Re: [freebsd-questions] Revision control advice
On 22/12/2011 22:53, William Brown wrote: Again, git wins here. It has good support on windows, as well as with graphical tools on windows. Is there a git equivalent of TortoiseSVN then? That's the best VC integration I've seen on any platform... One small but cosmetic thing with git vs svn: you won't get meaningful automatic revision numbers with git, unless you enjoy memorizing long strings of hex. Howie (warming up to git, but uses svn at the moment) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] Breakin attempt
On 22/10/2011 15:37, Bruce Cran wrote: If you run some sort of shell server, or where many people need to login using ssh, you'll have a bit of a support problem telling people to select the non-default port. Also, some might consider it security through obscurity, which is often said to be a bad thing. Security through obscurity is only really a bad thing if it's your ONLY security. It doesn't hurt to make things harder for someone in addition to your other measures (strong passwords, large keys, limited network ranges etc) Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] FreeBSD supported versions (UNCLASSIFIED)
On 11/08/2011 12:37, Daniel Staal wrote: (Well, ok, given the current release structure having an update today means you are in a supported branch, and that supported branch will continue to get updates for the foreseeable future. But that still does not tell me when the branch is likely to get unsupported, and in theory a patch release could be made on the last day of support for a branch.) A simple solution would be for there to ALWAYS be a patch release on the last day of support for a branch, that creates /etc/NOT-SUPPORTED or similar. Then it's just a matter of adding an /etc/cron.daily job to report on that, as long as you are following updates (and if you aren't you don't care about this issue). I can't think of any other OS that does this, either - they generally just report that there are no available updates. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] Maintenance script/port
On 21/07/2011 09:25, Jos Chrispijn wrote: Can someone recommend me a text driven maintenance (re)port that informs me about the health of my FreeBSD system? I currently use the standard BSD report information, but like to get more information out of my partitions, OS etc. This program should be ran by schedule and send me the outcome by email. You can add to the tasks that the xyz system Daily Run report uses to produce it's report. Check out periodic(1) and /etc/periodic.conf - the scripts that it uses live in /etc/periodic and /usr/local/etc/periodic Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] Lennart Poettering: BSD Isn't Relevant Anymore
On 18/07/2011 11:14, Gour-Gadadhara Dasa wrote: I'm the one...using Linux since '99 (SuSE, Gentoo,Arch) and moved to PCBSD-9.0 some months ago. I'm *very* happy and cannot believe how little time I spend doing admin work 'cause the OS 'just works'. Otoh, Linux was saga with *constant* tweaking, updating, fixing... Interesting - I'm in the process of switching our FreeBSD servers to Linux (Debian and CentOS), to get away from the packaging/ports mess :-) I've been spoilt by apt-get and yum and first-class support in Puppet. I've been a FreeBSD user since 2.x, but keeping a significant number of systems up to date is just tedious without a decent binary package manager/updater. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] Lennart Poettering: BSD Isn't Relevant Anymore
On 18/07/2011 19:18, Adam Vande More wrote: On Mon, Jul 18, 2011 at 5:24 AM, Howard Jones ho...@thingy.com mailto:ho...@thingy.com wrote: On 18/07/2011 11:14, Gour-Gadadhara Dasa wrote: Interesting - I'm in the process of switching our FreeBSD servers to Linux (Debian and CentOS), to get away from the packaging/ports mess :-) I've been spoilt by apt-get and yum and first-class support in Puppet. I've been a FreeBSD user since 2.x, but keeping a significant number of systems up to date is just tedious without a decent binary package manager/updater. What I find interesting is how strongly you speak of FreeBSD's power. You have to replace it with two Linux distributions, greatly expanding your management overhead. Hehe. Not really - for work it's CentOS. I decided to try Debian for myself on my personal server. Even if it weren't though, I'd still be glad to skip portupgrade and friends. I will miss ipfw and netgraph on the other hand. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ZFS on 8.1 - various problems after a disk failure.
I have a FreeBSD 8.2 server at home with 4 2TB drives in it running ZFS with a raidz pool. Some time ago, I had a disk fail. Initially it wasn't totally obvious the disk had failed so I ran a 'zpool scrub' on the pool, which threw up a lot of errors, and also produced a lot of sense errors, making it obvious I had a dead disk. I replaced the disk, then ran zpool replace zjumbo ad4 ad4 to replace the bad disk in-place, and start a resilver. Now I have a few problems: 1) The old ad4 is still listed, even after several scrub/resilvers. Shouldn't it go away? 2) Although I lost a whole directory with ~1TB of music, the space allocated to that directory is still around according df. 3) I have another bunch of files that appear in directory listings, but if I get Illegal byte sequence errors when trying to read them (with anything - du, file, wc). I have backups of most of the stuff on the pool (although it'd be nice to recover the more recent data), but how do I get out of this situation without nuking the site from orbit? (my current plan) Firstly, to get a reliable representation of what's actually on the filesystem, and for bonus points, getting back some of the data that should be intact (only one disk in the set was actually bad, right?). Here's my current zpool status. Thanks in advance for any pointers! Howie # zpool status pool: zjumbo state: DEGRADED status: One or more devices has experienced an error resulting in data corruption. Applications may be affected. action: Restore the file in question if possible. Otherwise restore the entire pool from backup. see: http://www.sun.com/msg/ZFS-8000-8A scrub: resilver completed after 10h57m with 15190 errors on Thu May 19 09:26:59 2011 config: NAME STATE READ WRITE CKSUM zjumbo DEGRADED 0 0 199K raidz1 DEGRADED 0 0 792K replacing DEGRADED 0 0 0 ad4/old UNAVAIL 0 16.1M 0 cannot open ad4 ONLINE 0 0 0 1.15T resilvered ad6ONLINE 0 0 0 677M resilvered ad8ONLINE 0 0 0 660M resilvered ad10 ONLINE 0 0 0 535M resilvered errors: 15190 data errors, use '-v' for a list ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD Software RAID
Wojciech Puchar wrote: you are right. you can't be happy of warm house without getting really cold some time :) that's why it's excellent that ZFS (and few other things) is included in FreeBSD but it's COMPLETELY optional. Well, I switched from the heater that doesn't work and is poorly documented (gvinum) to the one that does and is (zfs, albeit mostly documented by Sun), and so far I am warm :-) Once I'd increased kmem, at least. I did get a panic before that, but now I am shuffling data happily and slightly faster than gvinum did, and memory has levelled off at about 160MB for zfs. I'll be keeping my previous hardware RAID in one piece for a little while though, I think, just in case! (old Adaptec card with a 2TB limit on containers). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
FreeBSD Software RAID
Hi, Can anyone with experience of software RAID point me in the right direction please? I've used gmirror before with no trouble, but nothing fancier. I have a set of brand new 1TB drives, a Sil3124 SATA card and a FreeBSD 7.1-p4 system. I created a RAID 5 set with gvinum: drive d0 device /dev/ad4s1a drive d1 device /dev/ad6s1a drive d2 device /dev/ad8s1a drive d3 device /dev/ad10s1a volume jumbo plex org raid5 256k sd drive d0 sd drive d1 sd drive d2 sd drive d3 and it shows as up and happy. If I reboot, all the subdisks show as stale, and so the plex is down. It seems to be doing a rebuild, although it wasn't before, and would newfs, mount and accept data onto the new plex before the reboot. Is there any way to avoid having to wait while gvinum apparently calculates the parity on all those zeroes? Am I missing some step to 'liven up' the plex before the first reboot? (loader.conf has the correct line to load gvinum at boot) I tried again, with 'gvinum start jumbo' before rebooting, and that made no difference. Also is the configuration file format actually documented anywhere? I got that example from someone's blog, but the gvinum manpage doesn't mention the format at all! It *does* have a few pages dedicated to things that don't work, which was handy... :-) The handbook is still talking about ccd and vinum, and mostly covers the complications of booting of such a device. On the subject of documentation, I'm also assuming that this: S jumbo.p0.s2 State: I 1% D: d2 Size: 931 GB means it's 1% through initialising, because the states or the output of 'list' aren't described in the manual either. I'm was half-considering switching to ZFS, but the most positive thing I could find written about that (as implemented on FreeBSD) is that it doesn't crash that much, so perhaps not. That was from a while ago though. Does anyone use software RAID5 (or RAIDZ) for data they care about? Cheers, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPFW/Dummynet/Bridging with VLAN trunks?
I'm trying to use Dummynet+IPFW and bridging to make a packet shaper that runs across multiple VLANs. So my intended set up is: [users]-[Aggregate Switch]=[FreeBSD]=[Upstream Switch (with IP interfaces for each vlan)]-The World where - is a single VLAN, and = is a tagged dot1q trunk. The aim is to drop the FreeBSD box in the middle, in one trunked uplink, and cover all the VLANs downstream of that. Should this work? In practice, the bridging seems to work OK, but as soon as I add rules to match traffic passing through and apply it to pipes, everything stops. I can use tcpdump's vlan option to filter traffic on em0, em1 or bridge0 and it does show only traffic for that vlan, so tags are being preserved... Ideally, I'd like to use the dot1q tag in ipfw rules directly, and avoid ip ranges, but I don't think that's possible. Is there some special incantation to make ipfw vlan-aware? Has anyone else done this successfully? Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [freebsd-questions] Dangers of using a non-base shell
Benjamin M. A'Lee wrote: You could possibly also put bash -l exit in your .shrc, which would exit if bash exited successfully. I haven't tested it, but it should work. or 'exec bash -l' which will replace the existing shell with bash in memory, rather than run it from it as a subprocess. I was going to verify that that's the technical explanation, but 'man exec' gets you the utterly useless builtin(1) manpage. The effect is that you only have to type exit once, anyway. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] easiest way to install CPAN on FreeBSD
Gerard wrote: On October 24, 2007 at 02:11PM Sean Murphy wrote: 2) Use CPANPLUS to install the module. Unless the user has the time, knowledge and motivation to do the first, the second approach is usually superior. What does CPANPLUS do that CPAN doesn't that makes this a better solution? Does it somehow integrate with the ports better? (rather than getting conflicts between p5-* and bsdpan-*) I use quite a lot of CPAN modules, so a way to be able to get 'obscure' modules, and still use portupgrade effectively would be good :-) Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Good FreeBSD Supported Gigabit Ethernet Card?
Oliver Hansen wrote: I'm looking to eventually upgrade my home network to all gigabit so I'm going to start by purchasing a few NICs for some old servers I just received. I know there are quite a few supported by FreeBSD6 which I found ( http://www.freebsd.org/releases/6.0R/hardware-i386.html#ETHERNET ) but I'm wondering if there is any real benefit in buying a $40 or $50 NIC like the Netgear GA311 or just get a $20 NIC like the D-Link DFE-530TX+. The use will probably be a firewall, proxy, file server, and DVR. http://www.EagleBit.com/Netgear_GA311_Gigabit_PCI_Card_p/eb-400-00357.htm I have had good results with Intel Pro/1000 (em driver) NICs. The desktop one isn't as expensive as you might think, and the driver is one of the better FreeBSD NIC drivers. You might need to wind down your expectations a bit, especially on older servers with vanilla PCI slots - my 'old' Celeron D fileserver doesn't do much more than 25-30MB/sec. Still, doubling/tripling the speed of your network isn't such a bad thing :-) With Intel server NICS on PCI-X, where I work we had up to around 60MB/sec throughput for a freebsd-based firewall on modest hardware (Dell 1425SC), and basic GigE switches - so the OS is good for a lot more. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] FreeBSD + PHP + Barcode scanners for Web Application?
perikillo wrote: Hi people. Look we have some applications at work, that use scanners Manufacture by Symbol. Those applications were created in Access, but i want to create those app for a Web browser, my doubt is: Does someone here has a app running from the browser that use bar code scanners? Which languages did u use, python, php, other? A lot of barcode scanners work by generating keycodes (either connected via an adaptor to the PS/2 connector, or USB) so they should work in anything really... the one we have at work certainly will just write into Notepad or whatever has keyboard focus when you hit the scanner's Go button. Did u have problems with fonts? Huh? For reading barcodes? For printing them (or displaying in a webpage), there are a bunch of libraries around that generate images, a quick Google showed up: for PHP: http://www.phpclasses.org/browse/package/2176.html for command-line (anything): http://ar.linux.it/software/barcode/barcode.html Have fun! Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] cacti lost it's images
[EMAIL PROTECTED] wrote: After my last cacti upgrade, I seen it totaly lost it's images and sounds like it also lost it's css... The strange... I mean _STRANGE_ thing is when analysing the HTML source... the images are not even called!!! No img anywhere Is it possible that the port now contains the plugin architecture, and you need to add/alter the url_path line in the config file? $config[url_path] = '/cacti/'; I think when that is wrong, it will produce the symptoms you see. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Mount an iso image?
Dan Nelson wrote: If that's all you need, there's an even easier way: tar tvf mycd.iso, since libarchive understands the iso9660 filesystem format :) That's a useful trick! Is there an equivalent for ufs filesystems? I'd like to be able to extract files from a floppy image without needing root privs... I'm writing a script to prepare a PXE-install environment from a set of release ISOs. Best Regards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Code beautification and/or printing utilities that are not part of an editor
Andrew Falanga wrote: Another question for everyone. Are there any programs, hopefully available in the ports, that one can use to print source code files to a printer (or create as a postscript file)? I'd like something that I can feed a C++ program, have it parse through the code, print line numbers to the left of the page and (optionally) color code the syntax. Does anything like this exist? If it's something as simple as a string of chained command line aps, hey, that's fine. Please someone point me in the correct direction. vgrind(1) does this, and you already have it installed (it's in /usr/bin). Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] slightly OT - my freebsd email topology
Jonathan Horne wrote: currently, my email server is just a single box, accepting and sending emails from and to the internet. spamassassin and sendmail, and so far, it works satisfactory. i would like to change it up, so that i have a pair of servers doing MX from the internet, which then passes to an internal server for delivery. if i do that, i could remove spamassassin from the internal server, and run it on just the 2 external. all those configurations is really not my issue here... what im really pondering is how would external servers that are seperate from where the target mailboxes are, know which addressess are acceptable and which to return a 550? I did this for our backup MX using qpsmtpd and a plugin I wrote to check against an automatically updated file. qpsmtpd can deliver onwards to any SMTP server after running whatever filtering/fussiness you specify. I believe there is a milter plugin that can do onward queries before accepting mail, too, although I don't use sendmail, so I couldn't tell you the name of it... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] root login with telnetd
Wojciech Puchar wrote: can it be set to make possible to login root to machine through telnet and without telneting to some user and then su - ? with sshd and rshd it can be set, with telnetd - no success. once again - can someone answer my question instead of giving very intelligent comments? ___ If I remember correctly, you edit /etc/ttys and set some of your ttyp* (i.e. network ptys) to be 'SECURE'. It really isn't a good idea though. The reason I don't remember is that I haven't done it in about 10 years. If it's a remote program that needs root access, you can probably do something with ssh - you can allow ssh RootLogin, but not with passwords only public key auth, and you can *also* limit the key to be allowed to only connect from certain addresses and only run specific commands (e.g. some backup software works this way). You can have multiple keys with different restrictions even - Host A can run rsync only, and host B can run rdiff-backup only. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] [freebsd-questions] root login with telnetd
Wojciech Puchar wrote: so generalizing that telnet and rsh is bad is as stupid as telling that oxygen is bad as it makes fires. Well, that's true, but if you have the choice, there are better choices. You *can* hammer in nails with the butt of a gun, but there's a chance you'll somehow shoot yourself in the arm. A hammer doesn't have that risk. There have been *many* problems over the years with rsh and telnet. rsh's security model comes from a time when people thought computers would never lie to each other. SSH does allow you to give only enough access, with the side-benefits (in your case) of compression and encryption. Even if you used ssh without those, the key-based authentication is still safer, and the code more modern and securely designed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Future of FreeBSD 7.0 and up
Dwight Smith wrote: Good morning, My name is Dwight Smith, and I only had a question or two in terms of the future useability of FreeBSD. I have used it on and off and found it to be a great UNIX operating system for servers, but my only major concern was the amount of time it takes to prepare a server such as an Apache Server with PHP and MySQL support as opposed to a Linux system which is what I am currently using now as well as my company. I guess my question is that will the ease of building or installing software for FreeBSD ever streamline to where you do not have to do as many steps and text config file entries? I built a new server just like you describe yesterday morning, from scratch, to replace a dying Cacti server. The whole process took about an hour, I guess. All the text files I had to alter were /etc/rc.conf.local and the apache httpd.conf and MySQL my.cnf. Since the last two are the same on any Unix system, I guess I'm confused about which files you need to edit that you don't need to on a typical Linux system... My complete install was: FreeBSD 6.2 scripted with install.cfg to a standard spec, freebsd-update, portsnap, install portupgrade, then portinstall apache , php5 and mysql-server... substitute Kickstart for install.cfg and yum/apt for portinstall and it's the same on CentOS. I used to feel the same way about FreeBSD, but if you stick to the straight and narrow and use ports where possible, you can streamline the initial install and upgrade process quite a bit. If you don't need any special kernel support, then freebsd-update covers the basic system updates, too. If you install a lot of servers, then look into install.cfg and the sysinstall manpage too - we go from blank server to running system with our standard customisations and packages in about 8 minutes with one keypress, using standard tools. Have fun, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] syslog from Cisco - FreeBSD not working
Ewald Jenisch wrote: To further track this down I changed the above line in syslog.conf to read +myrouter local7.*/var/log/cisco-syslog +* What I did to get this working was (in syslog.conf): +printserver !* *.* /usr/log/printserver.log AND in /etc/hosts: 10.1.1.8printserver so that the 'printserver' name is resolved. No doubt a reverse DNS entry would have done the job too. My syslogd command line is like yours. Hope that might help... Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] FreeBSD Torrent Server
Ted Mittelstaedt wrote: The FreeBSD server operators don't pay a dime for bandwidth and if the bandwidth supplier for freebsd.org made the slightest complaint about the bandwidth they are donating, there's a passel of ISP's and networks that would fight each other for the chance of the feather in the cap that hosting freebsd.org is. Geez. It's good to see that people who donate their resources to a project are appreciated. For things the size of ISOs, I generally try and get the torrent because it allows me to 'donate' some of my bandwidth to distributing the project too. Since not everyone can donate code or expertise, this seems like a good way to help, as it does spread the load around more, and (in our well-connected office at least) I get to be a temporary mirror for something that is often in demand just after release. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] freebsd 6.2 jumpstart install
Paul Kostick III wrote: I am trying to jumpstart install an IBM x336 server with a intel Pro100 nic with freebsd 6.2. I have successfully done this install with freebsd 5.3 and 6.0 on the same machine. The sysinstall boot menu comes up from PXE. But when I put in the NFS path to the files, it won't mount. My mount point is 192.168.1.50:/tftpboot/freebsd6.2/ I can mount this nfs mount point from another client, but not from the jumpstart/sysinstall menu. Any suggestions? Another oddity is that I noticed is when setting up the NIC, it does not get an ip address. It seems to have a network issue, the network works on startup with the network/pxe boot. It gets its ip, boots to the sysinstall menu. Has anyone else jumpstarted 6.2 succesfully? I have successfully jumpstarted 6.0,6.1 and 6.2 with Intel NICs on Dell servers. So it does work. I solved almost all my problems just by turning up logging on DHCP and TFTPd. I also rebuilt pxeboot with the TFTP option[1] rather than NFS, simply because I don't know of a way to get NFS to log, whereas TFTP does, so you can see what files are failing when it all goes wrong. :-) Howie [1] look in the pxeboot Makefile, and there is a make.conf option to do TFTP instead of the usual NFS. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Sorta OT - Backup solutions Mac to FreeBSD
Gable Barber wrote: Hello all, I have been poking around the 'Net a bit looking for an easy to use backup solution for our Mac's (1 mini, 1 powerbook, more in the future). Basically there is a server, offsite (FBSD 6.2) with 2 RAID 5 arrays. I would like to be able to set the 2 (for now) clients to automatically, incrementally backup certain directories, nightly. Something encrypted would be nice aswell. You might like to try duplicity or rdiff-backup. Both are python-based incremental backup solutions, that can work over encrypted connections. duplicity can also encrypt the backed-up data for untrusted central sites, while rdiff-backup has the advantage that the backup is a normal mirror of the backed-up machine (plus reverse increments), so you can pick though it. duplicity is initiated from the client over FTP/SCP/DAV/S3, while rdiff-backup is initiated by the server normally using SSH. I've been using rdiff-backup on a few dozen FreeBSD servers for a year or so now. I've not tried them on my macs yet but I don't see a reason why it *wouldn't* work - python tends to be pretty portable. I'll try it on the macs this weekend, in fact. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: is THIS why the 6.2 release seems stalled ?
Nikolas Britton wrote Well that's just it... No way we could afford full rates, If we could we would hire someone off the street to program x, y, and z to are liking. I was talking about supporting someone who is already working on x, y, and z because they have an itch to scratch... To help them scratch that itch faster... What kind of funding would this type of person need? § But presumably the reason they aren't working fast enough for your liking is that they *are* doing it in their spare time. So anything beyond that is giving up the day job, which means paying as much as the day job did for that time... a man-hour is a man-hour, really. If you want to pay someone for *literally* what they are already doing, then I'm sure they would be happier, but it wouldn't make anything happen quicker, because it's still the same amount of time spent. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Simple DoS
Nejc Škoberne wrote: Any ideas how to prevent such situations in the future? (I would like to do it on the server side, not on the user side.) Get a switch that runs Spanning Tree Protocol. I don't think there's much you can do on the server about a problem in the switch. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Why is sysinstall considered end-of-life?
Andrea Venturoli wrote: Apart from that, I used to be able to sysinsall a machine booting via PXE. This doesn't work anymore in recent versions :-( Or maybe it is just my incompetence, but then, if someone managed this, I'd like to hear about it. This definitely works with 6.1-RELEASE, as I've just had the nice experience of taking delivery of a dozen Dell servers and had them all up and running with my own customisations and package selection in one afternoon with one keypress. They are installed as quick as I can press F12. 2. it's way past what's currently considered user friendly Please don't get any graphics bloatware in the way. :-) Amen. Really, if you are put off by the installer, then once that has completed., the rest of the management tools (i.e. vi) are not going give you the warm fuzzies either. If you need the graphical management, and nice installer, isn't that what PCBSD is for? Having a graphical installer would be like having a super luxury limo with bar and pool, but which stops in the desert and leaves you by a phone box. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Why is sysinstall considered end-of-life?
Jay Chandler wrote: I've been trying to script an install for FreeBSD since I just had a bunch of servers dropped on me-- may I ask how you did yours? Roughly speaking, I started with this document: http://www.tnpi.biz/computing/freebsd/pxe-netboot.shtml and this document: http://people.freebsd.org/~alfred/pxe/en_US.ISO8859-1/articles/pxe/article.html and the example install.cfg in /usr/src/(wherever it is)/sysinstall and used pkgmaker.sh to make my own post-install package. The package is essentially my own copies of rc.conf.local, plus any extra config files, and a 'post' shell-script that uses sed friends to make modify the other mods I want (mainly things like enabling serial console, remote syslog, disabling ssh password logins). The install.cfg pulls any standard packages you want from the central server. You might need to make package or download additional packages for some stuff, and update the INDEX appropriately. I also had to mess around a little to make myself a qmail package, since that's actually not allowed to be distributed. Mostly though, it's just a copy of the -RELEASE CD with the INDEX run through some basic awk. What I have now is a DHCP/TFTP/NFS server with a list of MAC addresses and IPs that it's allowed to install to (so it doesn't accidently re-install a machine that gets it's BIOS boot order screwed up). When we get new systems, boot them once to get the MAC address, then a second time to start the PXE install. They're ready to go in about 6 minutes, and mail me to tell me they've completed their first boot. It wouldn't be much harder to add machine-specific scripts, although I don't bother. It helps to standardise hardware, so that it's always em0 and da0s1 that you want to configure/format. The most annoying parts were finding good PXE support on the original servers I tried this with (HP LPrs), and getting my install.cfg *just right*. The first one was solved by EOLing our LPrs, and the latter by swearing and reading the source code for parts of sysinstall. My main wish for improving it is to be able to make my own sub-releases with current patches and current packages and still be able to use freebsd-update somehow, which I think is not possible. I could write it up, but it's very close to the two docs I mentioned up there. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Management techiniques for multiple FreeBSD servers?
Hi, I'm looking around for any articles/docs regarding techniques for managing groups of FreeBSD servers - things like running a local package mirror or build server, standardised installs, update management - all the usual boring stuff. I know that people like Yahoo use thousands of *BSD systems, but does anyone have any pointers on tools to make day-to-day management of them scale? Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Software inventory management
From: stan Subject: Software inventory management : : Sudenly there is an improved desire to keep up to date on the latest : security fixes at work. I've got about 50 machines that I manage. OpenBSD, : FreeBSD, Linux, Solairs, and HP-UX. : : I am looking for recomendations for a (hopefully automed), prefereably : web based tool to keep up with what versions of OS, OS patches, and ports : are installed on these machines. : : Could anyone with experience using such a tool share their experience, : both good and bad for such [ackages? : You might also want to look at RANCID, which is mainly aimed at routers, but since it works by comparing a text file with the previous day's text file, you shouldn't have too much trouble getting it to do servers too, assuming you can get something to do the actual reporting (could be as simple as a concatenation of pkg_info, dmidecode, pciconf -l, uname -a and a few others). http://www.shrubbery.net/rancid/ Best Regards, Howie (maybe will try this myself now...) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: question on batch email sending
David Banning wrote: I have a standard mailbox with around 40 messages. I want to be able to just send them all to someone, the same person, not as an attachment but as individual emails. I want to do something like; cat /var/mail/frank | someprogram [EMAIL PROTECTED] So that Frank can just get it into his regular inbox. I realize that I could just ask Frank to pop it off the server but then he would have to setup for just one occasion. Is there a way to do what I want? Take a look at formail, which comes as part of procmail. It lets you iterate through messages in an mbox-formatted mailbox in various ways. In fact, here's a thread about it: http://www.mhonarc.org/archive/html/procmail/2002-06/msg00019.html Have fun! Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Cacti -vs- mrtg
Jeff Mohler wrote: I can use MRTG, and have MRTG do what I want it to do. Id like to try cacti, but..am I alone in finding that it's a PITA? Im not trying to be negative, just looking for a reality check. I like the simplicity of mrtg, but I like the go back in time of cacti to view performance data. If its just a matter of a package that's not ready for Joe Public (thats me)..Id accept that. :) I think it's more that there's more than one kind of Joe Public. If you want to present your graphs to your customers/users, or a subset to different users, or apply the same set of graphs to a number of different hosts, or make custom rrdtool graphs (stacks, additional graph elements), then Cacti will let you do that. If you just want a quick dirty tool that's easy to configure for your handful of hosts, then MRTG is just the job. We use both where I work, with Cacti for the bulk-graphing and customer facing stuff, and some MRTG where I just knocked up a quick perl script to measure something. Cacti has quite a nice plugin system, and importable templates from other users that you might be able to use to save yourself some time. I find getting my own templates working in Cacti to be a PITA too, though. shamelessplugIt also has some useful plugins, including a couple of my own. The main one of those being PHP Network Weathermap (http://wotsit.thingy.com/haj/cacti/) which will work with both MRTG and Cacti, to produce graphical overviews of your network./shamelessplug Bear in mind there are also other tools out there in the MRTG/Cacti space: DVG, NRG, Hermes, Cricket... rrdtool.org has a list of many. Most are geared towards folks running 100s-1000s of graphs, that I have seen, and may not be your kind of thing, as a result. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: time to come clean... .
On 4 Sep 2006, at 05:35, Gary Kline wrote: How can I automate the backup via rsync to other servers? If what you want is a backup to the disk on a remote system (rather than a tape drive or whatever), then have a look at rdiff-backup: http://www.howtoforge.com/linux_rdiff_backup It uses the rsync protocol for sending only changed blocks, but saves the sent data to one side as well to make a 'transaction log'. You end up with a full copy of the current data (as you would with rsync) and a command to construct any previous version by applying the changes in reverse as necessary. I run this on a couple of dozen machines, mostly freebsd, with no problems. For things like web servers and DNS, the increments are pretty much that day's logs, so it is quite effective at saving space/bandwidth. The actual software is in ports (sysutils/rdiff-backup, I think). It also has the benefit that no special actions are needed to restore a single file - you just grab what you want. Even if you don't fancy the software, the article also has the info you need to get a reasonably safe root SSH (limited by IP, and the command that can be run, AND the public key) going with public key authentication, which will help for rsync as well. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: taking many 198k mp3 files and converting them to 16k mp3
[EMAIL PROTECTED] wrote: If your DVD player can't play mp3s, then it can't play DVDs. ;) Remember, mp3s are the audio layer of mpegs. And DVD videos consist of mpegs. For a DVD-Video disc, the audio formats are PCM (plain old wav, effectively), AC-3 (dolby digital) and MPEG-1 Audio Layer II (only). A lot of DVD players will also play MP3s, either on data CDs or data DVDs (or both), but it isn't a requirement as far as I can tell. The choices seem pretty arbitrary too. My Pioneer player will play a DVD-R full of MP3s, but the replacement model will only play MP3 CD-Rs (and you have to read the fine print in the manual to figure it out, too). It seems that a lot of DivX-playing DVD players only play CDs of DivX, not DVDs too (Toshiba, Pioneer again). That's why I was fiddling around with MP2 and minimal video - it's an actual standard DVD then. Although in fact I made an NTSC disc with MP2, which is apparently a no-no. My source was for the audio info was: http://stream.uen.org/medsol/dvd/pages/dvd_format_audio4DVDvideo.html Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: taking many 198k mp3 files and converting them to 16k mp3
Gary Kline wrote: Well, if/when you *do* try, please clue me in. --I'm too new to DVD's and tooo che--er, thrifty to buy a ten pack of blanks. I'm not sure that I have three hours of favorites; probably, but no more. Most of my favorite tunes are on tape--pre-recorded and hi-fidelity, but the problem is turnning analogue to digital. Thrift isn't really an issue nowadays - you can get 50 DVD-Rs for about $10-15 online. Cheap enough to use a few to experiement, in my opinion. I did some experimenting last night, and got what seems to be a working solution. I don't have a DVD burner where I am, so I haven't *actually* burned one, but 2 software players (Apple's and Media Player Classic) are both happy with the VIDEO_TS files. From my brief research, the minimum bitrate for DVD audio is 32Khz, and there isn't a minimum for the video, only a maximum. There is also a video-CD-like frame size of 352x480 for NTSC so you can reduced the video size further. For my test audio file (2:12 song), I got: 2.2MB Original MP3 file - 192Kbit/sec 44.1Khz sample-rate joint stereo 3.3MB MP2 file - no changes apart from 44.1-48 resampling 0.5MB MP2 file - resampled to 48Khz, forced to mono and 32Kbit/sec output stream the 0.5MB file doesn't actually sound *that* bad for music - it's AM radio quality. It would be fine for speech. A 64Kbps video file to go with it is about 2.6MB, so the final 'DVD file' is either 6.7M ('music' quality) or 4M ('voice' quality). DVD authoring adds around 800K, but I don't believe this is per-chapter. Assuming that it isn't, that's around 2400 minutes on a DVD-R (voice) or 1500 minutes (music), and it should be playable on any DVD player, since it should be a full-spec DVD still. Here's my notes on producing a disc. This is for an NTSC disc. For PAL, you need to change 480 to 576 wherever it appears, add 'pal' instead of 'ntsc' to the dvdauthor line, and -f 25 instead of -f 30 in the transcode line. I'm no video expert, so I'm sure there are better ways to do this, but this one worked for me! Howie ## # Take the MP3 file, play it into toolame as 48Khz PCM data # toolame reencodes as MP2 (for DVD) at 32khz (the minimum?) in mono madplay -R48000 -b16 -o wave:- mytestfile.mp3 | toolame -s 48 -b 32 -a -m m - mytestfile.mp2 # (take out the -b 32 and -a -m m if you want music quality) # next, we'll produce a VERY low bitrate MPEG2 movie of the same length as # the audio since we have to do *some* encoding here, we might as well make # the static image be the title of the audio track. # this is ALL ONE pipeline ppmmake blue 352 480 | \ ppmlabel -x 50 -y 100 -text This is the track name | \ ppmtoy4m -S 420mpeg2 -r -v2 | \ transcode -x yuv4mpeg,mp3 -y mpeg2enc,null -o mytestfile -p mytestfile.mp3 \ -Z 352x480 -F 8,-b 64 -i /dev/stdin -g 352x480 --import_asr 2 -f 30 -m /dev/null # So that's: make a blank blue image of the correct size for NTSC video at the smallest size # add a caption over it # take that PPM file use it to stream frames into the video transcoder. # (We only have one frame, so just repeat it) # transcode takes that frame and encodes it as DVD-compatible 64kbps MPEG-2 # (normally for a DVD movie it would be more like 5000kpbs) # we import an audio stream even though we aren't using it, so as to get the # right length. Otherwise we get a never-ending video stream :-) # So now, there's a .m2v video stream, and a .mp2 audio stream, and we need to # multiplex them. mplex -f 8 -o mytestfile.mpg mytestfile.m2v mytestfile.mp2 # *** repeat the above for each of your audio files. *** # finally, we can make a simple DVD dvdauthor -v ntsc+4:3+352x480 -a mp2+en+1ch+16bps -t -o testdvd mytestfile.mpg dvdauthor -T -o testdvd # if you used 'music' quality encoding in toolame, then use 2ch instead of 1ch here # You should find a DVD structure (VIDEO_TS, AUDIO_TS) waiting in the 'testdvd' directory. # you can specify multiple .mpg files on the command line, and each one will #become a chapter on the DVD # FINALLY, to get a burnable ISO image: mkisofs -dvd-video -o testdvd.iso testdvd # and burn it to /dev/acd0: growisofs -dvd-compat -Z /dev/acd0=testdvd.iso # Ports used: # sysutils/dvd+rw-tools (growisofs) # sysutils/cdrtools (mkisofs - installed as a dependency of dvd+rw-tools) # mjpegtools (mplex, y4m stuff) # netpbm(ppmfile, ppmlabel) # toolame (MPEG Layer II encoding) # madplay (MP3 decoding) # dvdauthor (final authoring) # transcode (install this last, so it gets the mpeg2encode from mjpegtools) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: taking many 198k mp3 files and converting them to 16k mp3
hackmiester (Hunter Fuller) wrote: On 27 August 2006, at 02:49, Gary Kline wrote: --Might be nice to gather (parts of) my favorite CD's onto one Very long-playing disk. That would require you to burn an audio DVD, which you couldn't read in a normal CD drive... and I really don't know how exactly you would do it either... Not necessarily. Both of my current DVD players can play a DVD full of MP3 files. One is a Pioneer, and the other is a more 'random' brand DVD/DiVX player. The Pioneer does a better job, but both will play data discs of MP3, WMA, JPEG and MPEG1 amongst other things. Another possibility would be to convert to MP2 audio and make a minimal video stream to go alongside the audio - say, a black screen, and make a DVD Video disk using something like transcode. I don't know what the bare minimum video bitrate is for DVD, but I know you can get a good few hours that way, in a format that would play on any DVD player. I've been meaning to try this for ages. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: The uniqueness is a combination of IP+hostname ... again, as one pointed out with PCBSD, this isn't always necessarily the case, but, IMHO, that is a flaw of PCBSD having all hosts on the same network using the same hostname ... That's the nice thing with the 'ifconfig|sha256' scheme. Because it would include the MAC address of the interfaces in the hash, the only 'identical' machines would be ones with no ethernet interfaces at all. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BSDstats Project v2.0 ...
Marc G. Fournier wrote: Right, and the bad thing is if yu alias another IP on that device, the hash totally changes, so we see that one host now as being two different ones :) That's why we disqualified using ifconfig right at the beginning ... But didn't you say that you effectively wipe the database once a month, (or expire entries over that age)? I can't find the post that mentioned that now, naturally... :-) if you aren't using the 'key' as a database key, then what do you care that it changes as long as it uniquely identifies the system (which it definitely would)? I don't know how typical I am, but I don't really remember the last time I added an IP alias on a running server, for our few dozen production systems. I would imagine that those types of changes might well be lost of systems coming and going. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] awk quickie.
Gary Kline wrote: Guys, Can aanybody spot what I'm doing wrong in this tiny awk scripy:: Using awk is what you are doing wrong ;-) Assuming that this is all you are doing with the list, anyway... From the grep manpage: -l, --files-with-matches Suppress normal output; instead print the name of each input file from which output would normally have been printed. The scanning will stop on the first match. The awk answer is that the printf shouldn't be in the BEGIN section, I think. It's been a while for me and awk though. Something more like: #!/usr/bin/awk BEGIN { FS = : } { printf(%s\n, $1) } would do it. Also see cut(1) which can select fields based on delmiters. I don't know if the traditional perception of 'heaviness' associated with loading a 'real language' interpreter really hold true nowadays though. Have fun! Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] How big a flashrom for a minimal freebsd install?
Chris T. wrote: Im toying with the idea of setting up a mini-itx server so I can move the dns and firewall daemons off of the fileserver so I can turn it off. I'm thinking I want to get a flashrom ide adaptor so that I can swap setups on the thing by swapping cards. I don't see myself using 4GB flash cards for this. I'd rather get smaller cheaper cards. How big is a minimal freebsd install? It's not very minimal, but I have a quite usable install in a 256MB CF card. I have had 16MB DoMs that boot to X11 before now, but that's a lot more work to strip down (or rather build up from kernel+init, in that case). A chopped up make.conf and using buildworld into a different directory is all you need to get down to about 160MB, and you still have manpages and most signs of civilisation at that stage. It's nice to learn a bit more about the build process, too. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Monitoring Server Health
Jerlique Bahn wrote: Actually mrtg is used to graph the results of the program that I am looking for. So to clarify my initial request, what I am seeking recommendations for is the program that collects the information, such as server load, temperature, open tcp connections etc of the freebsd server itself. I already have the program to process the data, of which part of this solution is mrtg. net-snmp will do this for you over a network, if that's what you are after. There are additional MIBs to cover most/all of the things you list, and it's not too hard to extend with any custom monitoring you need (I've extended mine to monitor some qmail-specific variables, for instance). It's in ports as net-mgmt/net-snmp. There's quite a bit of overlap between some data-processing apps and the data-collection part though. For instance, Cacti is a MRTG-alike with a nice web UI, but it also has some of the data collection scripts you might need, similarly with Remstats, if it is still developed. Either way, it'd be an unusual data-collection/data-processing admin tool that didn't understand SNMP. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Change detection order for firewire vs SCSI?
I have an old dual-P3 server with an internal SCSI backplane. I also have an external firewire drive attached to it as cheap, 'disposable' storage. It all works swimmingly apart from one thing: When the system boots, it loads the kernel from the SCSI drive OK, then at some stage it changes it's idea of what da0 is from the first SCSI drive to the firewire one, and then fails to boot since there's no da0s1a on the firewire drive. Unplugging the firewire drive and rebooting works, but means it can't be done unattended, obviously. Is there any way to stop or change this behaviour? I couldn't see anything in the sbp(4) manpage... I'm running FreeBSD 6.1-RELEASE, in case it's relevant. Thanks for any pointers. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Scanning MP3 files for skips
Chuck Swiger wrote: Kyrre Nygard wrote: I'm curious whether there's a tool out there that will scan through audio files looking for patterns that resemble skips and other nonos in the world of music. I have MD5 checksums for all my MP3 files, but that doesn't guarantee that they were fine before the checksums were generated. Sort of...GraceNote and a few other companies (Shazam, seems to be from India?) sell a service where music files can be fingerprinted and identified. Good audio files ought to ID as what they are; bad music files with skips or garbage will fail to ID. Shazam (at least) works on a fragment the song. In the UK they provide a phone-based service, which only needs 20-30 seconds of clear music to identify a song. MusicBrainz is a similar type of thing that is available as a plugin for a number of media players, which I think works on a whole song, but I don't know that it's precise enough to detect the odd tick and burp. I'm also looking for a blip-detecting MP3 tool. I haven't had time to look at it yet, but I was going to try something like libmad on the assumption that somewhere internally it knows when it's only had half an frame of data, even if there is no CRC. That way, it'll work on any obscure music I have, without relying on some external giant database of correctness. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Deny large number of IPs via ipfw
Dan Mahoney, System Admin wrote: Hey all, I've got a file that I just synced from a major RBL, and I'd like to just use it to globally deny access to my system. Is there an easy way to do this within ipfw -- the file is about 3 *million* lines, and is from cbl.abuseat.org. I do similar things using IPFW2's tables: table 1 flush table 1 add firstip table 1 add 3millionthip deny tcp from table(1) to me 25 ipfw tables use the same lookup structure as the FreeBSD routing table, so it's got to be reasonably efficient. I've never used it with quite that many entries though! Chances are, you can aggregate your address list to reduce it somewhat though. Have fun, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] What is the maximum file size on a dvd+r ?
Fabian Keil wrote: While I didn't read the spec, I heard that explanation before and I think it's entirely correct to assume that the file size value is unsigned. This has nothing to do with embracing standards. Just for another datapoint, Nero Burning ROM (onWindows) also limits files on an ISO DVD to 2GB. You must use UFS for larger files. These guys have been making CD/DVD burning software for some time. I suspect they know what they are doing. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] what does this mean
Imran Imtiaz wrote: i've seen the following log in my messages can any body tell me what does it mean? May 21 02:50:29 darkstar sm-mta[55021]: k4KLoTeq055021: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA Do you run something like Nagios or BigBrother on your system? I see this in my logs when our network monitor connects to check port 25 is still responding. You would see it at regular intervals in that case. Of course, you or one of your users telnetting to port 25 manually would do the same thing. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Bandwidth Troubleshooting
Gunter Wambaugh wrote: The sad thing is that I read somewhere (probably on this list) that *forcing* 100 would _increase_ performance because there wouldn't be any auto negotiating. I added it to my rc.conf, but later I decided that it didn't help any so I ran ifconfig fxp0 media autoselect, but failed to change my rc.conf back! Now I have learned that not only did it not improve performance, it seriously crippled it. Thanks for helping me track that down. If you have two auto-negotiating devices and one is hard-set to a particular speed/duplex, then the other should always choose 100/Half. It doesn't try and auto-detect what the other one is speaking. It's supposed to be a *negotiation* and if one party doesn't talk, then the other one defaults. So if you can get your Linksys to force the port speed, then you can safely do it on your server, otherwise auto-negotiation should negotiate 100/Full anyway if both can do it. Here's a better explanation than mine: http://www.cites.uiuc.edu/network/autosense.html#how I lost count of how many times this has bitten me in various shapes and forms. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Questions about monitoring Dell servers
Jason Lixfeld wrote: Well, I managed to sort it out. The grey area was that the Dell BMC just needed an IP, username and password configured on it. I was under the mistaken impression that the OpenIPMI needed to be installed to speak the BMC, but ipmitools does that just fine. Between the BMC and megarc for the raid status, I have everything I need! Well, with the exception of SNMP traps -- still haven't figured out how to set the trap host and community, but if worst comes to worst, I can use used net-snmp and use the exec options in snmpd.conf. Where does this IP address present itself? On an SC1425 we have here, I can set an IP etc in the BMC BIOS, but it lists a MAC address there that isn't the same as either of the GigE interfaces on the mobo. Is it overlaid in some strange way, or do I need some sort of daughterboard? I'd like to get this going for all our Dells if I can. Cheers, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
print-cdrom-packages.sh??
Moving on with my automated installs, I want to build some additional packages into the FTP area of my install server, which was seeded from the 6.1-RELEASE ISOs. The FreeBSD Release Engineering for Third Party Software Packages document on the FreeBSD website says that the release-building process uses a script called print-cdrom-packages.sh to produce the list of packages to build. However, my source tree doesn't have this script, and a look in CVS suggests that it's no longer in use, and hasn't been since March 2005 (Revision 1.71, Mon Mar 21 19:19:24 2005 UTC - Retire print-cdrom-packages.sh as it has been replaced.). Is there any current documentation for how the package building process is done? Or am I looking at the wrong URL? http://www.freebsd.org/doc/en_US.ISO8859-1/articles/releng-packages/article.html Ultimately, I'll want to rebuild all the packages, so just getting the few extras I need right now doesn't really help. I intend to use 'make release' to keep a 6_RELENG install with fairly current packages available for new servers, so I don't need to do so much rebuilding immediately after a fresh install. Thanks in advance for any pointers, or even any don't do that, do this instead-type advice. Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] Newbie File system
Maan Jee wrote: Can someone explane that at which filesystem is my /home directory located? Filesystem 1K-blocksUsedAvail Capacity Mounted on /dev/ad0s1a50763055002 412018 12%/ devfs 1 1 0 100%/dev /dev/ad0s1e507630 12 467008 0%/tmp /dev/ad0s1f 34336100 1564298 30024914 5%/usr /dev/ad0s1d 150619024892 1360804 2%/var cd /home df -h . I believe the default is that /home is a symbolic link to /usr/home, so it's on /usr. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Changing from 6.0 to 6.1 -'.' to end pause mode
I've been experimenting with PXE-driven installations in preparation for the arrival of a pile of new servers, and I had a mostly-working setup for FreeBSD 6.0-RELEASE when 6.1 was announced this week. I've upgraded to 6.1 on my build system, and have it serving install data and an mfsroot with my own install.cfg in it. It all works fine except that after the target system reboots, and apparently every time it boots, I get this: pause; press any key to proceed to next line or '.' to end pause mode and have to press . to start the boot process proper. Has something changed in the console? The same system was fine with 6.0-RELEASE. One other possibly relevant thing is that my install script does set /boot.config to contain '-p'. Has something happened with keyboard detection that would make the pause mode come on? It seems that this pause mode has been in the console code for a while, although I didn't know about it until now. Thanks in advance for any light anyone can shed... Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [freebsd-questions] limit bandwidth 'make fetch'
Pablo Mora wrote: how i can limit bandwidth when i using 'make fetch' (make install in Ports)? You can change the command-line parameters for fetch in the /usr/ports/Mk/ somewhere (grep for FETCH). Or you could try the 'trickle' port, which allows you to apply bandwidth limits to more or less any command line application whether they support it or not. You use it like you would use time(1), as a prefix on the real command line. Best Regards, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: backup system rsync - dump
Philip Hallstrom wrote: I have two disks; one is the fbsd system drive, the other is for backup purposes. I'm in doubt about what to use: dump or rsync I guess I can do something like: mount /dev/ad1s3a /backup/root mount /dev/ad1s3d /backup/var mount /dev/ad1s3f /backup/usr /usr/local/bin/rsync -avHxS --delete /usr /backup/usr for /usr / and var If you do go with rsync, watch the -delete. If for some reason you blow away /usr/local/etc and then run your backup you'll blow away your backed up /usr/local/etc as well. Probably not what you want :) With the right settings of --backup --backup-dir you can easily create a week (or two or three or whatever) archive of the daily changed files. So, for example.. /backup/usr - contains identical copy /backup/dailys/usr/Mon - contains files that changed on /usr on Monday. Then just set things up to rotate/expire the old copies and you have an easy way to get files back you deleted that you didn't mean to. I can post the whole script if you're interested... If you'd like to go down that route (of incremental backups), then consider rdiff-backup, which makes a 'live backup' in the same way that rsync does but also saves the rsync 'transaction log' so you can produce a previous day's image easily, and store the differences compactly - the saving on the network in rsync becomes the saving in disk space for the incremental backups. http://www.nongnu.org/rdiff-backup/ http://www.howtoforge.com/linux_rdiff_backup I've been using this for a few dozen machines with no problems so far. Cheers, Howie ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]