Re: whatkind of 19 LCD display??
On Tue, Jul 29, 2008 at 9:43 AM, Chuck Robey [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I really like the Dell, both because of their outstanding contrast and brightness, no dead pixels in any of my LCDs, and the fact that they come with multiple interfaces which are switch selectable from the front panel. The old 20 units had 4 jacks (RCA, S-Video, VGA, and DVI). Really convenient. The new 24 one, beyond being able to run native 1920X1080 for HiDef Video, it's got about 10 different jacks. Looks it up the web, the Dell pages describe it best, and the contrast on that 24 has to be seen to be believed. I actually turned it down! I would second the Dell's, specifically the UltraSharp line. I have a 19 Ultrasharp as my primary monitor and a 19 Dell Standard as a secondary monitor. The Ultrasharp has DVI and VGA, a built in USB hub and is great to look at. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: DHCP Question
On Wed, Mar 19, 2008 at 9:36 PM, [EMAIL PROTECTED] wrote: I am in the process of moving my phone system DHCP from my Mitel 3300 to a FreeBSD so I can parse the DHCP file. In order to make Mitel's option 125 work correctly, I have to specify some vendor specific options. I believe this is option 124 if I understand the Mitel documentation correctly. We have a Mitel 3300 and use OpenBSD servers with the ISC DHCP server. We have 5212 and 5224 IP phones and 5550 IP consoles. The consoles are the trickiest of all to get working with DHCP. Below are the sections from our DHCP config that relate to the Mitel. A few things to note about it. 10.1.254.254 is our name server and dhcp server. 10.1.5.1 is the IP of our Mitel 3300 controller/server. the /sysro/e2t8260 is the path of our e2t. The two most key components to get it to work are the option-128 and option-129. You need to set these as the hex representation of the IP address of your Mitel controller, so in our case, 10.1.5.1 became 0A:01:05:01. It won't work otherwise. 10.1.254.255 is our VPN gateway to our other office. The vendor-class-identifier for mitel phones is always null (at least for the 5212, 5224, and 5550 consoles). We use this to separate the Mitel phones into a separate class so they are in their own IP block. We originally just used the vendor-class-identifier thing, but then started to find NICs that had vendor-class-identifier = null, so I noticed that all of our Mitel device MAC addresses start with 1:08:00:0f., so we use that to separate them as well. It is a bad hack, but it works for us. Anyway, with this config, we have 5212, 5224, and 5550 consoles getting their addresses with DHCP. Feel free to contact me if you have any questions. # MITEL E2T TFTP boot host mitele2t { hardware ethernet 08:00:0f:1d:7e:e7; fixed-address 10.1.5.2; next-server 10.1.5.1; filename /sysro/E2T8260; } # # # # THESE DEFINITIONS MUST BE PRESERVED AS IS. The 5550 Mitel # consoles will not work unless these options are EXACTLY # as below. # # # option option-128 code 128 = string; option option-129 code 129 = string; option option-130 code 130 = text; option option-66 code 66 = string; option option-67 code 67 = string; subnet 10.1.0.0 netmask 255.255.0.0 { class mitel-phone { match if option vendor-class-identifier = null and substring(pick-first-value(option dhcp-client-identifier,hardware), 0, 4) = 1:08:00:0f; } pool { allow members of mitel-phone; range 10.1.6.1 10.1.7.254; option routers 10.1.254.254; option option-66 10.1.5.1; option option-67 /sysro/e2t8260; option option-128 0A:01:05:01; option option-129 0A:01:05:01; #option tftp-server-name 10.1.1.1; option option-130 MITEL IP PHONE; } pool { deny members of mitel-phone; range 10.1.3.100 10.1.4.255; option routers 10.1.254.254; } option broadcast-address 10.1.255.255; option subnet-mask 255.255.0.0; option netbios-name-servers 10.1.254.254; option netbios-dd-server 10.1.254.254; option netbios-node-type 8; option netbios-scope ; } Hope this helps. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Please help me with my PF config
On Thu, Mar 6, 2008 at 12:02 PM, Alaor Barroso de Carvalho Neto [EMAIL PROTECTED] wrote: 2008/3/6, Erik Norgaard [EMAIL PROTECTED]: I know my config is far away from a good config but it's the first time I configure an firewall, and I have only basic english knowledge, I'm not totally sure about I can and I can not do, even since I read the tutorials, because my english skills aren't good enough. The IN and OUT stuff is very confusing for me yet. But thankz a lot, it's working now. Hugs, Alaor Neto It looks like you already have your problem solved. One utility you might want to look at is pftop. With it, you can see pretty much in real time what is going through pf and what is being blocked. This has helped me a lot to find out which rule in blocking something I need to let through. If you run pftop, then hit the right arrow key, it will have the rule that is being applied for a given connection on the far right-hand side. If you hit SHIFT+S it will order the connections by source ip to help you find what you are looking for. Once you have the rule number that is blocking the connection you need to let through, hit the right arrow 4 more times to see the list of rules and their corresponding numbers. It may or may not be of much use to you, but I have found pftop to be indispensable when setting up pf firewalls. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Using ZFS on FreeBSD 7.0
On Wed, Feb 27, 2008 at 4:13 PM, Wojciech Puchar [EMAIL PROTECTED] wrote: will replace all other FS's -ya all others!!! how sure you are? I would second this. Just as a fun test, setup a test machine with hotswap drives in a RAID 10 zfspool. Add a hot spare for good measure. While the system is running, pull one of the hot swap drives and watch ZFS eat up all of the memory trying to talk to the drive that is not longer there until you get a kernel panic. We had this on Solaris (x86 and 64-bit installs). I know pulling a drive isn't necessarily exactly the same as a drive dying, but it still shouldn't bring down the whole system. (Paid) Sun support had no answer. We also tested ZFS on a FreeBSD 7.0 beta, run bonnie++ with a test file size larger then RAM, this too will eat up all available memory and bring down the system. Obviously this could be a bonnie issue, but still due to the overwhelming complexity of ZFS, it makes me nervous putting anything in production that would use it. ZFS has a lot of good features in theory, but like a lot of Sun software (NFS, JAVA) tends to be a little over-engineered and bloated. I don't intend to start a flame-war or anything thing like that, but in my experience there are still too many potential problems to really rely on it in production. It could just be my inability to setup ZFS properly. I would just recommend extensive testing and attempts to simulate drive failures before putting it into production. If ZFS ever gets to what it aspires to be, and then got combined with FreeBSD, you would have IMHO the ultimate server OS, but right now, FreeBSD with gmirror is pretty darn good. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: (postfix) SPAM filter?
I have found spam assassin with nightly updates of the helpful (there are other people developing new regexs daily). 48 5 * * * /usr/local/bin/sa-update --channel updates.spamassassin.org /usr/local/etc/rc.d/sa-spamd restart There are other channels you can subscribe to. Another super helpful bocker is to block all inbound connections from IPs without reverse DNS. Don't forget to virus check your email while you are at it -- there are several packages (clamav is one). And finally, a couple of RBLs added into the mix are helpful. Awesome, i didn't see the subscriptions on their website. This is exactly what i need. -- Sten Daniel Soersdal Something else I would recommend if you end up going the spamassassin route is to look at rules emporium and rules du jour http://www.rulesemporium.com/rules.htm Rules Du Jour is a nice bash script that can automatically download and update the latest rules emporium rules for several different categories of spam. You just choose which rule lists you want to use (there are a lot of categories and then different levels of spam caught vs false positives within rule sets) and then set rules du jour as a nightly cron job to update your rule sets automatically. As some one else said, this lets you have other people keep your regexs up to date. I also added these lines to the top of the Rules Du Jour script to download a couple of other nice clamAV spam signatures: #update extra clam spam defs if [[ -d /var/lib/clamav/ ]]; then cd /var/lib/clamav/ wget --timestamping http://download.mirror.msrbl.com/MSRBL-SPAM.ndb cd /var/lib/clamav/ wget --timestamping http://www.sanesecurity.co.uk/clamav/scamsigs/scam.ndb.gz gunzip -cdf scam.ndb.gz scam.ndb fi #end update extra clam spam defs I also use these smtpd restrictions in main.cf: smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, reject_non_fqdn_hostname, reject_invalid_hostname, permit smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/client_restrictions, permit_sasl_authenticated, permit_mynetworks, reject_non_fqdn_sender, reject_unknown_sender_domain, permit smtpd_recipient_restrictions = reject_unauth_pipelining, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unknown_sender_domain, check_sender_access hash:/etc/postfix/client_restrictions, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client list.dsbl.org, reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net, reject_rbl_client dnsbl.njabl.org, permit Most of that came from here: http://www.freesoftwaremagazine.com/articles/focus_spam_postfix/ Greylisting is great, and usually doesn't delay mail more than 5 minutes, but in some rare cases it can lead to mail delays of sometimes up to 4 or 5 hours (which is within RFC specs for resending after a 302 message). For my personal server, that is no problem, so I have implemented postgrey (with the stuff above) and get almost no spam ever. For a few businesses I run mail servers for, they expect email to be instant (I know it doesn't have to be technically, but that is what a lot of people expect now a days). For them 20 extra spam a day by not doing grey listing is an okay trade off so that one contact from the new client shows up in time, instead of 3 hours too late. Anyway, I hope this helps. I am always trying to find new great spam solutions (using postfix), so I will continue watching this tread with great interest. Most of the companies I setup mail servers for would rather have 30 spam delivered per user per day than have even 1 false positive or 1 significantly delayed mail, so it is always a tricky line to walk (at least for me) to block as much spam as I can, without ever delaying or blocking a ham message, so I am always looking for new ideas and solutions. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Good FreeBSD Supported Gigabit Ethernet Card?
On 9/14/07, Oliver Hansen [EMAIL PROTECTED] wrote: I'm looking to eventually upgrade my home network to all gigabit so I'm going to start by purchasing a few NICs for some old servers I just received. I know there are quite a few supported by FreeBSD6 which I found ( http://www.freebsd.org/releases/6.0R/hardware-i386.html#ETHERNET ) but I'm wondering if there is any real benefit in buying a $40 or $50 NIC like the Netgear GA311 or just get a $20 NIC like the D-Link DFE-530TX+. The use will probably be a firewall, proxy, file server, and DVR. http://www.EagleBit.com/Netgear_GA311_Gigabit_PCI_Card_p/eb-400-00357.htm -- Oliver Hansen http://www.oliverhansen.com As others have stated, Intel's are great. I would highly recommend them. Just as a heads up in case you weren't aware, in your research and purchase watch out for vendors switching chipsets within card models. Linksys is very bad about this. If I remember correctly, their most common GigE card has one model number, but 3 versions, all of which have different chipsets. As I recall, the 1st version works well, the second so-so and the third not at all. To add to the fun, they no longer print the revision on the outside of the box, the only way to find out is to open up the package and look at the chip on the card. Sorry if I sound a little bitter, I just recently had to purchase a GigE card for a couple of OpenBSD servers, needed them right away, and had to go to several brick and mortar stores asking to open the packages to make sure cards would work when I got them back to the office. Anyway, vendors other than Linksys do this as well, so just keep an eye out for it. Usually, no matter what the chipset, Intels seem to be well supported. I also had good success with the D-Link DGE-560T PCI Express card and the DGE-530T PCI card under OpenBSD. Hope this helps. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: Recommended SMP Hardware
I just built the following server and I'm in love with it. I don't know if it would be underpowered for you though. Here are the specs (I purchased all the hardware from NewEgg with the exception of the chassis which I got from servers direct) ***3ware 9550SX-8LP 64-bit/133MHz PCI-X SATA II Raid Controller Card - Retail http://www.newegg.com/Product/Product.asp?Item=N82E16816116032**http://www.newegg.com/Product/Product.asp?Item=N82E16822148140 *1 *TYAN S3950G2NR Socket AM2 ServerWorks HT1000http://www.newegg.com/Product/Product.asp?Item=N82E16813151039 *2 *Kingston 1GB 240-Pin DDR2 SDRAM DDR2 667 (PC2 5300) ECC Unbufferedhttp://www.newegg.com/Product/Product.asp?Item=N82E16820134332 *1 *AMD Opteron 1212 Santhttp://www.newegg.com/Product/Product.asp?Item=N82E16819105016 * 1 *Seagate Barracuda 7200.10 ST380815AS 80GBhttp://www.newegg.com/Product/Product.asp?Item=N82E16822148231 ** *4 *Seagate Barracuda 7200.10 ST3320620AS (Perpendicular Recording Technology) 320GBhttp://www.newegg.com/Product/Product.asp?Item=N82E16822148140 2U Chassis : *Chenbro RM21508T2-BH LINK: https://www.serversdirect.com/product.asp?pf_id=CS4506dept_id=03-003-002 PS : SPI FSP650-802UR Link: https://www.serversdirect.com/product.asp?pf_id=PS3075dept_id=31-001 Riser Cage, Rails, and CD Drive part numbers: Chenbro 84-321510-022 Chenbro 84H321210-050 Lite-on SSC-2485K It is a dual-core Opteron with 2 GB ram. The 3ware card supports 8 SATA drives. I have the 4 320GB seagates in RAID 10 and the 80GB seagate as the internal OS disk. Total cost $2104.53 (USD). Like I said, you may need a more power than me, but I love the configuration, the chassis, and the 3ware card. The SATA disks in RAID 10 get close to the same disk speed as 10K SCSI (I know that is a bold claim). In my tests they are getting up to 116Mb/s Read and 100Mb/s write. Anyway, depending on your application, I would recommend checking it out (especially the case if you want multiple SATA drives). Preston On 4/5/07, pete wright [EMAIL PROTECTED] wrote: On 4/5/07, Don O'Neil [EMAIL PROTECTED] wrote: I'm getting ready to obsolete one of my old dual P2-800 servers and wanted to get some suggestions from you all... I'm going to be building a new server to replace it and need more power, but not a TON more power... Something along the lines of dual 2.5 GHz processors with 4 GB RAM should be more than enough. Any one have some suggestions for lower priced dual processor motherboards and CPU combos? Athlon, Xeon, P4, whatever, doesn't really matter. I'd like to hear from some of you who are actually using certain combos in production and your experiences (good or bad) with them and FreeBSD 6.2. I've had good luck with multi core processors esp. the Intel 5130's. They are a x86_64 capable CPU that will give you a SMP system in one socket. This should make the machine draw less power, require less cooling, and hopefully the motherboard will be less expensive than a multi-socket board. Not sure where you are located - but I saw an add for a Southern Californian Fry's that had the an Intel Core2Duo motherboard/cpu combo for pretty cheap (~$190US). I assume you can find similar deals on the 'net as well. Hope this helps! -pete -- ~~o0OO0o~~ Pete Wright www.nycbug.org NYC's *BSD User Group ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Release 6.2
On 2/16/07, York Rapp [EMAIL PROTECTED] wrote: Hello Guys. I am looking for a DVD Image of Release 6.2 to download, but unfortunately (stupid as I am ;-)) I cannot find it. Can you give me an information or a link of a mirror. Would be very kind. Thank you for your trouble. -- Cordiali saluti, / Best regards, / Mit freundlichen Gruessen, York Make each day count. Chiacchiera con i tuoi amici in tempo reale! http://it.yahoo.com/mail_it/foot/*http://it.messenger.yahoo.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I was just wondering the same thing and I found this: http://35.9.68.172/people/tigner/bsddvd.html It is how to make the two CD images into one DVD image. I got a little tired as well with switching the CDs in and out. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Low-cost dedicated FreeBSD server or non-jail VPS?
On 2/10/07, Ted Mittelstaedt [EMAIL PROTECTED] wrote: - Original Message - From: Jay Chandler [EMAIL PROTECTED] To: Ted Mittelstaedt [EMAIL PROTECTED] Cc: FreeBSD Questions freebsd-questions@freebsd.org Sent: Friday, February 09, 2007 9:57 AM Subject: Re: Low-cost dedicated FreeBSD server or non-jail VPS? Maybe that's an option for you, but I'm looking at spending a minimum of another $60 every month to my ISP if I want those services. I haven't been sufficiently impressed to feel that they warrant that extra fee. Maybe they haven't significantly impressed you because you bought the cheap service? Hell - $60 compared to a colo feel of $50? (the cheapest I've seen someone post here) In other words, you have a choice between actually having the physical box right there, vs having it 1000 miles away, and your in a -learning- situation? And your going to cut off your nose to spite your face just because of some issue with your ISP? What are they currently doing to you to warrant that? Without knowing your connectivity and how good/reliable/bad it is it's difficult to make a judgement call. But, I can say from experience that there isn't any -TECHNICAL- reason that cheaper DSL or cable connectivity can't be made as reliable as, say, a T1. There's not many places in the United States that you can't find multiple competing broadband providers. It's a lot different overseas, but here in the US if you don't like your ISP there's usually another one around the corner. Ted But the problem in the US is that the physical lines are owned by one company that all other providers are at the mercy of. There are federal regulations in place to try to keep the line owners (Verizon, SBC, etc.) from abusing their powers, but they are pretty weak. I had this exact situation bite a customer of mine not too long ago. They hosted their server out of their office on DSL with a static IP through Speakeasy (a reseller). Speakeasy informed them that the people that owned the lines (Covad) had sold them to Verizon and that they would have to switch DSL modems, but that the outage should be minimal. I told them to plan for a full day of outage (even though the rep told us 2-3 hours), so they did. Well, when they switched over, something was wrong and the new modem would not connect. After several hours on the phone with Speakeasy, Speakeasy had determined that it was a problem at the CO and that Verizon would have to fix it. We could not call Verizon, they would not speak to us and Speakeasy only had the ability to submit trouble tickets and escalate them (common to all third party providers in our area). Although we screamed and shouted and threatened lawsuits (the customer was a law firm), there was nothing Speakeasy could do. I was then informed that if we had a T1, regulations would require a 24 hour response time, but since this was only Business DSL without a SLA (service level agreement), that it could be a week or two before they got someone to check it out at the CO. Long story short, they were out for a week. Finally it was fixed. We learned then and there that although they may call it Business class DSL and although the company you write your check to every month may have a stellar customer service record, if there is a problem in the last mile or at the CO, then you are at the mercy of whatever major telco owns your lines, and that if you do not have a T1 or higher, or at least DSL service with a SLA, then you are treated no better that a residential customer in terms of returning you back to service (could be 1-2 weeks). I think the OP just wanted a box to tinker with (I would still recommend johncomanies.com as an option), so uptime may not be a huge issue. I just thought I would share the lesson I learned that although they call it Business DSL, give you a static IP and charge you 5x the price for the same speeds, it doesn't always guarantee the same reliability that a T1 or colo facility will have. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Low-cost dedicated FreeBSD server or non-jail VPS?
On 2/7/07, John Nielsen [EMAIL PROTECTED] wrote: On Wednesday 07 February 2007 23:10, Peter Clark wrote: Is this up your alley? http://www.johncompanies.com/jc_vps.html I use this service and highly recommend it, but it definitely falls under the jail category. They've modified the stock FreeBSD jails pretty heavily and most of the time it's not obvious you're running in a jail, but if you want to do anything like create virtual interfaces, use your own mountpoints or (as the OP mentioned) experiment with firewall setups you'll be out of luck. JC does also offer dedicated servers on which they're more than happy to install and support FreeBSD, but I'm not sure that meets the low-cost requirement. JN I would second the John Companies. Also another good one to look at is sevenl.net I had a Ubuntu server there for a while and they were great. They only have FreeBSD as a dedicated option though, no VPS. The dedicated starts at $81 a month, so that may be a little more than you want to spend. Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SCP Delete
On 2/6/07, Chuck Swiger [EMAIL PROTECTED] wrote: On Feb 6, 2007, at 3:12 PM, Don O'Neil wrote: How do I delete a file after I've copied it with SCP? Is there some sort of secure 'rm' command? Use rsync --delete via SSH. (Danger! Slippery when wet! Use with caution.) -- -Chuck I am not sure the rsync --delete is what the OP intended. rsync --delete will delete the file on the remote location if it no longer exists in the source location. The OP wanted to, as I understood it, delete the file from the source location after it was copied to the remote location. Probably the best bet would to be to have a script scp the files, do some sort of verification that they made it intact, and then do an ssh [EMAIL PROTECTED]/path/to/file as suggested earlier. HTH, Preston ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Propose for a PCMCIA wireless card for laptops
I have a Edimax EW-7108PCg that works great under Linux: ( http://www.zipzoomfly.com/jsp/ProductDetail.jsp?ProductCode=253490prodlist=nextag) The reason it works great is because Edimax is great at giving documentation to developers to write drivers for it. I found this for OpenBSD: http://m0n0.ch/wall/list/showmsg.php?id=147/83 Messages back from 2005 that the OpenBSD team had received drives for it. I didn't find anything right away for FreeBSD, but you might could find some confirmation with a little searching. Anyway, it is a great card, I got it at newegg for $25, but they don't seem to have it anymore. Zipzoomfly does though (link above) for $30 with a $5 MIR. Anyway, I know this isn't the absolute confirmation you probably hoped for, but at least it might give you a card with good potential to research a little more or try. HTH, Preston On 11/16/06, Frozen [EMAIL PROTECTED] wrote: Hey, anyone who can propose for a (quite cheap) PCMCIA wireless card for laptops, easily supported by FreeBSD ? cause i recently found a pcmcia D-Link 610 wireless card, managed to enable her but doesn't function properly as it should.. Thanks in advance, Frozen ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]