Re: reviving games/freebsd-games

2008-10-28 Thread Jurjen Middendorp 
On Mon, Oct 27, 2008 at 09:22:19PM +0100, clemens fischer wrote:
 Jeremy Chadwick:

 I think the bottom line here is that until someone steps up and
 actually volunteers to fix the code, it will remain broken.  (I don't
 normally tote this attitude, but in this case it's applicable: this is
 a volunteer project! :-) )

That's why I want to try my skills on it.  I found the emails you cited,
but they didn't help much.

Gdb(1) is no mystery to me, and it told me where larn crashes.  Doing
scrollname[i][0]=' ' with char *scrollname[] = {\0something,...}
shouldn't cause a SIGSEGV as far as I know.

regards, clemens

If you do char *p = something, you can't write to that string (it's a
pointer into some stringtable: easy way to look at it :). You have to use
char p[] = something, then it's an array with enough storage to write to :)
maybe try something like char scrollname[NUMSCROLLS][]; ?

greetings,
Jurjen.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

vpnc problem: protocol not supported?

2008-02-24 Thread Jurjen Middendorp 
Hello, i am trying to connect to the vpn at university from home.
I have made a new kernel with what i think (thought) was needed for ipsec
from reading the handbook, my kernel file looks like:

include GENERIC
ident   MYCOMPUTER
options SMP

options IPSEC
options IPSEC_ESP

The kernel build and installed fine, however if i try to connect using vpnc
it gives the following message:
socket(PF_INET, SOCK_RAW, IPPROTO_ESP): Protocol not supported

At the beginning of booting (top of dmesg) it says this:
WARNING: debug.mpsafenet forced to 0 as ipsec requires Giant
WARNING: MPSAFE network stack disabled, expect reduced performance.

I'm not sure what's wrong: am i missing something in the kernel config or
is it something else?? I am using 6.2-RELEASE.

Greetings!
- Jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: pdksh vs. mksh info [was: Re: Apparently, csh programming is considered harmful.]

2007-12-20 Thread Jurjen Middendorp 
On Mon, Dec 17, 2007 at 03:32:38PM -0500, Chuck Robey wrote:
Jurjen Middendorp wrote:
  If you're familiar with pdksh, are you also familiar with ksh93, which
is (I believe) Mr. Korn's own shell?  If you are, I would be interessted
  in your opinion of the two, any comparisons you might give.
I've never used ksh93 so I really can't say.  There is a NOTES file
included with pdksh which gives a starter.  I created this port a few
years ago because of some random issue I've long since forgotten with
pdksh on my FreeBSD box which didn't happen on my OpenBSD box.

tom

I never used pdksh, but am using ksh93 for quite a while now and have used
bash, too. For some reason i like it better than bash, the vi mode is a bit
better somehow, it feels alot sturdier. It doesn't have those special
variables like $! and !! i believe, but it has alot of neat features like

-^ i ment !$ offcourse :)

basic network programming, lots of parameter expansion stuff and is just a
very nice shell :)

I havre installed it, and played with it a bit, I admit it's nicer than 
sh (and I *think*, bash) but the reason I haven't tried using it 
regularly is because I can't find a nicely set up .kshrc ... if you have 
one, I'd appreciate a copy.  Might be nice, if it's not terribly long, 
to post it to the list, too.

Basically it's just like any other shell .*rc. It sets some environment
variables for stuff, a bunch of aliases and some functions i find useful
myself, or am too lazy to throw away. Nothing really ksh-specific, except
maybe some of the functions i wrote use ksh-stuff like arrays, but that's
not really ksh-specific as well.  You could use google to find any .*rc for
sh-like shells and copy those (or get a copy of unix power tools, it's a
nice book to make you feel at home in a shell)

-jurjen

ps. these functions i probably use the most :)

alias d=do_in_bg dillo
alias x=do_in_bg xpdf
alias ff=do_in_bg firefox
#do a program in the background:
do_in_bg() {
$@  /dev/null 21 
}

#open a webpage from disk, like: $cd /usr/share/doc/en  htm 
#to look at all the (english) freebsd-docs :)
htm() {
set -A stuff $(find -L . -name index.htm* -print)
(for ((i=0; i  ${#stuff[*]}; i++)); do print $i \t: ${stuff[i]}; done) | 
$PAGER
read x  d ${stuff[$x]}
}
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: pdksh vs. mksh info [was: Re: Apparently, csh programming is considered harmful.]

2007-12-16 Thread Jurjen Middendorp 
On Sun, Dec 16, 2007 at 11:34:50PM -0500, Tom McLaughlin wrote:
On Sun, 2007-12-16 at 22:26 -0500, Chuck Robey wrote:
 Tom McLaughlin wrote:
  Now that you mention pdksh, have you tried mksh (in Ports too)?
 
  I've installed it and successfully run moderately large ksh scripts
  (like the webrev(1) utility of OpenSolaris), and it is about an order of
  magnitude smaller than pdksh here:
 
  % [EMAIL PROTECTED]:/usr/local/bin$ ls -ld mksh bash ksh
  % -rwxr-xr-x  1 root  wheel  -  684699 Dec  9 19:51 bash
  % -r-xr-xr-x  1 root  wheel  - 2390645 Aug 31 17:07 ksh
  % -r-xr-xr-x  1 root  wheel  -  236202 Dec  9 18:34 mksh
  % [EMAIL PROTECTED]:/usr/local/bin$ ldd mksh bash ksh
  % mksh:
  % libc.so.7 = /lib/libc.so.7 (0x280ae000)
  % bash:
  % libncurses.so.7 = /lib/libncurses.so.7 (0x28101000)
  % libintl.so.8 = /usr/local/lib/libintl.so.8 (0x28144000)
  % libiconv.so.3 = /usr/local/lib/libiconv.so.3 (0x28156000)
  % libc.so.7 = /lib/libc.so.7 (0x2824b000)
  % ldd: ksh: not a dynamic executable
  % [EMAIL PROTECTED]:/usr/local/bin$
 
 
  I've maintained a port of OpenBSD's pdksh for some time but I've never
  committed it.  Think of pdksh but still actively maintained.
 
  http://people.freebsd.org/~tmclaugh/files/openksh/openksh-4.2.shar
 
  [EMAIL PROTECTED] tom]$ ls -al /usr/local/bin/ksh
  -r-xr-xr-x  1 root  wheel  192032 Dec 16 18:22 /usr/local/bin/ksh*

   If you're familiar with pdksh, are you also familiar with ksh93, which
 is (I believe) Mr. Korn's own shell?  If you are, I would be interessted
   in your opinion of the two, any comparisons you might give.

I've never used ksh93 so I really can't say.  There is a NOTES file
included with pdksh which gives a starter.  I created this port a few
years ago because of some random issue I've long since forgotten with
pdksh on my FreeBSD box which didn't happen on my OpenBSD box.

tom

I never used pdksh, but am using ksh93 for quite a while now and have used
bash, too. For some reason i like it better than bash, the vi mode is a bit
better somehow, it feels alot sturdier. It doesn't have those special
variables like $! and !! i believe, but it has alot of neat features like
basic network programming, lots of parameter expansion stuff and is just a
very nice shell :)

-jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: Linux /proc on FreeBSD

2007-12-02 Thread Jurjen Middendorp 
On Sun, Dec 02, 2007 at 01:32:37AM +0100, Pieter de Goeje wrote:
On Sunday 02 December 2007, Lennart Koopmann wrote:
 Hey everyone,

 i am going to port a server that i am currently working on to FreeBSD.
 I don't have much experience with FreeBSD yet.  The only real big thing
 i have to change is the way some data is fetched. In the Linux version i
 read in data like the hostname, the domainname, the kernel version etc
 from /proc.
Sysctls kern.hostname and kern.version.

 Is there a central point to look for those values in FreeBSD?
Yes, the sysctl MIB tree.
 If not, where do i get those values?

 I _don't_ want to use external binaries like sysctl etc...
man 3 sysctl :)

Why not use (more portable (?)) functions instead of linux-isms or
freebsd-isms? (e.g. uname, gethostname and friends vs. /proc and sysctl).

-jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: (off topic?) Best desktop

2007-11-24 Thread Jurjen Middendorp 
On Sat, Nov 24, 2007 at 09:03:14AM -0500, Aryeh M. Friedman wrote:

Well I pretty much went this way:

abrwm (evilwm) (tinywm didn't have vwindows), fbpanel, xv, idesk,
transset-dt, I have not selected a fm yet...  For the most part I really
like it (lean and mean) but one feature that several my apps support is
transparent windows but seems abrwm for what ever reason doesn't support
this and will completely ignore any windows with it...  so I am looking
for the next smallest wm that can do virtual windows and transparency... I
know openbox, ion, xfwm all can do it but want something even lighter.

Hello!  i used ion for a while and it was pretty fast/easy to use. I
recently tried out wmii and wmii is really nice. It's a bit less featureful
(sp?) than ion, but it's smaller and easier to use. It's also very cool
that its main (event) loop is a 200 line shell script.  I don't know about
transparency, but wmii doesn't have virtual windows (?).  But it does have
a very neat tagging system where each window has (a set of) tags. You can
select tags to view and you will only have the windows with that tag on the
screen. i like it very much! =) it's also not as strict about the tiling as
ion, which is a plus as well in my opinion.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: FreeBSD 7.0

2007-11-24 Thread Jurjen Middendorp 
On Thu, Nov 22, 2007 at 10:43:24PM -0800, kasthurirangan balaji wrote:
Hi,

I am using FreeBSD 6.1 on my laptop. I understand that
FreeBSD 7.0 will have ZFS file system. I did go
through the sun website to understand the advantages
of ZFS. Given that, will FreeBSD have a
BTree/B+Tree(replicating c++ multimaps, but file
based) by default on ZFS which i guess should be very
useful for persons like me who do not want a full
fledged database with all SQL features. I am aware of
the existence of dbm/ndbm/gdbm, but i guess all
support hash. If my thoughts are wrong, pls correct
me. I also hope that i have sent to the correct
mailing list.

Thanks,
Balaji.

Hello!
i don't know about the filesystem things, but if you want a data 
base to program with, you can have a look at dbopen(3) :)
- jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: problems using gdb on threaded programs

2007-11-13 Thread Jurjen Middendorp 
Ok let me try again (more explanation/question below).

Also sorry that i screwed up the script output by having a copy of the text
in it... not sure how that happened!

On Sat, Nov 10, 2007 at 05:53:09PM +, Jurjen Middendorp wrote:
Hello, when i try to debug a program with threads (with gdb) gdb complains
about not being able to find thread start point and kind of hangs (see
below). It is quite likely i misconfigured something, but i have no idea
what that something would be (maybe forgot to put stuff in kernel?). 
I tried installing a newer version of gdb (6.6) but that fails in a
different way, it can't get the thread info (breakpoints seem to work
better though :) I also tried to recompile libpthread in /usr/src/lib with
debug flag, but no potato.
What else can i try now? i'm kind of stumped.

- jurjen

PS. Below is an output of the errors of gdb and a small program that fails.

Script started on Sat Nov 10 16:51:32 2007

/home/jurjen/C
$cat threadthingy.c
#include stdio.h
#include pthread.h

void *
start(void* blah) 
{
   printf(hello from a thread!\n);
   return NULL;
}

int 
main(void) 
{
   pthread_t tid;
   pthread_create(tid, NULL, start, NULL);
   pthread_join(tid, NULL);
   printf(done!\n);
   return 0;
}

/home/jurjen/C
$gdb66 threadthingy
GNU gdb 6.6 [GDB v6.6 for FreeBSD]
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type show copying to see the conditions.
There is absolutely no warranty for GDB.  Type show warranty for details.
This GDB was configured as i386-portbld-freebsd6.2...
(gdb) b main
Breakpoint 1 at 0x804860c: file threadthingy.c, line 11.
(gdb) b start
Breakpoint 2 at 0x80485d6: file threadthingy.c, line 5.
(gdb) r
Starting program: /stuff/backup/C/threadthingy 

Breakpoint 1, main () at threadthingy.c:11
11 pthread_create(tid, NULL, start, NULL);
(gdb) c
Continuing.

Breakpoint 2, start (blah=0x0) at threadthingy.c:5
5  printf(hello from a thread!\n);
(gdb) info threads
(gdb) info thread
(gdb) help info threads
IDs of currently known threads.
(gdb) thread 1
Thread ID 1 not known.
(gdb) thread 0
Thread ID 0 not known.
(gdb) thread
[Current thread is 0 (process 53031)]
(gdb) thread next
No symbol next in current context.
(gdb) thread 0
Thread ID 0 not known.
(gdb) info thread
(gdb) c
Continuing.

The problem is here i think, why can't gdb display the thread-info? (Or
find thread creation points (?) using an older version of gdb).
Do i need to use another library/compiler flags if i want to debug threaded
programs?

- jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

problems using gdb on threaded programs

2007-11-10 Thread Jurjen Middendorp 
Hello, when i try to debug a program with threads (with gdb) gdb complains
about not being able to find thread start point and kind of hangs (see
below). It is quite likely i misconfigured something, but i have no idea
what that something would be (maybe forgot to put stuff in kernel?). 
I tried installing a newer version of gdb (6.6) but that fails in a
different way, it can't get the thread info (breakpoints seem to work
better though :) I also tried to recompile libpthread in /usr/src/lib with
debug flag, but no potato.
What else can i try now? i'm kind of stumped.

- jurjen

PS. Below is an output of the errors of gdb and a small program that fails.

Script started on Sat Nov 10 16:51:32 2007

/home/jurjen/C
$cat threadthingy.c
#include stdio.h
#include pthread.h

void *
start(void* blah) 
{
printf(hello from a thread!\n);
return NULL;
}

int 
main(void) 
{
pthread_t tid;
pthread_create(tid, NULL, start, NULL);
pthread_join(tid, NULL);
printf(done!\n);
return 0;
}

/home/jurjen/C
$gdb -v
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type show copying to see the conditions.
There is absolutely no warranty for GDB.  Type show warranty for details.
This GDB was configured as i386-marcel-freebsd.

/home/jurjen/C
$gdb threadthingy
(gdb) break main
Breakpoint 1 at 0x804860c: file threadthingy.c, line 11.
(gdb) r
Starting program: /stuff/backup/C/threadthingy 
warning: Unable to get location for thread creation breakpoint: generic error
[New LWP 100143]
^C^C^Chelp, gdb hang and now i have to kill it!!^C^C^C^CKilled

/home/jurjen/C
$gdb66 threadthingy
GNU gdb 6.6 [GDB v6.6 for FreeBSD]
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type show copying to see the conditions.
There is absolutely no warranty for GDB.  Type show warranty for details.
This GDB was configured as i386-portbld-freebsd6.2...
Hello, when i try to debug a program with threads (with gdb) gdb complains
about not being able to find thread start point and kind of hangs (see
below). It is quite likely i misconfigured something, but i have no idea
what that something would be (maybe forgot to put stuff in kernel?). 
I tried installing a newer version of gdb (6.6) but that fails in a
different way, it can't get the thread info (breakpoints seem to work
better though :) I also tried to recompile libpthread in /usr/src/lib with
debug flag, but no potato.
What else can i try now? i'm kind of stumped.


(gdb) b main
Breakpoint 1 at 0x804860c: file threadthingy.c, line 11.
(gdb) b start
Breakpoint 2 at 0x80485d6: file threadthingy.c, line 5.
(gdb) r
Starting program: /stuff/backup/C/threadthingy 

Breakpoint 1, main () at threadthingy.c:11
11  pthread_create(tid, NULL, start, NULL);
(gdb) c
Continuing.

Breakpoint 2, start (blah=0x0) at threadthingy.c:5
5   printf(hello from a thread!\n);
(gdb) info threads
(gdb) info thread
(gdb) help info threads
IDs of currently known threads.
(gdb) thread 1
Thread ID 1 not known.
(gdb) thread 0
Thread ID 0 not known.
(gdb) thread
[Current thread is 0 (process 53031)]
(gdb) thread next
No symbol next in current context.
(gdb) thread 0
Thread ID 0 not known.
(gdb) info thread
(gdb) c
Continuing.

Breakpoint 2, start (blah=0x0) at threadthingy.c:5
5   printf(hello from a thread!\n);
(gdb) c
Continuing.

Breakpoint 2, start (blah=0x0) at threadthingy.c:5
5   printf(hello from a thread!\n);
(gdb) c
Continuing.

Breakpoint 2, start (blah=0x0) at threadthingy.c:5
5   printf(hello from a thread!\n);
(gdb) n
0x2809373e in ?? () from /lib/libpthread.so.2
(gdb) d b
Delete all breakpoints? (y or n) y
(gdb) c
Continuing.
hello from a thread!
done!

Program exited normally.
(gdb) quit

Script done on Sat Nov 10 16:53:31 2007

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: IBM T60 laptop?

2007-02-23 Thread Jurjen Middendorp 
On Wed, Feb 14, 2007 at 09:40:37PM +1100, fbsd wrote:
 Hi All,
 
 I am looking for a good laptop to put FreeBSD (PCBSD) on. The general 
 consensus
 seems to be that IBM make good units and that the T60 is a good choice. But
 when I look at the three components  that seem to cause most trouble in
 laptops 1. Graphics cards, 2. high definition audio and 3. wireless cards,
 the T60 doesn't look so good.

The T60 is being made by lenovo i believe.

 Ok, I know that some people are having success with a driver for the Intel
 3945abg wireless, but it is still in development and not yet in the base
 system yet. In the short term, a wireless card can be used so this area can
 be overcome.

I'm not sure if my laptop also has the intel 3945abg card (i got it through
university and they were a bit fuzzy about what was what :) but i can use
mine with the atheros driver... Maybe you can contact lenovo/ your laptop
dealer to change the default wireless card?

 I don't know what is happening on the high definition audio front. I think
 a driver is being worked on but there is no work around until it becomes
 available. So for the moment there is no sound.

Yes there is :) Just make a search with keywords like: hdac freebsd thinkpad,
and you'll find it! if you can't find it i can send what i have, it works
for what i have (device   = '82801G (ICH7 Family) High Definition Audio').

 All the T60 models have either Intel or ATI graphic cards which don't have
 good support in FreeBSD (so I hear). In fact, a lot of people say always go
 for nVidia cards. This does not seem likely to change.

True, but vesa mode for X works fine, which is probably enough to display your
desktop and stuff. There's also a driver out there (fglrx or something) that
supports ATI cards (only 2d stuff) but i couldn't get that to work so maybe
that's just a big scam! :)

 So the T60 seems to strike out in all three areas. In fact most modern laptops
 have the same problems.
 
 So is my assessment correct? Or is there hope yet for the T60.

In my opinion the T60 is a really great laptop (it's also the only laptop i
ever used, so... , but i like it). It's fast, most things work, and the keys
aren't annoyingly small to type with which i expected, it being a laptop and
all. It also looks very nice and feels sturdy. So if you can change the
wireless card and don't want to use your graphics card for stuff like playing
games i can really recommend it!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

How did i destroy my fpc compiler + compiled binaries?

2007-02-03 Thread Jurjen Middendorp 
Hello, i have a very weird problem and am not sure what is wrong. I have
deinstalled my fpc compiler a while ago, but i wanted to install it again
today, but make-ing the port failed with some errors... not sure where to
send it to or what those errors mean, so i'll put them at the end of the
e-mail. If anyone knows what's wrong i'd like to hear it!

I have a slightly weirder problem though, all of the programs i compiled with
the freepascal compiler are failing mysteriously! I haven't run any of them
in awhile but all of them fail with the following message: Bad system call:
12 (core dumped). I'm not very sure what's wrong.  If i try to add the
freepascal compiler as a binary (with pkg-add -r fpc) it gives the same
message, so maybe it's an fpc problem. On the other hand those binaries used
to work, so maybe i screwed something up :)

I upgraded to stable a while ago and decided to remove some stuff from my
kernel config in the process, i think that maybe i removed a litle too much?
If anyone knows what is wrong or what i can do to get more information on
this problem please let me know! Maybe the problem is that i commented out
the compat-4 and compat-5 freebsd options? i thought i didn't needed them,
but maybe freepascal is a litle old? Most of the stuff i changed was removing
things i didn't have on my computer anyway, so that is the only thing i can
think of that could have broken fpc.

greetings, jurjen.


Here is the error i get from building the lang/fpc port. My kernel config
is below there :)

[EMAIL PROTECTED] ~]# uname -a
FreeBSD jurjen 6.2-STABLE FreeBSD 6.2-STABLE #8: Sat Feb  3 16:30:58 CET 2007   
 
  [EMAIL PROTECTED]:/usr/obj/usr/src/sys/JURJEN  i386

[EMAIL PROTECTED] /usr/ports/lang/fpc]# make
===  Building for fpc-2.0.4_1
gmake tempclean ppc3.exe
gmake[1]: Entering directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
/bin/rm -f ppcross ppc ppc1.exe ppc2.exe ppc3.exe ./msg2inc.exe
gmake 'OLDFPC=' next
gmake[2]: Entering directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
gmake rtlclean rtl
gmake[3]: Entering directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
gmake -C  clean
gmake: Entering an unknown directory
gmake: *** clean: No such file or directory.  Stop.
gmake: Leaving an unknown directory
gmake[3]: *** [rtlclean] Error 2
gmake[3]: Leaving directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
gmake[2]: *** [next] Error 2
gmake[2]: Leaving directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
gmake[1]: *** [ppc1.exe] Error 2
gmake[1]: Leaving directory 
`/usr/ports/lang/fpc/work/fpcbuild_2.0.4_exp/fpcsrc/compiler'
gmake: *** [cycle] Error 2
*** Error code 2


here is my kernel config file:

machine i386
cpu I686_CPU
options SMP
ident   JURJEN

# To statically compile in device wiring instead of /boot/device.hints
#hints  GENERIC.hints # Default places to look for devices.

options SCHED_4BSD  # 4BSD scheduler
options PREEMPTION  # Enable kernel thread preemption
options INET# InterNETworking
#optionsINET6   # IPv6 communications protocols
option   IPSEC
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates support
options UFS_ACL # Support for access control lists
options UFS_DIRHASH # Improve performance on big directories
#optionsMD_ROOT # MD is a potential root device
options NFSCLIENT   # Network Filesystem Client
options MSDOSFS # MSDOS Filesystem
options CD9660  # ISO 9660 Filesystem
options PROCFS  # Process filesystem (requires PSEUDOFS)
options PSEUDOFS# Pseudo-filesystem framework
#optionsGEOM_GPT# GUID Partition Tables.
options COMPAT_43   # Compatible with BSD 4.3 [KEEP THIS!]
#optionsCOMPAT_FREEBSD4 # Compatible with FreeBSD4
#optionsCOMPAT_FREEBSD5 # Compatible with FreeBSD5
#optionsSCSI_DELAY=5000 # Delay (in ms) before probing SCSI
options KTRACE  # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time 
extensions
#optionsKBD_INSTALL_CDEV# install a CDEV entry in /dev
options ADAPTIVE_GIANT  # Giant mutex is adaptive.

device  apic# I/O APIC
device  npx #floating point support

#Pseudo devices
device  mem

Re: How did i destroy my fpc compiler + compiled binaries?

2007-02-03 Thread Jurjen Middendorp 
Putting the COMPAT_FREEBSD4 and 5 options back in the kernel config solved
the problem for not being able to use the binaries (the ones i had compiled
with fpc and the fpc i get with pkg_add itself) so all is good now.

Is it just a Bad Idea to put them out of the kernel or is freepascal a
litle out of date with freebsd6? Everything else seems to be working fine.

regards, jurjen.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: external touchpad for Thinkpad T23? (fwd)

2007-01-02 Thread Jurjen Middendorp 

On Wed, Jan 03, 2007 at 02:49:48AM +1100, Ian Smith wrote:
I originally posted this to -mobile three months ago, but got no
nibbles.  The T23 is is running 6.1-RELEASE presently.  Anyone?

-- Forwarded message --
Date: Mon, 2 Oct 2006 05:18:23 +1000 (EST)
From: Ian Smith [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: external touchpad for Thinkpad T23?

I've just bought a Thinkpad T23, and I'm loving it .. but I'm not sure
I'll ever be able to love its TrackPoint, being spoilt by the touchpad
on my old Compaq Armada 1500c, with which I can be quite productive ..

The only one I've been able to google up that looks nearly small enough
to work with below the keyboard is the Adesso/Cirque EasyCat PS/2 or USB
pad .. any chance these will (some value of) work with FreeBSD 6? 

moused(8) only mentions the older (serial, and way too chunky) ALPS
Glidepoint, and the Interlink Versapad which looks more the right sort
of size, but appears to be no longer available?

I'd appreciate any clues.

Cheers, Ian

Moused(8) doesn't mention the ALPS glidpoint nor the Interlink VersaPad. It 
mentions
the protocols those things use, so you could use all touchpad things that use 
that
protocol.

But i can't say that i have ever used one, so you might want to wait and see if
there is someone that has actually used them.  Maybe you can find a computer 
shop
where you can try it?

Anyway, if you buy the ps/2 touchpad specify the ps/2 proto... which is actually
described 15 lines below the ALPS gildepoint and 11 lines below versapad ;P And
the adesso usb touchpad is plug-and-play so i think that that one will work if 
you
set moused to 'auto' (don't forget usb-mice kernel options?).

You might also want to have a look at the ion window-manager. Especially on 
laptops
it's a real pleasure to work with because it decreases the need to use a mouse 
for
things, so you don't have to carry a lot of stuff - besides your laptop.  And 
for
simple stuff like clicking links in a browser you can use the trackpoint! :)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

ipfw denies everything and i can open websites?

2007-01-02 Thread Jurjen Middendorp 
Hello, 
i have configured my firewall, but after i do ipfw -q flush i am still
able to visit websites, download my e-mail, etc. I thought the default action of
ipfw was to deny everything and ipfw show confirms that... Why am i able to go
on the internet? Is this weird behaviour or is there something i don't
understand about ipfw/firewalls??
I am behind a router (NAT) and get my ip with dhcp.

Here is a litle log from what happens if i try to open a random website
(blah.org) after i disable my firewall.

[EMAIL PROTECTED] ~]$ su
Password:
[EMAIL PROTECTED] /home/jurjen]# fw_uit
65535 2 616 deny ip from any to any
[EMAIL PROTECTED] /home/jurjen]# tcpdump
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ath0, link-type EN10MB (Ethernet), capture size 96 bytes

20:41:44.919465 IP jurjen.lan.55071  SpeedTouch.lan.domain:  4879+ A? 
blah.org. (26)
20:41:45.062650 IP SpeedTouch.lan.domain  jurjen.lan.55071:  4879 1/0/0 A 
205.150.150.140 (42)
20:41:45.062889 IP jurjen.lan.53038  SpeedTouch.lan.domain:  4880+ ? 
blah.org. (26)
20:41:45.173416 IP SpeedTouch.lan.domain  jurjen.lan.53038:  4880 0/1/0 (98)
20:41:45.173790 IP jurjen.lan.56029  205.150.150.140.http: S 
1223552665:1223552665(0) win 65535 mss 1460,nop,wscale 1,nop,nop,timestamp 
21149548 0,sackOK,eol
20:41:45.288590 IP 205.150.150.140.http  jurjen.lan.56029: S 
3294004362:3294004362(0) ack 1223552666 win 16384 mss 1460,nop,wscale 
0,nop,nop,timestamp 0 0,nop,nop,sackOK
20:41:45.288662 IP jurjen.lan.56029  205.150.150.140.http: . ack 1 win 33304 
nop,nop,timestamp 211496620
20:41:45.288924 IP jurjen.lan.56029  205.150.150.140.http: P 1:395(394) ack 1 
win 33304 nop,nop,timestamp 21149663 0
20:41:45.441225 IP 205.150.150.140.http  jurjen.lan.56029: . 1:1449(1448) ack 
395 win 65141 nop,nop,timestamp 1951517 21149548
20:41:45.442758 IP 205.150.150.140.http  jurjen.lan.56029: P 1449:2533(1084) 
ack 395 win 65141 nop,nop,timestamp 1951517 21149548
20:41:45.442812 IP jurjen.lan.56029  205.150.150.140.http: . ack 2533 win 
32762 nop,nop,timestamp 21149817 1951517
20:41:45.591472 IP jurjen.lan.56029  205.150.150.140.http: P 395:720(325) ack 
2533 win 33304 nop,nop,timestamp 21149965 1951517
20:41:45.760525 IP 205.150.150.140.http  jurjen.lan.56029: P 3981:4328(347) 
ack 720 win 64816 nop,nop,timestamp 1951520 21149965
20:41:45.760603 IP jurjen.lan.56029  205.150.150.140.http: . ack 2533 win 
33304 nop,nop,timestamp 21150134 1951517,nop,nop,sack 1 {3981:4328}
20:41:45.763003 IP 205.150.150.140.http  jurjen.lan.56029: . 2533:3981(1448) 
ack 720 win 64816 nop,nop,timestamp 1951520 21149965
20:41:45.763045 IP jurjen.lan.56029  205.150.150.140.http: . ack 4328 win 
32406 nop,nop,timestamp 21150137 1951520
20:41:46.021900 IP jurjen.lan.62273  SpeedTouch.lan.domain:  23988+ PTR? 
140.150.150.205.in-addr.arpa. (46)
20:41:46.255700 IP SpeedTouch.lan.domain  jurjen.lan.62273:  23988 NXDomain 
0/1/0 (117)
20:42:02.361174 IP sys00.lan.netbios-dgm  10.0.0.255.netbios-dgm: NBT UDP 
PACKET(138)

And the website has loaded... how is this possible??

greets, jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ipfw denies everything and i can open websites?

2007-01-02 Thread Jurjen Middendorp 
I'm sorry, (don't laugh too hard) i had a litle startup script that read: ipfw
disable firewall, i put that there before i had actually made my firewall 
rules...
Once i removed it it turned out my rules weren't as decent as i thought, but now
they work!

And i was being so happy that i had made such a nice firewall :( 
I really thought my firewall was on because it loaded the rules and so...

thanks anyway :)
-jurjen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: problems compiling Maildrop

2006-12-30 Thread Jurjen Middendorp 
http://lists.freebsd.org/pipermail/freebsd-ports/2006-September/035268.html
maybe this works? haven't tried it myself though, because make-ing the port
worked without problems...


On Fri, Dec 29, 2006 at 11:55:16AM -0500, Joe Auty wrote:

On Dec 29, 2006, at 11:38 AM, Lowell Gilbert wrote:

Joe Auty [EMAIL PROTECTED] writes:

Is it just me having problems with this port? I'd really appreciate
if somebody could confirm whether or not they are getting this error
so I know whether or not to bug the port maintainer.

It seems to build in a clean environment:

http://pointyhat.freebsd.org/errorlogs/i386-5-latest-logs/ 
maildrop-2.0.2.log




Hmmm... Any ideas what be happening for me then? I've duplicated this  
problem on another machine of mine running FBSD 5.4.


Here is the error in question:



Compiling maildirkwtest.c
Linking maildirkwtest
Compiling maildirkw.c
Linking maildirkw
/usr/local/lib/libfam.a(fam.o)(.text+0x31): In function `FAMOpen2':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(fam.o)(.text+0x4f): In function `FAMOpen2':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x81): In function `FAMOpen2':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x12e): In function `FAMClose':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x225): In function `FAMMonitor 
(FAMConnection*, char const*, FAMRequest*, void*, int)':
: undefined reference to `operator delete[](void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x243): In function `FAMMonitor 
(FAMConnection*, char const*, FAMRequest*, void*, int)':
: undefined reference to `operator delete[](void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x414): In function  
`FAMMonitorCollection':
: undefined reference to `operator delete[](void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x433): In function  
`FAMMonitorCollection':
: undefined reference to `operator delete[](void*)'
/usr/local/lib/libfam.a(fam.o)(.text+0x5d3): In function  
`GroupStuff::GroupStuff()':
: undefined reference to `operator new[](unsigned int)'
/usr/local/lib/libfam.a(fam.o)(.text+0x60b): In function  
`GroupStuff::GroupStuff()':
: undefined reference to `operator new[](unsigned int)'
/usr/local/lib/libfam.a(fam.o)(.eh_frame+0x12): undefined reference  
to `__gxx_personality_v0'
/usr/local/lib/libfam.a(Client.o)(.text+0xb92): In function  
`Client::storeUserData(int, void*)':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(Client.o)(.text+0xbab): In function  
`Client::storeUserData(int, void*)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o)(.text+0xc17): In function  
`Client::storeEndExist(int)':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(Client.o)(.text+0xc2f): In function  
`Client::storeEndExist(int)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o)(.text+0xeca): In function  
`__static_initialization_and_destruction_0(int, int)':
: undefined reference to `std::ios_base::Init::Init()'
/usr/local/lib/libfam.a(Client.o)(.text+0xef8): In function `__tcf_0':
: undefined reference to `std::ios_base::Init::~Init()'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6removeERKi+0xfc): In function  
`BTreeint, void*::remove(int const)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertERKiRKS0_+0x5a): In function  
`BTreeint, void*::insert(int const, void* const)':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertERKiRKS0_+0x87): In function  
`BTreeint, void*::insert(int const, void* const)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertEPNS1_4NodeERKiRKS0_+0xde): In  
function `BTreeint, void*::insert(BTreeint, void*::Node*, int  
const, void* const)':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertEPNS1_4NodeERKiRKS0_+0xfb): In  
function `BTreeint, void*::insert(BTreeint, void*::Node*, int  
const, void* const)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertEPNS1_4NodeERKiRKS0_+0x191): In  
function `BTreeint, void*::insert(BTreeint, void*::Node*, int  
const, void* const)':
: undefined reference to `operator new(unsigned int)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertEPNS1_4NodeERKiRKS0_+0x1ae): In  
function `BTreeint, void*::insert(BTreeint, void*::Node*, int  
const, void* const)':
: undefined reference to `operator delete(void*)'
/usr/local/lib/libfam.a(Client.o) 
(.gnu.linkonce.t._ZN5BTreeIiPvE6insertEPNS1_4NodeERKiRKS0_+0x237): In  
function `BTreeint,

Re: ipfw rules

2006-12-21 Thread Jurjen Middendorp 
Ok, i changed my original rules. I'm going to use both the ruleset you 
recommended
and these ones (not at the same time though :). And see which one gives me the
least trouble.

greetings, 
   jurjen.


#!/bin/sh
ipfw -q flush

cmd=ipfw -q add
ks=keep-state
oif=ath0


#sort in en out packets
$cmd 1 skipto 15  ip from any to any in  recv $oif
$cmd 2 skipto 100 ip from any to any out xmit $oif


#setup the loopback
$cmd 011 allow all from any to any via lo0
$cmd 012 deny all from any to 127.0.0.0/8
$cmd 013 deny ip from 127.0.0.0/8 to any

$cmd 014 allow icmp from any to any



#  Outgoing  (15)

#check state of incoming packets
$cmd 015 check-state

#internet sites:
$cmd 020 allow tcp from me to any 80 out via $oif setup $ks

#allow dns queries
$cmd 025 allow udp from me to any 53 out via $oif $ks

#to stack
$cmd 030 allow all from me to 131.155.0.0/16 via $oif $ks

#e-mail pop
$cmd 040 allow tcp from me to any 110 out via $oif setup $ks
#imap
#$cmd 041 allow tcp from me to any 143 out via $oif setup $ks

#allow ssh
$cmd 050 allow all from me to any 22 out via $oif setup $ks

#https
$cmd 054 allow tcp from me to any 443 out via $oif setup $ks
#gopher
$cmd 055 allow tcp from me to any 70 out via $oif setup $ks

#root can do anything
$cmd 070 allow log all from me to any out via $oif setup $ks uid root


#  Incoming  (100)

#log ACK packets that did'nt match the dynamic ruleset
$cmd 100 deny log all from any to any established in via $oif

#default: deny ip from any to any
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: ipfw rules

2006-12-20 Thread Jurjen Middendorp 
Cool! thanks for the reply + suggestions!

I haven't had any trouble with my firewall blocking too much yet
(also didn't connect to the internet much yet :), but i'll think
about just allowing all out... on the other hand i like the idea
of just letting through out that i need (which isn't very much) and
denying all else.

I don't use the file shares on the network, so i figured if i got
a packet from one of those addresses it would be a mistake so i let
them drop.

Anyway, i'll try to build some rules based on the suggestions you
made and then i can try them both and then decide which one gives
me the least trouble :)

greetings,
   jurjen.

On Mon, Dec 18, 2006 at 04:29:06AM +0200, Giorgos Keramidas wrote:
On 2006-12-16 18:01, Jurjen Middendorp [EMAIL PROTECTED] wrote:
 I tried making a firewall for my laptop..but i'm not sure if i forgot
 anything. And things can always be done better :)

 #to stack (student computer thing... e-mail, irc, ssh stuff)
 $cmd 020 allow all from me to 131.155.140.141/16 via $oif $ks
 
 #allow ssh
 $cmd 021 allow all from me to any 22 out via $oif setup $ks
 
 #internet sites:
 $cmd 032 allow tcp from me to any 80 out via $oif setup $ks
 #https
 $cmd 033 allow tcp from me to any 443 out via $oif setup $ks
 #gopher
 $cmd 034 allow tcp from me to any 70 out via $oif setup $ks
 
 #other e-mail
 #pop
 $cmd 040 allow tcp from me to any 110 out via $oif setup $ks
 #imap
 $cmd 041 allow tcp from me to any 143 out via $oif setup $ks
 
 #allow dns queries
 $cmd 050 allow udp from me to any 53 out via $oif $ks
 #allow ntp (?) queries
 $cmd 051 allow udp from me to any 123 out via $oif $ks
 
 #i can send icmp myself
 $cmd 060 allow icmp from me to any out via $oif $ks
 #but others can't
 $cmd 061 deny icmp from any to me
 
 #
 #root can do anything
 $cmd 070 allow tcp from me to any out via $oif setup $ks uid root
 
 #log other outgoing packets
 $cmd 071 deny log all from any to any out via $oif
 
 
 #  Incoming
 
 #The default is that all other connections will be blocked anyway, but 
 # the more stuff i put in here, the less stuff will get logged
 
 #deny incoming to private networks
 $cmd 100 deny all from 192.168.0.0/16 to any in via $oif#RFC 1918
 $cmd 101 deny all from 172.16.0.0/16 to any in via $oif  #RFC 
 1918
 $cmd 105 deny all from 169.254.0.0/16 to any in via $oif#DHCP auto
 $cmd 106 deny all from 192.0.2.0/24 to any in via $oif   
 #reserved
 $cmd 108 deny all from 192.168.0.0/16 to any in via $oif#D  E class
  
 # multicast
 #block smb stuff
 $cmd 120 deny tcp from any to me 137 in via $oif
 $cmd 121 deny tcp from any to me 138 in via $oif
 $cmd 122 deny tcp from any to me 139 in via $oif
 
 #log ACK packets that did'nt match the dynamic ruleset
 $cmd 130 deny log all from any to any established in via $oif
 
 #Now log some stuff in case i did something wrong
 $cmd 999 deny log any to me
rule 999 had a syntax error and now it reads ...log all from... that works a
bit better :)

It's a fairly complex ruleset, but it seems mostly ok.  There are
a few things I'd change, mostly resulting from my own personal
preferences:

  * I don't like hard-coding rule numbers in IPFW rulesets.

  * I like using 127.0.0.1/32 instead of any for loopback interfaces.

  * In general, I prefer much simpler rulesets.

  * I try to avoid a lot of variables/macros, like your $ks, since they
don't really keep things a lot shorter, and when they do they try to
abstract away too much of ipfw's syntax.

  * I don't aggressively filter out ICMP packets.  They are useful for a
lot of things, they are rate-limited by the kernel, and it is
usually silly to block them without a fair amount of knowledge and a
very good reason.

  * I don't deny packets for 'private' networks,like 192.168.0.0/26
because the networks I use with my laptop *ARE* private a lot of the
time.  Having the firewall block too much and cause me problems is
rarely a good way of spending my time.

I would probably start with something like:

  recommendation for ipfw ruleset

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

ipfw rules

2006-12-16 Thread Jurjen Middendorp 
I posted this to the freebsd-security list, but i believe that is
not the right list to this question (sorry! this is my first message
to the freebsd mailing-lists). I hope this is the right list! :)
anyway:

I tried making a firewall for my laptop..but i'm not sure if i
forgot anything. And things can always be done better  :)

I'm not sure what i should've put under incoming connections...
what i have put there now is pretty useless because the default is
to deny, but should i accept any incoming connections that don't
match the dynamic rules?

I just want to be able to surf the internet without too much trouble
and send e-mail and pretty much deny everything else. If someone
would have the time to have a quick look at this to see if there's
anything wrong with it i would really appreciate it!

Bye, jurjen.


ps. here is my ruleset:

#!/bin/sh

ipfw -q flush

cmd=ipfw -q add
ks=keep-state
oif=ath0

#setup the loopback
$cmd 001 allow all from any to any via lo0
$cmd 002 deny all from any to 127.0.0.0/8
$cmd 003 deny ip from 127.0.0.0/8 to any

#check state of incoming packets
$cmd 010 check-state


#  Outgoing  

#allow outgoing connections to internetsites, ssh sites
#  webservers and stack. (keep-state)

#to stack (student computer thing... e-mail, irc, ssh stuff)
$cmd 020 allow all from me to 131.155.140.141/16 via $oif $ks

#allow ssh
$cmd 021 allow all from me to any 22 out via $oif setup $ks

#internet sites:
$cmd 032 allow tcp from me to any 80 out via $oif setup $ks
#https
$cmd 033 allow tcp from me to any 443 out via $oif setup $ks
#gopher
$cmd 034 allow tcp from me to any 70 out via $oif setup $ks

#other e-mail
#pop
$cmd 040 allow tcp from me to any 110 out via $oif setup $ks
#imap
$cmd 041 allow tcp from me to any 143 out via $oif setup $ks

#allow dns queries
$cmd 050 allow udp from me to any 53 out via $oif $ks
#allow ntp (?) queries
$cmd 051 allow udp from me to any 123 out via $oif $ks

#i can send icmp myself
$cmd 060 allow icmp from me to any out via $oif $ks
#but others can't
$cmd 061 deny icmp from any to me

#
#root can do anything
$cmd 070 allow tcp from me to any out via $oif setup $ks uid root

#log other outgoing packets
$cmd 071 deny log all from any to any out via $oif


#  Incoming

#The default is that all other connections will be blocked anyway, but 
# the more stuff i put in here, the less stuff will get logged

#deny incoming to private networks
$cmd 100 deny all from 192.168.0.0/16 to any in via $oif   #RFC 1918
$cmd 101 deny all from 172.16.0.0/16 to any in via $oif #RFC 1918
$cmd 105 deny all from 169.254.0.0/16 to any in via $oif   #DHCP auto
$cmd 106 deny all from 192.0.2.0/24 to any in via $oif  #reserved
$cmd 108 deny all from 192.168.0.0/16 to any in via $oif   #D  E class

# multicast
#block smb stuff
$cmd 120 deny tcp from any to me 137 in via $oif
$cmd 121 deny tcp from any to me 138 in via $oif
$cmd 122 deny tcp from any to me 139 in via $oif

#log ACK packets that did'nt match the dynamic ruleset
$cmd 130 deny log all from any to any established in via $oif

#Now log some stuff in case i did something wrong
$cmd 999 deny log any to me
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]