Re: IPFILTER Question
On Tue, 1 Apr 2003, Nevins, Peter wrote: Hello. I'm a firewall admin and have run into a question regarding your OS. A client is running IPFILTER and cannot send mail to us here. We're running a Raptor Firewall for NT (yes, NT). He sends a SYN and my system responds with an ACK that is more on the lines of 1 million in length over the expected 1024. His system drops the incoming packet from me thus no email transfer. Having no working knowledge of IPFILTER, I don't know if it's on my end or his. Do you have any previous problems noted where Raptor Firewalls are the common denominator? Thanks for any assistance you can provide in this. I have a TCPDUMP if you would like to see it or know of anyone who could help. Pete We had the same problem. That Raptor Firewall SMTP proxy has some sort of spoofing protection which causes this. You can get around it by adding the following rule to IPFilter. Place this before any pass rules, and it should work. block return-rst in on xl0 proto tcp from any to any Marco Radzinschi [EMAIL PROTECTED] Among those who dislike oppression are many who like to oppress. - Napoleon Bonaparte ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Determine ip address on tun0 for use with ipfw
On Sat, 29 Mar 2003, Martin Moeller wrote:
Hello, list!
I just read some documentation on ipfw, and also found example
configuration files that can be used as a template.
Now, I'm sitting in front of such a file and want to adapt it for
my needs. But the first problem is already there:
The file uses variables for the inside and outside interfaces.
The inside interface is clear: It uses a normal 192.168.. address. But
the outside interface is a DSL modem. The ethernet card is vr0 and uses
10.0.0.1, but the actual interface needed here is tun0 which gets a new
ip address every time the PPP connection is established.
How can I get my ip address into my rc.firewall script?
Regards,
Martin
--
Martin Möller mm at bsdsi.comhttp://www.bsdsi.com/
GnuPG/PGP DSA ID: 0x3C979285 ICQ # 82221572
I do not accept unsolicited commercial mail. Do not spam me!
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
ext_if=tun0
ext_if_address=`ifconfig $ext_if | grep inet | awk '{print $2}'`
Marco Radzinschi
[EMAIL PROTECTED]
Among those who dislike oppression are
many who like to oppress. - Napoleon Bonaparte
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mail Clients
On Tue, 11 Mar 2003, John Umina wrote: Hi, I was wondering what terminal mail clients there are for FreeBSD. And which one is best for reply rules or reply opitons. Thanks I use PINE, but some people prefer mutt. Marco Radzinschi [EMAIL PROTECTED] Among those who dislike oppression are many who like to oppress. - Napoleon Bonaparte To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: HELP 3Ware Escalade 7000-2 raid controller
On Thu, 27 Feb 2003, Hal Lynch wrote: I am trying to install 4.7 on a system which has a 3Ware Escalade 7000-2 raid controller. A look at the GENERIC configuration file shows a twe controller for 3Ware raid subsystems. A search of the FreeBSD docs and FAQ didn't offer a lot of help. Google says it should work. Configuration: ATA cdrom on on-board controller 3ware 7000-2 raid card with two drives attached. The install process hangs when booting after the device selection menu. Does anyone have any words of wisdom on how to make this thing work? can I boot from a raid subsystem? hal Did you create a RAID array using the 3ware BIOS ? Yes, you can boot from a RAID subsystem. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Thu Feb 27 22:12:30 EST 2003 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: ipf ftp proxy problem?
On 17 Feb 2003, Shane Hickey wrote: Howdy all, I have a freebsd firewall and I want to be able to do make both passive and active ftp client connections from my inside network to the outside world. I'm using ipf and ipnat compiled into the kernel. I followed the IPF HOWTOs that I've read and I'm hitting a brick wall. My outside interface is dc0 and let's say my outside IP is 1.1.1.1. I've tried both of the following rules in my /etc/ipnat.rules file with no success. map dc0 0/0 - 1.1.1.1/32 proxy port 21 ftp/tcp map dc0 0/0 - 0/32 proxy port ftp ftp/tcp When I say no success, I mean that I am able to establish a remote ftp connection, but when I do a 'ls' I get a 425 Can't build data connection: No route to host I'm sure I'm doing something foolish, so any advice would be greatly appreciated. Oh yeah, I'm running FreeBSD5.0-release and IPF version 3.4.29. Thanks in advance for any help. -- Shane Hickey : Network/System Consultant GPG KeyID: 777CBF3F Key fingerprint: 254F B2AC 9939 C715 278C DA95 4109 9F69 777C BF3F Listening to: MC5 - 12 I Can Only Give you Everyth Place the following BEFORE any other rules, and replace $intsubnet with your internal subnet. The second rule will allow active FTP from the firewall itself. map dc0 $intsubnet - 1.1.1.1/32 proxy port ftp ftp/tcp map dc0 1.1.1.1/32 - 1.1.1.1/32 proxy port ftp ftp/tcp Marco Radzinschi E-Mail: [EMAIL PROTECTED] Tue Feb 18 17:07:05 EST 2003 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: IPFW, blocking IM servers
On Tue, 21 Jan 2003, Doug Poland wrote: Sorry for this slightly off-topic post... Is there a comprehensive list of IM servers (names, IPs) available? I'd like to block IM servers from certain users on my network. From what I've gathered on google, the only effective stragegy is to use firewall (in my case, IPFW) rules to block IP's, names. -- Regards, Doug Block everything going out, and set up a Squid proxy server for web access. Furthermore, only allow the Squid proxy access to HTTP port 80 and SSL port 443, and any others like gopher or FTP which you want to allow. This will take care of most rogue programs, with the exception of the newer ones like MSN, Yahoo, and AOL Messenger programs, which will use an HTTP proxy. The way to get around this is to only allow the Squid Proxy server access to the internet, run an internal nameserver, and use Squid access control lists (ACL). With ACL's, one can block entire domains, subdomains, or hosts. ACL's will also allow you to give some users full access and restrict others. Squid will do reverse DNS lookups if a user were to use an IP address instead of a domain name to bypass a block, and it will block it as well. This is where running an internal nameserver is key, and denying external DNS lookups from user machines. Since the user machines will use a Squid proxy, the proxy will do DNS lookups on their behalf. I have a text file on the Squid proxy which contains a list of blocked sites, which I include below. Only a technically astute user would be able to bypass this setup. S1ince this would require very deliberate and complicated steps, such as setting up a VPN tunnel through SSL, this would be clear grounds for termination. Here is my Squid deny list, which has blocked MSN messenger, AOL Instant Messenger, Yahoo Messenger, and various other annoyances. .login.oscar.aol.com .bucp1-vip-m.blue.aol.com .bucp2-vip-m.blue.aol.com .aim.com .messenger.hotmail.com .messenger.msn.com .messenger.microsoft.com .icq.com .csa.yahoo.com .pager.yahoo.com .msg.edit.yahoo.com .cs.yahoo.com .messenger.yahoo.com .messenger.yahoo.akadns.net .msg.yahoo.com .chat.yahoo.com .chat.sc5.yahoo.com .kazaa.com .kazaa.net .weatherbug.com .winmx.com .morpheus.com .filetopia.com .filetopia.net .filetopia.org .gnutella.com .gnutella.net .gnutella.org .jabber.com .jabber.net .jabber.org Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sat Jan 25 09:39:53 EST 2003 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: ipfilter/ipmon log msgs
On Fri, 10 Jan 2003, JoeB wrote: I am using ipfilter for my firewall and ipmon to capture firewall error msgs. Where can I find description of the format of the ipmon msg text so I can decipher what the msgs are saying? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message man ipmon Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sat Jan 11 11:50:58 EST 2003 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: DNS and DHCPD
On Thu, 9 Jan 2003 [EMAIL PROTECTED] wrote: I would like to configure my dhcpd server (isc-dhcpd3 from ports). I would also like to have the options domainnameservers (or somewhat similar) to be dynamic, as my fBSD box is my own router. (I run a local network). The WAN side is DHCP'd, so my IP and DNS servers are set differently each time. I was wondering how to set the domainname servers option in my dhcpd.conf dynamically. Like, it would get edited each time upon bootup, and before dhcpd even loads. I don't know how to even start approaching this problem, except for asking you guys. Thanks so much, lattera Forget your ISP's DNS servers and run your own. I use bind on my firewall, and have the DHCP server hand out the firewall address as the DNS server. Not what you asked originally, but it works like a charm, especially when Comcast's DNS servers suddenly stop working. Try running /usr/sbin/named to get started. Otherwise, man named. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sat Jan 11 11:38:01 EST 2003 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Help with IPF and IPNAT
On Wed, 25 Dec 2002, [EMAIL PROTECTED] wrote: Argh! I've been pulling my hair out trying to get my NAT gateway going. I have two interfaces, one external and internal, servicing a private LAN. From the LAN I can ping the internal interface and the external interface, but I can't get past the ext. interface. For testing my rules are pass in all and pass out all. From the gateway itself I can ping anywhere outside or inside. I have tried loading IPNAT and IPF as loadable kernel modules by adding the following to /etc/rc.conf: gateway_enable=YES network_interfaces=x10 dc0 lo0 ifconfig x10... ifconfig dc0... ipfilter_enable=YES ipfilter_rules=/etc/ipf.rules ipfilter_program=/sbin/ipf ipfilter_flags= ipnat_enable=YES ipnat_program=/sbin/ipnat ipnat_flags= Each interface is up and running. My default gateway in /etc/rc.conf is the gateway of the external NIC. Can anyone see anything wrong with what I am doing, or something missing? Do I need routed installed and running? I also tried forward_sourceroute=YES, but that didn't seem to help. Thanks, Adam Lofstedt You need a MAP rule in your ipnat.rules file to map the private subnet into your public IP address (that of the gateway). If you don't have this in there, then you are not doing NAT, just packet filtering. man ipnat man 5 ipnat Marco Radzinschi E-Mail: [EMAIL PROTECTED] Wed Dec 25 17:08:12 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Can't route past gateway
On Wed, 25 Dec 2002, Adam Lofstedt wrote:
yes, your message was posted. keppt it easy, it's a
world-wide holiday,
so the answers can take while. :)
Thanks... Sorry about this. I didn't mean to make it
seem hysterical or anything.
I have a freeBSD machine with two NICS that I am
using
as a NAT gateway. No matter what I do, clients on
my
LAN can't get past the gateway. They can ping
both
the interal and external interfaces of the
gateway,
but can't get outside.
Either NAT is not working or the filter are blocking
the packets. try doing an
'ipnat -l' and post the output. If the rules are
loaded, drop the
filters ('ipf -Fa') and try again from one client.
#ipnat -l
List of active MAP/redirect filters:
map x10 192.168.1.0/24 - 0.0.0.0/32 portmap tcp/udp
4:6
map x10 192.168.1.0/24 - 0.0.0.0/32
List of active sessions:
I've tried ipf -Fa, but no luck yet.
Thanks and happy holidays.
Adam Lofstedt
Have you issued an ipf -y command to synchronize IPFilter's address with
the 0/32 rule?
Marco Radzinschi
E-Mail: [EMAIL PROTECTED]
Wed Dec 25 17:12:14 EST 2002
To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-questions in the body of the message
Re: Going from Windows to X - suggestions
On Wed, 18 Dec 2002, Raphaël Dingé wrote: Install KDE and/or gnome. Your call. I'm new to FreeBSD myself, having used blackbox window manager on a P133 with 48MB of RAM. Though it's not impossible, with only 16MB or RAM, GNOME or KDE would probably be pushing it; you'd be using your swap slice continuously. I recommend blackbox, though it's not as full-featured as the above. However, it's quite easy to set up. I'm not sure that this won't do it either. I had made an installation of FreeBSD on old laptop with 32MB Ram. X was taking about all of it, I did put WMaker on top of it, which did not take too much memory itself. I had seen that 32MB was definitively not enough, but even 48MB would have been great ! Anyway, If you find some solutions with 16 MB Ram, I would be happy to know it, since I can't use my old laptop for now. Thanks, Raphael I imagine that FVWM would work. KDE and GNOME were too slow for my taste on my Pentium II 400 machine with 384 MB RAM, so I don't want to imagine how that would run with 16 MB RAM. On the other hand, that was with XFree86 4, but it might have run well had I tried it with XFree86 3. You may want to consider not running XFree86 4. http://www.fvwm.org Marco Radzinschi E-Mail: [EMAIL PROTECTED] Wed Dec 18 09:15:47 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: gateway on different subnet
You need a gateway for the 10.17.47.0 network. Your cable modem should have a second, internal interface with a different IP address. Find out what that IP address is, and do a route add -net 10.17.47.0 IP Marco Radzinschi E-Mail: [EMAIL PROTECTED] Mon Dec 16 18:49:15 EST 2002 On Mon, 16 Dec 2002, J. W. Ballantine wrote: When I do the route add default, I get: tinlizzie# route -v add -net default 10.17.47.37 u: inet 0.0.0.0; u: inet 10.17.47.37; u: inet 0.0.0.0; RTM_ADD: Add Route: len 128, pid: 0, seq 1, errno 0, flags:UP,GATEWAY,STATIC locks: inits: sockaddrs: DST,GATEWAY,NETMASK default 10.17.47.37 default route: writing to routing socket: Network is unreachable add net default: gateway 10.17.47.37: Network is unreachable -- In Response to your message - Date: Mon, 16 Dec 2002 14:46:12 -0500 (EST) To: J. W. Ballantine [EMAIL PROTECTED] From: Marco Radzinschi [EMAIL PROTECTED] Subject: Re: gateway on different subnet On Mon, 16 Dec 2002, J. W. Ballantine wrote: Hi, In order to save the internet address space, my cable co has setup their network with a live address for my PC but an address on a private 10.0.0.0 network for the cable modem. Now of course, this is also the gateway and dhcp server. The problem is trying to get FreeBSD to use this private address as the gateway for the live address.This config works for windows and they claim mac OS, but I can't get it to work for FreeBSD. I've tried ifconfig default, but that returns NO ROUTE TO HOST, and I've thougth about using an alias on the NIC, but that would send it out with the private network address and not be able to find its way home. Any of you network wizards out there have the proper spell to get this working??? Thanks Jim Ballantine As lnog as your internal subnet is different from the cable modem's subnet, you should be fine, as the DHCP client ought to set up the default route for you. Otherwise, route add default IP should do it. It is my understanding that the default route should not be the cable modem though, since it is supposed to act like a bridge. AT least this is how it works for me, except that the cable modem has a 192.168.100.* address as well as a 10/8, but I don't have either as a default route. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Mon Dec 16 14:42:22 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Silly cvsup question.
On Sat, 7 Dec 2002, mike wrote: Hello. i use cvsup to backup certain critical folders on the machine labs, to the machine labs2 automatically every night. My question is this. If i add new stuff to say, /home/mike (or wherever) then that gets mirrored at night and everything does its job as i want it to. However, if i DELETE something from /home/mike (or whereever) It never gets deleted from labs2. So its not synching correctly. For example i just went to zip -r cvsup-backup cvsup-backup on labs2, so i can pull it to XP and burn it, and i realized it had my library still in there which i deleted months ago. Any help on this is appreciated, and no need to CC me, as my website mirrors your archives and they will soon span across multiple pages as well as be searchable. Add the following line to your supfile: *default delete Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sun Dec 8 18:36:02 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Silly cvsup question.
On 8 Dec 2002, Lowell Gilbert wrote: mike [EMAIL PROTECTED] writes: Hello. i use cvsup to backup certain critical folders on the machine labs, to the machine labs2 automatically every night. My question is this. If i add new stuff to say, /home/mike (or wherever) then that gets mirrored at night and everything does its job as i want it to. However, if i DELETE something from /home/mike (or whereever) It never gets deleted from labs2. So its not synching correctly. For example i just went to zip -r cvsup-backup cvsup-backup on labs2, so i can pull it to XP and burn it, and i realized it had my library still in there which i deleted months ago. cvsup isn't going to be very good at tracking which files have been deleted on the original, unless you are pulling from a cvs repository (that's where it keeps information on directory contents). Otherwise, it won't know whether a file has been deleted from the original machine, or is a local modification on the duplicate. Given that you're not using cvs, you'd probably do better with rsync for this job. You could also use other tools that can keep metadata, like dump(8) or even use the incremental facilities of Gnu tar. This is not accurate, as the cvsup CLIENT keeps directory information for the repository. When the client is run, if a file has been added on the server, it will download it. If a file has changed on the server, it will use the rsync algorithm to synchronize the files. If the client is set to delete files, it will also delete any files that it has and which the server does not. I know because I use it at work to synchronize tens of thousands of images. Rsync works, but it does not scale very well. I had to use cvsupd and cvsup because the memory usage of rsync would grow past 512 MB and it would eventually core dump. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sun Dec 8 22:13:51 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Xwindow configuration
On Fri, 6 Dec 2002, Alvaro Rosales R. wrote: Hi fellows I've installed Xfree withouth problems , my mouse deamon works fine , but when the system loads Gnome my mouse goes crazy, I cant control it, but in text mode my mouse works fine.Any Ideas? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message Use Auto mouse type and MouseMan when you run xf86config. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Fri Dec 6 20:20:27 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: booting using NT boot loader
On Thu, 5 Dec 2002, Paul Root wrote: Hi, I used to have this working then I reimaged my Windows 2000. Anyway, I have Windows 2000 on the C: (first partition) and FreeBSD on the second. VMWare is installed on Win2000. FreeBSD is 4.7-Stable of not that long ago. If switch the active partion to be the FreeBSD partition it boots fine. However, I get a failure if I go thru the NT boot loader. I copied boot1 from /boot to C:\ and called it bootsect.bsd I do a sum on FreeBSD and on Win 2000 (cygwin what a lifesaver) and They come up the same: proot@PTROOT /cygdrive/c $ sum bootsect.bsd 30147 1 proot@PTROOT /cygdrive/c $ cat boot.ini [boot loader] timeout=5 default=multi(0)disk(0)rdisk(0)partition(1)\WINNT [operating systems] multi(0)disk(0)rdisk(0)partition(1)\WINNT=Microsoft Windows 2000 Professional /fastdetect C:\bootsect.bsd=FreeBSD C:\=Microsoft Windows What am I doing wrong here? I tried copying the file to a peerless drive when just booted in FreeBSD and then moving it over with Explorer, then I copied it in FreeBSD, gzipped it, copied it over, gunziped it in cygwin and used mv in cygwin to rename. Sorry, I'm not currently on the list, don't have time to read. Any help would be appreciated. Thanks, Paul. -- Paul T. RootE/Mail: [EMAIL PROTECTED] 600 Stinson Blvd, Fl 1S PAG: +1 (877) 693-7155 Minneapolis, MN 55413 WRK: +1 (612) 664-3385 NIC:PTR FAX: +1 (612) 664-4779 Just use bootpart, and run it under windows. Tell it which partition is your FreeBSD one, and it will create the appropriate bootsector file (and entry). http://www.winimage.com/bootpart.htm Marco Radzinschi E-Mail: [EMAIL PROTECTED] Thu Dec 5 20:17:38 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: 4.7: Odd 'man' behavior
On Mon, 2 Dec 2002, Clint Olsen wrote: It's possible this is cockpit fog, but I didn't notice this until I upgraded to 4.7. Certain manpages are being rendered in such a way that when I type 'q' to exit my PAGER (less), the pager returns to the beginning of the document as if it doesn't exit. But what appears to be happening is that I'm getting multiple streams of output to the TTY: clint 37083 0.0 0.6 1116 588 p1 S+2:24AM 0:00.03 man thttpd clint 37084 0.0 0.3 628 308 p1 S+2:24AM 0:00.00 sh -c /usr/bin/zcat /usr/local/man/cat8/thttpd.8.gz | less clint 37085 0.0 0.2 604 216 p1 S+2:24AM 0:00.01 /usr/bin/zcat /usr/local/man/cat8/thttpd.8.gz So, it appears that both 37084 and 37085 are writing to my TTY, which is why it looks like it doesn't exit... -Clint I can second this strange behavior, but since it only happens on my firewall machine, which I rarely use interactively, I never bothered to diagnose it. As such, the only insight that I can offer is that it happens on only one of my 4.7-STABLE machines. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Mon Dec 2 22:23:20 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: port forwarding
On Thu, 21 Nov 2002, Shvetima Gulati wrote: Hi all, What is the easiest way of forwarding a port in FreeBSD. Suppose I want my server to listen on port 8280, but want all connection attempts to port 80 to be forwarded to this port ... can that be done? Thanks, Shv Yes, with IPFilter. In particular, you want to look at the ipnat part of IPFilter, and the rdr (redirect) keyword. Be sure to redirect to the loopback interface (lo0). man ipf man 5 ipf man ipnat man 5 ipnat Marco Radzinschi E-Mail: [EMAIL PROTECTED] Thu Nov 21 22:56:35 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Power off problem
On Sun, 17 Nov 2002, Vidor Demeter wrote: Hi all, I used to be a SuSE user but I've decided to install FreeBSD instead, which I do not regret. I had some great surprises compared to Linux, and I've decided to stay with FreeBSD! :-) So I'm quite new to FreeBSD and I will have some questions until I get the system run after my whishes. The first problem is that I can not manage to configure the system shutdown with power off option. I've compiled the kernel with the apm option and I changed the rc.conf file as well, with ' apm_enable=YES ', but no luck. After the shutdown I have to power off the system with the Power Off button! :-( I can not find any further help on this but what I described here. Did I missed something? I have an AMD 1800+ XP CPU, with 256MB RAM and 40GB HD, Asus mobo. Can somebody help me ? TIA Vidor You need apmd_enable=YES in rc.conf, and you need to recompile the kernel. There is a line in the kernel config file that reads device apm0 at nexus? disable flags 0x20 Delete the disable, rebuild kernel, and reboot. If apmd is running, which the apmd_enable line should take care of, it should work. Marco Radzinschi E-Mail: [EMAIL PROTECTED] Sun Nov 17 11:10:29 EST 2002 To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Installation of FreeBSD using volume manager
But it could be a kernel compile option, such as NetBSD's and OpenBSD's RAIDFrame. I set up a server with NetBSD with the root partition on RAID the other day - works fine. Only problem is that I had to have the kernel in a non-RAID partition. In the case of vinum, I suppose one would have to have the kernel and modules on a non-RAID partition. That is, assumming Mr. Lehey add support for this. :-) Marco Radzinschi E-Mail: [EMAIL PROTECTED] Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you. -- Friedrich Nietzsche (Beyond Good and Evil) On Tue, 12 Nov 2002, Toomas Aas wrote: Hi! I would like to ask you if is possible, and after which version, install FreeBSD using virtual disks (like Veritas Volume Manager or VINUM). Is this possible? It seems that Greg Lehey hasn't got the time to read lists right now, so I'll just chime in and say that TTBOMK it is not possible to have root partition on vinum volume, at least in FreeBSD 4.x. It seems to me that this is kind of chicken-and-egg problem - if the support for vinum volumes is implemented as a module (vinum.ko), then you need to load this module before you can access the logical volume. Hence, vinum.ko itself can't be on a vinum volume :-) -- Toomas Aas | [EMAIL PROTECTED] | http://www.raad.tartu.ee/~toomas/ * ASCII stupid question, get a stupid ANSI! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Adding additional HD space
The 10 GB Hard Disk should have a BIOS Limitation jumper that will make the BIOS think it is a 508 MB drive. Set that jumper, and the system should boot. Once you have that drive in there, you could create the file system structure on it however you want, but place the / and /boot partitions below 500 MB so that the system will boot when you take out the old drive. Note that you will have to tell fdisk the correct geometry of the disk. Otherwise, create the partitions exactly how you have them on your 2 GB drive, making them larger as you wish, and dump + restore the files from one disk to the other. Once everything is copied over, you can install the boot sector on the new drive with fdisk -B -b /boot/mbr NOTE: Replace /boot/mbr with the path of the new hard disk! For example, /mnt/boot/mbr if you mounted the new disk under /mnt. After this is done, you can set the jumpers on the new drive to match the position of the old one (master, for example) and simply swap it out. Reboot, and enjoy. Marco Radzinschi E-Mail: [EMAIL PROTECTED] On Sat, 9 Nov 2002, Mike Loiterman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 My current 2GB HD is reaching maximum capacity, is fairly old and probably about to die. What is the best way to go about replacing the drive? Few points to keep in mind: 1. The system cannot deal with HD drives over, I believe, 8 gigs. 2. I suppose it goes without saying, but I'll say it anyway: its critical to maintain the existing data! The machine is my web, mail, ssh, vpn, and ftp server. Needles to say I do a full backup every night. Ideally I'd like to buy new drive and do a ghost of the old drive onto the new drive. If you're not familiar with the term ghost -- in the Windows world there is a piece of software the allows you to do a bit for bit copy of one drive to another and accordingly its called Norton Ghost. Would doing a full restore from my backup be equivalent to this? If so, how do I preserve the partition structure and how do I actually perform the task? Do I boot using the old HD, do the restore onto the new drive, shutdown, unhook the old drive and reboot? How do I know the data is unaltered and is an exact copy? My last question -- How can I get the system to recognize larger hard drives? I have been successful getting older systems to recognize large drives using utilities such as MaxBlaster from Maxtor, but that was using Windows. Are there similar utilities for FreeBSD? I tried adding a 10 gig drive the system in question but the system refused to boot with that drive in any place on the IDE chain. I was also unsuccessful in using the MaxBlaster to enable the drive for use on the system. Maybe I was doing something wrong? Thanks in advance. ... Randomly Generated Quote: 'A government that is big enough to give you all you want is big enough to take it all away.' -- Barry Goldwater Mike Loiterman PGP Key 0xD1B9D18E http://www.ascendency.net -BEGIN PGP SIGNATURE- Version: PGP 7.0.4 Comment: Message digitally signed by Mike Loiterman iQA/AwUBPczK9WjZbUnRudGOEQI5cwCgtUceNvjBESBz1WE2Oh0U1oKy+TEAnj5q P00iJZZ6WyVf1EvckZlcWr8v =gRXu -END PGP SIGNATURE- To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: FreeBSD filesystem 1TB Limit
Pity I didn't know about this before I built two 1200 MB arrays. Linux and FreeBSD both died past 1 TB, so I had to make the array smaller. I have used NetBSD before, so this would not have been a problem. I should have done my homework. :-) Marco Radzinschi E-Mail: [EMAIL PROTECTED] On Tue, 5 Nov 2002, Walter wrote: This is no doubt heresy coming from a newbie especially, but I was reading that NetBSD can support at least up to 4TB: http://www.netbsd.org/Misc/features.html#large-filesystems Walter Lowell Gilbert wrote: Joseph Gleason [EMAIL PROTECTED] writes: IIRC There was a 1TB limit on the size of any filesystem (or actually of any block device) in FreeBSD based the kernel internaly using a 512 byte block size and having a max of 2^31 blocks. (512*2^31 = 2^40 = 1TB) Do I remember correctly? Close, but not quite. The kernel doesn't deal with blocks internally, and the block size used by the filesystem is 16k by default. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: FreeBSD filesystem 1TB Limit
I was unable to get past 1 TB on 4.6.2-Release on i386. Marco Radzinschi E-Mail: [EMAIL PROTECTED] On Mon, 4 Nov 2002, Joseph Gleason wrote: IIRC There was a 1TB limit on the size of any filesystem (or actually of any block device) in FreeBSD based the kernel internaly using a 512 byte block size and having a max of 2^31 blocks. (512*2^31 = 2^40 = 1TB) Do I remember correctly? Is this still the case? A client wants to build a system with over 1TB on a single filesystem and I need to see if FreeBSD can support it. Thanks for your time. --Joe Gleason To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Resolving hostname takes too long
I am not certain why resolving external names from that machine go slow, but the reason ssh and ftp connections to that machine may be taking a while to establish is that it does a reverse dns lookup (address resolution) on the clients connecting to it. You can speed this up by allowing dynamic DNS updates on your internal DNS server and setting up your DHCP server to perform the updates as it hands out IP addresses. man dhcpd man named man named.conf man dhcpd.conf Marco Radzinschi E-Mail: [EMAIL PROTECTED] AOL IM: CrackedBoy Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you. -- Friedrich Nietzsche (Beyond Good and Evil) On Mon, 21 Oct 2002, Ihsan Junaidi Ibrahim wrote: Hello all, I have quite a niggling problem with my box. It takes too long to resolve hostname; ranges between 15 to 30 secs. My box serves as a gateway and ipfw machine. Other machines on this network that connects to this machine don't exhibit this particular problem, resolving hostname is pretty quick. I've tried many things; amongst them putting an open firewall just to see if ipfw has anything to do with it; resolving still takes too much time. This machine also serves as a private name server but I doubt that would get in the way as I've disabled the private name server in resolv.conf; only pointing to my ISP name servers. I have another problem which I think is related. Establishing SSH and FTP sessions (the only traffics I tested) from another machine to this machine slow down to a crawl. Only after the establishments did everything ie: transferring files is running smooth. Before this everything is fast, connecting to my private FTP is blazingly fast, I did't even have the time to read the displayed log. Now when I'm doing it I can read and speak out loudly every single word while they are displaying. Even connecting to my ISP FTP server is quicker. Connecting is just too slow for convenience sake. Ditto SSH. I implement DHCP in addition to the name server which use UDP traffic *which* I think, after reading the pertinent man pages, *may* have something to do with UDP timeout or something like that. To change this default attribute, I'd have to edit a kernel variable through sysctl. How do I know the right variable? I'm really at a loss over this. This box serve as my main desktop machine, no longer using Windows and hope to become a convert. __ Do You Yahoo!? Sign up for SBC Yahoo! Dial - First Month Free http://sbc.yahoo.com To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: multiple_file_downloading
Use ncftp (in the ports) to download an entire directory. You can use the -R switch with get, as in get -R dirname to fetch a directory and everything in it. If you want to download it from Windows, you can use an ftp client like WS_FTP, which can be found on www.download.com. Marco Radzinschi E-Mail: [EMAIL PROTECTED] AOL IM: CrackedBoy Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you. -- Friedrich Nietzsche (Beyond Good and Evil) On Tue, 15 Oct 2002, harsha godavari wrote: I would like to try and install FreeBSD 2.11 on a i386 with 4MB RAM. FreeBSD 2.11 is available from ftp://moe.2bsd.com/pub/2.11BSD. Unfortunatly, there are several hundred small files in this directory.At present I am using Netscape and shift_clicking on each name is slow and painful :-) . unfortunately I am unfamiliar with FTP :-( Can I use FTP to download an entire directory (several hundred files[small]). There seem to be several FTP programs. Any recommendations of a simple to use ftp-program. Thanks. Regards Harsha Godavari To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: internet news question
I use tin. It is in the ports collection. Marco Radzinschi E-Mail: [EMAIL PROTECTED] AOL IM: CrackedBoy Whoever fights monsters should see to it that in the process he does not become a monster. And when you look long into an abyss, the abyss also looks into you. -- Friedrich Nietzsche (Beyond Good and Evil) On Mon, 22 Jul 2002, AZN Unix wrote: i can't find a program for internet news, do you guys know a web site that distributes unix programs or freebsd programs or just a free internet news program? To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: Backup Exec Agent?
Just posting this for posterity, for the next guy searching the google usenet archives. Matthew's instructions worked perfectly the first time and I was able to do a backup and restore without any trouble. Thank you, Marco Radzinschi [EMAIL PROTECTED] On Tue, 9 Jul 2002, Matthew Bettinger wrote: On Monday 08 July 2002 08:46 pm, Marco Radzinschi wrote: Hello: Is anyone successfully running the Backup Exec agent for unix on FreeBSD? I have to build a file server for work tomorrow and I have been given the go-ahead to use FreeBSD, so long as I can get the backup exec agent to run. The backup server runs Veritas backup-exec 8.5 on Netware. I am running the backupexec client on freebsd machines here at work. The veritas server is running on an old novell machine. you need to do the following: edit /etc/rc.conf and insert the line linux_enable=YES tar xvf the backupexec unix agent file create the directory /usr/local/bkupexec we are going to use agent.linux. copy agent.cfg agent.cfg.bak agent.linux from the newly untarred bkupexec directory (or whatever it untars too I forgot) .. copy these files to the /usr/local/bkupexec directory you created. Edit /usr/local/bkupexec/agent.cfg here is a sample of a working agent.cfg name tester password blahblah export /general as GENERAL include_remote export /depot as DEPOT include_remote export /Drawings as DRAWINGS include_remote export /bob_home as BOB_HOME include_remote export /brad_home as BRAD_HOME include_remote export /michel_home as MICHEL_HOME include_remote exclude_dir /proc tell 201.201.2.9 tell 201.201.2.14 tell_interval 30 follow_symdirs exclude_dir /proc The first line is the name of the machine. the exported directories are directories on the tester machine which will show up in the veritas server under Unix Agents. Don't forget to put include_remote to include the subdirectories. tell 201.201.2.9 and tell 201.201.2.14 is letting the veritas servers be aware of us. Edit /etc/services and add the following grfs 6101/tcp#backup exec Edit /etc/rc.local #!/bin/sh /usr/local/bkupexec/agent.linux -c /usr/local/bkupexec/agent.cfg /dev/null You'll have to enter root/blahblah from the veritas server. Good Luck! To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
