Forgive the top-post -- I have independently verified this,
suggest you open a PR. This is definitely a bug in opiepasswd.
It is also present in RELENG_4_8.
Regards, Michael
Sergey Sysoev wrote:
Hi. I have a question related to freebsd opie implementation.
I am running 4.9-RELEASE and I've tried
On Tue, Feb 7, 2012 at 6:18 AM, William Brown
wrote:
> Why not use the ZFS send / receive command?
and how well does that work on UFS filesystems?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-question
man hier
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
On Sat, Feb 18, 2012 at 3:10 PM, Daniel Staal wrote:
> --As of February 18, 2012 2:46:32 PM -0800, Michael Sierchio is alleged to
> have said:
>
>> man hier
True, but /usr/... was a typical place to find users' home
directories, since /usr is mounted when the system goes t
Forgive the naive question, but on one of my Nikons, it is possible to
present the device itself, or the SD card as a USD drive. Which are
you doing? No doubt there is no driver for the D50 in the kernel, but
the generic umass driver should handle the device.
On Mon, Feb 27, 2012 at 9:47 AM, Joh
On Mon, Feb 27, 2012 at 10:21 AM, Damien Fleuriot wrote:
>> ssh-keygen(1) is the typical method.
>>
>
> Or just delete the existing keys and sshd will recreate them at first
> boot ;)
No, sshd will not create the keys. They are created by
/etc/rc.d/sshd, which invokes ssh-keygen if it doesn't f
ipsc, from packages or ports, is very useful.
> ipsc -gch 10.0.0.32/27
Network class:A
Network mask: 255.0.0.0
Network mask (hex): FF00
Network address: 10.0.0.32
Subnet bits: 19
Max subnets: 524288
Full subnet mask: 255.
There are two edits to make to ex_shell.c in /usr/src/contrib/nvi/ex that
will prevent a shell from being executed.
99,100c
return (1);
.
48,51c
return (1);
.
On Mon, Mar 12, 2012 at 4:59 PM, David Brodbeck wrote:
> On Mon, Mar 12, 2012 at 7:19 PM, Tim Daneliuk
> wrote:
> > I have a situation
That would be something in the BIOS settings, probably...
On Sat, Mar 31, 2012 at 8:38 AM, Jens Schweikhardt <
schwe...@schweikhardt.net> wrote:
> hello world\n
>
> I'm running 9-STABLE/amd64 and for a few months now, whenever I shut
> down with "shutdown -p now", the USB devices still have power
On Mon, Apr 16, 2012 at 10:46 AM, Wojciech Puchar <
woj...@wojtek.tensor.gdynia.pl> wrote:
>
>> Does newfs always must create sufficient count of inodes? or I must
>> supply some addition options when creating FS?
>>
>> yes
>
> man newfs
>
> (-i option)
>
>
There are many use cases for a filesyst
On Thu, May 3, 2012 at 11:17 AM, Noel wrote:
>
> Indeed, I should have mentioned that if you have freebsd-8x or
> earlier, this feature isn't built-in but can be easily added:
>
> http://freebsd.1045724.n5.nabble.com/Re-rc-8-script-waiting-for-the-network-to-become-usable-td4242157.html
> Or the
On Wed, May 9, 2012 at 8:03 AM, Robert Bonomi wrote:
> "Details are *IMPORTANT*"
What's the user's shell in the password file, and does that shell:
exist? executable? In the /etc/shells file?
___
freebsd-questions@freebsd.org mailing list
http://lis
man sh (or man csh) - look for 'umask'
On Sat, May 12, 2012 at 7:37 AM, fake fake
wrote:
> I need a sort of file permission template.
> Under some particular directory (like ~/secret), I need all those
> files (including newly creating one) mode 700.
> Is there any template-trick? Or "chmod -R 70
On Mon, May 21, 2012 at 8:30 AM, Paul Macdonald wrote:
> A very open firewall test script is as follows:
>
> 00010 allow ip from any to any via lo0
> 00081 deny log ip from 180.0.0.0/8 to any
> 00100 check-state
You don't need the following
> 00101 allow tcp from any to any established
This may
On Mon, May 21, 2012 at 10:19 AM, Paul Macdonald wrote:
> this is now resolved, i hadn't realised (embarrassingly) that ipfw list will
> show rules if if the fw is disabled.
You should consider using tables, which allow you to add ad hoc nets,
etc. and you can swap rulesets atomically so you can
On Fri, Jun 1, 2012 at 7:35 AM, Polytropon wrote:
> I do _not_ want to try to claim a "ZFS inferiority due to
> missing backups", but there may be occassions where (except
> performance), low-level file system aspects of UFS might be
> superior to using ZFS.
If you have an operational need for o
On Fri, Jun 1, 2012 at 8:16 AM, Wojciech Puchar
wrote:
> Better=random read performance of single drive.
What an entirely useless performance measure! Maybe you should
restrict yourself to
using SSDs, which have rather unbeatable random read performance - the
spindle speed
is really high. ;-)
_
On Fri, Jun 1, 2012 at 8:08 AM, Wojciech Puchar
wrote:
> ZFS is somehow in that part similar to Amiga "Fast" File System. when you
> overwrite a directory block (by hardware fault for example), everything
> below that directory will disappear. You may not be even aware of it until
> you need that
On Sat, Jun 2, 2012 at 7:44 PM, Daniel Staal wrote:
> I will agree that ZFS could use a good worst-case scenario 'fsck' like tool.
Worst-case scenario? That's when fsck doesn't work. Quickly followed
by a sinking feeling.
> ZFS can be a complicated beast: It's not the best choice for a single
Try
machdep.independent_wallclock=1
On Tue, Jun 5, 2012 at 8:08 AM, Martin Dimitrov
wrote:
> Hi,
>
> I am new to FreeBSD, decided to migrate a web server to FreeBSD. I
> recently both a VPS that claim to use KVM as a virtualization service, I
> don't know the details of the real hardware running
On Wed, Jun 6, 2012 at 11:31 AM, Simon wrote:
> This easily causes DoS for when too many FIN_WAIT_2 are created and IPFW
> stops forwarding using the rule above because of "too many dynamic rules"
Change the defaults for the fw.dyn sysctl MIB nodes
to something like
net.inet.ip.fw.dyn_short_li
On Thu, Jun 7, 2012 at 10:15 AM, Michael Powell wrote:
> There is also this you can place in /etc/sysctl.conf:
>
> net.inet.tcp.fast_finwait2_recycle=1
>
Good catch. The defaults are perhaps not ideal in all cases:
net.inet.tcp.finwait2_timeout: 6 <- ms, ten minutes
net.inet.tcp.fast_finw
On Thu, Jun 7, 2012 at 10:27 AM, Michael Sierchio wrote:
> net.inet.tcp.finwait2_timeout: 6 <- ms, ten minutes
I can't do arithmetic, but you get the idea. A full minute.
___
freebsd-questions@freebsd.org mailing list
http://lists.
On Thu, Jun 7, 2012 at 7:34 PM, Polytropon wrote:
> Maybe introducing something along the /etc/rc execution?
> An /etc/rc.local entry like
>
> /bin/date "+%Y-%m-%d %H:%M:%S" > /var/log/thisboot.log
>
> and then just look at the file. Requires at least one reboot
> to take effect. :-)
>
Yo
On Sat, Jun 9, 2012 at 6:22 AM, Gary Aitken wrote:
> I reconfigured my ssd filesystem with the /var partition of size 512M.
> Unfortunately, something in portsnap or the ports tree in general uses a
> boatload of small files, and i ran out of inodes. Can anyone recommend an
> appropriate size
On Sun, Jun 10, 2012 at 9:31 AM, Bruce Cran wrote:
> Does Intel control AMD too? Last I checked there are plenty of AMD machines
> in major stores and they come with Windows too.
So... attempting to bring reason into the argument? That won't do, I'm
afraid. ;-)
__
On Mon, Jun 11, 2012 at 7:04 PM, Walter Hurry wrote:
> As the subject says, this is probably a newbie question (I am new to
> FreeBSD but quite experienced at Linux).
>
> FreeBSD9 on x86_64.
>
> Cron is running:
>
> $ ps -ax|grep cron
>
> 1513 ?? Is 0:00.01 /usr/sbin/cron -s
>
> 2283 0
On Mon, Jun 11, 2012 at 7:25 PM, Walter Hurry wrote:
cat /etc/shells
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
On Mon, Jun 11, 2012 at 8:36 PM, Arlen McIntyre wrote:
> I cannot afford to buy FreeBSD.
Dada is not dead!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "fr
On Fri, Jul 6, 2012 at 11:58 AM, Eitan Adler wrote:
> Slices isn't the "old" way. There is no perf advantage for dedicated
> disks. Maybe you get a
> few kb of extra space. Don't do it.
>
> http://www.unixguide.net/freebsd/faq/09.03.shtml
That is EXTREMELY old advice. The general advice, for th
Sorry for the naive question, but most of my old rulesets still use
natd, and I've only used built-in nat for outbound traffic. I'd like
to redirect certain ports on certain addresses to the same ports on
internal (RFC1918) addresses. The examples in the man page aren't
helpful, and the handbook
xauth not in your path?
On Tue, Jul 12, 2011 at 4:46 AM, wrote:
> Mark Felder wrote:
>
>> This sounds silly, but what happens if you try ssh -Y
>
> Exactly the same thing as with -X, in either direction.
>
> It still fails with the 6.1 system as the ssh client,
> and works with the 6.1 system a
:
>
>
>
> From: Dan Nelson
> To: Michael Sierchio
> Cc: freebsd-questions@freebsd.org
> Sent: Mon, July 11, 2011 1:07:31 PM
> Subject: Re: IPFW Firewall NAT inbound port-redirect
>
> In the last episode (Jul 11), Michael Sierchio said:
>> Sorry for the naive q
We're not talking about natd. The question was about the use of ipfirewall nat.
On Tue, Jul 12, 2011 at 9:03 AM, Dan Nelson wrote:
> In the last episode (Jul 12), Michael Sierchio said:
>> Is there a way of specifying a particular public address if there is
>> more t
aining.
- M
On Tue, Jul 12, 2011 at 11:05 PM, Bill Tillman wrote:
>
>
>
>
>
> ____
> From: Michael Sierchio
> To: Dan Nelson
> Cc: Bill Tillman ; freebsd-questions@freebsd.org
> Sent: Tue, July 12, 2011 6:35:19 PM
> Subject: Re: IPF
wrote:
> Michael Sierchio wrote:
>
>> I'm familiar with natd since its appearance. I was unclear on the
>> ipfirewall nat syntax, since there is no syntax definition in the man
>> page. It's true the man page is already too large, but some examples
>> (some
IMHO what has helped Linux is the existence of commercial
distributions with support - Red Hat, SUSE, etc. The only attempts to
do this for BSD have been undercapitalized and/or half-hearted.
But I find the general premise of the discussion to be - how to say
this politely? - stupid. Things that
This is extremely important, esp. with Softupdates, since fsync() does
not guarantee a flush of all buffers to the medium. In order to
implement a stable queue, it would be best to use a different
filesystem.
On Fri, Jul 22, 2011 at 6:16 AM, Unga wrote:
> --- On Fri, 7/22/11, Pieter de Goeje wr
On Fri, Jul 22, 2011 at 7:42 AM, Polytropon wrote:
> But wouldn't sync() (see "man 2 sync") make sure that
> all buffers, even in regards to soft updates, get
> immediately flushed / written?
Apparently not. I think most of Matt Dillon's notes are still relevant.
http://leaf.dragonflybsd.org/ma
man freebsd-update
On Wed, Aug 10, 2011 at 6:21 PM, Daniel Staal wrote:
> --As of August 10, 2011 1:26:10 PM -1000, Wright, Jonathon Mr CTR US USA
> USARPAC is alleged to have said:
>
>> How do I know as an admin of my FreeBSD server that the version I am
>> running is supported via automated fas
On Mon, Aug 15, 2011 at 1:06 PM, Yuri wrote:
> User john is a member of both webcamd and vboxusers:
> # grep john /etc/group
> webcamd:*:145:john
> vboxusers:*:920:john
>
> When the file /tmp/my-test is owned by webcamd, user john can touch it ok:
> $ ls -l /tmp/my-test ; touch /tmp/my-test
> -rw
same conclusion as
I did, having spent several minutes pondering the matter while popping
pimples."
Regards (very slight),
Michael Sierchio
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
On Sat, Aug 20, 2011 at 10:12 AM, Dave Pooser
wrote:
> 3) Updates are a mess. It's cool that I *can* compile a new kernel, but
> that I *have* to is ridiculous. Updating a server should not be more
> difficult than "yum update" -- full stop.
Are you lazy, or stupid? man freebsd-update
_
Presumably you're doing this to prevent direct login?
chpass allows root to set the encrypted password directly
chpass -p '$1$123456789$your-random-chars-here'
On Tue, Aug 30, 2011 at 11:16 AM, Michael wrote:
> Hello,
>
> When adding a new user it is possible to assign a random generated passw
dd if=/dev/random count=1 | tr -c "[:alnum:]"
'0-9A-Za-z0-9A-Za-z0-9A-Za-a-z0-9A-Za-z'
will give you the right kind of characters to use, for example.
On Tue, Aug 30, 2011 at 11:32 AM, Michael Sierchio wrote:
> Presumably you're doing this to prevent direct login?
&
P2Ka9Gu39jFULWbLYwqNfzDMVOy76nPEWA9DfeT5yUrSO9fSyREAes7XxSbYvcyuzahBdqBaySc4EIgRQDBFqRxJ6hzbY7dg98HtcQzoWSrCgf2SA6VJwLivtld3eCddIz5HZIjcHUqISzFXMLnOPszV627zGhOm5Ei7diTQbf8GZQ3ZD8r7yY2ao9Mbm9w16nCt5issPD2toxoKSdqaNWYHbTCqEhXineHmQPwX9z1qDFZkM7B20FecLS5ECKe8yH7iSlIiFDCbAbFNVJ1PP
#
I'll leave it to you to pick out 9 chars for the seed and 31 chars for
the rest, as in
$1$zNvPGEVzC$Z0QQRMUjtzcJJXRlKNPfVFCTEol0pdP
On Tue, Aug 30, 2011 at 11:34 AM, Michael Sierchio wrote:
> dd if=/dev/random count=1 | tr -c "
That occurred to me, but it's a smaller alphabet. Probably doesn't
matter if the purpose is to make login unusable.
On Tue, Aug 30, 2011 at 11:40 AM, Randal L. Schwartz
wrote:
>>>>>> "Michael" == Michael Sierchio writes:
>
> Michael> dd if=/dev/r
It occurs to me that there may be a couple of other wrinkles. There
are kernel boot parameters that tell which kind of console to use, and
there are switches you can twiddle in /boot/loader.conf, notably
#console="vidconsole" # A comma separated list of console(s)
console
I might suggest installing qmail, and running qmail-send only. This
involves moving /usr/sbin/sendmail out of the way, and
ln -s /var/qmail/bin/sendmail /usr/sbin/sendmail
which satisfies every invocation of sendmail I've seen. YMMV.
- M
On Sun, Sep 4, 2011 at 2:44 PM, Brett Glass wrote:
> J
Doesn't work in practice, since there are programs that don't honor
this and invoke sendmail directly.
On Sun, Sep 4, 2011 at 3:55 PM, RW wrote:
> On Sun, 4 Sep 2011 15:08:11 -0700
> Michael Sierchio wrote:
>
>> I might suggest installing qmail, and running qmail-sen
On Sun, Sep 11, 2011 at 3:38 PM, alexus wrote:
> thanks, but did u actually tried it?
If what you're asking is, "does traffic shaping work?" the answer is
yes. There are some provisos - you must create an outbound pipe and
an inbound pipe that accurately reflect the observed network
performance
0 ip 0.0.0.0/0 0.0.0.0/10561920651 00
0
> 16 ip 0.0.0.0/0 0.0.0.0/10643641781 00
0
> 32 ip 0.0.0.0/0 0.0.0.0/10724353920 00
0
> 48 ip 0.0.0.0/0 0.0.0.0/2
amending my remark... UID matching is problematic. Why are you trying to
classify packets based on that?
On Sunday, September 11, 2011, Michael Sierchio wrote:
> You don't seem to have any rules that match packets. This won't work.
>
> On Sunday, September 11, 2011, alexu
On Wed, Sep 14, 2011 at 6:55 AM, Matthew Seaman
wrote:
> ... In these days of plentiful RAM, the new rule of thumb is "if you're
> swapping, then you're doing it wrong."
I think your response follows the excellent pedagogical principle: "a
little inaccuracy saves a lot of explanation." But... d
Sorry to have missed your prior post - please include the entire
ruleset. Thanks.
On Sun, Oct 9, 2011 at 10:28 AM, wrote:
> freebsd-questions@freebsd.org
> #
> #
> # FreeBSD_7-4 RELEASE
> # Our hardware is pristine
> #
> # What is described herein are regular, yet random occurrences; we need he
On Sat, Oct 22, 2011 at 7:12 AM, Polytropon wrote:
> Is there _any_ reason why moving from port 22 to something
> different is _not_ a solution?
>
> Reason why I'm asking: Moving SSH away from its default port
> seems to be a relatively good solution as break-in attempts
> concentrate on default
On Sat, Oct 22, 2011 at 9:54 AM, RW wrote:
> Normally if the rules are stateless you would allow established tcp
> packets, but would deny them with stateful rules. In the latter case,
> established traffic would be passed by the check-state
You need to pay attention to direction as well. Suppo
On Sat, Oct 22, 2011 at 10:08 AM, Conrad J. Sabatier wrote:
>
> Similarly, for udp rules, be sure to include the keep-state (but not
> setup) keyword.
>
RIght - if you're just protecting a single host, for example, your
ruleset might be something like
ipfw add 1000 allow ip from any to any via
You could edit the label and make it cover the unit, then run growfs
(assuming you have backups), but for the most part this can safely be
ignored.
2011/10/24 Sergei Vyshenski :
> Hi,
>
> Is it safe to ignore a sting in gmesg:
>
> GEOM: ad10s1: geometry does not match label (255h,63s != 16h,63s).
I've been trying to upgrade a client firewall to 8.2, but have an odd
problem. The current config, based on 7.4, has the firewall as an
IPsec endpoint for other offices, but also is doing 1:1 NAT and
passing L2TP traffic to a VPN endpoint inside the firewall.
The upgrade to 8.2 breaks the L2TP tr
It depends...
some VPNs push routes, including default routes, and nameservers and
search paths, but it's up to the client on how to handle it. Some of
these will set /etc/resolv.conf, etc.
What *kind* of VPN are you talking about? OpenVPN? PPTP? L2TP?
I generally prefer dnscache to BIND, an
in /boot/loader.conf (see /boot/defaults/loader.conf)
acpi_load="NO"
On Wed, Nov 2, 2011 at 3:11 PM, Al Plant wrote:
> Aloha,
>
> I have a box that wont shut down with ACPI setting activated. Anyone point
> me to a how to on keeping ACPI from being set to on at boot.
>
> Thanks .
>
> ## Please
Mount via tcp.
On Wed, Nov 2, 2011 at 4:51 PM, Vincent Hoffman wrote:
> Hi all,
> What kind of speed should I be expecting over an NFS mount from
> a linux box using a gig interface (igb)? I'm seeing linux clients
> getting approx 2 or 3 times the throughput rsyncing files from a linux
> n
It will work fine - it won't attempt to update the kernel.
On Thu, Nov 3, 2011 at 8:49 AM, masayoshi wrote:
> I would like to know about freebsd-update command.
> It is rumoured that freebsd-update command does not work well with custom
> kernel.
> First question is the following :
>
>> su -
> #
On Thu, Nov 3, 2011 at 9:13 AM, Jason Helfman wrote:
> I does work fine with a custom kernel, as long as you are running and
> maintaining the actual update server that distributes.
I don't think that's relevant. It works fine with the public servers.
___
This is simply not the case. freebsd-update works on the basis of
cryptographic hashes on the binaries. It is, after all, a binary
update program. If it detects a custom kernel, it will not update the
kernel, but updates userland programs. It doesn't *care* what your
kernel config name is, it re
I just use tar for this.
( cd /path/to/src ; tar cf - . ) | ( cd /path/to/obj ; tar xf - )
- M
On Sat, Nov 5, 2011 at 12:47 PM, Chris wrote:
> I'm having difficulty copying a directory tree from my FreeBSD server to
> USB storage. The problem is that the tree contains file and folder names
> wh
Are you running a firewall? Do you have a ppp connection?
This happens when there is a dependency that is not expressed in the
/etc/rc.d scripts.
- M
On Sat, Nov 5, 2011 at 2:52 PM, Robert Simmons wrote:
> Is there a way to make sure that the interface is UP and working
> before running ntpdat
Oh, and what kind of filesystem is on the USB device?
- M
On Sat, Nov 5, 2011 at 2:48 PM, Lowell Gilbert
wrote:
> Chris writes:
>
>> The tar one-liner is similar what I used to use on Gentoo and Arch linux,
>> so I thought it strange that it isn't working here. I'm still having
>> problems thou
On Sat, Nov 5, 2011 at 3:15 PM, Chris wrote:
> I apologize for the lack of detail. The command I'm using is:
> ( cd /usr/local/etc/transmission/home/Downloads/ ; tar cf - . ) | ( cd
> /mnt/usb ; tar xf - )
Show, don't tell. What does tar report when you run it?
___
The keywords in /etc/rc.d/ntpdate have
# PROVIDE: ntpdate
# REQUIRE: NETWORKING syslogd named
# KEYWORD: nojail
which means that networking must be up first. The question in your
case is why name resolution is failing.
See what happens if you pick some public stratum 1 or stratum 2
servers for
On Sun, Nov 6, 2011 at 6:35 AM, Polytropon wrote:
> However, if you _can_, solve the _cause_ of your
> problem, i. e. educate those who create that
> kind of trouble-carrying file and directory names
> _not_ to use spaces!
Amen, Brother. Just because you *can*, doesn't mean you should. I
blame
You're mistaken. ;-) 495736 / 507630, with some margin for free
space, means you're full.
Boot in single user mode.
for each mount point ( /tmp /usr /var )
chflags -R noschg /
rm -rf //*
You probably have a lot of hidden files covered by the mounted filesystems.
- M
On Mon, Nov 7, 2011 at 9:39
On Mon, Nov 7, 2011 at 10:21 AM, Adam Vande More wrote:
> This is terrible advice. There are proper methods for finding what's using
> the space and to recover it. You should use them.
If there are files hidden by a covering mount, you won't find them
when those filesystems are mounted.
- M
_
On Mon, Nov 7, 2011 at 10:33 AM, Adam Vande More wrote:
> Indiscriminately instructing a user to delete files isn't good advice no
> matter how much butter you put on it.
It was with no small amount of discrimination and discernment that I
offered that advice. Any files that exist there should
On Fri, Nov 18, 2011 at 8:59 AM, Daniel Staal wrote:
> /proc is a file on /. /proc/* are files on /proc. The former is still on
> the root filesystem (if only as a directory stub to be used as a
> mountpoint), so reading it isn't leaving that filesystem. Reading
> anything *in* it would be.
>
On Fri, Nov 18, 2011 at 9:27 AM, Matthew Seaman
wrote:
> I find it quite astonishing that /proc would deliberately behave
> differently to *every other* filesystem available. The mountpoint
> should belong to the filesystem mounted on it.
I have an idea what you mean by "belong to" in this case
On Tue, Nov 22, 2011 at 1:58 PM, Kees Jan Koster wrote:
> Thank you for your reply. Your comment about dupe IP triggered something that
> I failed to mention: the interface is aliased. It has two IP addresses. IP
> address a and it has an alias IP address b. I just tested binding mtr to each
>
Matthew suggests turning off hardware checksums - it won't hurt to
give that a try:
ifconfig bge0 media 100baseTX mediaopt -txcsum
On Tue, Nov 22, 2011 at 2:26 PM, Adam Vande More wrote:
> On Tue, Nov 22, 2011 at 4:11 PM, Kees Jan Koster wrote:
>>
>> [kjkoster@saffron ~]$ ifconfig bge0
>> bge0
On Wed, Nov 23, 2011 at 9:01 PM, Martin McCormick
wrote:
> Rsync is a great utility, but is there a way to preserve
> ownership and permissions if rsync remotely logs in to a backup
> server as a normal user?
Does the same user exist on the remote system, with the same uid, etc.?
If you'r
My #1 choice is - your web browser and Amazon Web Services (EC2),
where you may have Linux, FreeBSD, or Windoze instances.
On Wed, Nov 30, 2011 at 6:57 AM, Ryan Coleman wrote:
> Guys,
>
> My day job is looking for a good VM lead and I thought of you. Well, ok, I
> thought you could get me some g
You can rate-limit pings and other icmp with sysctl nodes (sysctl
net.inet.icmp )
You can make the rule a little more restrictive:
add allow icmp from any to any icmptypes 0,3,8,11
if you want to disallow echo requests, omit 8 - the others are
essential for most things to work properly or to dia
Cheap USB drives, and even many CF drives, aren't much good as random
read-write devices. On my Soekris boxen I run FreeBSD, and mount the
root filesystem rw,noatime. And I don't write to it. ;-) /var is a
memory filesystem, there /var/db/... contain symbolic links to
/usr/local/db/.. because th
Careful reading, as opposed to blindly applying updates, is often
rewarded. If you aren't running telnetd, it follows that you are not
vulnerable to the most serious exploit addressed by the patch (remote
root).
I have had no trouble since applying the patch to 7.4 and 8.2 systems. YMMV.
Given th
man 4 enc
On Tue, Jan 3, 2012 at 8:30 PM, Edward Carrel wrote:
> On Jan 3, 2012, at 12:12 AM, Damien Fleuriot wrote:
>
>> Thinking -pf@ or -net@ would be a better place to discuss this, more chances
>> of getting an answer.
>
> I was wondering about that. I'll send my question to -net@ to start.
I've been using FreeBSD since 2.2.1, and IMHO, the 9.0 installer SUX!
It blow chunks. It's a POS. It's crap. It is a joke.
I hope I made myself clear. ;-)
- M
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo
On Fri, Jan 20, 2012 at 9:15 PM, Lyubomir Grigorov
wrote:
> Just to give thoughts as a younger user...
> Also, there was plently of time during RC to discuss this, I don't see why you
> all cry right now. To me, it seems you are afraid of change and getting out of
> your comfort zone.
I don't ha
On Fri, Jan 20, 2012 at 11:13 PM, Chad Perrin wrote:
> ... On the other hand, bsdinstall does get the job done, at least for my
> purposes. It just does so in a way that feels a bit more
> straightjacketed, and it rubs me personally a bit the wrong way. ...
>From my perspective, it replaces so
On Mon, Jan 30, 2012 at 10:33 AM, Kaya Saman wrote:
> Hi there,
>
> does anyone know if there's an implementation of the RIP version 2 routing
> protocol in FreeBSD???
man routed
The routed utility is a daemon invoked at boot time to manage the network
routing tables. It uses Routing
"Snapshots are not yet supported when running with journaled soft
updates: Operation not supported"
:-(
On Mon, Feb 11, 2013 at 7:27 AM, Robert Huff wrote:
>
> Will someone please confirm or deny that (UFS) journaling and
> "dump -L" continue to be incompatible?
>
> Respectfully,
Are you pushing routes in your server.conf file?
(hint - show, don't tell)
- M
On Wed, Mar 6, 2013 at 2:38 AM, Brent Clark wrote:
> Hi guys
>
> Im struggling with a freebsd vm, that I have that I use for a VPN connection
> too, from my workstation to my home LAN. And I was wondering if someone
On Tue, Mar 19, 2013 at 2:13 PM, Drew Tomlinson wrote:
> I installed Splunk which is not part of the ports tree. It's a proprietary
> app that I downloaded and installed on it's own. I start it with
> '/usr/local/splunk/bin/splunk start'. It should also be stopped with
> '/usr/local/splunk/bin/
On Fri, Mar 22, 2013 at 7:33 AM, wrote:
> Can fdisk be made happy again? (At least for a few more years?)
The short answer is: no. Fdisk comes from a world where even 1G
drives were not yet on the horizon.
Use gpart.
The long answer is readily available in the forums - google is your frien
It would be really helpful if you'd post the ruleset.
At first glance, your stateful rules seem rather wrong, unless there's
a check-state above. Also, in and out aren't discriminating enough -
every packet is seen by the ruleset more than once. You should think
in terms of interfaces, direction
01162 allow udp from any to any dst-port 53 out
> 01163 allow tcp from any to any dst-port 53 out
>
> Without the keep-state option, and the problem is still persisting...
>
> The weird thing is that I've run these rules for a number of years without
> any issues unti
On Sun, Mar 31, 2013 at 9:39 PM, Michael Powell wrote:
> I'm probably not smart enough to be able to help directly with your problem
> but I'd like to add that there is a snowballing DNS Amplification ddos
> attack against SpamHaus going on which is spilling over
Yes, this is very much true. Th
net.inet.ip.fw.dyn_short_lifetime ?
net.inet.ip.fw.dyn_udp_lifetime ?
You might want to increase these, given the current state of things...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To uns
Okay, what's your DNS setup? Are you running a recursive cache that
contacts the root servers directly? Using your ISP's servers? Etc.
As a mitigation step, I tried pointing my caches to 8.8.8.8 and
8.8.4.4. - but it turns out that Google is intentionally blocking
(returning NX responses to) ma
I still follow Colin's original pattern of using a minimal "Linux"
grub boot EBS device (1GB), ext2fs, with the root partition being on
another (ufs2) EBS device. This works very well, with a couple of
caveats -
- Install e2fsprogs (pkg or port) - you will need it, on occasion when
modifying the
medium or large instance that isn't subject to the 'tax', but don't really
> know where to start to build one like this.
>
> -Original Message-
> From: owner-freebsd-questi...@freebsd.org
> [mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Michael
1 - 100 of 159 matches
Mail list logo