POP Before SMTP

[FreeBSD]

Does anyone have any URL's for "POP Before SMTP" setup for sendmail?  I'm on Fbsd4.8 
with the current Sendmail 8.12.8.   I havent used pop and smtp on my server in 4 years 
now so none of my old information or configurations work anymore. =/
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

NATD and PPP problem

[Jacob Vennervald]

Hi

I've installed a FreeBSD 4.8 machine, which I wanna use as a 
NAT/Router/Firewall.
I have setup the pppoe connection which works perfectly and then I've 
tried to setup the machine as a NAT Router by setting the following in 
the rc.conf:
firewall_enable="YES"
firewall_type="open"
natd_enable="YES"
natd_interface="tun0"
But when I restart the machine it gives me the following error:
"Firewall rules loaded, starting divert daemons: natdnatd: tun0: cannot 
get interface address"

When I log in and type "ifconfig" I can also see that the tun0 interface 
doesn't exist, but when I turn off the two natd settings in rc.conf and 
reboot it does exist.

Can anybody help?

Cheers,
Jacob Vennervald
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

How to get best results from FreeBSD-questions

[Greg Lehey]

How to get the best results from FreeBSD questions.
===

Last update $Date: 2003/03/09 22:09:31 $

This is a regular posting to the FreeBSD questions mailing list.  If
you got it in answer to a message you sent, it means that the sender
thinks that at least one of the following things was wrong with your
message:

- You left out a subject line, or the subject line was not appropriate.
- You formatted it in such a way that it was difficult to read.
- You asked more than one unrelated question in one message.
- You sent out a message with an incorrect date, time or time zone.
- You sent out the same message more than once.
- You sent an 'unsubscribe' message to FreeBSD-questions.

If you have done any of these things, there is a good chance that you
will get more than one copy of this message from different people.
Read on, and your next message will be more successful.

This document is also available on the web at
http://www.lemis.com/questions.html.

=

Contents:

I:Introduction
II:   How to unsubscribe from FreeBSD-questions
III:  Should I ask -questions, -newbies or -hackers?
IV:   How to submit a question to FreeBSD-questions
V:How to answer a question to FreeBSD-questions

I: Introduction
===

This is a regular posting aimed to help both those seeking advice from
FreeBSD-questions (the "newcomers"), and also those who answer the
questions (the "hackers").

   Note that the term "hacker" has nothing to do with breaking
   into other people's computers.  The correct term for the latter
   activity is "cracker", but the popular press hasn't found out
   yet.  The FreeBSD hackers disapprove strongly of cracking
   security, and have nothing to do with it.

In the past, there has been some friction which stems from the
different viewpoints of the two groups.  The newcomers accused the
hackers of being arrogant, stuck-up, and unhelpful, while the hackers
accused the newcomers of being stupid, unable to read plain English,
and expecting everything to be handed to them on a silver platter.  Of
course, there's an element of truth in both these claims, but for the
most part these viewpoints come from a sense of frustration.

In this document, I'd like to do something to relieve this frustration
and help everybody get better results from FreeBSD-questions.  In the
following section, I recommend how to submit a question; after that,
we'll look at how to answer one.

II:  How to unsubscribe from FreeBSD-questions
==

When you subscribed to FreeBSD-questions, you got a welcome message
from [EMAIL PROTECTED]  In this message, amongst other things, it
told you how to unsubscribe.  Here's a typical message:

  Welcome to the freebsd-questions mailing list!

  If you ever want to remove yourself from this mailing list,
  you can send mail to "[EMAIL PROTECTED]" with the following command
  in the body of your email message:

  unsubscribe freebsd-questions Greg Lehey <[EMAIL PROTECTED]>

  Here's the general information for the list you've
  subscribed to, in case you don't already have it:

  FREEBSD-QUESTIONS   User questions
  This is the mailing list for questions about FreeBSD.  You should not
  send "how to" questions to the technical lists unless you consider the
  question to be pretty technical.

Normally, unsubscribing is even simpler than the message suggests: you
don't need to specify your mail ID unless it is different from the one
which you specified when you subscribed.

If Majordomo replies and tells you (incorrectly) that you're not on
the list, this may mean one of two things:

  1.  You have changed your mail ID since you subscribed.  That's where
  keeping the original message from majordomo comes in handy.  For
  example, the sample message above shows my mail ID as
  [EMAIL PROTECTED]  Since then, I have changed it to
  [EMAIL PROTECTED]  If I were to try to remove [EMAIL PROTECTED] from
  the list, it would fail: I would have to specify the name with
  which I joined.

  2.  You're subscribed to a mailing list which is subscribed to
  FreeBSD-questions.  If that's the case, you'll have to figure out
  which one it is and get your name taken off that one.  If you're
  not sure which one it might be, check the headers of the
  messages you receive from freebsd-questions: maybe there's a
  clue there.

If you've done all this, and you still can't figure out what's going
on, send a message to [EMAIL PROTECTED], and he will sort things
out for you.  Don't send a message to FreeBSD-questions: they can't
help you.

III: Should I ask -questions, -newbies or -hackers?
===

Two mailing lists handle general questions about FreeBSD,
FreeBSD-questions and FreeBSD-hackers.  In addition, the
FreeBSD-newbies l

Poor speed in local subnet with bge (Broadcom NIC)

[Heiko Weber]

Hi,

I have installed a new FreeBSD system on a Fujitsu-Siemens TX200 with a
Broadcom gigabit network card. All the local cables & hubs are 10baseT (and
this is also what autodetect figures out). My connection to the internet is
a 2MBit fixed line connection.

The problem ist, that all local traffic (inside my subnet) to and from the
TX200 machine is very, very slow. Here is what netperf says from TX200 to
other FreeBSD machine:

www# ./netperf -H 217.6.66.203
TCP STREAM TEST to 217.6.66.203 : histogram
Recv   SendSend
Socket Socket  Message  Elapsed
Size   SizeSize Time Throughput
bytes  bytes   bytessecs.10^6bits/sec

 57344  32768  3276814.40   0.07

netperf on both machines using localhost reports normal speed:

www# ./netperf
TCP STREAM TEST to localhost : histogram
Recv   SendSend
Socket Socket  Message  Elapsed
Size   SizeSize Time Throughput
bytes  bytes   bytessecs.10^6bits/sec

 57344  32768  3276810.011395.26

Connections to the outer world (internet) from the TX200 are at normal
speed. I have tried many things to figure out which might be wrong. I
changed from "autodetect" to 10baseT, setting half- or full-duplex, have
compared the routing tables of the TX200 with the others - but nothing was
wrong.
Then I dump(1) the complete machine to tape, and restore(1) it on a older
test machine (with other NIC), rebuild the kernel to fit these machine ...
and everything was fine, local and outbound traffic was good. Therefor I
assume that the Broadcom NIC or the driver has a problem.

Any idea how to find out more (buy a new network card ?)

Heiko Weber
---
Wecos - Heiko Weber Computer Systeme
Tel. +49 (4169) 91000 <> Fax +49 (4169) 919033

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Samba and $

[Micheas Herman]

On Mon, 2003-08-04 at 17:41, Jon Reynolds wrote:
> On Mon, 2003-08-04 at 12:25, Bob Collins wrote:
> > At 02:07 PM 8/4/2003 -0500, gfsd wrote:
> > >Why can't i create a user with a $ on the end? For machine trust accounts 
> > >i need to add each one by hand, instead of on the fly creation. When I use 
> > >adduser it will not let me add a user with a $ on the end, is there a way 
> > >around that?

adduser is a perl script in 4.x. You can edit the file to allow
'$' in the user name. Or further hack it so that it knows that
any name that ends in '$' is a samba machine name and have it
execute the correct smbpasswd command as well.


A quick visit to an active irc channel should get you any help
you need. (it did me a long time ago.)

good luck,


Micheas

> > >___
> > >[EMAIL PROTECTED] mailing list
> > >http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > >To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> > 
> > 
> > That is to be expected in FreeBSD and Samba. It is in the notes. So, what 
> > you do, is make your user. The edit, by hand, the password file. vipw is 
> > the command to use. Add the $ and save the file.
> > 
> > No real way around it that I know of.
> > 
> > -- Bob
> > 
> > NOTICE TO BULK E-MAILERS: Pursuant to US Code, Title 47, Chapter 5,
> > Subchapter II, 227, and all unsolicited commercial e-mail sent to this
> > address is subject to a download and archival fee in the amount of $500 US
> 
> Is there a good howto for setting up freebsd as a pdc with winxp? I am
> having a helluva time trying to get the xp box to logon.
> 
> Jon
> 
> ___
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: kernel-building error

[Mark Woodson]

On Friday 08 August 2003 12:47 pm, mess-mate wrote:
> |> umass.o: In function `umass_cam_quirk_cb':
> |> umass.o(.text+0x21bb): undefined reference to `xpt_done'
> |> *** Error code 1
> |>
> |> Thanks for your help.
> |> mess-mate
>
> Thanks for your help.
> Problem semi-solved. Disabled 'umass' in the kernel and all
> goes well.
> I don't know whar the requirements are for 'umass', what's
> this beast ??

umass is USB mass storage (a usb hard drive).

The requirements for umass are:  scbus and da (scsi bus and scsi direct 
access) as the line states in the kernel config file
device  umass   # Disks/Mass storage - Requires scbus and da

The requirements for a device or option are listed in the config file.  
generally.

-Mark

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ran snort, now fxp1 stuck in promisc mode

[Lowell Gilbert]

"Dave [Hawk-Systems]" <[EMAIL PROTECTED]> writes:

> was experimenting with snort to try and track down the source of some hack
> attempts (which were futile but annoying).  Before settling on the various flags
> that I indeed wanted to use, there were a number of failed snort starts, stops,
> etc...  don't remember the specifics now as this was some time ago.
> 
> Have noticed that since then the fxp1 interface has been stuck in promisc mode.
> 
>   fxp1: flags=8943 mtu 1500
> 
> Have tried manually to unset this using;
>   # ifconfig -promisc fxp1
> to no avail.
> 
> snort is no longer running, though when I do start it to track something, I have
> since been running it with the -p flag to turn off promisc sniffing.  This
> doesn't seem to affect the interface since it is already in promisc mode.
> 
> This box is regularly checked for root kits or other potential comprimises that
> could have caused this, and we did notice it after the first few unsuccessful
> attempts with snort in promisc mode so we are pretty sure of the source.
> 
> Aside from rebooting the box entirely (undesireable given it is a production
> server) anyone have any ideas as to how to force fxp1 to let go of its promisc
> fetish?

Hmm.  I don't see how this can happen (on -STABLE, anyway), but it's
worth poking it a bit to see what happens.  You could take the
interface down and back up, and try to force the itnerface *into*
promiscuous mode and then back out again.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

ipsec tunnel in transport mode

[Adam Mazza]

Hello,

I've been reading the docs on setting up an ipsec vpn on freebsd to
connect two remote networks. I am hoping someone could point me to any
documentation that outlines trasport mode. Basically I have a box running
4.7-RELEASE-p11 that is connected to my network via a wireless bridge. I
plan on purchasing a Netgear FVM318 so that I can have all my wireless
clients form ipsec connections to my WAP. So basically I need to encrypt
all traffic going to my default gw (192.168.1.1) which is my WAP.

Thanks

Adam Mazza
PGP Key:http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x382775D1
Key fingerprint = 5A82 FA7F 459C E805 6C00  3211 48AC 6069 3827 75D1
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

What ports need to be open on a firewall to allow cvsup?

[stan]

The company I work for is implementing a new firewall, and there is some
posibilty I might be able to get the apropriate ports to cvsup my FreeBSD
machines open.

Assuming pasive mode cvsup, what ports would I need open?

-- 
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
-- Benjamin Franklin
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ports-supfile file problem

[John DeStefano]

--- Lowell Gilbert <[EMAIL PROTECTED]> wrote:
> John DeStefano <[EMAIL PROTECTED]> writes:
> 
> > --- Lowell Gilbert <[EMAIL PROTECTED]>
> wrote:
> > > John DeStefano <[EMAIL PROTECTED]> writes:
> > > 
> > > > I'm trying to update my ports tree to address some possible
> > > solutions
> > > > posted here to another problem.  The command I'm running is:
> > > > # cvsup -g -L 2 /usr/local/etc/cvsup/sup/ports-supfile
> > > > 
> > > > Here's the result:
> > > > Parsing supfile "/usr/local/etc/cvsup/sup/ports-supfile"
> > > > Release not specified for collection "host=ftp3.FreeBSD.org"
> > > > 
> > > > And here's the relevent portion of the file:
> > > > 
> > > > *default host=ftp3.FreeBSD.org
> > > > *default base=/usr
> > > > *default prefix=/usr
> > > > *default release=cvs tag=.
> > > > *default delete use-rel-suffix
> > > > 
> > > > I've also tried simply "cvsup -g -L 2 ports-supfile" and "cvsup
> > > > ports-supfile", which both return the same error.
> > > > I assume this is in relation to the line "*default release=cvs
> > > tag=.",
> > > > but I'm following the handbook and the sample file by leaving
> > > "tag=.". 
> > > > I also tried changing "." to the correct cvs tag (RELENG_5_0)
> and
> > > got
> > > > the same results.
> > > > What am I doing wrong?
> > > 
> > > You need a collection name in the file.
> > 
> > Meaning, "ports-all", or un-commenting a selection of port types? 
> I've
> > got that.  I included above only the portion of the file I thought
> was
> > relevent to the 'release' problem I'm having.
> 
> Meaning either one; sorry, I didn't know the bits that you didn't put
> in your message.
> 
> Are you sure that ftp3.freebsd.org is a full cvsup server?  That DNS
> name doesn't guarantee cvsup service, although many of the servers
> handle both in parallel.
> 
> As far as it goes, your supfile looks okay.  In case there's a weird
> parsing error, maybe you could add a "tag=." to the line with the
> collection on it, and see if it gives you any other hints.  With a
> raised verbosity level, even.
> 
> Failing that, perhaps you should post your *whole* supfile, and/or
> contact the cvsup author for help.

Thanks Lowell.  Well, your suggestions made sense and at the very least
have showed me that the host name in the file was wrong... I've now
changed it to an actual cvsup mirror (cvsup3.FreeBSD.org), and also
tested the file with and without adding "tag=." after "ports-all".  But
I'm still getting the same error (Release not specified for collection
"host=cvsup3.FreeBSD.org").
Here's the file excluding commented-out lines:
=
host=cvsup3.FreeBSD.org
base=/usr
prefix=/usr
*default host=cvsup3.FreeBSD.org
*default base=/usr
*default prefix=/usr
*default release=cvs tag=.
*default delete use-rel-suffix
*default compress
ports-all tag=.
==
These are the times when I feel like doing "rm -rf /"!!  :(
Thanks,
~John

__
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Experience with Intel SCSI RAID?

[Stein]

Hi,

We are considering Intel new SCSI RAID series of controllers. Despite
that they are listing their controllers as "Supported with Limited
Campatability and Validation" with FreeBSD4.4 and higher.
We will be running FreeBSD4.8.
The SRCU42L is a potential candidate, in conjunction with some
of the newer Intel server motherboards that har 64bit/66MHz PCI
buses. Please note that we will not be running in SMP mode, as our
application runns slower on multi CPU systems. If Xeon CPU, we will
operate without HyperTreading enabled.
If anyone that have experience setting up these controllers, or might
have an opinion on these matters, can  give  us some info it would
be grately appreciated.
The motherboards that we consider are Intel SE7501CW2 or SE7505VB2
among others.
On beforehand thank you.

-Stein M. Sandbech

--
/*  Stein M SandbechEmail: [EMAIL PROTECTED] **
**  Owner & technical manager**
**  Ing. Stein M. Sandbech  Phone: +47 6380 6219 **
**  Asaktoppen 39, N-2015 Leirsund  Phone: +47 6387 2320 **
**  NORWAY  Fax:   +47 6387 2300 */
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Question concerning dual-NIC configuration

[Michael K. Smith]

why would ya want to route lo1 127.0.0.1 to a 192.x.x. address ???
seems to me that there are to many system side processes that listen or
ocmmunicate thru that...giving access or routing that traffic to a
internal address ...doesnt seem to smart to me.
-- 

I wouldn't; I was using that as an example.  I would want to create a
second, separate loopback interface, much in the same way you can do on a
Cisco and then route traffic across both interfaces to the loopback.  All of
the addresses would be valid.

Mike

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Hang while hardware probing in 4.8

[dayton]

I have what appears to be the same problem.  I'm a longtime FreeBSD user.  I
put 4.8 on a new laptop (Tecra M1) and when I created a kernel with support
for power management and the sound card, it would hang on the boot in a
similar fashion.  The generic kernel would boot fine.

I found that if I remove the sound support from the kernel (but do have apm
support) then it boots fine.

I haven't had time to experiment further (other versions, more refined
variations in the kernel config, ...). So, for now, I live without sound 8^(
but I'd like to get it fixed.

(So, Sanjay, if you're using the GENERIC kernel, this doesn't help much).

One more possibly related observation.  I've found that if I boot XP and
then return to FBSD then the first time my modified kernel won't boot but
the generic one will!  After booting the generic kernel then I can boot
mine.  I'm at a loss on this unless perhaps Toshiba has XP mess with devices
in some inappropriate way.  Again I haven't investigate further.

dayton


> Date: Thu, 7 Aug 2003 21:21:05 -0700
> From: "Bakshi, Sanjay" <[EMAIL PROTECTED]>
> Subject: Hang while hardware probing in 4.8
> To: <[EMAIL PROTECTED]>
> Message-ID:
>   <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset="us-ascii"
> 
> Hi,
> I am installing FreeBSD 4.8 on a P4 and while hardware probing it hangs.
> 
> How do I find on which device it is hung on?
> 
> The print out stop after displaying
>   ppi0:  on ppbus 0
> And I am quite certain that probing gets stuck on whatever the next
> device being probed is. Also I don't have conflicts.
> 
> I am a brand new user of FreeBSD so if such issues are already
> documented somewhere please point me there and I will read up
> 
> thanks,
> -- sanjay
> 

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD - Secure by DEFAULT ?? [hosts.allow]

[Byron Schlemmer]

On Thu, 2003-08-07 at 19:24, Schalk Erasmus wrote:
> Hi,
> 
> I need to know what the implications are to make use of the hosts.allow file
> on a FreeBSD Production Server (ISP Setup)? The reason I'm asking, is that
> I've recently decommisioned a Linux SendMail Server to a FreeBSD Exim
> Server, but with no Firewall (IPTABLES) yet.
> 
> Besides the fact that it only runs EXIM and Apache, is it necessary to
> Configure rc.Firewall? or can I only make use of the hosts.allow file?

Only applications that honour tcp_wrappers use hosts.allow. Therefore to
ensure that your machine is secure it would be wise to use a firewall of
some kind. 

> Currently I would only like to allow SSH access from my Home Network,
> instead of allowing the WORLD.
> 
> I've seen OpenBSD Servers using hosts.deny and hosts.allow files, but based
> on the new "Access Control File", it is all merged together in one file:
> 
> # hosts.allow access control file for "tcp wrapped" applications.
> # $FreeBSD: src/etc/hosts.allow,v 1.8.2.7 2002/04/17 19:44:22 dougb Exp $
> #
> 
> I take that I should allow the other Services, in this order:
> 
> sshd : myhomepc : allow
> exim : ALL : allow
> httpd : ALL : allow
> ftpd : ALL : allow
> ALL : ALL : deny

That would limit ssh only from myhomepc. So thats correct.

> What kind of protection does FreeBSD need by Default? Since OpenBSD goes
> around saying: "SECURE BY DEFAULT" !?

Hmm, I don't think OpenBSD runs a firewall by default. Basically they
start you off with a very restrictive setup. FreeBSD is reasonably
secure "by default" to. But, if you plan to have this box running in a
ISP environment a firewall would be highly recommended.

-- 

--byron


signature.asc
Description: This is a digitally signed message part

Re: How can I check for swap space? (4.8-Release)

[Kevin Stevens]

At 07:16 PM 8/7/2003 -0400, John Mills wrote:
Freebies -

I just installed 4.8-Release from CDs and let the installer divide 
my disk
automatically. Things are acting as though I have little or no 
active swap
space.

2. How can I check what I got? (No joy yet from 'fdisk' on that.)

cat /etc/fstab
will show you what gets mounted at boot time.
mount
pstat -T
and disklabel
There's also "swapinfo":

[EMAIL PROTECTED]:/home/KeS> swapinfo
Device  1K-blocks UsedAvail Capacity  Type
/dev/rad2s1b   524160  124   524036 0%Interleaved
/dev/ad0s1b   1048448  128  1048320 0%Interleaved
Total 1572608  252  1572356 0%
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Server Ident

[Jez Hancock]

On Fri, Aug 08, 2003 at 09:03:14PM +, Dead Line wrote:
> Hello everybody
> 
> 
> I'm on FreeBSD 4.8-R.
> I installed pidentd package from /ports
> and i uncomment the line
> 
> authstream  tcp waitroot/usr/local/sbin/identd  identd -w
> -t120
> 
> But seems its still not working, when i telnet to ip port 113 it doesnot
> accept.
You need to actually have an identd server located at
/usr/local/sbin/identd otherwise this won't work.

I'm using oidentd from the ports which works nicely.

cd /usr/ports/security/oidentd && make clean install

haven't installed it for a while so read the instructions carefully :)

oidentd runs as a standalone daemon so you don't need to worry about
setting it up via inetd.

FWIW my /etc/oidentd.conf looks like:

default {
default {
 deny spoof
 deny spoof_all
 deny spoof_privport
 allow random_numeric
 allow numeric
 allow hide
}
}


-- 
Jez

http://www.munk.nu/
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ports-supfile file problem

[Lowell Gilbert]

John DeStefano <[EMAIL PROTECTED]> writes:

> Thanks Lowell.  Well, your suggestions made sense and at the very least
> have showed me that the host name in the file was wrong... I've now
> changed it to an actual cvsup mirror (cvsup3.FreeBSD.org), and also
> tested the file with and without adding "tag=." after "ports-all".  But
> I'm still getting the same error (Release not specified for collection
> "host=cvsup3.FreeBSD.org").
> Here's the file excluding commented-out lines:
> =
> host=cvsup3.FreeBSD.org

There's your problem.  This line shouldn't be there.  It doesn't start
with *default, so cvsup tries to interpret it (the whole thing) as a
collection name.

> base=/usr
> prefix=/usr

Remove these too.

> *default host=cvsup3.FreeBSD.org
> *default base=/usr
> *default prefix=/usr
> *default release=cvs tag=.
> *default delete use-rel-suffix
> *default compress
> ports-all tag=.
> ==
> These are the times when I feel like doing "rm -rf /"!!  :(

It could be worse:  "user-friendly" software gives *fewer* indications
of the source of a problem...  :-)
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ISPs blocking SMTP connections from dynamic IP address space

[Roger 'Rocky' Vetterberg]

Kevin Stevens wrote:

On Thu, 7 Aug 2003, Roger 'Rocky' Vetterberg wrote:
 

Its still not a reason for allowing relay from dynamic addresses.
All ISP's, or atleast all serious ISP's, provide their customer with a
relaying mailserver. Its a simple task to configure your mailserver to
use your ISP's smtp as smarthost and relay all outgoing email trough
them. I know, I use this setup myself, since just like you I cant afford
"real" connections everywhere but have to rely on cheap DSL or cable.
   

Bullshit.  My ISP's lack of ability to deliver mail reliably is what made
me start my own mail service in the first place.  Nor do I particularly
want to hand them my mail so they can riffle through it at their leisure
rather than having to scan for it on the wire in realtime.
If youre ISP is unable to deliver mail reliably then you should switch 
to another ISP immediatly, imho.
There are way to many ISP's out there that doesnt have a clue what they 
are doing, and the only reason they still exist is that people keep 
using them.
Im not saying you should go with one of the big ones, I hate AOL and MSN 
just as much as any other guy, but there are plenty of ISP's out there 
that Im sure know what they are doing and really care about customer 
service.
And if you dont want people to read your mail, you should use PGP or 
something similar, even if you run your own mailserver.

Today its far to easy to get your email out on the 'net. Even the "high
school dropouts" as you call the spammers can buy a cheap DSL
connection, setup a mailserver and spam like crazy untill the ISP gets
enough complaints to cut them off. When that happens, they get a new
connection and start all over.
As long as we rely on the old and very outdated SMTP protocoll that
powers the net today, precautions will have to be taken very soon, or
email will be useless in a few years.
   

Fine.  Then replace it, or require authentication at receiving points, or
some other solution that directly addresses the problem.  Wholesale
blocking of  types of transport is a crappy solution.  It's unfair, liable
to huge amounts of false positives, and leads directly to the kind of
centralized, locked down Internet that will spell its demise.
KeS
 

Thats easier said then done. You do realize what a monumental task it 
would be to replace SMTP, dont you?
But hey, if you have a plug n' play solution that will just drop in and 
replace SMTP without breaking anything, Im all for it!

I do not agree on your opinion that taking some needed actions will lock 
down the internet and kill it. I think its completely the other way 
around. If we dont do something about spam now, noone will want to be on 
the internet in a few years time. Email will be impossible to use due to 
the signal to noise ratio, www will be cluttered with popups, banners 
and ad's for porn site, and every single file will contian a trojan or worm.

I cant believe I sound like some domesday prophet, Im actually known 
among those who know me as a fanatic advocate of a free internet, but as 
I see it the internet is slowly selfdestructing. Its no longer a 
creation of research and educational needs, its being used for pure 
profit and the dream of making fast and easy money. And I dont like that.

--
R
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: 5.1 & Compaq Smart Array

[Warner Joseph]

I think it's already disabled or won't work at all on this server.
 
I can't remember if I said this before but when I boot the mini-install
CD on the server option #2 says "Boot with ACPI enabled" and when
I boot on a regular PC that already has 5.1 installed it says "Boot with
ACPI disabled" so I don't think 5.1 is going to work on a Compaq 
Proliant 2500.  
 
I looked over here:
 
http://prioris.mini.pw.edu.pl/~gregory/FreeBSD/hpi386.html
 
 
..and noticed there is only one config listed for someone running FreeBSD
on a 2500 and they're running 4.7 -STABLE, not 5.1
 
I need to run this in a production environment so 5.1 may not be a good
choice.  It's too bad because I'd like more time to tinker with this to see
if I could get 5.1 loaded and running but I'm running out of time.
 
Thanks
 
Joe
 

-Original Message-
From: Raphaël Marmier [mailto:[EMAIL PROTECTED]
Sent: Friday, August 08, 2003 2:53 PM
To: Warner Joseph
Cc: '[EMAIL PROTECTED]'
Subject: Re: 5.1 & Compaq Smart Array



I guess that's what you are looking for: 


hint.acpi.0.disabled=1 # disable ACPI (i386 only) 

in 

http://www.FreeBSD.org/releases/5.1R/errata.html 


I suppose it has to be put in /etc/sysctl.conf, but I'm not sure... 


Raphaël 


Le Vendredi, 8 aoû 2003, à 15:18 Europe/Zurich, Warner Joseph a écrit : 



How difficult would it be to upgrade from 4.8 to 5.x ? 


I've got to get this server going ASAP but I'd also like 

to be able to upgrade to the 5.x series, especially when 

5.2 comes out. 


There should be a way to disable ACPI during boot up. I 

could have sworn that during previous installs of 5.1 the 

menu option said "Boot FreeBSD with ACPI disabled" but when 

I boot the server it says "Boot FreeBSD with ACPI enabled" 

 



-Original Message- 

From: Raphaël Marmier [mailto:[EMAIL PROTECTED] 

Sent: Thursday, August 07, 2003 5:26 PM 

To: Warner Joseph 

Cc: '[EMAIL PROTECTED]' 

Subject: Re: 5.1 & Compaq Smart Array 



I'll give a try on a Smart Array 532 with FBSD 5.1 as soon as I can 

(days or weeks). It is working fine with 4.8 now. 


Raphael 


Le Jeudi, 7 aoû 2003, à 23:44 Europe/Zurich, Warner Joseph a écrit : 


-Original Message- 

From: Raphaël Marmier [mailto:[EMAIL PROTECTED] 

Sent: Thursday, August 07, 2003 2:55 PM 

To: Warner Joseph 

Cc: '[EMAIL PROTECTED]' 

Subject: Re: 5.1 & Compaq Smart Array 



RAIDFrame is software raid so it doesn't matter here. You should check 

wether your Smart Array is properly supported, first, a good place to 

start: http://people.freebsd.org/~msmith/RAID/. 


It looks like it is. Mine is a Compaq Smart-2SL Array Controller 


Then maybe try to disable APIC at boot (??), as this is known to cause 

problems. 


I don't have that option, the option menu has an option to "Enable" 

APIC support not disable it. I'm using the 5.1 -RELEASE mini-install 

CD. 



But first, go to the BIOS on the server and make sure it is 

preset either for Linux OS or for "Other". 


Right, I used the Compaq Setup CD, blew away my old FreeBSD 4.6 

configuration, 

set up a new one including a new array (I added an extra drive), chose 

"Other OS" during the manual install and rebooted to install the new 

OS. 




Then maybe make sure your 

raid volume(s) is configured with Compaq tools before attempting to 

install FreeBSD. 


FWIW - I had it running on 4.6 -STABLE just fine before this. 


hope this helps 


Raphael 


Le Jeudi, 7 aoû 2003, à 20:16 Europe/Zurich, Warner Joseph a écrit : 



Hi, 


I'm trying to install FreeBSD 5.1 -RELEASE on our 

Compaq Proliant 2500 server with (4) 9.1G hard drives 

using Raid5 and the install hangs at: 


/stand/sysinstall running as init on vty0 


Is this because of: 


"The RAIDframe disk driver described in raid(4) is non-functional for 

this 

release." 


..from the errata? 


I tried to search the archives but got an error saying they 

aren't available right now. 


Thanks 


Joe 


-- 

- 

 

This message and any included attachments are from Siemens Medical 

Solutions 

USA, Inc. and are intended only for the addressee(s). 

The information contained herein may include trade secrets or 

privileged or 

otherwise confidential information. Unauthorized review, forwarding, 

printing, 

copying, distributing, or using such information is strictly 

prohibited and may 

be unlawful. If you received this message in error, or have reason to 

believe 

you are not authorized to receive it, please promptly delete this 

message and 

notify the sender by e-mail with a copy to [EMAIL PROTECTED] Thank 

you 

___ 

[EMAIL PROTECTED] mailing list 

http://lists.freebsd.org/mailman/listinfo/freebsd-questions 

To unsubscribe, send any mail to 

"[EMAIL PROTECTED]" 


--

Re: Question concerning dual-NIC configuration

[Kenneth Culver]

> why would ya want to route lo1 127.0.0.1 to a 192.x.x. address ???
> seems to me that there are to many system side processes that listen or
> ocmmunicate thru that...giving access or routing that traffic to a
> internal address ...doesnt seem to smart to me.

This is basically what I just said.

Ken
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: A queston on default sysctl settings.

[Lowell Gilbert]

Chris <[EMAIL PROTECTED]> writes:

>   Can someone tell me if there is a adverse effect in  setting: 
> net.inet.ip.rtexpire from 3600 to say 5
> 
> And the same with net.inet.ip.rtminexpire fro 10 to say 2 ?
> 
> This would be on an ADSL wire.

You don't want to drop it more than necessary, because otherwise minor
problems will start causing connection establishment to fail.  If
you're having a real problem with packet-spoofing attacks, then I'd
recommend keeping an eye on how low the kernel drops the rtexpire
value, and reduce the default value to just a bit more than that.  If
you're not having problems with such attacks, then there's no real
benefit to making these changes in the first place.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ATAPI identify retries exceeded (amended)

[Kris Kennaway]

On Wed, Aug 06, 2003 at 04:11:11PM -0700, Brad Musil wrote:

> OK!... we are out of ideas over here... so ball over to you guys for the
> experts advice on what to do next.  Once again... Thanks

See my response to the last time you posted this ;-)

Kris


pgp0.pgp
Description: PGP signature

Re: recommended book/guide for /bin/sh shell programming

[burningclown]

may have already been mentioned,

Bruce Blinn, Portable Shell Programming: An Extensive Collection of 
Bourne Shell Examples

good stuff

-glenn becker

On 6 Aug 2003, Marvin J. Kosmal wrote:

> On Wed, 2003-08-06 at 14:21, Dave [Hawk-Systems] wrote:
> > For multiple reasons I am moving away from doing everything in perl/php for
> > server based tasks. Made sense at the time to do everything in the language we
> > used for the web as well, but am finding I do less web work and more server
> > admin work as time progreses, and there are some significant hits to loading
> > perl or php each time I want to move files and do other such tasks. As such I am
> > finding more and more tasks being performed in plain ol shell scripting, thousgh
> > this is still a hunt and peck type of operation fr the appropriate commands
> > etc...
> > 
> > As such, am looking for recommendations for a good guide/book or two for shell
> > programming, but most of the books seem to be specific to bash, tcsh, ksh,
> > etc... Given that there is a seperate bash shell port available, I would assume
> > that /bin/sh != bash.  I would prefer to use plain ol /bin/sh since most of the
> > core scripts scattered through the stable installs we have use it.
> > 
> > Sugestions? Amazon links?
> > 
> > Thanks
> > 
> > Dave
> > 
> 
> 
> 
> 
> 
> 
> 
> Linux and Unix Shell Programming by David Tansley
> 
> ISBN  0-201-67472-6
> 
> Published by Addison-Wesley
> 
> Great book
> 
> 
> 
> 
> Cheers
> 
> 
> 
> 
> 
> > 
> > ___
> > [EMAIL PROTECTED] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> > 
> 

-- 
+-+
There are no motionless targets
+-+

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD programming question

[J. Seth Henry]

That looks exactly like what I want. I need to resume programming on
either serial activity and at periodic intervals. Eventually, I plan to
toss networking into the mix, and this program will function as a
daemon, but I'm relatively new to programming for *nix (though not new
to programming in general), so I'm going to steer clear of that until I
get the basic IO working.

I've already written, and for the most part debugged, my configuration
file parser, and this was the next step. :)

When I finish, I want to be able to check the status, and control, the
HVAC system from any terminal on the network. 

Thanks again  for the help,
Seth Henry

On Wed, 2003-08-06 at 13:43, Michael Conlen wrote:
> select() should work for you, similar to trigering an interrupt. Instead 
> of triggering an ISR select() will sleep until there's an event on the 
> file descriptors. So you open() the device for the serial port and 
> select() on it. When you return from select() the return value will tell 
> you why you returned and you handle the situation similar to programing 
> for the 8250 (read from the port to see which event).
> 
> In any case, you can select() on the file descriptors for the standard 
> input and the serial port, though remember that STDIN uses buffered IO 
> and open() will return an unbuffered file descriptor, which is what 
> select() uses, so you need to find the unbuffered file descriptor for 
> the stadard IO, which is either 0, 1 or 2, but I forget which on FreeBSD 
> (I've been doing network daemons to much lately).
> 
> In any case, you create an FD_SET
> 
> fd_set mySet;
> FD_ZERO(&mySet);
> FD_SET(fd, &mySet);
> 
> where fd is the file descriptor returned from open, or the file 
> descriptor for the standard input.
> 
> Use the set as a read set with select along iwth a timeout. struct 
> timeval is
> 
> struct timeval {
> longtv_sec; /* seconds */
> longtv_usec;/* and microseconds */
> };
> 
> if the pointer to the struct timeval is NULL then it waits forever. (or 
> until a signal causes an exit).
> 
> (Note, usleep() is often implemented using select on no file descriptors 
> and a timeval).
> 
> int rc;
> struct timeval myTimeout;
> rc = select(2, &mySet, NULL, NULL, &myTimeout);
> 
> This call will return when either timeval is up or there's data to read 
> on your file descriptors. Be sure to check errno if select returns -1. 
> When select returns the fd_set will be set to the descriptors that are 
> actionable. Use FD_ISSET(fd, &mySet) to see if that file descriptor is 
> waiting to be actioned on (read, write, or other) until you've found all 
> the ones that are ready (the number returned by select()) and do your thing.
> 
> There's a really great book called "Advanced Programing in the UNIX 
> environment" and it will show you all the system calls you ever needed 
> to know to work with UNIX, though it's light on the concurrency issues, 
> but it doesn't sound like your writing multithreaded memory shared 
> programs so it's no worry.
> 
> I haven't really looked at the sio driver, but I doubt it, it still 
> works with the 8250, which only had one IO address (tell it what you 
> want to do, read the result, tell it what you want to do, send it info, 
> tell it what you want to know, read the info it has... ...programing was 
> much more fun back then).
> 
> 
> 
> 
> J. Seth Henry wrote:
> 
> >It appears that my experience on microcontrollers is throwing me off.
> >I'm used to having a touch more control at the hardware level.
> >
> >It sounds like I would be best served by setting up a loop that sleeps
> >for a certain number of milliseconds, and then looks for new data in the
> >serial port buffers. Knowing the amount of time per loop, I could handle
> >the periodic data polling as well. My largest concern was in creating a
> >CPU hog. I don't want to slow the system down by constantly accessing
> >the serial port.
> >
> >It occurred to me that I may be able to deal with this another way. I
> >can poll the thermostat for MOST things, only the user interface
> >requires fairly speedy interactions. I can simply listen for the "ENTER"
> >button, and then increase the polling rate until the UI exits.
> >
> >As it were, I'm poking around in the ports to see how other programs
> >have dealt with this.
> >
> >Just out of curiousity, since I can check the driver source, does the
> >sio driver add any additional buffering, or does it simply read the
> >16byte FIFO on the serial port? Most of the messages I am expecting
> >should fit in that FIFO anyway.
> >
> >Thanks,
> >Seth Henry
> >
> >On Wed, 2003-08-06 at 09:58, Malcolm Kay wrote:
> >  
> >
> >>On Wed, 6 Aug 2003 07:00, J. Seth Henry wrote:
> >>
> >>
> >>>Not sure if this is the right list or not, but I could really use some
> >>>pointers.
> >>>
> >>>How can I code trap serial port interrupts in my C program?
> >>>
> >>>  
> >>>
> >>For any modern hosted system interrupt trapping and se

Re: Well, we're getting closer. Still having issuesinstalling BitTorrent.

[Dragoncrest]

Nobody has an answer for this?

At 12:20 PM 8/4/03 -0400, Dragoncrest wrote:
Ok, first off I want to send out thanks to whoever submitted the bug
report on the python numeric port issue.  Problem is, we've got a new
one.  When building for BitTorrent it looks for the port
"py23-imaging-1.1.3" and tries to install it, but instead gets this:
===>  Building for py23-imaging-1.1.3
`Makefile' is up to date.
cc -fPIC -O -pipe  -I/usr/local/include/python2.3
-I/usr/local/include/python2.3 @DEFS@   -IlibImaging
-I/usr/local/include -c ././_imaging.c -o ./_imaging.o
cc: cannot specify -o with -c or -S and multiple compilations
*** Error code 1
Anyone know if this is another bug issue needing to be reported or is
this something that I can fix on my end?
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

kernel-building error

[mess-mate]

Hi,
An error occurs when building my kernel :(
What does this mean ?? :

linking kernel
umass.o: In function `umass_cam_attach_sim':
umass.o(.text+0x17c7): undefined reference to `cam_simq_alloc'
umass.o(.text+0x1818): undefined reference to `cam_sim_alloc'
umass.o(.text+0x1827): undefined reference to `cam_simq_free'
umass.o(.text+0x1847): undefined reference to `xpt_bus_register'
umass.o: In function `umass_cam_rescan_callback':
umass.o(.text+0x1883): undefined reference to `xpt_free_path'
umass.o: In function `umass_cam_rescan':
umass.o(.text+0x18f5): undefined reference to `xpt_periph'
umass.o(.text+0x1904): undefined reference to `xpt_create_path'
umass.o(.text+0x1920): undefined reference to `xpt_setup_ccb'
umass.o(.text+0x193d): undefined reference to `xpt_action'
umass.o: In function `umass_cam_detach_sim':
umass.o(.text+0x1a2c): undefined reference to `xpt_bus_deregister'
umass.o(.text+0x1a48): undefined reference to `cam_sim_free'
umass.o: In function `umass_cam_action':
umass.o(.text+0x1ebd): undefined reference to `xpt_done'
umass.o: In function `umass_cam_cb':
umass.o(.text+0x202b): undefined reference to `xpt_done'
umass.o: In function `umass_cam_sense_cb':
umass.o(.text+0x2191): undefined reference to `xpt_done'
umass.o: In function `umass_cam_quirk_cb':
umass.o(.text+0x21bb): undefined reference to `xpt_done'
*** Error code 1

Thanks for your help.
mess-mate

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: are all dsl modems the same?

[Mykroft Holmes IV]

David Banning wrote:

I am looking at buying a dsl modem used but I am not aware of
the differences from one to the next. I am using a G-net which seems
to work fine, and I used a Nortel Networks one when I was with another
DSL supplier. 

Is the operation of most DSL modems the same, and if so, can a
specific DSL modem used with one DSL service supplier be used with
another DSL service supplier?
No, they aren't. There are several different ways to deliver DSL service 
(Even with the same form of xDSL), and therefore you will need to ensure 
that your DSL modem is compatible for the local ILEC's gear (Which is 
what determines compatibility, not your ISP's gear, as your ILEC, not 
necessarily the ISP, provides the DSLAM which the DSL circuit temrinates on)

Adam

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Quick and dirty FreeBSD 5.x and nss_ldap mini-HOWTO

[Clement Laforet]

Hi,

Here's a really mini HOWTO to get nss_ldap works on FreeBSD 5.x, this is a
follow up of a previous discussion on [EMAIL PROTECTED]

http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html

Any feedback, ideas, suggestions, patches, insults are welcome.

regards

clem
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ISPs blocking SMTP connections from dynamic IP address space

[Mykroft Holmes IV]

Interspersed

Mark wrote:

- Original Message - 
From: "Lucas Holt" <[EMAIL PROTECTED]>
To: "Doug Poland" <[EMAIL PROTECTED]>
Cc: "Nicole" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, August 06, 2003 10:24 PM
Subject: Re: ISPs blocking SMTP connections from dynamic IP address space


You guys need to rethink this thing. Reverse DNS checks are ok, but
ip blocking for legitimate servers is silly.


I agree. You guys really need to rethink this. My turn to vent. :)

For starters, what is "dynamic IP address space" anyway? You would think
dialup-accounts or, at the very least, accounts that get their IP address
assigned from a dynamic IP address pool. Yet, reading this thread, "dynamic
IP address space" basically seems to mean: everyone who is not a major ISP.
There are many things wrong with that simplistic reasoning.
Dynamic IP space is netblocks which the ISP controlling them has marked 
as part of it's dynamic IP pool. In fact 90% of Dynamic space is major 
ISP's(Dialup blocks, DSL and cable modems). Very few small ISP's tag 
their DHCP pools as dynamic.


For one, just because whois.arin.net says a netblock is a "dynamic" address
pool, does not mean IP addresses assigned to customers are, de facto,
dynamic. In fact, especially with high-speed DSL accounts, ere the opposite
is true: people get assigned what to them, and to the world at large, for
all purposes and intent, is a static IP address. In exchange for money,
their ISP has grants them the exclusive use of a fixed IP address. They
register domain names on that IP address, and continue to use that one,
unchanging IP address for all interactions with the world. Literally
thousands of legitimate servers across the world run on such a (set of)
static IP address(es), regardless of what their netblock, high up in the
ARIN, or kindred, hierarchy is marked down as.
Just because you have a highspeed connection with a stable or static IP 
doesn't mean it's not dynamic. Dynamic simply means assigned by DHCP or 
RADIUS (For dialup and some DSL). If you're in this space you should be 
relaying through your ISP's mailserver. 90% of people in this space are 
precluded from running server daemons by their AUP anyways.

When you force all people to use their ISP's smtp server(s), you funnel, as
it were, a great number of clients through a single pinhole. Should that one
pinhole become blacklisted/blocked, then suddenly thousands of people, en
masse, can no longer send mail. Is that likely to occur? Yes. Because spam
will also be sent through that same pinhole. AOL will likely cancel the
account of the spammer; but spam will nonetheless have been sent through
that one pinhole. And then what? Then you are faced with an uncomfortable
choice: either I block the AOL smtp servers altogether, or I let them
through entirely. What you have lost then, in effect, is the ability to
discriminate. So, what then? You will whitelist the AOL smtp servers? That
would be stupid. :) Because if there is only one pinhole, whitelisting that
one pinhole is tantamount to giving all spammers a huge "passpartout". And
since, by your own act of narrow-sightedness, you have chosen to only deal
with that one pinhole, you can no longer tell chaff from grain. Way to go,
Einstein!
Never read a header? Most of that so called 'Hotmail' or 'AOL' spam 
doesn't come from either, it either comes from overseas or that 
'Dynamic' space you're defending (How much spam comes from IP's that 
reverse to UUNET RAS Servers? A damned lot, although not usually from 
actuall UUNET customers, but rather a 3rd party customer on a free or 
one-shot account). Blackholing AOL or Hotmail isn't going to appreciably 
affect your receipt of spam, since so little spam actually originates there.


Perhaps the greatest fallacy of em all: the ludicrous assumption that large
ISP's do not spam. :) The largest sources of spam, their hypocrisy despite,
are precisely those big ISP's, like AOL and hotmail, to whom you can write
until you see blue in the face, but who do not give a damn, because they are
big and know it.
The Dynamic space we're talking usually comes from Big ISP's. Small 
ISP's don't tag space as dynamic.

Do not be lazy; because you are. :) I know, I have been tempted too, many
times, to just block hotmail altogether, and so reduce 70% of all spam. Yet,
that would be laziness, really.
No, it simply won't work. Maybe it would have in 1998, but Hotmail 
doesn't originate much spam anymore, even if the header is forged to 
indicate it came from hotmail.

Taking the easy route, like blocking all
what you think is "dynamic" address space, is really just laziness on your
part. It is you saying: "I can no longer be bothered to figure out who is
legit and who is not, so I will just block everything." That is bad
administration. Crying, "But SOMETHING needs to be done about spam,
therefore I am right," is not a valid argument either. :) Sure, SOMETHING
needs to be done about spam. But blocking thousands o

Re: What ports need to be open on a firewall to allow cvsup?

[Jason Stewart]

stan wrote:

The company I work for is implementing a new firewall, and there is some
posibilty I might be able to get the apropriate ports to cvsup my FreeBSD
machines open.
Assuming pasive mode cvsup, what ports would I need open?

 

~$grep cvsup /etc/services
cvsup   5999/tcpCVSup   # CVSup file 
transfer/John Polstra/FreeBSD
cvsup   5999/udpCVSup   # CVSup file 
transfer/John Polstra/FreeBSD

You need these ports for outgoing. If you keep state on your 
connections, you don't have to use passive cvsup, but if you need it or 
want it for some reason, you'll have to pick a port range for incoming 
passive connections and specify those ports with -P in the cvsup args. 
See cvsup (1) for more details.

Good Luck,
Jason
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Hard drive performance question

[Jason Lieurance]

Hello,

Ok, I guess I thought 14 was high but it's ok then? I'm not sure what is acceptible
but I guess sometimes I thought it would go down instead of always being constant.
So I assumed(ignorantly) that there is a disk i/o problem.

-- 
Jason

Dan Nelson said:
> In the last episode (Aug 05), Jason Lieurance said:
>> I have FreeBSD 4.7 server running a qmail-imap-squirrelmail email server and a
>> apache 1.3.27 web server hosting 6 virtual domains that don't get a lot of
>> traffic.
>>
>> Hardware is:
>>
>> P3 933MHz CPU
>> 512 DDR ram
>> Fujitsu MAN3184MP 18.2 GB U160 10K rpm 8MB buffer 2.9 ms access Hard drive
>> Adaptec 29160LP U160 SCSI controller
>>
>> When I run vmstat, I get:
>>
>> procs  memory  pagedisks faults  CPU
>>  r b w avmfre  flt  re  pi  po  fr  sr da0 md0   in   sy  cs us sy id 0
>> 14 0  184016  40900   26   0   0   0  31   0   0   0  245  839  28  1  1 98 0
>> 14 0   86940  408967   0   0   0  15   0  12   0  242  115  21  0  0 99 0
>> 14 0   81460  408966   0   0   0  12   0  10   0  239   98  18  0  0 100 0
>> 14 0   85172  408967   0   0   0  15   0  14   0  243  116  21  0  1 99 0
>> 14 0  190092  40896   32   0   0   0  37   0  10   0  250  220  35  0  0 100
>>
>> I've read this is a disk access problem where process are waiting on the disk.
>> As you can see this is a constant but I thought the disk system I have was
>> sufficient. Any thoughts, analysis, or other is appreciated, thanks.
>
> I see only 10-15 I/Os per second on your disk, which would overload a floppy drive
> but nothing else.  What problem specifically are you
> trying to fix?
>
> --
>   Dan Nelson
>   [EMAIL PROTECTED]
> ___
> [EMAIL PROTECTED] mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"



___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: qmail +smtp authentication ?

[Derrick Ryalls]

On Wed, 2003-08-06 at 10:06, Darryl Hoar wrote:
> Greetings,
> I want to setup a personal email server for my domain
> on my frebsd 4.7S box.  I've heard great things about
> qmail.  This lead me to wonder about smtp authentication
> with qmail as I think that would eliminate the open relay
> problem.
> 
> is smtp authentication possible with qmail ?
> 

http://www.cuni.cz/~vhor/qmail/smtpauth-en.html

This is what I used to get it working.  It works just fine for the most
part using login auth.  The only problem I have it that on each email
that is sent, qmail-smtpd exits abnormally.  Nothing is destabilized,
but if you ever figure it out, send me a line (if you use this).

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: realtek ACL650 driver

[Vulpes Velox]

On 6 Aug 2003 13:41:02 -
[EMAIL PROTECTED] () wrote:

> 
> Hi, I've downloaded realtek ACL650 driver for linux from realtek web site.
> When i try to install it i get an error because driver not found kernel
> directory. In the "configure" process there is an option that set kernel
> directory... which directory should I give to it? Thank you

The linux compat is only for binaries. It does not work with kernel modules.

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

[no subject]

[Cavallini David]

Recently I've installed the GCC-3.2.3 in the version 5.1.
When I run the gcj32 command form the bash shell it return the following 
error message

/usr/libexec/ld-elf.so.1: Shared object "libc.so.4" not found

Probably a C library is missing but I don't known I do not know which it 
could be.
The installation of the package with the command pkg_add is Ok, no errors 
messages returns.

Cavallini David

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ppp woes!!

[Jon-Eirik Pettersen]

On Wed, 2003-08-06 at 13:36, Jiger Java wrote:
> Hi FreeBSD Gurus and users,
> This is my first mail to the list and am a complete stranger to FreeBSD 
> so forgive my newbie question. I have just taken the bold step towards 
> installing FreeBSD on my machine. I have 1.7GHZ Pentium with 512 MB RAM, 
> NVidia TNT2. I did a default install with no kernel customisation etc.
> Now I am trying to connect to Internet. Since it is still time for me to 
> growup to console mode connecting, I start KDE and use KPPP to connect to 
> the internet. BUT.
> PPP dies unexpectedly as soon as I type in a URL in say Konqueror. 
> Sometimes it dies in a second of connecting. It exists with error code 1. 
> Then after some thought, I finally made /etc/resolv.conf since it used to 
> give me this warning when I stat kppp. This file is currently empty.
>Now PPP "seems to" connect but still  it is not confirmed but it did not 
> exit after I created this file. BUT when I type in any url in browser, it 
> simplly say Host not found etc. Why?
> Also how do I enable "Get DNS Server Automatically" as in Windows. Please 
> help me I am really stuck.
> 
> Awaiting your replies,
> Jiger

Are you running KDE as root?

You can add DNS-servers manually to /etc/resolv.conf like:
nameserver 62.101.193.44
nameserver 217.118.32.13

Try this if you dont get KPPP to work:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/userppp.html

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ISPs blocking SMTP connections from dynamic IP address space

[Lucas Holt]

I think we need software that blocks spam out of the box.

Server Side:
I've found that most of my time is spent installing addons for sendmail 
to do virus scanning and spam prevention.  Why don't mail servers have 
spam assassin, black lists, etc. enabled and installed with a base set 
of rules to prevent spam?  Every  release of the software would also 
need to include new rules, but your ip list solution needs updating all 
the time too.

Client Side:  email clients all need spam and virus filters.  Many have 
them now, but there should be a central filter database for clients 
too.  I wouldn't get these stupid worms all the time if they were 
deleted.. most of them have the same subject.. simple pattern matching. 
 I often find myself creating filters to delete them myself.I 
switched to apple mail from Netscape 7 to get spam filtering in january 
client side.

I do understand the counter argument about blocking ips.. but i think 
thats frustration talking.  Even if ip blocking is an improvement, it 
won't stop spam.

Today its far to easy to get your email out on the 'net. Even the 
"high school dropouts" as you call the spammers can buy a cheap DSL 
connection, setup a mailserver and spam like crazy untill the ISP gets 
enough complaints to cut them off. When that happens, they get a new 
connection and start all over.

As long as we rely on the old and very outdated SMTP protocoll that 
powers the net today, precautions will have to be taken very soon, or 
email will be useless in a few years.

--
R

Lucas Holt
[EMAIL PROTECTED]

FoolishGames.com  (Jewel Fan Site)
JustJournal.com (Free blogging)
"Only two things are infinite, the universe and human stupidity, and 
I'm not sure about the former."
- Albert Einstein (1879-1955)

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

ATAPI identify retries exceeded (amended)

[Brad Musil]

I am attempting to install BSD 5.0 on the second hard drive in this
machine.  It is a 2.8 P4 with 1 GIG of memory.  The CD drive is an
OPTORITE CD-RW CW480, and the hard drives are IDE 74.5 gig.  Here is the
problem:

I insert the 5.0 cd in the drive and have the machine set to boot from
the cd first... but as the process starts and everything is loading the
machine HALTS with the error:

ata1-slave: ATAPI identify retries exceeded
ad0: READ command timeout  TAG=0  SERV =0 -resetting
ata0: resetting devices..

EVERYTHING HALTS at this point and won't move forward.

The machine functions as it should under Windows XP Professional
operating system that is installed on the first hard drive... including
the CD drive.

What is going on here??...  and how can I get this thing to continue to
read the cd when attempting to install FreeBSD 5.0
I've heard the processor is 'too fast' and/or the CD is too fast... so
which is it? and is there a 'cure' or patch or some type of 'trick' to
getting this process to continue to completion?  Thanks in advance...

MyBest,
Brad

ps: we have already attmepted to resolve the issue by doing the
following:
interrupt the boot process and enter these three lines:
set hw.ata.ata_dma="1"
set hw.ata.atapi_dma="1"
boot
THIS DIDN'T WORK

we then tried:
set hint.acpi.0.disabled="1"
THIS DIDN'T WORK EITHER

then we attempted to use both of the above together and...
THIS DIDN'T WORK EITHER (TOO) ;-)

OK!... we are out of ideas over here... so ball over to you guys for the
experts advice on what to do next.  Once again... Thanks

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Question re. hard read errors

[Richard Johnson]

I have a 1.5Gb file stored on a FreeBSD 4.8 disk drive and the system 
is giving me hard read errors when I try reading it.  It appears as 
though this disk has a few bad blocks. :(   Unfortunately, it's a 
compressed tar file and I (stupidly!) erased the file from the original 
computer before untar'ing it here and finding the errors!  I'd like to 
recover as much as possible of this file before writing off the entire 
thing.

I looked at /usr/src/sys/dev/ata/ata-disk.c and found the retry count 
was set to 3.  I changed it to 10.  After the first error (which is, 
indeed, reported 10 times) the system reports that it's going into PIO 
mode and I still hear the same amount of hammering on the drive after 
that and only one error message produced.

Is there some way I can force the system to retry 10 or more times for 
each and every block?  Maybe there's some other utility I can use which 
tries harder to read the blocks?

ANY pointers to information would be greatly appreciated.

/raj

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Vinum on an existing system

[Greg 'groggy' Lehey]

On Thursday,  7 August 2003 at 11:12:02 -0700, Hank Wethington wrote:
> Greetings!
>
> I have recently taken over a machine (FreeBSD 4.8-STABLE 7/31/03) that
> is a mail server (qmail, imap, apache2, pop3, etc) and due to the
> companies relience upon the machine, want to use vinum to mirror the
> drive.
>
> I've been reading the vinim information and a great site about setting
> it up. However, one question remains. It seems as though it should have
> been setup from them start. Can an existing installation be converted to
> vinum withouth reinstalling everything or should I just setup a cron job
> to dump the drive contents to the other dirve. Both drives are IDE 40GB.
> Here is the df on the main drive, as the second one hasn't even been
> formatted.

If you have a spare drive, the obvious thing to do is to migrate the
entire installation to that drive.  In this case you just need to
create Vinum volumes of the appropriate size, then copy.  Make sure to
put a bootstrap on the drive (disklabel -B).  When that's up and
running, you can repartition the original drive and do whatever you
want with it.

> Filesystem  1K-blocksUsedAvail Capacity  Mounted on
> /dev/ad0s1a   7225214 2207318  443988033%/
> /dev/ad0s1f  14985070 268 13785998 0%/usr/home
> /dev/ad0s1e  15483630   33702 14211238 0%/var
> procfs  4   40   100%/proc
> Swap is 768mb

In this case, the output of disklabel would be more use.  I'd expect
to see something like this:

8 partitions:
#size   offsetfstype   [fsize bsize bps/cpg]
  a:  838860804.2BSD 2048 1638489   # (Cyl.0 - 3328*)
  b:  1048576  8388608  swap# (Cyl. 3328*- 3744*)
  c: 267120000unused0 0 # (Cyl.0 - 10599)
  e: 17274816  94371844.2BSD 2048 1638489   # (Cyl. 3744*- 10599*)

This gives the positions of the partitions as well as their size.

Greg
--
When replying to this message, please copy the original recipients.
If you don't, I may ignore the reply or reply to the original recipients.
For more information, see http://www.lemis.com/questions.html
See complete headers for address and phone numbers


pgp0.pgp
Description: PGP signature

Re: Question re. hard read errors

[Raphaël Marmier]

Try using dd to grab all possible bits of that file:
/bin/sh
dd if=/path/tothe/file of=/path/to/newfile conv=sync,noerror >ddlog.txt 
2>&1

you get the log of all errors and faulty blocks in ddlog.txt

This will make a copy of the file with unreadable blocks converted to 
blank. Then you should fix the compresssed archive with the proper 
utility (although I don't know exactly how), then you should be able to 
untar it. Maybe the information on which files where lost will even be 
available.

If it turns out you didn't loose that much, it will spare you the 
effort to read the disk harder. In case you really lost damn imporant 
stuff, you can send the disk to a data recovery company, but it costs 
$$...

Hope this helps

Raphael

Le Vendredi, 8 aoû 2003, à 01:33 Europe/Zurich, Richard Johnson a écrit 
:

I have a 1.5Gb file stored on a FreeBSD 4.8 disk drive and the system 
is giving me hard read errors when I try reading it.  It appears as 
though this disk has a few bad blocks. :(   Unfortunately, it's a 
compressed tar file and I (stupidly!) erased the file from the 
original computer before untar'ing it here and finding the errors!  
I'd like to recover as much as possible of this file before writing 
off the entire thing.

I looked at /usr/src/sys/dev/ata/ata-disk.c and found the retry count 
was set to 3.  I changed it to 10.  After the first error (which is, 
indeed, reported 10 times) the system reports that it's going into PIO 
mode and I still hear the same amount of hammering on the drive after 
that and only one error message produced.

Is there some way I can force the system to retry 10 or more times for 
each and every block?  Maybe there's some other utility I can use 
which tries harder to read the blocks?

ANY pointers to information would be greatly appreciated.

/raj

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

A queston on default sysctl settings.

[Chris]

Hiya folks -

Can someone tell me if there is a adverse effect in  setting: 
net.inet.ip.rtexpire from 3600 to say 5

And the same with net.inet.ip.rtminexpire fro 10 to say 2 ?

This would be on an ADSL wire.

Thanks in advance.
-- 

Best regards,
 Chris
__

PGP Fingerprint = D976 2575 D0B4 E4B0 45CC AA09 0F93 FF80 C01B C363

PGP Mail encouraged / preferred - keys available on common key servers
__
   01010010011101100011011001010111001001011000


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: NATD and PPP problem

[Jacob Vennervald Madsen]

Hi

Thanks a lot!
The natd_flag="-dynamic" worked. Aparently the pppoe interface tun0
wasn't active yet when natd was started so it couldn't find the
interface.

Cheers,
Jacob Vennervald

On Wed, 2003-08-06 at 00:06, Francesco Casadei wrote:
> On Tue, Aug 05, 2003 at 05:02:50PM +0200, Jacob Vennervald wrote:
> > Hi
> > 
> > I've installed a FreeBSD 4.8 machine, which I wanna use as a 
> > NAT/Router/Firewall.
> > I have setup the pppoe connection which works perfectly and then I've 
> > tried to setup the machine as a NAT Router by setting the following in 
> > the rc.conf:
> > firewall_enable="YES"
> > firewall_type="open"
> > natd_enable="YES"
> > natd_interface="tun0"
> > But when I restart the machine it gives me the following error:
> > "Firewall rules loaded, starting divert daemons: natdnatd: tun0: cannot 
> > get interface address"
> > 
> > When I log in and type "ifconfig" I can also see that the tun0 interface 
> > doesn't exist, but when I turn off the two natd settings in rc.conf and 
> > reboot it does exist.
> > 
> > Can anybody help?
> > 
> > Cheers,
> > Jacob Vennervald
> > 
> > ___
> > [EMAIL PROTECTED] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> > end of the original message
> 
> Use the -dynamic flag if the tun0 interface is not configured when natd
> starts up. From natd(8) manpage:
> 
> [...]
>  -dynamic
>  If the -n or -interface option is used, natd will monitor the
>  routing socket for alterations to the interface passed.  If
>  the interface's IP number is changed, natd will dynamically
>  alter its concept of the alias address.
> [...]
> 
> Add the following line to /etc/rc.conf:
> 
> natd_flags="-dynamic"
> 
> Even if you solved the problem, you may also want to try this solution.
> 
>   Francesco Casadei
> -- 
> You can download my public key from http://digilander.libero.it/fcasadei/
> or retrieve it from a keyserver (pgpkeys.mit.edu, wwwkeys.pgp.net, ...)
> 
> Key fingerprint is: 1671 9A23 ACB4 520A E7EE  00B0 7EC3 375F 164E B17B
> 
-- 
Venlig hilsen / Best regards,
Jacob Vennervald
System Developer
Proventum Solutions ApS
Tuborg Boulevard 12
2900 Hellerup
Denmark
Phone:  +45 36 94 41 66
Mobile: +45 61 68 58 51


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

SMP Supported Hardware Question

[Scott Ballantyne]

Hello All,

I am interested in playing with SMP and am curious if there is anyone
out there using the following combo with success:

Athlon AMSN2400Box

Gigabyte: GA-7DPXDW

I plan on using 4.8 for the moment.

Thanks in advance and please pardon the newbie nature of this
question.

Scott
-- 
[EMAIL PROTECTED]


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

cups configuration

[mess-mate]

Hi list,
how can I configure cups as my favorite printer system ?
thanks
mess-mate
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"