Re: atom based servers
Curious, how did you get it installed? My motherboard doesn't have an IDE port (so, no IDE CD-ROM) and don't think booting from USB-CDROM is supported Booting from USB Flash drive works? David Rawling wrote: -Original Message- From: Brian Whalen Sent: Thu 12/11/2009 9:26 AM I see supermicro and potentially others have atom servers available, anyone tried these on freebsd with success? Brian Hi Brian Indeed, I have a FreeBSD 8.0RC1 system running as my primary time server for the home network. Since it's an Atom 330, it fully supports 64-bit mode (an opportunity I have grasped with both hands). The board I happen to be using is an Intel DG945GCLF2 - a clone board with just 1 DIMM slot and two SATA ports. Everything I need to have supported Just Worked out of the box. The server itself is running at a very low load level: timeserver ~ 15 uptime 1:00PM up 6 days, 12:38, 1 user, load averages: 0.00, 0.00, 0.00 I can provide the output of most any other commands if you'd like to see anything specific. I rather suspect that the Supermicro and other server-class Atoms will still be using the Intel 945 or similar chipsets. Dave. -- David Rawling PD Consulting And Security Email: d...@pdconsec.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
NIC Support
Is the RealTek RTL8112L PCIe gigabit LAN Controller support in FreeBSD 7.2? I could not find this in the hardware notes. Is it listed under another name? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Firewalls in FreeBSD?
Ok, I had some progress with this last night. Basically what I do is:
in natd - redirect_port 1000 to 1 to the internal windows box.
set ipfw to open file wall.
Obviously this isn't prefect - but gives some idea of what's going on.
What I'd like to do, is a) keep the nat redirects since that works
pretty well.
b) in ipfw, ONLY allow data back on these ports IF the windows box has
established the connection out first then deny everything else.
I tried this, but it didn't work for anything (tried 5-6 differant games):
${fwcmd} add allow tcp from any to any out via x10 setup keep-state
${fwcmd} add allow udp from any to any out via xl0 keep-state
${fwcmd} add allow icmp from any to any out via xl0 keep-state
${fwcmd} add 100 check-state
mdh wrote:
--- On Wed, 10/29/08, Jeremy Chadwick [EMAIL PROTECTED] wrote:
From: Jeremy Chadwick [EMAIL PROTECTED]
Subject: Re: Firewalls in FreeBSD?
To: Terry Sposato [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], Polytropon [EMAIL PROTECTED], Freebsd questions
freebsd-questions@freebsd.org
Date: Wednesday, October 29, 2008, 11:25 PM
On Thu, Oct 30, 2008 at 01:36:58PM +1100, Terry Sposato
wrote:
It is most likely caused by your ruleset not being
stateful. If packets
are going out certain sessions and your firewall
isn't then allowing back
in you would see the issue you are seeing. I am not
sure how this is
accomplished via ipfw as I use pf but there would be a
tonne of
documentation out there on how to make your rules
stateful.
Are you sure about that? Read his statement once more:
For example, I load up a client (game) and it
connects out on XYZ
port. The server will send data back on ABC.
I assume based on this, the following is happening:
- 192.168.x.x:a sends packet to gameserver:xyz
- NAT gateway translates packet (where natgw is
a public WAN IP)
192.168.x.x:a -- natgw:b --
gameserver:xyz
- gameserver sees packet to port xyz, and initiates new
connection
to natgw:abc
- NAT gateway drops packet destined to WAN IP port abc,
because the
gameserver:abc connection is *new*, and does not relate
to the
previous NAT'd gameserver:xyz connection.
If this is **truly** how the protocol works (the OP will
need to be
absolutely 100% positive of that fact; I recommend he
reconfirm how it
works), then the only solution is to set up a port forward
on the NAT
gateway for port abc to point to 192.168.x.x.
This also means that only one computer on the LAN will be
capable of
playing this game. Not much one can do about that, other
than write
the authors of the game and explain that their protocol is
absolutely
disgusting.
Does the game support IPv6? This may be a work-around for you, since you can get a relatively large chunk of IPs for free via any one of a number of tunnel brokers. If possible, ask your IP provider if they provide native IPv6 transport first. A few do, in North America and Europe, and a surprising lot do in Asia, especially Japan and South Korea. If you're on a North American consumer ISP, chances are a tunnel broker is your only option for v6 connectivity, however.
If the game doesn't support IPv6, however, then you are likely stuck with playing with port forwarding from the public routable address, however. It stinks, so feel free to lobby your ISP, the game's designers, and any other involved parties, about supporting IPv6 connectivity.
In essence, a problem like the one Mr. Chadwick is eluding to is one of the primary motivating forces behind the adoption of IPv6 to begin with.
- mdh
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Firewalls in FreeBSD?
Right now I have a Windows machine a FreeBSD natd/firewall then a cable modem. This is working for web surfing. But I've been playing a lot of games lately and it doesn't work at all (for multiplayer/internet games). Basically the games send/receive data on random ports, and I think it's going out fine - but doesn't come back in. Is this a problem with nat or because I have a stateless firewall? I've played around with this on and off for the last while and haven't gotten any where with it. Do you think this would work better or at least be easier to configure/debug if I moved to pf instead? Do I need to run natd if I run pf? FreeBSD fire2 6.3-STABLE FreeBSD 6.3-STABLE #32: Tue Jan 22 22:21:30 CST 2008 gateway_enable=YES #firewall_enable=YES #firewall_type=open firewall_type=simple #firewall_type=open firewall_logging=YES ## PF #pf_enable=NO # Enable PF (load module if required) #pf_rules=/etc/pf.conf # rules definition file for pf #pf_flags= # additional flags for pfctl startup #pflog_enable=YES # start pflogd(8) #pflog_logfile=/var/log/pflog # where pflogd should store the logfile #pflog_flags= # additional flags for pflogd startup ## NATD natd_enable=YES natd_interface=xl0 natd_flags= -f /etc/natd.conf ifconfig_xl0=DHCP ifconfig_dc0=inet 192.168.17.1 netmask 255.255.255.0 ifconfig_dc1=inet 192.168.18.1 netmask 255.255.255.0 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Firewalls in FreeBSD?
yes, that is my setup. hrm... well, I disabled the firewall completely, restarted, but still doesn't work. I have gateway and natd both enabled. x10 is the external interface (the one that is dhcp and connects to the cable modem). I don't want to redirect anything to my windows box. I just want anything that connects out from my windows box to be able to connect or send data back in. For example, I load up a client (game) and it connects out on XYZ port. The server will send data back on ABC. The problem, from what I can tell; is that I can get a connection out - but when the server tries to send data back on ABC it is discarded. Polytropon wrote: If I understood you correctly, your setting is: (Modem/Router)---DHCP---(FreeBSD)---(Windows) I may respond directly on your configuration settings: On Wed, 29 Oct 2008 20:19:31 -0500, Jack Barnett [1][EMAIL PROTECTED] wro te: gateway_enable=YES #firewall_enable=YES #firewall_type=open firewall_type=simple #firewall_type=open firewall_logging=YES Use instead: gateway_enable=YES natd_enable=YES natd_interface=xl0 You may add special redirect directives to NATD's settings, such as natd_flags=-redirect_port tcp 192.168.1.2:5900 5900 natd_flags=-redirect_port tcp 192.168.1.5:23 or natd_flags=-redirect_address 192.168.1.2 141.44.165.58 \ -redirect_address 192.168.1.5 141.44.165.58 Examples taken from a very old configuration. :-) Then, firewall_enable=YES firewall_type=/etc/ipfw.conf Then, be sure to have nice firewall settings, you can use things similar to this, enabling just the services you really need and want, it's easy to write your own one or to rewrite this: -f flush add divert natd ip from any to any via xl0 add allow tcp from any to any ftp in recv xl0 add allow tcp from any to any ssh in recv xl0 add allow tcp from any to any authin recv xl0 add allow udp from any to any ntp in recv xl0 add allow udp from any to any ntalk in recv xl0 add denyudp from any to any x11 in recv xl0 add reset tcp from any to any x11 in recv xl0 add allow ipencap from any to any add allow ip from any to any This should work fine. NB to use the correct interface names. References 1. mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NOOOOooooo
___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Off Topic: Sunbird calendar server?
This is a bit off topic, but does anyone know of a Calendar Server that is compatible with Sunbird? Basically, I have a personal calender, then we have a Holidays calendar and my girlfriend has her own calendar. We want to be able to share the Holidays calendar and also share out/view each others. She is a fan of Google Calendars (which I admit works well), but I'm a fan of Sunbird (since it's local and don't need internets for it to work). I could probably convert her to Sunbird if I found a good way to share out our calendars. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: archiving all IMAP mail?
This is the setup I use: external accounts (pop, imap, etc) -fetchmail - procmail - filterarchive - imap local accounts - procmail - filterarchive - imap Then my imap clients connect to the imap server. The imap server I use is courier-imap (has ssl which is nice) then use Thunderbird for the clients (runs multiply platforms) This setup works well, everything is auto-archived and also can get access to my mail from anyplace and it's the same. It scales well too, fairly secure and have once place to back up all my emails. C Thala wrote: I need to strictly archive all mail sent to me. For some time I've been using fetchmail/getmail from ports to suck down (every 5 minutes or so) the IMAP mail sent by my ISP and send it through procmail where I make a copy and then archive it (I also do my filtering into various mailboxes in procmail). I then use my mail user agent to read the mail from a local machine. This has worked fine all these years, but now I am switching to the paradigm where I am checking mail from multiple clients, so I plan on using IMAP-aware user agents. As I understand it, these IMAP-aware user agents operate directly on the IMAP spool. How can I archive my mail before it reaches them? Also, how do I do my filtering to various mailboxes? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: archiving all IMAP mail?
Wael Nasreddine wrote: This One Time, at Band Camp, C Thala [1][EMAIL PROTECTED] said, On Thu, Feb 14 , 2008 at 04:15:03AM -0500: On Thu, Feb 14, 2008 at 02:38:46AM -0600, Jack Barnett wrote: This is the setup I use: external accounts (pop, imap, etc) -fetchmail - procmail - filterarchive - imap local accounts - procmail - filterarchive - imap Then my imap clients connect to the imap server. Please explain what you mean by local accounts. If I'm not mistaken from reading your reply, this implies one of two things: 1. That I have two IMAP servers, one where I get all my mail, and a second one where I push mail after I have filtered/archived it. The first one should only by used by fetchmail, the second one is read by my various IMAP MUAs. 2. That I somehow have write access to the backend of my IMAP server, so I can pull all the mail from INBOX, do my archiving/filtering, and then repush to various folders and read from there. Is that correct? This isn't how I have it, I suppose Jack has a similar setup to mine, I'll detail my setup: First I have postfix installed with sasl/mysql backend, in MySQL I have all the virtual accounts for various domains, for example I have an entry for [EMAIL PROTECTED] which states that it's a normail Mailbox, not an alias it also guides postfix/courier-imap to the folder where the e-mails are stored. When you send an email to [EMAIL PROTECTED], it goes to the vmail folder, Now using the package courier-imap which BTW provides both IMAP and POP3 Server, the email received by postfix can be checked using POP3 and the username [EMAIL PROTECTED] (Full username because this way I can have virtual domains, and the second most important reason is below) Now I have a normal UNIX user account 'wael' which has fetchmail that downloads emails from many accounts, Gmail, Hotmail, Yahoo, and local accounts (Which Jack mentioned as well and it's [EMAIL PROTECTED] for my case), fetchmail spits the mail out to procmail which do all the filtering and deliver the email to /home/wael/.mail folder (If you left the courier-imap config files as they are then you should deliver to Mailfolder instead of .mail, check /usr/local/etc/courier-imap/*) For the IMAP part, When I Use 'wael' instead of '[EMAIL PROTECTED]' it doesn't use the vmail but the UNIX user instead (see below) so it delivers whatever is under /home/wael/.mail :) The trick is that courier-imap has authlib backend (authdaemon) , and authlib has mysql/pam backends, so when u request mails for [EMAIL PROTECTED] it matches mysql qnd goes to virtual mail dir, when you send wael it matches pam and so mail on home folder If you need more assistance don't hesitate to ask... By local accounts, I mean mail that is delivered directly to the server (instead of getting pulled in via fetchmail). And yep, that is basically my setup to. I use sendmail and don't have a mysql backend, but the concept is the same. Have one imap server and then pull/push all emails from all accounts into that imap account The benefits of this, is that all your email is in one location and you have access to it all, regardless of what workstation or client you are using to connect to that server. Once place to filter, backup, search, etc. It can take awhile to setup if your not familiar with mail server software, but once it's working it's very easy to manage a lot of different email accounts/addresses. -J References 1. mailto:[EMAIL PROTECTED] 2. mailto:[EMAIL PROTECTED] 3. mailto:[EMAIL PROTECTED] 4. mailto:[EMAIL PROTECTED] 5. mailto:[EMAIL PROTECTED] 6. mailto:[EMAIL PROTECTED] 7. mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VM Options
Hrm... I can't find it in the ports or a download version of it? I don't mind paying for it, but want to see if it actually works well before buying it. David Schulz wrote: noone mentioned www.win4bsd.com , win4bsd can be used to run a windows machine from within freebsd nicely. performance is pretty good also. On Jan 25, 2008, at 4:54 AM, neal wrote: On Thursday 24 January 2008, Jack Barnett wrote: So Jail, Qemu and VMWare crossed off the list, any other options? I'm planning to do something similar but have moved to Kubuntu to run VMWare, then I can run PCBSD as a vm 'thingy' ;). neal. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: VM Options
Robert Eckardt wrote: It depends on what you want to do. To clarify, I would like to run Windows XP at least VMWare runs WinXP beautifully - but unfortunately VMWare doesn't well under FreeBSD. Last time I tried Qemu it was fairly slow. So Jail, Qemu and VMWare crossed off the list, any other options? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
VM Options
Are there any good VM Options for FreeBSD? There is VMWare in ports; which I really like - but it's a few years old and still stuck on version 3 the last time I tried it. Are there any other options available? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: No spam???
John Almberg wrote: Last week I set up a brand new mail server with a combination of pf/spamassassin/maildrop for spam filtering... Everything seems to work great. All real mail seems to be getting through. I monitored the spamd and maildrop logs during the first few days to make sure my very conservative spam settings (spamd marks email that scored higher than 5 as spam, and maildrop drops spam that scores higher than 12) to make sure that real mail isn't getting dropped. At the beginning of the week, I was getting a few spam a day in my spam folder. What has me spooked is that this whole weekend I got exactly one spam in my spam folder (a false positive, in fact). This is down from around 500 that I normally get per day (which is why I was keen to get an up-to-date mailserver!) I know this is an odd thing to worry about, but is this normal? Since the spam doesn't even seem to be reaching spamd, I'm guessing that the real hero is pf, which must be blocking 99.99% of spam at the packet level. Is this normal? TIA: John ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] How did you setup pf? You just have a 'generic' blacklist? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Hardware compatibility question
Eric Crist wrote: On Jan 3, 2008, at 12:29 PM, Darryl Hoar wrote: Greetings, I am looking at buying a used Dell PowerEdge 2650. It has (2) Xeon 2.8Ghz with 512kb cache 6 GB ECC Ram (5) 36 GB 10k SCSI hard drives Perc/3 raid controller. dual 10/100/1000 ethernet dual power supplies. will I have any problem using Freebsd on this hardware ? Going to be LAMP server. thanks, Darryl If you're putting FreeBSD on it, I don't think it qualifies as a LAMP server... - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] An FAMP Server perhaps ? :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
xclients and remote display (WAS: Re: freenx server)
Thanks, yea, but I don't think he's maintaining it any longer? In ports it's version 1.4.x, but nomachine.com has latest version has 3.5.x My friend emailed nomachine.com and he said they refused to support any of the xBSD or offer any help on getting a working port for the xBSD world. I'm guessing that is the reason why it's so out of date and broken. :/ Are their any alternatives besides VNC? We have that and it's working good (TightVNC tunneled though SSH), but would like to just run one 'window' and have it displayed on our workstation. For example, Run an xterm on FreeBSD server and have it displayed on an XP or Linux workstation. User Ota wrote: On Fri, Dec 21, 2007 at 10:41:59AM -0600, Jack Barnett wrote: Anyone get the freeNX server working from nomachine? When I try to build it from /usr/ports/net/freenx it says it is broken under xorg 7.2 I've upgrade to xorg 7.3.x and modified the make file and it builds everything but nxagent, so it fails to `make install` install: /usr/ports/net/nxserver/work/nx-X11/programs/Xserver/nxagent: No such file or directory *** Error code 71 Yeah, I tried messing around with this a few months ago, it tried to compile and at the end (which was a lengthy job) it turned out to be a waste. I was told before to get in touch with the maintainer of the port and discuss it further. Funny though, mine failed on nxnode :P From portsmon.freebsd,org, the mantainer of freenx and nxserver is [EMAIL PROTECTED] Hope this helps, Russell Doucette ___ [EMAIL PROTECTED] mailing list [3]http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [4][EMAIL PROTECTED] References 1. mailto:[EMAIL PROTECTED] 2. mailto:freebsd-questions@freebsd.org 3. http://lists.freebsd.org/mailman/listinfo/freebsd-questions 4. mailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
freenx server
Anyone get the freeNX server working from nomachine? When I try to build it from /usr/ports/net/freenx it says it is broken under xorg 7.2 I've upgrade to xorg 7.3.x and modified the make file and it builds everything but nxagent, so it fails to `make install` install: /usr/ports/net/nxserver/work/nx-X11/programs/Xserver/nxagent: No such file or directory *** Error code 71 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Home Automation?
Anyone know of any Home automation type of devices that work with FreeBSD? Basically all I need to do is to toggle a power outlet from within FreeBSD (from off to on and vice-versa) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Home Automation?
FreeBSD can use an USB controller? What software is available to control the controller in FreeBSD? I'm looking for something command line and/or scriptable. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Console?
Jerahmy Pocott wrote: Hello, Firstly sorry for my recent double post mx1.freebsd.org was rejecting my mail for some reason.. I was wondering if there is any way to put the console on a USB port? Since serial and parallel ports are becoming things of the past and many systems don't come with them any more.. Serial console on USB? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] Don't know about USB; but you can get a serial PCI card for about 10-20 bucks. Cheaper used. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD on a Mac
James Jeffery wrote: Was wondering. Can i put FreeBSD on a Quicksilver G4? I know it already has Tiger on it, which is BSD based, but i have no use for Tiger at the moment. At college were using Windows, and my old BSD box now has windows on it so that i can keep up with college assignments. I still have BSD on the box, but on another partition, i loved FreeBSD 7, was really getting the hang of it and testing out its web server capabilities, its a nightmare switching the PC on and off just to run a temp web server to test on. Is it possible or is there a better solution? Cheers ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] You could also run FreeBSD inside of VMWare on your windows box. IIRC the VMWare software is free for Windows. There is also a port for FreeBSD (to run Windows in a VMWare with FreeBSD as the host) - but it hasn't been updated in a long time. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portupgrade questions
Aryeh M. Friedman wrote: Here is a script I use to automate the procedure I posted in the previous reply: #!/bin/sh cd /usr/src csup ports-supfile csup standard-supfile cd patchs # optional ./apply # optional portupgrade -a ?? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: portupgrade questions
Aryeh M. Friedman wrote: *cd patchs # optional ./apply # optional * patchs are some local patchs and yet to be committed patchs I use ok, thanks :) I was wondering why I couldn't find them on my system :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Rules and Games
[EMAIL PROTECTED] wrote: So basically the ruleset should be simple: ipfw -f flush # allow lo0 stuff # block some spoofs/attacks # if you are hosting gameservers from 192.168.17.3 or whatever, # you should (manually) open server ports, in other words, add # routes to 192.168.17.3 to specific server ports ipfw add divert natd all from any to any via $outside_interface allow all from any to any # block some more spoofs/attacks :) # define services (like you did with http) Sorry, this didn't work. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPFW Rules and Games
Lots of people play games here and basically a pain to keep trying to
get these stupid things to work with individual rules for each.
I'm running FreeBSD 6.x with IPFW/natd
I get a dynamic IP from my ISP and the internal nic is 192.168.17.1
Everything inside the network is 192.168.17.xxx
The setup is this:
192.168.17.x -- 192.168.17.1 [FreeBSD] Dynamic IP -- {Random Game
Server on the Internets}
[Internet Network(GAME)] -- [FreeBSD] -- {Internets}
There are a bunch of games that send out TCP/UDP packets (and who knows
what else) on different ports to different destinations and then
receive data back on random ports. Basically, anything on any
protocol from the internal network should be able to establish and setup
connections out AND be allowed to receive data back from whomever they
connected out to; but random hosts trying to connect in should be blocked.
I added this for a temporary fix:
${fwcmd} add pass all from any to any
I don't think that is the right answer; That allows to much in?
I've tried these per the docs:
${fwcmd} add allow all from any to any out via {$iip} setup
${fwcmd} add allow all from any to any out via {$iip} established
${fwcmd} add allow all from any to any in via {$iip} established
and also a bunch of others; but none of them worked.
Here is my full config:
# simple
[Ss][Ii][Mm][Pp][Ll][Ee])
# This is a prototype setup for a simple firewall. Configure this
# machine as a DNS and NTP server, and point all the machines
# on the inside at this machine for those services.
# set these to your outside interface network and netmask and ip
oif=xl0
onet=`ifconfig xl0 | grep inet | awk '{print $6}'`
omask=0xfe00
oip=`ifconfig xl0 | grep inet | awk '{print $2}'`
# set these to your inside interface network and netmask and ip
iif=dc1
inet=192.168.17.0
imask=0xff00
iip=192.168.17.1
setup_loopback
# Stop spoofing
${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny all from any to 10.0.0.0/8 via ${oif}
${fwcmd} add deny all from any to 172.16.0.0/12 via ${oif}
${fwcmd} add deny all from any to 192.168.0.0/16 via ${oif}
# Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes
RESERVED-1,
# DHCP auto-configuration, NET-TEST, MULTICAST (class D), and
class E)
# on the outside interface
${fwcmd} add deny all from any to 0.0.0.0/8 via ${oif}
${fwcmd} add deny all from any to 169.254.0.0/16 via ${oif}
${fwcmd} add deny all from any to 192.0.2.0/24 via ${oif}
${fwcmd} add deny all from any to 224.0.0.0/4 via ${oif}
${fwcmd} add deny all from any to 240.0.0.0/4 via ${oif}
# Network Address Translation. This rule is placed here
deliberately
# so that it does not interfere with the surrounding
address-checking
# rules. If for example one of your internal LAN machines had
its IP
# address set to 192.0.2.1 then an incoming packet for it after
being
# translated by natd(8) would match the `deny' rule above.
Similarly
# an outgoing packet originated from it before being translated
would
# match the `deny' rule below.
case ${natd_enable} in
[Yy][Ee][Ss])
if [ -n ${natd_interface} ]; then
${fwcmd} add divert natd all from any to any via
${natd_interface}
fi
;;
esac
# Stop RFC1918 nets on the outside interface
${fwcmd} add deny all from 10.0.0.0/8 to any via ${oif}
${fwcmd} add deny all from 172.16.0.0/12 to any via ${oif}
${fwcmd} add deny all from 192.168.0.0/16 to any via ${oif}
# Stop draft-manning-dsua-03.txt (1 May 2000) nets (includes
RESERVED-1,
# DHCP auto-configuration, NET-TEST, MULTICAST (class D), and
class E)
# on the outside interface
${fwcmd} add deny all from 0.0.0.0/8 to any via ${oif}
${fwcmd} add deny all from 169.254.0.0/16 to any via ${oif}
${fwcmd} add deny all from 192.0.2.0/24 to any via ${oif}
${fwcmd} add deny all from 224.0.0.0/4 to any via ${oif}
${fwcmd} add deny all from 240.0.0.0/4 to any via ${oif}
# Allow internal traffic
${fwcmd} add allow all from any to any via ${iif}
# Allow all local traffic
${fwcmd} add allow all from ${inet}:${imask} to ${inet}:${imask}
# Allow TCP through if setup succeeded
${fwcmd} add pass tcp from any to any established
# Allow IP fragments to pass through
${fwcmd} add pass all from any to any frag
# Allow setup of incoming email
#${fwcmd} add pass tcp from any to ${oip} 25 setup
#${fwcmd} add pass
Re: IPFW Rules and Games
Bob Hall wrote:
On Fri, Nov 02, 2007 at 04:59:27AM -0500, Jack Barnett wrote:
I added this for a temporary fix:
${fwcmd} add pass all from any to any
I don't think that is the right answer; That allows to much in?
Yes.
I've tried these per the docs:
${fwcmd} add allow all from any to any out via {$iip} setup
${fwcmd} add allow all from any to any out via {$iip} established
${fwcmd} add allow all from any to any in via {$iip} established
and also a bunch of others; but none of them worked.
Try oip instead of iip. iip is your internal IP address, so anything
going out from iip is going to your lan, and anything coming in to iip
is coming from your lan. You want to control packets communicating with
the outside world, so you want to control them at oip.
Sorry, that didn't work.
I also tried this:
${fwcmd} add allow tcp from any to any via ${oip} setup
${fwcmd} add allow udp from any to any via ${oip} setup
${fwcmd} add allow tcp from any to any via ${oip} established
${fwcmd} add allow udp from any to any via ${oip} established
That also blocks it. :(
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Rules and Games
Jack Barnett wrote:
Bob Hall wrote:
On Fri, Nov 02, 2007 at 04:59:27AM -0500, Jack Barnett wrote:
I added this for a temporary fix:
${fwcmd} add pass all from any to any
I don't think that is the right answer; That allows to much in?
Yes.
I've tried these per the docs:
${fwcmd} add allow all from any to any out via {$iip} setup
${fwcmd} add allow all from any to any out via {$iip} established
${fwcmd} add allow all from any to any in via {$iip} established
and also a bunch of others; but none of them worked.
Try oip instead of iip. iip is your internal IP address, so anything
going out from iip is going to your lan, and anything coming in to iip
is coming from your lan. You want to control packets communicating with
the outside world, so you want to control them at oip.
Sorry, that didn't work.
I also tried this:
${fwcmd} add allow tcp from any to any via ${oip} setup
${fwcmd} add allow udp from any to any via ${oip} setup
${fwcmd} add allow tcp from any to any via ${oip} established
${fwcmd} add allow udp from any to any via ${oip} established
That also blocks it. :(
Even tried this and still doesn't work.
${fwcmd} add allow tcp from any to any via ${oip}
${fwcmd} add allow udp from any to any via ${oip}
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Rules and Games
Jack Barnett wrote:
Jack Barnett wrote:
Jack Barnett wrote:
Bob Hall wrote:
On Fri, Nov 02, 2007 at 04:59:27AM -0500, Jack Barnett wrote:
I added this for a temporary fix:
${fwcmd} add pass all from any to any
I don't think that is the right answer; That allows to much in?
Yes.
I've tried these per the docs:
${fwcmd} add allow all from any to any out via {$iip} setup
${fwcmd} add allow all from any to any out via {$iip} established
${fwcmd} add allow all from any to any in via {$iip} established
and also a bunch of others; but none of them worked.
Try oip instead of iip. iip is your internal IP address, so anything
going out from iip is going to your lan, and anything coming in to iip
is coming from your lan. You want to control packets communicating with
the outside world, so you want to control them at oip.
Sorry, that didn't work.
I also tried this:
${fwcmd} add allow tcp from any to any via ${oip} setup
${fwcmd} add allow udp from any to any via ${oip} setup
${fwcmd} add allow tcp from any to any via ${oip} established
${fwcmd} add allow udp from any to any via ${oip} established
That also blocks it. :(
Even tried this and still doesn't work.
${fwcmd} add allow tcp from any to any via ${oip}
${fwcmd} add allow udp from any to any via ${oip}
Grrr, this doesn't work either:
# statefull
${fwcmd} add check-state
${fwcmd} add allow tcp from any to any established
${fwcmd} add allow all from any to any out keep-state
${fwcmd} add allow icmp from any to any
This thread talks about the same problem:
[1]http://lists.freebsd.org/pipermail/freebsd-ipfw/2005-December/00225
8.html
You will most likely find that dynamic rules will allow this
ingress traffic, without the need to explicitly allow it.
But unfortunately there is no follow up reply in that archive.
References
1. http://lists.freebsd.org/pipermail/freebsd-ipfw/2005-December/002258.html
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Rules and Games
RW wrote:
On Fri, 02 Nov 2007 04:59:27 -0500
Jack Barnett [1][EMAIL PROTECTED] wrote:
Lots of people play games here and basically a pain to keep trying to
get these stupid things to work with individual rules for each.
I'm running FreeBSD 6.x with IPFW/natd
I get a dynamic IP from my ISP and the internal nic is 192.168.17.1
Everything inside the network is 192.168.17.xxx
The setup is this:
192.168.17.x -- 192.168.17.1 [FreeBSD] Dynamic IP -- {Random
Game Server on the Internets}
[Internet Network(GAME)] -- [FreeBSD] -- {Internets}
There are a bunch of games that send out TCP/UDP packets (and who
knows what else) on different ports to different destinations and then
receive data back on random ports. Basically, anything on any
protocol from the internal network should be able to establish and
setup connections out AND be allowed to receive data back from
whomever they connected out to; but random hosts trying to connect
in should be blocked.
You simply need to allow back traffic on the same socket connection
this will happen automatically with TCP if you are passing established
traffic, with UDP you will have to keep-state. You will probably find
that the games also require you to open one or more incoming ports too.
If you are not very confident with ipfw I would suggest you switch to
pf. It's a very good firewall and generally easier to use. Also if you
are playing games, you'll want to do traffic prioritisation, which is a
pain with ipfw.
Thanks. Yes, generally firewalls and networking isn't my strong
point.
I checked out the handbook on it and it looks easy enough.
I found this: [2]http://www.allard.nu/pfw/ - but appears it's not in
the ports and commerical software?
I also have fwbuilder installed; but don't really like that much.
Are there any other GUI like interfaces that could help me in building
rules for pf?
I haven't read though it all yet; but I'll still need natd with pf,
right?
References
1. mailto:[EMAIL PROTECTED]
2. http://www.allard.nu/pfw/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: IPFW Rules and Games
Jack Barnett wrote:
Jack Barnett wrote:
Bob Hall wrote:
On Fri, Nov 02, 2007 at 04:59:27AM -0500, Jack Barnett wrote:
I added this for a temporary fix:
${fwcmd} add pass all from any to any
I don't think that is the right answer; That allows to much in?
Yes.
I've tried these per the docs:
${fwcmd} add allow all from any to any out via {$iip} setup
${fwcmd} add allow all from any to any out via {$iip} established
${fwcmd} add allow all from any to any in via {$iip} established
and also a bunch of others; but none of them worked.
Try oip instead of iip. iip is your internal IP address, so anything
going out from iip is going to your lan, and anything coming in to iip
is coming from your lan. You want to control packets communicating with
the outside world, so you want to control them at oip.
Sorry, that didn't work.
I also tried this:
${fwcmd} add allow tcp from any to any via ${oip} setup
${fwcmd} add allow udp from any to any via ${oip} setup
${fwcmd} add allow tcp from any to any via ${oip} established
${fwcmd} add allow udp from any to any via ${oip} established
That also blocks it. :(
Even tried this and still doesn't work.
${fwcmd} add allow tcp from any to any via ${oip}
${fwcmd} add allow udp from any to any via ${oip}
Grrr, this doesn't work either:
# statefull
${fwcmd} add check-state
${fwcmd} add allow tcp from any to any established
${fwcmd} add allow all from any to any out keep-state
${fwcmd} add allow icmp from any to any
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
RTG config
Hi all, I have RTG setup and running and appears to be ok. I used the default install options (from ports) and seems to be working, but only on the interfaces (3 network cards). (just ran 'createdb' then 'rtgtarmkr.pl') snmpwalk is showing values for cpu, memory, etc; but RTG isn't polling them. From what I gather, I need to create the database tables; then add the info to 'targets.cfg'? All of this should be pretty standard right? Anyone have a script to create the database tables and targets file? Just looking for things like cpu, memory, harddisk, etc. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Procmail/processing question
Procmail is working, but during a system upgrade I basically broke it for a bit. While it was down, all the mail was being collected in /var/mail/[username] Normally, it processes incoming mail and puts it in /home/[username]/Maildir/XYZ (this is what courier imap is using). It is working and processing mail as normal; but the problem is that /var/mail/[username] has collected tons of mail that needs to be processed via procmail. Is there a way I can pipe all this mail into procmail so that it'll be processed like normal. I'm thinking something like cat /var/mail/[username] | procmail -SomeFancyOption thoughts? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Procmail/processing question
Jack Barnett wrote: Procmail is working, but during a system upgrade I basically broke it for a bit. While it was down, all the mail was being collected in /var/mail/[username] Normally, it processes incoming mail and puts it in /home/[username]/Maildir/XYZ (this is what courier imap is using). It is working and processing mail as normal; but the problem is that /var/mail/[username] has collected tons of mail that needs to be processed via procmail. Is there a way I can pipe all this mail into procmail so that it'll be processed like normal. I'm thinking something like cat /var/mail/[username] | procmail -SomeFancyOption thoughts? disregard, I figured it out. there is a program called 'formail' (format mail) cat /var/mail/[username] | formail -s procmail :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Spam Filtering
My setup is basically everything gets pumped though procmail and ends up in an Courier imap directories. I'm thinking of going with something like SpamBouncer (procmail filter). Anyone use that before? Any other spam filtering that might work better with this setup? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: anyone have a favorite laptop?
Bill Campbell wrote: On Mon, Sep 24, 2007, Arend P. van der Veen wrote: We have used Thinkpads for a long time. I am currently using a T60. Never had any problems. I used Thinkpads for about 10 years with various Linux systems. My last one was a Thinkpad 600 which I used continuously from August 1999 through March 2007 when I got a Mac Powerbook (now if only I could run OS X on a Thinkpad :-). We have used a fair variety of Thinkpads with our auction software for the last 10 years or so with excellent results. Bill I also use Think Pads, 9545 (was a 486!), T20 series, T40 series. All work wonderfully... IBM makes rock solid laptops. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Running process on startup as a user
Using FreeBSD 6.2 x86. I have a script called: /home/foo/scripts/MyScript.sh The user is 'foo'. The password is 'bar'. What I'm trying to do is run the MyScript.sh command on startup (that way if the box reboots, then this users process also re-starts it's self). thoughts? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Network Monitor?
Is there a way to monitor what traffic is coming in/out of my network? For example: so me how much bandwidth emails are taking, how much http traffic (both in and outgoing), etc. I'd like a report broken down by traffic type like in windows. FreeBSD-6.2 x86 Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache, php?
Eric Crist wrote: On Jun 20, 2007, at 8:56 PMJun 20, 2007, Jack Barnett wrote: Ivan Carey wrote: I don't have libphp5.so anywhere in /usr/local (did a find for it). the php5 port is broken? Or do I have to reinstall apache after php5? You need to enable build of the php5 apache extension when you build the port - it's not enabled by default. HTH Eric Crist thanks. do you know how to do that off hand? :) :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache, php?
Jack Barnett wrote: Eric Crist wrote: On Jun 20, 2007, at 8:56 PMJun 20, 2007, Jack Barnett wrote: Ivan Carey wrote: I don't have libphp5.so anywhere in /usr/local (did a find for it). the php5 port is broken? Or do I have to reinstall apache after php5? You need to enable build of the php5 apache extension when you build the port - it's not enabled by default. HTH Eric Crist thanks. do you know how to do that off hand? :) :) disregarding... rebuilding now, I edited the Makefile ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache, php?
[LoN]Kamikaze wrote: Jack Barnett wrote: Jack Barnett wrote: Eric Crist wrote: On Jun 20, 2007, at 8:56 PMJun 20, 2007, Jack Barnett wrote: Ivan Carey wrote: I don't have libphp5.so anywhere in /usr/local (did a find for it). the php5 port is broken? Or do I have to reinstall apache after php5? You need to enable build of the php5 apache extension when you build the port - it's not enabled by default. HTH Eric Crist thanks. do you know how to do that off hand? :) :) disregarding... rebuilding now, I edited the Makefile Ouch. Just for the record: # cd /usr/ports/lang/php5 # make config Select the APACHE option. # make build deinstall reinstall clean Yea, for some reason it's not giving me that menu... to configure it. Most ports used to have any option... to configure stuff... in that nice text based interface. I got BATCH=YES in make.conf so that's probably why! Anyways, I manually edited the Makefile and recompiled. That is WORKING :) Manually fooling around with that file will probably bust something up down the road if I have to reinstall, but for now I'm happy. It's all working. Thanks everyone for your help. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache, php?
doug wrote: On Tue, 19 Jun 2007, Jack Barnett wrote: FreeBSD 6.2 Apache 1.3.37 (from ports) php 5.2.3 (from ports) on the command line doing `php index.php` works. But if I use it though a web browser it just displays the php code. I installed it like this (extensions to) http://www.mydigitallife.info/2006/04/14/installing-web-server-in-freebsd-60-with-apache-22-mysql-50-and-php-5-part-5/ The only difference is that I'm using 1.3 and not 2.x of Apache. Apache config below Installing 2.x isn't an option yet (test server, still need 1.3) fire2# grep -i php * httpd.conf:AddType application/x-httpd-php .php httpd.conf:AddType application/x-httpd-php-source .phps httpd.conf:IfModule mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.php3 index.html httpd.conf:IfModule !mod_php4.c httpd.conf:DirectoryIndex index.php3 index.html httpd.conf:IfModule !mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.html httpd.conf:IfModule !mod_php4.c httpd.conf:IfModule mod_php3.c httpd.conf: AddType application/x-httpd-php3 .php3 httpd.conf: AddType application/x-httpd-php3-source .php3s httpd.conf:IfModule mod_php4.c httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps I just installed this combination, among the changes to httpd.conf I change pph4--php5 (see below). You are not getting an index file. If you have 'Options +Indexes' browsing will get you an index listing but will not run index.php. # # This may also be None, All, or any combination of Indexes, @@ -452,18 +454,18 @@ # IfModule mod_dir.c IfModule mod_php3.c -IfModule mod_php4.c +IfModule mod_php5.c DirectoryIndex index.php index.php3 index.html /IfModule -IfModule !mod_php4.c +IfModule !mod_php5.c DirectoryIndex index.php3 index.html /IfModule /IfModule IfModule !mod_php3.c -IfModule mod_php4.c +IfModule mod_php5.c DirectoryIndex index.php index.html /IfModule -IfModule !mod_php4.c +IfModule !mod_php5.c DirectoryIndex index.html /IfModule /IfModule hrm... no I don't think that's it. I put this in: DirectoryIndex index.php index.html I have php5 install I created this file: test.php ?php print (Hello WorldBR\n); ? But that doesn't work either. Is mod_layout screwing it up? I don't understand what is wrong with it? `php test.php` works fine. Also there is no Module Load/Add in the httpd.conf for php. I can't even find the libraries! But /usr/local/bin/ has php and php-cgi (both executables). Do I need to tell apache how to execute .php files? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Apache, php?
Ivan Carey wrote: Jack Barnett wrote: FreeBSD 6.2 Apache 1.3.37 (from ports) php 5.2.3 (from ports) on the command line doing `php index.php` works. But if I use it though a web browser it just displays the php code. I installed it like this (extensions to) http://www.mydigitallife.info/2006/04/14/installing-web-server-in-freebsd-60-with-apache-22-mysql-50-and-php-5-part-5/ The only difference is that I'm using 1.3 and not 2.x of Apache. Apache config below Installing 2.x isn't an option yet (test server, still need 1.3) fire2# grep -i php * httpd.conf:AddType application/x-httpd-php .php httpd.conf:AddType application/x-httpd-php-source .phps httpd.conf:IfModule mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.php3 index.html httpd.conf:IfModule !mod_php4.c httpd.conf:DirectoryIndex index.php3 index.html httpd.conf:IfModule !mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.html httpd.conf:IfModule !mod_php4.c httpd.conf:IfModule mod_php3.c httpd.conf: AddType application/x-httpd-php3 .php3 httpd.conf: AddType application/x-httpd-php3-source .php3s httpd.conf:IfModule mod_php4.c httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] . Hello Jack, I have 2 servers running one with php4 and one with php5 In the php4 httpd.conf I have: LoadModule php4_modulelibexec/apache/libphp4.so AddModule mod_php4.c # DirectoryIndex: Name of the file or files to use as a pre-written HTML # directory index. Separate multiple entries with spaces. # IfModule mod_dir.c IfModule mod_php3.c IfModule mod_php4.c DirectoryIndex index.php index.php3 index.html /IfModule IfModule !mod_php4.c DirectoryIndex index.php3 index.html /IfModule /IfModule IfModule !mod_php3.c IfModule mod_php4.c DirectoryIndex index.php index.html /IfModule IfModule !mod_php4.c DirectoryIndex index.html /IfModule /IfModule /IfModule # LanguagePriority allows you to give precedence to some languages # in case of a tie during content negotiation. # # Just list the languages in decreasing order of preference. We have # more or less alphabetized them here. You probably want to change this. # IfModule mod_negotiation.c LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw /IfModule IfModule mod_php3.c AddType application/x-httpd-php3 .php3 AddType application/x-httpd-php3-source .php3s /IfModule IfModule mod_php4.c AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps /IfModule In the Apache2 using php5 I have in the httpd.conf LoadModule php5_module libexec/apache2/libphp5.so # If the AddEncoding directives above are commented-out, then you # probably should define those extensions to indicate media types: # AddType application/x-compress .Z AddType application/x-gzip .gz .tgz AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps I hope this helps you with your configuration, Regards, Ivan I don't have libphp5.so anywhere in /usr/local (did a find for it). the php5 port is broken? Or do I have to reinstall apache after php5? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: KDE 3.5 Crashing
Timothy Bourke wrote: On Jun 15 at 20:01 +1000, Gemma Fletcher wrote: Installed BSD 6.2 a few days ago and am totally new to it all. I installed KDE 3.5 and it was working nicely until it juststopped. No obvious crash - it just froze. Had to reboot the system with the reset button as no other method was working. [...] Are you using dial-up with kppp? I recently saw a freeze-then-reboot under KDE 3.5 which was fixed by using ppp (user-mode) rather than kppp (kernel-mode) for dial-up. Tim. Next time instead of a reboot, try Ctrl-Alt-Backspace. that should try a shutdown of the X server ... might save you a hard reboot :) Also are you sure it's KDE? Could it be a weird video driver? Does it happen with other WMs? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Apache, php?
FreeBSD 6.2 Apache 1.3.37 (from ports) php 5.2.3 (from ports) on the command line doing `php index.php` works. But if I use it though a web browser it just displays the php code. I installed it like this (extensions to) http://www.mydigitallife.info/2006/04/14/installing-web-server-in-freebsd-60-with-apache-22-mysql-50-and-php-5-part-5/ The only difference is that I'm using 1.3 and not 2.x of Apache. Apache config below Installing 2.x isn't an option yet (test server, still need 1.3) fire2# grep -i php * httpd.conf:AddType application/x-httpd-php .php httpd.conf:AddType application/x-httpd-php-source .phps httpd.conf:IfModule mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.php3 index.html httpd.conf:IfModule !mod_php4.c httpd.conf:DirectoryIndex index.php3 index.html httpd.conf:IfModule !mod_php3.c httpd.conf:IfModule mod_php4.c httpd.conf:DirectoryIndex index.php index.html httpd.conf:IfModule !mod_php4.c httpd.conf:IfModule mod_php3.c httpd.conf: AddType application/x-httpd-php3 .php3 httpd.conf: AddType application/x-httpd-php3-source .php3s httpd.conf:IfModule mod_php4.c httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps httpd.conf: AddType application/x-httpd-php .php httpd.conf: AddType application/x-httpd-php-source .phps ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Upgrading to 6.2-RELEASE from 6.2-STABLE
no idea, but maybe: boot /boot/kernel/kernel or boot /boot/kernel.old/kernel What is 'mountroot' - is that the boot loader or the kernel/system giving you that? try mounting your root drive! do a `df -k`, anything already mounted? oh! or try: fsck did it ask you to login? Mark Stout wrote: I followed all the steps in the handbook as well as UPDATED and after a installworld and mergemaster its booting into 'mountroot' and nothing I type mounts. This is a production machine so I'm in dire need of assistence. [EMAIL PROTECTED] wrote: On 11/06/07, Mark Stout [EMAIL PROTECTED] wrote: Following the tasks in Rebuilding world in the handbook http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html I removed the /usr/obj directory and did a buildworld. When tryinmg to compile the kernel its failing on unknown option MD5. Commenting that out it fails on the line above MD5, options LKM. What's happening here? These two options papear in the LINT file. I can't find anything that explains why this would happen. A follow-up to my last email. I copied GENERIC to RADIUS2 and symlinked to /root/kernel. Then added the various LINT options. I started commenting out what is failing when I try to compile a new kernel. All are from the LINT file. Is MD5 a default that does not need to be specifically added? What about ICMP_BANDLIM? And support for IDE drives. Are these already handed elsewhere in GENERIC? # These all failed as unknown options: unknown option MD5 unknown option LKM unknown option CD9660_ROOTDELAY unknown option NSWAPDEV unknown option TCP_COMPAT_42 unknown option ICMP_BANDLIM (found in Handbook in Chapter 14 Securing FreeBSD) # Do not understand why these are fialing config: Error: device acd0 is unknown config: Error: device wfd0 is unknown config: Error: device wst0 is unknown # This failed as a syntax error controller wdc0at isa? port IO_WD1 bio irq 14 Most of the above looks like old, deprecated stuff from 5.x and earlier (the controller wdc0 line reminds me of 3.x or maybe NetBSD). IDE drive support is all handled by ata(4), all you should need for those in your kernel config is: device ata device atadisk device atapicd (and obviously:) device eisa device pci Which are already part of GENERIC. /usr/src/sys/arch/conf/LINT doesn't exist in 6.x. Try looking at /usr/src/sys/arch/conf/NOTES and /usr/src/sys/conf/NOTES for knobs to twist and buttons to push. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Offtopic: x.org verus xFree86?
This is slightly off topic... but anyone know the differences between x.org and xFree86? I was using FreeBSD 4.xxx for the longest time (and some varieties of Linux, OpenBSD, etc) and all where xFree86. I was out of the scene for a bit (but still running 4.xxx) and recently upgraded to 6.2 and it has x.org... x.org all over the place. no more traces of xfree86 anywhere! now it's at 7.2 :) Anyone know why x.org split from xFree86? From what I can tell it looks the same (same files, same options etc)... was it just a licensing change or something like that? Just wondering the history behind the different naming and what all changed? Why was it forked? Thanks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD t-shirt
Kávássy Dániel wrote: Thanks I will check it out. Daniel K. Greenwood wrote: --- Kávássy Dániel [EMAIL PROTECTED] wrote: Hi, I know it's a bit off. I've seen FreeBSD t-shirts (probably drafts) with the new logo: http://logo-contest.freebsd.org/result/640-1.png http://www.bsdmall.com/sport.html perhaps? If there were any, I'd happily buy one. Daniel Mmm... that is nice. Just a suggestion, but maybe also a case badge with the new logo? :) btw, when will these be available? I'd like a hardcopy of the handbook. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: raid or not raid
[EMAIL PROTECTED] wrote: On 24/05/07, kalin mintchev [EMAIL PROTECTED] wrote: so nobody on this list knows anything about raid? wrong list? hi all.. i have a box in a remote hosting facility that claims that the machine has two discs raided in it but df and fstab show only one disc with a bunch of slices. under devices there is another name - ad6 - but it's not mounted anywhere. the one i see both in df and the fstab is ad4 with one big slice and different partitions they insist there are 2 raided discs in tha machine. the os is 5.4 and i think at that point the raid drivers were still considered 'experimental'. it makes sense to me that if i don't see a second drive in the fstab there isn;t any mounting which means that there is no raid going on... is there any other way i can make sure if raid is actually on? would there will be any logs somewhere? the machine has been up for about 2 years and the dmesg is long gone... thanks. Lots of people here know plenty about RAID, but you don't provide very much information. If dmesg itself returns none of the startup info, you can look in /var/log/dmesg.[today|yesterday]. /usr/sbin/pciconf can tell you what controller(s) may be attached. A proper RAID will show up as a single device, just like any hard drive (but different). It does seem odd to me that a (supposed) RAID would show up as /dev/ad4. Possibilities: Your RAID really is on /dev/ad4 and /dev/ad6 is something unexplained. Your RAID controller is unsupported in 5.x and not Doing The Right Thing but somehow still (kind of) working as a normal [S]ATA controller. Your RAID controller is unsupported in 5.x and your hosting company realised this and wired the shebang up as a normal [S]ATA controller because they couldn't get FreeBSD to install otherwise. There is a RAID controller and there are two disks connected to it, but the controller was not set up correctly. There is a RAID controller and there are two disks connected to some other controller which might lead to some interesting phone calls. Your remote hosting company put a RAID with two disks in some random machine and someone else is complaining on some other list about the inverse of your problem. Also what type of RAID? If it's Hardware RAID _and_ it's using a 3ware card, you can install tw_cli from /usr/ports/sysutils. It's a nice little utility and will show you the status of your units/ports/drives and how many drives you have on that controller. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Network storage
Zbigniew Szalbot wrote: Hello, What options do I have of using a network storage device such as Buffalo TeraStation? I can access it from Windows via network share or via FTP protocol. How can I access this device from FreeBSD? TeraStation is on the same LAN as FBSD machine. I would like to use TeraStation for backup purposes as the drives there can hold lots of data. I know I can use FTP but then how would you go about backup? Do backups on the local FBSD drive and then have some kind of script/software (what kind of?) to copy it via FTP to TeraStation? Many thanks in advance! Hi. Yes you can automate ftp transactions. Here is one article: http://www.quepublishing.com/articles/printerfriendly.asp?p=170517rl=1 I only skimmed that article, but it looks good. A google search is sure to turn up more. I would suggestion against ftp if possible. Scp (or sftp) is cp/ftp over a secure (SSH) connection which allows for encrypt of passwords and/or files. This too can be automated - provided that your network storage device allows SSH connections. Also - using smbmount or smbclient (part of the samba package/port); you can use these to access the Windows share on the network storage device. If I remember correctly though, the Windows protocol doesn't encrypt the information, which is as bad as ftp - since the hackers can steal all your passwords, information and files! -J ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
reject mail hosts
This is in the daily run output. Anyone know what this means? It's it someone trying to relay/spam though me? Checking for rejected mail hosts: 2 bcast.americansingles.com (553... exist) 1 gmail.com (550... denied) 1 aol.com (550... denied) 1 (553... required) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: reject mail hosts
Thanks for the info. If all of those requests have been denied (by the way, which file are those logged into?) - then have any of them worked? I just want to make sure I'm not relaying/accepting spam! -J Mikhail Goriachev wrote: Jack Barnett wrote: This is in the daily run output. Anyone know what this means? It's it someone trying to relay/spam though me? That's right. Someone's trying to deliver/relay e-mails through your system and such attempts get logged and reported to you. Checking for rejected mail hosts: 2 bcast.americansingles.com (553... exist) 1 gmail.com (550... denied) 1 aol.com (550... denied) 1 (553... required) 553... exist: domain of sender doesn't exist 550... denied: relaying denied / authentication required You shouldn't worry about it. Regards, Mikhail. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Updating all ports
For /usr/ports I sync to just '.' (dot). Is that what I want? (I want just 'stable' ports, nothing bleeding edge). for /usr/src I sync to: RELENG_6 But my question, is there a way to go though and say let's rebuild any port that is newer (via sync) then one I current have? For example, if I build and install application FooBar-1.0.0 from the /usr/ports and the next week FooBar-1.0.7 is there a way to say yea, let's rebuild this instead of manually building it? Or at the very least, give me a list of changes on which applications need to be manually built. Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
DNS Cache - Bind
I'm running Bind 9.3.4 on FreeBSD 6.2 for my local network. It doesn't have any zones, it's just a local DNS that has a bunch of forwarders. The first request is slow (between 150 and 300 ms) - but after that (the next query on same domain) is fast (less then 10 ms usually). This is nice and working the way I like it. :) What I'm wondering though is: a) How do I flush the cache if I need to (ie. need to get a new update from the forwards) - just restart named? b) Are there any settings I can tweak that determine how long the cache is kept? (ie. Say I want to keep all queries for 7 days before they are queried from the upstream DNS servers). [This will probably screw up dynamic DNS sites, but want to see what settings are available] c) Is there a easy way to 'blacklist' sites? Say I want 'SpammerNetwork.com' to resolve to 127.0.0.1. Basically I want to take this host file: http://www.mvps.org/winhelp2002/hosts.htm and then pump it into my DNS server, that way all the LAN clients are protected from these sites. Is there a way to do that? -J ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Find out startup programs execution order..
Look before and after the error messages What other messages you see? That'll give you a general idea on where it's at in the startup process when you get that error. On 5/15/07, Agus [EMAIL PROTECTED] wrote: Hi... i am trying to solve a problem with an error message during startup.. su: /bin/csh : Permission Denied so i am trying to find the way the programs start during boot thats it Thanxsss ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Disk going bad?
I think I have a disk going bad. Is there any tools for freebsd that'll check the disk and let me know if there is a hardware problem or not? (I'm getting ECC errors from my controller and trying to firgure out if it's a bad controller or a bad drive [already checked the cables and all that, so just have it down to these 2 peices of hardawre]) k, thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: VNC ??
uh, since he's blocking my emails, here is info if anyone else is interested. -- Forwarded message -- From: Jack Barnett [EMAIL PROTECTED] Date: May 14, 2007 1:58 PM Subject: Re: VNC ?? To: Pete C [EMAIL PROTECTED] The way I have mine setup is with Tight VNC (fairly new) [tightvnc.org] Then run it with the local option (so it binds to 127.0.0.1 instead of outside interface (for security reasons). Then I use Putty to SSH in and use that to port forward. Then after I have SSH session I do VNC to localhost:10 which drops me to the unix desktop. The advantages of this are: Secure encrypted connection. Ability to use compression (either via SSH or TightVNC) Compression allows it to be really fast, it's fairly responsive even over a DSL or cable line. Also secure in the fact that your VNC port isn't hanging wide open (just SSH) If your on the local unix box you can also just start a desktop then do 'vncviewer 127.0.0.1:1' and get your remote desktop (so it moves around with you, regardless if your local or remote) On 5/14/07, Pete C [EMAIL PROTECTED] wrote: what are some of the more current ways to do remote desktop functions w/ FreeBSD 6.2 host and WinXP client . . googled, but alot of stuff out there seems to be awful old . . TIA Pete C ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Maintenance Due
Wait, what? On 5/14/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: 3D 3D 3D [Company.jpg ] [1][Product.jpg ] [2][Contact.jpg ] 3D 21439 N. 2nd Ave, Phoenix, AZ 85027 USA Toll Free 800.658.5883 | Fax 602.257.4313 | [EMAIL PROTECTED] Dear Customer, Our service records indicate your Uninterruptible Power System (UPS) is overdue for battery replacement. Smaller UPS's require battery replacement every two years to avoid not only unexpected downtime, but occasional damage to the UPS from old swollen or leaking batteries. The unit requiring service is: Equipment Information Brand APC (American Power Conversion) Model SU1000 Serial 32112 KVA Size 1 Kva Batt Cycle Replacement 2 Year Replacement Cycle Last Svc or Sold Date May 11, 2005 Please update us if this information is in error IMPORTANT - If you are not the primary person responsible forthis equipment, please reply to this email and let us know who is. If you have more UPS equipment you would like us to track battery replacement, or service needs free of charge, register any other units in our Auto-Notify programmore There are 3 ways you can handle the service needs of this unit: 1. Replace the UPS requiring service with a fully warranted refurbished UPS...more 2. Depot Service is available for this unit. You can send us your UPS and if requested, we can ship you loaner units while your unit is being servicedmore 3. If you prefer self-maintenance, we manufacture UPS batteries and have an informative online resource for your battery pack needs. Our website tools include a point and click order feature allowing you to identify and order your replacement batteries from the UPS brand and modelmore If you would like to add other power conditioning units to this free Auto-Notify Program for either preventive maintenance orbattery replacement notification, all designed to give you aheads-up when your maintenance is due, or batteries are due for replacementmore Call me or email me with questions, Darrin Krein X235 Account Manager 602 863-2655 Our email notifications avoid unnecessary paper waste, help preserve our valuable natural resources (such as forests and oil), protect wildlife habitats, and do not contribute to landfills. However, we do not wishto bother people by sending our messages to those not interested in what we do. To be removed from our email list, please click on [4]Remove. We apologize for bothering you. Website E-S tore - UPS and Batteries E-Store - Cabling Products [5]Email me Sent to - [EMAIL PROTECTED] Phoenix - Scottsdale - Tucson - Las Vegas - Salt Lake City - Myrtle Beach References 1. 3Dhttp://www.gruberpower.com/ 2. 3Dhttp://www.gruberpower.com/ 3. 3Dmailto:[EMAIL PROTECTED] 4. 3Dmailto:[EMAIL PROTECTED] 5. 3Dmailto:[EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
temp
Is there any program that'll monitor the temperate of my motherboard? There are some windows program that'll give me status on my fans, CPU temps, motherboard temps, etc - is there anything like that in the ports collection? (basically I think my CPUs are overheating in one server) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
procmail filter for them all?
I have sendmail using procmail as the local deliver and each user has this in their .procmailrc file: LOGFILE=/u1/logs/$USER.procmail.log :0 $HOME/Maildir/ Is there a way to do that globally for all users so that they don't each need their own .procmailrc file? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ip refresh, resolv.conf and local scripts on startup?
hrm, thanks, but this doesn't seem to work:
`ifconfig xl0 down` doesn't do anything... executes without error, but the
interface stays up.
`/sbin/dhclient` gets a new IP, but doesn't re-do the firewall with new
IP, so everything is broken.
echo nameserver 123.34.45.67 /etc/resolv.conf
echo nameserver 321.23.67.328 /etc/resolv.conf
This is over written on startup/reboot by the dhcpclient. If I modify the
file, then it tries to correct it self and over writes the file with the
DNS servers provided via the DHCP server.
Any other ideas?
Thanks,
Jack
On 5/8/07, User Iam [EMAIL PROTECTED] wrote:
Hi
To get a new ip
Do
/sbin/ifconfig ethX use correct number down
/sbin/dhclient # to get a new ip..
Then for resolv.conf
echo nameserver 123.34.45.67 /etc/resolv.conf
echo nameserver 321.23.67.328 /etc/resolv.conf
HTH
User Iam
On 5/8/07, Jack Barnett [EMAIL PROTECTED] wrote:
I have a script that updates some dynamic DNS records (can be run as
non-root if needed).
It needs to be run on startup - after network is configured and after
rc.firewall (it'll get blocked if it's run before the firewall is
setup).
What is a good place to put this? I could put it at the end of
rc.firewall,
but is there a better place to put it?
Also how do I refresh a dynamic IP without rebooting?
Sometimes my cable modem gets messed up and under windows I just do:
ipconfig /release
ipconfig /renew
and it gets new IP and sets everything up. In FreeBSD is there a way to
reconfigure everything without rebooting?
(rc.firewall uses this to get network info:
onet=`ifconfig xl0 | grep inet | awk '{print $6}'`
oip=`ifconfig xl0 | grep inet | awk '{print $2}'`
Meaning, rc.firewall would also have to be re-ran if the IP is new).
[also to make things more complicated, I think I need a rule in
rc.firewallto allow for DHCP clients to go out? It gets blocked on
external interface
when firewall comes up??]
Also how do I override /etc/resolv.conf? DHCP client configures it I
think
and sets it up to point to my ISP DNS servers (which suck) and would
like to
give it mine instead of there, but it keeps getting over written on
startup
when it gets a DHCP lease?
thanks.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Disk problems?
hrm... ? Doing it again: twa0: INFO: (0x04: 0x000B): Rebuild started: unit=0 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=0 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=1 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=0 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=1 twa0: INFO: (0x04: 0x0005): Rebuild completed: unit=0 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=0 twa0: ERROR: (0x04: 0x0002): Degraded unit: unit=0, port=0 twa0: ERROR: (0x04: 0x0009): Drive timeout detected: port=1 twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=1 twa0: ERROR: (0x04: 0x000A): Drive error detected: unit=0, port=1 now says both disks are having problems (I removed the other two disks and just keeping the two root drives in array unit 1): Unit UnitType Status %RCmpl %V/I/M Port Stripe Size(GB) u0 RAID-1DEGRADED* - - - - 74.4951 u0-0 DISK WARNING- - p1- 74.4951 u0-1 DISK DEGRADED - - p0- 74.4951 What the ? I tested both of these under WinXP and they come up fine. No errors, nothing when running windows. Under FreeBSD, it throws those errors above and then sets them degraded (and then the bios flags them on reboot) - but if I run windows, it never flags them and everything is fine. Another thing I noticed is that under FreeBSD the drives will starts clicking and making god awful noises, really loud clicking like the heads are jerking back and forth really fast. Doesn't happen in windows, they run really quite and smooth. Is this some sort of bad driver messing up my disks? I don't know what the hell it's doing to my drives, but it sounds god awful... I have it booted in windows now and it doesn't do that. I've never seen this before. Why does it keep clicking my drives like that and why is it throwing errors? I've rebuild this array about a half dozen times already. I synced to 6.2 rel and rebuild both kernel and world, but something doesn't seem right :( On 5/7/07, Jack Barnett [EMAIL PROTECTED] wrote: I have a 3ware (AMCC) 9500S-4LP RAID card and 4 disks in 2 Mirror 1 arrays: Unit 1: 2 x 80 gigs Unit 2: 2 x 400 gigs Under windows this was working fine. Both disks where healthy and running (I could test this by unplugging one or the other): Under FreeBSD though, it says it's not working: May 7 13:57:37 fire kernel: twa0: INFO: (0x04: 0x000B): Rebuild started: unit=0 May 7 13:57:37 fire kernel: twa0: INFO: (0x04: 0x000B): Rebuild started: unit=1 May 7 13:57:48 fire kernel: twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=0 The rebuild message is fine, but keeps getting Drive power on reset detected: port=0 In the 3ware BIOS, it shows all drives as active (ie. powered on and connected), so don't know why the kernel thinks it's powered down? Does it mean something else? If I just wait for about 20 minutes, the drives start rebuilding: Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy -- u0RAID-1REBUILDING 37 - - 74.4951 OFFOFF u1RAID-1REBUILDING 13 - - 372.519 OFFOFF (it's in Unit one above, 37% complete). So even though it's getting this Drive power on reset detected it eventually rebuilds it's self. ? Any ideas what this message means? I thought it was an error, but seems fine since it's rebuilding it's self. ? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ip refresh, resolv.conf and local scripts on startup?
I have a script that updates some dynamic DNS records (can be run as
non-root if needed).
It needs to be run on startup - after network is configured and after
rc.firewall (it'll get blocked if it's run before the firewall is setup).
What is a good place to put this? I could put it at the end of rc.firewall,
but is there a better place to put it?
Also how do I refresh a dynamic IP without rebooting?
Sometimes my cable modem gets messed up and under windows I just do:
ipconfig /release
ipconfig /renew
and it gets new IP and sets everything up. In FreeBSD is there a way to
reconfigure everything without rebooting?
(rc.firewall uses this to get network info:
onet=`ifconfig xl0 | grep inet | awk '{print $6}'`
oip=`ifconfig xl0 | grep inet | awk '{print $2}'`
Meaning, rc.firewall would also have to be re-ran if the IP is new).
[also to make things more complicated, I think I need a rule in
rc.firewallto allow for DHCP clients to go out? It gets blocked on
external interface
when firewall comes up??]
Also how do I override /etc/resolv.conf? DHCP client configures it I think
and sets it up to point to my ISP DNS servers (which suck) and would like to
give it mine instead of there, but it keeps getting over written on startup
when it gets a DHCP lease?
thanks.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Disk problems?
I have a 3ware (AMCC) 9500S-4LP RAID card and 4 disks in 2 Mirror 1 arrays: Unit 1: 2 x 80 gigs Unit 2: 2 x 400 gigs Under windows this was working fine. Both disks where healthy and running (I could test this by unplugging one or the other): Under FreeBSD though, it says it's not working: May 7 13:57:37 fire kernel: twa0: INFO: (0x04: 0x000B): Rebuild started: unit=0 May 7 13:57:37 fire kernel: twa0: INFO: (0x04: 0x000B): Rebuild started: unit=1 May 7 13:57:48 fire kernel: twa0: ERROR: (0x04: 0x003A): Drive power on reset detected: port=0 The rebuild message is fine, but keeps getting Drive power on reset detected: port=0 In the 3ware BIOS, it shows all drives as active (ie. powered on and connected), so don't know why the kernel thinks it's powered down? Does it mean something else? If I just wait for about 20 minutes, the drives start rebuilding: Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy -- u0RAID-1REBUILDING 37 - - 74.4951 OFFOFF u1RAID-1REBUILDING 13 - - 372.519 OFFOFF (it's in Unit one above, 37% complete). So even though it's getting this Drive power on reset detected it eventually rebuilds it's self. ? Any ideas what this message means? I thought it was an error, but seems fine since it's rebuilding it's self. ? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Disk problems?
6.2 Release/stable (synced source as of yesterday, rebuilt and still getting it) On 5/7/07, Peter A. Giessel [EMAIL PROTECTED] wrote: On 2007/05/07 11:16, Jack Barnett seems to have typed: I have a 3ware (AMCC) 9500S-4LP RAID card and 4 disks in 2 Mirror 1 arrays: Unit 1: 2 x 80 gigs Unit 2: 2 x 400 gigs Under windows this was working fine. Both disks where healthy and running (I could test this by unplugging one or the other): Under FreeBSD though, it says it's not working: What version of FreeBSD? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Custom Build
Hello all, How this is the correct list to post this to, if not, please point me to a more apporiate list. What I want to do is make a custom automated build for FreeBSD. Basically, create a build, burn it to CD-ROM, go stick it into a server and it automatically configures to the correct hardware, auto sets up the file system (1 hard drive per server) and then reboots. When it comes back up, I have a full functionaly customized FreeBSD install. The only interaction that should happen during the install, is putting in the hostname, select static or dynamic ip and then [for non-FreeBSD app] select to save to local or network drive. I'm good with perl/bash, etc, so I know how to create a script to automate the install for our application. I need to do this on a lot of servers, so doing a manual install would take weeks. Each server has 1 hard drive, all the data is stored on a very robust file server that gets backed up, if the hard drive fails, we just replace, rebuild and contiune where we left off. During the install, it should just partion off 512 for swap, then use rest of disk for root directory. Each disk may be a differant size, but they will all be more then 2 gigs. The build I want to create would be a mini-FreeBSD, just the kernal, some basic programs and 1 non-FreeBSD application. The only port that would be open is for SSHD and all servers would sit behind a firewall in there own seperate subnet (firewall only routes http requests to upload data and incoming ssh connections). We're currently using a very old custom Linux build, it's less then 10 megs total. The problem we are having with this, is that it doesn't support all the newer hardware we use (the build is about 4-5 years old) and FreeBSD is our standard operating envoriment (as far as servers goes), the admins here are more famlair with FreeBSD so it makes sense to switch to FreeBSD since we have to update the build anyways (the guy that made the build isn't here any more and the rest of us are FreeBSD fan-boys :P ) All the other FreeBSD servers that aren't in the cluster/grid are manually installed. Could someone point me in the right direction or to some documentation or other resources? Regards, Jack ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
