Re: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS
Bryan Cassidy wrote: Sounds good to me but I'm still confused about how I need to set this up hardware wise. The link at freebsddiary sounds good to start with I guess. I don't know if I need any extra hardware either. I have at the moment 2 NICs and 2 crossover cables. Do I need more? Do I keep the NIC in this machine or do I move it to the machine that will be acting as a firewall/router/gateway? How do I set this up? Still confused on this part. Another recommendation (although slightly outdated) is : http://mostgraveconcern.com/freebsd/ (take a look at the dual-homed system howto). You ideally need 2 NIC's in your NEC machine that you want to use as a gateway/router/firewall.* Then, assuming that you want to connect to the internet on another computer, you need a NIC in that machine. If you have more than one computer besides the NEC, then you need NIC's for those machines and a hub in between. Take a look at the HARDWARE text for whatever version of FreeBSD you are installing to make sure it supports your NIC's. If you load the system and find that the NIC's aren't supported, you will have wasted a bit of time... (I'd be surprised, though, if you have a NIC that isn't supported... never met one myself.) So, the diagram looks a bit like this: xDSL/Cable Modem -- cable/crossover cable -- NIC1 | NEC | NIC2 -- cable/crossover cable -- *inside* computer where the NEC is the machine doing the NAT/Firewalling and Routing. The xDSL/Cable Modem simply gives you your connection to the net. As far as configuring the NEC, you need to spend some time to understand what NAT is and what you want to be able to do with your *inside* computers. Most of the ipfw howto's have pretty good rulesets to work with, so you don't have to worry so much about that issue - but you should eventually take time to really understand what your firewall is actually doing. hth, Steve Fettig * I say *ideally* because you *can* do it with one NIC - but that really defeats the purpose of setting that machine up as your gateway/router/firewall due to the ability for someone to spoof an address from the internal network. On Tue, May 11, 2004 at 12:26:59AM -0500, Micheal Patterson wrote: - Original Message - From: Bryan Cassidy [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 11, 2004 12:20 AM Subject: OpenBSD/ (maybe FreeBSD) Firewall/Router/DNS Hello. I am currently running FreeBSD 4.9-RELEASE p-7. I am pretty comfortable with FreeBSD for the most part and really enjoy using it on a day to day basis. This is my thoughts. I have an older NEC PC that I would like to put to some use. First off I don't know if I need any 'extra' hardware. I have now 1 DSL modem (dhcp - could get static, is it worth getting?), 3 NICs, and 2 cables to connect the ethernet cards. I have just been reading up on Firewalls on FreeBSD using ipfw. I would basically like to do the following. I want to install OpenBSD 3.5 or Possibly one of the FreeBSD 4.x, 5.x, 4-stable, current or whatever. Which would you all recommend using in this situation? I want to continue to use my nice newer, much faster computer to do all configurations to the system, updates, installing software, running apache, configuring firewall, etc. etc. etc. via ssh (good choice?) to the other/older box. Would really appreciate some insight on this topic. Networking/Security is becoming very interesting to my. Thanks. Don't forget, do I need any 'extra' hardware? snip ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: websites visited
[EMAIL PROTECTED] wrote: How do I find the different websites and e-mails sent and recieved from my computer? One way is to set up your firewall (vis a vis ipfw) to log all incoming and outgoing connections on ports 25, 80, 110, 143 and/or any others you want to monitor. It will be time-consuming, however, to sift through the raw logs. There are tools and scripts you can use for help... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Network Help
Jeffrey P. Toth wrote: Thank you for your response Ion-Mihai, On the router question, no, the router is a separate device, a D-Link 504H but is a loaner while my D-Link 804HV is in the shop. After changing them out is when I discovered I had problems. Apparently the DL804 handled whatever the problem was without a complaint. Yes I have been through setup a few times. So far all I have been able to do is take the server off-line. I have also looked up setup for NATD and I think I can enable it but would not be able to write the firewall rules for it to read yet, as I understand needs to be done. I also had a little help with setup originally and I know there is something of a firewall setup but without know what exactly I would be afraid of interfering with what is there and making a mess of it. Sorry I am such a non-user. Jeff Jeff, I've been reading this thread and I think you need to start from the beginning. I am going to make a broad assumption that your D-Link is set up correctly and that it *is* a sort of broadband router that does NAT and has DHCP services. This means that the D-Link should be somehow connected to your DSL modem and/or Cable modem (unless you are using some other sort of connection - I couldn't find the 504H on D-Link's site, but was able to find the 804HV and am *again* assuming that it is similar). So here is the assumption list: - Your D-Link is capable of doing NAT and DHCP - You can ping the D-Link from your FreeBSD box (Win box, etc.) - if you can't STOP - this is your first problem. - Your router's internal address is 192.168.0.1 with a netmask of 255.255.255.0 - You have chosen to statically assign your inside machines with addy's (although you could also get the addy assignment via DHCP from the D-Link, you may have chosen to go the static route for other reasons). On the FreeBSD box: in rc.conf you should keep: ifconfig_xl0=inet 192.168.0.150 netmask 255.255.255.0 # -- no other machine on the network should have this address defaultrouter=192.168.0.1 Assigning an address to rl0 is irrelevant - also, make sure that that interface is unplugged from your network. Make sure the xl0 interface is plugged in correctly. For now, also make sure the following is true: natd_enable=NO firewall_enable=NO Save rc.conf Now, take a look at resolv.conf. It should show something like: nameserver 192.168.0.1 or the address of a nameserver you know is valid. Get rid of any other lines for now - you can simply comment them out by beginning the line with #. Save resolv.conf Although there are ways around this, reboot the machine. Once back up and running, you should be able to ping the router and ping an address like yahoo.com. If you can't ping a website outside your internal network - i.e. Yahoo's - then there is a problem probably related to the D-Link. On every machine, you should (basically) have the following configuration: IP: 192.168.0.x (NOT 1 or any address that you have used with another machine) netmask: 255.255.255.0 gateway: 192.168.0.1 DNS: 192.168.0.1 (or other valid DNS cache server). Since you are not doing NAT or firewalling on the FreeBSD machine, there is no need to enable them. If you eventually want to do firewalling directly on the FreeBSD box, then you can enable it and configure it after you have solved your networking problems. I would recommend simply allowing the IP addy's to be assigned via DHCP, though. On FreeBSD, you simply put: ifconfig_xl0=dhcp in rc.conf and get rid of the other config info. Also, leave the firewall and nat off. In resolv.conf you can comment everything out with # as it will be assigned dynamically by the dhcp server. This *should* get you going... Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 3 Nics - Dual (Tripe) Homed Host
Travis Troyer wrote: I have a FreeBSD system that acts as a NAT Gateway, currently providing on LAN with access to the Internet. I have added a third NIC, connected to a second LAN. The second LAN does not need internet access, but I would like it to be able to communicate with the first LAN. I have tried reading various sources, but have not found anything dealing with this situation. I would appreciate any help. Below is a diagram of my current setup and the output of ifconfig. Internet | [ xl0: DHCP assigned ] Router | | [ xl1: 10.0.0.1] [ xl3: 192.168.1.10] 10.0.0.0/24 LAN 192.168.1.0/24 LAN Output of ifconfig: xl0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=8VLAN_MTU inet 24.33.126.252 netmask 0xff00 broadcast 255.255.255.255 ether 00:60:97:74:35:b0 media: Ethernet autoselect (10baseT/UTP) status: active xl1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=bRXCSUM,TXCSUM,VLAN_MTU inet 10.0.0.1 netmask 0xff00 broadcast 10.0.0.255 ether 00:01:02:37:93:eb media: Ethernet autoselect (100baseTX full-duplex) status: active xl2: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=bRXCSUM,TXCSUM,VLAN_MTU inet 192.168.1.10 netmask 0xff00 broadcast 192.168.1.255 ether 00:01:02:cc:63:d2 media: Ethernet autoselect (100baseTX full-duplex) status: active lo0: flags=8049UP,LOOPBACK,RUNNING,MULTICAST mtu 16384 inet 127.0.0.1 netmask 0xff00 Travis, Although I have been dealing with routing for years, I can't claim I really understand it well, so my advice may not be so intelligent, but here's a stab at it anyway: I think what you want to do is to bridge both LAN's. You need to tell your gateway that in order to get to 10.0.0.0/24 from 192.168.1.0/24, you need to tell the routing tables that the route to 10.0.0.0/24 is via xl1 and vice versa. route add 10.0.0.0/24 -interface xl1 and vice versa: route add 192.168.1.0/24 -interface xl2 In the handbook, it says (http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/network-bridging.html): --begin quote-- 19.5.4 Enabling the Bridge Add the line: net.link.ether.bridge=1 to /etc/sysctl.conf to enable the bridge at runtime, and the line: net.link.ether.bridge_cfg=if1,if2 to enable bridging on the specified interfaces (replace if1 and if2 with the names of your two network interfaces). If you want the bridged packets to be filtered by ipfw(8), you should add: net.link.ether.bridge_ipfw=1 as well. For FreeBSD 5.2-RELEASE and later, use instead the following lines: net.link.ether.bridge.enable=1 net.link.ether.bridge.config=if1,if2 net.link.ether.bridge.ipfw=1 --end quote-- I am not sure if this will work, though, because I'm not sure what effect (if any) it would have on the NAT from the 192.168.1.0/24 network. You might want to first try this approach while NAT and the firewall are turned off. I have a similar situation that I want to test, so I'd be curious if you succeed and how. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: CMS on FreeBSD
Scott I. Remick wrote: I'm thinking about setting up a FreeBSD-based CMS/intranet and wanted to know what other people were doing. I have a tiny bit of experience with PHP-Nuke because my webhost uses it. Although I have no real complaints about it, I am not wedded to it. snip Most promising seems Plone, which is based upon Zope. But it seems to be tremendously different from *nuke. The ports version is current and appears to work, but poking around the Plone site I wasn't able to get a feel for whether it truly can provide all the stuff I'm looking for. These are things such as: - Discussion forums - 3rd-party themes (I'm not looking to develop my own themes... I'm looking to get this up fast. Instead I'm looking for an established community of Plone-theme creators who like to create custom themes available for download, so I can pick one that appeals to me) - Polls - a variety of other modules/blocks (strength of the *nukes, but couldn't find a similar following for Plone). snip Although a little late, I thought you might want to consider MovableType (movabletype.org). I originally built my own CMS using a bunch of asp and a MS Access mdb database - unfortunately, that really wedded me to a MS server and MS software - plus, adding articles/posts was an absolute pain. This was also before CSS came en vogue and site upgrades were horribly complicated. I then found *nuke and was happy for a while until I had a lot of problems with security and php hacks enabling others to 0wn my website... oh how I hated that message. I did like the *nuke style, though, because there were so many plugins that I could do pretty much anything that I wanted. Then my philosophy on web design changed and I became a minimalist... *nuke was out. A friend of mine finally convinced me to give MovableType a try about two years ago and I've been hooked since. There are a lot of plugins available - although, I really don't use any, as I simply apply my CSS theme to different things that I wanted to *plug in* to my website. So, I can't say how well some of the things you are looking for are supported. I can say, though, that the code is extremely well written and I have never worried about or had anyone hack the site. I'm sure anything is possible, but it is the most reliable and secure CMS I have run to date - and it is *really* simple to set up. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Recommendation for Dual T1 Routing/Firewalling
Sorry to cross-post this question, but I wanted to make sure my thinking is on track regarding a FreeBSD box I am going to use for routing/firewalling. A wireless project I am working on is getting 2 T1's from Global Crossing that I want to bring into a Sangoma dual CSU/DSU card (using their software called WANPIPE to configure) in a FreeBSD box. I am considering using one of my left-over VIA mini-itx machines running at 533 MHz (512MB of RAM and a 40 GB IDE drive). Basically, I want to build a dual-homed machine that provides firewalling and NAT to the wireless network (both of the T1's are bundled by GC, so actual throughput should be around 3Mbps). There are segments of the network that I want to do NAT for and other segments where I simply want the clients to have real world addressable IP's. I have built a number of dual-homed machines before, but nothing that was critical like the system that I am about to build. Plus, I would like to test out bandwidth controls for some ranges of IP's. The questions are: a) does anyone have anything bad or good to say about Sangoma CSU/DSU cards? b) is the processor I am using more than capable of handling the bandwidth I am bringing in (considering there may be upwards of 60 machines behind the firewall either surfing via NAT or directly via their real-world IP's)? The machine is a great choice from the standpoint that there is no cooling fan and it is extremely small, so I don't have to be so concerned with mechanical failure outside of the HD. I am concerned, however, that the processor is going to be too slow and will add too much latency to the network. Like I said before, I have built dual-homed gateways before (using nothing more than a P 150 and a P II 233) and didn't have any issues with those machines, but I also wasn't dealing with the amount of bandwidth and/or clients that I am looking at for this new network. So, I am concerned about reliability and latency... Any comments or suggestions would be very much appreciated. Thanks, Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Two-way Sync of Directories - how? (rsync?)
I have two workstations I use (one at home and one at work) connected via a private DSL link that each have the directories /home/me. I want to run a cron job to sync the directories (bi-directionally). Rsync seems to work only in one direction (I know I could set up the script on both machines), but I wanted to see if I could run the script on one machine and simply copy new files over to the lacking machine or update files via checksums (where a file has been updated on one machine and I want that updated file to be copied over the old file on the other machine). I am not worried about the case where I might update a given file on both machines at the same time - it doesn't happen. Any advice and scripts that you use to accomplish this? Thanks, Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
[OT] sed question
Sorry for posting an off-topic question to the list, but this is somethin that has been driving me nuts for weeks now and I can't figure it out. I want to pass a text file through sed that replaces all whitespaces with a carriage return. I.e., if I have the file my_test_text_document.txt that is a few paragraphs of writing, I want to take the following input: I have just written five paragraphs of absolute jibberish and wish that I could get sed to work the way that I want. Oh how this question has plagued me! And have sed output: I have just written five paragraphs of absolute jibberish and ... you get the point. I can't figure out what the newline character is... I've tried \n \r \, etc. with no avail. I run the following: sed 's/[ ]/\n/g' my_test_text_document.txt and the output never has a newline added regardless of what I have substituted \n with. I have also used instead of ' and that hasn't helped... Sorry for the question, but I'd really appreciate the help! Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two-way Sync of Directories - how? (rsync?)
Bill Campbell wrote:
snip
I would do this with two rsync runs from one machine
cd $directory
rsync -e ssh -vaurP ./ $remote:$directory
rsync -e ssh -vaurP $remote:$directory/ .
Better yet, set up the directories in the rsyncd.conf files on
each machine:
cd $directory
rsync -vaurP ./ ${remote}::dir_module/
rsync -vaurP ${remote}::dir_module/ .
Bill
--
INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC
UUCP: camco!bill PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/
More laws, less justice. -- Marcus Tulius Ciceroca (42 BD)
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
I don't know why I didn't think of reversing the src and dest input on
the command... Thanks!
Steve Fettig
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Two-way Sync of Directories - how? (rsync?)
-P appears to allow you to show progress graphically with the -v switch
also chosen.
I think his example:
cd $directory
rsync -e ssh -vaurP ./ $remote:$directory
rsync -e ssh -vaurP $remote:$directory/ .
was meant to look like:
cd $directory
rsync -e ssh -vaurP ./ $remote:$directory
rsync -e ssh -vaurP $remote:$directory ./ -- (dot)(slash) not (slash)(space)(dot)
a trailing slash copies directory contents whereas not having the slash copies that directory, too. (I.E. if I am rsyncing /home/me on two machines, /home/me will copy everything including the me directory, whereas /home/me/ will only copy the contents of me. This becomes important - as I have learned the hard way - when syncronizing two dissimilar directories - i.e. /home/me to /backup/me/date.)
hth,
Steve Fettig
p.s. I hope I got Bill's message correctly...
Stephen Liu wrote:
On Monday 15 March 2004 04:10, Bill Campbell wrote:
I would do this with two rsync runs from one machine
cd $directory
rsync -e ssh -vaurP ./ $remote:$directory
rsync -e ssh -vaurP $remote:$directory/ .
Hi Bill,
Is the option
-P --partial -- progress
means 'incremental'???
What will be difference between
'./ $remote:$directory' and '$remote:$directory/'
TIA
B.R.
Stephen Liu
Better yet, set up the directories in the rsyncd.conf files on
each machine:
cd $directory
rsync -vaurP ./ ${remote}::dir_module/
rsync -vaurP ${remote}::dir_module/ .
Bill
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Hostname in shell (bash)?
Hi all, I searched the archives and documents on bash, but I can't figure out how to put the hostname of the workstation I am on before the $ of the shell/command line. Does anyone know how to add the hostname (preferably the first part - i.e. www, db1, etc) to the command line for bash 2.x? Thanks, Steve ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
USB Timeout Period, KVM Problems
Hi all, Is there a setting somewhere sets a timeout period for USB inactivity. Better stated: I have an IOGear USB KVM that I use with the FreeBSD system I am writing this on (4.9) and every 2 hrs., the KVM stops functioning and I have to cycle its power. The USB port, however, that the KVM was attached to is disabled by the system and the only way I can get keyboard and mouse access again is to restart the system (or change the USB port that the KVM is plugged into - which is just as inconvenient as shutting down the system). I think that the problem is with the KVM, but until I can get a new one, I wanted to see if I could reset the USB controls on the system to reactivate that USB port when this happens. Any ideas? Thanks, Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: cvsup not working
Greg, I have the following cvsup file for my ports-upgrade: *default host=cvsup15.us.freebsd.org *default base=/usr *default prefix=/usr *default release=cvs tag=. *default delete use-rel-suffix *default compress ports-all This works like a charm every time. The only differences I see are default base=/usr/local/etc/cvsup -- you default base=/usr -- me If I understand this correctly, however, this won't have any impact on the ports collection, as it is the location of where cvsup keeps an index of what has been downloaded and what hasn't (i.e. a type of index for comparison to what is on the cvsup server versus what is on your machine). Also, I have the 'delete use-rel-suffix' on a separate line from 'compress' - this also should not make a difference. All you should have to do (I think regardless of the shell) is run: cvsup -g -L2 /directory/to/cvsupfile/cvsup-file What you are seeing at the beginning sounds right - i.e. the screen going crazy. When you think the connection has bombed out or something gone awrey with the cvsup run, you may want to go to another virtual screen or shell to see if you can still ping a server out on the net. It almost sounds like your modem connection is locking up and not cvsup. Steve Fettig [EMAIL PROTECTED] wrote: FreeBSD fixer.com 5.1-RELEASE FreeBSD 5.1-RELEASE #0: Sun Feb 22 14:47:02 GMT 2004 root@:/usr/src/sys/i386/compile/VILLATV i386 I am having a problem with cvsup version 16. I used it about a month ao with no problem. I have now tried it several times with no success. I even reinstalled the entire operating system twice. I activate my modum and type cvsup supfile. The box appears and I click the go tab. It goes wild for about 30 to 40 seconds downloading 40 to 50 files. This is okay. After that, it just dies. This is the problem. I don't understand why it dies. I have an external modem and after it dies, sometimes the transfer lights on the modum blink and sometimes theres no light at all. After it dies, it will go until it times out (15 to 20 minutes). I have FreeBSD 5.1. I installed the cvsup package off the 1st cdrom. I created 'cvsup' in the /usr/local/etc directory. I put my supfile under cvsup. I have csh, so I typed 'setenv CVS ROOT=/usr/local/etc/cvsup', which seems to work. The supfile I use is *default host=cvsup5.freebsd.org *default prefix=/usr *default base=/usr/local/etc/cvsup *default tag-. *default release=cvs *default delete use-rel-suffix compress ports-all I don't remember my first supfile, I thinks it like the above. Also I learned that if something in the supfile isn't perfect, it won't work. Please analyze and let me know whats wrong. Thanks in advance. greg [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Preferred MTA and mail configuration
Gareth Bailey wrote: I'm new to email on FreeBSD. Could someone please advise at what MTA i should use. I thought courier might be a good choice since it has integrated POP3 and IMAP servers (bearing in mind i have to serve Outlook clients). I want simple install. Thank you Gareth ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I know a lot of people like Postfix, but I have been using a qmail/vpopmail/courier-imap combination for almost three years now. I translated a German howto into English some time ago. I have never used Postfix, so I cannot comment on its ease of setup or use, but I think once you understand the basics of an MTA and the subsequent POP or IMAP services, qmail is one of the most stable options out there. If interested, you can take a peek: http://stevenfettig.com/mythoughts/archives/90.php The original HOWTO is at: http://pofo.de/HOWTO/qmail/ I can say that I have never been hacked and/or had any problems with the SMTP, POP or IMAP services locking up - ever... If you are not supporting multiple domains, then the vpopmail option may not be necessary - it is, however, an easy way to manage one or multiple domains with qmail as the MTA. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: backup
I think there are better ways per se, but that is usually personal opinion... That being said, there are a few questions: 1) how big of an installation are you trying to back up? 2) is it necessary to back up all of the information? 3) do you have access to a faster drive (this one may not be relevant, as you may have no other option)? The handbook has a good primer on backing up FreeBSD using dump, tar and cpio at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/backup-basics.html Given the slow speed of USB 1.0 and assuming you are backing up a relatively large amount of data, you might want to try compressing your backup so that it does not take up so much space and therefore is able to made faster. A full dump backup of the /usr directory or slice is certainly advisable. You could do a compressed dump backup via: dump -0uan -f - /usr | gzip /volume_to_backup_to/usr_backup_date.gz If needed, you can then do this to all of the primary volumes/slices on your system (look at fstab if you aren't sure which are primary slices). You would need to use piping to restore the backup, though and that can get tricky if your new system that you need to restore the data to isn't sized the same as the old and isn't using the same version of dump. Considering the potential problems associated with dump, I still prefer it because I have never had problems using it myself. Another option is to use tar, but I rarely use it to make a compressed backup, so someone else might be more helpful with syntax. (man tar would also be helpful) HTH, Steve Fettig Richard Beyer wrote: We're currently doing a back up of a FreeBSD 4.9 (2) server by plugging a USB external drive in and then doing cp /dev/ad0 /dev/da0 This takes about 30 hours, (USB 1). Is this the best way to do it, or can someone suggest a better way. We'd rather not have the server offline while we do it. Cheers, Richard ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: backup
Eric, I think what you are looking for is drive mirroring (which I think is known as RAID 1). Although I have never done this myself, the Handbook seems to give good pointers at: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/raid.html For more information on mirroring control, the man of ccdconfig: http://www.freebsd.org/cgi/man.cgi?query=ccdconfigsektion=8 If you are looking at backup *philosophy* in general, though, mirroring doesn't cover it because a catastrophic system failure would simply be copied to the mirrored drive (or worse, in the case of an electrical failure - i.e. drive, board, controller burnout - you would lose everything). I only mention this because it has happened to me and I have been extremely thankful for my tape backups... Steve Fettig Eric F Crist wrote: I've been looking for a solution for this, as well. I want RAID level copying, so I can just swap harddrives and be back up and running. If I have two identical 160GB HDD, on the same IDE cable (pri/sec), how would I accomplish this, and roughly how long would it take? Figure both HDD are full. Would I activate this by a script? Eric F Crist President AdTech Integrated Systems, Inc (612) 998-3588 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Rebooting problem
Stephen Liu wrote: ** Hi all folks, Version 5.2 new installation On rebooting it hangs on . syncing disks, buffers remaining ... 5 5 done Uptime: 45m45s Shutting down ACPI Rebooting... Keyboard reset did not work, attempting CPU shutdown. It hanged here and I have to make a 'hard reboot' by pressing 'reset' key Kindly advise is it the size of SWAP insufficient? If 'YES', kindly advise how to check it and increase its size. TIA B.R. Stephen Liu ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] I had this problem some time back with 5.0 on an older system of mine. I was never able to resolve the problem, as it seemed to be a EIDE controller related problem. I downgraded (to then) 4.7 and never had any problems after that. Just today, however, as I was working on upgrading to 5.2 on the same system, the hard drive and the controller that had been problematic back then, failed. I just put in a new hard drive and the system works fine (with a new install), so I am assuming it may have been an issue with both controller and disk. I remember at the time there was information on the mailing list about their being problems with the EIDE controller I was using. You might want to start by making sure that your controller hasn't caused anyone else problems (via checking the mailing list archives). It might also be that your hard drive is slowly failing. If it is a newer drive, I would imagine that less likely, though. Someone else, here may have better advice, however, as I don't know too much about the drivers built in to the kernel for controllers. As I said, my short-term solution was going back to a more stable version of FreeBSD... Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SFTP vs. SCP and transfer rates
I know this question doesn't relate directly to FreeBSD, but because I use both sftp and scp on FreeBSD systems constantly, I thought someone here might know. If I sftp into a server and get a file, it usually transfers at about 1.2 KBps - regardless of interface, machine speed and connection speed. If I transfer a file via scp, it transfers at around 6.5 MBps on a gigabit link. If the link is slower, it still transfers at a rate many multiples of my sftp transfer. Is there a reason why one form works faster than the other? I remember someone once mentioning that sftp is really designed to run at a much slower rate than is available on many intranetwork connections these days. If this is true, is there a way to make changes? Is scp also limited by a number of speed factors? (Because even though it is much faster, it still is not necessarily moving at a speed my network gear is capable of.) TIA, Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems with FreeBSD 4.9 disk 1 ISO image
Martin Hudec (www.webcom.sk) wrote: Did you try to burn it using slower speed? This is maybe a long shot.. Cheers, Martin Martin actually has a point. I have had problems with the FreeBSD 5.1.2 ISO's - which made me think that for some reason the ISO's I was downloading were corrupted (every time I tried to install it on *one* of my machines, it crapped out with an error when installing the base system). I checked the MD5 checksums and found out they were the same. Two things that solved this: burning at a lower speed and in one case, and downloading the ISO again in another case. Another oddity I learned about in a situation some months ago: I work a lot on OS X/Macs. I downloaded one of the ISO's over night, copied it the next morning to a FAT formatted firewire HD, brought it to work and burned it on another OS X machine after copying it over from the firewire HD. The install process using *that* CD always errored out (I tried burning it 3 times). I went back to the original OS X computer and burned a copy from the ISO I had originally downloaded and voila - no problems. I found that copying from one FS to another can also sometimes corrupt ISO's. I don't understand why, but this is not the first time this has happened - and it is not only with FreeBSD ISO's. I learned to always double check the MD5's after that and be careful of crossing FS's multiple times. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
USB 2.0 - 1.0 Support Backwards Compatible in 4.9? Re a SonyFileVault USB 2.0 Flash Drive
I have a Sony FileVault USB 2.0 Flash Drive that I use to store working documents on (I don't use the security portion of the drive - if anyone has had one themselves - I was simply able to get it for a steal) that I cannot get working under 4.9 on an HP D530 machine (2.5 GHz P IV w/ on-motherboard USB 2.0 controllers. When I have the machine running, I cannot simply attach the USB Flash Drive and mount it like one would a CD, etc. The machine simply doesn't see the device. I have looked through dmesg and the messages logs to see if it is even seen, but it isn't. What is even weirder, is that if I boot the machine/restart it with the drive attached, the system sees it: Feb 18 16:32:19 hpBSD /kernel: umass0: Sony USB Mass Storage Device, rev 2.00/0.01, addr 3 Feb 18 16:32:19 hpBSD /kernel: pci0: USB controller at 29.7 irq 10 BUT, my USB keyboard and mouse no longer respond. I do have all of the appropriate kernel mod's included (da, scbus, etc.), so I'm not sure what is happening. According to a statement in http://www.freebsd.org/cgi/getmsg.cgi?fetch=445988+448507+/usr/local/www/db/text/2004/freebsd-questions/20040118.freebsd-questions USB 2.0 is supported in 5.x and NOT 4.9. If this is the case, why won't the device and the controller simply revert to USB 1.0 or is there something I need to set to get it to work properly (or is the 82801EB controller not able to play fair with an os that doesn't support the 2.0 capabilities). In fact, I could care less at this point whether it runs at 2.0 speeds because it's flash memory that is only capable of 4MB/s transfer anyway. I would simply like to understand how one can play with the USB setup in 4.9 and see if there is anything I can tweak. (I will eventually upgrade to 5.2 - which, from what I have read, should solve my problems - but before I make the leap, I want to learn more... Any recommendations or ideas? Steve Fettig P.S. Pardon my ignorance on this type of hardware question. I am trying to understand whether backwards-compatible is really decided by the software or hardware... ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OpenOffice ports build... proceedure for FreeBSD 4.9
Eric (and list), I finally got it working this morning under the following conditions: Fresh install of FreeBSD 4.9 from the mini-ISO cd. Install X from the sysinstall via FTP Install Gnome from the sysinstall via FTP cd /usr/ports/distfiles (as root) make sure openoffice-1.1.0_1.tgz is in the distfiles directory pkg_add -r ORbit pkg_add -r gtk pkg_add ./openoffice-1.1.0_1.tgz start x / startx type openoffice-1.1 (it is installed in /usr/local/bin) configure at will exit configuration start openoffice by typing openoffice-1.1 Works for me... If anyone has a better routine, I'd love to hear it. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD on Dell PowerEdge 2500
[EMAIL PROTECTED] wrote: Anyone have any experience installing FreeBSD on a Dell PowerEdge server? 2500 or any other? I'm looking at having to do so and, having not done it before, I'm just wondering if there are any gotchas I should be aware of or if I have to use their OpenManage CDs or something. Take care, Mike ___ I have two Dell PowerEdge servers (that I bought off eBay - a 2200 and 2400) that have FreeBSD currently running on them (one of them has been up for almost 2 years - minus the one time I had to turn it off to move). I have never had any problems with the install procedure. I have noticed that trying to install 5.2.1 can be quirky on a number of machines (I haven't tried it on the Dells because they are production servers), but not with the 4.5-4.9 series of releases. (Plus, the 5.2.1 problems are related to NIC's and some other equip that may be considered non-standard.) My 1/2 cent. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OpenOffice ports build...
Eric, Have you considered installing the pre-compiled packages? If you aren't aware, they are available at: http://projects.imp.ch/openoffice/ I have installed the 1.1 version on both fbsd 4.9 and 5.2.1 - they work fine for me although I haven't done extensive work with oo on either sys. HtH, Steve Fettig Eric F Crist wrote: Hello list, How would I install/obtain a compatible binary for OpenOffice 1.1. I don't have 4+GB for a ports build of it. Either that, or how would I go about merging my /usr and /home partitions so that they're one and the same (like I should have done from install). Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Internet connection sharing
The network settings are usually in the rc.conf file in /etc/. For DHCP, you should have the line ifconfig_interface=DHCP where *interface* is the given nic you are using - in other words, it is *not* the word interface. If you are trying to set a static IP addy and gateway, then your rc.conf file should have entries that look like: defaultrouter=x.x.x.x ifconfig_interface=inet x.x.x.x netmask x.x.x.x HtH, Steve Fettig Lance Earl wrote: I am new to FreeBSD. I am evaluating it as a possible replacement for my in house desktops and ultimately a replacement for my redhat Internet server. I installed 4.9 without a hitch and decided to go ahead and install 5.2 in order to avoid potential upgrade issues mentioned on the BSD wed site. I am having problems with internet connection sharing. The computer is seeing my network but is not seeing the Internet through my gateway computer. I think that I may have incorrectly entered the gateway IP during install. I have checked the FAQ and HandBook for the name and location of the file that contains the Gateway IP with no success. Can you please help me locate this file so I can confirm my settings. Thanks Lance Earl DallyPost, Inc. 208-548-2721 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OpenOffice ports build...
I originally had problems with that error, too. I ran 'pkg_add -r openoffice-1.1' making sure that the openoffice-1.10_1.tgz was in the /usr/ports/distfiles directory. I can't remember having any issues after that. (Oh, I also made sure that /usr/ports/java/jdk14 was installed before going through all of this. It was a huge pain, but having the jkd14 package installed has solved a lot of mozilla and openoffice related installation problems.) (But, I have been working on two projects at once and am not so sure... maybe I need some sleep.) Steve Fettig Eric F Crist wrote: snip I get an error about ORBit-0.5.17 not found. I'm guessing this is a dependency I need? I typed, from CLI: # pkg_add openoffice.x.x.x ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: OpenOffice ports build...
Eric F Crist wrote: On Sunday 15 February 2004 10:51 pm, Steven N. Fettig wrote: I originally had problems with that error, too. I ran 'pkg_add -r openoffice-1.1' making sure that the openoffice-1.10_1.tgz was in the /usr/ports/distfiles directory. I can't remember having any issues after that. (Oh, I also made sure that /usr/ports/java/jdk14 was installed before going through all of this. It was a huge pain, but having the jkd14 package installed has solved a lot of mozilla and openoffice related installation problems.) (But, I have been working on two projects at once and am not so sure... maybe I need some sleep.) Steve Fettig Eric F Crist wrote: snip I get an error about ORBit-0.5.17 not found. I'm guessing this is a dependency I need? I typed, from CLI: # pkg_add openoffice.x.x.x As you said, I put the file, openoffice-1.1.0_1.tgz to /usr/ports/distfiles and I get the following error when I type pkg_add -r openoffice-1.1 or pkg_add -r openoffice-1.1.0_1 (or any other combination): Error: FTP Unable to get ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4-stable/Latest/openoffice-1.1.0_1.tgz: File unavailable (e.g., file not found, no access) pkg_add: unable to fetch 'ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-4-stable/Latest/openoffice-1.1.0_1.tgz' by URL thanks. I'm grasping here, but try: pkg_add -r openoffice-1.1 (w/ out any of the trailing info). See if it simply tries to use the openoffice tgz that you have downloaded. I remember working on this for quite a while until figuring out the correct sequence of steps I needed to use. Steve Fettig ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
