple of days, I have been advised that
FreeBSD can be installed in, and, quite happily runs in, a
logical partition within an extended partition.
Has anyone other than the person who advised me of that, tested
the installation and operation of FreeBSD, within a logical
patition of an extended partition ...?
FreeBSD can mount and use filesystems created on partitions inside
'extended partition' type slices (cue standard exposition of the
difference between partitions and slices in FreeBSD-speak.) True.
However, I believe that you may well have difficulty *booting*
FreeBSD unless the kernel (ie. /boot) can be read from a primary
partition.
I presume the purpose of boot0ext.S is to build a boot0 (FreeBSD MBR)
variant capable of booting from what MS call an extended partition
-- boot0.S being used when booting from a primary partition -- but
I've never tried to use it. I'm having enough fun trying to boot
from a _different_ unusual configuration.
Diffing boot0.S and boot0ext.S shows the latter to be a two-sector (1KB)
boot with more detailed strings about different partition types, some
difference in SIO code, support for 'BIOS EDD extensions' and CHS vs LBA
(ie, older stuff) but nothing I could spot towards decoding 'extended
partitions'; it seems from CVS logs to have been kept as a nod to jhk's
original 2-sector boot0 code, and hasn't been touched for 7 years.
Having run OS/2 for several years before moving to FreeBSD in '98 I had
to learn about mounting 'drives' within 'extended partitions' as adXs5,
adXs6 etc, to recover about 7 OS/2 filesystems from 2 disks. Last I
looked the HPFS code was still in the tree, only needing compiling; very
similar to the (old) NTFS code by the same author, it worked fine R/O.
Anyway, space allocation within the 'extended partition' is implemented
as a linked list, so booting from one of these used to need something
like OS/2's boot manager (itself consuming a small primary partition) or
GRUB ono to chase down and load the desired boot partition, assuming you
managed from the command line to newfs it as UFS in the first place (?)
Also, I don't think sysinstall(8) groks extended partitions very
well,
if at all ...
Not at all; sysinstall just sees it as a primary partition (ie FreeBSD
slice) of type 0x05 (IIRC) ie as a non-bootable partition, completely
ignored by boot0{,ext} or any 'normal' MBR code for that matter .. the
FreeBSD convention of naming these as s5 etc is a convenient fiction.
so you will probably have some fun doing the actual installation.
Indeed.
Best left as an exercise for the (morbidly curious) student :)
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to be an imap Client?
In freebsd-questions Digest, Vol 359, Issue 7, Message: 1 On Thu, 21 Apr 2011 21:27:13 -0700 per...@pluto.rain.com wrote: To: freebsd-questions@freebsd.org Jerry freebsd.u...@seibercom.net wrote: Actually yes. Ignoring for a moment the reply you sent me directly, conveniently bypassing the group forum, perry's message, like this one, was likely posted to you, cc the list. That's long been customary on freebsd lists, even this 'kindergarten' one; noone 'conveniently bypassed' anything. If you don't like private copies, sent as a courtesy, just delete them and move on. Wrong, it was sent directly, not CC'd. As per my stated policy, it was answered/referred to on the list forum. I am seriously considering changing that policy to also include reporting them as Spam. Before making any such accusations, you had better make D@#% sure of your facts, lest you find yourself on the wrong end of a libel suit. My email client respects Reply-To: and I checked my logs just to be sure. That reply, as this one, was sent _only_ to the list. Apologies for assuming you must have cc'd Jerry. I should have checked your original post in freebsd-questions Digest, Vol 359, Issue 4, which shows any ccs, but not headers such as Reply-To: per message .. Message: 23 Date: Wed, 20 Apr 2011 23:22:35 -0700 From: per...@pluto.rain.com Subject: Re: How to be an imap Client? To: freebsd-questions@freebsd.org Message-ID: 4dafcd2c.tj0+rgq2u5+tzv2y%per...@pluto.rain.com Content-Type: text/plain; charset=us-ascii Jerry freebsd.u...@seibercom.net wrote: On Wed, 20 Apr 2011 10:01:28 -0500 Martin McCormick mar...@dc.cis.okstate.edu articulated: ... our entire network is on the blacklist ... Why are you blacklisted? It seems correcting that problem would be my first priority. Being a university, okstate.edu has students, most of whom are not in the CIS department or in any way under control of the CIS department's sysadmin. Need I say more? -- Having admin'd small clubs of at most 25 members mostly using regularly virus-, trojan- and malware-infested Windows boxes, I can hardly imagine having to deal with perhaps half of 25,000 similarly vulnerable laptops, at least 1% of which will be trying hard to spam or portscan the planet at any given time - nearly all, as Martin points out, without intent or knowledge of their poor blighted owners .. and they're a smarter crew! cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to be an imap Client?
On Thu, 21 Apr 2011 07:34:32 -0400 Jerry freebsd.u...@seibercom.net wrote: On Wed, 20 Apr 2011 23:22:35 -0700 per...@pluto.rain.com per...@pluto.rain.com articulated: Jerry freebsd.u...@seibercom.net wrote: On Wed, 20 Apr 2011 10:01:28 -0500 Martin McCormick mar...@dc.cis.okstate.edu articulated: ... our entire network is on the blacklist ... Why are you blacklisted? It seems correcting that problem would be my first priority. Being a university, okstate.edu has students, most of whom are not in the CIS department or in any way under control of the CIS department's sysadmin. Need I say more? Actually yes. Ignoring for a moment the reply you sent me directly, conveniently bypassing the group forum, perry's message, like this one, was likely posted to you, cc the list. That's long been customary on freebsd lists, even this 'kindergarten' one; noone 'conveniently bypassed' anything. If you don't like private copies, sent as a courtesy, just delete them and move on. The last thing we need is people here to troll on behalf of M$ stamping their feet, demanding we change the way we've always used these lists. are you implying that these students are using the University's web mail for possible illegal actions and no one is policing that action? Ah Jerry, good to see you end your admonition with a little humour! cheers, ian He only does it to annoy, because he knows it teases -- Lewis Carroll ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipdivert.ko
In freebsd-questions Digest, Vol 357, Issue 3, Message: 8 On Tue, 5 Apr 2011 00:58:50 +0930 Sebastian Ramadan s...@geekycode.net wrote: I wish to cause ipdivert.ko to load at boot time. Currently, ipfw.ko loads correctly at boot time with ipfw_load=YES in /boot/loader.conf, but ipdivert.ko does not load at boot time with ipdivert_load=YES. I'm able to load it using kldload, though. dmesg doesn't seem to be giving any clues as to why ipdivert won't load... What am I doing wrong? Regards, Sebastian Ramadan. My uname -a, /boot/loader.conf, kldstat and a successful load of ipdivert using kldload after boot time: domU-12-31-39-02-15-3A# uname -a FreeBSD domU-12-31-39-02-15-3A 8.2-RELEASE FreeBSD 8.2-RELEASE #13: Mon Feb 21 20:13:46 UTC 2011 r...@chch.daemonology.net:/usr/obj/i386/usr/src/sys/XEN i386 domU-12-31-39-02-15-3A# cat /boot/loader.conf ipfw_load=YES ipdivert_load=YES domU-12-31-39-02-15-3A# kldstat Id Refs AddressSize Name 18 0xc000 4000 kernel 21 0xc2bb3000 1ext2fs.ko 31 0xc2d1f000 11000ipfw.ko 41 0xc2d3 d000 libalias.ko Hmm, I'm a bit curious as to why libalias.ko was loaded. You don't have 'firewall_nat_enable=YES' in rc.conf, do you? Anyway, loader.conf isn't the way to go for loading ipfw or ipdivert (presumably for use by natd?) these days. Instead you want these in /etc/rc.conf: ipfw_enable=YES natd_enable=YES plus any required ipfw_ and natd_ variables (see /etc/defaults/rc.conf) Then /etc/rc.d/ipfw will load ipfw.ko, and if natd_enable is set, will invoke /etc/rc.d/natd, which loads ipdivert.ko at the right time. domU-12-31-39-02-15-3A# uname -a FreeBSD domU-12-31-39-02-15-3A 8.2-RELEASE FreeBSD 8.2-RELEASE #13: Mon Feb 21 20:13:46 UTC 2011 r...@chch.daemonology.net:/usr/obj/i386/usr/src/sys/XEN i386 domU-12-31-39-02-15-3A# kldload ipdivert domU-12-31-39-02-15-3A# kldstat Id Refs AddressSize Name 1 10 0xc000 4000 kernel 21 0xc2bb3000 1ext2fs.ko 32 0xc2d1f000 11000ipfw.ko 41 0xc2d3 d000 libalias.ko 51 0xc3cc7000 4000 ipdivert.ko My dmesg: domU-12-31-39-02-15-3A# dmesg Copyright (c) 1992-2011 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD is a registered trademark of The FreeBSD Foundation. FreeBSD 8.2-RELEASE #13: Mon Feb 21 20:13:46 UTC 2011 r...@chch.daemonology.net:/usr/obj/i386/usr/src/sys/XEN i386 [..] start_init: trying /sbin/init ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding disabled, default to deny, logging disabled ipfw0: bpf attached There are a number of outstanding PRs regarding module loading by natd and (if used) firewall_nat, and the use of these by /etc/rc.firewall. If enabling natd in rc.conf instead doesn't fix your issue, write to me privately and I'll put you onto some patches - but unless you're also (or instead) using kernel NAT (ipfirewall_nat - which needs to load libalias.ko) then the above settings should do you. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bridge, dpcpd, sshd
In freebsd-questions Digest, Vol 355, Issue 4, Message: 33 On Wed 23 Mar 2011 22:20:06 + (GMT) Chris devnullacco...@yahoo.se wrote: I have a server machine that I use as DHCP server, sshd login etc, and since I have multiple Ethernet interfaces on it, I would like to use two of those for the internal network to avoid adding one more ethernet switch for just one extra machine. DHCP should configure hosts on both those interfaces and all the hosts should be on the same subnet. So, I set up a bridge interface as per the FreeBSD handbook (ch. 31.5), but now dhcpd is refusing to start during boot as it claim that the bridge0 interface doesn't exist. If I manually start dhcpd with the same parameters after the machine has come up, it will start and it will also work as expected and assign addresses to users connecting from teh bridge interface. sshd seems to do something similar, it refuses to start, but can manually be re-started later on. Is this some kinf of expected behavior, or does it sound like I'm doing something badly wrong? Can I force bride0 to be configured earlier in the boot so it is always there when the daemons start waking up? Configuration info below. TIA, Chris = rc.conf extract dhcpd_enable=YES dhcpd_ifaces=bridge0 cloned_interfaces=bridge0 ifconfig_bridge0=addm dc0 addm dc1 up ifconfig_bridge0=inet 172.16.0.100/24 There's your problem, and the response by Nerius Landys (read in the archives, as it hasn't arrived here in a digest yet :) would seem to indicate correct config - except that it has nothing to do with the order of assignments in rc.conf, but that your first ifconfig_bridge0 assignment is replaced, not added to, by the second. It's important to know that /etc/rc.conf is a sh script that is sourced (that is, executed inline) at the end of /etc/defaults/rc.conf and so its statements are executed sequentially. These statements just assign values to variables, and have no bearing at all on the order in which the rc.d system will actually use them; that depends on rcorder(8). Nerius has indicated use of e.g: ipv4_addrs_bridge0=192.168.0.254/24 to assign address(es) to the bridge, avoiding your problem above. ifconfig_dc0=up ifconfig_dc1=up = sshd.conf extract = ListenAddress 172.16.0.100 === the dhcpd.conf is quite standard and does not say anything about the interfaces, that info is in rc.conf above === /var/log/messages extract dhcpd: bridge0: not found Yes; at that time your bridge hadn't been created, ie it had no members. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Shell script termination with exit function in backquotes
in freebsd-questions Digest, Vol 354, Issue 10, Message: 4
On Sat, 19 Mar 2011 12:15:26 -0400 Maxim Khitrov m...@mxcrypt.com wrote:
Here's another, but related, problem that I just ran into. The man page
reads:
Commands may be grouped by writing either
(list)
or
{ list; }
The first form executes the commands in a subshell. Note that built-in
commands thus executed do not affect the current shell...
Here's my script:
#!/bin/sh
{ A=1; }; echo $A
echo | { B=2; }; echo $B
{ C=3; } /dev/null; echo $C
And here's the output:
1
3
Where did the '2' go? Again, I have to assume that when stdin is piped
to a group of commands, those commands are executed in a subshell
despite curly braces. But where is this behavior documented? It seems
that there are a lot of corner cases that can only be understood if
you are familiar with the shell implementation. Documentation can
certainly be improved in places.
See sh(1) /Pipelines - last para:
Note that unlike some other shells, sh executes each process in the pipe-
line as a child of the sh process. Shell built-in commands are the
exception to this rule. They are executed in the current shell, although
they do not affect its environment when used in pipelines.
The braces aren't relevant because it's a pipeline, so even without:
echo | B=2; echo $B
writes '', but
echo | { B=2; echo $B; }
or (equivalent within a pipeline)
echo | ( B=2; echo $B; )
writes '2'.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: logging to dmesg from userland
In freebsd-questions Digest, Vol 354, Issue 1, Message: 15 On Sun, 13 Mar 2011 19:08:20 -0700 per...@pluto.rain.com wrote: I am looking for a way to write into the kernel message buffer -- the one that dmesg prints out -- from a userland program, to help in relating kernel printf messages to the userland operations which provoked them. (Yes, I am aware of the potential DoS implications: the capability should be restricted to root, or at least to the operator group. I expect to use it only in single-user mode.) Perry, interesting to see that unprivileged users can use logger to spam /var/log/messages (by default), on 5.5 cough and 7.4-PRE anyway. I've long assumed that I could do that just because I'm in wheel, but not so. Is there a program, or a system call, which can do this? logger(1) seemed a likely prospect, but either it doesn't have this capability or I haven't found the formula. Had a bit of a play around earlier, and as an unprivileged user can do: %who am i subs ttyv6Mar 14 18:06 %id -p uid subs groups subs %logger -p kern.notice hello from subs at kern.notice %logger -p kern.crit hello from subs at kern.crit logger(1) without -p writes to user.notice, which writes only to /var/log/messages (with standardish syslog.conf settings), but of the two above, only the latter one to kern.crit wound up in 'dmesg -a' sola# dmesg | grep subs sola# dmesg -a | grep subs Mar 15 00:07:35 sola subs: hello from subs at kern.crit Mar 15 00:07:35 sola subs: hello from subs at kern.crit but twice! Both appear in /var/log/messages, one of each, but only the latter also appeared - again twice - in /var/log/console.log .. not sure why twice, but syslog.conf can be tricky .. anyway, later trying other kern.levels: %logger -p kern.err hello from subs at kern.err %logger -p kern.alert hello from subs at kern.alert %logger -p kern.warning hello from subs at kern.warning All three go to messages, but just these two added to dmesg -a output: Mar 15 00:44:54 sola subs: hello from subs at kern.err Mar 15 00:45:37 sola subs: hello from subs at kern.alert Moreover on my 7.4 system I tested also with kern.emerg, which indeed sent the emerg message to all open consoles, including root's! Other kern. levels may work too, as may other facilities? and YMMV. Colour me very surprised not having to be root to do any of those, especially those that do write to the kernel message buffer .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: spam?
In freebsd-questions Digest, Vol 353, Issue 11, Message: 4 On Sun, 13 Mar 2011 11:57:03 + Bruce Cran br...@cran.org.uk wrote: On Sun, 2011-03-13 at 06:49 -0500, ajtiM wrote: In the last week I got four emails like this one today: From: a href=mailto:br...@cran.org.uk;br...@cran.org.uk/abr/ To: a href=mailto:per...@pluto.rain.com;per...@pluto.rain.com/abr/ CC: a href=mailto:free...@edvax.de;free...@edvax.de/a, a href=mailto:lum...@gmail.com;lum...@gmail.com/a, a href=mailto:freebsd- questi...@freebsd.orgfreebsd-questions@freebsd.org [I guess it's a gmail option whether to quote messages with addresses shown as HTML urls? Other people seem to be able to avoid doing that] That's not from me - it's from a company called ParkLogic who are forging emails. See http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2010-12/msg00591.html for more details. G'day Bruce, unfortunately trying to follow that through by 'next in thread' on derkeiler.com lands at a message that they've censored, declaring: Error 410: The page you requested has been removed The page you requested has been removed due to inappropriate content. From there, they leave you no way to finish the thread, in particular to my detailed wannabe FAQ - in reply to you, as it happened - on how folks might solve this issue at: http://lists.freebsd.org/pipermail/freebsd-questions/2010-December/225226.html That report may or may not help gmail users, as Chris Brennan reported gmail provides no way to filter on message headers such as Message-ID, still at least it shows how to determine that these messages are indeed forgeries. Maybe by now parklogic realise that targetting gmail users will cause the most mischief? Evil doesn't necessarily mean stupid .. As for derkeiler.com's apparently arbitrary censorship, you can see the message they removed, two messages before mine by thread, here: http://lists.freebsd.org/pipermail/freebsd-questions/2010-December/225236.html Apart from charging Svein Skogen with 'signature too long' :) I can't imagine why they or their robot might have taken offense. At least at lists.freebsd.org only something pretty extreme may provoke our esteemed postmaster into removing a message, and there's less obfuscation there of email addresses (like parklogic.com) .. for better or worse. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Nonsensical Web Log Entries
In freebsd-questions Digest, Vol 353, Issue 5, Message: 21 On Wed, 09 Mar 2011 15:02:57 -0500 pe...@vfemail.net wrote: At 03:06 PM 3/9/2011, Robert Bonomi wrote: I was looking at my Web log this morning, and a bunch of nonsensical entries like these caught my attention: 124.226.181.80 - - [09/Mar/2011:09:49:58 -0500] GET http://www.yahoo.com/ HTTP/1.0 301 294 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) 123.10.97.102 - - [09/Mar/2011:09:50:01 -0500] GET http://makeabank.com/faq.cgi HTTP/1.0 404 3485 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) 115.225.166.2 - - [09/Mar/2011:09:50:04 -0500] GET http://join1.winhundred.com/affiliate/link.php?ref=35840productid=7178 HTTP/1.0 404 3485 http://www.wingclips.com/; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) 114.97.197.184 - - [09/Mar/2011:09:50:15 -0500] GET http://www.tosunmail.com/proxyheader.php HTTP/1.0 301 313 http://www.cashsoldier.com/VerifyerLevel.php; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) Is my FreeBSD box serving as some kind of Web proxy? Your box is _not_ doing the proxying. that's why it's signalling errors for those requests. The perpetrators are _hoping_ you are running a misconfigured proxying front- end. Does this entry change your conclusion: 188.134.62.20 - - [09/Mar/2011:12:15:04 -0500] GET http://images.google.com/ HTTP/1.1 200 13134 - - No, Robert is right. Note that the first four you listed were all HTTP/1.0 requests. The ones with anything after the last '/' are 404 (page not found) except the last. Not sure about that 301, do you have a proxyheader.php? The more recent one is HTTP/1.1 with nothing after the last / so the http://images.google.com is ignored, and I expect you may find that your home page (ie requests for just '/') serve up 13134 bytes? Ar least that's what happens here with apache 1.3; here's a few examples from a seldom-accessed vhost where lots of requests are bogus, usually appearing across multiple vhosts (ie, from a sweep over IP addresses) 24.106.193.92 - - [01/Feb/2011:23:05:21 +1100] GET http://www.ya.ru:80/ HTTP/1.0 200 2327 - Mozilla/4.0 (compatible; Synapse) (this one fetched the home page, see below) 83.20.184.159 - - [02/Feb/2011:10:43:04 +1100] GET / HTTP/1.1 403 287 - - (requests w/ no referer (sic) and no browser (- -) are denied here) 217.174.232.11 - - [03/Feb/2011:20:31:16 +1100] GET / HTTP/1.1 200 2327 - Opera/9.00 (Windows NT 5.1; U; en) 88.250.12.104 - - [03/Feb/2011:20:36:45 +1100] GET / HTTP/1.1 200 2327 - Opera/9.00 (Windows NT 5.1; U; en) (accepted requests, this static / page always serves 2327 bytes) 109.61.188.165 - - [05/Feb/2011:20:46:04 +1100] GET http://www.yahoo.com/ HTTP/1.1 403 287 - Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) 84.127.236.75 - - [06/Feb/2011:10:25:53 +1100] GET http://www.ebay.com/ HTTP/1.1 403 287 - Mozilla/4.0 (compatible; MSIE 4.01; Windows 95) (forbidden browser strings /or IP addresses in $apachedir/access.conf) 91.195.136.10 - - [07/Feb/2011:02:33:55 +1100] GET http://images.google.com/ HTTP/1.1 200 2327 - Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; WOW64; .NET CLR 1.1.4322; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C; .NET4.0E) Oh look, one just like yours, but with an acceptable browser string .. so it got the homepage, attempted proxying request being just ignored. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [RELEASE] host-setup(1): a dialog(1)-based utility for configuring FreeBSD
In freebsd-questions Digest, Vol 349, Issue 8, Message: 15 On Thu, 10 Feb 2011 19:53:53 -0800 Devin Teske dte...@vicor.com wrote: Hi All, I'd like to announce the release of a new script. A script that I've developed for our field engineers that I'd like to share with the rest of the world. http://druidbsd.sourceforge.net/download/host-setup.txt host-setup(1) is a dialog(1)-based utility (written in sh(1)) designed to make configuring FreeBSD more efficient. Nice, if only as great bedtime reading so far; I've already learned some new techniques. I expect to steal lots of it wholesale (acknowledged :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [RELEASE] host-setup(1): a dialog(1)-based utility for configuring FreeBSD
On Fri, 11 Feb 2011, Eitan Adler wrote: Nice Script! I intend to steal parts of it for my own use. It's great when you can plunder without robbing anyone :) P.S. Maybe I ought to expand it to IPv6 considering that the IPv4 address space has [reportedly] finally ran out (is that true?). All the available IPs were allocated to the RIRs. AFIK the RIRs have not had to deny anyone for insufficiency yet - but it will happen soon. Yes Devin, best not leave it till August! For those wanting a near-obsessively detailed analysis of IPv4 depletion stats and predictions over many years, hard to go past Geoff Huston's: http://www.potaroo.net - blog http://www.potaroo.net/ispcol/2010-10/when.html - explanatory column Oct '10 http://www.potaroo.net/tools/ipv4/index.html - the modelling as of today cheers, Ian (Sorry, missed the cc to hackers@, adding questions@ back in the loop) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: httpd-modsec2_debug.log: Operation not permitted
On Sat, 15 Jan 2011, per...@pluto.rain.com wrote: Ian Smith smi...@nimnet.asn.au wrote: Swe, I suspect the reason you can't just delete these files is likely because something has them open for writing, and the system won't let you remove such files, naturally enough. Really? Must be a fairly recent change -- and IMO not necessarily a good one. For one thing, it would break one of the long-standing methods for ensuring that scratch files get cleaned up when a program exits, even under circumstances which don't allow for signal handlers to be run. Hmm, on reflection you're probably right. I was thinking that removing a file being written by a root-owned process would force that process to fail on write and exit, but maybe that's not what's happening here. Last I knew having a file open, even for writing, was no protection against its last link being removed. The _inode_ won't go away until the last handle is closed, but the _directory entry_ can still be removed. Accepting that, why wouldn't root be permitted to rm these files? It's been shown that they don't have immutable, append-only or other flags set. Clearly the filesystem is writable, if full. I'm still curious about what fstat reveals, and it'd be extra weird if they can't be deleted or truncated in single-user mode, eh? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: httpd-modsec2_debug.log: Operation not permitted
On Sat, 15 Jan 2011, Ian Smith wrote: On Sat, 15 Jan 2011, per...@pluto.rain.com wrote: [..] Last I knew having a file open, even for writing, was no protection against its last link being removed. The _inode_ won't go away until the last handle is closed, but the _directory entry_ can still be removed. Accepting that, why wouldn't root be permitted to rm these files? It's been shown that they don't have immutable, append-only or other flags set. Clearly the filesystem is writable, if full. Still bugging me .. maybe the _directory_ has some system flag/s set? sola# mkdir test sola# cd test sola# touch a b c sola# ls -lao total 14 drwxr-xr-x 2 root wheel - 512 Jan 16 02:31 . drwxr-xr-x 4 root wheel - 11264 Jan 16 02:31 .. -rw-r--r-- 1 root wheel - 0 Jan 16 02:31 a -rw-r--r-- 1 root wheel - 0 Jan 16 02:31 b -rw-r--r-- 1 root wheel - 0 Jan 16 02:31 c sola# chflags schg . sola# ls -lao total 14 drwxr-xr-x 2 root wheel schg 512 Jan 16 02:31 . drwxr-xr-x 4 root wheel -11264 Jan 16 02:31 .. -rw-r--r-- 1 root wheel -0 Jan 16 02:31 a -rw-r--r-- 1 root wheel -0 Jan 16 02:31 b -rw-r--r-- 1 root wheel -0 Jan 16 02:31 c sola# rm c rm: c: Operation not permitted sola# touch d touch: d: Operation not permitted sola# chflags noschg . sola# rm c sola# ls -lao total 14 drwxr-xr-x 2 root wheel - 512 Jan 16 02:32 . drwxr-xr-x 4 root wheel - 11264 Jan 16 02:31 .. -rw-r--r-- 1 root wheel - 0 Jan 16 02:31 a -rw-r--r-- 1 root wheel - 0 Jan 16 02:31 b So on the directory, setting schg achieves Subject behaviour/message, while sappnd permits adding (and truncating!) but not deleting files. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: httpd-modsec2_debug.log: Operation not permitted
In freebsd-questions Digest, Vol 345, Issue 9, Message: 10 On Thu, 13 Jan 2011 23:35:26 +0100 Polytropon free...@edvax.de wrote: On Thu, 13 Jan 2011 23:08:33 +0100, Swe Gill sweg...@gmail.com wrote: That is the problem. One file sizes upto 50GB and other 3 GB... 52872944 -rw-rw 1 root wheel 50G Jan 13 22:51 httpd-modsec2_audit.log 3320928 -rw-rw 1 root wheel 3.2G Jan 13 22:51 httpd-modsec2_debug.log I am just standing nowhere to remove the files have tried by setting flags, changing modes all as a root but no luck yet... Any help? Is your system running on a raised securelevel maybe? See in man security where this is mentioned, section SECURING THE KERNEL CORE, RAW DEVICES, AND FILE SYSTEMS. It seems that this could cause different behaviour in relation to flags. That's possible, but perhaps it may be simpler than that? I will _not_ advise you to kill the files per inode (fsdb, clri) because this could cause further filesystem trouble. :-) Indeed it could :) Swe, I suspect the reason you can't just delete these files is likely because something has them open for writing, and the system won't let you remove such files, naturally enough. See what you get by running: # fstat /path/to/httpd-modsec2_*.log If that shows any processes writing to those files, you need to stop that/those processes. From the filenames my guess would be apache, in which case you'd need to stop it, perhaps best by: # /usr/local/etc/rc.d/apache stop # or apache2, whatever it's called. then check again with fstat. If that doesn't work for some reason then: # shutdown now to single-user mode will terminate any process accessing those files. Either way, you can then rm safely, or probably better, truncate each to zero bytes (thus keeping their ownership and permissions intact) by eg: # echo -n '' filename Then restart apache|whatever, or hit ^D or 'exit' to restart multiuser if you had to go that far to stop anything keeping those file/s open. As previously advised, configuring and running newsyslog (or logrotate or suitable others) to manage keeping logs to reasonable sizes is well worth implementing, now that you've been bitten. If you don't want to look at your logs too often or need blow-by-blow details, reducing the logging level to more severe problems may prove more useful longterm. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Which php??
In freebsd-questions Digest, Vol 345, Issue 7, Message: 11 On Thu, 13 Jan 2011 11:13:02 + Paul Macdonald p...@ifdnrg.com wrote: On 13/01/2011 00:18, Gary Kline wrote: autoconf: required version 2.68 not found some stuff here to try for autoconf issues http://forums.freebsd.org/showthread.php?t=20284 Alternatively you might want to try installing prebuillt packages instead of building ports, a lot less hassle. pkg_delete php5* pkg_add -r php5 pkg_add -r php5-extensions (I'm not sure what extensions the package has, but i'd be surprised if it didn't include mysql) You'd also be surprised if the php5 package didn't include the Apache module, right? That's why lots of people installed PHP in the first place, no? Lots of people have been thus surprised, for years now. Seeing Gary already has the module built, he could save it, remove then install the package and replace the module IF php was otherwise built with the same options, but the only way to get the module is build it. In the almost singular case of php, I'd stick with building the port(s). cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop [solved]
On Thu, 6 Jan 2011 21:41:11 -0500, Chris Brennan wrote: On Thu, Jan 6, 2011 at 6:04 PM, Bruce Cran br...@cran.org.uk wrote: http://wiki.freebsd.org/RootOnZFS/ZFSBootPartition has a good guide for installing the base manually (you can ignore the gpart and zfs commands if you want). I found I had to copy the base and kernel directories from the install ISO to a UFS-formatted USB stick first though since the LiveFS CD doesn't have the distributions. -- Bruce Cran Bruce, your a lifesaver! +1 for you and your wiki page. +1 for Warren's page ( http://www.wonkity.com/~wblock/docs/html/disksetup.html#_the_old_standard_way_tt_fdisk_8_tt_and_tt_bsdlabel_8_tt) and +5 for Ian and his incredible patience. Hodgepodging Warren's and Bruce's pages together got me a working base. Laptop is now installed w/o the assistance of a boot cd or the usb hard-drive I was using. That's great news Chris, congratulations for perseverance. It could be argued that it shouldn't be this hard, but I don't need any argument .. I did have to grab a DVD of 8.1 and burn it to a DVDRW, just so I could get access to /dist/8.1-*. That being said, I think I am going to look at setting up that same external hd w/ a full 8.2-R root when it's ready, so I have a full, local tree to utilize for weird installs like this (I don't know why I never did that before) Excellent idea. Just for curiousity's sake, after all that what do you wind up with for: # fdisk -s ad4 # bsdlabel ad4s1 ?, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Wed, 5 Jan 2011, Chris Brennan wrote:
On Wed, Jan 5, 2011 at 12:44 AM, Ian Smith smi...@nimnet.asn.au wrote:
Saw Chris' later message that -F isn't there for him, but here's what
should be, on the data, the sure-fire way to clobber that last sector:
dd if=/dev/zero of=/dev/ad4 oseek=1465149167
which command SHOULD report just 512 bytes written (we're sure it can't
write past the end of the disk with no count specified), after which:
dd if=/dev/ad4 iseek=1465149167 | hd
SHOULD show zeroes from to 01ff (ie next block 0200)
If not, there really must be some hardware issue with writing?
Hopefully getting there!
Fixit# sysctrl kern.geom.debugflags=16
kern.geom.debugflags: 0 - 16
Fixit# dd if=/dev/zero of=/dev/ad4 oseek=1465149167
dd: /dev/ad4: end of device
2+0 records in
1+0 records out
512 bytes transferred in 0.011 secs (51195 bytes/sec)
So that's right.
Fixit# dd if=/dev/ad4 iseek=1465149167 | hd
1+0 records in
1+0 records out
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
||
512 bytes transferred om 0.009863 secs (51912 bytes/sec)
*
0200
And that's right - the GPT secondary header is now gone.
restarting and back to sysinstall from BETA1 is nice dice ... same original
error ... can I just zero the whole drive?
Sure you can - but I'd be (happy to be) surprised at this point if it's
going to do much good. If nothing else it's a full surface write test,
and you could check afterwards that it's all been zeroed, hd showing
just a few lines (as above) over the whole disk (dd if=/dev/ad4 | hd)
We seem to have ruled out the remnants of a GPT problem, having Bruce
and Warren to thank for pointing it out; it's bound to catch others.
Your dd of the first 71 sectors looked right, MBR looks ok, sectors 1-62
are zeroes, boot1 and boot2 from sector 63-70 seem normal, after you
used 'W' to write anyway; can't say for sure that the bsdlabel is ok,
but see no reason to suppose otherwise. What says 'bsdlabel ad4s1'
while you've still got one?
Just be sure NOT to use the 'A' option for auto-partitioning again; I'm
sure I saw some problem with that on 8.1, not sure if it's fixed on 8.2
(Bruce?) so I suggest allocating the BSD partitioning you really want.
Failing that, I can't see other than a hardware issue, unless somehow
sysinstall is broken and you may do better manually running fdisk and
bsdlabel and newfs per Handbook and manuals? If that worked you could
still use sysinstall, skip fdisk and labelling steps and install the
distributions, ports tree, doc packages and other sysinstall goodies.
If it still persisted after that I'd subscribe and report the issue to
freebsd-stable in as much detail as needed for some more fresh eyes.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Thu, 6 Jan 2011 09:11:55 +, Bruce Cran wrote: On Thu, 6 Jan 2011 20:06:42 +1100 (EST) Ian Smith smi...@nimnet.asn.au wrote: Just be sure NOT to use the 'A' option for auto-partitioning again; I'm sure I saw some problem with that on 8.1, not sure if it's fixed on 8.2 (Bruce?) so I suggest allocating the BSD partitioning you really want. I've not fixed anything related to that. Oh, I must have dreamed it all; found nothing in local -stable archives, went hunting on sysinstall cvsweb but found anything there, don't know how to search svn yet; life's too short. Thanks for teaching some GPT. Sorry, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Thu, 6 Jan 2011, Adam Vande More wrote: On Thu, Jan 6, 2011 at 3:06 AM, Ian Smith smi...@nimnet.asn.au wrote Your dd of the first 71 sectors looked right, MBR looks ok, sectors 1-62 are zeroes, boot1 and boot2 from sector 63-70 seem normal, after you used 'W' to write anyway; can't say for sure that the bsdlabel is ok, but see no reason to suppose otherwise. What says 'bsdlabel ad4s1' while you've still got one? This is a pretty easy problem to replicate if you are pressing W, and that issue has existed for quite some time. If you press W then Q at sysinstall fdisk then attempt to force write disklabel screens you will get the error. Just setup the slices and partitions as you want and let sysinstall handle the writing of information. There is a big warning box that says not to use force write except under certain conditions and this is not one of them. Adam, I think you may have missed a lot from the earlier messages in this thread. Admittedly it's long and likely tedious, but trying to help somebody get the OS installed is about as basic as it gets for me; I'd be hugely relieved if someone with more / better clues took it on. We didn't get to try W)rite from the fdisk and label screens until long after all attempts at letting sysinstall deal with things had failed to even slice the disk, bombing on this error every time. Chris' disk is brand new, nothing installed. W)riting from sysinstall succeeded at least in creating ad4s1 in the MBR and writing the bootblocks to that slice. I made it very clear this is not something to do without due care; in the circumstances there was absolutely nothing to be lost. And then the GPT issue, of which I was totally ignorant. Fixed. If you google the error message in the OP, the first result is: http://forums.freebsd.org/showthread.php?t=1675 I can't see anything there that informs any solution to this issue, that doesn't cover everything Chris has tried. If you can, please elaborate? Failing that, I can't see other than a hardware issue, unless somehow sysinstall is broken and you may do better manually running fdisk and bsdlabel and newfs per Handbook and manuals? This doesn't say hardware error to me at all, at least not a disk hardware issue. The message was present across two disks, and if there truly is a problem writing to the media a complete zeroing of the drive would be apparent then. Chris has this issue with one disk only, so I'm not sure what you mean? If it's not hardware related (or HP firmware, as Mike suggested), maybe it is an issue with sysinstall. Manual fdisk bsdlabel newfs would confirm that or otherwise, but Chris will have to hunt up mans, docs and howtos on doing that himself, they're out there. On the other hand it's useful learning, and nothing he tries can make matters any worse. [ I can't comment on auto-allocated partitions, the last time I thought that was even vaguely a useful idea was my first install of 2.2.6 :^] If you have any spare magic dust to sprinkle on this, please do so. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a perl question
In freebsd-questions Digest, Vol 344, Issue 4, Message: 14 On Tue, 4 Jan 2011 23:24:01 -0700 Chad Perrin per...@apotheon.com wrote: On Tue, Jan 04, 2011 at 09:33:03AM -0800, Randal L. Schwartz wrote: Patrick == Patrick Bihan-Faou patrick.bihan-f...@teambox.fr writes: Patrick cat asdf.txt | grep -v XYZ | grep -v bla And yet, you still have the Useless Use of Cat. The weirdest thing about most useless uses of cat is that not using cat would actually be a little clearer and involve fewer keystrokes -- as in this case. Do you know of any 'less useless' or more economical way to do such as: % cat /boot/boot1 /boot/boot2 | diff - /boot/boot % ?, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
, but for a disk in use you should only zero the last 33 sectors as (way) below; there may be [meta]data before. In the OEM world of the likes of HP, DELL, etc, when this happens a lot of times they kludge together a work around driver that you can get from their tech support. It masks the hardware/firmware problem in software, and is almost always a Windows-centric thing. *shudder* that's all, just *shudder* There were also (at least used to be) reports of troubles with some SATA cables, and as you've replaced your HD it might be worth checking your cable attachments are good, nothing twisted or under sideways pressure? Bad thing here is the old: but it worked in 7.x, only fails with 8.x Whenever I see _that_ I think developer involvement/smarter people than me required I have exactly that problem resuming from suspend on my Thinkpad T23 on all 8.x, where it worked fine from 6.1 through 7.4-PRERELEASE. So far the smarter people are saying nothing; maybe I've offended some gods? Well, the irony here, the failing drive is *ALSO* 8.1, I can slap that back in and fire it up, it still boots and works, I just didn't want to take the risk of the drive's cheese sliding off it's cracker. How hard is it to replace the SATA cable in these? I haven't time to hunt now, but recall a swathe of messages to -stable a couple of years ago about SATA problems that were entirely solved by replacing cables. [..] On Sun, Jan 2, 2011 at 2:19 AM, Ian Smith smi...@nimnet.asn.au wrote: On /dev/ad4, oseek=0 zeroes sector 0, the MBR including DOS partition (FreeBSD slice) table, so that would kill all the slice data, so sure, ad4s1 won't exist. oseek=1 just zeroes an unused sector as we've seen. What you _can_ do from that state is: dd if=/dev/zero of=/dev/ad4 oseek=63 count=8 which will remove the first 4K of (what will be) slice 1, in case there's a misconfigured bsdlabel there, for later. I'm not convinced this is likely your problem, but it can't hurt before slice 1 exists (by virtue of having an entry in the MBR, when it should show up in /dev) I'll give this a shot and let the list know what I find. Again, getting a copy of what's there before zeroing may be helpful. Do you mean you dd'd the memstick.img to the external USB drive? And that booted ok? And sysinstall found it ok, as /dev/ad0a? Details! Haha! yes, I dd'd the memstick image to the external USB drive. It did boot just fine, but not ad /dev/ad0a, it booted the drive as /dev/da0a. Which is a 1gb partition, the other 59gb remained unused/unsliced. I don't have and media where I could write a 1GB image to w/o wasting a DVD and just couldn't justify that loss of space lol. Sorry, typo: /dev/da0a. Yes the images are 'hybrid' unsliced disks. If you check with fdisk da0 you'll see it appears as slice 4, of about 24MB. The boot sector is /boot/boot1 with a munged MBR entry pointing to itself (ie slice s4 starts at sector 0), sectors 1-7 are /boot/boot2, with an also munged bsdlabel in sector 1. From an 8.1-R memstick.img: t23% fdisk -s da0 /dev/da0: 967 cyl 64 hd 32 sec PartStartSize Type Flags 4: 0 5 0xa5 0x80 t23% bsdlabel da0c # (da0a whinges about size error) # /dev/da0c: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 1852024 16unused0 0 c: 18520400unused0 0 # raw part, don't edit You should be able to find 1GB USB sticks for close to free these days; longer term sysinstall needs to be taught to boot/use sliced USB media. Given you've shown previously that s1 starts at sector 63, so will: sysctl kern.geom.debugflags=16 dd if=/dev/zero of=/dev/ad4 oseek=63 count=8 Fixit# sysctl kern.geom.debugflags=16 sysctl kern.geom.debugflags: 0 - 16 Fixit# dd if=/dev/zero of=/dev/ad4 oseek=63 count=8 8+0 Records in 8+0 records out 4096 bytes transferred in 0.431880 secs (9484 bytes/sec) Ok, so 'dd if=dev/ad4 iseek=63 count=8 | hd' should confirm it's all zeroes (re Mike's concern about confirming that writes are not being mangled). I'm not sure Fixit has hd though, and can't boot one just now. I think there's enough free space on the image to write a few megs to /dev/da0, I recall saving a dmesg and sysctl -a there once so I could view it on another box, though df already shows it as 'overfull': /dev/da0a 923679 860995 -11210 101%/mnt Of course that's not impossible, but you did say you'd installed some linux on it ok? Clutching at straws, is there anything in your BIOS regarding different SATA modes you can play with? (No SATA disks here) Yes, as I said in Mike's reply above, I did write a simple ext4 partition to the drive just to prove to myself that it could be done (and it worked). No, I've checked and rechecked, this laptop's
Re: a new hard-drive in a 2y/o laptop
On Tue, 4 Jan 2011, Warren Block wrote: On Tue, 4 Jan 2011, Chris Brennan wrote: On Tue, Jan 4, 2011 at 3:56 AM, Ian Smith smi...@nimnet.asn.au wrote: On Mon, 3 Jan 2011 16:31:17 -0500, Chris Brennan wrote: [.. trimming ccs, selectively quoting and de-gmailing a bit ..] Trimmings! Oh nevermind. I don't know what possessed me to go and look at the debug window. But I do and I see the following. GEOM: ad4: the primary GPT table is corrupt or invalid. GEOM: ad4: using the secondary instead -- recovery strongly advised. This is even after zero the beginning and the end of the drive Something is hinky! Indeed. Well Chris attached the following to his prior email, which made it to the list being text, dmesg didn't, application/octet-stream: http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20110104/c370dd77/dmesg-0001.obj But confirming the GEOM messages shown above, here's the 'smoking gun': 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 || * 4000 45 46 49 20 50 41 52 54 00 00 01 00 5c 00 00 00 |EFI PART\...| 4010 2b b3 b7 fa 00 00 00 00 ef 66 54 57 00 00 00 00 |+fTW| 4020 01 00 00 00 00 00 00 00 22 00 00 00 00 00 00 00 |...| 4030 ce 66 54 57 00 00 00 00 45 51 13 4c 0e 0e e0 11 |.fTWEQ.L| 4040 95 6e 00 1d 72 5b f5 d6 cf 66 54 57 00 00 00 00 |.n..r[...fTW| 4050 80 00 00 00 80 00 00 00 86 d2 54 ab 00 00 00 00 |..T.| 4060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 || * 4200 So that is really the last 33 sectors of the disk (0x4200 = 16896d, / 512 = 33) and the last sector does indeed have the 'GPT EFI' signature (ref: http://en.wikipedia.org/wiki/GUID_Partition_Table), so the seek and count looks right, matching the read command I'd suggested: dd if=/dev/ad4 iseek=1465149135 count=33 | hd Seems odd that it hasn't been zeroed, but all the sectors before it are (ie there's just the header, no actual 128-byte partition entries if I'm interpreting this correctly), so maybe there's still some off-by-one in counting from the end of the disk for writing, not knowing the actual dd command used .. you're not wrong that negative offsets can be tricky! Today I also found that zeroing the beginning and end of the drive didn't seem to be enough. I had the start of a huffy email about how hard it was to calculate the end of a drive in blocks, and how dd didn't have a negative oseek to seek backwards from the end. But then I checked gpart(8)... and it turns out that # gpart destroy -F da0 works. Be very careful that you've got the right drive there, of course. Saw Chris' later message that -F isn't there for him, but here's what should be, on the data, the sure-fire way to clobber that last sector: dd if=/dev/zero of=/dev/ad4 oseek=1465149167 which command SHOULD report just 512 bytes written (we're sure it can't write past the end of the disk with no count specified), after which: dd if=/dev/ad4 iseek=1465149167 | hd SHOULD show zeroes from to 01ff (ie next block 0200) If not, there really must be some hardware issue with writing? Hopefully getting there! cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Sun, 2 Jan 2011 10:22:55 +, Bruce Cran wrote: On Fri, 31 Dec 2010 01:13:57 -0500 Chris Brennan xa...@xaerolimit.net wrote: No worries on missing it, I'm not sure that helped, I farted around with it again earlier today with little more in the way of success. What I tried was to just set up '/' and swamp and it still prompted me about not being able to find /dev/ad4s1b. See my post later in the thread: this most likely has nothing to do with the partition layout but the fact that FreeBSD is finding an old partition scheme. Even dodgier than waiting to quote a message from a digest that hasn't arrived yet is hand-indenting a paste from pipermail :) but I'll hang this off your thread, thanks Bruce .. On Sun, 02 Jan 2011 01:39:13 -0500 Michael Powell nightrecon at hotmail.com wrote: Unable to find device node for /dev/ad4s1b in /dev! The creation of filesystems will be aborted. Then pressing OK brings this: Couldn't make filesystems properly. Aborting. This from sysinstall and occurs after fdisk, labeling, at the point when sysinstall then tries to write out the config to the disk and newfs. This can happen if you've had it partitioned using GPT at some point - in that case you need to use dd to zero the first _and_ last sectors of the disk. Although it's a brand new disk, quoting Chris' original message after skipping the shutdown when too hot issue: gonna let it cool down and try the smart tests again. Incidentally, I was able to boot a gentoo disc and set up an ext4 filesystem on the same disk and it worked fine, so I don't understand why freebsd can't preform a newfs on the drive. Hmm, should we bet against a gentoo install using GPT these days? Finding out about the actual disk layout in gpt(8), gpart(8) etc proving fruitless and finding nothing in Handbook, FAQ or wiki, I resorted to http://en.wikipedia.org/wiki/GUID_Partition_Table for hopefully correct information. I hadn't even known that sectors 1-33 were used for the GPT (making Mike's zeroing of sector 1 sensible even on sliced disks), nor that the last 33 sectors were for its backup table, thanks. So: dd if=/dev/zero of=/dev/da4 skip=N where N is the known total number of sectors minus 34, should do it? If not, we can't rule out Mike's concerns about BIOS incompatibility or such, but this sure sounds like the next thing Chris should try. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Mon, 3 Jan 2011, Ian Smith wrote: dd if=/dev/zero of=/dev/da4 skip=N where N is the known total number of sectors minus 34, should do it? Argh .. that should be seek=N, not skip. Up way too late .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
In freebsd-questions Digest, Vol 343, Issue 10, Message: 23 On Fri, 31 Dec 2010 19:37:10 -0500 Michael Powell nightre...@hotmail.com wrote: Ian Smith wrote: In freebsd-questions Digest, Vol 343, Issue 5, Message: 10 On Tue, 28 Dec 2010 11:02:45 -0500 Chris Brennan xa...@xaerolimit.net wrote: On Tue, Dec 28, 2010 at 2:23 AM, Michael Powell nightre...@hotmail.comwrote: Try zeroing out the mbr: Boot a LiveFS CD, then at a root prompt do: sysctl kern.geom.debugflags=16 and: dd if=/dev/zero of=/dev/adx oseek=1 bs=512 count=1 where x equals your drive number. This will zero out any old MBR. Er, no, Mike. The MBR is in sector 0 of the disk; that would zero out sector 1 as oseek=1 skips over sector 0. What's in sector 1 depends on how/whether the disk is sliced. In a 'dangerously dedicated' (unsliced) disk like a memory stick perhaps, this would usually be /boot/boot1 and include the bsdlabel. In a sliced disk, sectors 1 to 62 are typically unused, the first slice usually starting at sector 63. t23% fdisk -s ad0 /dev/ad0: 232581 cyl 16 hd 63 sec PartStartSize Type Flags 1: 63 8385867 0x0b 0x00 2: 8385930 125821080 0xa5 0x80 3: 13420701033543342 0xa5 0x00 4: 16775073066685815 0xa5 0x00 If you really want to zero out sector 0, leave out the oseek (or use oseek=0) - but you're better off using 'fdisk -Bi' to init a new disk. Yes - true enough. Was thinking partition table and typed 'mbr'. Well, what's commonly called 'the partition table' is bytes 0x1be-1ff of the MBR, so I was confused by your writing to sector 1 rather than 0, but have a new theory to test, seeing Chris isn't making any progress; this maybe a victim of the old 'slice vs partition' terminology issue. In my case, a temporary replacement disk had FreeBSD 6.2 on it. Something changed wrt to disklabeling on the way to 8-Release and the old 6.2 being present created a situation where that region on the disk was invisible to the new labeling and wouldn't write out. A new install of 8-Release (sysinstall) would error out with the same message as Chris when it came to the point of writing out to the disk. For me, the above 2 commands fixed my situation. Even though his error is the same, I think his problem may be different from mine. The bsdlabel lives in sector 1 (counting from 0) of the slice concerned, specifically the first 0x114 (276d) bytes, in the second sector of the boot blocks. As noted above, in unsliced disks such as memstick.img that's sector 1 of the entire disk, but in ordinary sliced disks it's in sector 1 of the _slice_, so if you'd used (here using Chris' ad4) dd if=/dev/zero of=/dev/ad4s1 oseek=1 bs=512 count=1 - rather than of=/dev/ad4 - then you would indeed be zeroing out the label, ie the 'partition table' in FreeBSD-speak. Is that perhaps what you had to do to that 6.2 disk, which I suppose was a sliced disk? At 6.x (and 7.x, I think) it could have been 'dangerously dedicated' ie unsliced .. which option has been removed in 8.x _except_ regarding the memstick.img (appearing as /dev/daXa) .. not half confusing, eh? In any case, it'd be a cheap trick for Chris to try from Fixit, and though it seems unlikely there'd be anything 'leftover' from an earlier install, maybe earlier failure/s have left a broken bsdlabel there? So at this still-uninstalled stage it couldn't hurt to zero that sector, or even the first 4KB of ad4s1 .. which is /boot/boot1 plus /boot/boot2 (which equals /boot/boot !) before the label section gets written. ie: sysctl kern.geom.debugflags=16 dd if=/dev/zero of=/dev/ad4s1 bs=512 count=8 will remove slice 1's boot blocks entirely, including the bsdlabel. cheers, Ian [excuse broken threading, but unless cc'd I have to reply to the digest] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Sun, 2 Jan 2011 01:15:35 -0500, Chris Brennan wrote: On Sat, Jan 1, 2011 at 10:20 PM, Ian Smith smi...@nimnet.asn.au wrote: [..] The bsdlabel lives in sector 1 (counting from 0) of the slice concerned, specifically the first 0x114 (276d) bytes, in the second sector of the boot blocks. As noted above, in unsliced disks such as memstick.img that's sector 1 of the entire disk, but in ordinary sliced disks it's in sector 1 of the _slice_, so if you'd used (here using Chris' ad4) dd if=/dev/zero of=/dev/ad4s1 oseek=1 bs=512 count=1 I would happily run this, but ad4s1 doesn't exist, and hasn't (that I know of), I did do oseek=0 and oseek=1 on /dev/ad4 tho and that didn't change anything, it still says it can't find /dev/ad4s1b (swap obviously) On /dev/ad4, oseek=0 zeroes sector 0, the MBR including DOS partition (FreeBSD slice) table, so that would kill all the slice data, so sure, ad4s1 won't exist. oseek=1 just zeroes an unused sector as we've seen. What you _can_ do from that state is: dd if=/dev/zero of=/dev/ad4 oseek=63 count=8 which will remove the first 4K of (what will be) slice 1, in case there's a misconfigured bsdlabel there, for later. I'm not convinced this is likely your problem, but it can't hurt before slice 1 exists (by virtue of having an entry in the MBR, when it should show up in /dev) At 6.x (and 7.x, I think) it could have been 'dangerously dedicated' ie unsliced .. which option has been removed in 8.x _except_ regarding the memstick.img (appearing as /dev/daXa) .. not half confusing, eh? I actually noticed this today, I had issues writing 8.2BETA1 to a 2GB MicroSD card, so I used a 2.5 external hard-drive and from the fixit prompt I noticed that it wrote a 1gb partition for the BETA1 image and left the rest of the desk untouched (ann 59gb of it). Do you mean you dd'd the memstick.img to the external USB drive? And that booted ok? And sysinstall found it ok, as /dev/ad0a? Details! sysctl kern.geom.debugflags=16 dd if=/dev/zero of=/dev/ad4s1 bs=512 count=8 will remove slice 1's boot blocks entirely, including the bsdlabel. Given you've shown previously that s1 starts at sector 63, so will: sysctl kern.geom.debugflags=16 dd if=/dev/zero of=/dev/ad4 oseek=63 count=8 [excuse broken threading, but unless cc'd I have to reply to the digest] I've been trying to keep you in my replies Getting yours fine; that was re my reply to Mike's message. but your down-under, so I don't get your replies till after 1am my time... Anywho, it's late and I need to be up in 8hrs, hopefully this Yeah North America is so yesterday from here (well, 16 hours for you :) can be figured out ... I would hate for the disk to be defective in some way. Of course that's not impossible, but you did say you'd installed some linux on it ok? Clutching at straws, is there anything in your BIOS regarding different SATA modes you can play with? (No SATA disks here) Something else you could try is W)riting the slice table + MBR out from the fdisk menu, then quit sysinstall and reboot. You can do the same after labelling but before newfs'ing .. not generally recommended, but safe enough on a blank disk. If you do the latter, you'll have to reenter your mount points later, so make a note of the order and size of partitions that you specified. Hopefully somebody else has a take on all this, I'm out of ideas .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: a new hard-drive in a 2y/o laptop
On Thu, 30 Dec 2010 11:17:48 -0500, Chris Brennan wrote:
On Thu, Dec 30, 2010 at 12:24 AM, Ian Smith smi...@nimnet.asn.au wrote:
I don't expect this to be anything like that. Please show a) how many
slices you allocated and how big this FreeBSD slice is and b) how you
partitioned the FreeBSD slice into (and sizes of) / /var/ /usr [/tmp?]
and especially swap.
I wouldn't allocate any less than 1GB for your root (/) partition esp.
if building custom kernel/s; maybe that's fixed in sysinstall for 8.2?
I cleaned out the thread, leaving only your last bit of questions here.
Goodo. I'll try chopping a bit too ..
I did apparently screw up the 'dd' cmd, I retyped it correctly, below is my
(very carefully) retyped recreation of the Fixit prompt;
[..]
Fixit# dd if=/dev/zero of=/dev/ad4 oseek-0 bs=512 count=1
Assuming that's 'oseek=0', which is the default anyway.
1+0 records in
1+0 records out
512 bytes transferred ub 0.044723 secs (11448 bytes/sec)
Fixit# fdisk -Bi /dev/ad4
*** Working on device /dev/ad4 ***
parameters extracted from in-core disklabel are:
cylinders=1453521 heads=16 sectors/tracks=63 (1008 blks/cyl)
Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=1453521 heads=16 sectors/tracks=63 (1008 blks/cyl)
Do you want to change our idea of what BIOS thinks ? [n]
[..]
This is where I stopped, admittedly, I do not know how to use FreeBSD's
fdisk. For the sake of brevity and to move along, I'll break fdisk here and
move back to sysinstall and provide what information I can this way.
Fair enough. 'what BIOS thinks' here is fine on modern disks/boxes, but
the issue here is what a new(ish) user might conceive of as 'modern'!
From sysinstalls menu, I choose 'Standard', next is the usual message about
fdisk partitioning schemes. After this, I get a 'User Confirmation Request',
which is very similar to the warning I received above. It says
[..]
WARNING: It is safe to use a geometry of 1453521/16/63 for ad4 on computers
with modern BIOS versions. If this disk is to be uised on an old machine it
is recommended that it does not have more then 65535 cylinders, more then
255 heads, or more then 63 sectors per track.
Would you like to keep using the current geometry?
Yes No
[..]
This is where I have two choices
Choice 1 (YES) produces the following in fdisk when choosing 'a' to use the
whole disk.
[..]
OffsetSize(ST)EndNamePTypeDescSubtype
Flags
06362-12unused0
6314651491051465149167ad4s18freebsd165
[..]
Yes, you should go with this. 'modern BIOS versions' here refers to
anything later than (roughly) the mid-90s! An 'old machine' in this
context - remembering sysinstall was originally written then - was one
not using LBA (logical block addressing), when 8GB was a fairly big HD
at least for IDE, when the 'big guys' were mostly using SCSI disks.
That message is actually a lot less scary than it was until a couple of
years ago, when it used to cause much more angst and regular posts, see:
http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/sysinstall/disks.c.diff?r1=1.160;r2=1.161;f=h
Choice 2 (NO) produces the following in fdisk when choosing 'a' to use the
whole disk.
[..]
If you are not sure about this, please consult the Hardware Guide in the
Documentation submenu or use the {G}eometry command to change it. Remember:
You need to eneter whatever your BIOS thinks the geometry is! For IDE, it's
what you were told in the BIOS setup. For SCSI, It's the translation mode
your controller is using. Do NOT use a ''physical geometry''.
OK
[..]
[..]
OffsetSize(ST)EndNamePTypeDescSubtype
Flags
06362-12unused0
6314651440021465144064ad4s18freebsd165
146514406551031465149167-12unused0
[..]
Decidedly, the end result is approximately 698GB for the usable partition,
the second choice giving me a padding on both sides of the freebsd slice.
You don't say what alternative geometry you entered here, if any .. but
really this whole thing needs to go away. Maybe it needs some heuristic
to see if it could _even possibly_ be an ancient HD needing alternative
geometry? In any case, anything after 2000 is definitely 'modern'.
Copying this to Bruce Cran, who's been hacking on sysinstall lately.
Moving on now, I choose the following
Standard MBR
Disklebel Editor
[..]
PartMountSizenewfs
--
ad4s1a/512MBUFS2 Y
ad4s1bswap4096MBSWAP
ad4s1d/var4973MBUFS2+S Y
ad4s1e/tmp512MBUFS2+S Y
ad4s1f/usr688GBUFS2+S Y
Re: a new hard-drive in a 2y/o laptop
In freebsd-questions Digest, Vol 343, Issue 5, Message: 10 On Tue, 28 Dec 2010 11:02:45 -0500 Chris Brennan xa...@xaerolimit.net wrote: On Tue, Dec 28, 2010 at 2:23 AM, Michael Powell nightre...@hotmail.comwrote: Try zeroing out the mbr: Boot a LiveFS CD, then at a root prompt do: sysctl kern.geom.debugflags=16 and: dd if=/dev/zero of=/dev/adx oseek=1 bs=512 count=1 where x equals your drive number. This will zero out any old MBR. Er, no, Mike. The MBR is in sector 0 of the disk; that would zero out sector 1 as oseek=1 skips over sector 0. What's in sector 1 depends on how/whether the disk is sliced. In a 'dangerously dedicated' (unsliced) disk like a memory stick perhaps, this would usually be /boot/boot1 and include the bsdlabel. In a sliced disk, sectors 1 to 62 are typically unused, the first slice usually starting at sector 63. t23% fdisk -s ad0 /dev/ad0: 232581 cyl 16 hd 63 sec PartStartSize Type Flags 1: 63 8385867 0x0b 0x00 2: 8385930 125821080 0xa5 0x80 3: 13420701033543342 0xa5 0x00 4: 16775073066685815 0xa5 0x00 If you really want to zero out sector 0, leave out the oseek (or use oseek=0) - but you're better off using 'fdisk -Bi' to init a new disk. I have seen this exact error before, and this is what took care of it. -Mike Mmm .. it's not clear from Chris' original message exactly what he did. Mike, Thanks for that little tip, I tried it this morning and it hung for about 30 second w/ no cd/hd activity, then it resumed w/ a beep, it printed some garbage on the console, the only ledgeable was the following [..] GARBAGEInvalid partition tableError loading operating systemMissing operating systemGARBAGEGARBAGEGARBAGE1+0 records in 1+0 records out 512 bytes transferred in 2.712151 secs (189 bytes/sec) [..] This doesn't make sense. Rather than 'I tried it' please show the exact command/s you are issuing. Given it's a new disk you can afford to make mistakes, but once you have anything valuable on a disk you need to take extreme care with dd(1), it's so easy to fatfinger something wrong. eg, what you show above would indicate just what you'd get by running: dd if=/dev/ad4 count=1 ie, using 'if=' not 'of=', with of=/dev/stdout implied, ie to console. If you do want to look at one or more raw sectors, it's very much safer piping dd's stdout to hd (hexdump), as the delays and beep you mention are consistent with piping raw bytes out to the console .. often this can blow your console settings away (I've done it too many times :) If you initialise a disk with the default MBR (or it came that way) then that's usually what's in /boot/mbr - or /boot/boot0 if you've chosen the FreeBSD boot manager, or something else if using (say) grub. t23% dd if=/boot/mbr | hd fc 31 c0 8e c0 8e d8 8e d0 bc 00 7c be 1a 7c bf |.1.|..|.| 0010 1a 06 b9 e6 01 f3 a4 e9 00 8a 31 f6 bb be 07 b1 |..1.| 0020 04 38 2f 74 08 7f 75 85 f6 75 71 89 de 80 c3 10 |.8/t..u..uq.| 0030 e2 ef 85 f6 75 02 cd 18 80 fa 80 72 0b 8a 36 75 |u..r..6u| 0040 04 80 c6 80 38 f2 72 02 8a 14 89 e7 8a 74 01 8b |8.r..t..| 0050 4c 02 bb 00 7c f6 06 bd 07 80 74 2d 51 53 bb aa |L...|.t-QS..| 0060 55 b4 41 cd 13 72 20 81 fb 55 aa 75 1a f6 c1 01 |U.A..r ..U.u| 0070 74 15 5b 66 6a 00 66 ff 74 08 06 53 6a 01 6a 10 |t.[fj.f.t..Sj.j.| 0080 89 e6 b8 00 42 eb 05 5b 59 b8 01 02 cd 13 89 fc |B..[Y...| 0090 72 0f 81 bf fe 01 55 aa 75 0c ff e3 be b9 06 eb |r.U.u...| 00a0 11 be d1 06 eb 0c be f0 06 eb 07 bb 07 00 b4 0e || 00b0 cd 10 ac 84 c0 75 f4 eb fe 49 6e 76 61 6c 69 64 |.u...Invalid| 00c0 20 70 61 72 74 69 74 69 6f 6e 20 74 61 62 6c 65 | partition table| 00d0 00 45 72 72 6f 72 20 6c 6f 61 64 69 6e 67 20 6f |.Error loading o| 00e0 70 65 72 61 74 69 6e 67 20 73 79 73 74 65 6d 00 |perating system.| 00f0 4d 69 73 73 69 6e 67 20 6f 70 65 72 61 74 69 6e |Missing operatin| 0100 67 20 73 79 73 74 65 6d 00 90 90 90 90 90 90 90 |g system| 0110 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 || * 01b0 90 90 90 90 90 90 90 90 90 90 90 90 90 80 00 00 || 01c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 || * 01f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 aa |..U.| 0200 1+0 records in 1+0 records out 512 bytes transferred in 0.079548 secs (6436 bytes/sec) Look familiar? :) That's what 'dd if=/dev/ad4 count=1 | hd' would show on a disk with default MBR, except there'd be the slice data in the MBR section of the boot sector, starting at 0x1be, ending with 'sig' 55aa. Restarting the install process, again accepting defaults, I am again Again, please be more explicit. Defaults for what? One slice covering the
Re: what process is sending this packet?
In freebsd-questions Digest, Vol 343, Issue 3, Message: 10 On Mon, 27 Dec 2010 06:30:05 -0800 S Mathias smathias1...@yahoo.com wrote: I can see, that theres a program that keeps sending packets on port 25: Dec 27 14:11:46 a kernel: [ 6336.992320] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=61533 DF PROTO=TCP SPT=37263 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 Dec 27 14:12:01 a kernel: [ 6352.635704] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55853 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 Dec 27 14:12:04 a kernel: [ 6355.641085] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55854 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 Dec 27 14:12:10 a kernel: [ 6361.649059] O_D_LOG: IN= OUT=lo SRC=127.0.0.1 DST=127.0.0.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=55855 DF PROTO=TCP SPT=40644 DPT=25 WINDOW=32792 RES=0x00 SYN URGP=0 but where or how could i find out, that what process sends these packets? I believe you've posted to the wrong list; this looks pretty much like a linux box running the ipchains firewall to me .. we have one of those: r...@pigs:~ # uname -a Linux pigs.wxyz.org 2.4.36 #1 Tue Jul 22 13:13:24 GMT 2008 i686 pentium3 i386 GNU/Linux From its /var/log/messages: Dec 28 14:47:07 pigs kernel: INPUT IN=ppp0 OUT= MAC= SRC=84.100.172.194 DST=w.x.y.z LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=52491 DF PROTO=TCP SPT=2381 DPT=23 WINDOW=5808 RES=0x00 SYN URGP=0 Dec 28 14:47:15 pigs kernel: INPUT IN=ppp0 OUT= MAC= SRC=84.100.172.194 DST=w.x.y.z LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=53751 DF PROTO=TCP SPT=2635 DPT=22 WINDOW=5808 RES=0x00 SYN URGP=0 I'm hoping to check out Luigi's linux port of ipfw + dummynet sometime, but have yet to hear of ipchains - let alone (ugh!) tc - on FreeBSD :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: kernel config file according to config(5): inconsistent ?
In freebsd-questions Digest, Vol 342, Issue 9, Message: 1 On Sat, 25 Dec 2010 04:38:08 -0800 Rob spamref...@yahoo.com wrote: I read the guidelines in the man pages of config(5) on how to make a customized kernel config file: nooption name [, name [...]] nooptions name [, name [...]] Remove the specified kernel options from the list of previously defined options. This directive can be used to cancel the effects of option or options directives in files included using include. So I put following in my MYKERNEL config file: include GENERIC nocpu I486_CPU nocpu I586_CPU ident MYKERNEL nomakeoptions DEBUG nooptions MD_ROOT nooptions NFSCLIENT , NFSSERVER , NFSLOCKD , NFS_ROOT nooptions MSDOSFS , CD9660 nooptions PROCFS , PSEUDOFS The comma separated items seemed to cause an error when I do the buildkernel. If I remove the commas and make a 'nooptions' per item, then it is OK. Something seems to be inconsistent here, right? Same inconsistency for nodevices with the syntax in the manpages and the real config file Arguably unforgiving parsing and/or imprecise description. Try eg: nooptions NFSCLIENT, NFSSERVER, NFSLOCKD, NFS_ROOT with no space[s] before comma[s], as is generally conventional. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: kernel config file according to config(5): inconsistent ?
On Sun, 26 Dec 2010, Bruce Cran wrote: On Mon, 27 Dec 2010 00:29:47 +1100 (EST) Ian Smith smi...@nimnet.asn.au wrote: Arguably unforgiving parsing and/or imprecise description. Try eg: nooptions NFSCLIENT, NFSSERVER, NFSLOCKD, NFS_ROOT with no space[s] before comma[s], as is generally conventional. That doesn't work either. It should be fairly easy to see what's wrong since the parser's in usr.sbin/config/config.y . That'll teach me to punt on conventional generality :) Probably should be easy, but from trying to parse that and lang.l I get the vague impression (at best) that Rob's original should have worked? Too much partying probably .. care to enlighten us? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: kernel config file according to config(5): inconsistent ?
On Sun, 26 Dec 2010, Bruce Cran wrote: On Mon, 27 Dec 2010 01:50:45 +1100 (EST) Ian Smith smi...@nimnet.asn.au wrote: Probably should be easy, but from trying to parse that and lang.l I get the vague impression (at best) that Rob's original should have worked? Too much partying probably .. care to enlighten us? The NOOPTION token doesn't accept an Opt_list, just a Save_Id - it's just OPTIONS and MAKEOPTIONS that can have a list. Ah, indeed. So the config(5) nooption[s] entry is plain wrong, or at least 'ahead of the code' :) and whitespace is ignored anyway. Interesting parser; thanks for the introductory crash course! cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FBSD Realtime
In freebsd-questions Digest, Vol 342, Issue 1, Message: 14 On Sun, 19 Dec 2010 19:49:08 -0600 Brandon Gooch jamesbrandongo...@gmail.com wrote: On Sun, Dec 19, 2010 at 6:49 AM, Da Rock freebsd-questi...@herveybayaustralia.com.au wrote: I can't seem to get my head on straight with the realtime scheduling in FBSD despite all my googling. Can someone give me a pointer to the latest info? As far as I can tell FBSD has it, but only root(?) can use it? I'm interested in who can use it, and how to allow a user to obtain the realtime access. There's an ongoing discussion/debate between two very knowledgeable and talented developers (plus a supporting cast) regarding the real-time support in FreeBSD; it's happening on freebsd-arch@: http://lists.freebsd.org/pipermail/freebsd-arch/2010-December/010835.html I suggest giving it a read if you are planning on deploying some real-time process (or are interested in reading about FreeBSD internals from some very knowledgeable people). Brandon, thanks for the pointer; I love it when those guys talk dirty :) Rock, I think that thread well explains why only root may assign rtprio. It's encouraging seeing rtprio get some oil; realt...@freebsd.org has been all but dead for years, its latest message scheduling euthanasia: http://lists.freebsd.org/pipermail/freebsd-realtime/2010-November/35.html cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Spam with fake address from the list?
Re: freebsd-questions Digest, Vol 341, Issue 6, Message: 27 On Thu, 16 Dec 2010 11:44:09 + Bruce Cran br...@cran.org.uk wrote: On Thu, 16 Dec 2010 12:40:35 +0100 Michelle Konzack bsd4miche...@tamay-dogan.net wrote: does someone get this kind of spam too? Yes, lots of people have been getting that for a few months. parklogic claim there's not anything they can do about it despite it apparently coming from their servers. If you researched the mob running parklogic, I suspect you'd tend to give any claims they may make scant credence, to say the very least. These forged messages were blocked inbound to the FreeBSD mailservers in August, but continue to be sent individually to participants harvested from messages posted to this list, and likely will continue to be. Since this is becoming a FAQ: To date all of these forged messages contain the following mail headers: Return-Path: anonym...@dusk.parklogic.com Received: from dusk.parklogic.com (allmail.0b2.net [64.38.11.26]) Having your mailserver refuse connections from IP address 64.38.11.26 or domain 0b2.net, or envelopes sent by parklogic.com, definitively solves this problem. In sendmail /etc/mail/access syntax, use any or all of: From:parklogic.com REJECT Connect:64.38.11.26 REJECT Connect:0b2.net REJECT For those without control over their inbound mailserver, try to block or filter mail based on those Return-Path: or Received: headers above, or on the Message-ID: header which has always contained 'parklogic.com': Message-ID: 20101110202251.16589.qm...@dusk.parklogic.com And don't forget to wash your hands after flushing :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: boot, rc script and logs
On Wed, 15 Dec 2010 15:42:29 +0100, Samuel Martín Moro wrote: On Wed, Dec 15, 2010 at 4:57 AM, Ian Smith smi...@nimnet.asn.au wrote: [..] Dec 14 13:26:47 camtrace13 kernel: ^[[m Dec 14 13:26:47 camtrace13 kernel: ^[[39;49m^[[=1S Dec 14 13:26:47 camtrace13 kernel: ^[[39;49m^[[m^[[H^[[J^[[17d^[[36m^[[44m^[[1m^[[J^[[H^[[K^[[B^[[K^[[B^[[K^[[B^[[K^[[B^[[K^[[B^[[K^[[B^[[K^[[B^[[K^[[B * ^[[37m^[[**47mÿÿ** [[m^[[30m^[[47mÿÿ[[m^[[**36m^[[44m^[[1m^[[K^[[B* err.. we may have a encoding problem. Indeed. I originally quoted yours from a digest, which are text-only, US-ASCII. Your reply has your name in ISO-8859-1, but both text and HTML parts in UTF-8. I expect this reply (with your i-acute correct) will be text-only, ISO-8859-1. pine does its best, but gmail confuses it; I don't know if not also sending HTML parts to the list may help, as mailman drops non-plaintext attachments, including HTML, anyway. but I'm quite sure it only is clearscreen, colors, and tputs stuff ^[[37m^[[47mÿÿ[[m^[[30m^[[47m^[[68X^[[74`ÿÿ[[m^[[30m^[[40m^[[1m ^[[36m^[[44m^[[K^[[B^[[37m^[[47mÿÿ[[m^[[30m^[[47m Checking DB 1/2^[[20X^[[74`ÿÿ[[m^[[30m^[[40m^[[1m ^[[36m^[[44m^[[K^[[B [..] Dec 14 13:26:48 camtrace13 kernel: Starting slim. Dec 14 13:26:48 camtrace13 kernel: Starting You'll need to rework this somehow so dialog's stdout isn't written to /dev/console, though that may seem necessary if you want it coming up on the VTY0 boot screen. It may involve decoupling this task from running 'inline' as a boot script somehow, or else making sure that output is redirected to a log or temporary file instead of directly into dialog. kay. It's now fixed. OUT=`/sbin/conscontrol | /usr/bin/sed -n 's;^Configured: .*\(tty[^,]*\).*$;/dev/\1;p'` (is it always /dev/ttyv0? in doubt, I'll trust conscontrol) [...] $DIALOG [...] $OUT Ah, bien. Yes I think it'll always be ttyv0 at that time, but that's an elegant solution. Thanks, we've both learned something! cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
