Re: Modifying bridged traffic
Eric Anderson wrote: What is the easiest way to play with modifying data in-transit within an ethernet bridge? For instance, say I have something like this: [BOX 1] <> [ BOX 2 ] <> [ BOX 3 ] And BOX 2 is a FreeBSD box with bridging enabled between two ethernet interfaces, how can I parse/modify the ethernet frames as they pass through? maybe with the help of netgraph... (ng_ether, ng_tee etc). Eric ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Liar, n.: A lawyer with a roving commission. -- Ambrose Bierce, "The Devil's Dictionary" ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Process arguments
Dave Clausen wrote:
Hello list,
I'm a n00b to the FreeBSD kernel and I'm trying to log all commands
run on the command line from within the kernel for security purposes
by loading a kernel module which redefines execve(). I've
successfully created the KLD and have it working, but am having
problems saving the command's arguments.
Could anyone point me to where in the kernel I should be looking for
the arguments sent to the process? p->p_args gives me the parent
process's cmdname only (sh, in this case), and uap->argv is just the
relative pathname of uap->fname. Ideally, I'd like the user, full
command line, and cwd logged for each command entered.
Here's an example of what I've been working away on:
int
new_execve (struct thread *td, struct execve_args *uap)
{
char *user;
struct proc *p = td->td_proc;
user = p->p_pgrp->pg_session->s_login;
if (p->p_ucred->cr_ruid == 1001) {
printf("%s %d %s\n", user, p->p_pid, uap->fname);
}
return (execve(td,uap));
}
Running 'ls -al' with the above, I get the username, pid, and absolute
filename printed such as, but can't find the actual arguments:
dave 6689 /bin/ls
If I'm not mistaken pjd@ has written similar module which is called
lrexec for RELENG_4 and RELENG_5. See his web site.
Also recently rwatson@ enabled audit support in RELENG_6 and CURRENT,
though I don't know yet whether it can log arguments.
hth,
Ganbold
Any help would be appreciated.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NOT A [GPL License violation]
Bruno Ducrot wrote: I'm working on Dell's laptop support, even though I'm not the one who code a tool for a fan control (and I don't know if such tool under FreeBSD exist). Some preminaly code can be found here: http://people.FreeBSD.org/~bruno/i8kutils_bsd.tar.bz [1] http://people.FreeBSD.org/~bruno/acpi_dell.tar.gz [2] http://people.FreeBSD.org/~bruno/dellctl.tar.gz [3] Bruno, Did you make suspend/resume work? Did you make your volume up/down key work? I have Latitude D620 and can't make above work. thanks, Ganbold For now, the 3 tar ball above have not been publically send to any public list I'm aware of, because those are only priminally work. For [1], people can check I haven't removed any copyright, nor I even bothered adding my name. In any case, I don't plan to add that one to the base system. In fact, I think to remove it from http://people.FreeBSD.org/~bruno/ in the near future. For [2], people can check it's a really preliminary work, and is based on some calls to ACPI methods under the DSDT. Since it's a really different approach taken from the driver found under Linux, it's free from any GPL'ed code. Finally [3] is only a userspace tool to control [2]. Since [2] and [3] are free from any GPL'ed codes, I consider commiting them if one day they work. Actually I even considered to port [2] under Linux, because this is the right way to go when ACPI mode is enabled for obvious reason. The io ports related to the SMM handler are shared, and ACPI take care to handle an ACPI mutex before entering SMM, that at least might eliminate strange cases when sometimes i8k doesn't work. Cheers, ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
TFTP server problem
Hi Robert and all, I'm really sorry for my cross posting, I posted my problem a year ago and I'm still having trouble with tftp server. I switched to Windows tftp server like 3Com 3C daemon for a while and now I want to use tftp server on FreeBSD. I'm using FreeBSD 5.4-STABLE and I tested default tftp server in inetd.conf with options -s and -l. tftp dgram udp waitroot/usr/libexec/tftpd tftpd -s /tftpboot -l Tftp server hangs after some time (6-7 hours or less) and it seems like entire tftp server stops responding because audio files stopped playing. I would like to use tftp server for IVR with Cisco. I didn't try to use second client while it was not responding. What flags do you recommend in inetd.conf? How to debug tftpd? Is there any other tftp server which is good for IVR? tia, Ganbold ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
TFTP server problem
Hi Robert and all, I'm really sorry for my cross posting, I posted my problem a year ago and I'm still having trouble with tftp server. I switched to Windows tftp server like 3Com 3C daemon for a while and now I want to use tftp server on FreeBSD. I'm using FreeBSD 5.4-STABLE and I tested default tftp server in inetd.conf with options -s and -l. tftp dgram udp waitroot/usr/libexec/tftpd tftpd -s /tftpboot -l Tftp server hangs after some time (6-7 hours or less) and it seems like entire tftp server stops responding because audio files stopped playing. I would like to use tftp server for IVR with Cisco. I didn't try to use second client while it was not responding. What flags do you recommend in inetd.conf? How to debug tftpd? Is there any other tftp server which is good for IVR? tia, Ganbold ___ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: upload speed test problem
Adam,
Thanks a lot. You are completely right.
I tested it on my modem, turned off and on Modem Compression option and
checked the result.
I corrected my program using random data.
...
URL url = new URL(web_site);
URLConnection connection = url.openConnection();
connection.setDoOutput(true);
connection.setUseCaches(false);
DataOutputStream dos = new
DataOutputStream(connection.getOutputStream());
byte ab[] = createPacket(buffer_len);
int totalBytes = buffer_len;
int maxBufferSize = 51200;
int bytesAvailable = totalBytes;
int tempBufferSize = 0;
int bytesSent = 0;
int bufferSize = Math.min(bytesAvailable, maxBufferSize);
while(bytesAvailable > 0){
dos.write(ab, 0, bufferSize);
bytesAvailable -= bufferSize;
bufferSize = Math.min(bytesAvailable, maxBufferSize);
}
dos.writeBytes("\r\n");
int totalBytesSent = dos.size();
System.out.println("\nTotal Bytes Sent: " + totalBytesSent);
dos.flush();
dos.close();
BufferedReader in = new BufferedReader(
new InputStreamReader(
connection.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null){
// System.out.println(inputLine);
}
in.close();
endtime1 = System.currentTimeMillis();
test_time = endtime1 - starttime1;
uploaded_size = totalBytesSent;
return showSpeed(starttime1,endtime1,"Upload",totalBytesSent);
...
private byte[] createPacket(int len) {
Random r = new Random();
byte[] pkt = new byte[len];
r.nextBytes(pkt);
return(pkt);
}
...
thanks again,
Ganbold
At 10:10 PM 5/12/2005, you wrote:
On Thu, 12 May 2005, Ganbold wrote:
Result is unbelievable, it is something like 500kbps for 56kbps Dial-Up
connection, which is completely wrong.
It looks like the form data that the client is POSTing is all "a",
correct? The modem is probably compressing this data.
I wrote a speed test in perl a number of years ago to do both upload and
download testing. Here are some things I found, maybe they will help you:
You must use data that doesn't compress well, or, as you've seen, dial-up
modems will compress it and report speeds much higher than is possible.
It is better to pre-generate the random data, rather than try and read
from /dev/random on the fly. I realized that by having my script suck 5
or 10 megabytes of randomness out of /dev/random every time it ran, I was
accelerating the heat-death of the universe. You don't want to cause the
heat-death of the universe either, do you? (Actually, either pre-generate
random files, or read from /dev/urandom, which doesn't block when it runs
out of randomness)
IE Sucks.
The way my script worked was, I had a form page that the user selected the
file size to test with, and hit Submit. This submitted to my CGI that
generated a new HTML form with a hidden input field containing the random
data of the size they selected. It also contained a hidden field with a
timestamp of when the page began to execute. I used javascript to
automatically submit the form when the page load completed. Mozilla would
submit this form as soon as page load completed. For some odd reason, IE
would wait a couple of seconds before submitting the data. So I had to
(oh this is so ugly, I don't want to say it), define an IE fudge factor,
and subtract a couple of seconds from the upload time if the client was IE.
I also realized that I had to add a META tag to cause the pages not to be
cached. Furthermore, I had to add something to look at the client's HTTP
headers and look for signs of an HTTP proxy (proxies usually add a header
or two, depending on how they're configured). If a proxy was detected, I
could either spit out a warning to the user that the speeds reported could
be inaccurate, or I could simply refuse to continue.
On the plus side, overall the test worked pretty well.
HTH,
Adam
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
upload speed test problem
Hi hackers,
I thought somebody in this list could help me. I looked through Java forums
at java.sun.com, and didn't find any solution.
I'm writing speed test program in Java, and my upload speed test shows
wrong result for Dial-up connection.
It uses POST method and sends large data (128k) to Apache 1.3.x web server
(FreeBSD).
The web page is php script and it receives large data correct, but test
time is "very" fast.
Result is unbelievable, it is something like 500kbps for 56kbps Dial-Up
connection, which is completely wrong.
Can somebody tell me why is this happening? How can I correct this problem?
How can I calculate my upload speed? What data size should I use for testing?
I hope somebody in this list point me to the right direction.
Maybe I'm doing something wrong, or missing something.
thanks in advance,
Ganbold
Part of the Java code:
...
buffer_len = 128*1024;
starttime1 = System.currentTimeMillis();
URL url = new URL(web_site);
URLConnection connection = url.openConnection();
connection.setDoOutput(true);
PrintWriter out = new PrintWriter(connection.getOutputStream());
out.print("test=");
for(i=0; i
BufferedReader in = new BufferedReader(
new InputStreamReader(
connection.getInputStream()));
String inputLine;
while ((inputLine = in.readLine()) != null){
// System.out.println(inputLine);
}
in.close();
endtime1 = System.currentTimeMillis();
test_time = endtime1 - starttime1;
uploaded_size = buffer_len;
return showSpeed(starttime1,endtime1,"Upload",buffer_len);
.
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
subtracting days from localtime problem
Hi hackers,
I have problem subtracting days from current date using test program.
We have daylight saving occured on 2AM of March 26, 2005.
As you can see below, there is missing March 26th line from program output.
And all lines after 27th March are wrong.
Instead of 25th March it should be 26th March, 24th March should be 25th
March and so on.
Can somebody tell me why is this happening? How can I correct this problem?
thanks in advance,
Ganbold
Here is system info:
# uname -an
FreeBSD backend.ub.mng.net 4.11-PRERELEASE FreeBSD 4.11-PRERELEASE #4: Tue
Dec 14 18:18:34 ULAT
2004 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/DB i386
# env | grep TZ
TZ=Asia/Ulaanbaatar
# date
Thu Mar 31 20:45:14 ULAST 2005
Here is program output:
# ./test_date
Thu Mar 31 20:36:47 2005
Current Date: 2005-03-31
0 day(s) before current Date: 2005-03-31
1 day(s) before current Date: 2005-03-30
2 day(s) before current Date: 2005-03-29
3 day(s) before current Date: 2005-03-28
4 day(s) before current Date: 2005-03-27
5 day(s) before current Date: 2005-03-25
6 day(s) before current Date: 2005-03-24
7 day(s) before current Date: 2005-03-23
8 day(s) before current Date: 2005-03-22
9 day(s) before current Date: 2005-03-21
10 day(s) before current Date: 2005-03-20
11 day(s) before current Date: 2005-03-19
12 day(s) before current Date: 2005-03-18
13 day(s) before current Date: 2005-03-17
14 day(s) before current Date: 2005-03-16
15 day(s) before current Date: 2005-03-15
16 day(s) before current Date: 2005-03-14
17 day(s) before current Date: 2005-03-13
18 day(s) before current Date: 2005-03-12
19 day(s) before current Date: 2005-03-11
20 day(s) before current Date: 2005-03-10
21 day(s) before current Date: 2005-03-09
22 day(s) before current Date: 2005-03-08
23 day(s) before current Date: 2005-03-07
24 day(s) before current Date: 2005-03-06
25 day(s) before current Date: 2005-03-05
26 day(s) before current Date: 2005-03-04
27 day(s) before current Date: 2005-03-03
28 day(s) before current Date: 2005-03-02
29 day(s) before current Date: 2005-03-01
30 day(s) before current Date: 2005-02-28
31 day(s) before current Date: 2005-02-27
Total run time = 0 sec
#
Here is test program.
test_date.c
--
#include
#include
#include
#include
#include
#include
char *getDate(int day);
char *my_alloc(char *strin);
int main(int argc, char *argv[]){
time_t now;
int start_day = 1;
struct timeval t1;
struct timeval t2;
char *m_date, *cur_date;
int i;
long d;
gettimeofday(&t1,NULL);
now = time(NULL);
fprintf(stderr, "%s\n",ctime(&now));
start_day = 32;
cur_date = getDate(0);
for(i=0;i
gettimeofday(&t2,NULL);
printf("\nTotal run time = %ld sec\n", (t2.tv_sec - t1.tv_sec));
exit(0);
}
char *getDate(int day)
{
struct tm *t;
time_t now;
char date[12];
char *localdate;
time_t p;
now = time(NULL);
t = localtime(&now);
t->tm_mday -= day;
t->tm_hour = t->tm_min = t->tm_sec = 0;
p = mktime(t);
if (p == (time_t)-1)
printf ("mktime failed\n");
snprintf (date,11,"%d-%.2d-%.2d", t->tm_year + 1900, t->tm_mon + 1,
t->tm_mday);
if((localdate=my_alloc(date))==NULL){
fprintf(stderr, "Allocation error!\n");
exit(2);
}
printf("Date: %s\n",localdate);
return localdate;
}
/*-*/
char *my_alloc(char *strin)
{
int len;
char*p;
len = strlen (strin) + 1;
p = (char *)malloc(len);
if (p != NULL) {
strcpy (p, strin);
}
return (p);
}
___
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Strange command histories in hacked shell server
.00 secs Tue Dec 14 00:23 stty - tugstugi #C:5:0x2 0.00 secs Tue Dec 14 00:23 ls - tugstugi #C:5:0x2 0.00 secs Tue Dec 14 00:23 id - tugstugi #C:5:0x2 0.00 secs Tue Dec 14 00:23 ls - tugstugi #C:5:0x2 0.00 secs Tue Dec 14 00:23 cat - tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:23 su - tsgan#C:5:0x2 0.02 secs Tue Dec 14 00:23 cat - tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:22 sleep- tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:22 stty - tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:22 stty - tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:22 fortune - tsgan#C:5:0x2 0.00 secs Tue Dec 14 00:22 ... One more strange thing is "#C:5:0x2". What is this? Again I'm suspecting that, this guy hijacked my tty and got tsgan and then he could log my keystroke and get root password. Am I right? Please give me some advice and info regarding this kind of hack. What should I do in order to secure my shell server? I mean except securelevel, unneeded services etc. Can somebody give me some hints on file and directory permissions? Is there anybody who has similar server config and already had such issues and problems? I appreciate very much if somebody will help me in this regard. thanks in advance, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Question regarding shell user creation at login time
Hi,
I traced sshd using ktrace and it says:
..
10198 new CALL setuid(0)
10198 new RET setuid -1 errno 1 Operation not permitted
10198 new CALL execve(0x80485d0,0xbfbfed8c,0xbfbfed94)
10198 new NAMI "/home/new/new.pl"
10198 new RET execve -1 errno 13 Permission denied
10198 new CALL exit(0x)
.
My C program is:
#include
main(ac, av)
char **av;
{
setuid(0);
execv("/home/new/new.pl",av);
}
Directory:
public# ls -la ~new
total 46
drwxr-xr-x 2 root wheel512 Mar 29 09:10 .
drwxr-xr-x 8 root wheel512 Mar 25 15:28 ..
-r--r- 1 root new 767 Mar 24 17:43 .cshrc
-r--r- 1 root new 248 Mar 26 12:32 .login
-r--r- 1 root new 158 Mar 24 17:43 .login_conf
-r--r- 1 root new 373 Mar 24 17:43 .mail_aliases
-r--r- 1 root new 331 Mar 24 17:43 .mailrc
-r--r- 1 root new 797 Mar 24 17:43 .profile
-r--r- 1 root new 276 Mar 24 17:43 .rhosts
-r--r- 1 root new 975 Mar 24 17:43 .shrc
-rwsr-x--- 1 root new 4651 Mar 26 08:47 new
-- 1 root wheel 94 Mar 26 08:47 new.c
-r-x-- 1 root wheel 15430 Mar 25 15:16 new.pl
-rw-r--r-- 1 root wheel 52 Mar 25 16:52 new.sh
Can somebody tell me the reason why it is failed?
Thanks in advance,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Question regarding shell user creation at login time
Hi, I tested my perl script, C program in FreeBSD 4.9, all work just fine. I checked OpenSSH version and: FreeBSD 4.9 - > OpenSSH_3.5p1 FreeBSD-20030924 FreeBSD 5.2-CURRENT - > OpenSSH_3.8p1 FreeBSD-20040226 Is this difference causing the problem? Should I change something in one of the pam files like /etc/pam.d/login or /etc/pam.d/sshd? Thanks in advance, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Question regarding shell user creation at login time
Hi,
I'm using FreeBSD 5.2-CURRENT and I'm trying to write a small C program
which in turn calls perl script.
Perl script creates user account. I created user called "new" and put new.c
and new.pl into its directory.
Then I changed shell for user new to point to /home/new/new.
The idea is I want to run free shell server. When first time some user logs
in as user new it should execute new.pl
and ask to enter user name etc. and creates new account.
My new.c program is:
--
#include
#include
int main(void) {
char *env[] = { "TERM=vt100", (char *)0 };
execle("/home/new/new.pl","new.pl",(char *)0,env);
return 0;
}
--
I compile it and make it setuid root:
gcc new.c -o new
chmod 4750 new
chown root:new new
--
# ls -l
-r--r- 1 root new 767 Mar 24 17:43 .cshrc
-r--r- 1 root new2 Mar 25 15:41 .hushlogin
-r--r- 1 root new 248 Mar 24 17:43 .login
-r--r- 1 root new 158 Mar 24 17:43 .login_conf
-r--r- 1 root new 373 Mar 24 17:43 .mail_aliases
-r--r- 1 root new 331 Mar 24 17:43 .mailrc
-r--r- 1 root new 797 Mar 24 17:43 .profile
-r--r- 1 root new 276 Mar 24 17:43 .rhosts
-r--r- 1 root new 975 Mar 24 17:43 .shrc
-rwsr-x--- 1 root new 4549 Mar 25 17:37 new
-- 1 root wheel173 Mar 25 17:37 new.c
-r-x-- 1 root wheel 15430 Mar 25 15:16 new.pl
-rw-r--r-- 1 root wheel 52 Mar 25 16:52 new.sh
But when I try to login as user new and when I type password the window
just closes.
When I run su new from console and after I type password it seems just
exits without doing nothing.
new.pl works fine without any problem if I run ./new from console.
Can somebody give me some hints and advices to help me solve this problem?
Is there any other configuration changes I need? Like /etc/login.conf etc?
I'm new to this kind of issue and I appreciate if somebody in this list
help me.
TIA,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
mysql-4.0.18 build problem in FreeBSD-5.2-CURRENT
Hi all, Today I wanted to upgrade mysql-4.0.17 to mysql-4.0.18 in FreeBSD-5.2-CURRENT and got error below. I did updated FreeBSD on March 3 2004 using cvsup. I used following options to compile mysql from ports collection: make WITH_CHARSET=cp1251 WITH_LINUXTHREADS=yes BUILD_STATIC=yes install Error message: - /usr/lib/libc.a(res_init.o): In function `__h_error': res_init.o(.text+0x1104): multiple definition of `__h_error' /usr/local/lib/liblthread.a(errno.o):/usr/ports/devel/linuxthreads/work/linuxthreads-2.2.3_14/errno.c:29: first defined here /usr/bin/ld: Warning: size of symbol `__h_error' changed from 88 to 36 in /usr/lib/libc.a(res_init.o) *** Error code 1 Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.18/sql. *** Error code 1 Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.18/sql. *** Error code 1 Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.18/sql. *** Error code 1 Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.18. *** Error code 1 Stop in /usr/ports/databases/mysql40-server/work/mysql-4.0.18. *** Error code 1 Stop in /usr/ports/databases/mysql40-server. --- What should I do in this case? Is there anybody solved this problem before? Linuxthreads is installed from ports collection. tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Error when making installworld : SOLVED
Hi, I added group authpf and everything worked well. Please ignore my previous message. thanks, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Error when making installworld
Hi, I did cvsup today and built world, compiled and installed kernel. The I did mergemaster -p. But when I try to make installworld make says following error: ===> usr.sbin/authpf install -s -o root -g authpf -m 6555 authpf /usr/sbin install: authpf: Invalid argument *** Error code 67 Stop in /usr/src/usr.sbin/authpf. *** Error code 1 Stop in /usr/src/usr.sbin. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. What should I do? Is it some bug or am I missing something? thanks in advance, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: having trouble with sshd
Debug outputs of sshd when connecting client: psh# sshd -d -p 5999 debug1: sshd version OpenSSH_3.7.1p2 FreeBSD-20040106 debug1: private host key: #0 type 0 RSA1 debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 5999 on 0.0.0.0. Server listening on 0.0.0.0 port 5999. Generating 768 bit RSA key. RSA key generation complete. debug1: Server will not fork when running in debugging mode. debug1: res_init() Connection from 192.168.0.18 port 3578 debug1: Client protocol version 1.5; client software version PuTTY-Release-0.53b debug1: no match: PuTTY-Release-0.53b debug1: Local version string SSH-1.99-OpenSSH_3.7.1p2 FreeBSD-20040106 debug1: permanently_set_uid: 22/22 debug1: Sent 768 bit server key and 1024 bit host key. debug1: Encryption type: blowfish debug1: Received session key; encryption turned on. debug1: Installing crc compensation attack detector. debug1: Attempting authentication for tsgan. debug1: PAM: initializing for "tsgan" debug1: PAM: setting PAM_RHOST to "ganbold.micom.mng.net" Failed none for tsgan from 192.168.0.18 port 3578 Accepted password for tsgan from 192.168.0.18 port 3578 Accepted password for tsgan from 192.168.0.18 port 3578 debug1: monitor_child_preauth: tsgan has been authenticated by privileged process debug1: session_new: init debug1: session_new: session 0 debug1: Installing crc compensation attack detector. debug1: Allocating pty. debug1: session_new: init debug1: session_new: session 0 debug1: session_pty_req: session 0 alloc /dev/ttyp1 debug1: PAM: setting PAM_TTY to "/dev/ttyp1" debug1: PAM: establishing credentials debug1: Setting controlling tty using TIOCSCTTY. debug1: Entering interactive session. debug1: server_init_dispatch_13 debug1: server_init_dispatch_15 debug1: Window change received. Ganbold At 04:08 PM 26.02.2004, you wrote: Ganbold <[EMAIL PROTECTED]> writes: > At 12:38 AM 26.02.2004, you wrote: > > The preferred method is now keyboard-interactive. If your client does > > not support it, get a better client. > I'm using putty-0.53b. putty supports keyboard-interactive, and it's even on by default. See http://the.earth.li/~sgtatham/putty/0.54/puttydoc.txt, section 4.18.2. what protocol version are you using, btw? DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: having trouble with sshd
Hi At 12:38 AM 26.02.2004, you wrote: Ganbold <[EMAIL PROTECTED]> writes: > However I'm having trouble login using ssh. I see sshd_config is not > different than previous one. Yes, it is. Did you run mergemaster? Yes, I did run mergemaster with -p switch before installworld and afterward without switch. > I set PasswordAuthentication yes in sshd_config file and everything is > worked fine. > However what is the default authentication method in new sshd? Should > I change every time after update sshd_config file? The preferred method is now keyboard-interactive. If your client does not support it, get a better client. I'm using putty-0.53b. Ganbold DES -- Dag-Erling Smørgrav - [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: having trouble with sshd
Hi I have tag=. Ganbold At 08:48 PM 25.02.2004, you wrote: On Wed, Feb 25, 2004 at 06:25:22PM +0800, Ganbold wrote: > Hi, > > Today I just updated source using cvsup. I'm using FreeBSD 5.2-current. > I compiled and installed source and new kernel. > 5.2-current? So, what is in your tag in cvsup config? Cause I have tag=RELENG_5_2 and yesterday cvsuped anll the docs, sources and made world and everything works fine. > However I'm having trouble login using ssh. I see sshd_config is not > different than previous one. > When I debug sshd using sshd -d -p 2401 and tried to log on it says > Password Authentication disabled. > Before update sshd was working just fine. > > I set PasswordAuthentication yes in sshd_config file and everything is > worked fine. > However what is the default authentication method in new sshd? Should I > change every time after update sshd_config file? No, everything should work fine... > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
having trouble with sshd
Hi, Today I just updated source using cvsup. I'm using FreeBSD 5.2-current. I compiled and installed source and new kernel. However I'm having trouble login using ssh. I see sshd_config is not different than previous one. When I debug sshd using sshd -d -p 2401 and tried to log on it says Password Authentication disabled. Before update sshd was working just fine. I set PasswordAuthentication yes in sshd_config file and everything is worked fine. However what is the default authentication method in new sshd? Should I change every time after update sshd_config file? tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OT: tftp server
Hi Robert, I tested default tftp server in inetd.conf with options -s and -l. tftp dgram udp waitroot/usr/libexec/tftpd tftpd -s /tftpboot -l Tftp server hangs after some time and it seems like entire tftp server stops responding because audio files stopped playing. I would like to use tftp server IVR in Cisco. I didn't try to use second client while it was not responding. What flags do you recommend in inetd.conf? Is there any other tftp server which is good for IVR? tia, Ganbold At 01:11 AM 25.02.2004, you wrote: On Tue, 24 Feb 2004, Ganbold wrote: > Maybe this is off topic question. I'm looking for good tftp server in > FreeBSD. I used default tftp server in FreeBSD and had some problems. > It sometimes hangs without any response. Can somebody recommend me tftp > server in FreeBSD/Unix/Linux? I can't recommend an alternative tftp server, but I can offer some help debugging the current one -- the tftp server is pretty widely used, and I haven't seen any other reports of this. Could you expand a bit on "hangs without any response" -- do individual transfers stall, or the entire tftp server? What flags are you using to tftpd in inetd.conf? If you use a second client at the same time, does it also appear to be hung? What clients are you using? Robert N M Watson FreeBSD Core Team, TrustedBSD Projects [EMAIL PROTECTED] Senior Research Scientist, McAfee Research ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OT: tftp server
Hi Attila, I would like to use tftp server to play/download audio files (Interactive Voice response) for Cisco VoIP. Ganbold At 09:14 PM 24.02.2004, you wrote: Ganbold wrote: Maybe this is off topic question. I'm looking for good tftp server in FreeBSD. I used default tftp server in FreeBSD and had some problems. It sometimes hangs without any response. Can somebody recommend me tftp server in FreeBSD/Unix/Linux? It depends on what do you want. ftp://ftp.cs.huji.ac.il/users/danny/tftpd/ was the fastest I've seen so far, and I haven't seend any ill effects with that. (using for PXE netbooting and for networking devices to fetch OS and configurations) -- Attila Nagy e-mail: [EMAIL PROTECTED] Free Software Network (FSN.HU) phone @work: +361 210 1415/127 ISOs: http://www.fsn.hu/?f=downloadcell.: +3630 306 6758 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
OT: tftp server
Hi all, Maybe this is off topic question. I'm looking for good tftp server in FreeBSD. I used default tftp server in FreeBSD and had some problems. It sometimes hangs without any response. Can somebody recommend me tftp server in FreeBSD/Unix/Linux? tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current
Hi Mike and all, I found the problem with the Intel PRO/1000 card. I looked in the BIOS and it says NO MAC address! I even reset BIOS but no results. It seems like onboard Intel card is broken or malfunctioning. I told the owner to change Dell server to another. Thanks for all who tried to help me and suggested ideas. Ganbold At 02:59 AM 17.02.2004, you wrote: On Mon, 16 Feb 2004, Ganbold wrote: > Hi, > > Following is the output of pciconf -lv command: As others have pointed out, the problem isn't in the em driver, since the card isn't even showing up in pciconf. Either it's somehow not enabled, or FreeBSD isn't detecting the PCI bridge that the card is connected to. If you're running in ACPI mode, I suggest that you try running without ACPI and see if that changes anything. Mike "Silby" Silbersack ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current
Yes I installed Realtek card because FreeBSD doesn't recognize onboard card. It has onboard TP connector same as Redhat machine has. Ganbold At 07:37 PM 16.02.2004, you wrote: Hi, Ganbold wrote on Mon, Feb 16, 2004 at 06:45:39PM +0800: [..] > [EMAIL PROTECTED]:4:0: class=0x02 card=0x9207103c chip=0x1213 rev=0x10 > hdr=0x00 > vendor = 'Accton Technology Corporation' > device = 'EN-1207D Fast Ethernet Adapter' > class= network > subclass = ethernet [..] This is the only probed Ethernet device and it seems rl driver has already attached to it. I know that DELL servers can be equipped with an em NIC optionally, maybe this is the case for your second machine. You should check the connectors on the back, if there is an additional TP or SX port (I think the Pro/1000 is SX only). If your RedHat machine has the SX port, but your other one doesn't, that would solve the mystery, wouldn't it? HTH, Daniel -- IRCnet: Mr-Spock - Truth lies in the eye of the beholder - Daniel Lang * [EMAIL PROTECTED] * +49 89 289 18532 * http://www.leo.org/~dl/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: [Freebsd-hackers] Re: Intel PRO/1000 MT onboard network cardproblem in FreeBSD 5.2-current
When I try to load if_em.ko module /var/log/messages says: Feb 16 19:08:41 mnao1 kernel: module_register: module pci/em already exists! Feb 16 19:08:41 mnao1 kernel: Module pci/em failed to register: 17 Ganbold At 07:07 PM 16.02.2004, you wrote: What happends when you load the module if_em.ko kldload if_em.ko Cheers, -- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene mrtg.grunn.org Dutch mirror of MRTG -Oorspronkelijk bericht- Van: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Steven Hartland Verzonden: maandag 16 februari 2004 11:54 Aan: Mike Silbersack; Ganbold CC: [EMAIL PROTECTED] Onderwerp: [Freebsd-hackers] Re: Intel PRO/1000 MT onboard network cardproblem in FreeBSD 5.2-current Not wishing to point out the obvious but there's no EM controller there? Steve - Original Message - From: "Ganbold" <[EMAIL PROTECTED]> To: "Mike Silbersack" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, February 16, 2004 10:45 AM Subject: Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current > Hi, > > Following is the output of pciconf -lv command: > > [EMAIL PROTECTED]:0:0:class=0x06 card=0x chip=0x00171166 > rev=0x32 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CMIC-SL' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:0:1:class=0x06 card=0x chip=0x00171166 > rev=0x00 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CMIC-SL' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:4:0: class=0x02 card=0x9207103c chip=0x1213 rev=0x10 > hdr=0x00 > vendor = 'Accton Technology Corporation' > device = 'EN-1207D Fast Ethernet Adapter' > class= network > subclass = ethernet > [EMAIL PROTECTED]:14:0:class=0x03 card=0x01351028 chip=0x47521002 > rev=0x27 hdr=0x00 > vendor = 'ATI Technologies' > device = 'Rage XL PCI' > class= display > subclass = VGA > [EMAIL PROTECTED]:15:0: class=0x06 card=0x02011166 chip=0x02011166 > rev=0x93 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI to ISA Bridge' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:15:1: class=0x01018a card=0xc1351028 chip=0x02121166 > rev=0x93 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI EIDE Controller' > class= mass storage > subclass = ATA > [EMAIL PROTECTED]:15:2:class=0x0c0310 card=0x02201166 chip=0x02201166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'OSB4 OpenHCI Compliant USB Controller' > class= serial bus > subclass = USB > [EMAIL PROTECTED]:15:3:class=0x060100 card=0x02301166 chip=0x02251166 > rev=0x00 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI Bridge' > class= bridge > subclass = PCI-ISA > [EMAIL PROTECTED]:16:0: class=0x06 card=0x chip=0x01011166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CIOB-X2' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:16:2: class=0x06 card=0x chip=0x01011166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CIOB-X2' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:4:0: class=0x01 card=0x01351028 chip=0x00301000 rev=0x07 > hdr=0x00 > vendor = 'LSI Logic (Was: Symbios Logic, NCR)' > device = 'LSI53C1020/1030 PCI-X to Ultra320 SCSI Controller' > class= mass storage > subclass = SCSI This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone (023) 8024 3137 or return the E.mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ Freebsd-hackers mailing list [EMAIL PROTECTED] http://lists.elvandar.org/mailman/listinfo/freebsd-hackers ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current
Hi, Maybe server doesn't have EM card at the end. Only reason why I'm thinking is there are 2 identical Dell Poweredge 1600SC servers and the other one has Redhat Linux 9.0 installed and Intel PRO/1000MT card is recognized properly. Ganbold At 06:53 PM 16.02.2004, you wrote: Not wishing to point out the obvious but there's no EM controller there? Steve - Original Message - From: "Ganbold" <[EMAIL PROTECTED]> To: "Mike Silbersack" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, February 16, 2004 10:45 AM Subject: Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current > Hi, > > Following is the output of pciconf -lv command: > > [EMAIL PROTECTED]:0:0:class=0x06 card=0x chip=0x00171166 > rev=0x32 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CMIC-SL' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:0:1:class=0x06 card=0x chip=0x00171166 > rev=0x00 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CMIC-SL' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:4:0: class=0x02 card=0x9207103c chip=0x1213 rev=0x10 > hdr=0x00 > vendor = 'Accton Technology Corporation' > device = 'EN-1207D Fast Ethernet Adapter' > class= network > subclass = ethernet > [EMAIL PROTECTED]:14:0:class=0x03 card=0x01351028 chip=0x47521002 > rev=0x27 hdr=0x00 > vendor = 'ATI Technologies' > device = 'Rage XL PCI' > class= display > subclass = VGA > [EMAIL PROTECTED]:15:0: class=0x06 card=0x02011166 chip=0x02011166 > rev=0x93 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI to ISA Bridge' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:15:1: class=0x01018a card=0xc1351028 chip=0x02121166 > rev=0x93 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI EIDE Controller' > class= mass storage > subclass = ATA > [EMAIL PROTECTED]:15:2:class=0x0c0310 card=0x02201166 chip=0x02201166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'OSB4 OpenHCI Compliant USB Controller' > class= serial bus > subclass = USB > [EMAIL PROTECTED]:15:3:class=0x060100 card=0x02301166 chip=0x02251166 > rev=0x00 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CSB5 PCI Bridge' > class= bridge > subclass = PCI-ISA > [EMAIL PROTECTED]:16:0: class=0x06 card=0x chip=0x01011166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CIOB-X2' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:16:2: class=0x06 card=0x chip=0x01011166 > rev=0x05 hdr=0x00 > vendor = 'ServerWorks (Was: Reliance Computer Corp)' > device = 'CIOB-X2' > class= bridge > subclass = HOST-PCI > [EMAIL PROTECTED]:4:0: class=0x01 card=0x01351028 chip=0x00301000 rev=0x07 > hdr=0x00 > vendor = 'LSI Logic (Was: Symbios Logic, NCR)' > device = 'LSI53C1020/1030 PCI-X to Ultra320 SCSI Controller' > class= mass storage > subclass = SCSI This e.mail is private and confidential between Multiplay (UK) Ltd. and the person or entity to whom it is addressed. In the event of misdirection, the recipient is prohibited from using, copying, printing or otherwise disseminating it or any information contained in it. In the event of misdirection, illegible or incomplete transmission please telephone (023) 8024 3137 or return the E.mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current
Hi, Following is the output of pciconf -lv command: [EMAIL PROTECTED]:0:0:class=0x06 card=0x chip=0x00171166 rev=0x32 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CMIC-SL' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:0:1:class=0x06 card=0x chip=0x00171166 rev=0x00 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CMIC-SL' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:4:0: class=0x02 card=0x9207103c chip=0x1213 rev=0x10 hdr=0x00 vendor = 'Accton Technology Corporation' device = 'EN-1207D Fast Ethernet Adapter' class= network subclass = ethernet [EMAIL PROTECTED]:14:0:class=0x03 card=0x01351028 chip=0x47521002 rev=0x27 hdr=0x00 vendor = 'ATI Technologies' device = 'Rage XL PCI' class= display subclass = VGA [EMAIL PROTECTED]:15:0: class=0x06 card=0x02011166 chip=0x02011166 rev=0x93 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CSB5 PCI to ISA Bridge' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:15:1: class=0x01018a card=0xc1351028 chip=0x02121166 rev=0x93 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CSB5 PCI EIDE Controller' class= mass storage subclass = ATA [EMAIL PROTECTED]:15:2:class=0x0c0310 card=0x02201166 chip=0x02201166 rev=0x05 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'OSB4 OpenHCI Compliant USB Controller' class= serial bus subclass = USB [EMAIL PROTECTED]:15:3:class=0x060100 card=0x02301166 chip=0x02251166 rev=0x00 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CSB5 PCI Bridge' class= bridge subclass = PCI-ISA [EMAIL PROTECTED]:16:0: class=0x06 card=0x chip=0x01011166 rev=0x05 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CIOB-X2' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:16:2: class=0x06 card=0x chip=0x01011166 rev=0x05 hdr=0x00 vendor = 'ServerWorks (Was: Reliance Computer Corp)' device = 'CIOB-X2' class= bridge subclass = HOST-PCI [EMAIL PROTECTED]:4:0: class=0x01 card=0x01351028 chip=0x00301000 rev=0x07 hdr=0x00 vendor = 'LSI Logic (Was: Symbios Logic, NCR)' device = 'LSI53C1020/1030 PCI-X to Ultra320 SCSI Controller' class= mass storage subclass = SCSI Ganbold At 06:22 PM 16.02.2004, you wrote: On Mon, 16 Feb 2004, Ganbold wrote: > Hi, > > I installed FreeBSD 5.2 and updated using cvsup on Dell Poweredge 1600SC. > However still FreeBSD doesn't recognize network card. It has onboard Intel > Pro/1000 MT card. > What should I do in order to use this onboard Intel PRO/1000 card? I > checked Intel web site and found only > em driver for FreeBSD 4.7. > Where can I find latest driver for Intel PRO/1000 MT network card? > > tia, > > Ganbold The driver in 5.2 should support that card. Can you post the results of a "pciconf -lv" so we can see the PCI ID of your specific card? Thanks, Mike "Silby" Silbersack ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Intel PRO/1000 MT onboard network card problem in FreeBSD 5.2-current
Hi, I installed FreeBSD 5.2 and updated using cvsup on Dell Poweredge 1600SC. However still FreeBSD doesn't recognize network card. It has onboard Intel Pro/1000 MT card. What should I do in order to use this onboard Intel PRO/1000 card? I checked Intel web site and found only em driver for FreeBSD 4.7. Where can I find latest driver for Intel PRO/1000 MT network card? tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 5.2-current problem in Dell Poweredge 1600SC
Hi, I installed FreeBSD 5.2 on Dell Poweredge 1600SC. However FreeBSD doesn't recognize network card. It has onboard Intel Pro 1000 card. The machine has Pentium 4 XEON processor(logical processor enabled) with 512 MB ram. I did cvsup to CURRENT and compiled source using make buildworld. Kernel compiled smoothly and installed successfully. However when I reboot it hangs showing acpi.ko. I tried also loading kernel without ACPI. Even tried safe mode and single user mode, no result. Then I booted back to old kernel. Can sombody explain me the reason why it is not booting after upgrade? Or should I wait day one or two and then update again? tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Bandwidth limiting for eMule ports
Hi,
I'm still having trouble limiting bandwidth for emule ports using dummynet
features.
I'm using FreeBSD 5.2-current machine for firewall. It has 2 Intel pro 100
cards and it is configured as a bridge.
I'm doing bandwidth limiting in the following way:
# eMule
${fwcmd} pipe 59 config bw 256kbit/s
${fwcmd} pipe 60 config bw 256kbit/s
${fwcmd} pipe 61 config bw 128kbit/s
${fwcmd} add 80 pipe 59 ip from 202.179.x.x/19 to any
2323,4242,4243,4661-4672,7700-7800
${fwcmd} add 81 pipe 60 ip from any 2323,4242,4243,4661-4672,7700-7800 to
202.179.x.x/19
${fwcmd} add 82 pipe 61 ip from any to 202.179.x.x/19
2323,4242,4243,4661-4672,7700-7800
Am I doing right? For what NIC should I implement filtering, outside or
inside interface?
When I see MRTG graphs for ipfw it still shows bandwidth more than it
supposed to:(
I really hope somebody in this list point me to the right direction.
thanks in advance,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Curious problem w/ 5.2-RELEASE su
Did you run mergemaster? I had this problem recently and when I run mergemaster everything worked fine. hth, Ganbold At 12:19 AM 21.01.2004, you wrote: Additionally, I am seeing this message in syslog: Jan 20 10:48:26 tokyo su: in openpam_load_module(): no pam_wheel.so found though /usr/lib/pam_wheel.so -> /usr/lib/pam_wheel.so.2 exists, and has the same md5 hash as on the working host. What am I missing here? On Tue, Jan 20, 2004 at 11:08:43AM -0500, Brian Ledbetter wrote: > I have two systems which I recently upgraded from src to > 5.2-RELEASE. (Both systems were upgraded from the same > /usr/src tree) Everything seemed to be working fine until > a little while ago this morning, when I started having this > problem with /usr/bin/su: > > $ su - > su in free(): error: chunk is already free > Abort trap (core dumped) > $ sudo sh > $ id > uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), > 4(tty), 5(operator), 20(staff), 31(guest) > $ su - > su in free(): error: chunk is already free > Abort trap (core dumped) > > Does anyone have any idea what would be causing this? The > MD5 hash of /usr/bin/su and all linked libraries are identical > between the two systems, but /usr/sbin/su works just fine on > the other host. dmesg reports nothing unusual on system startup. > What can I do to fix this? > > Thanks in advance! > > -- > Brian C. Ledbetter <[EMAIL PROTECTED]> > http://www.shadowcom.net/brian/ > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Brian C. Ledbetter <[EMAIL PROTECTED]> http://www.shadowcom.net/brian/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 5.x source update and compilation problem in HP Vectra VE18 -- SOLVED
Hi, Thanks for all who tried to help me. I solved my problem replacing hard disk. It was 4GB seagate IDE HDD. Somehow it was causing the problem. I've changed it and compilation went smoothly. Some suggested me changing the RAM, however RAM change didn't solve the problem. Below is my previous post. - I installed FreeBSD 5.1 in HP Vectra VE18 PIII 450MHz with 128MB RAM and 4GB HDD. However I'm having problem compiling sources. Whenever I try to make buildworld make stops sometime later saying some variable not found etc. When I check that variable from source it is somehow changed strangely something like: addend changed to adddnd, else changed to dlse, INFOPATH changed to INFNPATH etc. I did cvsup several times, also I used rm -rf /usr/obj cd /usr/src && make cleandir command before compiling. I don't know what to do, I really need to install FreeBSD 5.x on this machine. I even tried with FreeBSD 5.2RC2, but same results. Also I first tried to compile kernel , but it is same, no results. Can somebody help me in this regard? What should I do? --------- Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
dummynet question
Hi,
I'm using FreeBSD 5.2-current machine for firewall. It is configured as a
bridged ipfw2 firewall.
Also this machine works a a traffic shaper using ip dummynet features.
I'm trying to limit bandwidth for some particular application, for example
eMule p2p application.
I'm doing it in the following way:
# eMule
${fwcmd} pipe 59 config bw 256kbit/s
${fwcmd} pipe 60 config bw 256kbit/s
${fwcmd} add 80 pipe 59 ip from 202.179.x.x/19 to any
2323,4242,4243,4661-4672,7700-7800 in via fxp1
${fwcmd} add 81 pipe 60 ip from any to 202.179.x.x/19
2323,4242,4243,4661-4672,7700-7800 in via fxp0
Am I doing right?
tia,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
dummynet question
Hi,
I'm using FreeBSD 5.2-current machine for firewall. It is configured as a
bridged ipfw2 firewall.
Also this machine works a a traffic shaper using ip dummynet features.
I'm trying to limit bandwidth for some particular application, for example
eMule p2p application.
I'm doing it in the following way:
# eMule
${fwcmd} pipe 59 config bw 256kbit/s
${fwcmd} pipe 60 config bw 256kbit/s
${fwcmd} add 80 pipe 59 ip from 202.179.x.x/19 to any
2323,4242,4243,4661-4672,7700-7800 in via fxp1
${fwcmd} add 81 pipe 60 ip from any to 202.179.x.x/19
2323,4242,4243,4661-4672,7700-7800 in via fxp0
Am I doing right?
tia,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: ipfw2 problem
Hi,
How much memory does your machine have? I have never tried ipfw with -d option.
I'll try next time. Actually one_pass is already turned off in sysctl.conf
Any other recommendations? One suggested me to remove keep-state from
http filtering rules. Will it solve the problem?
Ganbold
At 01:41 AM 05.01.2004, you wrote:
i have:
sysctl net.inet.ip.fw.dyn_buckets=16384
sysctl net.inet.ip.fw.dyn_syn_lifetime=5
sysctl net.inet.ip.fw.dyn_max=32000
sysctl net.inet.ip.fw.debug=0
sysctl net.inet.ip.dummynet.max_chain_len=256
sysctl net.inet.ip.dummynet.hash_size=1024
sysctl net.inet.ip.fw.verbose_limit=1
and am running ~3000 users with ~2 sessions each, stateful, with shaping.
i wonder what you get if you run ipfw -d show when your error happens?
i wonder if your shaper is getting full and droping the syn packets that
setup the flow? maybe if you put the shaper rules @ the end and turned off
one-pass?
> -Original Message-
> From: Ganbold [mailto:[EMAIL PROTECTED]
> Sent: January 4, 2004 4:32 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: ipfw2 problem
>
>
> Hi,
>
> I'm using FreeBSD 5.2-current machine for firewall. It is
> configured as a
> bridged ipfw2 firewall.
> Also this machine works a a traffic shaper using ip dummynet features.
> The machine has 2GHz Pentium 4 CPU and 128MB RAM and 3 Intel
> Pro 100MB
> cards. 2 cards are used
> for bridging.
> Everything works fine, except sometimes it seems to be
> dropping some packets.
> When I try to browse the web, sometimes it just shows error
> page. This
> situation happens during peak hours
> So my guess is firewall drops packets and maybe the machine
> needs more RAM.
> Another guess is I'm using stateful features of ipfw2 and
> when dynamic rule
> count reaches maximum
> it just drops packets waiting to be deleted some dynamic
> rules. Am I right?
> Can somebody explain
> me what will happen when net.inet.ip.fw.dyn_count reaches
> net.inet.ip.fw.dyn_max value?
>
> Also I tried to increase the maximum value up to 8192 but it
> seems no result.
>
> # Added in sysctl.conf
> net.inet.ip.fw.dyn_max=8192
>
> I attached my /etc/rc.firewall and /etc/sysctl.conf files.
> Can somebody tell me where I did wrong in config files?
> Should I increase
> the RAM?
> Or should I set smaller life time for dynamic rules?
>
> I hope somebody in this list point me to the right direction.
>
> Part of the /etc/rc.firewall
> --
> ---
> ...
> [Cc][Uu][Ss][Tt][Oo][Mm])
>
> ${fwcmd} -f flush
> ${fwcmd} -f pipe flush
>
> # Things that we have kept state on before get to go through
> in a hurry
> ${fwcmd} add 10 check-state
>
> ${fwcmd} add 21 deny all from 10.0.0.0/8 to any via fxp0
> ${fwcmd} add 23 deny all from 172.16.0.0/12 to any via fxp0
> ${fwcmd} add 25 deny all from 192.168.0.0/16 to any via fxp0
>
> ${fwcmd} add 34 deny all from 127.0.0.0/8 to any in via fxp0
>
> ### stop Welcia/Nachi ###
> ${fwcmd} add 35 deny icmp from any to any iplen 92
>
> ### DUMMYNET config #
>
> # 64KB ###
> #
> # selenge
> ${fwcmd} pipe 41 config bw 64kbit/s
> ${fwcmd} pipe 42 config bw 64kbit/s
> ${fwcmd} add 62 pipe 41 all from 202.179.x.x/30 to any in via fxp1
> ${fwcmd} add 63 pipe 42 all from any to 202.179.x.x/30 in via fxp0
>
> # khentii
> ${fwcmd} pipe 43 config bw 64kbit/s
> ${fwcmd} pipe 44 config bw 64kbit/s
> ${fwcmd} add 64 pipe 43 all from 202.179.x.x/30 to any in via fxp1
> ${fwcmd} add 65 pipe 44 all from any to 202.179.x.x/30 in via fxp0
>
> # arkhangai
> ${fwcmd} pipe 45 config bw 64kbit/s
> ${fwcmd} pipe 46 config bw 64kbit/s
> ${fwcmd} add 66 pipe 45 all from 202.179.x.x/30 to any in via fxp1
> ${fwcmd} add 67 pipe 46 all from any to 202.179.x.x/30 in via fxp0
>
> # traffic police
> ${fwcmd} pipe 47 config bw 64kbit/s
> ${fwcmd} pipe 48 config bw 64kbit/s
> ${fwcmd} add 68 pipe 47 all from
> 202.179.x.x/30,202.179.x.x/28 to any in
> via fxp1
> ${fwcmd} add 69 pipe 48 all from any to
> 202.179.x.x/30,202.179.x.x/28 in
> via fxp0
>
> # 128KB ###
> #
> # glencore
> ${fwcmd} pipe 49 config bw 128kbit/s
> ${fwcmd} pipe 50 config bw 128kbit/s
> ${fwcmd} add 70 pipe 49 all from
> 202.179.x.x/29,202.179.x.x/30 to any in
> via fxp1
> ${fwcmd} add 71 pipe 50 all from any to
> 202.179.x.x/29,202.179.x.x/30 in
> via fxp0
>
> # ikh tenger
> ${fwcmd} pipe 51 config bw 128kbit/s
> ${fwcmd} pipe 52 co
ipfw2 problem
setup keep-state
# Allowing and LOG all INCOMING, outgoing FTP, telnet, SMTP, POP3, ident,
imap conections.
${fwcmd} add pass tcp from any to any 20-21,23,25,110,113,143 in via
fxp0 setup keep-state
${fwcmd} add pass udp from any to any 20-21,23,25,110,113,143 in via fxp0
keep-state
# Pass the "quarantine" range
${fwcmd} add pass tcp from any to any 18198,18211,4-65535 in via fxp0
setup keep-state
${fwcmd} add pass udp from any to any 18198,18211,4-65535 in via fxp0
keep-state
# MSN, Yahoo ports
${fwcmd} add pass tcp from any to any
1863,2001-2120,6801,6891-6901,7801-7825 in via fxp0 setup keep-state
${fwcmd} add pass udp from any to any
1863,2001-2120,6801,6891-6901,7801-7825 in via fxp0 keep-state
# additional h323,yahoo,remote admin,vnc ports
${fwcmd} add pass tcp from any to any 1719-1725,2082,5000-6000,8010,8100 in
via fxp0 setup keep-state
${fwcmd} add pass udp from any to any 1719-1725,2082,5000-6000,8010,8100 in
via fxp0 keep-state
# Allowing mysql,Jabber,IRC,chat.
${fwcmd} add pass tcp from any to any 3306,4899,6155,6502,6667,8000 in via
fxp0 setup keep-state
${fwcmd} add pass udp from any to any 3306,4899,6155,6502,6667,8000 in via
fxp0 keep-state
# allow radius
${fwcmd} add pass tcp from any to any 1645,1646,1812,1813,9000-9002 in via
fxp0 setup keep-state
${fwcmd} add pass udp from any to any 1645,1646,1812,1813,9000-9002 in via
fxp0 keep-state
# additional eMule ports
${fwcmd} add pass tcp from any to any 2323,4242,4243,4661-4672,7700-7800 in
via fxp0 setup keep-state
${fwcmd} add pass udp from any to any 2323,4242,4243,4661-4672,7700-7800 in
via fxp0 keep-state
# Allowing DNS lookups.
${fwcmd} add pass tcp from any to any 53 in via fxp0 setup keep-state
${fwcmd} add pass udp from any to any 53 in via fxp0 keep-state
${fwcmd} add pass udp from any 53 to any in via fxp0 keep-state
${fwcmd} add pass icmp from 202.179.x.x/19 to any icmptypes 0,3,4,8,11,12
${fwcmd} add pass icmp from not 202.179.x.x/19 to 202.179.x.x/19 icmptypes
0,3,4,11,12
# Allowing SOCKS,HTTP proxy to outside only
${fwcmd} add pass tcp from 202.179.x.x/19 to any 1080,8080 in via
fxp0 setup keep-state
${fwcmd} add pass udp from 202.179.x.x/19 to any 1080,8080 in via fxp0
keep-state
# Allow the bridge machine to say anything it wants
${fwcmd} add pass tcp from 202.179.x.x to any setup keep-state
${fwcmd} add pass udp from 202.179.x.x to any keep-state
${fwcmd} add pass ip from 202.179.x.x to any
${fwcmd} add pass tcp from any to any in via fxp2 setup keep-state
${fwcmd} add pass udp from any to any in via fxp2 keep-state
${fwcmd} add pass ip from any to any in via fxp2
# Allow NTP queries out in the world
${fwcmd} add pass udp from any to any 123 in via fxp0 keep-state
# allow multicast
${fwcmd} add pass all from 202.179.x.x/19 to 224.0.0.0/4 via fxp0
${fwcmd} add pass all from 224.0.0.0/4 to 202.179.x.x/19 via fxp0
# Allowing OSPF
${fwcmd} add pass ospf from any to any
# Allowing GRE
${fwcmd} add pass gre from any to any
# Allowing IP fragments to pass through.
${fwcmd} add 65001 pass all from any to any frag
# Everything else is suspect
${fwcmd} add drop log ip from any to any
...
-
/etc/sysctl.conf file.
-
net.link.ether.bridge_cfg=fxp0:0,fxp1:0
net.link.ether.bridge_ipfw=1
net.link.ether.bridge.enable=1
net.inet.ip.fw.one_pass=0
security.bsd.see_other_uids=0
net.link.ether.inet.max_age=1200
kern.ipc.somaxconn=1024
net.inet.tcp.sendspace=32768
net.inet.tcp.recvspace=32768
net.inet.ip.sourceroute=0
net.inet.ip.accept_sourceroute=0
# Stop broadcast ECHO response
net.inet.icmp.bmcastecho=0
# Stop other broadcast probes
net.inet.icmp.maskrepl=0
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1
net.inet.ip.fw.dyn_max=8192
net.inet.ip.fw.dyn_ack_lifetime=3600
net.inet.ip.fw.dyn_udp_lifetime=10
net.inet.ip.fw.dyn_buckets=1024
-----
tia,
Ganbold
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 5.x source update and compilation problem in HP Vectra VE18
Hi, I installed FreeBSD 5.1 in HP Vectra VE18 PIII 450MHz with 128MB RAM and 4GB HDD. However I'm having problem compiling sources. Whenever I try to make buildworld make stops sometime later saying some variable not found etc. When I check that variable from source it is somehow changed strangely something like: addend changed to adddnd, else changed to dlse, INFOPATH changed to INFNPATH etc. I did cvsup several times, also I used rm -rf /usr/obj cd /usr/src && make cleandir command before compiling. I don't know what to do, I really need to install FreeBSD 5.x on this machine. I even tried with FreeBSD 5.2RC2, but same results. Also I first tried to compile kernel , but it is same, no results. Can somebody help me in this regard? What should I do? tia, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Dummynet pipes and MRTG
Hi, I need to view the traffic utilization of dummynet pipes in ipfw2. I'm using FreeBSD 5.2 current. I'm also using MRTG to draw graphics from ipfw show rule-number command. Is there any method or program like MRTG to draw bandwidth utilizations of dummynet pipes? Can I use MRTG for this purpose? I hope somebody in this list point me to the right direction. thanks in advance, Ganbold ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
