(bourne)shell variable names containing a variable?
Hello,
I try to assign a value to a variable, but the variable should consist of
another variable. Is this possible (in bourne shell)?
Example:
#!/bin/sh
list=one two three four
for item in $list; do
${item}_present=yes
done
This doesn't work since the shell tries to execute one_present=yes
instead of assigning yes to one_present
What am I missing
Thanks a lot,
-Harry
pgp5OfmfXwi46.pgp
Description: PGP signature
Re: su - does not ask for password
Am Freitag, 14. Oktober 2005 17:48 CEST schrieb Teo De Las Heras: I've added myself to the wheel group and can successfully su - into root. I'm wondering though, where I make the configuration to ask for a password when su - is called. You have to assign the superuser a password first. su will always ask for the password if the user has one and the executing user is not root (id0) -Harry Teo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpcJjWsAn7jL.pgp Description: PGP signature
Re: Which MySQL version best to use and with/without linux threads?
Am Mittwoch, 5. Oktober 2005 02:17 CEST schrieb Peter Wemm: On Friday 30 September 2005 06:22 am, Olaf Greve wrote: Then, I'm currently configuring a second beast, ee, server. :) Being an AMD-64 19 server, running FreeBSD 5.4-Release AMD64. On it, I instinctively installed the latest MySQL 4.0.x version (being 4.0.26) and it works flawlessly with the data from my current production machine. The only problem is that linuxthreads doesn't exist on FreeBSD/amd64. You have to use one of the native thread libraries. Your choices on 5.4 are not that great. I'd suggest libthr on 6.0 as the closest match to linuxthreads, but I don't recall if it is available on 5.4. I have a feeling it isn't. I have a feeling your choices are libc_r or libpthread (kse). libpthread should smoke libc_r Smoke of brakes or smoke of the engine? for disk IO performance in general. But modern libthr (on 6.0+) should give it a serious run for its money. Please! Not all readers are native enlish speaking, it sounds nice but it doesn't help clarifying anything. I guess libthr is the favourite choice but I only guess since I never heard of smoking thread libraries nor of run for money. I'm suffering from the list's english enough, please don't use phrases... :) -Harry pgpKhyC6zqo90.pgp Description: PGP signature
acpi_thorttle and cpufreq/ichss questions
Hello, my laptop (PIII LV) runs fine with cpufreq and ichss: dev.ichss.0.%desc: SpeedStep ICH dev.ichss.0.%driver: ichss dev.ichss.0.%parent: cpu0 dev.ichss.0.freq_settings: 794/-1 497/-1 If I understand the output correctly i have two SpeedSteps, the full 800MHz (with higher voltage) and 500MHz. But now I also have acpi_throttle (if I don't disable it in /boot/loader.conf): dev.acpi_throttle.0.%desc: ACPI CPU Throttling dev.acpi_throttle.0.%driver: acpi_throttle dev.acpi_throttle.0.%parent: cpu0 dev.acpi_throttle.0.freq_settings: 1/-1 8750/-1 7500/-1 6250/-1 5000/-1 3750/-1 2500/-1 1250/-1 What do these values tell me? I think that are divisors, but how can I see which one is used? I remember that some time back I saw at boot time some information about throttle has xx steps, currently using 100% or something like that. Can I constrain the divisors, lets say I want to have only 1, 7500 and 5000? (I know I can limit the lowest frequency cpufreq may use with debug.cpufreq.lowest=310 but then I don't know if it throttles the 800MHz mode (thus using high core voltage) or if it throttles the power saving 500MHz mode) And what does this tell me: hw.acpi.cpu.cx_supported: C1/0 C2/10 C3/85 hw.acpi.cpu.cx_lowest: C1 hw.acpi.cpu.cx_usage: 100.00% 0.00% 0.00% Thanks in advance, -Harry pgp70UjmbSJ0X.pgp Description: PGP signature
Re: Trying to colour syslog-ng logs to ttyv7 but won't work after a reboot
Am Freitag, 16. September 2005 11:05 CEST schrieb Ashley Moran: Norberto Meijome wrote: or figure out in which order things are started and make sure the ttyvs are launched before syslogng Can you recommend a good description of the FreeBSD boot process? The man (8) boot (excellent lowlevel) and man (8) rc, which is probably what you're looking for. -Harry handbook is a bit sketchy and only goes into the initial stages. I've tried flirting through the /etc files but it's hard to piece everything together. I will try putting an echo can you see this /dev/ttyv7 in the syslog-ng script. But I'll do it later. I think I've spent enough time on this one little quirk! Ashley ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgprtHmluW2vO.pgp Description: PGP signature
Re: A sendmail config question
Am Samstag, 17. September 2005 03:49 CEST schrieb stan: I'm setting up a 4.11 STABLE machine. 4.11 comes with sendmail 8.13.4, and I prefer to use this, rather than build the one from ports (BTW if anyone has a strong reason that I should do this different, I'd entertain a discussion on this). In any case the scenario I'm trying to set up is that I wat to recive mail for say [EMAIL PROTECTED], [EMAIL PROTECTED] ... a.y.com, c.y.com . Note that I _don't want to accept mail for [EMAIL PROTECTED] I don't understand that sentence... You mention [EMAIL PROTECTED] in negative _and_ positive... Don't try to gain security by obscurity! Now how I'm trying to do this is using /etc/mail/virtusertable I've got etnries like this: [EMAIL PROTECTED] stan [EMAIL PROTECTED] stan In /etc/mail/local-host-names I have entries like: a.net b.com c.com Notice that there is not entry in virtusertable for [EMAIL PROTECTED], yet mail addressed to that address is acepted and deliverd (as are the ones I _want_ to work) to the local user stan. Ugh, I don't understand that either, but maybe [EMAIL PROTECTED] is your canonical domain? Why don't you just post your config, replacing @ with (at) or anything else? We are not used to your environment and so we don't have the possibility to check for wider errors... Good luck, -Harry Can anyone enlighten me as to wgat I'm doing wrong here? Oh, of course the are DNS records for a.net, b.com, and c.com that point to the IP addresses for this machine. pgpGqnbf13A1o.pgp Description: PGP signature
Re: ftpd in a jail
Am Dienstag, 13. September 2005 12:03 CEST schrieb Dan Toganel: I have a ftpd server running in a jail and i want to redirect the ftp traffic from my real host to jail. I have already configured my traffic from 22 and 25 to jail with natd and ipfw, but isn't working for ftp. You know about the data/control-channel split of ftp? Especially in active mode? You can't just redirect one port to get ftp working. Instead you have to use a transparent proxy which parses PASV commands, see pf or ipf, maybe IPFW has something similar. -Harry And i set all security.jail.* to 1 , (except security.jail.jailed) How can it be done? __ Yahoo! for Good Donate to the Hurricane Katrina relief effort. http://store.yahoo.com/redcross-donate3/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpGJ4j8QAgYn.pgp Description: PGP signature
Re: make .if exists problem/question
Am Montag, 5. September 2005 18:03 CEST schrieb Harti Brandt: On Thu, 25 Aug 2005, Emanuel Strobl wrote: [...] You should think of .if and .for as preprocessor directives. They are processed when make reads the makefile and builds the dependency graph. If you need something more dynamic you must use either a shell line: foo: if [ -f baz ] ; then ... or go with sub-makes. Generally you don't want to use .if to check for a file that your makefile creates. In this case you just should use make itself. Given that the tree you need to have is named 'tree' do something like: installcfworld: tree ... installcfconfig: tree ... tree: mkdir tree ... Thanks, I understood it, and the project grew fine. Will be available this week :) -Harry harti ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to [EMAIL PROTECTED] pgp0AMa2ZNpul.pgp Description: PGP signature
Re: USB-RS232 adapter in FreeBSD 5?
Am Sonntag, 4. September 2005 01:42 CEST schrieb Bill Moran: I've got a USB - RS232 adapter I'm trying to get working on 5.3-RELEASE. I've seen a lot of comments about these kind of things that seem to indicate that they can be used (I occasionally have needs to use this lappy as a serial console, and I'd like to use it to demonstrate a serial barcode scanner that we have - normally, tip would work great for this, but the laptop doesn't have a native RS-232 port). Anyway, I get the impression that I'm missing some early, basic steps to get this working. dmesg shows: ugen0: Prolific Technology Inc. USB-Serial Controller, rev 1.10/3.00, addr 2 ugen is not ucom! ugen is used if nothing apropriate was found, your kernel needs ucom and uplcom, you can also load uplcom as module!. -Harr But neither tip nor cu seems to talk to ugen0 very well. Other posts I've seen seem to indicate that I need to be talking to a ucom0 device, but I see nothing like that in /dev. Is there something missing from my kernel? I haven't been able to find any reference to ucom in the GENERIC or NOTES files. Any advice/pointers is welcome. TIA. pgppeA6TrIK4Q.pgp Description: PGP signature
Re: Terminals
Am Sonntag, 4. September 2005 22:44 CEST schrieb Grant Peel: Hi all, I have serveral servers in a cage in Toronto, but I live 120 miles away. Every once in a while, I will crash a box, or lock myself out of one of them (mostly just the dev box now!). Anyways, is it possible to daisychain the machines together using COM1 and COM2 so that no matter what, one can always get to a console? Or am I just wishing here... Of course you can. Just edit /boot/device.hints on one machine so that it uses sio1 (com2) as console: --- /boot/device.hints Thu Aug 18 05:55:08 2005 +++ /tmp/device.hints Mon Sep 5 01:55:36 2005 @@ -36,10 +36,10 @@ hint.sio.0.port=0x3F8 -hint.sio.0.flags=0x10 hint.sio.0.irq=4 hint.sio.1.at=isa hint.sio.1.port=0x2F8 +hint.sio.1.flags=0x10 hint.sio.1.irq=3 The tell the btx (on both machines) to use the serial device (with flag 0x10) for console: echo -h /boot.config loader will recognice the serial console and use that, if not also set in loader.conf: console=comconsole Now you can go into single user mode on one machine and cu/tip from the other one. (regarding speed see BOOT_COMCONSOLE_SPEED= in make.conf, in -current btx can be runtime configured) Also edit /etc/ttys to open a login on the system console in multiuser mode, for example: --- /builder/usr/src/etc/etc.i386/ttys Fri Oct 24 17:44:08 2003 +++ /builder/usr/src/tools/FlashBSD/examples/net4501conf/etc/ttys Thu Apr 21 03:35:09 2005 @@ -30,21 +30,21 @@ # # If console is marked insecure, then init will ask for the root password # when going to single-user mode. -consolenoneunknown off secure +consolenoneunknown off insecure # -ttyv0 /usr/libexec/getty Pc cons25 on secure +ttyv0 /usr/libexec/getty Pc cons25 off secure # Virtual terminals -ttyv1 /usr/libexec/getty Pc cons25 on secure -ttyv2 /usr/libexec/getty Pc cons25 on secure -ttyv3 /usr/libexec/getty Pc cons25 on secure -ttyv4 /usr/libexec/getty Pc cons25 on secure -ttyv5 /usr/libexec/getty Pc cons25 on secure -ttyv6 /usr/libexec/getty Pc cons25 on secure -ttyv7 /usr/libexec/getty Pc cons25 on secure +ttyv1 /usr/libexec/getty Pc cons25 off secure +ttyv2 /usr/libexec/getty Pc cons25 off secure +ttyv3 /usr/libexec/getty Pc cons25 off secure +ttyv4 /usr/libexec/getty Pc cons25 off secure +ttyv5 /usr/libexec/getty Pc cons25 off secure +ttyv6 /usr/libexec/getty Pc cons25 off secure +ttyv7 /usr/libexec/getty Pc cons25 off secure ttyv8 /usr/X11R6/bin/xdm -nodaemon xterm off secure # Serial terminals # The 'dialup' keyword identifies dialin lines to login, fingerd etc. -ttyd0 /usr/libexec/getty std.9600 dialup off secure +ttyd0 /usr/libexec/getty std.115200 unknown on secure ttyd1 /usr/libexec/getty std.9600 dialup off secure ttyd2 /usr/libexec/getty std.9600 dialup off secure ttyd3 /usr/libexec/getty std.9600 dialup off secure Have fun, -Harry pgpIhe0Q30Pz8.pgp Description: PGP signature
Re: GbE NICs besides em (recommendation wanted)
Am Mittwoch, 31. August 2005 10:51 CEST schrieb Dmitry Mityugov: On 8/31/05, Emanuel Strobl [EMAIL PROTECTED] wrote: Hello, I'm quiet disappointed with the em nics and wanted to try some other GigaBit NICs (1000baseTX only). AFAIK there are re, sk, bge driven cards. Which doesn't saturate a [EMAIL PROTECTED] at 200mbit/s with interrupt load (like em does)? I heard that the re is way better than the not so well rl and although much cheaper than em more efficient. What about bge? Or sk? Any comments welcome, also if I missed a supported family (TX only) I have a gigabit card managed by re and sk drivers at home IIRC ([EMAIL PROTECTED], [EMAIL PROTECTED]). I can run some tests for you this weekend if you wish. Thank you for the offer, but I thought people had some simple test results in mind. If you next time use rdump or large NFS transfers to another GbE connected (and fast enough) box just watch the system load (I use systat -vm 1) and see what card causes what interrupt load. em cards can't transfer (real files over FTP/NFS) more than 200mbit/s on a [EMAIL PROTECTED], at this level the system load is 100% of which ~80% is interrupt systemload :( Thanks, -Harry pgpGnrJvsz3fA.pgp Description: PGP signature
wi mini-pci replacement, ath or ral?
Hello, I have a old notebook (vaio SRX41P) which I want to make 802.11g speaking. The original Lucent card is mini-pci standard so I guess I can use any other mini-pci model. What should I prefer, cards with Atheros chipset or cards with the (cheaper) Ralink? Has anybody compared them regarding distance quality and driver support? Thanks, -Harry pgpGJ7RM95vHJ.pgp Description: PGP signature
GbE NICs besides em (recommendation wanted)
Hello, I'm quiet disappointed with the em nics and wanted to try some other GigaBit NICs (1000baseTX only). AFAIK there are re, sk, bge driven cards. Which doesn't saturate a [EMAIL PROTECTED] at 200mbit/s with interrupt load (like em does)? I heard that the re is way better than the not so well rl and although much cheaper than em more efficient. What about bge? Or sk? Any comments welcome, also if I missed a supported family (TX only) Thanks, -Harry pgpf9054Hk1UN.pgp Description: PGP signature
Re: moving everything except a directory
Am Samstag, 1. Oktober 2005 00:40 CEST schrieb Brian John: Say I am at ~ and I have 10 directories inside named 1, 2, 3, 4 ,5, 6, 7, 8, 9 and 10. What command can I use to move everything but directory 2? What if I wanted to move everything but directories 2 and 7? See regular expressions, for example 'mv ^[2,7] /another/dir' would do the job. You should correct your date! ntpdate is helpful! -Harry I'm not sure how to use the mv command to do this in 1 comand. Thanks /Brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp3AzoZBIMop.pgp Description: PGP signature
Re: Directory permissions issue taring directories onto a Compact Flashcard
Am Sonntag, 28. August 2005 15:11 CEST schrieb Paul Hamilton: Well, I never really resolved this. I later tried taring at a sh Hello Paul, while I'm writing a tar PR I tried to reproduce your problem. Unsuccessfully. It works just fine. I guess your tar isn't finishing without errors, since permission setting is done after extraction, I can see your problem if I interrupt this command. It the leaves the tree with wrong permissions you described. Maybe your destination is full? You have to see where the error occurs, in general it works just fine. -Harry prompt. Same deal. I had tried manually chmoding the /mnt dir. To 777, but that didn't help either. In the end I gave up, and did a fresh install straight onto the CF drive from the CD. I did try a 6.0 beta3 install, but it kept crashing early in the install process, so 5.4 it is (for the time being). Cheers, Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Hamilton Sent: Saturday, 27 August 2005 10:28 PM To: freebsd-questions@freebsd.org Subject: Directory permissions issue taring directories onto a Compact Flashcard Hi, I have done a minimal FreeBSD 5.4 install onto single partition ad0s1a I then mounted my 512MB Compact Flash ide drive on ad2s1. When I run this command su'ed as root: tar --one-file-system cf - -C / . | tar xpvf - -C /mnt I find that all the directories end up with permissions of: drwx-- Even running: dump 0af - / | restore xf - gives the same result. If I manually create a directory on the CF /mnt I get the correct permissions! Files copied over via tar and dump are ok. I have used tar to copy HD contents to larger HD,s before with out a problem. Umask is set to 22, and this is being done in a tcsh shell. Any clue on whats going on? Cheers, Paul Hamilton. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpyqkUg5XHYG.pgp Description: PGP signature
Re: cpio and tar are loosing flags (and a panic message without trace)
Am Montag, 29. August 2005 12:37 CEST schrieb Yar Tikhiy: On Fri, Aug 26, 2005 at 08:04:45PM +0200, Emanuel Strobl wrote: Then I remember Tim Kienzles great work for bsdtar and all the ACL stuff, but unfortunately a cvPPzf xvpPfz also looses the arch flag :( Would you mind sending a PR on this issue with [EMAIL PROTECTED] in Cc:? I believe Tim will be interested in it. I've just confirmed myself using not-too-old CURRENT that bsdtar won't restore file flags stored in its own archive: vpc7# tar --version bsdtar 1.02.023, libarchive 1.02.026 Copyright (C) 2003-2005 Tim Kientzle vpc7# sysctl kern.securelevel kern.securelevel: -1 vpc7# mkdir dir vpc7# touch dir/file vpc7# chflags arch,sunlink dir/file vpc7# ls -lo dir/file -rw-r--r-- 1 root staff arch,sunlnk 0 Aug 29 14:35 dir/file vpc7# tar cf dir.tar dir vpc7# hd dir.tar | grep -1 fflags 0420 35 33 32 36 31 34 39 0a 32 39 20 53 43 48 49 4c |5326149.29 SCHIL| 0430 59 2e 66 66 6c 61 67 73 3d 61 72 63 68 2c 73 75 |Y.fflags=arch,su| 0440 6e 6c 6e 6b 0a 31 37 20 53 43 48 49 4c 59 2e 64 |nlnk.17 SCHILY.d| vpc7# mv dir dir.bak vpc7# tar xpf dir.tar vpc7# ls -lo dir/file -rw-r--r-- 1 root staff - 0 Aug 29 14:35 dir/file This is at variance with what the tar(1) manpage says: -p (x mode only) Preserve file permissions. Attempt to restore the full permissions, including owner, file modes, file flags and ACLs, if available, for each item extracted from the archive... I think it might be reasonable to include these details in the PR. I filed a PR: http://www.freebsd.org/cgi/query-pr.cgi?pr=84135 Unfortunately I forgot to include your analysis here, so I CC this message to Tim Kientzle. -Harry pgpNhCZvOWQpe.pgp Description: PGP signature
Re: cpio and tar are loosing flags (and a panic message without trace)
Am Samstag, 27. August 2005 06:58 CEST schrieb Matthew Dillon: :Thank you, I know cpdup but I haven't known that it's flags aware! :Unfortunately I need to write to a raw device, I guess there's no way : for=20 cpdup without a filesystem... : :I guess cpio and tar really should take care about flags. Am I wrong? : :Thanks, : :=2DHarry cpio won't do it, tar won't do it, dump only does whole partitions, cpdup is not an archiver. Hmm. I can think of two possibilities. First, use a MFS or VN block device, create a filesystem, and use cpdup, then gzip the file representing the backing store. Since the extra space in the filesystem will contain zeros (you should make sure it does, that is), it should compress pretty well. Second, use cpio and then do a separate 'find' or 'ls' or something to get the chflags info and write a script that restores the flags after unpacking. They are both pretty narley solutions. Hmm.. wait a sec... I just thought up of another possibility... take the tar or cpio source code and modify it to also save and restore the chflags data. It won't be a 'standard' utility any more, but it WILL work for your needs. Call it by another name so there's no confusion. That might be your best bet, actually. Right, and you can be sure, I had that done already if I spoke c. But if I understand you correctly, it is intended that cpio doesn't hanlde file flags? And (bsb)tar too? Then what are flags good for if no application makes use of them? For now I think I have to be happy with my script solution, at least it works. Thanks, -harry -Matt pgpLzJ0A5b4RL.pgp Description: PGP signature
shell usage (syntax) question
Hello, how can I delimit a program parameter from a shell instruction? Example: I want to tell the shell that stderr should be redirected to file /tmp/test, not cpio to use /file/test: # /usr/bin/cpio -idmuv /dev/ad0h 2 /tmp/test This doesn't work, I guess cpio grabs the . How can I write it that the shell sees the ? (sh, but also interesting for csh) Thanks in advance! -Harry pgpbKKQaiZLwN.pgp Description: PGP signature
cpio and tar are loosing flags (and a panic message without trace)
Hello,
hmm, once again me. And again with a probably not so common problem.
I need to replicate files, exactly like they are!
I thought cpio was the deal, but no way, I tried several -H formats but
that hasn't changed anything. As soon as a file gets restored the flag
arch is reset, same with nodump.
Then I remember Tim Kienzles great work for bsdtar and all the ACL stuff,
but unfortunately a cvPPzf xvpPfz also looses the arch flag :(
My temporary solution is the following, but I don't liek it:
for n in `/usr/bin/cpio -idmuv --quiet ${varmfs_bufferdev} 21`
do /bin/chflags arch $n
done
Dump is no alternative since I have to archive just selected files, cpio's
behaviour is the one I like most for my needs.
Any suggestions?
Thanks,
-Harry
P.S.: Here's a little panic I had today on my embedded system (RELENG_6
from today!), no debug kernel, too less memory, but if anybody's
interested, here's the message:
fatal trap 12: page fault while in kernel mode
fault virtual address = 0x0
fault code = supervisor write, page not present
instruction pointer = 0x20:0xc04d7170
stack pointer = 0x28:0xc5ddb7e4
frame pointer = 0x28:0xc5ddb7f0
code segment= base 0x0, limit 0xf, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags= interrupt enabled, resume, IOPL = 0
current process = 526 (gunzip)
trap number = 12
pgpIF6NPEGI5q.pgp
Description: PGP signature
Re: cpio and tar are loosing flags (and a panic message without trace)
Am Samstag, 27. August 2005 05:16 CEST schrieb Matthew Dillon: :Hello, : :hmm, once again me. And again with a probably not so common problem. :I need to replicate files, exactly like they are! :I thought cpio was the deal, but no way, I tried several -H formats : but=20 that hasn't changed anything. As soon as a file gets restored : the flag=20 ... Try cpdup (from ports). It should replicate everything except extattr's (only because I don't think anyone's added that feature to cpdup since it was put into FreeBSD). It will replicate the chflags. Thank you, I know cpdup but I haven't known that it's flags aware! Unfortunately I need to write to a raw device, I guess there's no way for cpdup without a filesystem... I guess cpio and tar really should take care about flags. Am I wrong? Thanks, -Harry -Matt pgpE58qZUspND.pgp Description: PGP signature
make .if exists problem/question
Dear make gurus (bsd make, not gmake), it seems that make checks .if directives only at statrup. How can I trigger a reread? I have the problem that in one target I create a filetree, another target checks if it exists, if not it creates itself again. Now it works perfectly when I call the two targets both externally (installcfworld installcfconfig) but when the internal higher install gets to the installcfconfig target it fails! I'm really desperate, I need to check this. Is this a nasty bug? Thanks, -Harry pgpI56F8brpXo.pgp Description: PGP signature
Re: make .if exists problem/question
Am Donnerstag, 25. August 2005 20:10 CEST schrieb David Kirchner: On 8/25/05, Emanuel Strobl [EMAIL PROTECTED] wrote: Dear make gurus (bsd make, not gmake), it seems that make checks .if directives only at statrup. How can I trigger a reread? I have the problem that in one target I create a filetree, another target checks if it exists, if not it creates itself again. Now it works perfectly when I call the two targets both externally (installcfworld installcfconfig) but when the internal higher install gets to the installcfconfig target it fails! I'm really desperate, I need to check this. Is this a nasty bug? This Makefile shows the problem: all: .if ! exists(./foobar) @echo foobar does not exist .endif touch foobar .if ! exists(./foobar) @echo foobar does not exist .endif If you run make in this directory, and foobar does not already exist beforehand: $ make foobar does not exist touch foobar foobar does not exist Looking at the make source, it appears that it maintains a cache for file lookups, and I don't see a way to have it flush the hash via some makefile command. I dunno if it is a bug but the man page does not mention a cache. I wonder if you'll have to start a separate make process for each stage of that target's handling. Thanks for your suggestion, you described exactly what I mean. So if there's no way to flush the cache, it's IMHO a wrong behaviour and should be considered as bug. I'm not too experienced in make, so I don't know if I want to call sub makes... Do you have an idea whom to contact regarding the bug? Thanks, -Harry pgpLMGpHWk1lW.pgp Description: PGP signature
Re: FreeBSD clients for M$ Exchange
Am Montag, 22. August 2005 14:13 CEST schrieb Matthias Apitz: Hello together, In the future we will use an Exchange 2003 server because it provides groupware functionality for the clients (in most My condolences. I had years of awful experiences with Exchange 5 and 5.5, but the absolutely worst thing I've ever seen is 2003. Fortunately I haven't had to do much with it, but there are lots of features wich aren't documented for regular adminitrators. Such simple things like redirecting undeliverable mail to a dedicated postbox instead of bouncing. Or using a smart host. The hidden GUI switch is officially the wrong way to do, but I couldn't find the right way. Just to mention some examples There are so many great IMAP implementations out there, if you need groupware functionality consider using IMAP based implementations (like evolution or kmail can use, olso Outlook would be able to use lots of funktions with simple IMAP servers, at least with cyrus ACL support) or have a look at more groupware oriented systems like kolab. Just a advice. But most important, keep your staff away from outlook, the biggest worm sling which can do some things but not send correct E-Mails at all! And since That hasn't changed the last 7 years/5 versions why should one think it will ever improove? Regards, -Harry of the cases our co-workers are already using OutLook). I'll stay with FreeBSD or Linux and can read easy the mail folders with IMAP, using 'mutt' as MUA. Is there some client for FreeBSD providing groupware functionality, calendars, etc.? Thx in advance and pls do not comment on Exchange itself :-) Matthias pgp0c8j1XFOVD.pgp Description: PGP signature
Re: dd is so slow on my SCSI disc
Am Montag, 22. August 2005 22:13 CEST schrieb Sebastian Pahlke: Hi all, I'm trying to clean a disc before selling them: dd if=/dev/zero of=/dev/da0 Do I make something wrong because the transfer rate is only 60932 bytes/sec??? These are 60 kbytes/sec, slower than my internet connection!!! :( I tried to increase the block size, with bs=32768 I get 3416071 bytes/sec. But this is still very poor. The system is a PIII 800MHz and a SCSI-3 disc in single user mode booted from FreeBSD release 5.4 live-cd. Any ideas how to analyze this? Thanks in advance! Hmm, what dows systat (-vm 1) tell you? What's the disk load, maybe you're suffering from interrupt storms? I can't you help much with specific SCSI parts, but maybe you want to try 6.0-BETA3, if I remember correctly there were some adaptec problems fixed... -Harry greetings, Sebastian Pahlke ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpomUGrzprjr.pgp Description: PGP signature
Re: Freebsd 6.0 Release Time
Am Montag, 22. August 2005 23:09 CEST schrieb Jerry McAllister: Hi !! Sorry if this question was made previously. I'm installing like ten freebsd terminals in two weeks. But i don't know when freebsd 6.0 will become stable. I've seen the schedule, it says agoust 18, but it's not ready yet. Does anybody know if there was a reschedule ? I notice today that several parts of the schedule have been remarked as August and the announce date has been changed to TBA.So, yup What's TBA? But I'd like to advise Pablo to go with 6.0-RC, or even with BETA3 if neccessarry, tracking a stable or RELEASE branch in FreeBSD is very easy and worth the building mechanisms, especially if you have 10 similar machines to maintain. You have a very convenient way to keep security risks minimalised and in almost any environment you'll benefit from the RELENG_6 performance and hardware enhancements. Best regards, -Harry it is rescheduled, but the expected date isn't established yet. jerry Thanks !! ___ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpIzk1fGE7UR.pgp Description: PGP signature
Re: NFS question...
Am Dienstag, 23. August 2005 02:51 CEST schrieb Eric Murphy: Hey guys... Ive setup a NFS correctly (I think) on my BSD 5.4 box Added nfs_enable_enable=yes rpcbind_enable=yes portmap_enable=yes in my rc.conf and its seems to be working... My question is this.. I can mount the shares without anyproblems as root... I CAN NOT mount them as a user... Now I added my UID (1001) to my SERVER's exports file with -maproot=1001 Am i understaning this correctly that by adding that line in the config it gives me read/write access to the files on the SERVER? that does NOT allow me to mount the File system..? My user is able to read/wirite to the files with no problems.. sorry if thats alittle confuseing... Hmm, at first it is... You cannot mount filesystems (even not NFSs) as regular user. Well, you can, but you have to be the owner of the mountpoint directory and have set (as superuser or during startup (/etc/sysctl.conf)) the sysctl vfs.usermount to 1. The '-maproot=SOMEID' is for the NFS server which tells him to what userid incoming ID=0 requests will be mapped. Usually you don't want to let everybody who identifies him as ID=0 erase your root file system! So User ID=0 is invalid in NFS until you map it to any other (or the same) ID! Hope this helps, -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpWpfmfx5Bmo.pgp Description: PGP signature
Re: dd is so slow on my SCSI disc
Am Dienstag, 23. August 2005 04:29 CEST schrieb Mike Jeays: On Mon, 2005-08-22 at 20:57, Danny MacMillan wrote: Sebastian Pahlke wrote: Hi all, I'm trying to clean a disc before selling them: dd if=/dev/zero of=/dev/da0 You may want to consider using /dev/random instead of, or in combination with, /dev/zero. Zeroing out a disk isn't a significant barrier to forensic analysis. [...] Using /dev/random is much, much slower than /dev/zero. He quoted correctly and his statment wasn't about speed, but about the purpose of the original action; To clean discs before selling I'm not sure if single-writing nulls or randoms makes any difference; I think it doesn't, but his post wasn't incorrect! -Harry pgpxw63pTj3Eu.pgp Description: PGP signature
Re: Slow Install CD
Am Dienstag, 23. August 2005 05:09 CEST schrieb Karol Krizka: Hi, I managed to come accross this old Compaq Proliant server and wanted to try it out for a personal webserver. Since I wanted to try out BSD, I decided to go with it as the operating system. My choice distro (or what do you call it?) was FreeBSD because I use Gentoo Linux and it's package system is a rip-off of FreeBSD's ports. I figured that would be the easiest transition. Now, I am not totally sure which model the server is, but I know that it has a 200Mhz cpu and 128 MB of RAM. Suprisingly after I booted it up (after several tries) I saw the WinXP bootlogo and soon was at the login screen. If it can run that, it can run almost anything! So I put the bootonly bsd cd that I downloaded a couple of days ago and got it to boot. That went well, exept there is a bit of a problem. The input is veeery slow. I press a down arrow and have to wait a minute for it to happen. There was no lag in the installed XP, so what might have brough about it in BSD? Hmm, I can't see any reason for that symptom, have never heard before and can't verify that, but I'd suggested to disable ACPI and see if that helps. Often you get old hardware with broken ACPI BIOS implementations, and I guess you won't find a standard compliant update for a 200Mhz anything (guessing i386) CPU! So try to set 'hint.acpi.0.disabled=1' in /boot/loader.conf If that helps, please provide feedback, then probably your BIOS has to be blacklisted, so nobody else has to run into the same problem. -Harry pgpEQJcqbCjpm.pgp Description: PGP signature
Simple IPv6 question [Was: Re: IPv6 site local EUI-64 adresses and jails]
Am Freitag, 12. August 2005 21:24 CEST schrieb Emanuel Strobl: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: Here are two more: How do I use the eui64 option of ifconfig? 'ifconfig fxp0 inet6 fe80:0:0:0:eui64 ' doesn't work! What's the meaning of the %fxp0 tail of the ifconfig output for the inet6 address? Dear inet6 guys, I don't know the kind of addresses FreeBSD uses for autoconfigured link-local addresses. For example: fe80::20e:cff:fe34:2bf8%em0 What the hack is %em0 ??? Interestingly I can use this address, but ping6 fe80::20e:cff:fe34:2bf8 doesn't work The Handbook doesn't clarify this mysterious address. Is it FreeBSD specific? Thanks in andvance, I posted this also to current@ since I got no answer from questions@ -Harry Thanks, -Harry So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgptY0pgdPFKS.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Samstag, 13. August 2005 10:53 CEST schrieb David Malone:
On Fri, Aug 12, 2005 at 08:53:20PM +0200, Emanuel Strobl wrote:
Now in the 24-16-24 scheme of th interface id part of the IPv6
address, the 16 bits were inserted with the value FFFE. And bit 57 was
changed to one! Why What if it is alread one? Or isn't tehre any
vendor who can have bit 41 of his MAC 1?
Some of the bits of a MAC address are reserved. There is a bit that
indicates if the address is the address of a group of machines (for
multicast) or the address of a single machine. The bit that is
flipped when generating IPv6 addresses is the local/global bit,
that indicates if the address has been assigned locally or by some
global authority. For normal ethernet cards, this bit would always
be 0.
Now I want to use a dedicated interface, which is in a different
subnet, for 5 jails. How do I do that if I want to keep the MAC
relation and if I'm not allewd to change the FFFE insert? It isn't
possible then, is it? What should I do instead? Invent my own 64-bit
scheme?
I'd suggest that you use manually assigned addresses in cases like this.
You know what sort of addresses will be generated by autoconfiguration,
so it should be easy for you to choose addresses that won't clash.
Unfortunately jails do not actually support restricting the use of IPv6
addresses right now.
Thanks a lot for your explanation! I have patches from Olivier Houchard for
testing which extends jails for IPv6 :)
He wrote it some time ago for RELENG_5 but wasn't sure if it is secure
enough to committ it.
I think more teseters are welcome, I have to solve some other IPv6
proplems first (like auto host config and DNS?), so I attach the patches
here, I can't imagine why Olivier wouldn't want that.
Best regards,
-Harry
David.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
Index: sys/kern/kern_jail.c
===
RCS file: /cognet/ncvs/src/sys/kern/kern_jail.c,v
retrieving revision 1.50
diff -u -p -r1.50 kern_jail.c
--- sys/kern/kern_jail.c 23 Jun 2005 22:13:28 - 1.50
+++ sys/kern/kern_jail.c 12 Aug 2005 22:57:21 -
@@ -12,6 +12,7 @@ __FBSDID($FreeBSD: src/sys/kern/kern_ja
#include opt_mac.h
+#include opt_inet6.h
#include sys/param.h
#include sys/types.h
#include sys/kernel.h
@@ -49,7 +50,7 @@ SYSCTL_INT(_security_jail, OID_AUTO, set
int jail_socket_unixiproute_only = 1;
SYSCTL_INT(_security_jail, OID_AUTO, socket_unixiproute_only, CTLFLAG_RW,
jail_socket_unixiproute_only, 0,
-Processes in jail are limited to creating UNIX/IPv4/route sockets only);
+Processes in jail are limited to creating UNIX/IP/route sockets only);
int jail_sysvipc_allowed = 0;
SYSCTL_INT(_security_jail, OID_AUTO, sysvipc_allowed, CTLFLAG_RW,
@@ -134,6 +135,9 @@ jail(struct thread *td, struct jail_args
error = copyinstr(j.hostname, pr-pr_host, sizeof(pr-pr_host), 0);
if (error)
goto e_dropvnref;
+#ifdef INET6
+ memcpy(pr-pr_ip6, j.ip6_number, sizeof(pr-pr_ip6));
+#endif
pr-pr_ip = j.ip_number;
pr-pr_linux = NULL;
pr-pr_securelevel = securelevel;
@@ -375,18 +379,82 @@ prison_remote_ip(struct ucred *cred, int
return;
}
+#ifdef INET6
+void
+prison_getip6(struct ucred *ucred, u_int8_t **ip6)
+{
+
+ memcpy(ip6, ucred-cr_prison-pr_ip6,
+ sizeof(ucred-cr_prison-pr_ip6));
+}
+
+int
+prison_ip6(struct ucred *ucred, u_int8_t **ip6)
+{
+ struct in6_addr tmp;
+
+ if (!jailed(ucred))
+ return (0);
+ memcpy(tmp, ip6, sizeof(tmp));
+ if (IN6_IS_ADDR_LOOPBACK(tmp) ||
+ IN6_IS_ADDR_UNSPECIFIED(tmp)) {
+ memcpy(ip6, ucred-cr_prison-pr_ip6, sizeof(tmp));
+ return (0);
+ }
+ if (IN6_ARE_ADDR_EQUAL((struct in6_addr *)ip6,
+ (struct in6_addr *)ucred-cr_prison-pr_ip6))
+ return (1);
+ return (0);
+}
+
+void
+prison_remote_ip6(struct ucred *cred, u_int8_t **ip)
+{
+ struct in6_addr tmp;
+
+ if (!jailed(cred))
+ return;
+ memcpy(tmp, ip, sizeof(tmp));
+ if (IN6_IS_ADDR_LOOPBACK(tmp)) {
+ memcpy(ip, cred-cr_prison-pr_ip6, sizeof(tmp));
+ return;
+ }
+ return;
+}
+
+#endif
+
int
prison_if(struct ucred *cred, struct sockaddr *sa)
{
struct sockaddr_in *sai;
+#ifdef INET6
+ struct sockaddr_in6 *sa6;
+#endif
int ok;
sai = (struct sockaddr_in *)sa;
- if ((sai-sin_family != AF_INET) jail_socket_unixiproute_only)
- ok = 1;
- else if (sai-sin_family != AF_INET)
- ok = 0;
- else if (cred-cr_prison-pr_ip != ntohl(sai-sin_addr.s_addr))
+#ifdef INET6
+ sa6 = (struct sockaddr_in6 *)sa;
+#endif
+ if (sai-sin_family == AF_INET) {
+ if (cred-cr_prison-pr_ip != ntohl(sai-sin_addr.s_addr))
+ ok = 1;
+ else
+ ok = 0;
+ } else
+#ifdef INET6
+ if (sai-sin_family == AF_INET6) {
+ if (!IN6_ARE_ADDR_EQUAL((struct in6_addr *)
+ cred-cr_prison-pr_ip6,
+ (struct in6_addr *)sa6-sin6_addr))
+ ok = 1
IPv6 site local EUI-64 adresses and jails
Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpk2do0FKcxZ.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Thanks, -Harry Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpirO64RezBs.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: Here are two more: How do I use the eui64 option of ifconfig? 'ifconfig fxp0 inet6 fe80:0:0:0:eui64 ' doesn't work! What's the meaning of the %fxp0 tail of the ifconfig output for the inet6 address? Thanks, -Harry So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Now in the 24-16-24 scheme of th interface id part of the IPv6 address, the 16 bits were inserted with the value FFFE. And bit 57 was changed to one! Why What if it is alread one? Or isn't tehre any vendor who can have bit 41 of his MAC 1? Now I want to use a dedicated interface, which is in a different subnet, for 5 jails. How do I do that if I want to keep the MAC relation and if I'm not allewd to change the FFFE insert? It isn't possible then, is it? What should I do instead? Invent my own 64-bit scheme? I hope you understand my questions, thanks a lot in advance, -Harr pgpXYJzFJPq2f.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: On 2005-08-12T21:03:35+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Don't disable link-local address auto-generation. You can assign your own addresses, based on the /48 you have been given by your provider or tunnel broker. Something like this ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Ahh, ok, this answers the question how to use eui64 with ifconfig :) And dead beef cafe is kewl ;) (first I'll use FEC0::eui64) Thanks, -Harry P.S.: Do you know what's the clue with the (mac)bit 41 change for eui64? That is only if you want to use auto-configured host addresses based on the (IHMO) wasteful EUI64 junk... topic for another thread (and list, probably!). There are lots of differing opinions about the usefulness of EUI64-based auto-config. pgpceNS99BKvU.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: On 2005-08-12T21:03:35+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 20:53 CEST schrieb Emanuel Strobl: Hi all, I'm quiet new to IPv6 so I'd like to ask some questions: So far I know how to generate s site-local address on basis of the MAC address of the interface. That's what FreeBSD does itself for INET6 enabled kernels. Ok, here I found my first error, it's in fact a link-local addres, no site-local. If I need a site-local, is it correct to just assign it another (almost similar) address, or should I disable link-local autogeneration? Don't disable link-local address auto-generation. You can assign your own addresses, based on the /48 you have been given by your provider or tunnel broker. Something like this ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Hmmm, that doesn't work here (6.0-beta2): ifconfig fxp0 inet6 fec0::/64 eui64 alias ifconfig: could not determine link local address -Harry That is only if you want to use auto-configured host addresses based on the (IHMO) wasteful EUI64 junk... topic for another thread (and list, probably!). There are lots of differing opinions about the usefulness of EUI64-based auto-config. pgpK93ppA6fUk.pgp Description: PGP signature
Re: IPv6 site local EUI-64 adresses and jails
Am Samstag, 13. August 2005 00:03 CEST schrieb Michael W. Oliver: On 2005-08-12T22:56:19+0200, Emanuel Strobl wrote: Am Freitag, 12. August 2005 22:48 CEST schrieb Michael W. Oliver: ifconfig fxp0 inet6 3ffe:dead:beef:cafe::/64 eui64 alias Hmmm, that doesn't work here (6.0-beta2): ifconfig fxp0 inet6 fec0::/64 eui64 alias ifconfig: could not determine link local address The link-local address is automatically configured, based on the mac address of the interface, so you can't (and wouldn't want to) configure it manually. If you want to configure unicast addresses manually, use the /48 from your provider/broker, broken down into whatever prefixlen you want. Just for playing I disabled auto link-local address generation, then I found that ifconfig fxp0 inet6 fec0::1 delete worked after I added that one (without alias, which was my testing reason). Then I also deleted the eui64 address and wanted to reassign it. Another reason I tried to use the -eui64 option with ifconfig was because my fwe0 got no inet6 address! Either the man page of ifconfig is wrong or something else, I couldn't get a working syntax with option eui64. Thanks, -Harry What is your current fxp0 configuration? pgpsyRqn6jeef.pgp Description: PGP signature
Re: multiport serial reccomendations?
Am Samstag, 13. August 2005 01:14 CEST schrieb Danny Howard: Hello, I'm looking to build a nanny box to provide maintenance services to my servers. One of these services ought to be serial console access. I've currently got an old Cyclades box in service, but I'm curious to just sport a multiport serial card and run conserver directly on the nanny box. So: Can anyone recommend an 8-port or so serial card that works under FreeBSD? Or if you want to give feedback on a console server, I'm happy to hear that as well. I don't have one of these in production, but from highly appreciated reccomendations I know that this card is really fine, and cheap: http://www.reichelt.de/inhalt.html?SID=17N3r4LqwQARIAACYRpq89daa093a6681789e0f4505628d1f64e9;ACTION=3;LASTACTION=2;SORT=artikel.artnr;GRUPPE=E7;GRUPPEA=E7;WG=0;SUCHE=8%20port;ARTIKEL=EXSYS%2520EX-41098;START=32;END=16;STATIC=0;FC=671;PROVID=0;TITEL=0 It's a dealer in germany but I'm sure you can google out a dealer near to you. I decided to go with USB-RS232 adapters and passive USB-Hubs. Not exactly as problemfree as I thought, but before I knew this card, the cheapest way. Nowaday's I would give the EXSYS a try -Harry I am especially curious if anyone has experienbce with Opengear, as their hardware appears to be VERY competetively priced ... perhaps some can confirm that MP4066R work with puc(4)? Thanks, -danny pgpWeDeYKeuHd.pgp Description: PGP signature
Re: ad10: WARNING - READ_DMA UDMA ICRC error (retrying request) LBA=11441599
Am Mittwoch, 10. August 2005 19:48 CEST schrieb Unix: O. Hartmann wrote: Mike Jakubik wrote: On Wed, August 10, 2005 6:37 am, Dmitry Mityugov said: There are Maxtor MaXLine II and III, and perhaps several other models, that are supposed to work 24/7. Right, i have a dead 250GB Maxline Plus II drive on my desk, only after about 1.5 years. At least its still on warranty. On the other hand: In the department for physics of the athmosphere, where I built six years ago a server for meteorological data, a RAID-5 with 4 older IBM U160 SCSI discs still works - 24/7. Never had a problem! I still own old 1-2 GB old SCSI disks and these are still working, I also had an old 500mb SCSI disk that was in an old Mac that also worked but I trashed it since it was that old and no longer of use... I have an old 700 MB WD IDE drive that still works fine and has about 6 years 24/7 survived. And I also had a 2000$ 73G SCSI IBM drive that lasted for about 5 monthas and was that damadged that Convar sent it back without one byte recovered! And I don't want to remember the 80GB WD drive that lasted for 2 months.. Please, don't discuss about SCSI/ATA reliability, there are bad designed/produced drives and there are good ones. You can't tell before, only experience counts. I can say only good things about Seagates Barracuda 7200.8 drives for example. Some dozends are running for two years without _any_ single drive failed. Also the Samsung (p)ATA drives are still running without any single failure. And WDs once were perfect drices, but they also produced crap. So you can't even be sure by vendor! -Harry P.S.: I'm planning to bring up a FreeBSD site which reflects hardware compatibility experiences as well as long term experiences. I'll be back if I have more... pgpKca9tdzt07.pgp Description: PGP signature
Re: Reading the volume-id/label of a cd/dvd ?
Am Donnerstag, 28. Juli 2005 16:49 CEST schrieb Warren Block: On Wed, 27 Jul 2005, FreeBsdBeni wrote: Is there an easy way to get to know the volume id or disclabel of a cd or dvd ? Mounting the cd/dvd just gives me the contents of the disc, but not its name. In k3b one can ask the info about a disc and get all the info about the inserted cd/dvd (disc type, tracks, sessions,...). But how do i get that info without k3b ? Is there an easy way/solution ? cdrecord can get some info from a CD; see the -toc and -atip options. -Warren Block * Rapid City, South Dakota USA There's glabel which reads many kind of FS volume labels. 'glabel load' or 'man glabel' -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpaHxW2Naeue.pgp Description: PGP signature
Re: I have found a pc on the side curb
Am Dienstag, 19. Juli 2005 00:17 CEST schrieb Greg 'groggy' Lehey: On Monday, 18 July 2005 at 11:13:42 -0400, Martin wrote: [missing attribution] a pentium 133mhz with freebsd. I was woundering if there was away around the login: admin password: * maybe there is a universal password for admin that bypass all password. something like that. Yes, there's a way, and it's described in The Complete FreeBSD (O'Reilly). I suppose the people on the mailing list are, Good hint, once upon a time, when I had my first contact with FreeBSD, I also needed to circumvent the login and the book helped a lot! -Harry understandably, a little dubious about the intentions of the person whom you quote above. Greg -- When replying to this message, please copy the original recipients. If you don't, I may ignore the reply or reply to the original recipients. For more information, see http://www.lemis.com/questions.html The virus contained in this message was detected, clubbed to death and distributed throughout the Internet as vaccine by LEMIS anti-virus. For further details see http://www.lemis.com/grog/lemis-virus.html Finger [EMAIL PROTECTED] for PGP public key. See complete headers for address and phone numbers. pgpinsbAc9wIS.pgp Description: PGP signature
Re: two default routes
Am Montag, 18. Juli 2005 05:25 CEST schrieb Jon Falconer: I have two ISP connections, a 45Mb and a 6Mb. Depending on what block of local addresses a packet is coming from will determine which ISP I want to send the packet out. In essence the default route used for a packet depends on its source address (for traffic leaving our campus.) Can someone tell me what package I should read up on (ip,ipf,ipfw,other)? or See IPFWs fwd or PFs route-to and reply-to. -Harry if I should just do this with a real router and not FreeBSD? Thanks for your insights, Jon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpXEMbN7dIkE.pgp Description: PGP signature
Re: Serial Access
Am Freitag, 8. Juli 2005 00:16 schrieb Frank de Bot: Hi, My server support by bios remote access via the serial port. Configured it, bios shows up on my terminal client. But as soon the FreeBSD has been loaded. (Last message I get through was: Press [enter] to boot immedialty. Is it needed for FreeBSD to take over the serial console from here, or can it continue to show things without the help of FreeBSD? You have to tell the kernel to use the serial port as console. You can do so by adding the line console=comconsole to /boot/loader.conf or instruct the first stage loader to use serail console with the command 'echo -h /boot.config' For serial port configuration you may also want to have a look at the sysctl machdep.conspeed and to the /etc/make.conf option BOOT_COMCONSOLE_PORT and BOOT_COMCONSOLE_SPEED, both compile time variables. If you want to have a login on the serial line you also have to enable a getty in /etc/ttys. Best regards, -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpn9QwR21nax.pgp Description: PGP signature
Re: uplcom a callin only device?
Am Mittwoch, 29. Juni 2005 10:55 schrieb Norbert Koch: Hello. I'm trying to get a sub-to-rs232 adaptor running with FreeBSD-5. The vendor of this adaptor is some chinese company named High-Edge Tech, but as usbdevs shows, it identifies as USB_VENDOR_PROLIFIC(0x067b) and USB_PRODUCT_PROLIFIC_PL2303(0x2303). For testing, I connect the adaptor with the same computer's cuaa0 and do an 'stty speed 9600 clocal' on /dev/ucom0 and /dev/cuaia0. Now, if I do 'cat /dev/ucom0' and 'cat /dev/cuaa0', I see typed characters coming in. If I try the opposite direction, nothing happens. Is that something, I should've expected, and if so, why? There are different versions of the prolific chipset and unfortunately they changed the init sequence of version 3.00 and up without changing the device ID (If you're interested for more check the archives (current) arround January 21st). 5.4 has the new uplcom driver which checks the revision maybe you can apply the cvs version to your 5.3 (guess). -Harry Does it have to do with the difference of callin and callout devices? Can I use /dev/ucom0 only as callin device like /dev/ttyd0? Thanks, Norbert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpWxSBSHQdoe.pgp Description: PGP signature
Re: uplcom a callin only device?
Am Mittwoch, 29. Juni 2005 16:32 schrieb Norbert Koch: 5.4 has the new uplcom driver which checks the revision maybe you can apply the cvs version to your 5.3 (guess). -Harry I tested this with RELENG_5 as of last week. Hmm, then you have the new uplcom driver... The device seems to be correctly recognized. I see /dev/ucom0 appearing, when I connect the adaptor. That's the problem, the chipset has the same id although it's design has changed. What does usbdevs -v say? You'll have a line like: USB-Serial Controller(0x2303), Prolific Technology Inc.(0x067b), rev 3.00 Rev. 3.00 ist the latest I have, the former was 2.02. Maybe they once again designed a new chipset... -Harry Norbert ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpzQX2SxekN9.pgp Description: PGP signature
Re: Software RAID-1 on FreeBSD 5.4
Am Mittwoch, 29. Juni 2005 21:28 schrieb ptitoliv: Hello everybody, I have 2 120 Go Drives installed on my FreeBSD 5.4 Box. I want to create with these 2 disks a software RAID-1 solution. I wanted to use vinum but lots of people say that vinum is very unstable on FreeBSD 5.4. So I am I can't confirm that, but I can recommend gmirror. -Harry asking you what is the best solution to make RAID-1 on FreeBSD 5.4. Thank you for your answers Best Regards, ptitoliv ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpUmU3RilDrv.pgp Description: PGP signature
Re: removing freebsd bootloader
Am Donnerstag, 23. Juni 2005 19:25 schrieb Paulo Roberto: Hello, How do I remove the FreeBSD bootloader from the MBR without touching the slices? Without warranty, but fdisk -B should do the trick. I think it keeps the partition table and replaces the boot code of the MBR. Make sure the XP slice is marked active, and copy the fdisk output so you can restore it if anything goes wrong. -Harry I do have an active WinXP primary slice that I would like to boot from directly. thank you, Paulo __ Discover Yahoo! Have fun online with music videos, cool games, IM and more. Check it out! http://discover.yahoo.com/online.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpdILE2r4yc7.pgp Description: PGP signature
Re: FreeBSD L2TP client
Am Montag, 20. Juni 2005 21:05 schrieb Andy Miller: I am looking for a way to use FreeBSD as a L2TP VPN client. Does anyone know of a way to do this. I found ng_l2tp, but I'm not quite sure how to use it. If anyone has a good how-to, or can give me some direction, Check mpd from the ports, if I remember correctly it can control L2TP sessions. -Harry I'd appreciate it. Thank you. -- Andy Miller ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpxQyFp0RLpK.pgp Description: PGP signature
Re: The perennial vfs.usermount query
Am Donnerstag, 16. Juni 2005 04:18 schrieb Joe Altman: 1) If this: $: more /etc/sysctl.conf # $FreeBSD: src/etc/sysctl.conf,v 1.8 2003/03/13 18:43:50 mux Exp $ # # This file is read when going to multi-user and its contents piped # thru ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for # details. # # Uncomment this to prevent users from seeing information about #processes that are being run under another UID. #security.bsd.see_other_uids=0 vfs.usermount=1 2)And, -- after a reboot --, this: $: sysctl -a | grep vfs.usermount vfs.usermount: 0 Ergo, I get this: cd9660: /dev/acd0: Operation not permitted When trying this: mount -t cd9660 /dev/acd0 /usr/home/joe/mountpoint/ Then my question is: wtfoobar am I doing wrong? Nothing. But if you want it persistant you have to put it in loader.conf or sysctl.conf, depending on the kind of sysctl (loader tunable or runtime tunable). Additional info: $: more /etc/devfs.conf snip permacd00660 linkacd0cdrom Speculating, I assume that the BUGS section of sysctl.conf(5) applies, somehow. Hmm, what's your problem? You can't set the sysctl or it is unset after a reboot? The latter of course is true. -Harry NB: the page covering this in the FAQ at freebsd.org says run this: sysctl -w vfs.usermount=1 The man page for sysctl on 5.4 says this: COMPATIBILITY The -w option has been deprecated and is silently ignored. Is the -w flag only for 4.x installations? I'm pretty sure I'm going to see the answer to this as soon as I hit send. pgpzP1vewp03W.pgp Description: PGP signature
Re: nfs server amd problems
Am Freitag, 10. Juni 2005 09:51 schrieb Osmany Guirola Cruz: Hi people I have installed a 5.3 STABLE box with automount(amd) daemon working perfectly with the defaults flags(/net /host) and the nfs server exporting only my home. all this work but then i upgrade my system to 5.4 and problems began 5.4-RELEASE or -Stable? For the last three days there was a mis-merge in the tree which was corrected today. That caused NFS to fail. If you use -stable just re-cvsup otherwise hope that somone else can help you. -Harry my exports in (draco my machine) said /usr/home/iris and from iris when i go to /net/draco/ i got this error nfs server [EMAIL PROTECTED]:/net: not responding nfs server [EMAIL PROTECTED]:/net: is alive again ls: /net/draco/: Resource temporarily unavailable that works perfectly before the upgrade in iris the problem is only with my machine draco(nfsserver) i can automount other things in other machines now the amd daemon in my machine does not want to work :-( in iris i have this in the /etc/exports /usr/home draco and in draco i have this error nfs server [EMAIL PROTECTED]:/net: not responding nfs server [EMAIL PROTECTED]:/net: is alive again ls: /net/iris/: Resource temporarily unavailable all this things happens after the upgrade i don't know where is the problem the configuration files are the same i have this line in my rc.conf mountd_enable=YES rpcbind_enable=YES nfs_server_enable=YES nfs_server_flags=-u -t -n 4 amd_enable=YES amd_flags=-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map What should i do? where i can't find the problem Thanks Osmany ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgproqwJBxm6t.pgp Description: PGP signature
Re: nfs server amd problems
Am Freitag, 10. Juni 2005 10:32 schrieb Osmany Guirola Cruz: I am using -stable and i do the upgrade via CTM in the freebsd site the last ctm is src-5.0393.gz 06/09/05 i hope that with this was sufficient to solve the problem ;-) this are the affected file with the ctm file 92 and 93 FS .ctm_status FN contrib/tcpdump/print-bgp.c FN contrib/tcpdump/print-isoclns.c FN contrib/tcpdump/print-ldp.c FN contrib/tcpdump/print-rsvp.c FN gnu/usr.bin/gzip/gzip.c FS .ctm_status FN share/man/man4/fwohci.4 FN sys/dev/acpica/acpi_ec.c FN sys/kern/uipc_socket.c ^ That's the culprit. It should be 1.208.2.20 then everything is fine. -Harry P.S.: I've never done CTM, interesting that it's still used :) FN sys/netinet/raw_ip.c FN sys/netinet/tcp_usrreq.c FN sys/netinet6/udp6_usrreq.c What do you think? or i have to wait for next ctm files.. i don't want compile userland and kernel twice...:-) Thanks Osmany On Fri, 2005-06-10 at 13:55 +0200, Emanuel Strobl wrote: Am Freitag, 10. Juni 2005 09:51 schrieb Osmany Guirola Cruz: Hi people I have installed a 5.3 STABLE box with automount(amd) daemon working perfectly with the defaults flags(/net /host) and the nfs server exporting only my home. all this work but then i upgrade my system to 5.4 and problems began 5.4-RELEASE or -Stable? For the last three days there was a mis-merge in the tree which was corrected today. That caused NFS to fail. If you use -stable just re-cvsup otherwise hope that somone else can help you. -Harry my exports in (draco my machine) said /usr/home/iris and from iris when i go to /net/draco/ i got this error nfs server [EMAIL PROTECTED]:/net: not responding nfs server [EMAIL PROTECTED]:/net: is alive again ls: /net/draco/: Resource temporarily unavailable that works perfectly before the upgrade in iris the problem is only with my machine draco(nfsserver) i can automount other things in other machines now the amd daemon in my machine does not want to work :-( in iris i have this in the /etc/exports /usr/home draco and in draco i have this error nfs server [EMAIL PROTECTED]:/net: not responding nfs server [EMAIL PROTECTED]:/net: is alive again ls: /net/iris/: Resource temporarily unavailable all this things happens after the upgrade i don't know where is the problem the configuration files are the same i have this line in my rc.conf mountd_enable=YES rpcbind_enable=YES nfs_server_enable=YES nfs_server_flags=-u -t -n 4 amd_enable=YES amd_flags=-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map What should i do? where i can't find the problem Thanks Osmany ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpNTjuhZe99f.pgp Description: PGP signature
Re: How to boot kernel.old version in 5.4
Am Donnerstag, 9. Juni 2005 23:40 schrieb fbsd_user: In 5.4 after compiling a new kernel you have the default boot location being /boot/kernel/ directory containing the current newly compiled kernel and /boot/kernel.old/ directory containing the generic system. For safeguard I do mkdir /boot/kernel.generic cp -Rfv /boot/kernel.old/ /boot/kernel.generic/ Now my question, At the beastie boot menu I select option 6 for boot prompt, What do I enter to load from /boot/kernel.generic/ directory?? unload kernel load /boot/kernel.generic/kernel boot Hope it's what you want to know. -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgphciPO5kmRg.pgp Description: PGP signature
device sio vs. device uart
Hello, after compiling a custom kernel with device uart instead of device sio I see the following in my boot message: sio0 failed to probe at port 0x3f8 irq 4 on isa0 sio1 failed to probe at port 0x2f8 irq 3 on isa0 sio2: not probed (disabled) sio3: not probed (disabled) But I don't have sio in my kernel at all. Can someone please explain me the major differences (besides the newbus adaption) between sio and uart? And why is sio still in GENERIC? And of course why do I see these sio messages? Thanks in advance, -Harry pgpeKPbkbWmTy.pgp Description: PGP signature
Re: illegal user root user failed login attempts
Am Mittwoch, 18. Mai 2005 22:56 schrieb Kirk Strauser: On Tuesday 17 May 2005 09:36, Peter Kropholler wrote: As things stand, ssh is designed so you can't get at people's passwords and I am leaving it alone. Focussing instead on the task of making sure my passwords are strong, limiting AllowUsers to specific users and trusted ip addresses, and moving ssh off port 22. Alternatively, scrap all that and force RSA authentication after disabling password login. I could give you my root password (and even my personal password) and there isn't jack you can do with it because no services authenticate off it; it's only useful for logging in locally. IMHO that's the only way to cope with these crappy hacked boxes. Additionally that was the original idea of SSH as far as I know. Maybe time to think about disabling ChallangeResponseAtuh in /etc/ssh/sshd_conf by default in FreeBSD? -Harry pgpBQD5rwhhnC.pgp Description: PGP signature
Re: NFS read-ahead?
Am Montag, 16. Mai 2005 16:44 schrieb Andrea Venturoli: Mike Tancsa wrote: Offhand, not really, but if you look around via google for mount_nfs freebsd -r a lot of people suggest r=32768,-w=32768. Perhaps use that as a starting point and experiment to see what gives you the best performance for your situation. Tried this: with simple tests it doesn't seem to make any difference. I guess I'll have to investigate further. Thanks for now. Try using TCP instead of UDP, this improoved throughput with large files a lot for me! Even without touching read and write sizes. -Harry bye av. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpPMZT9wri9Z.pgp Description: PGP signature
Re: NAT with two different alias addresses. Is it possible?
Am Montag, 9. Mai 2005 22:29 schrieb : Hello, everybody! I've just installed freeBSD 5.3 on my old computer to make it NAT router for internet sharing. The example is classical: two machines in my internal network and one IP from provider. Except one moment - my internet connection is established through PPPoE. So my unix has 3 network interfaces: rl0 - provider's network 10.10.54.107/16 tun0 - pppoe (through rl0 of course). Here my IP is 192.168.54.107 rl1 - my internal network 172.16.0.1/24 (do not laugh i've made it for difference) NAT has alias address 192.168.54.107, and internet connection works perfectly. BUT there are a lot of resources in 10.10.54.107/16 network I can't get access from my internal machines. I think address translation to 10.10.54.107 could help. Or not? Maybe it is possible to launch second NATd for this interface? Hmm, I don't know if I understood correctly but you don't need to NAT if you want to route from 172.16.0/24 to 10.10/16. Just NAT anything on tun0 from !192.168.54.107 to any. (And make sure gateway_enable=YES, resp. net.inet.ip.forwarding=1) You don't tell us whether you use IPFW, IPF or PF, but at least for the latter two you could define more than one NAT rule! -Harry pgpZZ9yFkKGYg.pgp Description: PGP signature
Re: Group Rights in FreeBSD 5.3
Am Montag, 9. Mai 2005 22:55 schrieb Dixit, Viraj: Hi, I need a question answered. In the FreeBSD 5.3 OS system, I have just created a new group called backup and I have added one user to this group called backup. What I am looking for is what is the command to limit this group called backup to only reading and downloading files but not from writing and deleting files on my system. Can groups be set Make sure directories are xrwr-x--x (751) and group is backup. Now inside this directory they can read anything but can't write/delete files. Make sure you have the root directory (which they can access) also set to these permissions, default is 755, so independent of the group everybody can read almost all. Of yourse user mustn't be the one which is in group backup! -Harry to certain rights so any user added to that group will only get those rights. Thanks, VJ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpigMfKRB7oX.pgp Description: PGP signature
Re: ipfw + natd = some sites won't work :-S
Am Dienstag, 10. Mai 2005 00:42 schrieb Frank de Bot: Hi, I got my FreeBSD set up to do nat, but it doesn't work 100%. Sites like Google for instance does work, but many other don't. All other protocols I guess you're using an A-DSL line with PPPoE, right? If so, see tcp-mss fix. PPPoE consumes 8 bytes of your MTU so also the maximum segment sice of TCP sessions is reduced by 8 bytes which doesn't know the machine behind the NAT box. Your NAT box has to alter the mss field in the TCP header because many sites have wrong configured firewalls which simply block all ICMP traffic, so the error from your router must fragment never reaches to originating host. So the sent packaet is too big to go over your line and the Must Fragment bit is ingnored... you'll never receive what you've requested. I'm not familar with IPFW, perhaps NATD can take care of MSS, PF does with max-mss. -Harry seems to be working properly. But why are sites failing to do anything? I got running natd with the verbose option and successfull request of google is indentical to a random other site :S The firewall I use is rather big. the most important piece is: 01200 723652298 divert 8668 ip from any to 82.94.238.70 via fxp0 01200 521 85279 divert 8668 ip from 10.0.5.0/24 to any 01200 0 0 allow ip from any to 10.0.5.0/24 01201 524 85399 allow ip from 82.94.238.70 to any 01201 3 144 allow ip from any to 82.94.238.70 01500 871494 216106437 allow tcp from any to any established /etc/natd.conf is: alias_address %external_ip% verbose It just puzzles me why only some http request would fail and everything works fine! Anyone got any idea? Thanks in advanced, Frank de Bot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpnMEVBLR44V.pgp Description: PGP signature
Re: ipfw + natd = some sites won't work :-S
Am Dienstag, 10. Mai 2005 01:04 schrieb Frank de Bot: Emanuel Strobl wrote: Am Dienstag, 10. Mai 2005 00:42 schrieb Frank de Bot: Hi, I got my FreeBSD set up to do nat, but it doesn't work 100%. Sites like Google for instance does work, but many other don't. All other protocols I guess you're using an A-DSL line with PPPoE, right? If so, see tcp-mss fix. PPPoE consumes 8 bytes of your MTU so also the maximum segment sice of TCP sessions is reduced by 8 bytes which doesn't know the machine behind the NAT box. Your NAT box has to alter the mss field in the TCP header because many sites have wrong configured firewalls which simply block all ICMP traffic, so the error from your router must fragment never reaches to originating host. So the sent packaet is too big to go over your line and the Must Fragment bit is ingnored... you'll never receive what you've requested. I'm not familar with IPFW, perhaps NATD can take care of MSS, PF does with max-mss. I'm not using an ADSL with PPPoE. But the configuration used is kinda non-standard. I'll try to explain with a little drawing: = Laptop = IP: 10.0.5.21 (/24) = Server 1 = IP: 10.0.5.2 |IP: 10.0.3.1 | | (ipip tunnel) = Server 2 = IP: 10.0.3.2 |IP %external_ip% % internet % Server 1 is a Linux box Server 2 is the FreeBSD performing the NAT Tracerouting occures without anyproblem. From the laptop to the internet 10.0.5.2 - 10.0.3.2 - %internet% The problem is the same: IP-IP tunneling reduces TCPs mss which the linux box doesn't fix. ICMP will work of course, TCP with full payload won't. I don't knwo how/why you tunnle IP into IP on that linux box, but that's the point where you have to dig. Good luck, -Harry During testing I've also dumped the whole firewall exept the points written in the starting post. The behaviour stays exactly the same. -Harry seems to be working properly. But why are sites failing to do anything? I got running natd with the verbose option and successfull request of google is indentical to a random other site :S The firewall I use is rather big. the most important piece is: 01200 723652298 divert 8668 ip from any to 82.94.238.70 via fxp0 01200 521 85279 divert 8668 ip from 10.0.5.0/24 to any 01200 0 0 allow ip from any to 10.0.5.0/24 01201 524 85399 allow ip from 82.94.238.70 to any 01201 3 144 allow ip from any to 82.94.238.70 01500 871494 216106437 allow tcp from any to any established /etc/natd.conf is: alias_address %external_ip% verbose It just puzzles me why only some http request would fail and everything works fine! Anyone got any idea? Thanks in advanced, Frank de Bot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgprDecoTwkHs.pgp Description: PGP signature
Re: ipfw + natd = some sites won't work :-S
Am Dienstag, 10. Mai 2005 01:19 schrieb Frank de Bot: Emanuel Strobl wrote: The problem is the same: IP-IP tunneling reduces TCPs mss which the linux box doesn't fix. ICMP will work of course, TCP with full payload won't. I don't knwo how/why you tunnle IP into IP on that linux box, but that's the point where you have to dig. Good luck, -Harry Which tunnel forms don't experience the reducing of mss? I've chosen for Hm, I don't have that handy in my mind right now. I had to look for some RFCs but it's quiet late here in germany, if I knew it by rote I'd tell you. I have similar configurations with IPSec without that problem (IPSec (ESP) is another protocol parallel to IP, not a IP in IP tunnel) -Harry a ipip tunnel because it was a tunnen solutions which seemed to be the most simple. Once I got that working I was planning to change it to VPN or IPSec tunnel. I got my reason for having that tunnel between the boxes (Server 2 is a server far apart from Server 1) Frank ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp4O5PuF7BMx.pgp Description: PGP signature
vfs.usermount and directory owner
Hello, I want to be able to access my cd drive as normal user. As any user, not a specific one. So it's a problem that I can't mount it to a general directory like /cdrom since only one user can be owner and it looks like it's required that the mountpoint belongs to the user, even with vfs.usermount=1 set. I can't see any security reason for that. If I decide to let users mount something (with vfs.usermount) why is there an extra check regarding the owner of the mountpoint? Is there another sysctl which disables that prerequisite or at least shifts the check to group instead of user id? Thanks, -Harry pgpncVuJVRjvw.pgp Description: PGP signature
Re: How should I divvy up my HDDs? Suggestions Please.
Am Donnerstag, 5. Mai 2005 17:43 schrieb [EMAIL PROTECTED]: Hi Harald, thanks. GPT sounds great but the quick search I did turned up a lot of references to 64-bit chips i.e. FreeBSD.org said The GPT partitioning scheme was introduced with the ia64 architecture as an MBR replacement. Can GPT be also be used on 32-bit chips? My server has a single P4 2.8 533FSB. Yes, you cannot boot from GPT disks without IA64 (EFI), so you have to use MBR/bsdlabel for the first disk on x86 (which includes AMD64 and EMT-64) systems and the root mountpoint must be a bsdlabel, but you can also use GPT additionally on the first disk by creating a GPT inside a slice. On non-booting disks you don't need any MBR etc., just GPT works fine on any architecture FreeBSD supports Also, is it easy to implement and commonly know about? I ask because I won't be the one doing the initial installation. It's rarely known, but no problem to implement since FreeBSD has GPT support in the generic kernel. Sysinstall can't handle GPT, so you should be quiet familar with FreeBSD to make the boot-disk GPT extended. To create GPT on the second disk is quiet easy (gpt create ad2) and the man page of the gpt (8) tool describes the easy steps to add partitions. Then you need to newfs them and add them to /etc/fstab, just like with slice/labels, but you have to do it manually, like mentioned sysinstall can't manage GPT. -Harry Thanks, Donnacha Harald Schmalzbauer wrote: Am Donnerstag, 5. Mai 2005 14:56 schrieb Jerry McAllister: Hello, I'm new to FreeBSD and this list, my name is Donnacha, I'm an Irishman living in Edinburgh, Scotland. I have read The Complete FreeBSD's section on disk partioning but would very much appreciate some advice on how to divide up the 2 HDDs I'm getting on my new server. The server is located in a facility in the US and will be used as a Web and email server. It has an 80GB HDD and a 200GB HDD, both IDE but I'm asking for them to be placed on seperate buses. I was thinking of using the 80GB as the primary and placing / on it, while putting /var, /usr and /home on the 200GB. I'll have 2GB of RAM, so, I was thinking about putting 2GB of swap on each HDD. How does that sound. I would be very grateful for any advice you can give me before I relay my instructions to the guys doing the installation. It depends a lot on what you leave in /usr and /var and /home. It kind of looks like you will leave the 80GB drive mostly empty the way you are doing things. If all your accounts and web pages are really in /home and you have no databases, I would be inclined to put both /usr and /var in the 80GB drive and leave the other one for home directories and web pages. Since the default place for databases is in /var that can make a big difference on where you put it or if you take the db directory out of /var and put it somewhere else, etc. Putting some of your swap on each drive as you have indicated is a good idea. Ack! I just wanted to point you to GPT. I always use my second drive without MBR/slices/labels, just GPT. You can create up to 128 Pratitions and together with either growfs ( if you leave unassigned space between the partitions) or gconcat I have a very flexible storage solution (of course gvinum is another option). It's also possible to create a GPT inside a slice (so even on the first HD), just / must be on a bsdlabel. I use such a configuration for jails or virtual hosts, where every jail or virthos has its own mountpoint. Initially with not too much space (1G), increased on demand. -Harry jerry Thanks and I look forward to participating in this community, Donnacha ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpQWDdqlcmtJ.pgp Description: PGP signature
Re: Boot Problem
Am Freitag, 6. Mai 2005 03:59 schrieb Koushik Narayanan: Hello, I have a PC with Windows XP,FreeBSD-5.3 and Linux(Fedora).I use GRUB as my boot manager and I boot into FreeBSD using chainloader. I have XP and FreeBSD on primary partitions.I had a linux primary partion apart from these.I wanted to convert that to UFS2 as my /usr partition (FreeBSD) was almost full.I did that using bsdlabel and mkfs. After that the fdisk print output in linux showed the recently formated partition as type Linux.So I installed linux-fdisk using the ports collection and try to change the system-id of that partition,but it did not work.I then booted into linux and did the same using fdisk.This time it worked.But after that FreeBSD does not boot.(I don't see the rotating / and the loader.The system freezes and even numlock does not work )Here is the fdisk print output from linux: Disk /dev/hda: 20.0 GB, 20060135424 bytes 255 heads, 63 sectors/track, 2438 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/hda1 1 523 4200966c W95 FAT32 (LBA) /dev/hda2 524 905 3068415 a5 FreeBSD /*FreeBSD root partition*/ /dev/hda3 * 9061152 1984027+ a5 FreeBSD /*Partition I formated using bsdlabel and mkfs contains ports */ /dev/hda41153243910336536f W95 Ext'd (LBA) /dev/hda511531774 4996183+ 83 Linux /dev/hda624062438 265041 82 Linux swap /dev/hda717752146 2988058+ 7 HPFS/NTFS /dev/hda821472405 2080386b W95 FAT32 Partition table entries are not in disk order When I use GRUB autocomplete feature to check the contents of the FreeBSD partions,It says Error 17: Cannot mount selected partition.(I have done this before when FreeBSD was working fine and I could see the contents of the partion). Perhaps the /boot partion needs to be fsck'ed? And if that is so how can I do it.(I found in the mail archives that fsck'ing UFS2 partitions Usually you don't have a /boot partition on FreeBSD. I guess you don't have bootcode in the boot label (ad0s3a). hda3 is in FreeBSD ad0s3. You need labels inside partitions (slices). I don't know these linux tools nor am I familar with Grub but you may want to boot from a fixit disk and post the output from bsdlable ad0s3. I guess this doesn't exist, probably overwritten by the linux tools. For more information read boot(8) and boot0cfg(8) to get an idea how FreeBSD treats the microsoft adopted partitioning system (which also lunix uses but is uncommon for UNIX) -Harry using linux is not possible.) Thanks, Koushik Narayanan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpvlDQICKgiE.pgp Description: PGP signature
Re: nvidia nforce motherboard w/onboard nic
Am Freitag, 6. Mai 2005 06:05 schrieb je killen: To whom ever receives and responds to this request for info; I had installed Mandrake Linux on a machine that uses an nvidia motherboard and found there to be no ethernet driver included with the distribution. After hunting around I found a driver for the onboard nic from the nvidia web site. I installed it and got a tainted kernel warning. I realize that FreeBSD is not Mandrake linux, but I also anticipate a few hoops to jump through to get a driver for FreeBSD to use this network interface. Needless to say I'm dumping Mandrake and want to use FreeBSD. My source of info at this time is FreeBSD Unleashed; Michael Urban and Brian Tiemann, Sams publishing. It has a hardware compatibility list in an appendix in the back and is copyrighted 2003 but lists minimum hardware requirements as intel 386 architecture or compatible processor (AMD, which I am using, I presume). This leads me to believe that the text is somewhat dated. I have another nic installed in the machine, a D-link card, but I want two network cards. One to connect to ADSL and the other to connect to the inside network. My machine has two pci Slots but I'd rather use the builtin and one pci card slot (which I have been using). I would appreciate any guidance on this matter; E.G, Is there a FreeBSD compatible driver for this nic? I have not determined what chip set is Yes, 6-current has nve, but I guess you're using 5.4, so you have to compile a port called nvnet. It's in /usr/ports/net/nvnet, just type make install. For more information how to add packages or ports see the surpassing handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.html -Harry used. Thank you so much for your time and attention: I would thank you by name but I don't know who will be responding; Jeff Killen [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpvz3bkSBPpm.pgp Description: PGP signature
Re: groff alternative?
Am Donnerstag, 28. April 2005 23:37 schrieb Chuck Swiger: Dag-Erling Smørgrav wrote: [ ... ] Install pre-rendered man pages instead of the mdoc source, and fake up a shell script that locates the appropriate page, decompresses it and pipes it to $PAGER. At least some flavors of the man program will show cat pages even if the original NROFF version isn't present. Does the one in FreeBSD not do this? In case of cat pages it does, but like I wrote I want to be able to add packages and read their man pages without having to involve any other machine. So there's no way arround a lean *roff... Bit it's on ice for the moment, I'm about XP-ipsec(dynamicIP) - FreeBSD problems (and racoon was the man page I wanted to read on my embedded box) Thanks, -Harry pgpLU2tzL9bPi.pgp Description: PGP signature
groff alternative?
Hello, I'm using NO_CXX in my make.conf to strip down the base system to ~50MB including man pages. The only problem is that groff is missing if I don't build c++, and even if I build groff itself and the needed libstdc++ it costs me about 10MB. If I just skip NO_CXX it's only 500k more, so I moved my patches to /dev/null. Now I wrote a port for GNU/groff, but this also consumes 9974k by default and I don't want to include patches into that port to strip down groff, if that was possible at all. Does anybody know any alternative for the groff part to view man pages simply with the man command? It's horrible that the filter needs more space than all the manpages itself! And of course, even if I decide to leave system man pages outside the flash card I still may want to read man pages of installed packages (which is another mountpoint on my installation, so there may be no space limit, depending on the card and additional drives) Thanks, -Harry pgpxc3o4DhpIz.pgp Description: PGP signature
Re: groff alternative?
Am Dienstag, 26. April 2005 20:26 schrieb Thomas Dickey: On Tue, Apr 26, 2005 at 08:10:41PM +0200, Emanuel Strobl wrote: Does anybody know any alternative for the groff part to view man pages simply with the man command? It's horrible that the filter needs more space than all the manpages itself! perhaps cawf This is _very_ interesting. Thanks a lot! I found sources on http://www.tux.org/pub/sites/vic.cc.purdue.edu/ Is there additional work known? It's 8 years old and I'm not very familar with nroff at all, so I don't want to learn about outdated macros. Thank you, -Harry pgpCbhuMu5GfI.pgp Description: PGP signature
Re: groff alternative?
Am Dienstag, 26. April 2005 20:43 schrieb Diomidis Spinellis: Emanuel Strobl wrote: I'm using NO_CXX in my make.conf to strip down the base system to ~50MB including man pages. The only problem is that groff is missing if I don't build c++, and even if I build groff itself and the needed libstdc++ it costs me about 10MB. If I just skip NO_CXX it's only 500k more, so I moved my patches to /dev/null. Does anybody know any alternative for the groff part to view man pages simply with the man command? It's horrible that the filter needs more space than all the manpages itself! Have you considered preformatting the manual pages on the development system, and copying over the pages into /usr/share/man/cat* of the shrinked-down system? And of course, even if I decide to leave system man pages outside the flash card I still may want to read man pages of installed packages (which is another mountpoint on my installation, so there may be no space limit, depending on the card and additional drives) Again, it appears your shrinked-down system has access to a more powerful machine. You could modify man to run groff on the remote machine. That's a possible solution, but not the way I like it. If I once installed one of these embedded boxes and decide to add a small package it should be possible to read the package's man page without any help of other machines. Also ordinary package-installation should work, so preformatting system man pages is a good idea but not applicable for the ports/packages. Thanks, -Harry pgpyhgaKMdY8N.pgp Description: PGP signature
Re: FreeBSD Update Upgrade
Am Montag, 25. April 2005 01:59 schrieb Giuliano Cardozo Medalha: People, When I try to use CVSUP ... if I use the script with: tag=. ... what it mean ? It mean 5.4 or 5.3 sources ? It's HEAD, which is 6-current, the developers code base ;) You want RELENG_5_4 for 5.4 sources and RELENG_5 for the -stable branch. See the handbook for further details. -Harry How is possible to put the system in the current version and in the stable version ? Thanks a lot giuliano ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpMaSTQIc4lP.pgp Description: PGP signature
Re: Temperature Sensors on a Mini-ITX Board
Am Mittwoch, 6. April 2005 23:39 schrieb Andrew: Does anyone know how to read the temperature sensors on a VIA Mini-ITX board? I've tried xmbmon, lmmon and healthd but nothing seems to read it/them. I can't find anything under the dev sysctl hierachy either. I can't see anything relevant in dmesg apart from this perhaps: acpi0: VT9174 AWRDACPI on motherboard Have you modified your kernel to support monitoring devices? Since it 's VIA you can keep a closer look to these: device smbus # Bus support, required for smb below. device smb device iicbus device iicbb device iicsmb device viapm Maybe they're loadable modules, just a hint. -Harry Thanks, Andrew ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpG4HYloEXh6.pgp Description: PGP signature
Re: usb console
Am Freitag, 8. April 2005 00:50 schrieb Gert Cuykens: Is it possible to do the console thingie not with a null modem serial cable but with a usb cable ? When you do the serial console, it means that you have a screen like it was the other pc's screen, right ? With boot messages and Right, in fact the syscons is just a kind of serial emulation. Traditionally all consoles were serial terminals. You can use USB-Serial cables if you don't have enough serial ports, but there's no USB-USB console. But there is dcons, a simple console over firewire! -Harry everything, able to do whatever you want like your keybord and screen was connected to the serial server itself right ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp4jWRA2ZnUl.pgp Description: PGP signature
Re: restricting fat jails
Am Freitag, 8. April 2005 15:18 schrieb [EMAIL PROTECTED]: i was wondering exactly which files in /dev/ can be removed in a jail ? If we're talking about FreeBSD 5.x none, sinc it's devfs. You can control which devices are in a jail by creating jail_NAME_devfs_ruleset. and i thought of a dirty approach of restricting building a jail by removed the parts in /usr/obj/ that you don't want, but i bet that make installworld is gonna complain about, is there a way around ? There's make.conf, especially lines like: #NO_ACPI= true# do not build acpiconf(8) and related programs #NO_BOOT= true# do not build boot blocks and loader NO_CVS= true# do not build CVS #NO_CXX=true# do not build C++ and friends NO_BLUETOOTH= true# do not build Bluetooth related stuff #NO_DYNAMICROOT=true# do not link /bin and /sbin dynamically NO_FORTRAN= true# do not build g77 and related libraries #NO_GDB=true# do not build GDB NO_I4B= true# do not build isdn4bsd package NO_IPFILTER=true# do not build IP Filter package NO_PF= true# do not build PF firewall package NO_AUTHPF= true# do not build and install authpf (setuid/gid) -Harry (perhaps something else than make -i installworld) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpgDBxNAM2cZ.pgp Description: PGP signature
no (t)csh read builtin?
Hello, how can I interactively read a variable from the command line with tcsh? The *[^c]sh command read doesn't exist, so how can I do it with csh? Thanks, -Harry pgp31USGx8RFH.pgp Description: PGP signature
Re: too many illegal connection attempts through ssh
Am Mittwoch, 6. April 2005 12:07 schrieb Erik Nørgaard: Edwin D. Vinas wrote: shown below is snapshot of too many illegal attempts to login to my server from a suspicious hacker. this is taken from the /var/log/auth.log. my question is, how do i automatically block an IP address if it is attempting to guess my login usernames? can i configure the firewall to check the instances a certain IP has attempted to access/ssh the sevrer, and if it has failed to login for about x number of attempts, it will be blocked automatically? This question is asked on the list ever so often - see the archives for suggestions. These are automated attacks, they come regularly as crackers, black hats or script kidies scan across the net. Does anybody know what robots beeing used? And on what systems? All you mention later in your posting is true of course and I needn't care about these logs, but it's like like somebody unknown puts 10 flyers in your letterbox every night. I'm sure, one night you'll hide and build a trap for that person. I'm too lazy to enter those net-circles for finding these robots, but maybe some other has already done that? -Harry You can avoid the automated scanning by chaning port, but this won't stop the determined cracker - he will scan all your ports and identify which services are running on which ports. Ask yourself a few questions: * Do you need to allow ssh from anywhere? If not, restrict to the relevant ip blocks. * Do you need to allow password based authentication? If not, disable it and use only ssh keys, in sshd_config: PasswordAuthentication no PubkeyAuthentication yes * Do all users need to have ssh access? If not, restrict to specific groups of users, in sshd_config, eg: AllowGroups staff * Is it a problem appart from the log messages? Trying to login with a nonexistent username is usually not a problem. Other tips: Disable ssh1, reduce the number of simultaneous non-authen- ticated connections, set timeouts etc. Cheers, Erik pgpo6V3WWtJqM.pgp Description: PGP signature
Re: HZ=1000 ?
Am Dienstag, 5. April 2005 01:09 schrieb John Pettitt: [EMAIL PROTECTED] wrote: Interestingly, HZ=100 has remained constant for decades (!), despite CPUs getting faster all the time. This is an excellent value for most typical usage patterns. Cranking it up should only be required for special cases. Anyway, the HZ knob is there. Experiment with it until you get optimal performance. In the dim and distant past (like 1983) some systems used HZ=50 or HZ=60 depending on where in the world they were. I used an MP/M based box that took it's clock tick from the power line (no good RTC hardware Hmm, I've seen onboard RTCs which surely were less acurate than a power-line-driven oscillator was ;) Some RTCs are really bad. But at least here in germany power line frequency is astonishing acurate. We also have a broadcast station which generates it's 50Hz vertical refresh rate from a dedicated caesium clock. Of course this tv station is paid by the peoples Sorry, a bit OT, but I'm really impressed how constant power line frequency is. -Harry available but the power company keeps pretty good time). John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp2REbMMC75t.pgp Description: PGP signature
Re: Promise TX2 Rebuild via atacontrol??
Am Montag, 4. April 2005 23:29 schrieb Edgar Martinez: All, I have a failed member in a RAID1 array and using atacontrol can see that the status is degraded. I am curious if I can use atacontrol to rebuild the array if the original array was built using the Promise BIOS utility. If I tell atacontrol to rebuild.will it corrupt my data or catch fire and explode?? You don't tell us what version you use, but promise is supported very well, even in atamkII in 6-current. If you replace the failed drive it sould be automatically rebuilt, the `atacontrol rebuild ar0` doesn't work as long as you (in 5.x) used addspare or the controller found a good spare drive. In 4.x you don't have the addspare option, you have to `atacontrol detach 3` and reattach it the same way to get recognized and inserted as spare in an existing array. -Harry Cheers! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgptKroYBBcXN.pgp Description: PGP signature
Re: Boot manager
Am Sonntag, 3. April 2005 19:07 schrieb Teilhard Knight: Could you recommend a good boot manager, please? I mean, to boot several OSs, but not relying on Lilo. Not Xosl, because it doesn't work together with a Drive Overlay. Yes, I can strongly recommend gag. Very powerfull, yet very simple to use, you even needn't install it. http://gag.sourceforge.net/ -Harry Teilhard. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpg24n6mIwmu.pgp Description: PGP signature
Re: Boot manager
Am Sonntag, 3. April 2005 20:36 schrieb Gert Cuykens: On Apr 3, 2005 7:33 PM, Christopher Nehren [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2005-04-03, Teilhard Knight scribbled these curious markings: Could you recommend a good boot manager, please? I mean, to boot several OSs, but not relying on Lilo. Not Xosl, because it doesn't work together with a Drive Overlay. What's wrong with FreeBSD's boot manager? It doesnt have colors It doesnt look pretty It writes ?? instead of windows Nobody knows how it works for example how to install it witout sysinstall :P The latter is not true, the manpage very clearly points to boot0cfg, a very convinient tool and there's probably nothing out there which describes the booting stages on i386 better than the boot(8) manpage. If you don't like it it's another thing but you should read the excelent stuff people are writing for you! -Harry look a birdy zwoef (running away) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpswIs4kmH7f.pgp Description: PGP signature
Re: multyple gateway or load balancing on two channels
Am Samstag, 2. April 2005 09:26 schrieb ' : Hello. How I use subject without help of providers side (wthout BGP, pptp etc.). You can use pf for multihomed routers, if you just want to use multiple lines for downloads. If you want to provide Webservices or anything similar with more than one line for redundancy/load balancing you have to BGP peer with your providers. But like said, if you just want to use multiple lines for connections from inside to the inet, look for rules like: pass in on $LAN route-to ($IF1 IP1) from $1stsubnet to any pass in on $LAN route-to ($IF2 IP2) from $2ndsubnet to any -Harry Thanks. Mar'yan Petryshyn. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp8sEJbnCwrk.pgp Description: PGP signature
Re: FreeBSD server behind router-NAT; how to configure sendmail?
Am Samstag, 2. April 2005 18:07 schrieb Rob: Hi, My ISP provides me with a fixed IP address and a registered hostname. I use a Sitecom DC-207 that serves as a plain router, NAT and 4-port switch, to connect three Windows PCs and one FreeBSD PC simultaneously to the internet. The router gets the fixed IP address, whereas my FreeBSD system gets IP 192.168.123.1 with a fake hostname. The router is configured to redirect the usual TCP/IP server ports to the FreeBSD PC (e.g. ports 22, 25, 80 etc.), which makes the FreeBSD PC a kind of virtual server for my fixed IP address. One of the problems I encounter is this: Sendmail on the FreeBSD PC cannot deliver email, because there seems to be a DNS issue, because the FreeBSD PC does not have an official IP hostname. You can set the following ine /etc/mail/yourhostname.domain.mc define(`confDOMAIN_NAME', `host.name.fq')dnl host.name.fq is what ever your provider registred for your IP. Make sure there's also a correct A record for that hostname, eg. if it is spam.refuse.org then `host spam.refuse.org` must return your IP and `host IP` must return spam.refuse.org. If you don't have /etc/mail/yourhostname.domain.mc then you should cd to /etc/mail and type make, after you edited the file make all install restart You also may want to define masquerading, like: MASQUERADE_AS(`yourdomain.org') MASQUERADE_DOMAIN(`internal.domain.sth')dnl FEATURE(limited_masquerade)dnl FEATURE(`masquerade_entire_domain') FEATURE(`masquerade_envelope') -Harry How do I configure my FreeBSD PC so, that sendmail thinks the PC has the official IP address/hostname provided by my ISP, which is actually used by the router? Or should I follow a different configuration scheme for achieving these goals? Thanks, Rob. __ Do you Yahoo!? Yahoo! Personals - Better first dates. More second dates. http://personals.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp4rvJ465864.pgp Description: PGP signature
Re: blanking the console
Am Samstag, 2. April 2005 23:11 schrieb dick hoogendijk: OK, probably a stupid question. I can't find it though. Sorry. How can I blank the screen on the console (terminal). Hmmm, clear is not what you mean? Something like the linux setterm -blank 60 which will blank the screen after 60 seconds of inactivity. There must be a (freebsd) equivalent, If you mean a screensaver, that can be done with `vidcontrol -t 60` or per config file in /etc/rc.conf blanktime=60 but you have to define a screensaver before. For example with saver=blank in /etc/rc.conf. For a list see `ls -l /boot/kernel/*_saver.ko` -Harry but what is it? pgpX8J80OD91m.pgp Description: PGP signature
Re: sendmail
Am Freitag, 1. April 2005 03:17 schrieb Gert Cuykens: On Thu, 31 Mar 2005 20:03:09 -0500, wizlayer [EMAIL PROTECTED] wrote: [***] Its 5.5mb and my gmail doesnt want to sent it :( So how do you do that with the sendmail command ? Well, sendmail was designed to transport eMails. And eMails consit of type text/plain, handwritten :] For file exchanging some clever people created standardized protocols like ftp, nowadays extremely easy to setup and use and even secure with sftp, part of OpenSSH. Even setting up a AFS system would make more sence to copy 5,5MB instead of trying to distribute it by eMail *headshaking*. Leave the poor mail system what it was designed to! -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpFMuH2hqjc3.pgp Description: PGP signature
Re: How do I kill the console? (or how to make nullconsole work)
Am Mittwoch, 30. März 2005 09:16 schrieb John Pettitt: I'm running 5.4 BETA1 on a soekris 4801 board. The unit emulates a console on a serial port. I want to use the serial port for my GPS so I want the console messages from BSD to go away - an in particular I want BSD to ignore inbound data during the boot process. So far: I've used the regular mbr so that I don't get the disk prompt I've added boot to loader.rc before the beastie call so that it doesn't display the menu Both these change work However if I add boot.config with -n -m the system doesn't boot (and I can't tell why because I have no messages!) If I set console=nullconsole the system doesn't boot and again I can't see why. Does anybody have any wisdom on how to get nullconsole to work? Unfortunately not, but if you defined nullconsole I think no /boot.config is allowed. I'd suggest you try to set hints.sio.1.flags=0x10 and make sure hints.sio.0.flags doesn't exist. This should make the second (not DB-9 connected) serial ports of the 4801 systemconsole. Alternatively you can try setting boot_serial=sio1 in /boot/loader.conf, but I never tried that. Make sure in any case you also have console=comconsole in /boot/loader.conf since the soekris bios emulates a simple VGA-Console. You can also recompile the loader to tell it what sio (and at what speed) it should use. The following in /etc/make.conf does the trick: BOOT_COMCONSOLE_PORT= 0x2F8 BOOT_COMCONSOLE_SPEED= 115200 For the loader to recompile goto /usr/src/sys/boot and do: make clean make depend make make install Good luck, -Harry John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp1tArdDFaIj.pgp Description: PGP signature
Re: Partitioning
Am Mittwoch, 30. März 2005 07:24 schrieb Quinn Ellis: Help! FreeBSDamsel in distress. I'm just starting out with this OS and already running into a problem. Initially I installed FreeBSD onto a seperate hdd but that died. I have a 120gig drive, that i want to partition into two 10gig drives, one for windows, one FreeBSD 1 gig for BSD swap and the rest ntfs data space. Anyone got a quick guide to this? The handbook of course. And you don't need to create a pratition (slice) for swap. You'll do that with labels inside the (dos)partition if you want wo have windows parallel, without you even don't need to slice the disk at all. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/index.html and in special: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-steps.html -Harry Thanks Quinn ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpqT8uIikxwj.pgp Description: PGP signature
Userland dig/host for lookups against /etc/hosts?
Dear all, my testbed lacks of Ethernet Ports so one machine has no connection to my DNS, no problem, there is something called /etc/hosts I thought. It works if I ping 'hostname', but how can I find out the IP of 'hostname' from the command line? dig and host want to contact the DNS server, also nslookup does, so I think I need a utility which uses the gethostbyname(3) function. Is there one? Unfortunately I can't write one myself, at least not in a reasonable amount of time Thanks, -Harry pgpql7mmH14RD.pgp Description: PGP signature
Re: Userland dig/host for lookups against /etc/hosts?
Am Montag, 28. März 2005 08:23 schrieb Alexander Chamandy: On Mon, 28 Mar 2005 07:17:31 +0200, Emanuel Strobl [EMAIL PROTECTED] wrote: Dear all, my testbed lacks of Ethernet Ports so one machine has no connection to my DNS, no problem, there is something called /etc/hosts I thought. It works if I ping 'hostname', but how can I find out the IP of 'hostname' from the command line? dig and host want to contact the DNS server, also nslookup does, so I think I need a utility which uses the gethostbyname(3) function. Is there one? Unfortunately I can't write one myself, at least not in a reasonable amount of time May I ask what you're trying to do with the machine? If you just want local DNS resolution for experimentation you may try running BIND 9 or TinyDNS. No DNS experiments, I'm very well equiped (authoritative DNS). It's just that my local subnet (productive) has not enough ethernet ports so one test-machine (in another subnet) cannot be connected to the local net and the two other subnets are for testing only, so none routes to my productive net Everything is working fine, just curiosity.. -Harry Thanks, -Harry pgpaEOOjtheY9.pgp Description: PGP signature
Re: kaudiocreator
Am Freitag, 25. März 2005 19:14 schrieb dick hoogendijk: kaudiocreator is a nice program for extracting audio tracks and converting them w/ almost any encoder. Only pittfall is hat kde is needed. You can read audio tracks directly from ata CD-Drives with /dev/acd0t1 t2 t3 etc. You just have to set the block size of 2352. (for examples see http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/creating-cds.html) The you can make ogg out of the resulting wave files for example... -Harry Is there another program that comes close to the abilities and easy of use of this kaudicreator? -(My WM is fvmw)- I like fast running progs. pgpPscub87F1S.pgp Description: PGP signature
ot: FWIW meaning? [Was: Re: FreeBSD 5.4-PRERELEASE: panic in ffs_valloc]
Am Samstag, 26. März 2005 23:19 schrieb Gary Kline: On Sat, Mar 26, 2005 at 10:16:57PM +, Gary Kline wrote: [...] Yours, -- Ed Schouten [EMAIL PROTECTED] This is a FWIW, but the same thing is happening with DMA While I see this on questions@ - What does FWIW mean? I think it's like for your information but I have never heard the real meaning. Thanks, -Harry pgpvDZsIIBGBa.pgp Description: PGP signature
Re: Issue with FreeBSD, Compact Flash
Am Freitag, 25. März 2005 15:32 schrieb Matt Juszczak: These options were already set. Any other ideas? otherwise we're going to have to skip the flash card option and put a hard drive in this box Well, I have no idea other than replacing the card with a generally knwon working one. I had no problems with Kingston CF cards and if you prefer DMA-capable cards I'd recommend SanDisk ultraII. But if your CF-Connector hasn't the neccessary DMA hardwired lines you need to disable ata_dma, though it's working fine. I'd perfer experimenting, using a rotating HD is no solution. Have you checked your card in any other (ata-mode) device? In what kind of hardware do you plug in your card, Soekris, EPIA, WRAP, or general IDE-CF adapter? -Harry :-( :-( Thank you, Matt Emanuel Strobl wrote: Am Mittwoch, 23. März 2005 21:02 schrieb Matt Juszczak: Howdy, Does anyone have any ideas on the following? Trying to load m0n0wall, which uses a FreeBSD 5 kernel. Keep getting the boot errors you see in the paste link below. http://paste.atopia.net/107 We really dont want to have to switch back to a hard drive :-( Any ideas are appreciated in advance. Maybe your CF-Card doesn't implement the ATA-Mode correctly. I once had a card which had wrong ATA-mode support but it didn't even boot. But I don't know why these errors occur, I'd suggest trying the following in /boot/loader.conf: hw.ata.ata_dma=0 hw.ata.wc=0 Good luck, -Harry Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] !DSPAM:42425048649491091553215! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpeABlQbsYPd.pgp Description: PGP signature
Re: Issue with FreeBSD, Compact Flash
Am Freitag, 25. März 2005 19:23 schrieb Matt Juszczak: We're trying to run m0n0wall on a Nexcom Nexgate 1045. The card that came with it is a Sandisk card. The card works in other devices (we can extract the full image to it with no problems). I prefer experimenting too, but the boss really wants it up :-( :-( I can try to hunt down some other cards, but please let me know if you have any other suggestions. Okay, I'm not really an ATA expert nor do I know the code, but what I found is that it could be a LBA/CHS problem. Which version do you use? Have you tried to slice/lable the card inside the NSA 1045 (from a temporary FreeBSD holding HD)? If I'm right you dump a preformatted image onto the card, maybe you have addressing problems I gave up using images, PXE-booting (or installing a HD on machines which have the possibillity) and installing the base system right on the destination hardware turned out to be much safer and is not really more time consuming... Mayby playing with BIOS LBA/CHS settings gives some hint's, I don't expect that, but I'd try that and if that all fails you may want to contact Søren, the ATA author. -Harry Am Freitag, 25. März 2005 15:32 schrieb Matt Juszczak: These options were already set. Any other ideas? otherwise we're going to have to skip the flash card option and put a hard drive in this box Well, I have no idea other than replacing the card with a generally knwon working one. I had no problems with Kingston CF cards and if you prefer DMA-capable cards I'd recommend SanDisk ultraII. But if your CF-Connector hasn't the neccessary DMA hardwired lines you need to disable ata_dma, though it's working fine. I'd perfer experimenting, using a rotating HD is no solution. Have you checked your card in any other (ata-mode) device? In what kind of hardware do you plug in your card, Soekris, EPIA, WRAP, or general IDE-CF adapter? -Harry :-( :-( Thank you, Matt Emanuel Strobl wrote: Am Mittwoch, 23. März 2005 21:02 schrieb Matt Juszczak: Howdy, Does anyone have any ideas on the following? Trying to load m0n0wall, which uses a FreeBSD 5 kernel. Keep getting the boot errors you see in the paste link below. http://paste.atopia.net/107 We really dont want to have to switch back to a hard drive :-( Any ideas are appreciated in advance. Maybe your CF-Card doesn't implement the ATA-Mode correctly. I once had a card which had wrong ATA-mode support but it didn't even boot. But I don't know why these errors occur, I'd suggest trying the following in /boot/loader.conf: hw.ata.ata_dma=0 hw.ata.wc=0 Good luck, -Harry Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] --- - !DSPAM:42425048649491091553215! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpGTb53rOUBM.pgp Description: PGP signature
quick timestamp question (ctime/mtime)
Hello, is it possible that mtime of a file can be changed without also changing ctime? Vice versa is easy, chmod or similar will do that. But if I change mtime with touch, also ctime gets changed. I ask because I'm about writing a little backup script and want to be sure to capture every file on any imaginable modification when comparing only ctime! Thanks, -Harry pgpGvsHTOvw7K.pgp Description: PGP signature
Re: Issue with FreeBSD, Compact Flash
Am Mittwoch, 23. März 2005 21:02 schrieb Matt Juszczak: Howdy, Does anyone have any ideas on the following? Trying to load m0n0wall, which uses a FreeBSD 5 kernel. Keep getting the boot errors you see in the paste link below. http://paste.atopia.net/107 We really dont want to have to switch back to a hard drive :-( Any ideas are appreciated in advance. Maybe your CF-Card doesn't implement the ATA-Mode correctly. I once had a card which had wrong ATA-mode support but it didn't even boot. But I don't know why these errors occur, I'd suggest trying the following in /boot/loader.conf: hw.ata.ata_dma=0 hw.ata.wc=0 Good luck, -Harry Thanks, Matt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpcBvcG0Brza.pgp Description: PGP signature
Re: FreeBSD HOWTO: Software Mirror System Disk
Am Dienstag, 22. März 2005 22:01 schrieb Aaron Trumm: Hello is anybody there? I don't know if I'm subscribed... I have a question...is this a typo?: gmirror insert gm0 /dev/ad6 I get to that step and get the message class not found should it be?: gmirror insert boot /dev/ad6? You have already setup (with gmirror label) a mirror named gm0 right? What does 'gmirror list gm0' tell? Anyway, you'll find an answer in the very well written man page, like usual for FreeBSD man pages ;) -Harry or something? --signed, Confused ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgprFIHwU4T2v.pgp Description: PGP signature
Re: AMD64 very slow!
Am Mittwoch, 23. März 2005 00:38 schrieb Boris Spirialitious: I have opteron 246 system with 2 port intel em card. We have test bed with about 200Kbs traffic and we route through 5.3/i386 system. Load is about 50%. With same settings, amd64 system run with 85% load. How could be so slow? What tuning extra is needed for amd64 kernels? 200kB/s sounds like misconfigured duplex/negotiation mode. But why don't you try FreeBSD 5.4-BETA1? Many performance improvements were achieved and stability is given in the -STABLE branch (BETA1 is a relese of FreeBSD 5-STABLE) -Harry Boris __ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpmGhx7KznWA.pgp Description: PGP signature
Re: scp stalling
Am Mittwoch, 23. März 2005 00:51 schrieb Bob Ababurko: Hello- I have two boxes that I am trying to transfer files between and for some reasson I am getting annoting slow transfers. I am running OpenSSH_3.8.1p1on the server end with freeBSD 5.3 and OpenSSH_3.5p1 with freeBSD 4.9 on the client end. The connection keeps stalling and I am not seeing any errors in /var/log/messages. The only sign is my loss of hair. How can I go about troubleshooting this? I have full control over these How are they conneted, in the same subnet and same switch or routed subnets or over some WAN links? Does ftp work? Also active FTP? -Harry boxen, so I can do whatever to fix this. thanks, Bob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp0cDNU6SzOP.pgp Description: PGP signature
Re: AMD64 very slow!
Am Mittwoch, 23. März 2005 01:19 schrieb Boris Spirialitious: -- Emanuel Strobl [EMAIL PROTECTED] wrote: Am Mittwoch, 23. März 2005 00:38 schrieb Boris Spirialitious: I have opteron 246 system with 2 port intel em card. We have test bed with about 200Kbs traffic and we route through 5.3/i386 system. Load is about 50%. With same settings, amd64 system run with 85% load. How could be so slow? What tuning extra is needed for amd64 kernels? 200kB/s sounds like misconfigured duplex/negotiation mode. But why don't you try FreeBSD 5.4-BETA1? Many performance improvements were achieved and stability is given in the -STABLE branch (BETA1 is a relese of FreeBSD 5-STABLE) I am sorry, I mean 200Mb/s. It is a controlled stream Unfortunately that's a not so uncommon result with em and 5.3. There are tuning methods but they won't give the big kick. Like mentioned, try 5.4 (BETA1), depending on your employment you'll see tremendous improvement, I don't have values handy nor can I confirm that for amd64, but you really wnat to try out, especially if this box isn't productive yet, which it isn't if I understood correctly. -Harry Boris __ Do you Yahoo!? Yahoo! Small Business - Try our new resources site! http://smallbusiness.yahoo.com/resources/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgp19EZKqE8pn.pgp Description: PGP signature
Re: /usr/ports/packages/
Am Samstag, 19. März 2005 21:34 schrieb Gert Cuykens: Does only portmanager create packages ? Or does make install also make a package ? How can i tell them to put all the packages in the /usr/ports/packages/ instead of the port application directory ? If /usr/ports/packages exists 'make package' creates packages in that directory, otherwise in the ports directory. -Harry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpCxlF3sHPXZ.pgp Description: PGP signature
Re: MS Exchange server on FreeBSD?
Am Freitag, 18. März 2005 14:06 schrieb Christian Tischler: Hi, I would like to run an MS exchange server. But I am not at all willing to set up an MS box at all. ??? Windows is a really good, well maintained standardized and secure piece of software compared to Exchange. I can't imagine why someone is even considering exchange when he knows about FreeBSD and it's programs. Maybe you are not aware that exchange e.g. doesn't work without ActiveDirecotry? Make you and the rest of the email connected world a favour and don't polute the net with another exchange! -Harry As I know I could run something like VMware virtual server or Wine, but I do not know if such an combination would be stable (sopken in terms of windows stability). The next consideration would be the performance of the overal setup. Any hints or suggenstions would be great. thx Christian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpVvCw7nf6VO.pgp Description: PGP signature
Re: x11 cookie expires after some time
Am Sonntag, 14. November 2004 19:28 schrieb Emanuel Strobl: Dear all, perhaps someone can explain me why I can't execute a x-program via a ssh session after some time (some hours). When I log into the machine everything is fine and xclock or any other x11 application is working fine. But after some hours, when I try to execute exactly the same application once again, I get the following error: Xlib: connection to localhost:10.0 refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key Xlib: connection to localhost:10.0 refused by server Xlib: Invalid MIT-MAGIC-COOKIE-1 key Lost the connection to the X server The session wasn't interrupted nor did I modify anything else, just the ssh session has idled for some hours. I have to admit that I'm not really familar with the .Xauthority stuff, but it works for the first hour, so why not as long as the ssh session exists? Here's some off-list communication, Paul Brooks told me that it's ForwardX11Trusted in ssh config. Thanks a lot! Am Freitag, 18. März 2005 20:35 schrieb Paul Brooks: On Tue, Mar 08, 2005 at 12:59:49AM +0100, Emanuel Strobl wrote: Hmmm, I really can't remember what I did (if I did anything at all) but I don't have this problem anymore. I'm sure I read something about the cookie timeout, and played with xauth, but unfortunately haven't bookmarked anything. Sorry, I can't help you, perhaps there were modifications in RELENG_5 but I don't believe that, just to note that I'm running 5.4-PRE now. I had a quick look at several config files and also couldn't find anything special, just that I added (uncommented) ForwardAgent yes in /etc/ssh/ssh_config. If that's the solution, please drop me a note. Just a quick follow-up -- turns out ssh appears to have been the issue. It wasn't ForwardAgent, but ForwardX11Trusted that appears to have fixed the issue for 5.3 release. -Harry pgpXERPyNhmLc.pgp Description: PGP signature
Re: ntpq:write to localhost.domain failed: no route to host
Am Freitag, 18. März 2005 23:42 schrieb Feroz F. Basir: Hi, I compiled ipfilter option in my kernel. As usual reboot my machine. When I run ntpq -p I got an error ntpq:write to localhost.domain failed: no route to host. Before I compiled in ipfilter, it worked. My /etc/ipf.rules contains pass in all and pass out all If these are dummy rules to let you experiment you may want to change them to pass in quick all and pass out qick all. Otherwise any other rule after these will be examined and maybe you have some blocks anywhere. -Harry Anybody has any ideas let me know, please? Thank you in advance. regards, feroz Send instant messages to your online friends http://uk.messenger.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] pgpgM3AjhJVQe.pgp Description: PGP signature
Re: no patch whats going on
Am Freitag, 18. März 2005 01:35 schrieb Colin Percival: On Fri, Mar 18, 2005 at 08:52:30AM +1000, Timothy Smith wrote: http://www.securityfocus.com/bid/12825/info/ For the benefit of people on -questions who didn't read my reply on -security: This bug doesn't exist in FreeBSD, thus the lack of response from us. Thanks for that note! -Harry pgpKi5NuhrUb5.pgp Description: PGP signature
