Re: vmware Questions
John Nielsen wrote: On Wednesday 21 February 2007 20:50, Martin McCormick wrote: If one has a FreeBSD system that has 1 gigabyte of RAM and a 1-GHZ processor, would it be possible to run a couple of vmware instances of FreeBSD? I want to set up a DHCP server on each virtual machine and configure one to be optimized for DHCP failover and dynamic leases while the other is dedicated to static bootp service. It would be much easier for the 2 instances of dhcpd to run in separate machines, so to speak, since they normally use the same named files for logging and configuration. What sort of a performance hit does one usually see on a virtual machine? Depends a lot on the virtual machine. VMware Server runs VM's pretty efficiently, but there is a moderate hit. ESX server has almost n performance penalty. When we run dhcpd on a normal FreeBSD system of the type described above, the system is normally loaded around 0.05 or so so it isn't having to work too hard. Thanks for any help as to what vmware port is best. The platform is FreeBSD and the 2 virtual machines will also be FreeBSD if that makes any difference. Modern versions of VMware don't run under FreeBSD. If you really want VMware then install a supported Linux distro and run VMware server. (Or go out and buy ESX or GSX server or one of the Workstation products). FreeBSD 6.2 works great as a guest under most VMware products. There will be no X windows involved, just hopefully 2 DHCP servers running as if they were on two separate boxes. Any information to point me in the right direction or reasons why this is not a good idea are appreciated. For what you're talking about, jails make a lot more sense than virtualization or emulation. If you really want to run virtual machines under FreeBSD, take a look at qemu. qemu (even with the kqemu_kmod port (highly recommended) definitely has a noticeable performance impact, but DHCP is so lightweight that it probably won't matter. JN ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] If the goal is just to run FreeBSD instances inside your virutal machines vmware, qemu, xen etc are all not needed. Use jails instead which would be much faster. -- -Frank Staals ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 64-bits platform question
* Aard Nerd [EMAIL PROTECTED] wrote: The system is ok...so why I can't install BSD 64 bits with my system ??? Are you sure you are installing FreeBSD for amd64? Don't install FreeBSD for ia64, as ia64 is not the same as EM64T. EM64T is Intel's implementation of x86-64. -- Ed Schouten [EMAIL PROTECTED] WWW: http://g-rave.nl/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
php upgrade to 5.2.1 fails because of extensions
Hello, I know this is not the php list but looking for your advice. I wanted to upgraded php 5.1.6 to 5.2.1 because of vulnarabilities but it failed to install extenstions. There seems to be an error with extenstions in 5.2.1. I cannot downgrade (I issued sudo portupgrade -m -DDISABLE_VULNERABILITIES -f php5 changing the Makefile and distinfo entries to point to 5.1.6 and issuing make makesum and got): === Applying FreeBSD patches for php5-5.1.6_2 1 out of 1 hunks failed--saving rejects to ext/standard/string.c.rej = Patch patch-ext_standard_string.c failed to apply cleanly. = Patch(es) patch-TSRM_threads.m4 patch-Zend::zend.h patch-acinclude.m4 patch-configure.in patch-ext_date_lib_timelib_structs.h patch-ext_standard_array.c patch-ext_standard_basic_functions.c patch-ext_standard_dns.h patch-ext_standard_image.c applied cleanly. *** Error code 1 Stop in /usr/ports/lang/php5. ** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade.55313.0 env PORT_UPGRADE=yes make WITH_CLI=1 WITH_CGI=1 WITH_APACHE=1 WITH_MULTIBYTE=1 WITH_IPV6=1 WITH_REDIRECT=1 WITH_DISCARD=1 WITH_FASTCGI=1 WITH_PATHINFO=1 WITH_OPENSSL=1 WITH_GETTEXT=1 -DDISABLE_VULNERABILITIES ** Fix the problem and try again. ** Listing the failed packages (*:skipped / !:failed) ! lang/php5 (php5-5.2.1_2) (patch error) --- Packages processed: 0 done, 0 ignored, 0 skipped and 1 failed Nor can I upgrade as these php5-extenstions won't install. Could anyone advise what to do? -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: insufficient resources for HD video
On Wed, Feb 21, 2007 at 09:02:43PM +0100, Erik Norgaard wrote: Hi: I recently posted asking about mpeg2-ts, I got a reference to a mpeg2-ts that plays fine. It appears that the problem is not playing ts but rather resolution, or something: With mplayer I get an error X Error of failed request: BadAlloc (insufficient resources for operation) Major opcode of failed request: 140 (XVideo) Minor opcode of failed request: 19 () Serial number of failed request: 23 Current serial number in output stream: 24 (Full output below) How do I process HDV streams? I can't see if the problem is the screen is too small or there is not enough memory. One thing is to play, but I am thinking of buying a HDV cam so I also need to process/edit the stream. Thanks, Erik Some HDV clips I have tried are here: http://dvinfo.net/conf/archive/index.php/t-52060.html Which should be mpeg2-ts but in 1440x1080 - 1920x1080. mplayer produces the following output: photon$ mplayer XLH1bikeseq24.m2t MPlayer 1.0rc1-3.4.6 (C) 2000-2006 MPlayer Team CPU: Intel(R) Pentium(R) M processor 1.73GHz (Family: 6, Model: 13, Stepping: 8) CPUflags: MMX: 1 MMX2: 1 3DNow: 0 3DNow2: 0 SSE: 1 SSE2: 1 Compiled with runtime CPU detection. Playing XLH1bikeseq24.m2t. TS file format detected. VIDEO MPEG2(pid=2064) AUDIO MPA(pid=2068) NO SUBS (yet)! PROGRAM N. 100 VIDEO: MPEG2 1440x1080 (aspect 3) 29.970 fps 25000.0 kbps (3125.0 kbyte/s) [VO_SDL] Using driver: x11. == Opening video decoder: [mpegpes] MPEG 1/2 Video passthrough VDec: vo config request - 1440 x 1080 (preferred colorspace: Mpeg PES) Could not find matching colorspace - retrying with -vf scale... Opening video filter: [scale] The selected video_out device is incompatible with this codec. Try adding the scale filter, e.g. -vf spp,scale instead of -vf spp. VDecoder init failed :( Opening video decoder: [libmpeg2] MPEG 1/2 Video decoder libmpeg2-v0.4.0b Selected video codec: [mpeg12] vfm: libmpeg2 (MPEG-1 or 2 (libmpeg2)) == == Opening audio decoder: [mp3lib] MPEG layer-2, layer-3 AUDIO: 48000 Hz, 2 ch, s16le, 384.0 kbit/25.00% (ratio: 48000-192000) Selected audio codec: [mp3] afm: mp3lib (mp3lib MPEG layer-2, layer-3) == AO: [oss] 48000Hz 2ch s16le (2 bytes per sample) Starting playback... VDec: vo config request - 1440 x 1080 (preferred colorspace: Planar YV12) VDec: using Planar YV12 as output csp (no 0) Movie-Aspect is 1.78:1 - prescaling to correct movie aspect. VO: [sdl] 1440x1080 = 1920x1080 Planar YV12 [...] hmmm should be VO: [xv] ... try mplayer -vo xv ... I tried with whitedogpassingby.m2t, no problem with both mplayer and vlc. Here, xvinfo | grep XvImage gives me maximum XvImage size: 2046 x 2046 Your problem sounds like a X11 config issue (card using shared memory?), try to add Option LinearAlloc 8192 (or more instead of 8192) in your xorg.conf device section and restart X. Well it concerns i915 and i810 chipsets, for other chipsets you have to play with Videoram parameter (I'm not sure of the result in that case...). Increading kern.ipc.shmmax may also help. -- Marc pgp6ajzNBugir.pgp Description: PGP signature
Transparent redirect to another interface ?
Hello I have a new mailhub with two ethernet gigabit interfaces, and I would like to transparently redirect IMAP or POP3 requests to the second interface which have a different IP address, to let the first interface drive the SMTP traffic only. Is it possible ? This will avoid thousands of email clients re-configuration to let users grab their incomming emails. Any info welcome. TIA Frank ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php upgrade to 5.2.1 fails because of extensions
Zbigniew Szalbot wrote: Hello, Hi, I know this is not the php list but looking for your advice. I wanted to upgraded php 5.1.6 to 5.2.1 because of vulnarabilities but it failed to install extenstions. There seems to be an error with extenstions in 5.2.1. What error, which extension? Seems to work fine here: $ uname -prs FreeBSD 6.2-STABLE i386 $ pkg_info -Ix php php5-5.2.1_2PHP Scripting Language (Apache Module and CLI) php5-bz2-5.2.1_2The bz2 shared extension for php php5-calendar-5.2.1_2 The calendar shared extension for php php5-ctype-5.2.1_2 The ctype shared extension for php php5-dom-5.2.1_2The dom shared extension for php php5-extensions-1.1 A meta-port to install PHP extensions php5-gd-5.2.1_2 The gd shared extension for php php5-iconv-5.2.1_2 The iconv shared extension for php php5-mcrypt-5.2.1_2 The mcrypt shared extension for php php5-mhash-5.2.1_2 The mhash shared extension for php php5-openssl-5.2.1_2 The openssl shared extension for php php5-pcre-5.2.1_2 The pcre shared extension for php php5-pdo-5.2.1_2The pdo shared extension for php php5-pdo_sqlite-5.2.1_2 The pdo_sqlite shared extension for php php5-posix-5.2.1_2 The posix shared extension for php php5-session-5.2.1_2 The session shared extension for php php5-simplexml-5.2.1_2 The simplexml shared extension for php php5-spl-5.2.1_2The spl shared extension for php php5-sqlite-5.2.1_2 The sqlite shared extension for php php5-tokenizer-5.2.1_2 The tokenizer shared extension for php php5-xml-5.2.1_2The xml shared extension for php php5-xmlreader-5.2.1_2 The xmlreader shared extension for php php5-xmlwriter-5.2.1_2 The xmlwriter shared extension for php php5-zlib-5.2.1_2 The zlib shared extension for php I cannot downgrade (I issued sudo portupgrade -m -DDISABLE_VULNERABILITIES -f php5 changing the Makefile and distinfo entries to point to 5.1.6 and issuing make makesum and got): No, no, no, don't do that :) Changing port version is not simply as that. Many times you'll need patches for a specific version in ports_name/files directory. That is why your attempt failed. Btw, if you really want to downgrade have a look at ports-mgmt/portdowngrade. Nor can I upgrade as these php5-extenstions won't install. Could anyone advise what to do? Update your ports tree to a clean one (without your modifications to php port). Try again (be sure to upgrade any required dependencies), send errors if any. Regards, Karol -- Karol Kwiatkowski karol.kwiat at gmail dot com OpenPGP 0x06E09309 signature.asc Description: OpenPGP digital signature
Re: vmware Questions
John Nielsen, referring to running multiple DHCPD's, writes: For what you're talking about, jails make a lot more sense than virtualization or emulation. Thank you! That is exactly the kind of input I was looking for. As soon as I read yours and Frank Staals' mention of jails, it clicked. A true jail will have a little version of as much of the FreeBSD world as dhcpd needs to run. This should be much easier on resources and more predictable as to results. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Transparent redirect to another interface ?
Hi Frank, On Thursday 22 February 2007 12:55, Frank Bonnet wrote: Hello I have a new mailhub with two ethernet gigabit interfaces, and I would like to transparently redirect IMAP or POP3 requests to the second interface which have a different IP address, to let the first interface drive the SMTP traffic only. Is it possible ? This will avoid thousands of email clients re-configuration to let users grab their incomming emails. natd can be used to do this. The following example assumes your external interface is called sk0 and the seconde interface, connecting to the second server, is called sk1 : # Start natd and tell it to forward pop3 traffic to the second server natd -n sk0 -redirect_port tcp ip_of_second_server_here:110 110 # Add ipfw rule to send incoming pop3 traffic through natd ipfw add 1000 divert natd tcp from any to me 110 via sk0 # Add ipfw rule to send responses from second server through natd ipfw add 1010 divert natd tcp from ip_of_second_server_here 110 to any via sk0 # or just use one ipfw rule : ipfw add 1000 divert natd all from any to any via sk0 But this will send ALL traffic through natd, only sending traffic that needs to be redirect through it is far more efficient. Hope this helps, -- Daan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php upgrade to 5.2.1 fails because of extensions
hello, Karol Kwiatkowski wrote: Update your ports tree to a clean one (without your modifications to php port). Try again (be sure to upgrade any required dependencies), send errors if any. Thanks for your hint! It did seem to help. I haven't yet restarted apache but when I do $ php -v PHP Warning: Module 'ctype' already loaded in Unknown on line 0 PHP Warning: Module 'dom' already loaded in Unknown on line 0 PHP Warning: Module 'ftp' already loaded in Unknown on line 0 PHP Warning: Module 'gettext' already loaded in Unknown on line 0 PHP Warning: Module 'iconv' already loaded in Unknown on line 0 PHP Warning: Module 'imap' already loaded in Unknown on line 0 PHP Warning: Module 'mbstring' already loaded in Unknown on line 0 PHP Warning: Module 'mcrypt' already loaded in Unknown on line 0 PHP Warning: Module 'mhash' already loaded in Unknown on line 0 PHP Warning: Module 'mysql' already loaded in Unknown on line 0 PHP Warning: Module 'mysqli' already loaded in Unknown on line 0 PHP Warning: Module 'ncurses' already loaded in Unknown on line 0 PHP Warning: Module 'pcre' already loaded in Unknown on line 0 PHP Warning: Module 'zlib' already loaded in Unknown on line 0 PHP Warning: Module 'posix' already loaded in Unknown on line 0 PHP Warning: Module 'session' already loaded in Unknown on line 0 PHP Warning: Module 'SimpleXML' already loaded in Unknown on line 0 PHP Warning: PHP Startup: Unable to load dynamic library '/usr/local/lib/php/20060613/crack.so' - Cannot open /usr/local/lib/php/20060613/crack.so in Unknown on line 0 PHP Warning: Module 'ctype' already loaded in Unknown on line 0 PHP Warning: Module 'bcmath' already loaded in Unknown on line 0 PHP Warning: Module 'calendar' already loaded in Unknown on line 0 PHP Warning: Module 'gmp' already loaded in Unknown on line 0 PHP Warning: Module 'soap' already loaded in Unknown on line 0 PHP Warning: Module 'sockets' already loaded in Unknown on line 0 PHP Warning: Module 'SQLite' already loaded in Unknown on line 0 PHP Warning: Module 'tokenizer' already loaded in Unknown on line 0 PHP Warning: Module 'xml' already loaded in Unknown on line 0 PHP Warning: Module 'xmlreader' already loaded in Unknown on line 0 PHP Warning: Module 'xmlwriter' already loaded in Unknown on line 0 PHP 5.2.1 (cli) (built: Feb 22 2007 14:51:41) Copyright (c) 1997-2007 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2007 Zend Technologies Should I be concerned about this error? $ uname -prs FreeBSD 6.2-RELEASE i386 Ahhh.. when I did: $ pkg_info -Ix php php4-bcmath-4.4.5 The bcmath shared extension for php php4-calendar-4.4.5 The calendar shared extension for php php4-crack-4.4.5The crack shared extension for php php4-ctype-4.4.5The ctype shared extension for php php5-5.2.1_2PHP Scripting Language (Apache Module and CLI) php5-bcmath-5.2.1_2 The bcmath shared extension for php php5-calendar-5.2.1_2 The calendar shared extension for php php5-ctype-5.1.6The ctype shared extension for php php5-ctype-5.1.6_2 The ctype shared extension for php php5-dom-5.1.6 The dom shared extension for php php5-dom-5.1.6_2The dom shared extension for php php5-exif-5.2.1_2 The exif shared extension for php php5-extensions-1.0 A meta-port to install PHP extensions php5-extensions-1.1 A meta-port to install PHP extensions php5-ftp-5.1.6 The ftp shared extension for php php5-ftp-5.1.6_2The ftp shared extension for php php5-gd-5.2.1_2 The gd shared extension for php php5-gettext-5.1.6 The gettext shared extension for php php5-gettext-5.1.6_2 The gettext shared extension for php php5-gmp-5.1.6_1The gmp shared extension for php php5-gmp-5.2.1_1The gmp shared extension for php php5-iconv-5.1.6The iconv shared extension for php php5-iconv-5.2.1_2 The iconv shared extension for php php5-imap-5.1.6 The imap shared extension for php php5-imap-5.2.1_2 The imap shared extension for php php5-mbstring-5.1.6 The mbstring shared extension for php php5-mbstring-5.2.1_2 The mbstring shared extension for php php5-mcrypt-5.1.6 The mcrypt shared extension for php php5-mcrypt-5.2.1_2 The mcrypt shared extension for php php5-mhash-5.1.6The mhash shared extension for php php5-mhash-5.2.1_2 The mhash shared extension for php php5-mysql-5.1.6The mysql shared extension for php php5-mysql-5.2.1_2 The mysql shared extension for php php5-mysqli-5.1.6 The mysqli shared extension for php php5-mysqli-5.2.1_2 The mysqli shared extension for php php5-ncurses-5.1.6 The ncurses shared extension for php php5-ncurses-5.2.1_2 The ncurses shared extension for php php5-openssl-5.2.1_2 The openssl shared extension for php php5-pcre-5.1.6 The pcre shared extension for php php5-pcre-5.2.1_2 The pcre shared extension for php php5-posix-5.1.6The posix shared extension for php php5-posix-5.2.1_2 The posix shared extension for php php5-session-5.1.6 The session shared extension for php php5-session-5.2.1_2 The
Re: php upgrade to 5.2.1 fails because of extensions
Zbigniew Szalbot wrote: hello, Karol Kwiatkowski wrote: Update your ports tree to a clean one (without your modifications to php port). Try again (be sure to upgrade any required dependencies), send errors if any. Thanks for your hint! It did seem to help. I haven't yet restarted apache but when I do $ php -v you probably have all the extensions doubled up in your extensions.ini file. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh to VMS - terminal problems
yes - VMS only knows about DEC-compatible terminals. None of the *BSD console emulators do well enough to be usable on VMS. xterm supports ANSI color, VT220 emulation and UTF-8 There's an faq at http://invisible-island.net/xterm/xterm.faq.html ftp://invisible-island.net/xterm/ Which is fine if one doesn't mind having to fire up X. Another possible approach would be to run ports/sysutils/screen, which should provide a decent VT100 over just about anything with a terminfo better than dumb or unknown :) So, what was pcvt driver designed for? I understood from the man pages that it is supposed to be compartible with DEC function keys? Generating the escape sequences for the DEC function keys is one thing. Handling all the escape sequences that VMS throws at it is another. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php upgrade to 5.2.1 fails because of extensions
Dear Eric, Eric wrote: you probably have all the extensions doubled up in your extensions.ini file. ___ That was it! Thank you dear Eric - editing /usr/local/etc/php/extensions.ini file did the trick. Thank you again! -- Zbigniew Szalbot ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On 2007-02-22 14:30, RW [EMAIL PROTECTED] wrote: On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. Because a state entry is a rule by itself. A special 'rule', but still a rule. As such, each state-table entry requires a finite amount of resources. Conserving resources, whenever possible, is a good idea. Creating 10 packets for a connection whose 'traffic' requires 10 TCP segments to be transmitted, and 9000 state entries for a TCP connection whose data payload needs 9000 segments to be transmitted is kind of silly. Especially since it is entirely legal and easy to do the same thing with only 2 state entries (one for each connection). ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ssh to VMS - terminal problems
On Thu, Feb 22, 2007 at 01:04:39AM -0800, [EMAIL PROTECTED] wrote: yes - VMS only knows about DEC-compatible terminals. None of the *BSD console emulators do well enough to be usable on VMS. xterm supports ANSI color, VT220 emulation and UTF-8 There's an faq at http://invisible-island.net/xterm/xterm.faq.html ftp://invisible-island.net/xterm/ Which is fine if one doesn't mind having to fire up X. Another possible approach would be to run ports/sysutils/screen, which should provide a decent VT100 over just about anything with a terminfo better than dumb or unknown :) termcap. screen doesn't use the fancier features from terminfo (and will do interesting but unuseful things if it is exposed to them). It's a decent vt100 for the same issues: applications running vi. Read the section on bugs (from its manpage): o Screen has no clue about double-high or double-wide characters. But this is the only area where vttest is allowed to fail. o Screen does not make use of hardware tabs. However, that comment about vttest overlooks some of the keyboard issues (such as repeating keys) that screen has no control over. There are several terminals smarter than dumb/unknown that screen cannot elevate or transform into a vt100... -- Thomas E. Dickey http://invisible-island.net ftp://invisible-island.net pgpjxK4gxyFIF.pgp Description: PGP signature
binary updating 6.0-6.2
I see from the latest announcement that freebsd-update is now in the base system for 6.2. Following the links I see there's a procedure for 6.0-61. and another for 6.1-6.2 binary updating. In the past I have always dumped all my files and /etc /usr/local/etc done a completely fresh install, reinstalled files and manually hacked any of the modified system files. Then follows a long process of updating the ports tree and rebuilding the ports I need. Clearly I will still dump all my files in case anything horrific goes wrong. But can I update 6.0-6.1 6.1-6.2 with a reasonable hope of success. The very first step seems the hardest since I have been using freebsd-update already in my 6.0 system and the kernel is no longer a 6.0-RELEASE, but 6.0-SECURITY FreeBSD and a warning in the notes on the 6.1-6.2 update process says I need a GENERIC or SMP kernel. Does the updater know about updates? Does the updater squirrel away copies of the updated files so a last ditch attempt at status quo restoration can be made? Also do my existing ports continue to work with the new kernel? -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: vmware Questions
A rule of thumb is to configure as much service as you need (in this case, dhcpd), with as little overhead as you can get away with (a simple jail vs. a full-blown VM). SC On 2/22/07, Martin McCormick [EMAIL PROTECTED] wrote: John Nielsen, referring to running multiple DHCPD's, writes: For what you're talking about, jails make a lot more sense than virtualization or emulation. Thank you! That is exactly the kind of input I was looking for. As soon as I read yours and Frank Staals' mention of jails, it clicked. A true jail will have a little version of as much of the FreeBSD world as dhcpd needs to run. This should be much easier on resources and more predictable as to results. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SCSI Error reported in Daily Run.
Crazy no one replied. Yea the disk is going bad. Try: # sudo camcontrol defects da0 -f block -G ~~BAS On Fri, 16 Feb 2007, Grant Peel wrote: Hi all, Can anyone simplify this error message? Only seen once, system seems to be running OK. Fix? Replace? +++ /tmp/security.hjdAMgoP Fri Feb 16 03:02:47 2007 +(da0:ahc0:0:0:0): WRITE(10). CDB: 2a 0 0 f3 a 3f 0 0 20 0 +(da0:ahc0:0:0:0): CAM Status: SCSI Status Error +(da0:ahc0:0:0:0): SCSI Status: Check Condition +(da0:ahc0:0:0:0): Deferred Error: HARDWARE FAILURE info:341b461 asc:44,0 +(da0:ahc0:0:0:0): Internal target failure field replaceable unit: bc +(da0:ahc0:0:0:0): Retrying Command (per Sense Data) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] l8* -lava (Brian A. Seklecki - Pittsburgh, PA, USA) http://www.spiritual-machines.org/ ...from back in the heady days when helpdesk meant nothing, diskquota meant everything, and lives could be bought and sold for a couple of pages of laser printout - and frequently were. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On Thu, 22 Feb 2007 17:04:18 +0200 Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-02-22 14:30, RW [EMAIL PROTECTED] wrote: On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. Because a state entry is a rule by itself. A special 'rule', but still a rule. As such, each state-table entry requires a finite amount of resources. Conserving resources, whenever possible, is a good idea. Creating 10 packets for a connection whose 'traffic' requires 10 TCP segments to be transmitted, and 9000 state entries for a TCP connection whose data payload needs 9000 segments to be transmitted is kind of silly. Especially since it is entirely legal and easy to do the same thing with only 2 state entries (one for each connection). The way PF works is that it first checks if there is a state entry matching the packet's address, port and protocol , if there is the state entry is used to determine what is done with the packet. Only if there is no matching entry is the script used instead. As I already said Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. The point of testing for s/sa is to avoid creating long-lived state entries for illegal or out-of-sequence packets. The state created by s/sa has a very short lifetime. This conserves resources and protects against some DOS attacks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
scsictl(8) 'detach' equiv in camcontrol(8) ?
NBSD provides a safe way to detach the kernel data structures of a disk, 'scsictl detach [target] [lun]' From scsictl(8) man page: Commands pertaining to scsi busses: reset scan target lun detach target lun Use `any' or `all' to wildcard target or lun We seem to be missing this feature. Stop is just going to cause the disk to spin down. So what is the equiviliant recommended procedure on FreeBSD? Current thinking: - Umount the FS; - Remove it from any geom(4) devices - Physically pull the drive - Rescan the bus w/ camcontrol and let it discover that the disk is no longer there - Insert the new drive - Rescan the bus and let it discover the new drive Presumably instead of rescanning the whole bus, you could scan a specific bus[:target:lun]. Thoughts? ~BAS l8* -lava (Brian A. Seklecki - Pittsburgh, PA, USA) http://www.spiritual-machines.org/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Day Light Savings time changes on March 11
On Wed, 21 Feb 2007 13:55:05 -0500 DAve wrote: I noticed Yahoo switched to GMT. Is anyone else running all their servers on GMT? Actually, all of my Unix Boxes have been running UTC as far as I can remember. :-) Or am I missing the issue here? Regards Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Day Light Savings time changes on March 11
Christian Baer wrote: On Wed, 21 Feb 2007 13:55:05 -0500 DAve wrote: I noticed Yahoo switched to GMT. Is anyone else running all their servers on GMT? Actually, all of my Unix Boxes have been running UTC as far as I can remember. :-) Or am I missing the issue here? Not at all, I am thinking my next staff meeting I am going to propose just that solution. DAve -- Three years now I've asked Google why they don't have a logo change for Memorial Day. Why do they choose to do logos for other non-international holidays, but nothing for Veterans? Maybe they forgot who made that choice possible. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Determining daylight savings changes on BSD
Hi, I just read through this entire thread and I have a couple of questions. I have several FreeBSD 5.4 systems. I did the date -r commands as suggested on one of these systems and it doesn't appear to switch over to daylight savings time on Sunday March 11 at 2 AM. I looked in /usr/ports/misc but there isn't a zoneinfo port (on this system). I searched a bit and found this: radius# find / -name zoneinfo -print /usr/share/zoneinfo /usr/compat/linux/usr/share/zoneinfo radius# find / -name tzsetup -print /usr/sbin/tzsetup Here's my question. tzsetup seems to already be on this system. I have not used it before, so am unfamiliar with it. Can I just run that now and make whatever changes are necessary to fix this system so that it recognises daylight savings changes? Or am I going to have to download some updated zone files first? In this thread, someone suggested doing the following: cd /usr/src/share/zoneinfo fetch ftp://elsie.nci.nih.gov/pub/tzdata2007a.tar.gz tar -zxvf tzdata2007a.tar.gz make make install cp -f /usr/share/zoneinfo/America/Los_Angeles /etc/localtime chmod 444 /etc/localtime I have attempted that, but when I unzip/untar tzdata2007b.tar.gz (there isn't an a file there anymore, just the b one), I get several files but there is no target for the make command. Are there any special considerations any of you might be aware of depending on what function my freebsd servers are serving? One does radius authentication using Free Radius, another is our web server (Apache2) and primary DNS (Bind 9), a third is a mail server (Sendmail). I'm sorry - I'm just kinda confused as to how I ought to handle this issue. Thanks, Lisa Casey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Reg, User rights
Dear Team, This is subburaman from Bangalore, india.I have installed the FreeBSD6.2.Now i want to create a new User with Administrator rights.Please give me the guidelines for me. You can do one of four things. Create a user as per normal. Then, also add that userid to the wheel group. (Don't make wheel the user's primary group. Use a regular group for that. Just add their id in the /etc/group file to wheel. Then the user can log in to their regular account and if they need to do system level stuff, they would 'su' to a root account and do the operation. That would mean giving that user the password to a root account - either the main one or an additional one you make up. Create an additional root account for the user. For example, if the user has a regular id of fred, you might also create an Rfred. Make the UID and GID for that account each be '0'. You will want to make the home directory for that user be in the /root directory, for example, for a user Rfred, make the home directory /root/Rfred. Also put this id in the wheel group in /etc/group. I have run in to some routines that expect this even if the primary group is '0'. Set the password for that account and tell the user.One difficulty is that without loosening up access rules, the user will no be able to ssh in to the box with that account. So, make sure their regular account (fred) is also in the wheel group in /etc/group. They the user would initially log in as the regular user and su to the root account (su Rfred) as in the previous method. Install and set up sudo (/usr/ports/security/sudo) and create a configuration for that user so they can run specific commands that you specify and only those commands. This is a very good method, but sometimes it takes some careful thought to deal with the various commands and their possible arguments that you want to allow or disallow. Install a system management tool such as webmin (/usr/ports/sysutils/webmin) and configure it so the user can perform certain admin tasks. This is nice because it is web based and so it gives a nice GUI feel to it all. Overall, probably the third option (using sudo) is the best, especially if you are not completely trusting of the user you are giving priviledges to. If it is yourself and no one else, then the first method is probably best because it is simplest and most powerful. If really you like GUI interfaces and are willing to accept their limitations, that the forth one is best. The limitations consist of being dependant on only being able to do those things some developer already thought of doing and only in the ways that developer already thought of. Sort of like being stuck in an MS theme park. The second option is good for when you have a small number of users (max three or four) besides yourself, who are competent and absolutely trusted. It is as powerful as the first one, but lets you keep multiple root users somewhat separated. Note, when you create additional root users, eg users with a UID of '0', you must explicitely name their id on the passwd(1) command or else it will change the password for the main root id - or for the first root id it encounters in the /etc/passwd file. Note also, leave the real root as the first in the /etc/passwd file. jerry Thanks with regards Subburaman N ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Mount order of fstab
That was it. Thank you! --Troy On Feb 21, 2007, at 8:25 PM, [EMAIL PROTECTED] wrote: On 21/02/07, Troy Schultz [EMAIL PROTECTED] wrote: Hello, I am trying to mount a smb share into a jail. The way that I am trying to accomplish this is: 1. mount the smb share onto /mnt read only 2. mount the /mnt share into the /jail/xxx.xxx.xxx.xxx directory nullfs This all works by hand. However, when set in fstab to mount the smb share and then the nullfs following it, the nullfs is mounted first then the smb share and this shows nothing. Is there a way that I can force the order or am I just plain doing something wrong? No experience with this, but the late option in mount(8) might be your key. -- -- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Reg, User rights
Create a user as per normal. Then, also add that userid to the wheel group. (Don't make wheel the user's primary group. Use a regular group for that. Just add their id in the /etc/group file to wheel. I prefer to use pw groupmod -m username I believe that is the official way to do it. Laszlo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NTFS-3G driver problem
I had the same issue when installing fuse-fs the first time - I just ran sysinstall again, went to distributions, then choose the source dist, installed that, rebooted, and fusefs built and installed fine. Steve On 2/21/07, Jason Gretz [EMAIL PROTECTED] wrote: Hey guys, I got a prob here, I am trying to install the new NTFS-3G driver, which just went 1.0, and This is what the output of make install make clean got me: === Installing for fusefs-ntfs-0.20070207RC1 === fusefs-ntfs-0.20070207RC1 depends on file: /usr/local/modules/fuse.ko - not found ===Verifying reinstall for /usr/local/modules/fuse.ko in /usr/ports/sysutils/fusefs-kmod === fusefs-kmod-0.3.0_4 requires the Kernel source to be installed. Set SRC_BASE if it is not in /usr/src. Thanks! Jason -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.5.441 / Virus Database: 268.18.3/696 - Release Date: 2/21/2007 3:19 PM ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- Steve Franks, KE7BTE Staff Engineer La Palma Devices, LLC http://www.lapalmadevices.com (520) 312-0089 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Day Light Savings time changes on March 11
On Thu, Feb 22, 2007, Christian Baer wrote: On Wed, 21 Feb 2007 13:55:05 -0500 DAve wrote: I noticed Yahoo switched to GMT. Is anyone else running all their servers on GMT? Actually, all of my Unix Boxes have been running UTC as far as I can remember. :-) Or am I missing the issue here? I think the issue is how localtime displays dates. This whole ``problem'' is a typical example of brainless politicians (but I repeat myself) doing things that cause far more problems then they ostensibly solve. Bill -- INTERNET: [EMAIL PROTECTED] Bill Campbell; Celestial Software LLC URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way FAX:(206) 232-9186 Mercer Island, WA 98040-0820; (206) 236-1676 ``Intellectually, teachers fall between education theorists and bright cocker spaniels. (Probably closer to the education theorists. The AKC has been doing wonders with spaniels.) If you think I'm kidding look at the GREs for education majors, whose scores are the lowest of all fields, and remember that these are the smart ones.'' -- http://www.FredOnEverything.net ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Determining daylight savings changes on BSD
On Feb 22, 2007, at 9:33 AM, Lisa Casey wrote: Hi, I just read through this entire thread and I have a couple of questions. I have several FreeBSD 5.4 systems. I did the date -r commands as suggested on one of these systems and it doesn't appear to switch over to daylight savings time on Sunday March 11 at 2 AM. I looked in /usr/ports/misc but there isn't a zoneinfo port (on this system). I searched a bit and found this: Lisa, If you can't use the ports to update your time zone files here is the manual procedure. 1. create a new directory and cd into it e.g. # mkdir myzoneinfo; cd myzoneinfo 2. # fetch ftp://elsie.nci.nih.gov/pub/tzdata2007b.tar.gz 3. # tar -zxvf tzdata2007b.tar.gz 4. you will now have a bunch of files in the directory extracted from tzdata2007b. you need to edit zone.tab and comment out these lines #AX +6006+01957 Europe/Mariehamn #GG +4927-00232 Europe/Guernsey #IM +5409-00428 Europe/Isle_of_Man #JE +4912-00207 Europe/Jersey #ME +4226+01916 Europe/Podgorica #RS +4450+02030 Europe/Belgrade #TL -0833+12535 Asia/Dili 5. run this command # zic -d ./zoneinfo -p America/Los_Angeles -m 0644 -y ./yearistype \ africa antarctica asia australasia etcetera europe \ factory northamerica southamerica systemv that's all one long line the zic command will create a new directory named zoneinfo and fill it with the new zoneinfo files. You can compare it to /usr/share/zoneinfo 6. install the new files by running # cp -R -p ./zoneinfo/ /usr/share/zoneinfo # cp ./zone.tab /usr/share/zoneinfo # tzsetup 7. to verify that all went well run # zdump -v /etc/localtime | grep 2007 your should get /etc/localtime Sun Mar 11 09:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 PST isdst=0 gmtoff=-28800 /etc/localtime Sun Mar 11 10:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 PDT isdst=1 gmtoff=-25200 /etc/localtime Sun Nov 4 08:59:59 2007 UTC = Sun Nov 4 01:59:59 2007 PDT isdst=1 gmtoff=-25200 /etc/localtime Sun Nov 4 09:00:00 2007 UTC = Sun Nov 4 01:00:00 2007 PST isdst=0 gmtoff=-28800 I've done this on 1/2 dozen older 4.x and 5.x servers and it works fine. Dan radius# find / -name zoneinfo -print /usr/share/zoneinfo /usr/compat/linux/usr/share/zoneinfo radius# find / -name tzsetup -print /usr/sbin/tzsetup Here's my question. tzsetup seems to already be on this system. I have not used it before, so am unfamiliar with it. Can I just run that now and make whatever changes are necessary to fix this system so that it recognises daylight savings changes? Or am I going to have to download some updated zone files first? In this thread, someone suggested doing the following: cd /usr/src/share/zoneinfo fetch ftp://elsie.nci.nih.gov/pub/tzdata2007a.tar.gz tar -zxvf tzdata2007a.tar.gz make make install cp -f /usr/share/zoneinfo/America/Los_Angeles /etc/localtime chmod 444 /etc/localtime I have attempted that, but when I unzip/untar tzdata2007b.tar.gz (there isn't an a file there anymore, just the b one), I get several files but there is no target for the make command. Are there any special considerations any of you might be aware of depending on what function my freebsd servers are serving? One does radius authentication using Free Radius, another is our web server (Apache2) and primary DNS (Bind 9), a third is a mail server (Sendmail). I'm sorry - I'm just kinda confused as to how I ought to handle this issue. Thanks, Lisa Casey ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw limit src-addr woes
On Wed, 21 Feb 2007, Julian Elischer wrote: Ian Smith wrote: On Tue, 20 Feb 2007, Julian Elischer wrote: admin wrote: Wrong: the implied check-state done by the limit lets the connection through (i.e. performs the action) iff there's state recorded for it (src-addr+src-port+dst-addr+dst-port). If however it's a SYN packet incoming and the number of current states is trying to cross the limit, the SYN packet is implicitly dropped and the search terminates. This is not to say that I completely understand the things going on when the connections start building up (different timeouts?) but the above conclusion is based on what simulation has shown. The whole ruleset fits on one screen, there's an allow ip from any to any in the end, so I'm pretty sure I'm not crazy :-) One thing to keep in mind is that a 'check-state' rule works by effectively jumping to the rule that did the 'keep-state' and re-executing it.. (and incrementing its stats). What if the action of the rule that does the 'keep-state' (here a limit src-addr) is a skipto, rather than an allow / fwd / divert etc rule that would terminate the search? Does 're-executing' here imply anything about whether the skipto's conditional branch is or is not taken? if the keep-state rule is a skipto then the check-state will skip to.. I use that in some rules. here's a snippet that I have when acting as a filtering transparent bridge, with DNS replies (from the outside) being diverted to a snooper. The bridge is between em2 (inside) and em3 (outside). 01200 17588453 1257728932 skipto 1210 udp from any to any dst-port 53 recv em2 01201 16192860 2721432229 skipto 1220 udp from any 53 to any recv em3 01202 43658738 21537916245 skipto 1250 ip from any to any 01210 34023270 3994649771 skipto 1240 ip from any to any keep-state 01220 0 0 check-state 01229 2364 441701 deny ip from any to any 01240 16190496 2720990528 divert 5001 udp from any 53 to any recv em3 01242 17832774 1273659243 deny ip from any to any (note this requires patches to allow divert from a bridge.) It's convoluted I know but it only (well, mostly) diverts packets from the outside that are part of a conversation that was started already (probably by a dns request from inside) DNS packets from the outside that are not a response to something we already asked for are discarded (a DOS protection) note that all the packets that went to the check-state, (1220) ended up going back to 1210 where they did the skipto 1240 and were filtered again. Thanks Julian, great illustration! After much chewing I've got most of the marrow, but have buried this bone where I can dig it up again (woof) Re admin's issue, I notice that the em3 packets failing check-state still require denying at 1229, such that p(kts)1201 - p1229 = p1240. Do you have any earlier rules jumping into here too, as the 1210 packet counts don't quite add up; ie p1210 (p1200 + p1240) by ~244k packets? Re 1242, are these (mostly) diverted packets reentering the firewall? After snooping, how do the clients get their DNS replies if they're denied here, or does your divert code reinsert those elsewhere? And where do the then ~1.2M extra denied packets denied here come from? Cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Determining daylight savings changes on BSD
On 2007/02/22 7:33, Lisa Casey seems to have typed: Hi, I just read through this entire thread and I have a couple of questions. I have several FreeBSD 5.4 systems. I did the date -r commands as suggested on one of these systems and it doesn't appear to switch over to daylight savings time on Sunday March 11 at 2 AM. I looked in /usr/ports/misc but there isn't a zoneinfo port (on this system). I searched a bit and found this: You may also consider updating your ports collection: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ports-using.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: binary updating 6.0-6.2
On Thu, Feb 22, 2007 at 03:38:18PM +, Robin Becker wrote: I see from the latest announcement that freebsd-update is now in the base system for 6.2. Following the links I see there's a procedure for 6.0-61. and another for 6.1-6.2 binary updating. In the past I have always dumped all my files and /etc /usr/local/etc done a completely fresh install, reinstalled files and manually hacked any of the modified system files. Then follows a long process of updating the ports tree and rebuilding the ports I need. Clearly I will still dump all my files in case anything horrific goes wrong. But can I update 6.0-6.1 6.1-6.2 with a reasonable hope of success. The very first step seems the hardest since I have been using freebsd-update already in my 6.0 system and the kernel is no longer a 6.0-RELEASE, but 6.0-SECURITY FreeBSD and a warning in the notes on the 6.1-6.2 update process says I need a GENERIC or SMP kernel. Does the updater know about updates? What you want to do is a cvsup (Mathew Seaman recently pointed out csup that is supposed to be part of the system, but I don't seem to have it on the machine I am presently on running 6.1) so you would have to install cvsup from ports (/usr/ports/net/cvsup or /usr/ports/net/cvsup-without-gui) if you need it. I just posted a basic rundown on doing this (but with slightly different numbers) just a couple days ago. You might want to check the questions archive.Briefly, you install cvsup (if not already installed); run the cvsup (or csup if you have it) using a supfile set for *default tag=RELENG_6_2 (I will append my working supfile at the end. It is a simple one) Then build and install everything. Do this stuff in a script(1) session to preserve messages and warnings. cvsup -g -L 2 /etc/supfile62 Check out /etc/group and /etc/passwd files to make sure there are no conflicts or important changes. Then build stuff. cd /usr/src make buildworld Edit/create your kernel config if needed, Then: make buildkernel KERNCONF=GENERIC (or your own kernel config) make installkernel KERNCONF=GENERIC (or your own kernel config) Then reboot to single user. fsck -p For good measure mount -u / mount -a swapon -a cd /usr/src make installworld Take a look at things to see if everything is OK, especially make sure you have enough disk space. Then run mergemaster mergemaster -cv After this, reboot to a running system and check your config files and other things. Then install the ports and other stuff you want. Does the updater squirrel away copies of the updated files so a last ditch attempt at status quo restoration can be made? It preserves some things, but I am not sure all the details. Also do my existing ports continue to work with the new kernel? Probably they need to be reinstalled or updated, or at least rebuilt with the latest libraries, etc. It is best to assume so, even though some might still work fine. Note that the supfile I show updates both the system and the ports tree in one swell foop.. Note also, that this should be no problem going from one 'minor' version level to a couple down the line, within the same 'major' version level such as your 6.0 - 6.2 but I am much less convident crossing 'major' version levels such as 5.x - 6.x and do a complete reinstall for those. -- Robin Becker -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- A supfile for going from 6.0 to 6.2. Note, I keep my supfile in /etc and name it with the OS version which accounts for the cvsup -g -L 2 /etc/supfile62 command arguments as above. Ports don't have branches in the way the system source does, thus the line for ports is:ports-all tag=.Same for doc. -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- # $FreeBSD: src/share/examples/cvsup/standard-supfile,v 1.23.4.2.2.1 2006/05/06 07:41:03 scottl Exp $ # # cvsup standard-supfile # # If not running X, or invoking cvsup from a non-interactive script, then # run it as follows: # # cvsup -g -L 2 standard-supfile # *default host=cvsup.FreeBSD.org *default base=/var/db *default prefix=/usr *default tag=RELENG_6_2 *default release=cvs *default delete use-rel-suffix *default compress ## Main Source Tree. # The easiest way to get the main source tree is to use the src-all # mega-collection. It includes all of the individual src-* collections. src-all ports-all tag=. doc-all tag=. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: binary updating 6.0-6.2
Jerry McAllister wrote: On Thu, Feb 22, 2007 at 03:38:18PM +, Robin Becker wrote: . What you want to do is a cvsup (Mathew Seaman recently pointed out csup that is supposed to be part of the system, but I don't seem to have it on the machine I am presently on running 6.1) so you would have to install cvsup from ports (/usr/ports/net/cvsup or /usr/ports/net/cvsup-without-gui) if you need it. You seem to be suggesting just what I wish to avoid ie all the trouble of a complete system compile and install with a full ports rebuild. Rather than the src build I would prefer a complete dump and iso reinstall. I looked further into the binary update script and it seems pretty comprehensive. I still expect to go through my ports rebuild, but perhaps I wouldn't need to copy my files back. Even so I see comments in the 6.0-6.1 upgrade.sh like # XXX For some reason, /usr/lib/liblwres.so had its version bumped. # XXX Leave behind the old version just in case. so we end up with some minor cruft left lying about. If the ports need to be rebuilt anyhow, I think I prefer to start from scratch. I just posted a basic rundown on doing this (but with slightly different numbers) just a couple days ago. You might want to check the questions archive.Briefly, you install cvsup (if not already installed); run the cvsup (or csup if you have it) using a supfile set for *default tag=RELENG_6_2 (I will append my working supfile at the end. It is a simple one) Then build and install everything. Do this stuff in a script(1) session to preserve messages and warnings. cvsup -g -L 2 /etc/supfile62 ...good stuff elided -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: binary updating 6.0-6.2
Jerry McAllister wrote: Hello Robin, I see from the latest announcement that freebsd-update is now in the base system for 6.2. Following the links I see there's a procedure for 6.0-61. and another for 6.1-6.2 binary updating. By the way, I see that your post says binary update, but I really don't have confidence in that and prefer updating the source and doing the build as I described in my response. jerry no problem, I just replied to that and I almost guessed you might have missed the binaryness. My experience of the binary update process is fairly positive, but there have been glitches eg my lsof didn't get updated along with a kernel and I now see stuff like lsof: WARNING: compiled for FreeBSD release 6.0-RELEASE; this is 6.0-SECURITY. when using it. I suppose things like lsof needing to be recompiled are an implied dependency and may be hard to find. -- Robin Becker ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Port installation failed
Hi,
I had following errors when trying to install a package through port on
one FreeBSD 4.7 machine:
# make install
/usr/ports/Mk/bsd.port.mk, line 2292: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2292: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2292: Malformed conditional
(((${OSVERSION} 504105 || (${OSVERSION} = 60 ${OSVERSION}
600103) || (${OSVERSION} = 70 ${OSVERSION} 700012))
${PKGORIGIN} != ports-mgmt/pkg_install) ||
exists(${LOCALBASE}/sbin/pkg_info))
/usr/ports/Mk/bsd.port.mk, line 2293: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2293: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2293: Malformed conditional
((${OSVERSION} 504105 || (${OSVERSION} = 60 ${OSVERSION}
600103) || (${OSVERSION} = 70 ${OSVERSION} 700012))
${PKGORIGIN} != ports-mgmt/pkg_install)
/usr/ports/Mk/bsd.port.mk, line 2308: if-less else
/usr/ports/Mk/bsd.port.mk, line 2308: Need an operator
/usr/ports/Mk/bsd.port.mk, line 2322: if-less endif
/usr/ports/Mk/bsd.port.mk, line 2322: Need an operator
/usr/ports/Mk/bsd.port.mk, line 5987: if-less endif
/usr/ports/Mk/bsd.port.mk, line 5987: Need an operator
make: fatal errors encountered -- cannot continue
Anyone has seen similar problem? It seems that bsd.port.mk is causing
problem. Can I just replace bsd.port.mk file with one from other machines?
Simon
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Transparent redirect to another interface ?
On Feb 22, 2007, at 3:55 AM, Frank Bonnet wrote: I have a new mailhub with two ethernet gigabit interfaces, and I would like to transparently redirect IMAP or POP3 requests to the second interface which have a different IP address, to let the first interface drive the SMTP traffic only. Is it possible? This will avoid thousands of email clients re- configuration to let users grab their incomming emails. Configuring the two interfaces with two different IP addresses is no problem at all, presuming that these IP addresses reside in different subnets. If both IPs reside in the same subnet, you are better off configuring the second IP as an alias on the first interface, and using the second NIC for some other purpose. You can do other things, such as using ng_fec to perform port trunking, or using IPFW or some other thing to manually force traffic out of the other interface, but it's unlikely to result in much benefit. -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Port installation failed
On 2/22/07, Simon Gao [EMAIL PROTECTED] wrote:
Hi,
I had following errors when trying to install a package through port on
one FreeBSD 4.7 machine:
# make install
/usr/ports/Mk/bsd.port.mk, line 2292: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2292: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2292: Malformed conditional
(((${OSVERSION} 504105 || (${OSVERSION} = 60 ${OSVERSION}
600103) || (${OSVERSION} = 70 ${OSVERSION} 700012))
${PKGORIGIN} != ports-mgmt/pkg_install) ||
exists(${LOCALBASE}/sbin/pkg_info))
/usr/ports/Mk/bsd.port.mk, line 2293: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2293: warning: String comparison
operator should be either == or !=
/usr/ports/Mk/bsd.port.mk, line 2293: Malformed conditional
((${OSVERSION} 504105 || (${OSVERSION} = 60 ${OSVERSION}
600103) || (${OSVERSION} = 70 ${OSVERSION} 700012))
${PKGORIGIN} != ports-mgmt/pkg_install)
/usr/ports/Mk/bsd.port.mk, line 2308: if-less else
/usr/ports/Mk/bsd.port.mk, line 2308: Need an operator
/usr/ports/Mk/bsd.port.mk, line 2322: if-less endif
/usr/ports/Mk/bsd.port.mk, line 2322: Need an operator
/usr/ports/Mk/bsd.port.mk, line 5987: if-less endif
/usr/ports/Mk/bsd.port.mk, line 5987: Need an operator
make: fatal errors encountered -- cannot continue
Anyone has seen similar problem? It seems that bsd.port.mk is causing
problem. Can I just replace bsd.port.mk file with one from other machines?
Simon
http://lists.freebsd.org/pipermail/freebsd-questions/2007-February/142799.html
--
Linux is for people who hate Micro$oft. BSD is for people who love Unix ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
How to build program with debug symbols
FreeBSD-6.2 I need to know how to build a program with debugging symbols. The problem I am having is that claws-mail-2.7.2 continually crashes but does not display any debug symbols. I talked with the claws-mail people, and they advised me to build a version with debug symbols since the output I supplied them was useless without it. Their suggestion was that I build from a tarball and use the proper ‘config’ flags to get debug symbols included in the program. The problem is that I would rather not mess with that scenario, but rather use the port version instead. The port version does have an option to build a debug version, but apparently, the symbols are stripped out when the program is installed. The port maintainer suggested that I use this is the Makefile: STRIP= #empty However, he is not even sure if it will work. I just want to find out what the best way to go about this is so that I can get this problem resolved. Thanks! -- Gerard Here is today's useless fact: If you have three quarters, four dimes, and four pennies, you have $1.19. You also have the largest amount of money in coins without being able to make change for a dollar. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Problem with gnome_enable=YES in /etc/rc.conf
I tried enabling all GNOME 2.16 services with gnome_enable=YES in the /etc/rc.conf file. However, this did not start any programs referenced by this web page http://www.freebsd.org/gnome/docs/faq2.html#full-gnome. This page didn't help much in the way of troubleshooting. It seemed pretty straightforward; set gnome_enable=YES and it should start all of GNOME's services. I'm guessing I'm missing something obvious. I've searched the freebsd mailing list archives and found posts regarding this issue but they have not solved my problem, or have not been answered e.g. http://www.freebsd.org/cgi/getmsg.cgi?fetch=2392411+2395419+/usr/local/ www/db/text/2007/freebsd-questions/20070121.freebsd-questions. This thread http://www.freebsd.org/cgi/getmsg.cgi?fetch=824947+828344+/usr/local/ww w/db/text/2006/freebsd-questions/20061217.freebsd-questions provided some more information but did not resolve the issue. I've searched google and have come up with nothing. There was a port - gnome_subr - that was supposed to allow gnome_enable to work, but it did not work. I followed the procedure outlined in the documentation but to no avail. Finally, I've tried enabling dbus, polkitd, and hald in the /etc/rc.conf file but when I click on Removable drives and media in the GNOME desktop, it displays a message box that says volume management is not supported and that I should enable hald. I've checked the packages installed and the removable drives and media packege is installed as well as hal. Here's 'uname -a' output: FreeBSD freebsd 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Fri Jan 12 10:40:27 UTC 2007 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC i386 Output of lshal while dbus, polkitd, and hald are enabled in /etc/rc.conf 'lshal': error: libhal_ctx_init: (null): (null) Could not initialise connection to hald. Normally this mean the HAL daemon (hald) is not running or not ready. Output of lshal while only gnome_enable is enabled. 'lshal': error: dbus_bus_get: org.freedesktop.DBus.Error.FileNotFound: Failed to connect to socket /var/run/dbus/dbus.pipe: No such file or directory Any help would be greatly appreciated. Ian Hilt ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
forcing re driver to a card
Hi all, I've been having some trouble getting my nic's to work under freebsd 6.1. it's a jetway mini-itx board with a daughterboard with 3 rtl8110S chips on. two out of the three appear when doing pciconf -lv [EMAIL PROTECTED]:11:0:class=0x02 card=0x10ec16f3 chip=0x816710ec rev=0x10 hdr=0x00 vendor = 'Realtek Semiconductor' class= network subclass = ethernet [EMAIL PROTECTED]:12:0:class=0x02 card=0x10ec16f3 chip=0x816710ec rev=0x10 hdr=0x00 vendor = 'Realtek Semiconductor' class= network subclass = ethernet I think these should be supported by the re driver, so my questions are: -Is there a way to force the re driver to recognize these cards ? -Can the source of the re driver be changed so it recognizes the card (if yes please some guidance, don't know C) ? kind regards Bram ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to build program with debug symbols
On 2007-02-22 16:03, Gerard [EMAIL PROTECTED] wrote:
FreeBSD-6.2
I need to know how to build a program with debugging symbols. The
problem I am having is that claws-mail-2.7.2 continually crashes but
does not display any debug symbols. I talked with the claws-mail
people, and they advised me to build a version with debug symbols
since the output I supplied them was useless without it. Their
suggestion was that I build from a tarball and use the proper ‘config’
flags to get debug symbols included in the program. The problem is
that I would rather not mess with that scenario, but rather use the
port version instead. The port version does have an option to build a
debug version, but apparently, the symbols are stripped out when the
program is installed.
The port maintainer suggested that I use this is the Makefile:
STRIP= #empty
However, he is not even sure if it will work. I just want to find out
what the best way to go about this is so that I can get this problem
resolved.
I think it's much better to avoid tweaking ${STRIP} and set DEBUG_FLAGS
instead. You have to make sure that at least the claws-mail-2.7.2 port
is *rebuilt* from source. The following should work fine:
# cd /usr/ports/mail/claws-mail
# make deinstall
# env DEBUG_FLAGS='-ggdb' make install
The STRIP variable is explicitly set to an empty value when DEBUG_FLAGS
is defined, so you get both a debugging *and* non-stripped binary by
setting DEBUG_FLAGS.
- Giorgos
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On 2007-02-22 15:52, RW [EMAIL PROTECTED] wrote: On Thu, 22 Feb 2007 17:04:18 +0200 Giorgos Keramidas [EMAIL PROTECTED] wrote: On 2007-02-22 14:30, RW [EMAIL PROTECTED] wrote: On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. Because a state entry is a rule by itself. A special 'rule', but still a rule. As such, each state-table entry requires a finite amount of resources. Conserving resources, whenever possible, is a good idea. Creating 10 packets for a connection whose 'traffic' requires 10 TCP segments to be transmitted, and 9000 state entries for a TCP connection whose data payload needs 9000 segments to be transmitted is kind of silly. Especially since it is entirely legal and easy to do the same thing with only 2 state entries (one for each connection). The way PF works is that it first checks if there is a state entry matching the packet's address, port and protocol , if there is the state entry is used to determine what is done with the packet. Only if there is no matching entry is the script used instead. As I already said Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. The point of testing for s/sa is to avoid creating long-lived state entries for illegal or out-of-sequence packets. The state created by s/sa has a very short lifetime. This conserves resources and protects against some DOS attacks. I see. I've recently discovered that IPFilter v4.0.2 on Solaris 10 had a bug in the state expiry code. States for packets without S/SA expire after 10 days, instead of a few seconds like the S/SA states. I haven't verified that this doesn't apply to PF, but since PF is a very different firewall I'll extract my foot from my mouth and go read the source now :) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: How to build program with debug symbols
Giorgos Keramidas schrieb:
On 2007-02-22 16:03, Gerard [EMAIL PROTECTED] wrote:
FreeBSD-6.2
I need to know how to build a program with debugging symbols. The
problem I am having is that claws-mail-2.7.2 continually crashes but
does not display any debug symbols. I talked with the claws-mail
people, and they advised me to build a version with debug symbols
since the output I supplied them was useless without it. Their
suggestion was that I build from a tarball and use the proper ‘config’
flags to get debug symbols included in the program. The problem is
that I would rather not mess with that scenario, but rather use the
port version instead. The port version does have an option to build a
debug version, but apparently, the symbols are stripped out when the
program is installed.
The port maintainer suggested that I use this is the Makefile:
STRIP= #empty
However, he is not even sure if it will work. I just want to find out
what the best way to go about this is so that I can get this problem
resolved.
I think it's much better to avoid tweaking ${STRIP} and set DEBUG_FLAGS
instead. You have to make sure that at least the claws-mail-2.7.2 port
is *rebuilt* from source. The following should work fine:
# cd /usr/ports/mail/claws-mail
# make deinstall
# env DEBUG_FLAGS='-ggdb' make install
The STRIP variable is explicitly set to an empty value when DEBUG_FLAGS
is defined, so you get both a debugging *and* non-stripped binary by
setting DEBUG_FLAGS.
Or you can just define the newly introduced WITH_DEBUG macro, which will
does the trick for you:
make -DWITH_DEBUG install
Still, you can customize the DEBUG_FLAGS to set which flags you want to
add. Besides, the flags that can do harm (-O[123s] and such) will be
stripped out from CFLAGS.
Regards,
Gabor
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: forcing re driver to a card
On Thursday 22 February 2007 16:06, bram wrote:
Hi all,
I've been having some trouble getting my nic's to work under freebsd 6.1.
it's a jetway mini-itx board with a daughterboard with 3 rtl8110S chips on.
two out of the three appear when doing pciconf -lv
[EMAIL PROTECTED]:11:0:class=0x02 card=0x10ec16f3 chip=0x816710ec
rev=0x10 hdr=0x00
vendor = 'Realtek Semiconductor'
class= network
subclass = ethernet
[EMAIL PROTECTED]:12:0:class=0x02 card=0x10ec16f3 chip=0x816710ec
rev=0x10 hdr=0x00
vendor = 'Realtek Semiconductor'
class= network
subclass = ethernet
I think these should be supported by the re driver, so my questions are:
-Is there a way to force the re driver to recognize these cards ?
-Can the source of the re driver be changed so it recognizes the card
(if yes please some guidance, don't know C) ?
The answer to your second question is probably yes; requires someone to make a
patch and test with relevant hardware. Glancing at the code quickly I think
you're probably right that it should be supported by re(4).
The answer to your first question is: patch the source so it recognizes the
card. :)
The good news is that your device already seems to be listed in
src/sys/pci/if_rlreg.h. If that's the case then all you need is a two-line
patch to src/sys/dev/re/if_re.c. Something like this around line 185 of the
file (I'm looking at revision 1.46.2.20) might do the trick:
{ RT_VENDORID, RT_DEVICEID_8169SC, RL_HWREV_8169_8110SB,
RealTek 8169SC/8110SC Single-chip Gigabit Ethernet },
Drop that in the file and rebuild and reinstall your kernel and modules. If
you can confirm that that works then I'd be happy to send in a PR to get it
included.
Solaris has an /etc/driver_aliases file that lets you do things like this
without recompiling anything, but recompiling isn't really too bad once you
get the hang of it. (Especially if you can get away with using modules.)
JN
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Reg, User rights
On Thu, Feb 22, 2007 at 03:33:50PM -0600, Jeffrey Goldberg wrote: On Feb 22, 2007, at 11:02 AM, Jerry McAllister wrote: Install and set up sudo (/usr/ports/security/sudo) and create a configuration for that user so they can run specific commands that you specify and only those commands. This is a very good method, but sometimes it takes some careful thought to deal with the various commands and their possible arguments that you want to allow or disallow. This is my choice. I haven't done a careful comparison of all of the methods you proposed, but I find this the most natural, particularly after using OS X for 5 years. This is what I do for myself (there are no other people with accounts on the particular machine.) In /etc/passwd I have a normal user and group that was setup during installation. A added that user to the wheel group in /etc/groups and configured /usr/local/etc/sudoers with the line %wheel ALL=(ALL) ALL This works just fine. Users in the wheel group can use sudo to execute things as root, but they only need their own passwords. Root's password is extremely good and basically never used, so it is stored away in some secure manner and doesn't exist in anybody's head. I like the idea of not having to give out a root-like password but still to require authentication when operating as root. Ever since I learned this trick from OS X, I've been using it everywhere I can install sudo. That is probably the best general solution if you want to give overall admin rights. But, often there is a reason to give only a limited set of root (admin) priviledges. Then the sudo config (sudoers) must be more complex and can get tricky if the limits are complicated. jerry -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
input/output error on hd
I wrote about this problem before, still working on recovery. After a power outage I lost my primary slave hd, a 250MB Maxtor. Got rebooted ok by editing it out of the fstab i.e. %cat /etc/fstab # DeviceMountpoint FStype Options Dump Pass# /dev/ad0s1b noneswapsw 0 0 /dev/ad0s1a / ufs rw 1 1 ... #/dev/ad1s1c/hoss ufs rw 2 2 % It's been explained to me that ad1s1c was an inappropriate name for the partition on this drive, will change that after fixing this mess. Here is a problem symptom summary: %sudo mount /dev/ad1s1c /hoss mount: /dev/ad1s1c: Input/output error %sudo mount /dev/ad1s1 /hoss mount: /dev/ad1s1: Input/output error %sudo fsck -f /dev/ad1s1 fsck: Could not determine filesystem type %sudo fsck -f /dev/ad1s1c fsck: exec fsck_unused for /dev/ad1s1c in /sbin:/usr/sbin: No such file or directory % Have determined from dd's that there's data on here, wonder though if the power outage caused some permanent damage. Have isolated the errors to blocks 129 through 144: %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.008638 secs (59274 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=128 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.315347 secs (0 bytes/sec) ... [repeats for skip=129 to skip=142] %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.336348 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.018065 secs (28342 bytes/sec) So, I need to know what to do next. Have been looking for pertinant information to learn how to pick apart whatever's keeping my drive for being mountable and fix manually but either don't know what to look for or haven't found the right explanation yet. For instance, is it possible if I somehow 'eliminated' blocks 129 through 144 that the volume would then mount for me? Any help would be appreciated. Marty -- Web Installed Formmail - http://face2interface.com/formINSTal/ Webmaster's BBS - http://bbs.face2interface.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: input/output error on hd
You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. -Derek At 04:19 PM 2/22/2007, Marty Landman wrote: I wrote about this problem before, still working on recovery. After a power outage I lost my primary slave hd, a 250MB Maxtor. Got rebooted ok by editing it out of the fstab i.e. %cat /etc/fstab # DeviceMountpoint FStype Options Dump Pass# /dev/ad0s1b noneswapsw 0 0 /dev/ad0s1a / ufs rw 1 1 ... #/dev/ad1s1c/hoss ufs rw 2 2 % It's been explained to me that ad1s1c was an inappropriate name for the partition on this drive, will change that after fixing this mess. Here is a problem symptom summary: %sudo mount /dev/ad1s1c /hoss mount: /dev/ad1s1c: Input/output error %sudo mount /dev/ad1s1 /hoss mount: /dev/ad1s1: Input/output error %sudo fsck -f /dev/ad1s1 fsck: Could not determine filesystem type %sudo fsck -f /dev/ad1s1c fsck: exec fsck_unused for /dev/ad1s1c in /sbin:/usr/sbin: No such file or directory % Have determined from dd's that there's data on here, wonder though if the power outage caused some permanent damage. Have isolated the errors to blocks 129 through 144: %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.008638 secs (59274 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=128 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.315347 secs (0 bytes/sec) ... [repeats for skip=129 to skip=142] %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.336348 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.018065 secs (28342 bytes/sec) So, I need to know what to do next. Have been looking for pertinant information to learn how to pick apart whatever's keeping my drive for being mountable and fix manually but either don't know what to look for or haven't found the right explanation yet. For instance, is it possible if I somehow 'eliminated' blocks 129 through 144 that the volume would then mount for me? Any help would be appreciated. Marty -- Web Installed Formmail - http://face2interface.com/formINSTal/ Webmaster's BBS - http://bbs.face2interface.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On 2/22/07, RW [EMAIL PROTECTED] wrote: On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. The OP did not keep state on TCP connections using flags S/SA. That can cause problems for TCP window scaling (defined in RFC 1323) and result in stalling connections. From http://undeadly.org/cgi?action=articlesid=20060928081238 under Create TCP states on the initial SYN packet --- quote -- pf does know about window scaling and supports it. However, the prerequisite is that you create state on the initial SYN, so pf can associate the first two packets of the handshake with the state entry. Since the entire negotiation of the window scaling factors takes place only in these two packets, there is no reliable way to deduce the factors after the handshake. Window scaling wasn't widely used in the past, but this is changing rapidly. Just recently, Linux started using window scaling by default. If you experience stalling connections, especially when problems are limited to certain combinations of hosts, and you see 'BAD state' messages related to these connections logged, verify that you're really creating states on the initial packet of a connection. -- end of quote --- To prevent these TCP windows scaling issues, the current pf version of OpenBSD-4.1 BETA defaults to flags S/SA keep state for TCP pass rules. Don't know when this feature will make it into FreeBSD ;) Other issues the OP should look into are the optimizing tips given in http://undeadly.org/cgi?action=articlesid=20060927091645 Adriaan ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: input/output error on hd
On Thu, Feb 22, 2007 at 04:34:24PM -0600, Derek Ragona wrote: You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. Yes, that has been mentioned - I wasn't sure if it would work as desired - without overwriting too much - or not. But, if it is tried , be sure to use the exact partition schema as was done before. I think that was everything in one partition - called c, but I am not sure that is exactly what was done. So, the question is, did the OP use bsdlabel (alone or in sysinstall) when originally creating that filesystem? If so, probably using bsdlabel again on it - WITHOUT doing a newfs - would be worth trying. It probably can't do anything worse than what is already the case. If it was all one partition in a single slice, then run bsdlabel -e on the slice /dev/ad1s1 and take out the unused type from 'c' and make it BSD4.2.Make the offset '*' and the size be everything. Then exit out and hope for the best. jerry -Derek At 04:19 PM 2/22/2007, Marty Landman wrote: I wrote about this problem before, still working on recovery. After a power outage I lost my primary slave hd, a 250MB Maxtor. Got rebooted ok by editing it out of the fstab i.e. %cat /etc/fstab # DeviceMountpoint FStype Options Dump Pass# /dev/ad0s1b noneswapsw 0 0 /dev/ad0s1a / ufs rw 1 1 ... #/dev/ad1s1c/hoss ufs rw 2 2 % It's been explained to me that ad1s1c was an inappropriate name for the partition on this drive, will change that after fixing this mess. Here is a problem symptom summary: %sudo mount /dev/ad1s1c /hoss mount: /dev/ad1s1c: Input/output error %sudo mount /dev/ad1s1 /hoss mount: /dev/ad1s1: Input/output error %sudo fsck -f /dev/ad1s1 fsck: Could not determine filesystem type %sudo fsck -f /dev/ad1s1c fsck: exec fsck_unused for /dev/ad1s1c in /sbin:/usr/sbin: No such file or directory % Have determined from dd's that there's data on here, wonder though if the power outage caused some permanent damage. Have isolated the errors to blocks 129 through 144: %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.008638 secs (59274 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=128 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.315347 secs (0 bytes/sec) ... [repeats for skip=129 to skip=142] %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.336348 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.018065 secs (28342 bytes/sec) So, I need to know what to do next. Have been looking for pertinant information to learn how to pick apart whatever's keeping my drive for being mountable and fix manually but either don't know what to look for or haven't found the right explanation yet. For instance, is it possible if I somehow 'eliminated' blocks 129 through 144 that the volume would then mount for me? Any help would be appreciated. Marty -- Web Installed Formmail - http://face2interface.com/formINSTal/ Webmaster's BBS - http://bbs.face2interface.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Reg, User rights
On Feb 22, 2007, at 11:02 AM, Jerry McAllister wrote: Install and set up sudo (/usr/ports/security/sudo) and create a configuration for that user so they can run specific commands that you specify and only those commands. This is a very good method, but sometimes it takes some careful thought to deal with the various commands and their possible arguments that you want to allow or disallow. This is my choice. I haven't done a careful comparison of all of the methods you proposed, but I find this the most natural, particularly after using OS X for 5 years. This is what I do for myself (there are no other people with accounts on the particular machine.) In /etc/passwd I have a normal user and group that was setup during installation. A added that user to the wheel group in /etc/groups and configured /usr/local/etc/sudoers with the line %wheel ALL=(ALL) ALL This works just fine. Users in the wheel group can use sudo to execute things as root, but they only need their own passwords. Root's password is extremely good and basically never used, so it is stored away in some secure manner and doesn't exist in anybody's head. I like the idea of not having to give out a root-like password but still to require authentication when operating as root. Ever since I learned this trick from OS X, I've been using it everywhere I can install sudo. -j -- Jeffrey Goldberghttp://www.goldmark.org/jeff/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: input/output error on hd
Thanks Derek, I tried deleting and recreating the one slice on that drive in sysinstall, also rewriting the boot label. Didn't seem to help as shown: %sudo fdisk ad1cs1 *** Working on device /dev/ad1cs1 *** parameters extracted from in-core disklabel are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: UNUSED The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 0, size 5 (24 Meg), flag 80 (active) beg: cyl 0/ head 0/ sector 1; end: cyl 1023/ head 254/ sector 63 %sudo fsck /dev/ad1cs1 fsck: Could not determine filesystem type %sudo fsck /dev/ad1c fsck: exec fsck_unused for /dev/ad1c in /sbin:/usr/sbin: No such file or directory %sudo mount /dev/ad1cs1 /hoss mount: /dev/ad1cs1: Input/output error %sudo mount /dev/ad1c /hoss mount: /dev/ad1c on /hoss: incorrect super block %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=131 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.199710 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.018295 secs (27986 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.024593 secs (20819 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.319451 secs (0 bytes/sec) % Wonder why it renamed my slice from ad1s1c to ad1cs1, and what I can do from here. Marty On 2/22/07, Derek Ragona [EMAIL PROTECTED] wrote: You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. -Derek ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: input/output error on hd
Jerry, Below is what I see in response to the cmd; as I'm unfamiliar with it could you please be more explicit about how I may proceed? Marty %sudo bsdlabel -e /dev/ad1s1 Password: # /dev/ad1s1: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 490234736 16unused0 0 c: 4902234120unused0 0 # raw part, don't edit ~ ~ On 2/22/07, Jerry McAllister [EMAIL PROTECTED] wrote: On Thu, Feb 22, 2007 at 04:34:24PM -0600, Derek Ragona wrote: You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. Yes, that has been mentioned - I wasn't sure if it would work as desired - without overwriting too much - or not. But, if it is tried , be sure to use the exact partition schema as was done before. I think that was everything in one partition - called c, but I am not sure that is exactly what was done. So, the question is, did the OP use bsdlabel (alone or in sysinstall) when originally creating that filesystem? If so, probably using bsdlabel again on it - WITHOUT doing a newfs - would be worth trying. It probably can't do anything worse than what is already the case. If it was all one partition in a single slice, then run bsdlabel -e on the slice /dev/ad1s1 and take out the unused type from 'c' and make it BSD4.2.Make the offset '*' and the size be everything. Then exit out and hope for the best. jerry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Fwd: input/output error on hd
N, this is a 250 GB drive with tons of data (mostly bigger files) on it. On 2/22/07, Derek Ragona [EMAIL PROTECTED] wrote: Slice names are version dependent. In major releases the names have changed a bit. There are a few recovery tools in the ports. You can try those and see if they find any usable data. Since it is only 24MB hopefully any data loss is minimal. -Derek At 05:08 PM 2/22/2007, Marty Landman wrote: Thanks Derek, I tried deleting and recreating the one slice on that drive in sysinstall, also rewriting the boot label. Didn't seem to help as shown: %sudo fdisk ad1cs1 *** Working on device /dev/ad1cs1 *** parameters extracted from in-core disklabel are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: UNUSED The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 0, size 5 (24 Meg), flag 80 (active) beg: cyl 0/ head 0/ sector 1; end: cyl 1023/ head 254/ sector 63 %sudo fsck /dev/ad1cs1 fsck: Could not determine filesystem type %sudo fsck /dev/ad1c fsck: exec fsck_unused for /dev/ad1c in /sbin:/usr/sbin: No such file or directory %sudo mount /dev/ad1cs1 /hoss mount: /dev/ad1cs1: Input/output error %sudo mount /dev/ad1c /hoss mount: /dev/ad1c on /hoss: incorrect super block %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=131 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.199710 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.018295 secs (27986 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.024593 secs (20819 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.319451 secs (0 bytes/sec) % Wonder why it renamed my slice from ad1s1c to ad1cs1, and what I can do from here. Marty On 2/22/07, *Derek Ragona* [EMAIL PROTECTED] wrote: You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. -Derek At 04:19 PM 2/22/2007, Marty Landman wrote: I wrote about this problem before, still working on recovery. After a power outage I lost my primary slave hd, a 250MB Maxtor. Got rebooted ok by editing it out of the fstab i.e. %cat /etc/fstab # DeviceMountpoint FStype Options Dump Pass# /dev/ad0s1b noneswapsw 0 0 /dev/ad0s1a / ufs rw 1 1 ... #/dev/ad1s1c/hoss ufs rw 2 2 % It's been explained to me that ad1s1c was an inappropriate name for the partition on this drive, will change that after fixing this mess. Here is a problem symptom summary: %sudo mount /dev/ad1s1c /hoss mount: /dev/ad1s1c: Input/output error %sudo mount /dev/ad1s1 /hoss mount: /dev/ad1s1: Input/output error %sudo fsck -f /dev/ad1s1 fsck: Could not determine filesystem type %sudo fsck -f /dev/ad1s1c fsck: exec fsck_unused for /dev/ad1s1c in /sbin:/usr/sbin: No such file or directory % Have determined from dd's that there's data on here, wonder though if the power outage caused some permanent damage. Have isolated the errors to blocks 129 through 144: %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.008638 secs (59274 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=128 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.315347 secs (0 bytes/sec) ... [repeats for skip=129 to skip=142] %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.336348 secs (0 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.018065 secs (28342 bytes/sec) So, I need to know what to do next. Have been looking for pertinant information to learn how to pick apart whatever's keeping my drive for being mountable and fix manually but either don't know what to look for or haven't found the right explanation yet. For instance, is it possible if I somehow 'eliminated' blocks 129 through 144 that the volume would then mount for me? Any help would be appreciated. Marty -- Web Installed Formmail -
PREGUNTA: CONECTARSE A INTERNET
SALUDOS, ME GUSTARIA SABER COMO PUEDO CONECTARME A INTERNET A TRAVES DEL MODEM RYGE ART18CX QUE SUMINISTRA LA EMPRESA VENEZOLANA CANTV. Y TAMBIEN SABER COMO PUEDO AJUSTAR LA RESOLUCION DE PANTALLA. -- strongKashi-San/strong ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
problems with jail
I'd like to get Apache running in jail, but I can't seem to get network working in jail. I followed the instructions in the man page for jail so far, breating the world install in my jail directory (/jail), which is the only BSD partition on the drive (ad8s3d, ad8s3b is swap, and ad8s3c is that weird partition chunk that always appears after a swap chunk). In doing this I should be able to remove the main system disk from the devfs in the jail, which seemed to be a good idea. But I hadn't gotten that far yet... Regardless, I didn't squash out any devices just yet with devfs, instead, I ensure any 'net*' device had mode 755 (basic jail test, ping the tail on the router), an modified the rc.conf files as the manual page suggested. Anyway, when I go to jail, running csh (as root) in jail, I try/get: %ping 192.168.1.1 ping: socket: Operation not permitted from my normal system prompt (out of jail): ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1): 56 data bytes 64 bytes from 192.168.1.1: icmp_seq=0 ttl=150 time=0.489 ms 64 bytes from 192.168.1.1: icmp_seq=1 ttl=150 time=0.468 ms 64 bytes from 192.168.1.1: icmp_seq=2 ttl=150 time=0.465 ms ... I figure I messed something up pretty oddy for this not to work. System: FreeBSD 6.2 i386 CSUP run 2007-02-10 Ports [and their required deps] installed x11/xorg, x11/kde3, editors/xemacs, editors/openoffice.org-2, editors/nano, editors/pico, x11-wm/WMaker, lang/python25, net-im/gaim, www/firefox System rc.conf hostname=elrond.ameritech.net ifconfig_nve0=inet 192.168.1.84 netmask 255.255.255.0 defaultrouter=192.168.1.1 #ifconfig_nve0=DHCP usbd_enable=YES linux_enable=YES sshd_enable=YES sendmail_enable=NO inetd_flags=-wW -a 192.168.1.84 rpcbind_enable=NO jail rc.conf rpcbind_enable=NO #I had the nve0 interface setup with 192.168.1.85 and with assigned to it also jail command (run from root for testing purposes only - I'll narrow it down to a less privledged host/jailed system user later) jail /jail/ [EMAIL PROTECTED] 192.168.1.85 /bin/csh The machine was rebooted since I set everything up. Thank you, -Jim Stapleton ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems with jail
On Fri, Feb 23, 2007 at 01:22:53AM +, Jim Stapleton wrote: I'd like to get Apache running in jail, but I can't seem to get network working in jail. [...] Anyway, when I go to jail, running csh (as root) in jail, I try/get: %ping 192.168.1.1 ping: socket: Operation not permitted This is normal. You can't ping out from a jail. If you're going to manage several jails on a box, I would suggest you try the ezjail port. Cheers. -- Jonathan Chen [EMAIL PROTECTED] --- I love deadlines. I like the whooshing sound they make as they fly by - Douglas Adams ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems with jail
oops, did a reply instead of reply all, sorry. My question was what's the best way to test net connectivity in jail, csup?, and i did try csup (using a copy of my standard ports supfile), it failed: %csup -g -L 2 /etc/supfile-ports Parsing supfile /etc/supfile-ports Connecting to cvsup12.FreeBSD.org Name lookup failure for cvsup12.FreeBSD.org: hostname nor servname provided, or not known Will retry at 20:52:12 I'm only using one jail (it'll run apache, mysql and possibly sftp) Thanks, -Jim Stapleton On 2/23/07, Jonathan Chen [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2007 at 01:22:53AM +, Jim Stapleton wrote: I'd like to get Apache running in jail, but I can't seem to get network working in jail. [...] Anyway, when I go to jail, running csh (as root) in jail, I try/get: %ping 192.168.1.1 ping: socket: Operation not permitted This is normal. You can't ping out from a jail. If you're going to manage several jails on a box, I would suggest you try the ezjail port. Cheers. -- Jonathan Chen [EMAIL PROTECTED] --- I love deadlines. I like the whooshing sound they make as they fly by - Douglas Adams ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: PF slowing down file copies
On Thu, 22 Feb 2007 23:45:06 +0100 J65nko [EMAIL PROTECTED] wrote: On 2/22/07, RW [EMAIL PROTECTED] wrote: On Wed, 21 Feb 2007 19:38:39 +0100 J65nko [EMAIL PROTECTED] wrote: For keeping state on TCP connections you should only create state on the first packet of the 3 way TCP handshake. Using flags S/SA will ensure this. This will prevent problems with TCP windows scaling.. Why? Creating a state entry causes subsequent packets, in the same tcp connection, to bypass the rules altogether. The OP did not keep state on TCP connections using flags S/SA. That can cause problems for TCP window scaling (defined in RFC 1323) and result in stalling connections. From http://undeadly.org/cgi?action=articlesid=20060928081238 under Create TCP states on the initial SYN packet How can a TCP connection start with anything other than an initial SYN packet? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: em0 invalid checksum on new T60
On Thu, Feb 22, 2007 at 12:36:19AM -0500, Jesse Sheidlower wrote: I just got my new ThinkPad T60 and have been installing merrily away. So far most things have worked fine, though I still have lots to do and will no doubt have a few more questions. A big one right off the start, though, is that my Ethernet card is not working. On boot I get this: --- em0: Intel(R) PRO/1000 Network Connection Version - 6.2.9 port 0x3000-0x301f mem 0xee00-0xee01 irq 16 at device 0.0 on pci2 em0: The EEPROM Checksum Is Not Valid em0: Unable to initialize the hardware device_attach: em0 attach returned 5 --- (Self-reporting here--I did some more searching, and found comments about the need to plug in a working Ethernet cable before booting. I did this, and now it seems to be working fine, even when later rebooting without a cable.) Jesse Sheidlower ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
replacing port in outgoing packets to any host
Hello, participants! In constant effort to prevent trojans to send spam following question came to my mind. Is there any way to replace port number for all outgoing packets? Long version: I want to block outgoing port 25 completely for network behind NAT router and allow port 8025 for example. But it means that router will have to replace outgoing port 8025 with port 25. After intensive googling it looks like my idea is... well... not popular. So, I just wonder if this is possible at all? Something like this: rdr any to any port 8025 - any port 25 PS Yes, I know that I can redirect port to open-relay on known static IP. Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
setting up console port?
Hi there, I am new to setting up a console port on a PC based FreeBSD 6.2 machine. Is this the latest greatest howto page fro doing this? http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/serialconsole-setup.html please point me to a better page. cheeers, Noah ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SpamAssassin and the nonexistent home directory.
Start spamd with -D (debug) on both servers to see where and how spamassassin is configuring itself. Chances are there is some subtle configuration variation that is causing this behavior. It's easy for this to happen given the fact that spamassassin reads through a number of directories for configuration information when it starts up. Steve ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
card Allocation failure, what could be the reason
What could be the reason fo this issue
I have made changes to /usr/src/sys/dev/pccard/pccard_quirks.c file added a
static struct
static struct pccard_function pccard_sierra_860_func0 = {
6, /* function number */
PCCARD_FUNCTION_SERIAL,
0x0006, /* last cfe number */
0x00, /* ccr_base */
0x07, /* ccr_mask */
};
static struct pccard_config_entry pccard_sierra_860_func0_cfe0 = {
0x0006, /* cfe number */
PCCARD_CFE_IO8 | PCCARD_CFE_IRQLEVEL,
PCCARD_IFTYPE_IO,
1, /* num_iospace */
3, /* iomask */
{ { 0x3e8 , 0x3ee } }, /* iospace */
0x3fbc, /* irqmask */
0, /* num_memspace */
{ },/* memspace */
0, /* maxtwins */
};
and as well /usr/src/sys/dev/pccard/pccarddevs file
vendor SIERRA 0x0192 Sierra Wireless
/* Sierra Wireless */
product SIERRA WIRELESS 0x0710 Sierra Wireless Card
I added these the pccard device driver detects my card but
PCCARDDEVS definition are absolutely right.
on the detection of the card while booting the laptop on the console I get
Feb 22 22:51:12 DAK kernel: pccard0: Allocation failed for cfe 6
Feb 22 22:51:12 DAK kernel: pccard0: No config entry could be allocated.
Do you have idea why I am getting there errors
Thanks
Dak
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems with jail
On Fri, Feb 23, 2007 at 01:49:25AM +, Jim Stapleton wrote: oops, did a reply instead of reply all, sorry. My question was what's the best way to test net connectivity in jail, csup?, and i did try csup (using a copy of my standard ports supfile), it failed: %csup -g -L 2 /etc/supfile-ports Parsing supfile /etc/supfile-ports Connecting to cvsup12.FreeBSD.org Name lookup failure for cvsup12.FreeBSD.org: hostname nor servname provided, or not known Will retry at 20:52:12 You need to set up the jail's /etc/resolv.conf to query a suitable DNS. If you want to check connectivity from within the jail to out, you could always telnet mail-server-ip 25. To check connectivity in, you could try enabling the jail's sendmail server... Hope this helps. -- Jonathan Chen | To do is to be -- Nietzsche [EMAIL PROTECTED] | To be is to do -- Sartre | Scooby do be do -- Scooby ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: problems with jail
On Fri, Feb 23, 2007 at 01:49:25AM +, Jim Stapleton wrote: [...] I'm only using one jail (it'll run apache, mysql and possibly sftp) The reason why I'm using ezjail to manage multiple jails is that each jail only provides *one* external service, to minimise effects from intrusion/breakage. Cheers. -- Jonathan Chen [EMAIL PROTECTED] -- If you wish your merit to be known, acknowledge that of other people ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Installing SharpDevelop in FreeBSD
Hi, I need to work with C# under FreeBSD environment.I have a FreeBSD system installed with mono compiler.Now i need to install SharpDevelop IDE for C#. Can anyone help me for the same? Thanks in advance, Sans -- View this message in context: http://www.nabble.com/Installing-SharpDevelop-in-FreeBSD-tf3277188.html#a9113912 Sent from the freebsd-questions mailing list archive at Nabble.com. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: input/output error on hd
In freebsd-questions Digest, Vol 166, Issue 12 At Message: 15 On Thu, 22 Feb 2007 18:12:48 -0500 Marty Landman [EMAIL PROTECTED] wrote: Thanks Derek, I tried deleting and recreating the one slice on that drive in sysinstall, also rewriting the boot label. Didn't seem to help as shown: It's hard to guess if you don't show us the precise commands you issued, or at least the data you gave to sysinstall, and what you got back. %sudo fdisk ad1cs1 *** Working on device /dev/ad1cs1 *** parameters extracted from in-core disklabel are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Figures below won't work with BIOS for partitions not in cyl 1 parameters to be used for BIOS calculations are: cylinders=486332 heads=16 sectors/track=63 (1008 blks/cyl) Media sector size is 512 Warning: BIOS sector numbering starts with sector 1 Information from DOS bootblock is: The data for partition 1 is: UNUSED The data for partition 2 is: UNUSED The data for partition 3 is: UNUSED The data for partition 4 is: sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD) start 0, size 5 (24 Meg), flag 80 (active) beg: cyl 0/ head 0/ sector 1; end: cyl 1023/ head 254/ sector 63 Apart from the fact that 'ad1cs1' is a nonsense, fdisk run on slices always shows garbage, in this case indicating that only slice 4 is in use, with a nonsense size. In fact, I get _exactly_ your above rubbish partition report from running 'fdisk ad0s4' or 'fdisk ad0s2' - both of which are FreeBSD slices - and other types of rubbish on ad0s1 (DOS) and ad0s3 (different DOS) .. fdisk just blindly reports what it finds in binary, scarcely checking for consistency. 'fdisk ad0' (here) shows the Right Stuff. So just show 'fdisk ad1' to see the disk's partition (slice) table (which may be damaged, but it's the only one you're interested in). If 'fdisk ad1' isn't showing any sensible data for 'partition 1' (ad1s1) then your boot sector is hosed. %sudo fsck /dev/ad1cs1 fsck: Could not determine filesystem type %sudo fsck /dev/ad1c fsck: exec fsck_unused for /dev/ad1c in /sbin:/usr/sbin: No such file or directory You shouldn't be doing any of this with the 'c' partition, which is meant to cover the whole disk, but doesn't describe any of its slices. I gather you think your data should be on ad1s1. Does 'bsdlabel ad1s1' say anything sensible? If not, does bsdlabel ad1s2, ad1s3 or ad1s4, if fdisk ad1 shows anything in s2, s3 or s4. I wouldn't be running fsck (without the -n switch) or bsdlabel (with the -e switch) until you're pretty sure of what's going on where - though I gather it's a bit late for that sort of advice :( %sudo mount /dev/ad1cs1 /hoss mount: /dev/ad1cs1: Input/output error %sudo mount /dev/ad1c /hoss mount: /dev/ad1c on /hoss: incorrect super block %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=131 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.199710 secs (0 bytes/sec) As you mentioned elsewhere, you appear to have a bunch of bad blocks early on this disk. They may or may not be critical to recovering the rest of your data, but with all this experimental poking around, things don't look too good. Have you a spare drive you can dd this one to, in its current state? %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=127 1+0 records in 1+0 records out 512 bytes transferred in 0.018295 secs (27986 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=144 1+0 records in 1+0 records out 512 bytes transferred in 0.024593 secs (20819 bytes/sec) %sudo dd if=/dev/ad1s1 of=/tmp/scratch bs=512 count=1 skip=143 dd: /dev/ad1s1: Input/output error 0+0 records in 0+0 records out 0 bytes transferred in 1.319451 secs (0 bytes/sec) % Wonder why it renamed my slice from ad1s1c to ad1cs1, and what I can do from here. Which 'it' do you mean? ad1cs1 makes no sense at all, and ad1s1c you shouldn't usually be messing with at all (as it says, don't edit). What does 'ls -l /dev/ad1*' have to say? And please don't top-post .. Marty On 2/22/07, Derek Ragona [EMAIL PROTECTED] wrote: You may have lost the partition table. You can try repartitioning the drive but do NOT do a newfs. You can easily try it in sysinstall. -Derek Yes, if you know precisely how the disk was partitioned before, which is perhaps dubious in this case .. hopefully Marty saved a copy of the boot sector for each disk earlier with boot0cfg -f ? Marty, if you don't mind reposting what I suppose you did earlier, show us these (all non-destructive): # fdisk ad1 # bsdlabel ad1s1(or whatever slice 1-4 it may be, or try them all) # boot0cfg -v ad1 Cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any
Re: if_nfe on nVidia chipset
Palle Girgensohn wrote: Hi, Great news: I can confirm that it works fine when the e1000phy patch was removed on this system. I have not tried this on the system that *did* work fine with the patch, though. I reverted to e1000phy.c 1.17 and e1000phyreg.h 1.3 on FreeBSD 7, and it now uses the generic driver and correctly detects the media. However for me it still doesn't work. Keep getting: nfe1: watchdog timeout then the link goes down and back up again. Wish I had more time to dig around in it. Brian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
