Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Laurent SALIN]

Hi,
for the list archive, here's how I solved my "problem".
Some on the thread tell me to run BIND on the 1rst VPS, as DNS
autoritative server and as caching resolver who let only hosts from my
network send him queries.

Well I'm quite happy my setup with NSD as DNS autoritative and UNBOUND
as caching resolver so I don't really want to change them for BIND, but
i'd do it if this is the only way.

I descide to focus on the 2nd VPS, the one who can't send queries
directly to tcp/udp 5353, I configure UNBOUND to forward all queries to
my 1rst VPS with few dedicated lines in the
/usr/local/etc/unbound/unbound.conf:


...snip...

forward-zone:
   name: "."
   forward-addr: "public_ip_v4"@5353  # forward to port 5353.
   forward-first: yes


and modify my /etc/resolv.conf to only have localhost as nameserver.

The system footprint of UNBOUND is very small so it's just fine to me.

Thanks all for the help.

Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Bernt Hansson]

On 2013-09-28 09:37, loran42o wrote:

Le 28.09.2013 00:08, Terje Elde a écrit :

On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:


If I understand the way it works correctly, the resolver pulls a list of the NS 
and hard-sets the port number for each to 53 (via a manifest constant) . See 
libc/resolv/res_init.c. All you need to do(!) is change this to a value of your 
choice and recompile libc


Sorry, but this is startin to look a lot like a complicated solution to a 
problem that isn't really there...

Why not just point from resolv.conf to localhost, run a caching and/or 
recursive dns-server there, and point it whereever?

As far as I can tell, that'd solve everything, add caching, and let it all be 
controlled from the config of the DNS-server?

Terje


Hi,
I guess this is the way that'll end.

Laurent SALIN



You'll need to setup your bind.conf;

zone "fqdn" IN {
type forward;
forward first;
forwarders {
127.0.0.1 port 530;
};
};
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Busarow Dan]

On Sep 28, 2013, at 2:24 PM, Laurent SALIN  wrote:

> Le 28.09.2013 21:28, Mike. a écrit :
>> The way I solved this problem on my setup, I assigned another IP
>> address to the network interface via ifconfig alias.
>> 
>> I put the authoritative namesever on one IP address, and the
>> recursive nameserver on the other IP address.
>> 
>> They both are still listening on port 53, but on different IP
>> addresses.
> 
> hi,
> If I could it would be just fine.
> I got only one public IPv4 with each VPS. I've got a IPv6 too but I'm
> not easy with IPv6 yet.
> 
> The provider (Tilaa) where I rent one of the 2 VPS, the one who may need
> 2 IPv4, is a bit short about his range of IPv4 and I guess it's not
> raisonable to ask for a second IPv4 just for my personal use in case of
> studying *BSD and networking stuff, I don't have a professional use here.

You only need to run one name server.  It is both authoritative and recursive 
by default.  To limit recursion to only your own IP address space add the 
following option in named.conf


options {
  allow-recursion {
192.168.1.0/24;
127.0.0.1;
  };
};

Change the address space to suit.  Make sure you include localhost.

And after an rndc reload only your internal network will be able to make 
recursive requests.

Dan



> 
> Thanks.
> 
> Laurent SALIN
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Laurent SALIN]

Le 28.09.2013 21:28, Mike. a écrit :
> The way I solved this problem on my setup, I assigned another IP
> address to the network interface via ifconfig alias.
> 
> I put the authoritative namesever on one IP address, and the
> recursive nameserver on the other IP address.
> 
> They both are still listening on port 53, but on different IP
> addresses.

hi,
If I could it would be just fine.
I got only one public IPv4 with each VPS. I've got a IPv6 too but I'm
not easy with IPv6 yet.

The provider (Tilaa) where I rent one of the 2 VPS, the one who may need
2 IPv4, is a bit short about his range of IPv4 and I guess it's not
raisonable to ask for a second IPv4 just for my personal use in case of
studying *BSD and networking stuff, I don't have a professional use here.

Thanks.

Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Mike.]

On 9/28/2013 at 7:16 PM Laurent SALIN wrote:

|Le 28.09.2013 18:32, Terje Elde a écrit :
|> Not sure if I misunderstood what you're trying to do, but the way
I
|recall it, you have two boxes, one running with one recursive and
one
|authoritative nameserver, and you wanted a second box to quey the
|recursive nameserver on the first box, which is running on another
port
|than 53?
|
 =


The way I solved this problem on my setup, I assigned another IP
address to the network interface via ifconfig alias.

I put the authoritative namesever on one IP address, and the
recursive nameserver on the other IP address.

They both are still listening on port 53, but on different IP
addresses.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Laurent SALIN]

Le 28.09.2013 18:32, Terje Elde a écrit :
> Not sure if I misunderstood what you're trying to do, but the way I recall 
> it, you have two boxes, one running with one recursive and one authoritative 
> nameserver, and you wanted a second box to quey the recursive nameserver on 
> the first box, which is running on another port than 53?

You just right

> Given your setup, that's a valid question. 

that's why I submit it to the FreeBSD-Question list :-)

> It's getting down to patching the resolver I felt was a bit overkill, and a 
> possible source of future pain. 
> 
> How to solve it is a perfectly valid question. 

I was hoping it'll be possible to map destination port with Packet
Filter from nameserver:53 to nameserver:5353 for exemple.

> Personally I'd just think it cleaner to solve it by running a caching 
> resolver on the second host (on port 53), that could forward queries where 
> you'd like, rather than patching or usik firewall redirects. 

I guess that's how I'll fix my problem

Thanks,
Laurent SALIN

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Terje Elde]

On 28. sep. 2013, at 15:50, Frank Leonhardt  wrote:

> Given that BIND can happily listen on ports other than 53 and OpenBSD allows 
> a port to be specified against each nameserver in resolv.conf, it does not 
> seem an unreasonable question to me.

Just to avoid any misunderstanding... 

Not sure if I misunderstood what you're trying to do, but the way I recall it, 
you have two boxes, one running with one recursive and one authoritative 
nameserver, and you wanted a second box to quey the recursive nameserver on the 
first box, which is running on another port than 53?

Given your setup, that's a valid question. 

It's getting down to patching the resolver I felt was a bit overkill, and a 
possible source of future pain. 

How to solve it is a perfectly valid question. 

Personally I'd just think it cleaner to solve it by running a caching resolver 
on the second host (on port 53), that could forward queries where you'd like, 
rather than patching or usik firewall redirects. 

Terje
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Frank Leonhardt]

On 28/09/2013 00:20, Michael Sierchio wrote:

On Fri, Sep 27, 2013 at 4:11 PM, Frank Leonhardt  wrote:

On 27/09/2013 23:08, Terje Elde wrote:

On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:


If I understand the way it works correctly, the resolver pulls a list of
the NS and hard-sets the port number for each to 53 (via a manifest
constant) . See libc/resolv/res_init.c. All you need to do(!) is change this
to a value of your choice and recompile libc

Sorry, but this is startin to look a lot like a complicated solution to a
problem that isn't really there...


It was more of an explanation as to /why/ it's not easy to do what asked in
the original reasonable-sounding question.

Beg to differ.  The question isn't reasonable.  There's no point in
having a dns recursive resolver listening on a port other than the one
that clients will contact it on.

Far better to have the authoritative server listen on 127.53.0.1 and
use the routable address for the cache, which can forward requests for
the authoritative server when appropriate.


The original qustion was actually "I wondering how I can send queries to 
a dns resolver listening on a different port than the normaly 53 tcp/udp?"


Given that BIND can happily listen on ports other than 53 and OpenBSD 
allows a port to be specified against each nameserver in resolv.conf, it 
does not seem an unreasonable question to me. Read the rest of the post 
quoted selectively above for the full story.




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[loran42o]

Le 28.09.2013 01:11, Frank Leonhardt a écrit :
> It was more of an explanation as to /why/ it's not easy to do what asked
> in the original reasonable-sounding question.

Hi,
Thanks for the explanation of how it works from the behind.
I don't think I'll compile and maintain my own libc just for DNS queries :-)

Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[loran42o]

Le 27.09.2013 23:31, jb a écrit :
> Well, I hope I understand you.
> You use DNS Proxy server, like BIND or DNSMASQ.

hi,
actually I use two daemons,
one to serve as a autoritative DNS server : nsd
the other one to serve as a recursive DNS resolver with caching : unbound

I can't set them both listening on the same tcp/udp 53 port, so i
configure unbound to listen on a unusual one.

My problem is, on my other FreeBSD box, I can't set a alternative port
for nameserver in /etc/resolv.conf.

> With BIND you have options in /etc/named.conf:
> http://www.zytrax.com/books/dns/ch7/queries.html
> forward
> forwarders

If I can't use PF to solve this, maybe I'll have to take a look at BIND.
Thanks

Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[loran42o]

Le 28.09.2013 00:08, Terje Elde a écrit :
> On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:
> 
>> If I understand the way it works correctly, the resolver pulls a list of the 
>> NS and hard-sets the port number for each to 53 (via a manifest constant) . 
>> See libc/resolv/res_init.c. All you need to do(!) is change this to a value 
>> of your choice and recompile libc
> 
> Sorry, but this is startin to look a lot like a complicated solution to a 
> problem that isn't really there...
> 
> Why not just point from resolv.conf to localhost, run a caching and/or 
> recursive dns-server there, and point it whereever?
> 
> As far as I can tell, that'd solve everything, add caching, and let it all be 
> controlled from the config of the DNS-server?
> 
> Terje

Hi,
I guess this is the way that'll end.

Laurent SALIN

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Michael Sierchio]

On Fri, Sep 27, 2013 at 4:11 PM, Frank Leonhardt  wrote:
> On 27/09/2013 23:08, Terje Elde wrote:
>>
>> On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:
>>
>>> If I understand the way it works correctly, the resolver pulls a list of
>>> the NS and hard-sets the port number for each to 53 (via a manifest
>>> constant) . See libc/resolv/res_init.c. All you need to do(!) is change this
>>> to a value of your choice and recompile libc
>>
>> Sorry, but this is startin to look a lot like a complicated solution to a
>> problem that isn't really there...
>>
> It was more of an explanation as to /why/ it's not easy to do what asked in
> the original reasonable-sounding question.

Beg to differ.  The question isn't reasonable.  There's no point in
having a dns recursive resolver listening on a port other than the one
that clients will contact it on.

Far better to have the authoritative server listen on 127.53.0.1 and
use the routable address for the cache, which can forward requests for
the authoritative server when appropriate.

- M
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Frank Leonhardt]

On 27/09/2013 23:08, Terje Elde wrote:

On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:


If I understand the way it works correctly, the resolver pulls a list of the NS 
and hard-sets the port number for each to 53 (via a manifest constant) . See 
libc/resolv/res_init.c. All you need to do(!) is change this to a value of your 
choice and recompile libc

Sorry, but this is startin to look a lot like a complicated solution to a 
problem that isn't really there...

It was more of an explanation as to /why/ it's not easy to do what asked 
in the original reasonable-sounding question.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Terje Elde]

On 28. sep. 2013, at 00:03, Frank Leonhardt  wrote:

> If I understand the way it works correctly, the resolver pulls a list of the 
> NS and hard-sets the port number for each to 53 (via a manifest constant) . 
> See libc/resolv/res_init.c. All you need to do(!) is change this to a value 
> of your choice and recompile libc

Sorry, but this is startin to look a lot like a complicated solution to a 
problem that isn't really there...

Why not just point from resolv.conf to localhost, run a caching and/or 
recursive dns-server there, and point it whereever?

As far as I can tell, that'd solve everything, add caching, and let it all be 
controlled from the config of the DNS-server?

Terje

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Frank Leonhardt]

On 27/09/2013 19:20, Laurent SALIN wrote:

Hello,
I wondering how i can send queries to a dns resolver listening on a
different port than the normaly 53 tcp/udp ?

The situation:
I've got a vps who running NSD as a autoritative nameserver, listening
on tcp/udp 53 and unbound as personnal resolver, listening on a
different tcp/udp port. It work very well on his own or with my OpenBSD
gateway at home as DNS cache.

Recently i've got a new FreeBSD VPS and I want to use the first VPS as
DNS nameserver for the second VPS but FreeBSD is unable to send queries
to nameserver on a different port as the normal one (tcp/udp 53).

I've got a "bad" solution, use unbound on the second VPS and maybe tell
him to ask the 1rst VPS on the unusual tcp/udp port, but I wonder myself
if is it possible with Packet Filter to change the destination port of
the queries forwarded to my 1rst VPS from tcp/udp 53 to tcp/udp 5353 for
exemple ?

Or maybe anybody got a other solution ?

I hope you'll understand me :-/

Laurent SALIN



If I understand the way it works correctly, the resolver pulls a list of 
the NS and hard-sets the port number for each to 53 (via a manifest 
constant) . See libc/resolv/res_init.c. All you need to do(!) is change 
this to a value of your choice and recompile libc (and anything that 
links to it statically) and it should be sorted. Or find an easier 
work-around.  I don't see any reason why the resolver library can't be 
modified to pick up a range of port numbers from the config (as other 
systems have), but AFAIK it can't.


The resolver isn't part of the kernel - it's the application doing the 
lookup, not FreeBSD (except in libc being part of the base system). Oh 
you know what I mean! Each application makes its own lookup.


I could be spectacularly out-of-date with this.

Regards, Frank.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[jb]

Laurent SALIN  laposte.net> writes:

> 
> Hello,
> I wondering how i can send queries to a dns resolver listening on a
> different port than the normaly 53 tcp/udp ?
> 
> The situation:
> I've got a vps who running NSD as a autoritative nameserver, listening
> on tcp/udp 53 and unbound as personnal resolver, listening on a
> different tcp/udp port. It work very well on his own or with my OpenBSD
> gateway at home as DNS cache.
> 
> Recently i've got a new FreeBSD VPS and I want to use the first VPS as
> DNS nameserver for the second VPS but FreeBSD is unable to send queries
> to nameserver on a different port as the normal one (tcp/udp 53).
> 
> I've got a "bad" solution, use unbound on the second VPS and maybe tell
> him to ask the 1rst VPS on the unusual tcp/udp port, but I wonder myself
> if is it possible with Packet Filter to change the destination port of
> the queries forwarded to my 1rst VPS from tcp/udp 53 to tcp/udp 5353 for
> exemple ?
> 
> Or maybe anybody got a other solution ?
> 
> I hope you'll understand me :-/
> 
> Laurent SALIN

Well, I hope I understand you.
You use DNS Proxy server, like BIND or DNSMASQ.

With BIND you have options in /etc/named.conf:
http://www.zytrax.com/books/dns/ch7/queries.html
forward
forwarders

I do not know how DNSMASQ configures it, if at all - you would have to
download original package with full documentation.

jb




 




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[loran42o]

Is there any way to use multiple IPs?


hi,
no I can't. Each VPS got only one IPv4 and I'm really not aware yet 
about how IPv6 works.


Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[loran42o]

Le 27/09/2013 22:28, Terje Elde a écrit :

Why is that a "bad" solution?

You'd cache locally, which is often considered a good thing?

Granted, it's a bit of a weird setup, but still.


I hope it could be esay as put the ip of my "resolver VPS" in the 
/etc/resolv.conf and let PF translate the destination port.


Does anybody know why in FreeBSD we can't set a alternative port in the 
/etc/resolv.conf as in the OpenBSD one ? (for my knowledge :-)


Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Terje Elde]

On 27. sep. 2013, at 20:20, Laurent SALIN  wrote:

> I've got a "bad" solution, use unbound on the second VPS and maybe tell
> him to ask the 1rst VPS on the unusual tcp/udp port

Why is that a "bad" solution?

You'd cache locally, which is often considered a good thing?

Granted, it's a bit of a weird setup, but still. 

Terje
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Mark Felder]

On Fri, Sep 27, 2013, at 13:20, Laurent SALIN wrote:
> Hello,
> I wondering how i can send queries to a dns resolver listening on a
> different port than the normaly 53 tcp/udp ?
> 
> The situation:
> I've got a vps who running NSD as a autoritative nameserver, listening
> on tcp/udp 53 and unbound as personnal resolver, listening on a
> different tcp/udp port. It work very well on his own or with my OpenBSD
> gateway at home as DNS cache.
> 

Is there any way to use multiple IPs?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to ask a DNS resolver listening on a different port than the tcp/udp 53

[Laurent SALIN]

Hello,
I wondering how i can send queries to a dns resolver listening on a
different port than the normaly 53 tcp/udp ?

The situation:
I've got a vps who running NSD as a autoritative nameserver, listening
on tcp/udp 53 and unbound as personnal resolver, listening on a
different tcp/udp port. It work very well on his own or with my OpenBSD
gateway at home as DNS cache.

Recently i've got a new FreeBSD VPS and I want to use the first VPS as
DNS nameserver for the second VPS but FreeBSD is unable to send queries
to nameserver on a different port as the normal one (tcp/udp 53).

I've got a "bad" solution, use unbound on the second VPS and maybe tell
him to ask the 1rst VPS on the unusual tcp/udp port, but I wonder myself
if is it possible with Packet Filter to change the destination port of
the queries forwarded to my 1rst VPS from tcp/udp 53 to tcp/udp 5353 for
exemple ?

Or maybe anybody got a other solution ?

I hope you'll understand me :-/

Laurent SALIN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to tell which process call sendmail

[Frank Leonhardt]

On 19/09/2013 19:30, Glenn McCalley wrote:
So, some idiot is using a cgi or php or something to send mail out of 
his website that he shouldn't be sending.  With a bunch of sites on 
the server, can't tell who.




I had a similar problem, but some time back and I can't remember 
*exactly* what I did. It was something like pointing mailer.conf to my 
own program which did some logging and then called the real sendmail. 
Actually, I might just have hacked mailwrapper directly. I think there 
was some way I managed to cross-reference to the httpd logs, or that 
might be what I tried to do and failed. Sorry - this may not be helping 
much.


Another approach might be to find some likely text in the outgoing 
message and do a recursive grep on /home.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to tell which process call sendmail

[Eugene]

Hi Glenn,

I once wrote some (quick-and-dirty) perl script that monitors network 
traffic and logs (for matching outgoing connections) the process command 
line and (if apache) the respective vhost and request.


But this would not help if they are calling the sendmail program directly to 
inject the message into mail queue.
(Unverified guess: if you temporarily remove execute permissions on it, the 
execution error should probably be logged somewhere?).


BTW most probably that is not your user as such, but rather some abused 
comment form or forum script or something like that.


Best wishes
Eugene

-Original Message- 
From: Glenn McCalley

Sent: Thursday, September 19, 2013 10:30 PM
To: freebsd-questions@freebsd.org
Subject: how to tell which process call sendmail

So, some idiot is using a cgi or php or something to send mail out of his
website that he shouldn't be sending.  With a bunch of sites on the server,
can't tell who.

System accounting can tell me that sendmail was executed 32,976 times, but
is there a way to tell what process /file name called it each time?  Since
it's always called by the www user that doesn't help -- I need to
distinguish between legit processes that call 5 or 10 in a day and the idiot
who calls the other 31,000 times.

Thanks!
Glenn.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

how to tell which process call sendmail

[Glenn McCalley]

So, some idiot is using a cgi or php or something to send mail out of his 
website that he shouldn't be sending.  With a bunch of sites on the server, 
can't tell who.


System accounting can tell me that sendmail was executed 32,976 times, but 
is there a way to tell what process /file name called it each time?  Since 
it's always called by the www user that doesn't help -- I need to 
distinguish between legit processes that call 5 or 10 in a day and the idiot 
who calls the other 31,000 times.


Thanks!
Glenn.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[Rick Miller]

On Mon, Sep 16, 2013 at 2:44 PM, aurikus grande  wrote:

> >Most web servers handle their own logging.
> I do _not_ want the web server acces to be logged (at least as of now).
>

Which is fine, but still configured via your web server.


>Have you looked at /var/log/auth.log?
> yes, and as you mentioned in your previous update, it logs the success
> login (only). Unsuccessfull attempts are being sent to  /var/log/messages .
> So there are 2 separate files. I would like to have all sshd access
> attempts in one single file - regardless if they are successfull or
> unsuccessfull.
>

> Quotation: "I believe FreeBSD defaults to failed ssh authentication is
> logged to /var/log/messages while successful authentication is written to
> /var/log/auth.log."
>

I was incorrect.  Fail and success are both recorded here.  Even if this
were the case, the best way to accomplish what you're looking for is still
syslog.


> >Can you elaborate on your reasons for running sshd via inetd? I'm curious
> as I've never even heard of anyone attempting this.
> When i searched how to setup / configure sshd on internet, i found many
> hints to start it using inetd. Since it worked for me there was no reason
> to change it.
>

In general, most administrators will not run ssh via inetd.  A more common
configuration is detailed in the FreeBSD handbook at
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/openssh.html

-- 
Take care
Rick Miller
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[aurikus grande]

>Most web servers handle their own logging.
I do _not_ want the web server acces to be logged (at least as of now).

>Have you looked at /var/log/auth.log?
yes, and as you mentioned in your previous update, it logs the success
login (only). Unsuccessfull attempts are being sent to  /var/log/messages .
So there are 2 separate files. I would like to have all sshd access
attempts in one single file - regardless if they are successfull or
unsuccessfull.

Quotation: "I believe FreeBSD defaults to failed ssh authentication is
logged to /var/log/messages while successful authentication is written to
/var/log/auth.log."

>Can you elaborate on your reasons for running sshd via inetd? I'm curious
as I've never even heard of anyone attempting this.
When i searched how to setup / configure sshd on internet, i found many
hints to start it using inetd. Since it worked for me there was no reason
to change it.

Best regards,
aurikus


2013/9/16 Rick Miller 

> On Mon, Sep 16, 2013 at 1:57 PM, aurikus grande  wrote:
>
>> Hello Rick,
>>
>> sorry that i did not reply to all, from now on i will use "reply to all".
>> Thanks for pointing it out.
>>
>> I will also open port 80 for web access, but i do not want to log those.
>> Because i expect a huge amount of traffic on my server.
>>
>
> Most web servers handle their own logging.
>
> So i only want to log successfull and unsuccessfull sshd access.
>>
>
> Have you looked at /var/log/auth.log?
>
> twist is part of the FreeBSD 9.1 base installation, i did not yet install
>> any other package.
>>
>
> That was my mistake, I sent the email before editing that out as I had
> intended.
>
> The idea behind using hosts.allow was because i could specify the rule by
>> the service (and not by the level of the message).
>>
>> And yes, in my case sshd is configured to run via inetd.
>>
>> You are correct, my main goal is to log all failed sshd attempts. If it
>> is easier to log successfull and failed attempts (to the same file), this
>> would also be fine for me.
>>
>
> Can you elaborate on your reasons for running sshd via inetd?  I'm curious
> as I've never even heard of anyone attempting this.
>
>
> --
> Take care
> Rick Miller
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[Matthew Seaman]

On 16/09/2013 14:36, aurikus grande wrote:
> I try to add a line in /etc/hosts.allow which would allow and log all
> attempts using SSH (sshd).

Actually, by default all logins via ssh are already logged to
/var/log/auth.log

Verb. Sap.  tcpwrappers are mostly a lot less useful than they appear to
be.  Generally there's a much better way to do whatever you want already
in the FreeBSD base system, or failing that in a readily available port,
which will be more effective, less load on the system and that doesn't
require you to run everything out of inetd or recompile it specially
with tcpwrappers support.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: how to log sshd access in a single file

[Rick Miller]

Hi Aurikus,

Selecting "Reply all" when replying to messages on the list allows the
entire list to benefit from the discussion.


On Mon, Sep 16, 2013 at 11:05 AM, aurikus grande  wrote:

> Hello Rick.
>
> thanks a lot for your quick reply.
>
> Does your recommendation - to use syslog.conf mean instead - that i cant
> accomplish what i want with hosts.allow and twist ?
>

I am unfamiliar with twist and cannot authoritatively answer this question.
 Not to mention, it does not appear to be in base

I´m still reading through the man pages and try to understand how to
> configure syslog.conf.
>

I recommended syslog, because it is the stock logging mechanism for FreeBSD.

On my 9.1 system, /etc/syslog.conf contains:

auth.info;authpriv.info /var/log/auth.log

These facilities are both logging to /var/log/auth.log.

Your stated goal was logging of failed ssh attempts to your host.  The
above line in syslog.conf accomplishes this by sending the message to
/var/log/auth.log.

TCPWrappers will have no effect on logging of failed ssh attempts unless
sshd is configured to run via inetd.

I recommend pf or ipfw for filtering access to ssh.

-- 
Take care
Rick Miller
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[aurikus grande]

Hello Rick,

sorry that i did not reply to all, from now on i will use "reply to all".
Thanks for pointing it out.

I will also open port 80 for web access, but i do not want to log those.
Because i expect a huge amount of traffic on my server.

So i only want to log successfull and unsuccessfull sshd access.

twist is part of the FreeBSD 9.1 base installation, i did not yet install
any other package.

The idea behind using hosts.allow was because i could specify the rule by
the service (and not by the level of the message).

And yes, in my case sshd is configured to run via inetd.

You are correct, my main goal is to log all failed sshd attempts. If it is
easier to log successfull and failed attempts (to the same file), this
would also be fine for me.

Thanks in advance for your continued effort.

Best regards,
aurikus.


2013/9/16 Rick Miller 

> Hi Aurikus,
>
> Selecting "Reply all" when replying to messages on the list allows the
> entire list to benefit from the discussion.
>
>
> On Mon, Sep 16, 2013 at 11:05 AM, aurikus grande wrote:
>
>> Hello Rick.
>>
>> thanks a lot for your quick reply.
>>
>> Does your recommendation - to use syslog.conf mean instead - that i cant
>> accomplish what i want with hosts.allow and twist ?
>>
>
> I am unfamiliar with twist and cannot authoritatively answer this
> question.  Not to mention, it does not appear to be in base
>
> I´m still reading through the man pages and try to understand how to
>> configure syslog.conf.
>>
>
> I recommended syslog, because it is the stock logging mechanism for
> FreeBSD.
>
> On my 9.1 system, /etc/syslog.conf contains:
>
> auth.info;authpriv.info /var/log/auth.log
>
> These facilities are both logging to /var/log/auth.log.
>
> Your stated goal was logging of failed ssh attempts to your host.  The
> above line in syslog.conf accomplishes this by sending the message to
> /var/log/auth.log.
>
> TCPWrappers will have no effect on logging of failed ssh attempts unless
> sshd is configured to run via inetd.
>
> I recommend pf or ipfw for filtering access to ssh.
>
> --
> Take care
> Rick Miller
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[Rick Miller]

On Mon, Sep 16, 2013 at 1:57 PM, aurikus grande  wrote:

> Hello Rick,
>
> sorry that i did not reply to all, from now on i will use "reply to all".
> Thanks for pointing it out.
>
> I will also open port 80 for web access, but i do not want to log those.
> Because i expect a huge amount of traffic on my server.
>

Most web servers handle their own logging.

So i only want to log successfull and unsuccessfull sshd access.
>

Have you looked at /var/log/auth.log?

twist is part of the FreeBSD 9.1 base installation, i did not yet install
> any other package.
>

That was my mistake, I sent the email before editing that out as I had
intended.

The idea behind using hosts.allow was because i could specify the rule by
> the service (and not by the level of the message).
>
> And yes, in my case sshd is configured to run via inetd.
>
> You are correct, my main goal is to log all failed sshd attempts. If it is
> easier to log successfull and failed attempts (to the same file), this
> would also be fine for me.
>

Can you elaborate on your reasons for running sshd via inetd?  I'm curious
as I've never even heard of anyone attempting this.


-- 
Take care
Rick Miller
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to log sshd access in a single file

[Rick Miller]

On Mon, Sep 16, 2013 at 9:36 AM, aurikus grande  wrote:

> Hello,
>
> just a few days ago i setup my first FreeBSD server, so i am new to this
> OS.
>
> I already tried to find the information i was looking for, but to no luck.
>
> I try to add a line in /etc/hosts.allow which would allow and log all
> attempts using SSH (sshd).


[ snip ]

I would recommend using the auth and authpriv facilities for syslog.  Check
the syslog.conf manpage for configuring such activity.  I believe FreeBSD
defaults to failed ssh authentication is logged to /var/log/messages while
successful authentication is written to /var/log/auth.log.

-- 
Take care
Rick Miller
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

how to log sshd access in a single file

[aurikus grande]

Hello,

just a few days ago i setup my first FreeBSD server, so i am new to this OS.

I already tried to find the information i was looking for, but to no luck.

I try to add a line in /etc/hosts.allow which would allow and log all
attempts using SSH (sshd).

I found http://www.freebsd.org/doc/handbook/tcpwrappers.html, which
mentions twist as the only way to accomplish this.

So i created a line in allow.hosts which reads as follows:

sshd : ALL : twist /bin/echo "a% from h% attempted to acces d%" >> \
  \var\log\ssh-connections.log : allow

sshd for the service
ALL for all ip-addresses
allow to allow access
and the text in between should make sure that the file ssh-connections is
being updated.

The file already exists, i used root access to create it.

But it does not work as expected.

Could you please point me where i did it wrong.

Thanks in advance for your help.

Best regards,
aurikus
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to find where a port came from and rebuild with debug symbols

[Warren Block]

On Sat, 24 Aug 2013, ill...@gmail.com wrote:


On 24 August 2013 12:05, Gary Aitken  wrote:

If I have a core file that implicates a library:
  #0  0x00080525cab0 in wxWindow::DoSetSize () from 
/usr/local/lib/libwx_gtk2u_core-2.8.so.0
and
#16 0x0008056bf720 in wxAuiManager::Update () from 
/usr/local/lib/libwx_gtk2u_aui-2.8.so.0

and I want to find out which port these came from so I can rebuild it
with debug symbols, how do I do that?


As to the first look at pkg-which(8):
% pkg which /usr/local/lib/libwx_gtk2_aui-2.8.so.0
/usr/local/lib/libwx_gtk2_aui-2.8.so.0 was installed by package wxgtk2-2.8.12_2
% pkg which -o /usr/local/lib/libwx_gtk2_aui-2.8.so.0
/usr/local/lib/libwx_gtk2_aui-2.8.so.0 was installed by package
x11-toolkits/wxgtk28
(the -q flag makes it all lovely & terse)

As to the second:
I don't know, some ports have an option to build with debug symbols, but if not
you might have to edit some Makefiles, or worse.


Can't you just add WITH_DEBUG=yes to the make command or make.conf?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to find where a port came from and rebuild with debug symbols

[ill...@gmail.com]

On 24 August 2013 12:05, Gary Aitken  wrote:
> If I have a core file that implicates a library:
>   #0  0x00080525cab0 in wxWindow::DoSetSize () from 
> /usr/local/lib/libwx_gtk2u_core-2.8.so.0
> and
> #16 0x0008056bf720 in wxAuiManager::Update () from 
> /usr/local/lib/libwx_gtk2u_aui-2.8.so.0
>
> and I want to find out which port these came from so I can rebuild it
> with debug symbols, how do I do that?

As to the first look at pkg-which(8):
% pkg which /usr/local/lib/libwx_gtk2_aui-2.8.so.0
/usr/local/lib/libwx_gtk2_aui-2.8.so.0 was installed by package wxgtk2-2.8.12_2
% pkg which -o /usr/local/lib/libwx_gtk2_aui-2.8.so.0
/usr/local/lib/libwx_gtk2_aui-2.8.so.0 was installed by package
x11-toolkits/wxgtk28
(the -q flag makes it all lovely & terse)

As to the second:
I don't know, some ports have an option to build with debug symbols, but if not
you might have to edit some Makefiles, or worse.

-- 
--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

how to find where a port came from and rebuild with debug symbols

[Gary Aitken]

If I have a core file that implicates a library:
  #0  0x00080525cab0 in wxWindow::DoSetSize () from 
/usr/local/lib/libwx_gtk2u_core-2.8.so.0
and 
#16 0x0008056bf720 in wxAuiManager::Update () from 
/usr/local/lib/libwx_gtk2u_aui-2.8.so.0

and I want to find out which port these came from so I can rebuild it
with debug symbols, how do I do that?

$ nm -a /usr/local/lib/libwx_gtk2u_core-2.8.so.0
nm: /usr/local/lib/libwx_gtk2u_core-2.8.so.0: no symbols

Clearly I'm doing something wrong there...

So I try guessing:

pkg_info
   pkg_info | grep gtk2
linux-f10-gtk2-2.14.7_4 GTK+ library, version 2.X (Linux Fedora 10)
webkit-gtk2-1.8.3_2 An opensource browser engine
wxgtk2-common-2.8.12_2 The wxWidgets GUI toolkit (common files)
wxgtk2-unicode-2.8.12_2 The wxWidgets GUI toolkit (Unicode)

more guessing:

locate wxgtk2-common
/var/db/pkg/wxgtk2-common-2.8.12_2
/var/db/pkg/wxgtk2-common-2.8.12_2/+COMMENT
/var/db/pkg/wxgtk2-common-2.8.12_2/+CONTENTS
/var/db/pkg/wxgtk2-common-2.8.12_2/+DESC
/var/db/pkg/wxgtk2-common-2.8.12_2/+MTREE_DIRS
/var/db/pkg/wxgtk2-common-2.8.12_2/+REQUIRED_BY
/var/db/pkg/wxgtk2-common-2.8.12_2/distfiles

After grousing around I find 
drwxr-xr-x  4 root  wheel  512 Aug 24 09:38 x11-toolkits/wxgtk28
drwxr-xr-x  2 root  wheel  512 Aug  8 10:51 x11-toolkits/wxgtk28-common
drwxr-xr-x  2 root  wheel  512 Feb 17  2013 x11-toolkets/wxgtk28-contrib
drwxr-xr-x  2 root  wheel  512 Feb 17  2013 x11-toolkits/wxgtk28-contrib-common
drwxr-xr-x  2 root  wheel  512 Aug  8 10:51 x11-toolkits/wxgtk28-unicode
drwxr-xr-x  2 root  wheel  512 Feb 17  2013 x11-toolkits/wxgtk28-unicode-contrib

After doing a make of x11-toolkits/wxgtk28
I find a bunch of lib*.so in ../work/wxGTK-2.8.12/lib

and doing nm on them I discover what I want is in
  libwx_gtk2_aui-2.8.so
  libwx_gtk2_core-2.8.so

However, neither of these exists in /usr/local/lib; only a bunch of other libux
things.

So..

ldd /usr/local/bin/hugin | grep libwx
libwx_baseu-2.8.so.0 => /usr/local/lib/libwx_baseu-2.8.so.0 
(0x804d07000)
libwx_gtk2u_core-2.8.so.0 => /usr/local/lib/libwx_gtk2u_core-2.8.so.0 
(0x80506d000)
libwx_gtk2u_aui-2.8.so.0 => /usr/local/lib/libwx_gtk2u_aui-2.8.so.0 
(0x80568e000)
libwx_gtk2u_xrc-2.8.so.0 => /usr/local/lib/libwx_gtk2u_xrc-2.8.so.0 
(0x805904000)
libwx_gtk2u_html-2.8.so.0 => /usr/local/lib/libwx_gtk2u_html-2.8.so.0 
(0x805ba6000)
libwx_baseu_xml-2.8.so.0 => /usr/local/lib/libwx_baseu_xml-2.8.so.0 
(0x805e65000)
libwx_gtk2u_adv-2.8.so.0 => /usr/local/lib/libwx_gtk2u_adv-2.8.so.0 
(0x80606f000)
libwx_gtk2u_gl-2.8.so.0 => /usr/local/lib/libwx_gtk2u_gl-2.8.so.0 
(0x806356000)
libwx_baseu_net-2.8.so.0 => /usr/local/lib/libwx_baseu_net-2.8.so.0 
(0x806564000)

help?

And, assuming I find the right port, how do I rebuild / install it with symbols 
left in?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to Fix Port Audit showing ports not installed on a system

[dweimer]

On 08/06/2013 2:55 pm, Matthew Seaman wrote:

On 06/08/2013 19:23, dweimer wrote:

Of course I have WITH_PKGNG="YES" in the make.conf, and I believe that
has been there ever since the server was built.  Is my best option to
get the correct list from pkg info use rm -r /var/db/pkg/* to clear
everything out and then reinstall all of the ports?


If you've had WITH_PKGNG="YES" ever since the server was built then you
shouldn't have any of the old-style pkg_tools entries in /var/db/pkg.

Unless, that is, you've been using pkg_add(1) directly.  Don't do that.
 You just end up with a complete mess.  Remember folks -- pkgng is like
getting married.  Once you go with pkgng, you're not meant to dally 
with

other package tools, but to stay faithful to pkgng from henceforth.

I hope you've got the old-style pkg_tools per-package subdirectories in
/var/db/pkg because either (i) you used to use pkg_tools and you ran
pkg2ng to convert or (ii) you've been using portmaster, in which case
those sub-directories only /look/ like the result of what pkg_tools
generates, but are really just a place for portmaster to stash a few 
things.


If those sub-directories contain files called thing like +CONTENTS or
+COMMENT or other names beginning with '+' then you do have a messed up
mixture of old pkg_tools and pkgng.

First: remove all the subdirectories but *not* local.sqlite or
repo.sqlite -- those are rather important bits of pkgng.
Then you can force a reinstall of all packages by

   pkg upgrade -f

Obviusly, you'll need pkg(8) configured to use a repo with all the
appropriate packages available.

Cheers,

Matthew


Thanks for the info, I have never used pkg_add, everything has been 
installed via ports and portmaster, but it is possible that some ports 
were installed prior to having the with pkgng added in make.conf, and 
that something happened in the pk2ng conversion.  I thought I had built 
this machine after I had been running with pkgng, but perhaps this one 
was built right as I was switching over to it.  I had originally built 
this machine with Xorg and KDE to use virtual box GUI, and once I became 
comfortable with the commands, switched to vboxheadless and removed all 
the GUI components.  Which is where all the extra ports that were 
removed came from.


I have removed the sub directories, now portaudit doesn't show any 
vulnerabilities in non existent ports, pkg info displays the correct 
installed packages, and portmaster -l matches the installed ports that 
pkg info displays.


--
Thanks,
   Dean E. Weimer
   http://www.dweimer.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to Fix Port Audit showing ports not installed on a system

[Matthew Seaman]

On 06/08/2013 19:23, dweimer wrote:
> Of course I have WITH_PKGNG="YES" in the make.conf, and I believe that
> has been there ever since the server was built.  Is my best option to
> get the correct list from pkg info use rm -r /var/db/pkg/* to clear
> everything out and then reinstall all of the ports?

If you've had WITH_PKGNG="YES" ever since the server was built then you
shouldn't have any of the old-style pkg_tools entries in /var/db/pkg.

Unless, that is, you've been using pkg_add(1) directly.  Don't do that.
 You just end up with a complete mess.  Remember folks -- pkgng is like
getting married.  Once you go with pkgng, you're not meant to dally with
other package tools, but to stay faithful to pkgng from henceforth.

I hope you've got the old-style pkg_tools per-package subdirectories in
/var/db/pkg because either (i) you used to use pkg_tools and you ran
pkg2ng to convert or (ii) you've been using portmaster, in which case
those sub-directories only /look/ like the result of what pkg_tools
generates, but are really just a place for portmaster to stash a few things.

If those sub-directories contain files called thing like +CONTENTS or
+COMMENT or other names beginning with '+' then you do have a messed up
mixture of old pkg_tools and pkgng.

First: remove all the subdirectories but *not* local.sqlite or
repo.sqlite -- those are rather important bits of pkgng.
Then you can force a reinstall of all packages by

   pkg upgrade -f

Obviusly, you'll need pkg(8) configured to use a repo with all the
appropriate packages available.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: How to Fix Port Audit showing ports not installed on a system

[dweimer]

On 08/06/2013 11:58 am, Paul Macdonald wrote:

On 06/08/2013 17:25, dweimer wrote:
I have a system that I just recently setup port audit, after realizing 
I forgot to install it on the machine.  The problem is that it is 
finding vulnerabilities in several ports that are not installed on the 
 system.  These may have been installed at   one  point and removed.  
Firefox is one of the ones listed, I know that it was on the system 
previously, but was removed a few months back.  portmaster -l and pkg 
info don't list it as installed,  but port audit shows: 
firefox-20.0,1.  Where would portaudit be picking up these ports from? 
 Is there anyway to reset its  database?



rm -R /var/db/portaudit/

then run portaudit -Fda


--


Already tried that, but that data only contains the list of known 
vulnerabilities, not the installed ports/packages.  Perhaps, its not 
using pkgng I discovered if I do a pkg info command I get the correct 
list of installed ports and packages.  If I do a pkg_info I get a much 
larger list showing everything as corrupted.


...
pkg_info: the package info for package 'fftw3-3.3.3_1' is corrupt
pkg_info: the package info for package 'filelight-4.10.1' is corrupt
pkg_info: the package info for package 'firefox-20.0,1' is corrupt
pkg_info: the package info for package 'fixesproto-5.0' is corrupt
pkg_info: the package info for package 'flac-1.2.1_3' is corrupt
pkg_info: the package info for package 'flex-2.5.37_1' is corrupt
...

Of course I have WITH_PKGNG="YES" in the make.conf, and I believe that 
has been there ever since the server was built.  Is my best option to 
get the correct list from pkg info use rm -r /var/db/pkg/* to clear 
everything out and then reinstall all of the ports?


--
Thanks,
   Dean E. Weimer
   http://www.dweimer.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to Fix Port Audit showing ports not installed on a system

[Paul Macdonald]

On 06/08/2013 17:25, dweimer wrote:
I have a system that I just recently setup port audit, after realizing 
I forgot to install it on the machine.  The problem is that it is 
finding vulnerabilities in several ports that are not installed on 
the  system.  These may have been installed at   one  point and 
removed.  Firefox is one of the ones listed, I know that it was on the 
system previously, but was removed a few months back.  portmaster -l 
and pkg info don't list it as installed,  but port audit shows: 
firefox-20.0,1.  Where would portaudit be picking up these ports 
from?  Is there anyway to reset its  database?



rm -R /var/db/portaudit/

then run portaudit -Fda


--
-
Paul Macdonald
IFDNRG Ltd
Web and video hosting
-
t: 0131 5548070
m: 07970339546
e: p...@ifdnrg.com
w: http://www.ifdnrg.com
-
IFDNRG
40 Maritime Street
Edinburgh
EH6 6SA

High Specification Dedicated Servers from £100.00pm


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to Fix Port Audit showing ports not installed on a system

[dweimer]

I have a system that I just recently setup port audit, after realizing I 
forgot to install it on the machine.  The problem is that it is finding 
vulnerabilities in several ports that are not installed on the  system.  
These may have been installed at   one  point and removed.  Firefox is 
one of the ones listed, I know that it was on the system previously, but 
was removed a few months back.  portmaster -l and pkg info don't list it 
as installed,  but port audit shows: firefox-20.0,1.  Where would 
portaudit be picking up these ports from?  Is there anyway to reset its  
database?


--
Thanks,
   Dean E. Weimer
   http://www.dweimer.net/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to make mkinstalldirs

[Gary Aitken]

On 08/04/13 13:25, Eduardo Morras wrote:
> On Sun, 04 Aug 2013 12:24:46 -0600
> Gary Aitken  wrote:
> 
>> Can anyone give me some hints on how to manually (or automagically) create
>> mkinstalldirs for a port?
>>
>> ports/graphics/ufraw fails to build due to 
>>
>> install: /usr/local/share/glib-2.0/gettext/mkinstalldirs: No such file or 
>> directory
>>
>> It's not supposed to be needed if automake is >= 1.9, but automake in the 
>> ports
>> tree is 1.4.
> 
> Today I updated my system (9.1) and automake updated from 1.12.6 to 1.14
> 
> Perhaps you forget to update the ports tree first

typo on my part.  should read:

It's not supposed to be needed if automake is >= 1.19, but automake in the ports
tree is 1.14

I'm up to date with automake as far as I know, and ufraw still requires 
mkinstalldirs to build.

Thanks for the reply, though,

Gary

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to make mkinstalldirs

[Eduardo Morras]

On Sun, 04 Aug 2013 12:24:46 -0600
Gary Aitken  wrote:

> Can anyone give me some hints on how to manually (or automagically) create
> mkinstalldirs for a port?
> 
> ports/graphics/ufraw fails to build due to 
> 
> install: /usr/local/share/glib-2.0/gettext/mkinstalldirs: No such file or 
> directory
> 
> It's not supposed to be needed if automake is >= 1.9, but automake in the 
> ports
> tree is 1.4.

Today I updated my system (9.1) and automake updated from 1.12.6 to 1.14

Perhaps you forget to update the ports tree first

> 
> Gary 


---   ---
Eduardo Morras 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

how to make mkinstalldirs

[Gary Aitken]

Can anyone give me some hints on how to manually (or automagically) create
mkinstalldirs for a port?

ports/graphics/ufraw fails to build due to 

install: /usr/local/share/glib-2.0/gettext/mkinstalldirs: No such file or 
directory

It's not supposed to be needed if automake is >= 1.9, but automake in the ports
tree is 1.4.

Gary 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to create vlan (four NIC into one) using lagg

[Boris Astardzhiev]

Hi Xu Zhe,

If I were you I would first of all check cables. They might be the cause.
Secondly, if cables are good, to me this report very much resembles a PR I
reported a
few weeks ago - http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/179926
Check its set and look at the patch I submitted. It's a pity there's no
response to it.

Greetings,
Boris


On Thu, Jul 25, 2013 at 3:55 PM, Xu Zhe  wrote:

> Hi, all,
>
> I am trying to use lagg to bind four 1Gb NIC into 4Gb one. I was testing
> this using two machines running FreeBSD 8.2, each of the machine has
> four 1Gb ethernet card, and connected correspondingly, means:
>
> MACHINE1 MACHINE2
> em0 <->em0
> em1 <->em1
> em2 <->em2
> em3 <->em3
>
> Then I created vlan called 'lagg0' on each machine using:
>
> ifconfig lagg0 create
> ifconfig lagg0 laggproto lacp laggport em0 laggport em1 laggport em2
> laggport em3
> ifconfig lagg0 1.1.1.1/24
> ifconfig lagg0 up
>
> And do this on MACH2 too, only change IP from 1.1.1.1 to 1.1.1.2.
>
> But I cannot ping each other, since none of the link is both active:
>
> MACHINE1
> # ifconfig lagg0
> lagg0: flags=8843 metric 0 mtu 1500
>
> options=219b
> ether 00:08:9b:d4:91:64
> inet 1.1.1.1 netmask 0xff00 broadcast 1.1.1.255
> media: Ethernet autoselect
> status: active
> laggproto lacp
> laggport: em3 flags=1c
> laggport: em2 flags=18
> laggport: em1 flags=18
> laggport: em0 flags=18
>
> MACHINE2
> # ifconfig lagg0
> lagg0: flags=8843 metric 0 mtu 1500
>
> options=219b
> ether 00:08:9b:d3:72:60
> inet 1.1.1.2 netmask 0xff00 broadcast 1.1.1.255
> media: Ethernet autoselect
> status: active
> laggproto lacp
> laggport: em3 flags=18
> laggport: em2 flags=1c
> laggport: em1 flags=1c
> laggport: em0 flags=1c
>
> So, em3 is active on MACHINE1 but not active on MACH2, while em0-em2 are
> active on MACH2 but not on MACHI1.
>
> What might be the problem?
>
> Thanks!
> Peter
> ___
> freebsd-...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to create vlan (four NIC into one) using lagg

[Xu Zhe]

Hi, all,

I am trying to use lagg to bind four 1Gb NIC into 4Gb one. I was testing
this using two machines running FreeBSD 8.2, each of the machine has
four 1Gb ethernet card, and connected correspondingly, means:

MACHINE1 MACHINE2
em0 <->em0
em1 <->em1
em2 <->em2
em3 <->em3

Then I created vlan called 'lagg0' on each machine using:

ifconfig lagg0 create
ifconfig lagg0 laggproto lacp laggport em0 laggport em1 laggport em2
laggport em3
ifconfig lagg0 1.1.1.1/24
ifconfig lagg0 up

And do this on MACH2 too, only change IP from 1.1.1.1 to 1.1.1.2.

But I cannot ping each other, since none of the link is both active:

MACHINE1
# ifconfig lagg0
lagg0: flags=8843 metric 0 mtu 1500
options=219b
ether 00:08:9b:d4:91:64
inet 1.1.1.1 netmask 0xff00 broadcast 1.1.1.255
media: Ethernet autoselect
status: active
laggproto lacp
laggport: em3 flags=1c
laggport: em2 flags=18
laggport: em1 flags=18
laggport: em0 flags=18

MACHINE2
# ifconfig lagg0
lagg0: flags=8843 metric 0 mtu 1500
options=219b
ether 00:08:9b:d3:72:60
inet 1.1.1.2 netmask 0xff00 broadcast 1.1.1.255
media: Ethernet autoselect
status: active
laggproto lacp
laggport: em3 flags=18
laggport: em2 flags=1c
laggport: em1 flags=1c
laggport: em0 flags=1c

So, em3 is active on MACHINE1 but not active on MACH2, while em0-em2 are
active on MACH2 but not on MACHI1.

What might be the problem?

Thanks!
Peter
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to create NanoBSD iso image to install NanoBSD on vmware machine?

[Ganesh Borse]

Hi Olivier,

Hard Disk is configured as IDE (IDE 1:1), vm settings.

When freebsd image is booting in this VM, before getting the above error,
following logs are displayed on boost console:
   ada0:  ATA-4 device
...
...
   ada0: Previously was known as ad3
   ..
   Trying to mount root from cd9660:/dev/iso9660/nanoISO [ro]...


Thanks


On Mon, Jul 15, 2013 at 3:56 PM, Olivier Nicole  wrote:

> Ganesh,
>
> > I am new to Nanobsd and trying to create an iso image which can be
> > installed on vmware machine.
> >
> > I created an iso image using the disk image
> > (/usr/obj/nanobsd.full/_.disk.image) generated according to steps
> > given in NanoBSD
> > How To <http://www.freebsd.org/doc/en/articles/nanobsd/howto.html> .
> >
> > VM could boot up with this ISO image, but I got an error as below before
> I
> > could get OS installation prompt:
> >
> > mount: /dev/ad0s3: No such file or directory
> > mount -o ro /dev/ad0s3 /conf/default/etc failed: droppnig into /bin/sh
>
> What type of disk have you defined on your VMWare virtual server? The
> default is SCSI, which corresponds to /dev/da, not ad.
>
> Olivier
>
> > Cannot read termcap database;
> > using dumb terminal settings.
> > #
> >
> >
> > do I need to use different commands or options to create iso image while
> > using nanobsd.sh script?
> >
> > Please help.
> >
> > Many thanks in advance for your help and time.
> >
> > Best Regards,
> > - ganesh
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "
> freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to create NanoBSD iso image to install NanoBSD on vmware machine?

[Olivier Nicole]

Ganesh,

> I am new to Nanobsd and trying to create an iso image which can be
> installed on vmware machine.
>
> I created an iso image using the disk image
> (/usr/obj/nanobsd.full/_.disk.image) generated according to steps
> given in NanoBSD
> How To <http://www.freebsd.org/doc/en/articles/nanobsd/howto.html> .
>
> VM could boot up with this ISO image, but I got an error as below before I
> could get OS installation prompt:
>
> mount: /dev/ad0s3: No such file or directory
> mount -o ro /dev/ad0s3 /conf/default/etc failed: droppnig into /bin/sh

What type of disk have you defined on your VMWare virtual server? The
default is SCSI, which corresponds to /dev/da, not ad.

Olivier

> Cannot read termcap database;
> using dumb terminal settings.
> #
>
>
> do I need to use different commands or options to create iso image while
> using nanobsd.sh script?
>
> Please help.
>
> Many thanks in advance for your help and time.
>
> Best Regards,
> - ganesh
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to create NanoBSD iso image to install NanoBSD on vmware machine?

[Ganesh Borse]

Dear Friends,

I am new to Nanobsd and trying to create an iso image which can be
installed on vmware machine.

I created an iso image using the disk image
(/usr/obj/nanobsd.full/_.disk.image) generated according to steps
given in NanoBSD
How To <http://www.freebsd.org/doc/en/articles/nanobsd/howto.html> .

VM could boot up with this ISO image, but I got an error as below before I
could get OS installation prompt:

mount: /dev/ad0s3: No such file or directory
mount -o ro /dev/ad0s3 /conf/default/etc failed: droppnig into /bin/sh
Cannot read termcap database;
using dumb terminal settings.
#


do I need to use different commands or options to create iso image while
using nanobsd.sh script?

Please help.

Many thanks in advance for your help and time.

Best Regards,
- ganesh
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to get file from nfs id

[Dan Nelson]

In the last episode (Jul 11), Radek Krejca said:
> Hello,
> 
> I have problem with heavy load of my nfsd server. There is connected about 70 
> diskless machines, but in readonly mode. I catched traffic and get this:
> 
> 21:00:39.715337 IP diskless-1.3297435097 > storage.nfs: 112 getattr fh 
> Unknown/A27801CEDE115FA30A005CD908007ABA4200570CDB51
> 21:00:39.716229 IP storage.nfs > diskless-1.3297435097: reply ok 112 getattr 
> REG 444 ids 0/0 sz 64944
> 21:00:39.716463 IP diskless-1.3297435098 > storage.nfs: 112 getattr fh 
> Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
> 21:00:39.719112 IP storage.nfs > diskless-1.3297435098: reply ok 112 getattr 
> REG 444 ids 0/0 sz 82800
> 21:00:39.719453 IP diskless-1.3297435099 > storage.nfs: 112 getattr fh 
> Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
> 21:00:39.721636 IP storage.nfs > diskless-1.3297435099: reply ok 112 getattr 
> REG 444 ids 0/0 sz 82800
> 
> Why is the same machine requesting chmod of the same file and is there any
> way to find out name of file from this long id?

You can't get tcpdump to print it, but the getattr reply does include the
inode of the file.  If you start up wireshark and capture the same packets
(or open a capture file created by tcpdump), the inode is stored in the
"nfs->obj_attributes->attributes->fileid" field.  You can then use "find /
-inum 12345" to locate that inode on disk.

-- 
Dan Nelson
dnel...@allantgroup.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to get file from nfs id

[Frank Leonhardt]

On 11/07/2013 06:47, Radek Krejc(a wrote:

Hello,

I have problem with heavy load of my nfsd server. There is connected about 70 
diskless machines, but in readonly mode. I catched traffic and get this:

21:00:39.715337 IP diskless-1.3297435097 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A005CD908007ABA4200570CDB51
21:00:39.716229 IP storage.nfs > diskless-1.3297435097: reply ok 112
getattr REG 444 ids 0/0 sz 64944
21:00:39.716463 IP diskless-1.3297435098 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
21:00:39.719112 IP storage.nfs > diskless-1.3297435098: reply ok 112
getattr REG 444 ids 0/0 sz 82800
21:00:39.719453 IP diskless-1.3297435099 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
21:00:39.721636 IP storage.nfs > diskless-1.3297435099: reply ok 112
getattr REG 444 ids 0/0 sz 82800

Why is the same machine requesting chmod of the same file and is there any way 
to find out name of file from this long id?

Thank you
Radek


Sorry - I don't think there's an easy answer to this but someone who 
knows more about nfsd may be along soon.


However, if no better idea turns up you could try using dtrace to 
monitor the underlying calls (or hack nfsd?). I have thought about doing 
this myself, but it is only available in new FreeBSD releases and the 
DTrace user guide (from Sun) is 60 pages long and gives me a headache. I 
know Linux people do something similar using SystemTap.


Is the attribute caching on the client set correctly? Or even working (bug?)

BTW, what you're seeing isn't unusual.

Regards, Frank.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to get file from nfs id

[Radek Krejča]

Hello,

I have problem with heavy load of my nfsd server. There is connected about 70 
diskless machines, but in readonly mode. I catched traffic and get this:

21:00:39.715337 IP diskless-1.3297435097 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A005CD908007ABA4200570CDB51
21:00:39.716229 IP storage.nfs > diskless-1.3297435097: reply ok 112
getattr REG 444 ids 0/0 sz 64944
21:00:39.716463 IP diskless-1.3297435098 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
21:00:39.719112 IP storage.nfs > diskless-1.3297435098: reply ok 112
getattr REG 444 ids 0/0 sz 82800
21:00:39.719453 IP diskless-1.3297435099 > storage.nfs: 112 getattr fh
Unknown/A27801CEDE115FA30A0043DE08007CBA4200570CDB51
21:00:39.721636 IP storage.nfs > diskless-1.3297435099: reply ok 112
getattr REG 444 ids 0/0 sz 82800

Why is the same machine requesting chmod of the same file and is there any way 
to find out name of file from this long id?

Thank you
Radek

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD:: How to set VLAN priority?

[Ermal Luçi]

This is a patch originially written from rwatson@ iirc.

https://github.com/pfsense/pfsense-tools/blob/master/patches/RELENG_10_0/pf_802.1p.diff

Remove the pf(4) craft and it should work for you.




On Wed, Jun 26, 2013 at 6:27 PM, John-Mark Gurney  wrote:

> Alex Liptsin wrote this message on Wed, Jun 26, 2013 at 11:54 +:
> > I work with FreeBSD 9.1 RELEASE.
> > I had configured VLANs on my server, but I can't find a way to configure
> VLAN priority.
> > How can I do it?
>
> Looks like you can't w/ the default VLAN code:
> BUGS
>  No 802.1Q features except VLAN tagging are implemented.
>
> You could probably implement it w/ ng_patch, but that would also mean
> you'd lose the feature of the card adding the VLAN tag for you...
>
> --
>   John-Mark Gurney  Voice: +1 415 225 5579
>
>  "All that I will do, has been done, All that I have, has not."
> ___
> freebsd-...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-net
> To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
>



-- 
Ermal
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD:: How to set VLAN priority?

[John-Mark Gurney]

Alex Liptsin wrote this message on Wed, Jun 26, 2013 at 11:54 +:
> I work with FreeBSD 9.1 RELEASE.
> I had configured VLANs on my server, but I can't find a way to configure VLAN 
> priority.
> How can I do it?

Looks like you can't w/ the default VLAN code:
BUGS
 No 802.1Q features except VLAN tagging are implemented.

You could probably implement it w/ ng_patch, but that would also mean
you'd lose the feature of the card adding the VLAN tag for you...

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD:: How to set VLAN priority?

[Fleuriot Damien]

On Jun 26, 2013, at 1:55 PM, Alex Liptsin  wrote:

> Hello.
> 
> I work with FreeBSD 9.1 RELEASE.
> I had configured VLANs on my server, but I can't find a way to configure VLAN 
> priority.
> How can I do it?
> 
> Thanks.


???
vlan priority as in… ?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

FreeBSD:: How to set VLAN priority?

[Alex Liptsin]

Hello.

I work with FreeBSD 9.1 RELEASE.
I had configured VLANs on my server, but I can't find a way to configure VLAN 
priority.
How can I do it?

Thanks.

Regards,
Alex Liptsin
Software Quality Assurance Engineer | Mellanox Technologies Ltd.
Office: +972 (74) 7236141
Mobile: +972(54) 7833986
Fax: +972(74) 7236161
Email: al...@mellanox.com
Mellanox, Tel-Hai Industrial Park. Building 7, M.P. Upper Galilee 12100 Israel

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to force a static /etc/resolv.conf?

[Darren Pilgrim]

On 2013-06-12 17:46, Darren Pilgrim wrote:

How do I tell resolvconf to always use a static configuration or, better
yet, to not muck with /etc/resolv.conf at all?


According to the project developer, the answer is to have resolvconf not 
touch /etc/resolv.conf by put the following in /etc/resolvconf.conf


resolv_conf="/dev/null"

Then you just edit /etc/resolv.conf directly.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to force a static /etc/resolv.conf?

[Darren Pilgrim]

On 2013-06-13 05:02, Loic Capdeville wrote:

You can configure it in your dhclient.conf file.
Use the supersede keyword.
For example, in your case add:

supersede domain-search "example.com example.net"
supersede domain-name-servers 2001:db8::53


That only addresses the DHCPv4 client.  The DHCPv6 client doesn't have 
those options and neither do the VPN clients.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to force a static /etc/resolv.conf?

[Loic Capdeville]

On 13/06/2013 02:46, Darren Pilgrim wrote:

I'm running 9.1.  I run a local recursive resolver, so my
/etc/resolv.conf needs to remain static.  I have DHCPv4, DHCPv6 and VPN
clients running which all want to modify /etc/resolv.conf.  I have set
in /etc/resolvconf.conf:

search_domains="example.com. example.net."
name_servers="2001:db8::53"

But that only prepends that information.  Search domains and nameservers
from other sources still get included.  I can set /etc/resolv.conf as
immutable, but's a hack and it generates errors from resolveconf.

How do I tell resolvconf to always use a static configuration or, better
yet, to not muck with /etc/resolv.conf at all?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscr...@freebsd.org"


Hi,

You can configure it in your dhclient.conf file.
Use the supersede keyword.
For example, in your case add:

supersede domain-search "example.com example.net"
supersede domain-name-servers 2001:db8::53

to your /etc/dhclient.conf

Loic
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to force a static /etc/resolv.conf?

[Darren Pilgrim]

I'm running 9.1.  I run a local recursive resolver, so my 
/etc/resolv.conf needs to remain static.  I have DHCPv4, DHCPv6 and VPN 
clients running which all want to modify /etc/resolv.conf.  I have set 
in /etc/resolvconf.conf:


search_domains="example.com. example.net."
name_servers="2001:db8::53"

But that only prepends that information.  Search domains and nameservers 
from other sources still get included.  I can set /etc/resolv.conf as 
immutable, but's a hack and it generates errors from resolveconf.


How do I tell resolvconf to always use a static configuration or, better 
yet, to not muck with /etc/resolv.conf at all?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: How to switch Datgram/Connected mtu modes?

[Alex Liptsin]

Hi.

Yes. There is no such entry.
The only way I found is to compile inside the kernel " options IPOIB_CM ".
Can I do it manually without compiling the kernel each time I want to switch 
between the modes?
Maybe add it somehow to sysctl or loader.conf?
 



Regards,
Alex Liptsin
Software Quality Assurance Engineer | Mellanox Technologies Ltd.
Office: +972 (74) 7236141
Mobile: +972(54) 7833986
Fax: +972(74) 7236161 
Email: al...@mellanox.com
Mellanox, Tel-Hai Industrial Park. Building 7, M.P. Upper Galilee 12100 Israel


-Original Message-
From: John Baldwin [mailto:j...@freebsd.org] 
Sent: Wednesday, May 29, 2013 9:17 PM
To: freebsd-...@freebsd.org
Cc: Alex Liptsin; freebsd-questions@freebsd.org
Subject: Re: How to switch Datgram/Connected mtu modes?

On Sunday, May 26, 2013 7:43:29 am Alex Liptsin wrote:
> Hello.
> 
> I work with FreeBSD 9.1 and Mellanox devices.
> 
> How can I configure MTU in connected mode on FreeBSD 9.1?
> In Linux to enable connected mode for interface ib0, I enter:
> 
>echo connected > /sys/class/net/ib0/mode
> 
> 
> 
> Switching between CM and UD mode can be done in run time:
> 
>echo datagram > /sys/class/net/ib0/mode sets the mode of ib0 to UD
> 
>echo connected > /sys/class/net/ib0/mode sets the mode ib0 to CM
> 
> There is no such directories at FreeBSD. Wat shall I do?

Have you tried looking for dev.ib.0 sysctls?  It looks like the OFED bits in 
FreeBSD map Linux sysfs entries to sysctl nodes, but I don't have a box with IB 
handy to see what it looks like at runtime.

--
John Baldwin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to compile ipoib module manually?

[Garrett Cooper]

On Jun 5, 2013, at 10:22 AM, Alex Liptsin wrote:

> Thanks a lot.
> 
> Alex L.
> 
> 
> Sent from my iPhone
> 
> On 5 ביונ 2013, at 18:13, "John Baldwin" 
> mailto:j...@freebsd.org>> wrote:
> 
> On Tuesday, June 04, 2013 5:18:46 am Alex Liptsin wrote:
> I commented on that lines, because I want to compile and load that modules
> manually.
> I had succeed to compile and load mlx4, mlx4ib and mlxen from /sys/modules:
> 
> [root@h-qa-033 mlxen]# kldstat
> Id Refs AddressSize Name
> 1   14 0x8020 13acbd8  kernel
> 21 0x81612000 21e5 if_mos.ko
> 33 0x81615000 124ebmlx4.ko
> 41 0x81628000 e225 mlx4ib.ko
> 51 0x81637000 ec60 mlxen.ko
> 
> The problem is that IPOIB module is missing in /sys/modules.
> 
> 1.  Where can I find it?
> 
> 2.  How can I compile ipoib support?
> 
> You will have to create one.  You should be able to use the existing module
> Makefiles as a guide.

(Please don't cross-post multiple mailing lists)
See also: https://github.com/yaneurabeya/freebsd/tree/ib-modules . Diff 
that branch and master to see what I've done so far to make the IB stuff into 
modules (example: 
https://github.com/yaneurabeya/freebsd/blob/ib-modules/sys/modules/ipoib/Makefile
 ). It's not perfect, but it's a start. Something that I've wanted to push into 
the Isilon IB branch for some time, but it's going to take a while before 
that's committed back to FreeBSD proper I think.
Please credit me and add sponsored-by: EMC Isilon for the initial work 
if you push this elsewhere. Otherwise, it's all your's to play with :).
Cheers,
-Garrett
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to compile ipoib module manually?

[Alex Liptsin]

Thanks a lot.

Alex L.


Sent from my iPhone

On 5 ביונ 2013, at 18:13, "John Baldwin" 
mailto:j...@freebsd.org>> wrote:

On Tuesday, June 04, 2013 5:18:46 am Alex Liptsin wrote:
I commented on that lines, because I want to compile and load that modules
manually.
I had succeed to compile and load mlx4, mlx4ib and mlxen from /sys/modules:

[root@h-qa-033 mlxen]# kldstat
Id Refs AddressSize Name
1   14 0x8020 13acbd8  kernel
21 0x81612000 21e5 if_mos.ko
33 0x81615000 124ebmlx4.ko
41 0x81628000 e225 mlx4ib.ko
51 0x81637000 ec60 mlxen.ko

The problem is that IPOIB module is missing in /sys/modules.

1.  Where can I find it?

2.  How can I compile ipoib support?

You will have to create one.  You should be able to use the existing module
Makefiles as a guide.

--
John Baldwin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to compile ipoib module manually?

[John Baldwin]

On Tuesday, June 04, 2013 5:18:46 am Alex Liptsin wrote:
> I commented on that lines, because I want to compile and load that modules 
manually.
> I had succeed to compile and load mlx4, mlx4ib and mlxen from /sys/modules:
> 
> [root@h-qa-033 mlxen]# kldstat
> Id Refs AddressSize Name
> 1   14 0x8020 13acbd8  kernel
> 21 0x81612000 21e5 if_mos.ko
> 33 0x81615000 124ebmlx4.ko
> 41 0x81628000 e225 mlx4ib.ko
> 51 0x81637000 ec60 mlxen.ko
> 
> The problem is that IPOIB module is missing in /sys/modules.
> 
> 1.  Where can I find it?
> 
> 2.  How can I compile ipoib support?

You will have to create one.  You should be able to use the existing module 
Makefiles as a guide.

-- 
John Baldwin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to compile ipoib module manually?

[Alex Liptsin]

Hi.

I work with FreeBSD9.1 and Mellanox devices.

The kernel was configured with OFED support but without IB support:


MYKERNEL file:

#
# GENERIC -- Generic kernel configuration file for FreeBSD/amd64
#
# For more information on this file, please read the config(5) manual page,
# and/or the handbook section on Kernel Configuration Files:
#
#
http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-config.html
#
# The handbook is also available locally in /usr/share/doc/handbook
# if you've installed the doc distribution, otherwise always see the
# FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the
# latest information.
#
# An exhaustive list of options and more detailed explanations of the
# device lines is also present in the ../../conf/NOTES and NOTES files.
# If you are in doubt as to the purpose or necessity of a line, check first
# in NOTES.
#
# $FreeBSD: release/9.1.0/sys/amd64/conf/GENERIC 238090 2012-07-04 00:54:16Z 
delphij $

cpu  HAMMER
include GENERIC
ident MYKERNEL

makeoptions   DEBUG=-g   # Build kernel with gdb(1) debug 
symbols

optionsSCHED_ULE # ULE scheduler
optionsPREEMPTION  # Enable kernel thread preemption
optionsINET # InterNETworking
optionsINET6   # IPv6 communications 
protocols
optionsSCTP# Stream Control 
Transmission Protocol
optionsFFS   # Berkeley Fast Filesystem
optionsSOFTUPDATES # Enable FFS soft updates support
optionsUFS_ACL  # Support for 
access control lists
optionsUFS_DIRHASH # Improve performance on big 
directories
optionsUFS_GJOURNAL  # Enable gjournal-based 
UFS journaling
optionsMD_ROOT  # MD is a potential 
root device
optionsNFSCL  # New Network Filesystem 
Client
optionsNFSD# New Network Filesystem 
Server
optionsNFSLOCKD   # Network Lock Manager
optionsNFS_ROOT  # NFS usable as /, requires NFSCL
optionsMSDOSFS# MSDOS Filesystem
optionsCD9660# ISO 9660 
Filesystem
optionsPROCFS# Process 
filesystem (requires PSEUDOFS)
optionsPSEUDOFS   # Pseudo-filesystem framework
optionsGEOM_PART_GPT  # GUID Partition Tables.
optionsGEOM_RAID   # Soft RAID functionality.
optionsGEOM_LABEL # Provides labelization
optionsCOMPAT_FREEBSD32 # Compatible with i386 binaries
optionsCOMPAT_FREEBSD4   # Compatible with FreeBSD4
optionsCOMPAT_FREEBSD5   # Compatible with FreeBSD5
optionsCOMPAT_FREEBSD6   # Compatible with FreeBSD6
optionsCOMPAT_FREEBSD7   # Compatible with FreeBSD7
optionsSCSI_DELAY=5000   # Delay (in ms) before 
probing SCSI
optionsKTRACE# ktrace(1) support
optionsSTACK  # stack(9) support
optionsSYSVSHM # SYSV-style shared 
memory
optionsSYSVMSG # SYSV-style message 
queues
optionsSYSVSEM # SYSV-style 
semaphores
options_KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time 
extensions
optionsPRINTF_BUFR_SIZE=128 # Prevent printf output being 
interspersed.
optionsKBD_INSTALL_CDEV# install a CDEV entry in /dev
optionsHWPMC_HOOKS # Necessary kernel hooks for 
hwpmc(4)
optionsAUDIT  # Security event auditing
optionsMAC# TrustedBSD MAC Framework
#options  KDTRACE_FRAME   # Ensure frames are compiled 
in
#options  KDTRACE_HOOKS   # Kernel DTrace hooks
optionsINCLUDE_CONFIG_FILE # Include this file in kernel
optionsKDB # Kernel debugger related 
code
optionsKDB_TRACE # Print a stack trace for a panic

# Make an SMP-capable kernel by default
optionsSMP # Symmetric MultiProcessor 
Kernel

# CPU frequency control
device  cpufreq

# Bus support.
device  acpi
device  pci

# Floppy drives
device  fdc

# ATA controllers
device  ahci # A

Re: How to switch Datgram/Connected mtu modes?

[John Baldwin]

On Sunday, May 26, 2013 7:43:29 am Alex Liptsin wrote:
> Hello.
> 
> I work with FreeBSD 9.1 and Mellanox devices.
> 
> How can I configure MTU in connected mode on FreeBSD 9.1?
> In Linux to enable connected mode for interface ib0, I enter:
> 
>echo connected > /sys/class/net/ib0/mode
> 
> 
> 
> Switching between CM and UD mode can be done in run time:
> 
>echo datagram > /sys/class/net/ib0/mode sets the mode of ib0 to UD
> 
>echo connected > /sys/class/net/ib0/mode sets the mode ib0 to CM
> 
> There is no such directories at FreeBSD. Wat shall I do?

Have you tried looking for dev.ib.0 sysctls?  It looks like the OFED bits in 
FreeBSD map Linux sysfs entries to sysctl nodes, but I don't have a box with 
IB handy to see what it looks like at runtime.

-- 
John Baldwin
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to switch Datgram/Connected mtu modes?

[Alex Liptsin]

Hello.

I work with FreeBSD 9.1 and Mellanox devices.

How can I configure MTU in connected mode on FreeBSD 9.1?
In Linux to enable connected mode for interface ib0, I enter:

   echo connected > /sys/class/net/ib0/mode



Switching between CM and UD mode can be done in run time:

   echo datagram > /sys/class/net/ib0/mode sets the mode of ib0 to UD

   echo connected > /sys/class/net/ib0/mode sets the mode ib0 to CM

There is no such directories at FreeBSD. Wat shall I do?



Datagram vs Connected modes

  The IPoIB driver supports two modes of operation: datagram and
  connected.  The mode is set and read through an interface's
  /sys/class/net//mode file.

  In datagram mode, the IB UD (Unreliable Datagram) transport is used
  and so the interface MTU has is equal to the IB L2 MTU minus the
  IPoIB encapsulation header (4 bytes).  For example, in a typical IB
  fabric with a 2K MTU, the IPoIB MTU will be 2048 - 4 = 2044 bytes.

  In connected mode, the IB RC (Reliable Connected) transport is used.
  Connected mode takes advantage of the connected nature of the IB
  transport and allows an MTU up to the maximal IP packet size of 64K,
  which reduces the number of IP packets needed for handling large UDP
  datagrams, TCP segments, etc and increases the performance for large
  messages.

  In connected mode, the interface's UD QP is still used for multicast
  and communication with peers that don't support connected mode. In
  this case, RX emulation of ICMP PMTU packets is used to cause the
  networking stack to use the smaller UD MTU for these neighbours.

Thanks a lot

Regards,
Alex Liptsin
Office: +972 (74) 7236141
Mobile: +972(54) 7833986
Fax: +972(74) 7236161
Email: al...@mellanox.com

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to get kernel source code of free-BSD release 9.1

[Adam Vande More]

On Sun, May 19, 2013 at 4:03 PM, Chou, David J  wrote:
> Hi,
>
> I  have created a virtual machine of PC-BSD release 9.1 64 bit in VMware 
> Player Version 5.0.0 build-812388 based on PCBSD9.1-x64-DVD.iso downloaded 
> from ftp://mirrors.isc.org/pub/pcbsd/9.1/amd64/PCBSD9.1-x64-DVD.iso , and 
> setup network configuration and installed Firefox 20.0 by AppCafe, and 
> configured the network setting in Preference->Advanced of Firefox, and I 
> could  access Internet.
>
> Now I need to build my own customized kernel, but there is no src 
> subdirectory in /usr, so here is my question:
>
>   1.  Is there any way to install kernel source when I create the  virtual 
> machine from PCBSD9.1-x64-DVD.iso ?

 mount_cd9660 /dev/acd0 /mnt && tar -C / /mnt/usr/freebsd-dist/src.txz

>   2.  Any BKM to get the kernel source after the Virtual Machine already 
> created as my case now?

fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/9.1-RELEASE/src.txz





--
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to get kernel source code of free-BSD release 9.1

[Michael Powell]

Chou, David J wrote:

> Hi,
> 
> I  have created a virtual machine of PC-BSD release 9.1 64 bit in VMware
> Player Version 5.0.0 build-812388 based on PCBSD9.1-x64-DVD.iso downloaded
> from ftp://mirrors.isc.org/pub/pcbsd/9.1/amd64/PCBSD9.1-x64-DVD.iso , and
> setup network configuration and installed Firefox 20.0 by AppCafe, and
> configured the network setting in Preference->Advanced of Firefox, and I
> could  access Internet.
> 
> Now I need to build my own customized kernel, but there is no src
> subdirectory in /usr, so here is my question:
> 
>   1.  Is there any way to install kernel source when I create the  virtual
>   machine from PCBSD9.1-x64-DVD.iso ?

Not sure about PCBSD as I haven't used it, but with regular FreeBSD I 
believe you can by selecting the appropriate package distribution group. 
Been a while since I've done an install, but even so the source will be the 
static RELEASE bits and not contain any security updates.

>   2.  Any BKM to get the kernel source after the Virtual Machine already
>   created as my case now?

Yes - install the devel/subversion port. Go ahead and create the src 
directory under /usr. Then do:

svn checkout svn://svn.freebsd.org/base/releng/9.1 /usr/src

Once having checked out you can then issue a svn update /usr/src command to 
pull in security updates as they become available over time.

There are also two US mirrors available such as:

svn checkout svn://svn0.us-east.freebsd.org/base/releng/9.1 /usr/src
svn checkout svn://svn0.us-west.freebsd.org/base/releng/9.1 /usr/src

I have used the us-east one. There is also a project underway to add in to 
base an 'svnup', similar in scope to how csup replaced cvsup to make it 
easier in the future.

I believe freebsd-update is also a possibility but I have no experience with 
it. At any rate, more details can be found in the Handbook.

-Mike


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to get kernel source code of free-BSD release 9.1

[Chou, David J]

Hi,

I  have created a virtual machine of PC-BSD release 9.1 64 bit in VMware Player 
Version 5.0.0 build-812388 based on PCBSD9.1-x64-DVD.iso downloaded from 
ftp://mirrors.isc.org/pub/pcbsd/9.1/amd64/PCBSD9.1-x64-DVD.iso , and setup 
network configuration and installed Firefox 20.0 by AppCafe, and configured the 
network setting in Preference->Advanced of Firefox, and I could  access 
Internet.

Now I need to build my own customized kernel, but there is no src subdirectory 
in /usr, so here is my question:

  1.  Is there any way to install kernel source when I create the  virtual 
machine from PCBSD9.1-x64-DVD.iso ?
  2.  Any BKM to get the kernel source after the Virtual Machine already 
created as my case now?

Thanks!

Regards,
David

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[John-Mark Gurney]

Alexander Yerenkow wrote this message on Sat, May 11, 2013 at 18:13 +0300:
> zpools or increase/decrease UFS partitions.

growfs(8)

NAME
 growfs -- grow size of an existing ufs file system

HISTORY
 The growfs utility first appeared in FreeBSD 4.4.

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Paul Kraus]

On May 11, 2013, at 11:13 AM, Alexander Yerenkow  wrote:

2013/5/11 Paul Kraus  On May 11, 2013, at 10:03 AM, Alexander Yerenkow  wrote:
> 
> > There's no mature (or flexible, or "can do what I want" ) way to
> > increase/decrease disk sizes in FreeBSD for now {ZFS,UFS}.
> > Best and quickest way - to have twice spare space, copy data, create new
> > sufficient disk and copy back.
> 
> Is this a statement or a question ? If a statement, then it is factually 
> FALSE. If it is supposed to be a question, it does not ask anything.
> 
> It was a statement, and luckily I was partially wrong, as Vladislav did made 
> what he wanted to.
> However, last time I checked there were no such easy ways to decrease zpools

Correct, there is currently no way to decrease the size of a zpool. That would 
require a defragmentation utility, which is on the roadmap as part of the 
bp_rewrite code enhancement (and has been for many, many years :-)

> or increase/decrease UFS partitions.

> Or grow mirrored ZFS as easily as single zpool.

This one I do not understand. I have grown mirrored zpools many times. Let's 
say you have a 2-way mirror of 1 TB drives. You can do one of two things to 
grow the zpool:

1) add another pair of drives (of any size) as another top level vdev  mirror 
device (you *can* use a different type of top level vdev, raidZ, simple, etc, 
but that is not recommended for both redundancy and performance predictability 
reasons).

2) swap out one of the 1 TB drives for a 2 TB (zpool replace), you can even 
offline one of the halves of the mirror to do this (but remember that you are 
vulnerable to a failure of the remaining drive during the resolver period), let 
the zpool resolver, then swap out the other 1 TB drive for a 2 TB. If the auto 
expand property is set, then once the resolver finishes you have doubled your 
net capacity.

> Or (killer one) remove added by mistake vdev from zpool ;)

Don't make that mistake. Seriously. If you are managing storage you need to be 
double checking every single command you issue if you care about your data 
integrity. You could easily make the same complaint about issuing an 'rm -rf' 
in the wrong directory (I know people who have done that). If you are using 
snapshots you may be safe, if not your data is probably gone.

On the other hand, depending on where in the tree you added the vdev, you may 
be able to remove it. If it is a top level vdev, then you have just changed the 
configuration of the zpool. While very not supported, you just might be able, 
using zdb and rolling back to a TXG before you added the device, remove the 
vdev. A good place to ask that question and have the discussion would be the 
ZFS discuss list at illumos (the list discussion is not limited to illumos, but 
covers all aspects of ZFS on all platforms). Archives here: 
http://www.listbox.com/member/archive/182191/sort/time_rev/ 

> Of course I'm not talking about real hw, rather virtual one.

Doesn't matter to ZFS, whether a drive is a physical, a partition, or a virtual 
disk you perform the same operations.

> If you happen to point me somewhere to have such task solved I'd be much 
> appreciated.

See above :-) Some of your issues I addressed above, others are not there (and 
may never be).

--
Paul Kraus
Deputy Technical Director, LoneStarCon 3
Sound Coordinator, Schenectady Light Opera Company

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Alexander Yerenkow]

2013/5/11 Paul Kraus 

> On May 11, 2013, at 10:03 AM, Alexander Yerenkow 
> wrote:
>
> > There's no mature (or flexible, or "can do what I want" ) way to
> > increase/decrease disk sizes in FreeBSD for now {ZFS,UFS}.
> > Best and quickest way - to have twice spare space, copy data, create new
> > sufficient disk and copy back.
>
> Is this a statement or a question ? If a statement, then it is factually
> FALSE. If it is supposed to be a question, it does not ask anything.
>

It was a statement, and luckily I was partially wrong, as Vladislav did
made what he wanted to.
However, last time I checked there were no such easy ways to decrease
zpools or increase/decrease UFS partitions.
Or grow mirrored ZFS as easily as single zpool. Or (killer one) remove
added by mistake vdev from zpool ;)
Of course I'm not talking about real hw, rather virtual one.
If you happen to point me somewhere to have such task solved I'd be much
appreciated.



> --
> Paul Kraus
> Deputy Technical Director, LoneStarCon 3
> Sound Coordinator, Schenectady Light Opera Company
>
>


-- 
Regards,
Alexander Yerenkow
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Paul Kraus]

On May 11, 2013, at 10:09 AM, "Vladislav Prodan"  wrote:
> 
> Thanks.
> I did not realize that there was such an interesting and useful option :)
> 
> # zpool get autoexpand tank
> NAME  PROPERTYVALUE   SOURCE
> tank  autoexpand  off default

The man pages for zpool and zfs are full of such useful information :-)

--
Paul Kraus
Deputy Technical Director, LoneStarCon 3
Sound Coordinator, Schenectady Light Opera Company

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re[2]: Tell me how to increase the virtual disk with ZFS?

[Vladislav Prodan]

 
> On May 11, 2013, at 8:59 AM, "Vladislav Prodan"  wrote:
> 
> > Add another virtual disk and do a RAID0 - not an option. It is not clear 
> > how to distribute the data from the old virtual disk to the new virtual 
> > disk.

> The other option would be to add an additional disk that is as large as you 
> want to the VM, attach it to the zpool as a mirror. The mirror vdev will only 
> be as large as the original device, but once the mirror completes 
> resilvering, you can remove the old device and grow the remaining device to 
> full size (it may do that anyway based on the setting of the auto expand 
> property of the zpool. The default under 9.1 is NOT to autoexpand:
> 
> root@FreeBSD2:/root # zpool get autoexpand rootpool
> NAME  PROPERTYVALUE   SOURCE
> rootpool  autoexpand  off default
> root@FreeBSD2:/root # 

Thanks.
I did not realize that there was such an interesting and useful option :)

# zpool get autoexpand tank
NAME  PROPERTYVALUE   SOURCE
tank  autoexpand  off default



-- 
Vladislav V. Prodan
System & Network Administrator 
http://support.od.ua   
+380 67 4584408, +380 99 4060508
VVP88-RIPE

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Paul Kraus]

On May 11, 2013, at 10:03 AM, Alexander Yerenkow  wrote:

> There's no mature (or flexible, or "can do what I want" ) way to
> increase/decrease disk sizes in FreeBSD for now {ZFS,UFS}.
> Best and quickest way - to have twice spare space, copy data, create new
> sufficient disk and copy back.

Is this a statement or a question ? If a statement, then it is factually FALSE. 
If it is supposed to be a question, it does not ask anything.

--
Paul Kraus
Deputy Technical Director, LoneStarCon 3
Sound Coordinator, Schenectady Light Opera Company

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Alexander Yerenkow]

There's no mature (or flexible, or "can do what I want" ) way to
increase/decrease disk sizes in FreeBSD for now {ZFS,UFS}.
Best and quickest way - to have twice spare space, copy data, create new
sufficient disk and copy back.



2013/5/11 Vladislav Prodan 

>
> I have a Debian server virtual ok with Proxmox.
> In one of the virtual machines is FreeBSD 9.1 ZFS with one disk to 100G.
> Free space is not enough, how to extend the virtual disk without losing
> data?
>
> Add another virtual disk and do a RAID0 - not an option. It is not clear
> how to distribute the data from the old virtual disk to the new virtual
> disk.
>
> The manual of the Proxmox http://pve.proxmox.com/wiki/Resizing_disksFreeBSD 
> is not mentioned :(
>
> You may have to do a Native ZFS for Linux on Proxmox and it will be easier
> to resize the virtual disk for the virtual machines?
>
> --
> Vladislav V. Prodan
> System & Network Administrator
> http://support.od.ua
> +380 67 4584408, +380 99 4060508
> VVP88-RIPE
> ___
> freebsd-curr...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
>



-- 
Regards,
Alexander Yerenkow
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Tell me how to increase the virtual disk with ZFS?

[Paul Kraus]

On May 11, 2013, at 8:59 AM, "Vladislav Prodan"  wrote:

> Add another virtual disk and do a RAID0 - not an option. It is not clear how 
> to distribute the data from the old virtual disk to the new virtual disk.

When you add an additional "disk" to a zpool (to create a STRIPE), the ZFS code 
automatically stripes new writes across all top level vdevs (drinks in this 
case). You will see a performance penalty until the data distribution evens 
out. One way to force that (if you do NOT have snapshots) is to just copy 
everything. The new copy will be striped across all top level vdevs.

The other option would be to add an additional disk that is as large as you 
want to the VM, attach it to the zpool as a mirror. The mirror vdev will only 
be as large as the original device, but once the mirror completes resilvering, 
you can remove the old device and grow the remaining device to full size (it 
may do that anyway based on the setting of the auto expand property of the 
zpool. The default under 9.1 is NOT to autoexpand:

root@FreeBSD2:/root # zpool get autoexpand rootpool
NAME  PROPERTYVALUE   SOURCE
rootpool  autoexpand  off default
root@FreeBSD2:/root # 

--
Paul Kraus
Deputy Technical Director, LoneStarCon 3
Sound Coordinator, Schenectady Light Opera Company

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Tell me how to increase the virtual disk with ZFS?

[Vladislav Prodan]

I have a Debian server virtual ok with Proxmox.
In one of the virtual machines is FreeBSD 9.1 ZFS with one disk to 100G.
Free space is not enough, how to extend the virtual disk without losing data?

Add another virtual disk and do a RAID0 - not an option. It is not clear how to 
distribute the data from the old virtual disk to the new virtual disk.

The manual of the Proxmox http://pve.proxmox.com/wiki/Resizing_disks FreeBSD is 
not mentioned :(

You may have to do a Native ZFS for Linux on Proxmox and it will be easier to 
resize the virtual disk for the virtual machines?

-- 
Vladislav V. Prodan
System & Network Administrator 
http://support.od.ua   
+380 67 4584408, +380 99 4060508
VVP88-RIPE
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to use acpi_dock?

[gabor]

Hi!

I'd like to know, how can somebody use the acpi_dock kernel module?
Do I have to load it from loader.conf, or it's enough from rc.conf?
On a HP laptop, with the acpi_hp module loaded, I can see the state
of docking in the dev.acpi_hp.0.is_docked sysctl. But it doesn't 
matter,
if I kldloaded the acpi_dock module or not. At loading time, there 
isn't

any kernel message, there aren't any devd notifications from acpi_dock,
there are't any sysctl with _DCK in the name or in the value. (But eg 
on
a Fujitsu notebook, with the acpi_fujitsu module loaded, there isn't 
any

information about the docking state; actually the word "dock" can find
only in the acpi_dock and acpi_hp module's source and in 2 comment 
lines

in the main acpi.c file .)

Thanks,

Gabor ZAHEMSZKY < Gabor at Zahemszky dot hu >

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to manually start firewall after system completed boot.

[Polytropon]

On Wed, 17 Apr 2013 08:25:46 -0400, Joe wrote:
> Is there some format of the service command that could be used to 
> manually start the selected firewall?

How about the rc.d framework?

# /etc/rc.d/ipfw start

Or

# service ipfw start

Both will honor the firewall_type= setting in /etc/rc.conf
(here: for IPFW).

-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to manually start firewall after system completed boot.

[Patrick Lamaiziere]

Le Wed, 17 Apr 2013 08:25:46 -0400,
Joe  a écrit :

Hello,

> I have special purpose situation where I need to wait until the boot 
> process has completed the starting of the system and then start the 
> firewall (ipfw or pf). Commenting out the firewall statements from
> the hosts /etc/rc.conf does stop the firewall from starting at boot
> time.
> 
> Is there some format of the service command that could be used to 
> manually start the selected firewall?

You can use onestart/onestop if the service is not enabled in rc.conf.

service pf onestart
or /etc/rc.d/pf onestart

Regard
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to manually start firewall after system completed boot.

[Robert Huff]

Joe writes:

>  I have special purpose situation where I need to wait until the boot 
>  process has completed the starting of the system and then start the 
>  firewall (ipfw or pf). Commenting out the firewall statements from the 
>  hosts /etc/rc.conf does stop the firewall from starting at boot time.
>  
>  Is there some format of the service command that could be used to 
>  manually start the selected firewall?
>  
>  Any ideas on how to accomplish this is welcome.

The "boot process", as used here, is simply a series of calls
to various scripts in /etc/rc.d ... any of which can (theoretically)
be invoked by itself.  The details of this may be important;
_please_ do more research before blowing yourself up.  :-)


Robert Huff


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to manually start firewall after system completed boot.

[Joe]

I have special purpose situation where I need to wait until the boot 
process has completed the starting of the system and then start the 
firewall (ipfw or pf). Commenting out the firewall statements from the 
hosts /etc/rc.conf does stop the firewall from starting at boot time.


Is there some format of the service command that could be used to 
manually start the selected firewall?


Any ideas on how to accomplish this is welcome.

Thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How To Get App To Start At Boot?

[Michael Sierchio]

On Tue, Mar 19, 2013 at 2:13 PM, Drew Tomlinson  wrote:
> I installed Splunk which is not part of the ports tree.  It's a proprietary
> app that I downloaded and installed on it's own.  I start it with
> '/usr/local/splunk/bin/splunk start'.  It should also be stopped with
> '/usr/local/splunk/bin/splunk stop'.  In an attempt to automate it, I
> created this symlink in /usr/local/etc/rc.d:

Not the way to do it at all. ;-)

(assuming /opt/splunk*/bin is in your path)

# splunk enable boot-start

This installs the script below as /etc/rc.d/splunk.  You then merely
need to put splunk_enable="YES" in /etc/rc.conf

Questions like this are better answered by searching the splunk FAQs,
etc.  Lots of good info there.


#!/bin/sh

# PROVIDE: splunkd
# REQUIRE: LOGIN
# KEYWORD: shutdown

# /etc/rc.d/splunk
# init script for Splunk.
# generated by 'splunk enable boot-start'.


. /etc/rc.subr

name=splunk
extra_commands="status"
rcvar=`set_rcvar`
eval "${rcvar}=\${${rcvar}:-'NO'}"

splunk_start()
{
"${splunk_home:-/opt/splunkforwarder}/bin/splunk" start
--no-prompt --answer-yes "$@"
}
start_cmd=splunk_start

splunk_stop()
{
"${splunk_home:-/opt/splunkforwarder}/bin/splunk" stop  "$@"
}
stop_cmd=splunk_stop

splunk_restart()
{
"${splunk_home:-/opt/splunkforwarder}/bin/splunk" restart  "$@"
}
restart_cmd=splunk_restart

splunk_status()
{
"${splunk_home:-/opt/splunkforwarder}/bin/splunk" status  "$@"
}
status_cmd=splunk_status

load_rc_config $name
run_rc_command "$@"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How To Get App To Start At Boot?

[Drew Tomlinson]

I installed Splunk which is not part of the ports tree.  It's a 
proprietary app that I downloaded and installed on it's own.  I start it 
with '/usr/local/splunk/bin/splunk start'.  It should also be stopped 
with '/usr/local/splunk/bin/splunk stop'.  In an attempt to automate it, 
I created this symlink in /usr/local/etc/rc.d:


lrwxr-xr-x   1 root  wheel28 Mar  3 12:32 splunk -> 
/usr/local/splunk/bin/splunk


However it's still not automatic.  I can run '/usr/local/etc/rc.d/splunk 
start' at the command line and that works.


What do I need to do to get this automated?

Thanks,

Drew

--
Like card tricks?

Visit The Alchemist's Warehouse to
learn card magic secrets for free!

http://alchemistswarehouse.com


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Richard Tobin]

> I use cat to read a file and pass it to another app, the command is this:
> 
> camibar% cat file.git | fossil import --git file.fossil
> 
> It takes a lot of time, file.git is 12GB, and i want to know if
> there's some 'magic' trick can I use to show me how many bytes or
> the % of the file.git cat sent to the other app.

Use dd (see man page) instead of cat, and control-T will show you how
much it has transferred.

-- Richard

-- 
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Luís Fernando Schultz Xavier da Silveira]

You might want to try the sysutils/pv port, which is a small
program that works like cat, but provides a progress bar.

On Sat, Mar 09, 2013 at 10:54:00AM +0100, Eduardo Morras wrote:
> 
> Hello,
> 
> I use cat to read a file and pass it to another app, the command is this:
> 
> camibar% cat file.git | fossil import --git file.fossil
> 
> It takes a lot of time, file.git is 12GB, and i want to know if there's some 
> 'magic' trick can I use to show me how many bytes or the % of the file.git 
> cat sent to the other app.
> 
> Maybe cat isn't the correct tool?
> 
> Thanks.
> 
> 
> ---   ---
> Eduardo Morras 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to forbid a process to use swap?

[Mehmet Erol Sanliturk]

On Sat, Mar 9, 2013 at 4:30 PM, Anton Shterenlikht wrote:

> From m.e.sanlit...@gmail.com Sun Mar 10 00:25:27 2013
>
> On Sat, Mar 9, 2013 at 3:55 PM, Anton Shterenlikht <
> me...@bristol.ac.uk>wrote:
>
> > I run a program that uses large arrays.
> > I don't want it to use swap, because it's
> > too slow. I want the program to fail when
> > there's not enough RAM, rather than using
> > swap. How to do this?
> >
> > Is it something to do with these kernel
> > variables:
> >
> > kern.dfldsiz: 34359738368
> > kern.dflssiz: 8388608
> >
> > kern.maxdsiz: 34359738368
> > kern.maxssiz: 536870912
> > kern.maxtsiz: 134217728
> >
> > Many thanks
> >
> > Anton
> >
>
>
>
> If you have program source , you may do the following :
>
>
>
> Define a constant :  Maximum_Allocatable_Memory = ?
>
>
> Define a variable : Total_Allocated_Memory = 0
>
>
>
> Before allocating a memory of size M ,
> check whether  Total_Allocated_Memory + M <
> Maximum_Allocatable_Memory
>
> If yes : Allocate memory ;
>   Add M to Total_Allocated_Memory .
>
> If no :
>
> Return an error and gracefully stop your program instead of a
> crash which
> will loose data .
>
> It's a fortran program. I'm not very stong in C.
> Ideally I'd just use the OS (shell) means,
> but I need to understand better which resourse
> limit controls what.
>
> For example, with sh limits(1), I see:
>
> $ limits
> Resource limits (current):
>   cputime  infinity secs
>   filesize infinity kB
>   datasize   524168 kB
>   stacksize  524168 kB
>   coredumpsize infinity kB
>   memoryuseinfinity kB
>   memorylocked   64 kB
>   maxprocesses12200
>   openfiles  117594
>   sbsize   infinity bytes
>   vmemoryuse   infinity kB
>   pseudo-terminals infinity
>   swapuse  infinity kB
> $
>
> Which of these are relevant to my case?
>
> Finally, the actual problem is on linux,
> but I hope if I'm able to understand how
> things work on FreeBSD, then I could do
> it on linux too, especially if it's just
> a sh command.
>
> Thanks
>
> Anton
>


It is not necessary to know C for the above steps .

If you have source and if it is compilable by Fortran 90 or later standard
, it may use allocation .
( Please see  ALLOCATABLE , ALLOCATE , DEALLOCATE in a Fortran >= 90 manual
).

I am compiling Fortran 77 programs with respect to 2003 standart by
specifying lines as "fixed"
by G95 which it is available in FreeBSD also ( www.g95.org ) . It may be
necessary to convert
Hollerith format specifiers to apostrophes .

Personally I do not any idea about the above parameters .

You may use "System Monitor" or "top" to see memory usage . If there is no
sufficient memory , you may not start your program , or it starts to swap
you may kill suitable programs , etc. .


Thank you very much .

Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to forbid a process to use swap?

[Anton Shterenlikht]

From m.e.sanlit...@gmail.com Sun Mar 10 00:25:27 2013

On Sat, Mar 9, 2013 at 3:55 PM, Anton Shterenlikht 
wrote:

> I run a program that uses large arrays.
> I don't want it to use swap, because it's
> too slow. I want the program to fail when
> there's not enough RAM, rather than using
> swap. How to do this?
>
> Is it something to do with these kernel
> variables:
>
> kern.dfldsiz: 34359738368
> kern.dflssiz: 8388608
>
> kern.maxdsiz: 34359738368
> kern.maxssiz: 536870912
> kern.maxtsiz: 134217728
>
> Many thanks
>
> Anton
>



If you have program source , you may do the following :



Define a constant :  Maximum_Allocatable_Memory = ?


Define a variable : Total_Allocated_Memory = 0



Before allocating a memory of size M ,
check whether  Total_Allocated_Memory + M < Maximum_Allocatable_Memory

If yes : Allocate memory ;
  Add M to Total_Allocated_Memory .

If no :

Return an error and gracefully stop your program instead of a crash 
which
will loose data .

It's a fortran program. I'm not very stong in C.
Ideally I'd just use the OS (shell) means,
but I need to understand better which resourse
limit controls what.

For example, with sh limits(1), I see:

$ limits
Resource limits (current):
  cputime  infinity secs
  filesize infinity kB
  datasize   524168 kB
  stacksize  524168 kB
  coredumpsize infinity kB
  memoryuseinfinity kB
  memorylocked   64 kB
  maxprocesses12200
  openfiles  117594
  sbsize   infinity bytes
  vmemoryuse   infinity kB
  pseudo-terminals infinity
  swapuse  infinity kB
$ 

Which of these are relevant to my case?

Finally, the actual problem is on linux,
but I hope if I'm able to understand how
things work on FreeBSD, then I could do
it on linux too, especially if it's just
a sh command.

Thanks

Anton
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to forbid a process to use swap?

[Mehmet Erol Sanliturk]

On Sat, Mar 9, 2013 at 3:55 PM, Anton Shterenlikht wrote:

> I run a program that uses large arrays.
> I don't want it to use swap, because it's
> too slow. I want the program to fail when
> there's not enough RAM, rather than using
> swap. How to do this?
>
> Is it something to do with these kernel
> variables:
>
> kern.dfldsiz: 34359738368
> kern.dflssiz: 8388608
>
> kern.maxdsiz: 34359738368
> kern.maxssiz: 536870912
> kern.maxtsiz: 134217728
>
> Many thanks
>
> Anton
>



If you have program source , you may do the following :



Define a constant :  Maximum_Allocatable_Memory = ?


Define a variable : Total_Allocated_Memory = 0



Before allocating a memory of size M ,
check whether  Total_Allocated_Memory + M < Maximum_Allocatable_Memory

If yes : Allocate memory ;
  Add M to Total_Allocated_Memory .

If no :

Return an error and gracefully stop your program instead of a crash which
will loose data .


Thank you very much .

Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to forbid a process to use swap?

[Ben Cottrell]

On Mar 9, 2013, at 15:55, Anton Shterenlikht  wrote:
> I run a program that uses large arrays.
> I don't want it to use swap, because it's
> too slow. I want the program to fail when
> there's not enough RAM, rather than using
> swap. How to do this?

If it were me I would start with mlockall() and work from there...
do you have source code to the program in question?

You could also play with resource limits, just from the shell
(ulimit in sh, limit in csh) -- but that's less of an exact
science, since you don't *know* for sure how much memory the
process will be able to use before swap starts being used.

~Ben
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

how to forbid a process to use swap?

[Anton Shterenlikht]

I run a program that uses large arrays.
I don't want it to use swap, because it's
too slow. I want the program to fail when
there's not enough RAM, rather than using
swap. How to do this?

Is it something to do with these kernel
variables:

kern.dfldsiz: 34359738368
kern.dflssiz: 8388608

kern.maxdsiz: 34359738368
kern.maxssiz: 536870912
kern.maxtsiz: 134217728

Many thanks

Anton
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Eduardo Morras]

On Sat, 9 Mar 2013 11:11:26 +0100
Matthias Apitz  wrote:
> Yes, in your case cat(1) is superflues (see also the Useless Use of Cat
> Award) because the correct way would be:
> 
> camibar% fossil import --git file.fossil < file.git
> 
> It depends of the tool 'fossil' if you can monitor somehow the progress,
> for example if it writes a log or with accounting tools how many bytes
> have been read, etc.

No, it doesn't show any output or log about how many bytes has been processed 
or in what state of import is it. Nothing is shown.

I'm going to modify fossil so it writes to output how many lines has been 
processed, it's trivial and i think enough.

A wc -l file.git shows 430 millions of lines.

Thanks to all

---   ---
Eduardo Morras 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Polytropon]

On Sat, 9 Mar 2013 10:54:00 +0100, Eduardo Morras wrote:
> 
> Hello,
> 
> I use cat to read a file and pass it to another app, the command is this:
> 
> camibar% cat file.git | fossil import --git file.fossil
> 
> It takes a lot of time, file.git is 12GB, and i want to know if
> there's some 'magic' trick can I use to show me how many bytes
> or the % of the file.git cat sent to the other app.
> 
> Maybe cat isn't the correct tool?

Your example could be considered a "useless use of cat",
because you could have used the < redirection instead.
However, if the _actual_ program you're running, fossil,
has an option for a verbose output or progress indicator,
I would suggest using this (maybe "man fossil" lists
something like -v).

There are also tools that act on SIGINT or SIGINFO.
This signal can be sent by pressing Ctrl-T. Maybe fossil
also outputs a status message?

Offering a percentage of how much of a file has been read
would imply knowledge about the size of the file. The
construct cat | fossil does not provide fossil with that
information or even the file name in question. But obtaining
the amount of data processed should be possible somehow.


PS.
cat-less command: fossil import --git file.fossil < file.git


-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Hakisho Nukama]

On Sat, Mar 9, 2013 at 9:54 AM, Eduardo Morras  wrote:
>
> Hello,
>
> I use cat to read a file and pass it to another app, the command is this:
>
> camibar% cat file.git | fossil import --git file.fossil
>
> It takes a lot of time, file.git is 12GB, and i want to know if there's some 
> 'magic' trick can I use to show me how many bytes or the % of the file.git 
> cat sent to the other app.
>
> Maybe cat isn't the correct tool?
>
> Thanks.
>
>
> ---   ---
> Eduardo Morras 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Hello Eduardo Morras,

try hitting CTRL+T while running a command to show some process information.

Best Regards,
Hakisho Nukama
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to know % of read file in cat?

[Matthias Apitz]

El día Saturday, March 09, 2013 a las 10:54:00AM +0100, Eduardo Morras escribió:

> 
> Hello,
> 
> I use cat to read a file and pass it to another app, the command is this:
> 
> camibar% cat file.git | fossil import --git file.fossil
> 
> It takes a lot of time, file.git is 12GB, and i want to know if there's some 
> 'magic' trick can I use to show me how many bytes or the % of the file.git 
> cat sent to the other app.
> 
> Maybe cat isn't the correct tool?

Yes, in your case cat(1) is superflues (see also the Useless Use of Cat
Award) because the correct way would be:

camibar% fossil import --git file.fossil < file.git

It depends of the tool 'fossil' if you can monitor somehow the progress,
for example if it writes a log or with accounting tools how many bytes
have been read, etc.

HIH

matthias

-- 
Matthias Apitz   |  /"\ ASCII Ribbon Campaign: www.asciiribbon.org
E-mail: g...@unixarea.de |  \ / - No HTML/RTF in E-mail
WWW: http://www.unixarea.de/ |   X  - No proprietary attachments
phone: +49-170-4527211   |  / \ - Respect for open standards
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to know % of read file in cat?

[Eduardo Morras]

Hello,

I use cat to read a file and pass it to another app, the command is this:

camibar% cat file.git | fossil import --git file.fossil

It takes a lot of time, file.git is 12GB, and i want to know if there's some 
'magic' trick can I use to show me how many bytes or the % of the file.git cat 
sent to the other app.

Maybe cat isn't the correct tool?

Thanks.


---   ---
Eduardo Morras 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: How to connect to VPN

[Istvan Gabor]

2013. március 5. 23:44 napon Любомир Григоров  írta:

> I have been trying to find a way to connect to a PPTP or L2TP VPN for over
> a year now. There is no GUI client that I know of and any text
> configuration I try with pptpclient fails.
> 
> How can I connect to a VPN, the fast way as in Windows, OS X and GNU/Linux.
> I have the following information (no internal IP's or ranges or NAT):
> 
> Gateway - I have the URL to connect to, I suppose I can map it to IP
> Username
> Password
> MSCHAP
> MSCHAPv2
> Use point-to-point encryption (MPPE)
> Allow BSD data compression
> Allow deflate data compression
> Use TCP header compression
> 
> 
> How can I connect to the VPN with just this information above? Everything I
> find requires internal IP's, ranges, NAT and other things making a 5 second
> gui configuration take months. The VPN server supports PPTP and L2TP as
> mentioned. Any advice on how I can connect will be helpful.
> 
> 

Hello:

I too had problems with vpn in FreeBSD 9.0 RELEASE.
I don't know specifically about PPTP or L2TP, but there is
vpn over ipsec. Fot that you need to customize and rebuild
your kernel.
FreeBSD handbook says:

To add IPsec support to your kernel, add the following options to your
kernel configuration file:

options   IPSEC#IP security
devicecrypto

see:
http://www.freebsd.org/doc/handbook/ipsec.html

After this install shrew vpn client.

Once more, I don't know whether this is relevant in any way in
your case but that's how I solved vpn to cisco server earlier.

Istvan

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to mount enhanced-CD on 9.1R?

[Zahemszky Gábor]

Hi!

I think I've found a regression on 9.1R. I used to mount
some of Oxford University Press's New English File CD-ROM
on 9.0. These CD-s are actually enhanced CDs with some
audio tracks, and a data track at the end. Actually, I cannot mount
them on 9.1. Neither on Amd64 nor on i386. Neither with a SCSI
DVD-drive, nor with ATAPI drives. On 9.0, I need only to
'mount -r -t cd9660 /dev/cd0 /mnt' - on 9.1 it doesn't work. And doesn't
work with the -s option of mount_cdrom - I can get the start of the
data track with either cdcontrol info or with cdda2wav -info-only. They
give me the same nubmber as the sector number of the data track, but
mount_cdrom doesn't work with it.

Actually, I've sent bug report about it, but there weren't any reaction:

http://www.freebsd.org/cgi/query-pr.cgi?pr=misc/176262

Nye,

Gábor

-- 
#!/bin/ksh
#
# See my GPG key at http://www.Zahemszky.HU
#
Z='21N16I25C25E30, 40M30E33E25T15U!';
IFS=' ABCDEFGHIJKLMNOPQRSTUVWXYZ ';
set -- $Z;for i;{ [[ $i = ? ]]&&print $i&&break;
[[ $i = ??? ]]&&j=$i&&i=${i%?};
typeset -i40 i=8#$i;print -n ${i#???};
[[ "$j" = ??? ]]&&print -n "${j#??} "&&j=;typeset +i i;};
IFS=' 0123456789 ';set -- $Z;for i;{ [[ $i = , ]]&&i=2;
[[ $i = ?? ]]||typeset -l i;j="$j $i";typeset +l i;};print "$j"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

How to connect to VPN

[Любомир Григоров]

I have been trying to find a way to connect to a PPTP or L2TP VPN for over
a year now. There is no GUI client that I know of and any text
configuration I try with pptpclient fails.

How can I connect to a VPN, the fast way as in Windows, OS X and GNU/Linux.
I have the following information (no internal IP's or ranges or NAT):

Gateway - I have the URL to connect to, I suppose I can map it to IP
Username
Password
MSCHAP
MSCHAPv2
Use point-to-point encryption (MPPE)
Allow BSD data compression
Allow deflate data compression
Use TCP header compression


How can I connect to the VPN with just this information above? Everything I
find requires internal IP's, ranges, NAT and other things making a 5 second
gui configuration take months. The VPN server supports PPTP and L2TP as
mentioned. Any advice on how I can connect will be helpful.

-- 
Lyubomir Grigorov (bgalakazam)
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"