Re: raid1
How do we check if FreeBSD recorgnises it as individual drives or Hardware RAID array. - Original Message - From: Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] To: Sandy Rutherford [EMAIL PROTECTED] Cc: freebsd-questions@freebsd.org; Spades [EMAIL PROTECTED] Sent: Saturday, February 19, 2005 5:46 PM Subject: Re: raid1 On Feb 19, 2005, at 12:37 AM, Sandy Rutherford wrote: On Fri, 18 Feb 2005 23:51:53 -0700, Chad Leigh -- Shire.Net LLC [EMAIL PROTECTED] said: On Feb 18, 2005, at 11:39 PM, Spades wrote: hi, my server hardware supports hardware raid, i installed it as per normal freebsd 5.3, however i see no difference in df. its using 2 x 160GB, what do i do during the installation to enable the raid? mobo: http://www.supermicro.com/products/motherboard/Xeon800/E7320/X6DVL- EG.cfm -bash-2.05b$ df Filesystem 1K-blocks UsedAvail Capacity Mounted on /dev/ad4s1a 66008394 35424 60692300 0%/ devfs 1 10 100%/dev ... What do you expect to see? A raid1 is a mirror set and to the OS would probably look like a single drive if it truly is a HW raid This should be true of any hardware RAID level, not just RAID1. The HW RAID presents logical drives to the OS, which look like real drives to it. The caveat is that the RAID driver will appear as the disk type. I don't have any experience with SATA RAID, but on my server, which has a Mylex ExtremeRAID 1100 SCSI RAID card, a df gives: Filesystem 1K-blocksUsed Avail Capacity Mounted on /dev/mlxd0s1a ... /dev/mlxd0s1d ... /dev/mlxd0s1h ... /dev/mlxd0s1e ... /dev/mlxd0s1f ... /dev/mlxd0s1g ... /dev/mlxd1s1e ... /dev/mlxd1s1f ... /dev/mlxd1s1g ... /dev/mlxd2s1e ... mlx(4) is the driver for this card. The underlying hard drive structure doesn't look anything like the above, but this is irrelevant to the OS. Regarding your situation, I believe that your MB uses an Adaptec SATA controller. You should find out exactly what the controller is and if it is supported in Hardware Notes. I would expect that if your controller is supported and found, then ad should be replaced by the relevant driver. Also, have a look at the dmesg output. There should be some sign that the OS is recognizing your RAID controller. According to the MB specs at the URL given by the OP, the SATA is an Intel 6300ESB (part of a more general IO chip) 6300ESB (Hance Rapids) SATA Controller (2x Drive support) 2x SATA Ports RAID 0, 1, JBOD support I don't see any specific mention of this in any of the HW notes for 5.3. I would be interested to see the dmesg output at boot time to see what the system sees for devices and controllers. If it is an ATA raid (pseudo HW RAID) then it would show as arX devices and not adX according to the handbook. Chad ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
raid1
hi, my server hardware supports hardware raid, i installed it as per normal freebsd 5.3, however i see no difference in df. its using 2 x 160GB, what do i do during the installation to enable the raid? mobo: http://www.supermicro.com/products/motherboard/Xeon800/E7320/X6DVL-EG.cfm -bash-2.05b$ df Filesystem 1K-blocks UsedAvail Capacity Mounted on /dev/ad4s1a 66008394 35424 60692300 0%/ devfs 1 10 100%/dev /dev/ad4s1d 66008394 24 60727700 0%/home /dev/ad4s1e 10154158 683442 8658384 7%/usr /dev/ad4s1f 8172302982 7517536 0%/var -bash-2.05b$ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
raid 1 hotswap on freebsd
Hihi, I have on-board hardware that supports RAID 1, hotswap. How do I install it on FreeBSD 4.10 as in, during installation or do I need a software or application from ports to do it? PS: wonder if anyone has done this or use a step-by-step? Thanks! Regards, Bryan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
cpu temperature
is there a program to check the cpu's temperature for 4.10-stable? the machine is in remote and i hope to monitor the cpu/system temperature stats via ssh. thanks, -- bryan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recompiling my kernel error
After I cvsup'd and recompiling my kernel, it came up with this error, anyone has an idea on how to fix this? -- cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdinc -I- -I. -I../.. -I../../../include -I../../contrib/dev/acpica -I../../contrib/ipfilter -D_KERNEL -include pt_global.h -mpreferred-stack-boundary=2 ../../dev/advansys/adwmcode.c cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdinc -I- -I. -I../.. -I../../../include -I../../contrib/dev/acpica -I../../contrib/ipfilter -D_KERNEL -include pt_global.h -mpreferred-stack-boundary=2 ../../dev/an/if_an.c {standard input}: cc: Assembler messages: Internal compiler error: program cc1 got fatal signal 11{standard input}:1997: Warning: *** Error code 1 end of file not at end of a line; newline inserted Stop in /usr/src/sys/compile/CONF. {standard input}:4156: bash-2.05b# Error: suffix or operands invalid for `sub' ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recompiling my kernel error
After I cvsup'd and recompiling my kernel, it came up with this error, anyone has an idea on how to fix this? -- cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdinc -I- -I. -I../.. -I../../../include -I../../contrib/dev/acpica -I../../contrib/ipfilter -D_KERNEL -include pt_global.h -mpreferred-stack-boundary=2 ../../dev/advansys/adwmcode.c cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -nostdinc -I- -I. -I../.. -I../../../include -I../../contrib/dev/acpica -I../../contrib/ipfilter -D_KERNEL -include pt_global.h -mpreferred-stack-boundary=2 ../../dev/an/if_an.c {standard input}: cc: Assembler messages: Internal compiler error: program cc1 got fatal signal 11{standard input}:1997: Warning: *** Error code 1 end of file not at end of a line; newline inserted Stop in /usr/src/sys/compile/CONF. {standard input}:4156: bash-2.05b# Error: suffix or operands invalid for `sub' ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
jsp/tomcat/apache
hrm, any guides or urls to install apache+tomcat to read jsp? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MRTG monitoring specific ports
Thanks, i think its well done, but i couldn't get it to work. I have refreshed the mrtg page but doesn't seem to have the lines. See http://mojito.purplecards.com/mrtg http://mojito.purplecards.com/ipfwmrtg.php (you told me to create) # cat mrtg.cfg | grep [EMAIL PROTECTED] # ipfw -at list 2 00 count tcp from me 25 to any 3 00 count tcp from any to me 25 4 00 count tcp from me 110 to any 5 00 count tcp from any to me 110 6 00 count tcp from me 80 to any 7 00 count tcp from any to me 80 8 00 count udp from me 53 to any 9 00 count udp from any to me 53 65535 138410 17490211 Fri Oct 29 17:44:31 2004 allow ip from any to any I have php.4.39 installed, please advise, thanks. Spades - Original Message - From: Gerard D. [EMAIL PROTECTED] To: Spades [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 2:50 PM Subject: Re: MRTG monitoring specific ports I'm sure theres something better out there.. but heres a little script I threw togethor a long long long time ago for use on my webservers.. I know its nasty and could easily be done in a better language but i'm lazy as hell.. anyway it assumes you have ipfw support enabled and the command line version of php installed. /*** start ipfwmrtg.php */ #!/usr/local/bin/php ?php $ipfw_out = shell_exec(ipfw show .$_SERVER['argv'][1]. .$_SERVER['argv'][2]); $regexp = /([\d]+)[\s]+([\d]+)[\s]+([\d]+)[\s]+.+/; $ipfw = split(\n, $ipfw_out); foreach($ipfw as $pp) { preg_match($regexp, $pp, $out); $tmp[] = $out[3]; } //print_r($tmp); //echo fdc-bw 1 $tmp[1] $tmp[0] 0 0; echo $tmp[1].\n; echo $tmp[0].\n; echo 1.\n; echo name.\n; /** end ipfwmrtg.php ***/ /// code that goes in your mrtg.cfg Title[smtp]: smtp total stats Target[smtp]: `/usr/local/etc/mrtg/ipfwmrtg.php 2 3` MaxBytes[smtp]: 1500 PageTop[smtp]: h1smtp/h1 Title[pop3]: pop3 total stats Target[pop3]: `/usr/local/etc/mrtg/ipfwmrtg.php 4 5` MaxBytes[pop3]: 1500 PageTop[pop3]: h1pop3/h1 Title[http]: http total stats Target[http]: `/usr/local/etc/mrtg/ipfwmrtg.php 6 7` MaxBytes[http]: 1500 PageTop[http]: h1http/h1 Title[dns]: dns total stats Target[dns]: `/usr/local/etc/mrtg/ipfwmrtg.php 8 9` MaxBytes[dns]: 1500 PageTop[dns]: h1dns/h1 // end code for mrtg.cfg so anyway now that you have the code you'll need to add a couple ipfw rules.. something like ipfw add 2 count tcp from me 25 to any ipfw add 3 count tcp from any to me 25 ipfw add 4 count tcp from me 110 to any ipfw add 5 count tcp from any to me 110 ipfw add 6 count tcp from me 80 to any ipfw add 7 count tcp from any to me 80 ipfw add 8 count udp from me 53 to any ipfw add 9 count udp from any to me 53 would count all traffic going out of your server on port 25 and the second line would count all inbound traffic to your server on port 25.. You can add as many rules as you'd like just change the numbers for each new rule.. You will also need to update the #'s for the new rules in the Target[]: line that goes into mrtg.conf Okay Well i'm not good at explaining things.. I hope this can help you. good luck -Gerard On Thu, 28 Oct 2004 02:15:09 +0800, Spades [EMAIL PROTECTED] wrote: Hi, Is there anyway for us to trace the server bandwidth based on specific ports on a MRTG graph? Such as smtp bandwidth? port 25 pop3 bandwidth? port 110 web bandwidth? port 80 dns bandwidth? port 53 Is there any program or can MRTG do, please advise, thanks. -- Spades ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MRTG monitoring specific ports
I have pasted the Error: # /usr/local/mrtg-2/bin/mrtg /home/www/mojito.purplecards.com/mrtg/cfg/mrtg.cfg 3: not found WARNING: Problem with External get '/usr/local/etc/mrtg/ipfwmrtg.php 2 3': Expected a Number for 'in' but got '' 5: not found WARNING: Problem with External get '/usr/local/etc/mrtg/ipfwmrtg.php 4 5': Expected a Number for 'in' but got '' 7: not found WARNING: Problem with External get '/usr/local/etc/mrtg/ipfwmrtg.php 6 7': Expected a Number for 'in' but got '' 9: not found WARNING: Problem with External get '/usr/local/etc/mrtg/ipfwmrtg.php 8 9': Expected a Number for 'in' but got '' ERROR: Target[smtp][_IN_] ' $target-[1]{$mode} ' did not eval into defined data ERROR: Target[pop3][_IN_] ' $target-[2]{$mode} ' did not eval into defined data ERROR: Target[http][_IN_] ' $target-[3]{$mode} ' did not eval into defined data ERROR: Target[dns][_IN_] ' $target-[4]{$mode} ' did not eval into defined data - Original Message - From: Spades [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, October 29, 2004 5:46 PM Subject: Re: MRTG monitoring specific ports Thanks, i think its well done, but i couldn't get it to work. I have refreshed the mrtg page but doesn't seem to have the lines. See http://mojito.purplecards.com/mrtg http://mojito.purplecards.com/ipfwmrtg.php (you told me to create) # cat mrtg.cfg | grep [EMAIL PROTECTED] # ipfw -at list 2 00 count tcp from me 25 to any 3 00 count tcp from any to me 25 4 00 count tcp from me 110 to any 5 00 count tcp from any to me 110 6 00 count tcp from me 80 to any 7 00 count tcp from any to me 80 8 00 count udp from me 53 to any 9 00 count udp from any to me 53 65535 138410 17490211 Fri Oct 29 17:44:31 2004 allow ip from any to any I have php.4.39 installed, please advise, thanks. Spades - Original Message - From: Gerard D. [EMAIL PROTECTED] To: Spades [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 2:50 PM Subject: Re: MRTG monitoring specific ports I'm sure theres something better out there.. but heres a little script I threw togethor a long long long time ago for use on my webservers.. I know its nasty and could easily be done in a better language but i'm lazy as hell.. anyway it assumes you have ipfw support enabled and the command line version of php installed. /*** start ipfwmrtg.php */ #!/usr/local/bin/php ?php $ipfw_out = shell_exec(ipfw show .$_SERVER['argv'][1]. .$_SERVER['argv'][2]); $regexp = /([\d]+)[\s]+([\d]+)[\s]+([\d]+)[\s]+.+/; $ipfw = split(\n, $ipfw_out); foreach($ipfw as $pp) { preg_match($regexp, $pp, $out); $tmp[] = $out[3]; } //print_r($tmp); //echo fdc-bw 1 $tmp[1] $tmp[0] 0 0; echo $tmp[1].\n; echo $tmp[0].\n; echo 1.\n; echo name.\n; /** end ipfwmrtg.php ***/ /// code that goes in your mrtg.cfg Title[smtp]: smtp total stats Target[smtp]: `/usr/local/etc/mrtg/ipfwmrtg.php 2 3` MaxBytes[smtp]: 1500 PageTop[smtp]: h1smtp/h1 Title[pop3]: pop3 total stats Target[pop3]: `/usr/local/etc/mrtg/ipfwmrtg.php 4 5` MaxBytes[pop3]: 1500 PageTop[pop3]: h1pop3/h1 Title[http]: http total stats Target[http]: `/usr/local/etc/mrtg/ipfwmrtg.php 6 7` MaxBytes[http]: 1500 PageTop[http]: h1http/h1 Title[dns]: dns total stats Target[dns]: `/usr/local/etc/mrtg/ipfwmrtg.php 8 9` MaxBytes[dns]: 1500 PageTop[dns]: h1dns/h1 // end code for mrtg.cfg so anyway now that you have the code you'll need to add a couple ipfw rules.. something like ipfw add 2 count tcp from me 25 to any ipfw add 3 count tcp from any to me 25 ipfw add 4 count tcp from me 110 to any ipfw add 5 count tcp from any to me 110 ipfw add 6 count tcp from me 80 to any ipfw add 7 count tcp from any to me 80 ipfw add 8 count udp from me 53 to any ipfw add 9 count udp from any to me 53 would count all traffic going out of your server on port 25 and the second line would count all inbound traffic to your server on port 25.. You can add as many rules as you'd like just change the numbers for each new rule.. You will also need to update the #'s for the new rules in the Target[]: line that goes into mrtg.conf Okay Well i'm not good at explaining things.. I hope this can help you. good luck -Gerard On Thu, 28 Oct 2004 02:15:09 +0800, Spades [EMAIL PROTECTED] wrote: Hi, Is there anyway for us to trace the server bandwidth based on specific ports on a MRTG graph? Such as smtp bandwidth? port 25 pop3 bandwidth? port 110 web bandwidth? port 80 dns bandwidth? port 53 Is there any program or can MRTG do, please advise, thanks. -- Spades ___ [EMAIL PROTECTED
MRTG monitoring specific ports
Hi, Is there anyway for us to trace the server bandwidth based on specific ports on a MRTG graph? Such as smtp bandwidth? port 25 pop3 bandwidth? port 110 web bandwidth? port 80 dns bandwidth? port 53 Is there any program or can MRTG do, please advise, thanks. -- Spades ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: MRTG monitoring specific ports
Thanks, how do i install this and view the MRTG of the port 25, 110, etc. - Original Message - From: Joe Marcus Clarke [EMAIL PROTECTED] To: Spades [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Thursday, October 28, 2004 2:22 AM Subject: Re: MRTG monitoring specific ports -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Spades wrote: | Hi, | | Is there anyway for us to trace the server bandwidth based on | specific ports on a MRTG graph? | | Such as smtp bandwidth? port 25 | pop3 bandwidth? port 110 | web bandwidth? port 80 | dns bandwidth? port 53 | | Is there any program or can MRTG do, please advise, thanks. I use net/ntop of this. Ntop can also output Netflow data or RRDTool data, and has some built-in MRTG-like graphs. All-in-all, it's a great tool for traffic analysis. Joe | | -- | Spades | | ___ | [EMAIL PROTECTED] mailing list | http://lists.freebsd.org/mailman/listinfo/freebsd-questions | To unsubscribe, send any mail to | [EMAIL PROTECTED] | - -- PGP Key : http://www.marcuscom.com/pgp.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.6 (Darwin) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFBf+d3b2iPiv4Uz4cRAlCgAJ97OPJrVR3j3y9RzPjOuEHgOY3nlwCfUJRL uItqATmFzZdpeWmoWS33oKA= =iv3w -END PGP SIGNATURE- ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW
Hi, I would like to monitor the connections (source IP + destination port) of all connections to my server, can i use ipfw? any idea how do i execute the command to log that or the rule any programs to good to recommend.. Thanks! -- Spades ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ipfw flooding in /var/log/ipfw.log
i assigned the logging to /var/log/ipfw.log this is my ipfw.rule for now # ipfw add 900 allow log all from any to any when i ssh to the server, it will start flooding /var/log/ipfw.log Oct 25 18:29:12 mojito /kernel: ipfw: 900 Accept TCP 192.168.1.203:22 219.74.176.130:4510 out via fxp0 Oct 25 18:29:12 mojito /kernel: ipfw: 900 Accept TCP 219.74.176.130:4510 192.168.1.203:22 in via fxp0 It will keep spitting this 2 lines as long i'm connected, how do i make it such as it will log only one instance? Thanks Regards. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw flooding in /var/log/ipfw.log
error: # ipfw add 900 allow log all from any to any setup ipfw: unknown argument ``setup'' - Original Message - From: Sergey Zaharchenko [EMAIL PROTECTED] To: Spades [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Monday, October 25, 2004 9:34 PM Subject: Re: ipfw flooding in /var/log/ipfw.log On Mon, Oct 25, 2004 at 06:31:49PM +0800, Spades probably wrote: this is my ipfw.rule for now # ipfw add 900 allow log all from any to any snip It will keep spitting this 2 lines as long i'm connected, how do i make it such as it will log only one instance? You might want to change the rule to # ipfw add 900 allow log all from any to any setup ^ which only logs the (attempts to) set up a connection (the initail SYN packets). man ipfw has some interesting information on this. HTH, -- DoubleF It is illegal to say Oh, Boy in Jonesboro, Georgia. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
sendmail milter support
hihi, how do i check if my sendmail 8.12.11 has milter support compiled? how should i install it via ports to have milter up? also i could only find freebsd.mc file that was inside /etc/mail that was *.mc and not sendmail.mc. I edited freebsd.mc and added: INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m') i tried restarting sendmail process but it didn't take effect, so i need to make and make install in /etc/mail. i did that and nothing happen. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sendmail milter support
doesn't work for me. nothing happens. by default, i have a freebsd.mc - Original Message - From: Antoine Jacoutot [EMAIL PROTECTED] To: Spades [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Sunday, April 11, 2004 8:14 PM Subject: Re: sendmail milter support On Sunday 11 April 2004 14:03, Spades wrote: I edited freebsd.mc and added: INPUT_MAIL_FILTER(`clmilter',`S=local:/var/run/clamav/clmilter.sock, F=, T=S:4m;R:4m') i tried restarting sendmail process but it didn't take effect, so i need to make and make install in /etc/mail. i did that and nothing happen. The easiest thing to do is: $ cd /etc/mail $ make -- edit /etc/mail/`hostname`.mc $ make $ make install $ make restart ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SYN attacks
Heya, FREEBSD 4.9-STABLE Is there anyway to block SYN attacks and prevent it from bring down my server? Its been attacking for sometime. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
no buffer space
I think i keep getting ddos attack and after a while, my server prompts me saying no buffer space, how do i fix this? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: uptime wrong?
Hi, My box has been up for 50+ days, however uptime only shows always less than 2:00 hrs. Any idea? 5:59PM up 1:55, 1 user, load averages: 0.00, 0.00, 0.00 Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: uptime wrong?
Hi, My box has been up for 50+ days, however uptime only shows always less than 2:00 hrs. Any idea? 5:59PM up 1:55, 1 user, load averages: 0.00, 0.00, 0.00 Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
AMD XP 2000
Hi, I have a AMD XP 2000 system, can i install FreeBSD 4.7-REL? Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.x stable cvsup
Thanks, but /usr/src/UPDATING doesn't exist spank# ls /usr/src crypto kerberos5 secure spank# uname -a FreeBSD spank 5.1-RELEASE FreeBSD 5.1-RELEASE #0: Thu Jun 5 02:55:42 GMT 2003 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Hmm? - Original Message - From: Kent Stewart [EMAIL PROTECTED] To: [EMAIL PROTECTED]; Spades [EMAIL PROTECTED] Sent: Saturday, February 14, 2004 9:46 AM Subject: Re: 5.x stable cvsup On Friday 13 February 2004 03:18 pm, Spades wrote: Hi, I got a question, my dedicated server provider has installed 5.1-Release and refuses to install 4.7 for me. Can I recompile to 5.1-STABLE using the same method as 4.7 and same 4.x-stable-supfile and kernel config file. The accepted technique is in /usr/src/UPDATING just like it is in 4.x. There are a few things different but the buildworld, build[install]kernel, installworld method is used on both branches. I think 4.7 has been EOLed, i.e., no bug fixes or security fixes. I wouldn't want one on my local network. OR do i need to use a 5,x-stable method? any idea any url i can find help in compiling 5.1-REL to STABLE. There isn't a 5.x-stable. You probably won't see that until 5.3-stable. Kent -- Kent Stewart Richland, WA http://users.owt.com/kstewart/index.html ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SYN Attacks - how i cant stop it
Hi, I got this error when i tried to type for some of those. sysctl: unknown oid any idea.. my server seems to be very lagged, where else the network connection seems fine, i think BSD itself as my other redhat box is fine. What else can i do to get optimum protection. Thanks. - Original Message - From: Per Engelbrecht [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, February 07, 2004 5:58 PM Subject: Re: SYN Attacks - how i cant stop it Hi, snip all nights. Check this. Feb 6 11:54:24 TCP: port scan detected [port 6667] from 212.165.80.117 [ports 63432,63453,63466,63499,63522,...] Feb 6 11:58:09 TCP: port scan mode expired for 212.165.80.117 - snip It's hard to get rid of shit-heads like this - I'm talking about the person doing this attac, that is. You send a looong output of a log, but no info on your system or any adjustments you have made (or not made) on your system i.e. kernel (options), sysctl (tweaks) and ipfw (rules). If the problem is out-of-bandwith (and your system already has been optimized) then the only real solution is more 'pipe' a.k.a the Microsoft-solution. So fare I've only been guessing, but here is what I normally do with my setup. I'm not telling you that this is the solution! just adwises! Kernel; options SC_DISABLE_REBOOT options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPDIVERT options IPFILTER options IPFILTER_LOG options IPSTEALTH (don't touch the ttl/can't see the wall) options TCP_DROP_SYNFIN (drop tcp packet with syn+fin/scanner) options RANDOM_IP_ID (hard to do calculate ip frekv. number) options DUMMYNET (e.g. 40% for web, 30% for mail and so on) options DEVICE_POLLING(can't do this short and not with SMP) options HZ=1000 (can't do this short and not with SMP) Sysctl; kern.ipc.somaxconn=1024 #this is set high! kern.ipc.nmbclusters=65536 #this is set high! kern.polling.enable=1 #remember kernel options kern.polling.user_frac=5090 #remember kernel options net.xorp.polling=1 net.xorp.poll_burst=10 net.xorp.poll_in_trap=3 (if you use dynamic rules in ipfw [stateful] you can tweak this) net.inet.ip.fw.dyn_ack_lifetime=200 #shorte timeout on connection net.inet.ip.fw.dyn_syn_lifetime=20 net.inet.ip.fw.dyn_fin_lifetime=20 net.inet.ip.fw.dyn_rst_lifetime=5 net.inet.ip.fw.dyn_short_lifetime=10 #longer timeout for e.g. icmp net.inet.ip.fw.dyn_max=1500 #higher number of dynamic rules net.inet.ip.fw.dyn_count: #count of number of dynamic rules ipfw; There's a zillion ways to set it up. start with a few rules regarding lo0 and icmp. Then use stateful inspection and dynamic rules for the rest of the wall. ... and by the way, I could see that a few of the scan came from RIPE ranges. Do some digging and report it! Even if the boxes are use without the owners awareness, you can [we all can] bring this part to an end. respectfully /per [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
5.x stable cvsup
Hi, I got a question, my dedicated server provider has installed 5.1-Release and refuses to install 4.7 for me. Can I recompile to 5.1-STABLE using the same method as 4.7 and same 4.x-stable-supfile and kernel config file. OR do i need to use a 5,x-stable method? any idea any url i can find help in compiling 5.1-REL to STABLE. Thanks! Bryan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
permissions problems
Hi, What if one of my admin accidentally did a: chmod -R o+rx / and changed my entire system permissions. What should i do to restore it? Please assist. Thanks. -- Bryan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
usernames with uppercase
Hi, I tried to add a username ie. Bryan, but FreeBSD doesn't allow me to do so. It gives me illegal username error. Any idea how to go about adding usernames like 'Bryan-admin' etc. Please help. Thanks.. Bryan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
arp problem in /var/log/messages
hi all, i got flooded by these msgs like 1000+ lines, any idea? my kernel is dated Nov-30 FreeBSD 4.9-stable # tail -f /var/log/messages Jan 18 19:43:23 xb /kernel: arp: 202.79.180.1 moved from 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 Jan 18 19:45:06 xb /kernel: arp: 202.79.180.1 moved from 00:50:0f:4f:c0:00 to 00:04:5a:49:eb:74 on rl0 Jan 18 19:45:18 xb /kernel: arp: 202.79.180.1 moved from 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 Jan 18 19:45:41 xb /kernel: arp: 202.79.180.1 moved from 00:50:0f:4f:c0:00 to 00:04:5a:49:eb:74 on rl0 Jan 18 19:45:45 xb /kernel: arp: 202.79.180.1 moved from 00:04:5a:49:eb:74 to 00:50:0f:4f:c0:00 on rl0 thanks and regards, John ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: recompile kernel problem
Hi, I installed FreeBSD 4.9-PREREL and recompiled the kernel and got this problem during recompile of kernel. # make depend make make install.. (snip) vnode_if.h:876: warning: inlining failed in call to `VOP_UNLOCK' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:598: warning: called from here /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_inactive': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1705: warning: unused variable `vpp' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_unlock': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1803: warning: unused variable `un' *** Error code 1 Stop in /usr/src/sys/modules/union. *** Error code 1 Stop in /usr/src/sys/modules. *** Error code 1 Stop in /usr/src/sys/compile/CONF. Any solutions around this? Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Stop in /usr/src/sys/modules/union
Hi, I installed FreeBSD 4.9-PREREL and recompiled the kernel and got this problem during recompile of kernel. # make depend make make install.. (snip) vnode_if.h:876: warning: inlining failed in call to `VOP_UNLOCK' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:598: warning: called from here /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_inactive': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1705: warning: unused variable `vpp' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_unlock': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1803: warning: unused variable `un' *** Error code 1 Stop in /usr/src/sys/modules/union. *** Error code 1 Stop in /usr/src/sys/modules. *** Error code 1 Stop in /usr/src/sys/compile/CONF. Any solutions around this? Thanks. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms
Hi, Everytime i do a wget, i get this error.. how do i fix it? # wget http://bitchx.org/files/source/ircii-pana-1.0c19.tar.gz --21:29:39-- http://bitchx.org/files/source/ircii-pana-1.0c19.tar.gz = `ircii-pana-1.0c19.tar.gz' /usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms Thanks again. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: /usr/libexec/ld-elf.so.1: wget: Undefined symbolOpenSSL_add_all_algorithms
Hi, Everytime i do a wget, i get this error.. how do i fix it? # wget http://bitchx.org/files/source/ircii-pana-1.0c19.tar.gz --21:29:39-- http://bitchx.org/files/source/ircii-pana-1.0c19.tar.gz = `ircii-pana-1.0c19.tar.gz' /usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms Thanks again. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
recompile kernel problem
Hi, I installed FreeBSD 4.9-PREREL and recompiled the kernel and got this problem during makeworld. Any idea? vnode_if.h:876: warning: inlining failed in call to `VOP_UNLOCK' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:598: warning: called from here /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_inactive': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1705: warning: unused variable `vpp' /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c: In function `union_unlock': /usr/src/sys/modules/union/../../miscfs/union/union_vnops.c:1803: warning: unused variable `un' *** Error code 1 Stop in /usr/src/sys/modules/union. *** Error code 1 Stop in /usr/src/sys/modules. *** Error code 1 Stop in /usr/src/sys/compile/CONF. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
/usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms
Dear all, I keep getting this error on wgetting any file or url.. How do i fix it? $ wget www.url.com/file.mpg --00:12:35-- http://www.url.com/file.mpg = `index.html.1' /usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms FreeBSD webname.net 4.9-STABLE FreeBSD 4.9-STABLE #0: Sun Nov 23 09:10:24 SGT 2003 [EMAIL PROTECTED]:/usr/src/sys/compile/CONF i386 Thanks.. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Connection attempt to TCP messages in /var/log/messages
I did a tail -f /var/log/messages and got all these.. previously before my cvs and recompile kernel to 4.9 stable it didn't have below.. now it does.. Nov 25 03:09:56 asia /kernel: Connection attempt to TCP 202.79.180.131:80 from 65.217.41.66:1681 Nov 25 03:09:58 asia /kernel: Connection attempt to TCP 202.79.180.130:80 from 24.136.234.77:4059 question.. how to stop seeing them in /var/log/messages? Bryan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: wget error
weird, i have this error msg after i recompiled my kernel while doing wget on ANY files i try to get: $ wget http://fun.s-one.net.sg:8080/pub/movies/Matrix_Reloaded_Spoof.wmv --07:20:05-- http://fun.s-one.net.sg:8080/pub/movies/Matrix_Reloaded_Spoof.wmv = `Matrix_Reloaded_Spoof.wmv' /usr/libexec/ld-elf.so.1: wget: Undefined symbol OpenSSL_add_all_algorithms What should I do to fix this? Spades ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]