Re: FreeBSD Ports vs. Gentoo Portage (a matter of concept)

[martinko]

On Tue, 7 Feb 2006 17:10:26 -0500, Parv wrote
> in message <[EMAIL PROTECTED]>, wrote martinko thusly...
> >
> > Norberto Meijome wrote:
> > > Hans Nieser wrote:
> > > 
> > >>FreeBSD Prospect wrote:
> ...
> > >>What I am especially fond of in portage is the USE-flags and the
> > >>way you can specify then globally and individually for each
> > >>package and how you can get a nice, short overview of which
> > >>USE-flags a package uses and which of them are enabled with
> > >>"emerge -pv port".
> ...
> > there are global USE-flags in FreeBSD too and you also can
> > configure ports individually, but i'd agree that Gentoo way is
> > more transparent.
> 
> Those USE_* flags are for port creators/maintainers not
> users/installers; user use of, well, USE_* flags may get you in a
> trouble.  OTOH, WITH_* & WITHOUT_* flags lie in user domain.
> 
>   - Parv
> 
> --


sorry, i had WITH[OUT] flags on my mind, of course.. :o)

m.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

idle time out

[gahn]

Hi:

What is the difference between two following commands

set iface idle xxx  # idle timer?
set iface session xxx   # session timer?

What i am trying to do is to tear down the sessions if
those sessions are idle 10 minutes or more. it doesn't
seem to be working with the first command. any advice?

Thanks

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: FreeBSD Ports vs. Gentoo Portage (a matter of concept)

[martinko]

On Wed, 08 Feb 2006 10:59:49 +1100, Norberto Meijome wrote
> martinko wrote:
> 
> > 
> > i already raised the following issue with pkgtools.sonf here on MLs some
> > time ago but i didn't get a response i'd be happy with:
> > i want to make sure that a certain port will be compiled with a certain
> > make argument/flag. there are MAKE_ARGS in port tools but these are
> > used/applied differently depending on whether the port is compiled
> > directly or indirectly via a metaport and also if it's being compiled
> > for the 1st time or again. :-((
> 
> hmm i wasn't aware of those subtleties... portupgrade + pkgtools.conf
> seem to behave pretty well to me (again, maybe they are not compiling
> the way I need with no negative side effects that I can notice.
> 
> > 
> > besides, i should say i'm using mainly FreeBSD and occasionally i'm
> > playing with Gentoo but i consider the quality and stability of ports
> > provided to be (much) better than that of apps via portage. also,
> > syncing and updating portage tree is much more heavy (by which i mean it
> > takes much longer and downloads much more data) than updating ports
> > collection
> 
> ah, definitely - fbsd port system seems to me much more stable and well
> behaved (it works as it should). and coupled with packages, it's just
> great.
> 
> > (especially since portsnap has appeared).
> 
> i have to say i still use cvsup...will have to give portsnap a try

cvsup is good. especially if you don't upgrade often. OTOH, portsnap is more
secure, network load friendly, and works behind proxies. and prepares ports
index file for you, too.

> 
> > not to mention that
> >  Gentoo's system/base layout is still heavy evolving and frequent
> > changes to the format, contents and location of their /etc files are
> > happening quite so often, which wouldn't make any admin too happy.
> >
> 
> true. though the system/layout it is evolving to is quite nice, IMHO.
> the "evolving too fast" feeling may come from being linux after all 
> ;) Again, i think it's the best distro around for powerusers.
> 
> Beto

i just don't know why they have to reinvent everything. freebsd's config files
overriding some defaults are pretty good idea, imho. on gentoo i remember to
have to merge my amended config files every time they added/changed something.
generally, this is one of the issues i see with linux. every distro tries to
reinvent the wheel and do the stuff differently. i think i quite understand
desire of their developers to create something new and best, but unix is where
it is because of its heritage and stability/compatibility, not because it's
been rewritten/reinvented from scratch every so often.
well, old unix gurus and developers with many years of experience and
knowledge are what i believe set BSDs apart from linux, which reminds me of my
young programming days and all that lack of knowledge and experience and all
those mistakes i've been through. :o)

m.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

math/lapack (lapack-3.0) (unknown build error)

[Anthony Philipp]

Hello,

I was doing an upgrade today and one of the ports failed. I have
since checked /usr/ports/UPDATING, the mailing list and then
updated my ports tree again, all to no avail. Here is the error:

---
f77 -O -c ssyr2k.f
f77 -O -c strmm.f
f77 -O -c strsm.f
i386 cr ../../BLAS/SRC/libblas.a isamax.o sasum.o saxpy.o scopy.o sdot.o 
snrm2.o  srot.o srotg.o sscal.o sswap.o lsame.o xerbla.o  sgemv.o sgbmv.o 
ssymv.o ssbmv.o sspmv.o  strmv.o stbmv.o stpmv.o strsv.o stbsv.o stpsv.o  
sger.o ssyr.o sspr.o ssyr2.o sspr2.o sgemm.o ssymm.o ssyrk.o ssyr2k.o strmm.o 
strsm.o
i386:No such file or directory
*** Error code 1

Stop in /usr/ports/math/lapack/work/LAPACK/BLAS/SRC.
*** Error code 1

Stop in /usr/ports/math/lapack/work/LAPACK.
*** Error code 1

Stop in /usr/ports/math/lapack.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade78155.12 
make
** Fix the problem and try again.
** Detected a package name change: libmikmod (audio/libmikmod) -> 
'libmikmod-esound' (audio/libmikmod)
** No need to upgrade 'libmikmod-3.1.11' (>= libmikmod-esound-3.1.11). (specify 
-f to force)
** Detected a package name change: mpg123 (audio/mpg123) -> 'mpg123-esound' 
(audio/mpg123)
** No need to upgrade 'mpg123-0.59r_17' (>= mpg123-esound-0.59r_17). (specify 
-f to force)
** Detected a package name change: libao (audio/libao) -> 'libao-esound' 
(audio/libao)
** No need to upgrade 'libao-0.8.5' (>= libao-esound-0.8.5). (specify -f to 
force)
--->  Skipping 'math/scilab' (scilab-3.1.1_1) because a requisite package 
'lapack-3.0' (math/lapack) failed (specify -k to force)
** Listing the failed packages (*:skipped / !:failed)
! math/lapack (lapack-3.0)  (unknown build error)
* math/scilab (scilab-3.1.1_1)
--->  Packages processed: 0 done, 561 ignored, 1 skipped and 1 failed
---

It's not really urgent, but I'm just wondering what the problem is,
and if there is anything I can do to fix it. 

Thank you and I appreciate your help!

Anthony Philipp
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Erik Norgaard]

Albert Shih wrote:

I search some advice for large imap server.

For me large is : 1000 users with 1 Go mails for each users. And every
users check by imap/pop those mail every 2 or 3 minutes.

What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please this
is not a troll).

Any documentation ?


AFAIK cyrus-imap uses a database backend to store mail and has been 
designed to scale to enterprise systems. The database backend makes 
indexing and mail lookup faster, but I don't think there's any 
difference when it comes to retrieving the actual mail.


Just don't use anything based on mbox file.

Cheers, Erik
--
Ph: +34.666334818  web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
Subject ID:  9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

shutdown && /var: unmount pending ...

[guru]

Hello,

Sometimes I get during the shutdown, when the buffers are
already have been synced, the message:

/var: unmount pending blocks -32 files 0

This is with FreeBSD 6.0-REL and its GENERIC kernel and ICH6 SATA:

$ fgrep -i sata /var/log/messages
Feb  8 08:26:55 rebelion kernel: atapci1:  port 
0x14f0-0x14f7,0x14e4-0x14e7,0x14e8-0x14ef,0x14e0-0x14e3,0x14d0-0x14df mem 
0xc8000c00-0xc8000fff irq 19 at device 31.2 on pci0
Feb  8 08:26:55 rebelion kernel: atapci1:  port 
0x14f0-0x14f7,0x14e4-0x14e7,0x14e8-0x14ef,0x14e0-0x14e3,0x14d0-0x14df mem 
0xc8000c00-0xc8000fff irq 19 at device 31.2 on pci0
Feb  8 08:26:55 rebelion kernel: ad4: 76319MB  at 
ata2-master SATA150
Feb  8 08:26:55 rebelion kernel: ad4: 76319MB  at 
ata2-master SATA150

Any hints, or just to be ignored?

Thx

matthias
-- 
Matthias Apitz / Sisis Informationssysteme GmbH
ein Tochterunternehmen der OCLC PICA B.V. Leiden (NL)
D-82041 Oberhaching, Gruenwalder Weg 28g
Fon: +49 89 / 61308-351, Fax: -399, Mobile +49 170 4527211
http://www.sisis.de/~guru/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

How to get 2 if's act like a switch?

[Andrew Pantyukhin]

I'm sorry for not looking it up myself.

Can I get 2 interfaces on a router switch ethernet frames
(between themselves and the box itself) and the other
interfaces act like normal ones? I need services like dhcpd
to not see any difference between the 2 switched if's, just
like it's a single ethernet segment.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Is this important (compile message - bacula port)?

[Iantcho Vassilev]

I think AC_PACKAGE_NAME in this case is the packge of resolve.h
The problem that you have is maybe missing some devel libraries
...


On 2/8/06, Peter <[EMAIL PROTECTED]> wrote:
>
> checking resolv.h usability... no
> checking resolv.h presence... yes
> configure: WARNING: resolv.h: present but cannot be compiled
> configure: WARNING: resolv.h: check for missing prerequisite headers?
> configure: WARNING: resolv.h: see the Autoconf documentation
> configure: WARNING: resolv.h: section "Present But Cannot Be Compiled"
> configure: WARNING: resolv.h: proceeding with the preprocessor's result
> configure: WARNING: resolv.h: in the future, the compiler will take
> precedence
> configure: WARNING: ## -- ##
> configure: WARNING: ## Report this to the AC_PACKAGE_NAME lists.  ##
> configure: WARNING: ## -- ##
> checking for resolv.h... yes
>
>
> Is this for real?  What is the AC_PACKAGE_NAME list?
>
>
>
>
>
>
> __
> Find your next car at http://autos.yahoo.ca
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Firefox upload mimetypes

[Jochen Haemmerle]

Hi everyone,

I discovered a problem with my firefox 1.5.0.1 yesterday.

I try to upload a zip-file to a webapplication and firefox sets the
mimetype of the submitted content to "application/octetstream" instead of
using "application/zip" or "application/x-zip". The webapp doesn't accept
the "octetstream" mimetype. It expects "zip" or "x-zip"
Using Konqueror(kde 3.5.1) it works just fine.
Is there any way how I can configure my firefox to use these mimetypes?

I'm running FreeBSD 6-Stable (if this has anything to do with it).

Cheers
Jochen

-- 
# Jochen Haemmerle #
# mail(at)jhaemmerle(dot)org #
# mobile/germany: ++49 (0)171 35 84 250 #
# grab my public pgp-key at www.five-nines.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get 2 if's act like a switch?

[Chuck Swiger]

Andrew Pantyukhin wrote:
> Can I get 2 interfaces on a router switch ethernet frames
> (between themselves and the box itself) and the other
> interfaces act like normal ones? I need services like dhcpd
> to not see any difference between the 2 switched if's, just
> like it's a single ethernet segment.

See: "man bridge".

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

BIND zone transfers

[jhall]

I have been running BIND for several years in the Regional Offices I
maintain and the problem in one office has me confused and I'm not sure
where to look.

Under FreeBSD 4.8 BIND was making zone transfers normally.  In my network,
Windows 2000 is the master and bind is the salve.  Recently, the server
was upgraded to FreeBSD 6.0, and suddenly BIND stopped making zone
transfers, except for the first zone, which is transferred just as it
should be.  Zone transfers are taking place from a W2K server.  I am
seeing this problem with BIND 9.3.2 and BIND 9.3.1

I am using the same configuration file in two other offices without any
problems and the offices are configured identically (hardware, software,
etc.).

Traceroutes to, and from, the Windows 2000 Server show the proper routes
being taken both directions and response times from the servers range
between 36ms and 40ms.

Event Viewer on the Windows 2000 server shows Event 6002 and the text
indicates the remote computer aborted the transfer and the transfer should
be restarted at the secondary.  When restarting the transfer the same
results are achieved.  The Windows 2000 Server's DNS is configured to
allow BIND secondaries.

The FreeBSD server has two interfaces which are controlled by mpd (DSL and
VPN).  When running named -g, I see the transfers start (zone .XXX/IN:
Transfer started), but receive a message later, 30-45 minutes, stating the
transfer timed out.  The zones I am transferring contain less than 100
entries each.

Any suggestions as to how to proceed would be greatly appreciated.  Thanks
in advance for your assistance.

Jay

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: BIND zone transfers

[Reko Turja]

- Original Message - 
From: <[EMAIL PROTECTED]>

To: 
Sent: Wednesday, February 08, 2006 2:45 PM
Subject: BIND zone transfers

Any suggestions as to how to proceed would be greatly appreciated.  Thanks
in advance for your assistance.


Do you have the Win2k IP address defined as a NS to which zone transfer is 
allowed? (Can't get the BIND documentation atm so cannot tell the exact 
setting name...


-Reko 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Multiple routes to same destination?

[Webster, Andrew]

I am using Zebra, but it will only keep one route to the same destination in 
the routing table at any given time, even if there is more than one valid path 
:( :(
I know that Linux has this built-in, and more searching of the 'Net after 
posting my initial question revealed that multipath routing is in fact 
something that many people have been asking for since FreeBSD 3.x.  I was 
hoping it would have been built into FreeBSD 6 by now.


Andrew Webster
Directeur des technologies
Director of Technology
ConnecTalk Inc.
125 Gagnon, Suite 202
Saint-Laurent, QC  H4N 1T1
Tel: 514-856-3060
Fax: 514-856-2988


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ian Lord
Sent: Tuesday, February 07, 2006 07:22
To: freebsd-questions@freebsd.org
Subject: Re: Multiple routes to same destination?

Hi,

this is not a scientific answer, but since no one 
else replied, here is what I found a while ago...

When I installed Freebsd 6, i did a lot of 
reseach/posting and found out that there is no 
way freebsd will handle multiple routes to the same destination
I was hoping to have two default routes for 
redundancy (and if possible, load balancing)

I never heard of a kernel patch, and if there was 
one, I wouldn't feel confident with it (just my opinion)

I then went with a routing package (there is 
zebra and quagga) which kinda did the trick. (I 
used quagga since I had some problem setting up zebra from the ports).

It works fine but adds a level of routing that 
could have been handled by the kernel I guess.



At 20:51 2006-02-06, Webster, Andrew wrote:
>Hi,
>
>
>
>Does FreeBSD 5.x, or 6.0 support multiple routes to the same
>destination?
>
>I saw some kernel patches a while back for this on 4.x, but I'd like to
>run something more recent...
>
>
>
>Thanks!
>
>
>
>Andrew
>
>
>___
>freebsd-questions@freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "[EMAIL PROTECTED]"

~~
Ian Lord
MSD Informatique
1711 Montée Major Terrebonne (Québec) J7M 1E6
Tél.: (514) 776-MSDI-> (514) 776-6734
Sans Frais: 1(877) 776-MSDI -> 1(877) 776-6734
http://www.msdi.ca 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

update problems

[zhang]

I've just update to 6.1-PRERELEASE from 6.0. Before I mergemaster -cv , the 
system could work well . But when I mergemaster , I don't check the differents 
carefully and choose the " i " option directly most of the time . Now , all the 
network programmes can't work , I can't ping localhost/127.0.0.1 , I can't use 
" tcpdump " , the c/s kinds like xserver also go bad ; when the system start , 
many warnings such as "...see rc.conf(5)" after dmesg messages.
How can I deal with it ?
Thanks!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help on Tape Backups / Disc Space

[Lowell Gilbert]

"Graham Bentley" <[EMAIL PROTECTED]> writes:

> >  Do you even know for sure that your backup was running at the 
> > time that the filesystem full messages were generated?
> 
> Unfortunatly not - the times are different so this could two
> unrelated issues.

That's exactly the point.  

> > Maybe.  At some point you filled /data up.  You don't have enough
> > information here to indicate why.
> 
> If you could indicate which information I would need would that help?

Your disk space usage.

> > You will probably want to keep closer track to understand your 
> > usage patterns better.
> 
> Any tips on how to do that ?

Look at your disk space usage more than once per day.
There are even ports to help you do that.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: pxeboot fails to load acpi.ko

[Andrew Bogecho]

Hi,

Have you had a look in /boot/device.hints?

hint.acpi.0.disabled="1"

I at the moment maintain 2 diskless images, the one for older hardware has
the above setting to disable acpi(machine would hang with it enabled). I
believe setting it to "0" or commenting it out could help you.

A.

> Hey-
>
>
> I've been working on a project to automate FreeBSD installations over
> the network, using PXE boot capabilities. I've been following the howtos,
> as documented starting here:
> http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pxe/index.html
> and http://www.daemonsecurity.com/pxe/jumpstart.html
>
>
> I'm having a difficult time finding posts from other people who have
> experienced similar problems.
>
> Everything is setup. I'm using a tftpd that can handle large files.
> DHCPD is configured correctly. The client boots the PXE boot loader, as
> it should. It then begins loading the kernel. Upon loading the file
> acpi.ko, the boot hangs.
>
> Doing a tcpdump on the traffic, it looks like the machine receives the
> last packet of acpi.ko, and before it even has a chance to send an ACK,
> it's done. The twirly status bar stops spinning. The machine is doomed for
> a hard reboot.
>
> I've tried with two very different boxes to ensure it's not a hardware
> anomoly. The machines boot fine from the installation CDs -- loading
> acpi.ko. Further, I started with 5.3-REL, stepped up to 5.4-REL, and
> lastly, 6.0-REL. The problem occurs with all these versions.
>
> I'm not sure how to continue debugging this problem. Any tips in terms
> of troubleshooting or known workarounds would be great.
>
>
> Thanks,
> Chris
>
>
>
> --
> Christopher Cowart
> Unix Systems Administrator
> Residential Computing, UC Berkeley
> "May all your pushes be popped"
>
>


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get 2 if's act like a switch?

[Andrew Pantyukhin]

On 2/8/06, Chuck Swiger <[EMAIL PROTECTED]> wrote:
> Andrew Pantyukhin wrote:
> > Can I get 2 interfaces on a router switch ethernet frames
> > (between themselves and the box itself) and the other
> > interfaces act like normal ones? I need services like dhcpd
> > to not see any difference between the 2 switched if's, just
> > like it's a single ethernet segment.
>
> See: "man bridge".

Thanks. First I thought that bridge is not what I want.
Apparently, if_bridge does not switch packets, and
with 100 hosts on each if that would create unnecessary
overhead. But then, networks on both sides are switches,
so the overhead should be minimal if not none.

I still wonder if there's some way to get switch
functionality.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: update problems

[Iantcho Vassilev]

If you haven`t delete the megremaster store directory(usually /var/)
just rerun it. - mergemaster
and ask all the quesions by hand

But first i would suggest to find the problem

On 2/8/06, zhang <[EMAIL PROTECTED]> wrote:
>
> I've just update to 6.1-PRERELEASE from 6.0. Before I mergemaster -cv ,
> the system could work well . But when I mergemaster , I don't check the
> differents carefully and choose the " i " option directly most of the time .
> Now , all the network programmes can't work , I can't ping
> localhost/127.0.0.1 , I can't use " tcpdump " , the c/s kinds like xserver
> also go bad ; when the system start , many warnings such as "...see
> rc.conf(5)" after dmesg messages.
> How can I deal with it ?
> Thanks!
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How to get 2 if's act like a switch?

[Chuck Swiger]

Andrew Pantyukhin wrote:
> On 2/8/06, Chuck Swiger <[EMAIL PROTECTED]> wrote:
>> Andrew Pantyukhin wrote:
[ ... ]
>> See: "man bridge".
> 
> Thanks. First I thought that bridge is not what I want.
> Apparently, if_bridge does not switch packets, and
> with 100 hosts on each if that would create unnecessary
> overhead. But then, networks on both sides are switches,
> so the overhead should be minimal if not none.
> 
> I still wonder if there's some way to get switch
> functionality.

Connect the machine to a switch?  :-) Your bridge machine should not see traffic
directed towards MACs on other ports on the switch if the switch is working
right.  The switch ought to learn which MAC addresses are reachable through the
port your bridge machine is on, and will just deliver the appropriate traffic
(plus broadcasts).

There's probably some netgraph trickery that would let you do STP on the bridge
machine as an alternative solution, but I don't know enough about that to advise
you on it

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: BIND zone transfers

[Tim Utschig]

On Wed, Feb 08, 2006 at 12:45:02PM -, [EMAIL PROTECTED] wrote:
> Under FreeBSD 4.8 BIND was making zone transfers normally.  In my network,
> Windows 2000 is the master and bind is the salve.  Recently, the server
> was upgraded to FreeBSD 6.0, and suddenly BIND stopped making zone
> transfers, except for the first zone, which is transferred just as it
> should be.  Zone transfers are taking place from a W2K server.  I am
> seeing this problem with BIND 9.3.2 and BIND 9.3.1

Saw this in the BIND FAQ, maybe it applies to your situation:


Q: Zone transfers from my BIND 9 master to my Windows 2000 slave fail.
   Why?

A: This may be caused by a bug in the Windows 2000 DNS server where DNS
   messages larger than 16K are not handled properly. This can be worked
   around by setting the option "transfer-format one-answer;".  Also
   check whether your zone contains domain names with embedded spaces or
   other special characters, like "John\032Doe\213s\032Computer", since
   such names have been known to cause Windows 2000 slaves to
   incorrectly reject the zone. 


-- 
   - Tim Utschig <[EMAIL PROTECTED]>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [WISH] Linux kernel as drop-in replacement in FreeBSD?

[Brian Sobolak]

cpghost wrote:
> Hello,
>
> since Linux' support for some hardware is better than FreeBSD's,
> it would be nice to have an *optional* way of running a FreeBSD
> system (userland, including all third party programs) on top
> of the Linux kernel.
>
> This would be somewhat the reverse of /boot/kernel/linux.ko,
> some kind of adaptation layer between Linux kernel and our libc,
> loader etc...
>
> If we had this feature (perhaps as a port), it would be
> convenient to boot into Linux kernel when FreeBSD-non-supported
> hardware is needed; of course keeping FreeBSD kernel as the
> default, high-performance optimized one for all normal cases.
>
> Perhaps someone's already working on this, but I can't find
> any hints or pointers to it.

If I'm not mistaken, this is basically what Apple has done with OSX.  They
started with a Mach kernel instead of Linux, but the userland is BSD.

If you're not particular about the kernel, it might be an option for you.

brian


--
Brian Sobolak
http://www.planetshwoop.com/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Bill Campbell]

On Wed, Feb 08, 2006, Erik Norgaard wrote:
>Albert Shih wrote:
>>I search some advice for large imap server.
>>
>>For me large is : 1000 users with 1 Go mails for each users. And every
>>users check by imap/pop those mail every 2 or 3 minutes.
>>
>>What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please this
>>is not a troll).
>>
>>Any documentation ?
>
>AFAIK cyrus-imap uses a database backend to store mail and has been 
>designed to scale to enterprise systems. The database backend makes 
>indexing and mail lookup faster, but I don't think there's any 
>difference when it comes to retrieving the actual mail.

Cyrus scaling?  Perhaps on one mongo server.  We have installed
multiple servers with courier-imap delivering and serving pop and
imap from a central server housing home directories, and have
seen essentially linear performance as servers are added.

One can index mail stores with something like glimpse, but that's
probably an issue only were there are huge numbers of messages in
individual folders.

Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

A child can go only so far in life without potty training.  It is not
mere coincidence that six of the last seven presidents were potty
trained, not to mention nearly half of the nation's state legislators.
-- Dave Barry
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

More Than 1GB of RAM

[Dinosaur]

Hello!

If I install FreeBSD 6.0, will it be able to use all my 1.5GB of RAM?  
I.e., is its kernel HIGHMEM-enabled?


Thank you and sorry for my English.

--
Dinosaur
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: BIND zone transfers

[jhall]

> On Wed, Feb 08, 2006 at 12:45:02PM -, [EMAIL PROTECTED] wrote:
>> Under FreeBSD 4.8 BIND was making zone transfers normally.  In my
>> network,
>> Windows 2000 is the master and bind is the salve.  Recently, the server
>> was upgraded to FreeBSD 6.0, and suddenly BIND stopped making zone
>> transfers, except for the first zone, which is transferred just as it
>> should be.  Zone transfers are taking place from a W2K server.  I am
>> seeing this problem with BIND 9.3.2 and BIND 9.3.1
>
> Saw this in the BIND FAQ, maybe it applies to your situation:
>
> 
> Q: Zone transfers from my BIND 9 master to my Windows 2000 slave fail.
>Why?
>
> A: This may be caused by a bug in the Windows 2000 DNS server where DNS
>messages larger than 16K are not handled properly. This can be worked
>around by setting the option "transfer-format one-answer;".  Also
>check whether your zone contains domain names with embedded spaces or
>other special characters, like "John\032Doe\213s\032Computer", since
>such names have been known to cause Windows 2000 slaves to
>incorrectly reject the zone.
> 
>
> --
>- Tim Utschig <[EMAIL PROTECTED]>
>

I did not properly explain the situation.  The Windows 2000 server is
functioning as a secondary server for the parent organization's DNS, and I
am using BIND to download the zones to the local offices, from the W2K
server, to help reduce network traffic.  Sorry this was not clear the
first time.

Jay


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Samba and fstab

[A. Clausen]

Ken Stevenson wrote:


A. Clausen wrote:

Slowly educating myself in FreeBSD.  Have managed to get Samba set up 
and can access my FreeBSD server, but trying to get SMBFS shares 
mounted in fstab is causing me grief.  Either I get errors about 
invalid file system or I get nothing at all when I issue "mount -a", 
but the share still isn't mounted.  I've tried adding some info to 
nsmb.conf, but that doesn't seem to make much difference.


I'm running FreeBSD 6 and Samba 3.0.14a.

Are you trying to mount Windows shares under Samba? If so here's what 
my fstab looks like:


//[EMAIL PROTECTED]/c/smb/amiserversmbfsrw00

I'm mounting the share named c on a Windows 2000 server named 
amiserver at the mount point /smb/amiserver on my FreeBSD server.


Edit /etc/nsmb.conf and set the workgroup, addr and password values 
for your windows share.


Thanks for the tips.  It looks like my big mistake was not putting the 
user name in nsmb.conf in all-caps.  Once I did that, mount -a mounted 
all my SMB shares.


--
A. Clausen
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: More Than 1GB of RAM

[Jerry McAllister]

> 
> Hello!
> 
> If I install FreeBSD 6.0, will it be able to use all my 1.5GB of RAM?  

Yes.

> I.e., is its kernel HIGHMEM-enabled?
> 
> Thank you and sorry for my English.
> 
> -- 
> Dinosaur
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> 
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Contents of freebsd-questions Digest, Vol 123, Issue 3 (Re: What's the bright idea? fam -> gamin)

[Trix Farrar]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Peter wrote:
> > --- Nikolas Britton <[EMAIL PROTECTED]> wrote:
>> >>On 2/6/06, Peter <[EMAIL PROTECTED]> wrote:
>>> >>>--- Nikolas Britton <[EMAIL PROTECTED]> wrote:
 My dependency are all foobared up now, How do I change them all
back
 to fam-2.6.9_6, so I don't have to run pkgdb -F everytime I
 portupgrade?
>>> >>>
>>> >>>Remove fam by force and then install gamin.
>> >>
>> >>I don't want gamin, what was wrong with fam for fam?
>> >>
[snipped a lot]

On the off chance that someone hasn't helped you already (or you haven't
yet found the answer):

The way I got past this was to add the following line to /etc/make.conf:

WITH_FAM_SYSTEM=fam

Next, run 'pkgdb -F'.  When it prompts with the stale dependency
message, set the dependency to your installed fam package.  (I cheat and
just use fam and let the completion catch it for me.  Be sure to
tell it to replace All so you don't get prompted again.

The /etc/make.conf line will keep you from getting into that pickle again.

Don't be too nervous about replacing this dependency because gamin
supports a subset of fam's features, so you won't lose anything.


-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD6jSkUn6S0hqD4tsRAiWoAJ41fdNVW7G+V/LVTN14ZKw6Ix4teQCeLDxn
EdDB6dgxHpo3AI6TGH9rl1s=
=reze
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Contents of freebsd-questions Digest, Vol 123, Issue 4 (Default browser)

[Trix Farrar]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

> What has to be done to change the default browser from mozilla into e.g. 
> opera or firefox (assuming that these are duly installed and operational)?
> 
> The handbook talks about different browsers, but I have not been able to find 
> a section about changing the default browser.
> 
> 
> 

I'm not sure if you're asking about port-building or your desktop
environment.  I'll go with the former.

If you add

WITH_MOZILLA=firefox

to your /etc/make.conf file, then any browser ports that depend on
mozilla like (on a GNOME system, anyway) galeon, epiphany, and yelp,
will use firefox as their core instead.

On the other hand, if you're running GNOME 2.12, you want to look under
Desktop -> Preferences -> Preferred Applications.  The "Web Browser" tab
should be the first one to come up.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD6jdYUn6S0hqD4tsRAsaxAJ92xf1l7O8asrIrpd8XopctNz45/QCgoFxt
ntREPQINROG86al3cqv/94I=
=s68l
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: update problems

[Chuck Teal]

On Wednesday February 8 2006 10:40, Iantcho Vassilev wrote:
> If you haven`t delete the megremaster store directory(usually /var/)
> just rerun it. - mergemaster
> and ask all the quesions by hand
>
> But first i would suggest to find the problem
>
> On 2/8/06, zhang <[EMAIL PROTECTED]> wrote:
> > I've just update to 6.1-PRERELEASE from 6.0. Before I mergemaster -cv ,
> > the system could work well . But when I mergemaster , I don't check the
> > differents carefully and choose the " i " option directly most of the
> > time . Now , all the network programmes can't work , I can't ping
> > localhost/127.0.0.1 , I can't use " tcpdump " , the c/s kinds like
> > xserver also go bad ; when the system start , many warnings such as
> > "...see rc.conf(5)" after dmesg messages.
> > How can I deal with it ?
> > Thanks!

I had a similar problem just yesterday.  Running mergemaster again did not fix 
the issue.

In my situation I messed up the /etc/defaults/rc.conf.  It gave me several 
error messages on boot up similar to yours.  I just copied the rc.conf from 
the examples directory and replaced the rc.conf in /etc/defaults/rc.conf.  
Then I did a:

shutdown now
exit

It was working okay when I left this morning.

I am not sure if this is a good idea or not.  I just know it seems to have 
solved my problem.  I would keep a backup of the original file somewhere in 
case you need to revert back to the original.

Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

error log meaning

[Imran Imtiaz]

I have seen the following error in my messages file can anyone tell me what 
does it mean? is my computer being hacked?

Refused PORT 207,46,133,140,1,21 (address m
ismatch)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [WISH] Linux kernel as drop-in replacement in FreeBSD?

[Dieter]

> > > since Linux' support for some hardware is better than FreeBSD's,
> > > it would be nice to have an *optional* way of running a FreeBSD
> > > system (userland, including all third party programs) on top
> > > of the Linux kernel.
> > 
> > I'd prefer to have a way to use a Linux device driver with a
> > BSD kernel.
> 
> Of course, but if I understand drivers correctly, that would be
> nearly impossible... unless the interface between linux device
> drivers and the rest of the linux kernel consisted of a well
> defined API (perhaps it does, I don't know). Basically, a driver
> can access ANY data structure of the kernel, and that's why it's
> not trivial to combine a Linux driver with the FreeBSD kernel.

If the driver is loaded with "modprobe", wouldn't that have a
well defined API?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: error log meaning

[Ian Lord]

Is this a log from your ftp deamon ?

If so, it might be due to the fact that you are 
not connecting using passive mode and going 
through a server that doesnt handle ftp transfer correctly.


Might be something complety different also... I 
cannot help you more then that (if it did at all lol)


At 13:29 2006-02-08, Imran Imtiaz wrote:
I have seen the following error in my messages 
file can anyone tell me what does it mean? is my computer being hacked?


Refused PORT 207,46,133,140,1,21 (address m
ismatch)[A

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


~~
Ian Lord
MSD Informatique
1711 Montée Major Terrebonne (Québec) J7M 1E6
Tél.: (514) 776-MSDI-> (514) 776-6734
Sans Frais: 1(877) 776-MSDI -> 1(877) 776-6734
http://www.msdi.ca 
___

freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Multiple routes to same destination?

[Danial Thom]

According to Ted this won't work anyway, since he
claims that all ISPs source filter and won't let
any source addresses other than theirs through.
So maybe that's why they've never done it?

--- "Webster, Andrew" <[EMAIL PROTECTED]>
wrote:

> I am using Zebra, but it will only keep one
> route to the same destination in the routing
> table at any given time, even if there is more
> than one valid path :( :(
> I know that Linux has this built-in, and more
> searching of the 'Net after posting my initial
> question revealed that multipath routing is in
> fact something that many people have been
> asking for since FreeBSD 3.x.  I was hoping it
> would have been built into FreeBSD 6 by now.
> 
> 
> Andrew Webster
> Directeur des technologies
> Director of Technology
> ConnecTalk Inc.
> 125 Gagnon, Suite 202
> Saint-Laurent, QC  H4N 1T1
> Tel: 514-856-3060
> Fax: 514-856-2988
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Ian Lord
> Sent: Tuesday, February 07, 2006 07:22
> To: freebsd-questions@freebsd.org
> Subject: Re: Multiple routes to same
> destination?
> 
> Hi,
> 
> this is not a scientific answer, but since no
> one 
> else replied, here is what I found a while
> ago...
> 
> When I installed Freebsd 6, i did a lot of 
> reseach/posting and found out that there is no 
> way freebsd will handle multiple routes to the
> same destination
> I was hoping to have two default routes for 
> redundancy (and if possible, load balancing)
> 
> I never heard of a kernel patch, and if there
> was 
> one, I wouldn't feel confident with it (just my
> opinion)
> 
> I then went with a routing package (there is 
> zebra and quagga) which kinda did the trick. (I
> 
> used quagga since I had some problem setting up
> zebra from the ports).
> 
> It works fine but adds a level of routing that 
> could have been handled by the kernel I guess.
> 
> 
> 
> At 20:51 2006-02-06, Webster, Andrew wrote:
> >Hi,
> >
> >
> >
> >Does FreeBSD 5.x, or 6.0 support multiple
> routes to the same
> >destination?
> >
> >I saw some kernel patches a while back for
> this on 4.x, but I'd like to
> >run something more recent...
> >
> >
> >
> >Thanks!
> >
> >
> >
> >Andrew
> >
> >
>
>___
> >freebsd-questions@freebsd.org mailing list
>
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ~~
> Ian Lord
> MSD Informatique
> 1711 Montée Major Terrebonne (Québec) J7M 1E6
> Tél.: (514) 776-MSDI-> (514)
> 776-6734
> Sans Frais: 1(877) 776-MSDI -> 1(877)
> 776-6734
> http://www.msdi.ca 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Default browser

[Guido Van Hoecke]

Beto, I took your advice and solved the mess as you suggested.

I just deinstalled both mozilla and firefox and symlinked  
/usr/X11R6/bin/linux-opera to /usr/X11R6/bin/mozilla and to  
/usr/X11R6/bin/firefox.


Thanks,

Guido
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Multiple routes to same destination?

[Webster, Andrew]

Well, in that case, an ISP wouldn't want to use FreeBSD in their core routers 
:( :(

In this particular case, I have redundant links (L1 and L2) between two 
locations (Loc 1 and Loc 2) with two FreeBSD routers at each location (R1/R2, 
and R3/R4) which are running OSPF to redistribute routing information between 
locations.
Since FreeBSD limits the entries for a particular network to only one active 
entry, the all the traffic for would either go on R1->L1->R4 or R2->L2->R3, but 
not both.

Loc 1___ /---R1--L1--R4---\___ Loc 2
 \---R2--L2--R3---/


Andrew 


-Original Message-
From: Danial Thom [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 08, 2006 13:39
To: Webster, Andrew; Ian Lord; freebsd-questions@freebsd.org
Subject: RE: Multiple routes to same destination?

According to Ted this won't work anyway, since he
claims that all ISPs source filter and won't let
any source addresses other than theirs through.
So maybe that's why they've never done it?

--- "Webster, Andrew" <[EMAIL PROTECTED]>
wrote:

> I am using Zebra, but it will only keep one
> route to the same destination in the routing
> table at any given time, even if there is more
> than one valid path :( :(
> I know that Linux has this built-in, and more
> searching of the 'Net after posting my initial
> question revealed that multipath routing is in
> fact something that many people have been
> asking for since FreeBSD 3.x.  I was hoping it
> would have been built into FreeBSD 6 by now.
> 
> 
> Andrew Webster
> Directeur des technologies
> Director of Technology
> ConnecTalk Inc.
> 125 Gagnon, Suite 202
> Saint-Laurent, QC  H4N 1T1
> Tel: 514-856-3060
> Fax: 514-856-2988
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On
> Behalf Of Ian Lord
> Sent: Tuesday, February 07, 2006 07:22
> To: freebsd-questions@freebsd.org
> Subject: Re: Multiple routes to same
> destination?
> 
> Hi,
> 
> this is not a scientific answer, but since no
> one 
> else replied, here is what I found a while
> ago...
> 
> When I installed Freebsd 6, i did a lot of 
> reseach/posting and found out that there is no 
> way freebsd will handle multiple routes to the
> same destination
> I was hoping to have two default routes for 
> redundancy (and if possible, load balancing)
> 
> I never heard of a kernel patch, and if there
> was 
> one, I wouldn't feel confident with it (just my
> opinion)
> 
> I then went with a routing package (there is 
> zebra and quagga) which kinda did the trick. (I
> 
> used quagga since I had some problem setting up
> zebra from the ports).
> 
> It works fine but adds a level of routing that 
> could have been handled by the kernel I guess.
> 
> 
> 
> At 20:51 2006-02-06, Webster, Andrew wrote:
> >Hi,
> >
> >
> >
> >Does FreeBSD 5.x, or 6.0 support multiple
> routes to the same
> >destination?
> >
> >I saw some kernel patches a while back for
> this on 4.x, but I'd like to
> >run something more recent...
> >
> >
> >
> >Thanks!
> >
> >
> >
> >Andrew
> >
> >
>
>___
> >freebsd-questions@freebsd.org mailing list
>
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ~~
> Ian Lord
> MSD Informatique
> 1711 Montée Major Terrebonne (Québec) J7M 1E6
> Tél.: (514) 776-MSDI-> (514)
> 776-6734
> Sans Frais: 1(877) 776-MSDI -> 1(877)
> 776-6734
> http://www.msdi.ca 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [WISH] Linux kernel as drop-in replacement in FreeBSD?

[Dieter]

> That's exactly what I'm doing right now. For example when I need
> to use my Pinnacle DC10+ (Zoran) card, I simply reboot into Gentoo,
> do the capture, and then reboot into FreeBSD to run the rest of
> mjpegtools. Same for MIDI recording etc... or other stuff that's
> currently unavailable within FreeBSD.
>
> The problem with this is that there are two systems to care for:
> my primary FreeBSD environment, and a minimal Gentoo environment
> just for a few programs.

There is another problem with dual-booting.  FreeBSD isn't available
when Linux is running, and visa-versa.  If you have jobs that need to
run at specific times and the machine is running the wrong OS at that
time, you lose.

I suspect that a lot of people only need a driver or two from Linux.
Userland stuff tends to be fairly portable between BSD and Linux.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [WISH] Linux kernel as drop-in replacement in FreeBSD?

[Giorgos Keramidas]

On 2006-02-08 10:29, Dieter <[EMAIL PROTECTED]> wrote:
 since Linux' support for some hardware is better than FreeBSD's, it
 would be nice to have an *optional* way of running a FreeBSD system
 (userland, including all third party programs) on top of the Linux
 kernel.
>>>
>>> I'd prefer to have a way to use a Linux device driver with a BSD
>>> kernel.
>>
>> Of course, but if I understand drivers correctly, that would be
>> nearly impossible... unless the interface between linux device
>> drivers and the rest of the linux kernel consisted of a well defined
>> API (perhaps it does, I don't know). Basically, a driver can access
>> ANY data structure of the kernel, and that's why it's not trivial to
>> combine a Linux driver with the FreeBSD kernel.
>
> If the driver is loaded with "modprobe", wouldn't that have a well
> defined API?

Only as far as loading & unloading is concerned.  Once a driver gets
loaded, even before module_load() finishes some times, the driver has
full access to the guts of the kernel and can wreak havoc all over the
place without any serious problem :)

- Giorgos

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

A script for poets

[Kristian Vaaf]

Hello!

Again with my script requests, this time I'm wondering if anybody
has ever felt like writing a shell script that makes it easy to write rhymes,
poems or just make up funny lines.

http://www.rhymer.com is a great place, but unfortunately it requires 
a browser.


Or maybe this is a feature that extends beyond the purpose of shell scripting,
and that maybe for such I should start looking into languages like Ruby?

Hoping for generous expert advise.

Thank you, peasants and poets :)

Vaaf (wuff)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

showdown transfering files with scp

[mark.jacobs]

I was using scp to copy several large (300-800mb) each files between two
Freebsd machines. Both are on the same hub, 100MB Ethernet connection.
The source box is FreeBSD 5.4 stable at a late October build date. The
target is running 6.0 stable at a current build date.

 

The first three files showed a transfer rate of about 3mb/sec and
transfer took about a 5-7 minutes for each file. After the third one
however the transfer rate dropped to 100-200 KB/sec. There was nothing
else going on in the internal network at the time.

 

Any ideas on what happened?

 

Mark Jacobs

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Remote backup solutions

[Göran Nilsson]

Thanks Ian.
This sure looks like a good solutions. Are there anyone that have tried out
bacula on FreeBSD 6.0 in a production enviroment?

/Goran


2006/2/7, Ian Lord <[EMAIL PROTECTED]>:
>
> You might want to look into
> http://www.bacula.org/
>
> Didnt try it myself, planning to test it soon...
> They have a windows client from what they say...
>
> At 17:25 2006-02-07, Göran Nilsson wrote:
> >Hi all.
> >Im looking for som software (opensource) that's scalable to to plenty of
> >remote backups over the Internet. The idea about this is offering small
> >companys to do theire backup to a remote distance, and don't have to
> concern
> >that much about it. The companys servers are generally NT 4.0 Server up
> to
> >Windows2003. The backup system should be based on a FreeBSD 6.0 system.
> In
> >the beginning it won't be that many companys doing remotebackups still,
> it
> >should be easy grow with the jobs needed.
> >Anyone have a pointer to what i should look for?
> >Shoud the backups be done via a vpn solutions like "OpenVPN" and rsync?
> >Or should i look for something else? Are there any "pitfalls" i should
> >lookout for?
> >
> >Anyway any/all feedback is most appriciated.
> >
> >
> >
> >/Goran
> >___
> >freebsd-questions@freebsd.org mailing list
> >http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>
> ~~
> Ian Lord
> MSD Informatique
> 1711 Montée Major Terrebonne (Québec) J7M 1E6
> Tél.: (514) 776-MSDI-> (514) 776-6734
> Sans Frais: 1(877) 776-MSDI -> 1(877) 776-6734
> http://www.msdi.ca
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> [EMAIL PROTECTED]"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Albert Shih]

 Le 07/02/2006 à 16:26:42-0800, Bill Campbell a écrit
> On Tue, Feb 07, 2006, Albert Shih wrote:
> >Hi all
> >
> >I search some advice for large imap server.
> >
> >For me large is : 1000 users with 1 Go mails for each users. And every
> >users check by imap/pop those mail every 2 or 3 minutes.
> >
> >What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please this
> >is not a troll).
> 
> I prefer Courier-imap because it uses Maildir storage while Cyrus
> uses something similar in that it stores each message in a file,
> but Cyrus also maintains index files which can get corrupted.

Yes this is I known, but many «voice» tel me the Cyrus imap is for very
huge. But I don't known what's mean «very huge»...
> 
> We have several systems running courier-imap with 6000+ mailboxes
> on a single server without problems.

And how many mail have every mailboxes ?

Whith courier-imap when the user check this mail every 1-2 minutes anyone
known if the courier-imap daemon check only on 

Maildir/new

or the daemon check also every

Maildir/mailbox1/new
Maildir/mailbox2/new 
etc...

Lots of thanks.

Regards.

--
Albert SHIH
Universite de Paris 7 (Denis DIDEROT)
U.F.R. de Mathematiques.
7 ième étage, plateau D, bureau 10
Heure local/Local time:
Wed Feb 8 21:10:06 CET 2006
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Bill Campbell]

On Wed, Feb 08, 2006, Albert Shih wrote:
> Le 07/02/2006 à 16:26:42-0800, Bill Campbell a écrit
>> On Tue, Feb 07, 2006, Albert Shih wrote:
>> >Hi all
>> >
>> >I search some advice for large imap server.
>> >
>> >For me large is : 1000 users with 1 Go mails for each users. And every
>> >users check by imap/pop those mail every 2 or 3 minutes.
>> >
>> >What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please this
>> >is not a troll).
>> 
>> I prefer Courier-imap because it uses Maildir storage while Cyrus
>> uses something similar in that it stores each message in a file,
>> but Cyrus also maintains index files which can get corrupted.
>
>Yes this is I known, but many «voice» tel me the Cyrus imap is for very
>huge. But I don't known what's mean «very huge»...
>> 
>> We have several systems running courier-imap with 6000+ mailboxes
>> on a single server without problems.
>
>And how many mail have every mailboxes ?
>
>Whith courier-imap when the user check this mail every 1-2 minutes anyone
>known if the courier-imap daemon check only on 
>
>   Maildir/new
>
>or the daemon check also every
>
>   Maildir/mailbox1/new
>   Maildir/mailbox2/new 

I think that depends on the e-mail client.  The default INBOX for
courier is $HOME/Maildir/{cur,new,tmp}, and each folder will be
in $HOME/Maildir/.foldername/{cur,new,tmp}.  The client issues
the IMAP commands to check folders.

POP clients will only see the default INBOX, and these tend to
download the new messages on every connection leaving the
mailboxes empty.

IMAP clients tend to stay connected for extended periods of time
(as I found when using WHOSON to permit mail relaying by
connecting clients, and modified the whoson processing to update
the daemon server on every authenticated IMAP command).

Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

``People from East Germany have found the West so confusing. It's so much
easier when you have only one party.'' -- Linus Torvalde, Linux Expo Canada
when asked about confusion over many Linux distributions.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Default browser

[Tom Grove]

Guido Van Hoecke wrote:


Beto, I took your advice and solved the mess as you suggested.

I just deinstalled both mozilla and firefox and symlinked  
/usr/X11R6/bin/linux-opera to /usr/X11R6/bin/mozilla and to  
/usr/X11R6/bin/firefox.


Thanks,

Guido
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"




Did you get java working with opera?

-Tom
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Multiple routes to same destination

[Qing Li]

I have a private patch that's based on radix_mpath for FreeBSD 5.4.
I believe [EMAIL PROTECTED] is working on a solution.

-- Qing


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Webster, Andrew
Sent: Wednesday, February 08, 2006 10:51 AM
To: [EMAIL PROTECTED]; Ian Lord; freebsd-questions@freebsd.org
Subject: RE: Multiple routes to same destination?

Well, in that case, an ISP wouldn't want to use FreeBSD in their core routers 
:( :(

In this particular case, I have redundant links (L1 and L2) between two 
locations 
(Loc 1 and Loc 2) with two FreeBSD routers at each location (R1/R2, and R3/R4) 
which are running OSPF to redistribute routing information between locations.
Since FreeBSD limits the entries for a particular network to only one active 
entry,
the all the traffic for would either go on R1->L1->R4 or R2->L2->R3, but not 
both.

Loc 1___ /---R1--L1--R4---\___ Loc 2
 \---R2--L2--R3---/


Andrew

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: A script for poets

[Gary Kline]

On Wed, Feb 08, 2006 at 08:29:21PM +0100, Kristian Vaaf wrote:
> 
> Hello!
> 
> Again with my script requests, this time I'm wondering if anybody
> has ever felt like writing a shell script that makes it easy to write 
> rhymes,
> poems or just make up funny lines.
> 
> http://www.rhymer.com is a great place, but unfortunately it requires 
> a browser.
> 
> Or maybe this is a feature that extends beyond the purpose of shell 
> scripting,
> and that maybe for such I should start looking into languages like Ruby?
> 
> Hoping for generous expert advise.


This may dovetail into something I was actively working on
several years ago: a C/C++ program that took unmetered text
as input and output N-syllabic lines as output.

I created a dictionary of thousands of words with one, two,
three, or more syllabes in my database.  I played around 
with this idea until I realized that "real" poetry demands
imagery (metaphor, simile), and not simply meter or rhyme.
After 7 years of my writing group I've learned how DIFFICULT 
it is to write a good poem.  Or prose.  
> 
> Thank you, peasants and poets :)

I'm closer to being a peasant that poet.  

"I ain't no poet
And I know it."

gary


> 
> Vaaf (wuff)
> 

-- 
   Gary Kline [EMAIL PROTECTED]   www.thought.org Public service Unix

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: showdown transfering files with scp

[Bill Schmitt (SW)]

[EMAIL PROTECTED] wrote:


I was using scp to copy several large (300-800mb) each files between two
Freebsd machines. Both are on the same hub, 100MB Ethernet connection.
The source box is FreeBSD 5.4 stable at a late October build date. The
target is running 6.0 stable at a current build date.



The first three files showed a transfer rate of about 3mb/sec and
transfer took about a 5-7 minutes for each file. After the third one
however the transfer rate dropped to 100-200 KB/sec. There was nothing
else going on in the internal network at the time.



Any ideas on what happened?



Mark Jacobs

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



 

I can't be sure if it's the issue, but at one point some individuals on 
the network where I worked installed hubs of their own (the 
non-intelligent variety of connection) and it didn't just slow them 
down, it dragged down the entire network segment. Since hubs are not 
intelligent, there are an awful lot of collisions and putting a hub 
downstream from the routers means that all bets are off on performance. 
Hope that helps.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

is upgrading from 4.x to 6.x possible?

[Mikhail Teterin]

Is there a procedure for upgrading 4.x to 6.x? Simply doing `buildworld' does 
not work -- even make can not be rebuilt without the stdint.h, for example.

Thanks for advice. Yours,

-mi
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Multiple routes to same destination

[Julian Elischer]

Qing Li wrote:

I use mpd to greate one VPN between the sites, using Multilink PPP, so that
data is sent across both links (eitehr round-robon or split packet).
I use MPD's udp transport mode to open two UDP sockets
and send packets from R1 to R4 and from R2 to R3 (in the diagram below).
MPD will automatically detect if on e link is down and redirect 
everything through the remaining link.



   I have a private patch that's based on radix_mpath for FreeBSD 5.4.
   I believe [EMAIL PROTECTED] is working on a solution.

   -- Qing


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Webster, Andrew
Sent: Wednesday, February 08, 2006 10:51 AM
To: [EMAIL PROTECTED]; Ian Lord; freebsd-questions@freebsd.org
Subject: RE: Multiple routes to same destination?

Well, in that case, an ISP wouldn't want to use FreeBSD in their core routers 
:( :(

In this particular case, I have redundant links (L1 and L2) between two locations 
(Loc 1 and Loc 2) with two FreeBSD routers at each location (R1/R2, and R3/R4) 
which are running OSPF to redistribute routing information between locations.

Since FreeBSD limits the entries for a particular network to only one active 
entry,
the all the traffic for would either go on R1->L1->R4 or R2->L2->R3, but not 
both.

Loc 1___ /---R1--L1--R4---\___ Loc 2
 \---R2--L2--R3---/


Andrew

___
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: is upgrading from 4.x to 6.x possible?

[fbsd_user]

To take advantage of the new file system ufs2 which became
part of FreeBSD in 5.0 you need to install from scratch.
You are so far behind that its far better to start over
again after saving your user data.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mikhail
Teterin
Sent: Wednesday, February 08, 2006 4:10 PM
To: freebsd-questions@freebsd.org
Subject: is upgrading from 4.x to 6.x possible?


Is there a procedure for upgrading 4.x to 6.x? Simply doing
`buildworld' does
not work -- even make can not be rebuilt without the stdint.h, for
example.

Thanks for advice. Yours,

-mi
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Default browser

[Guido Van Hoecke]

On Wed, 08 Feb 2006 21:21:41 +0100, Tom Grove <[EMAIL PROTECTED]> wrote:


Guido Van Hoecke wrote:


Beto, I took your advice and solved the mess as you suggested.


Did you get java working with opera?

Yep, I am using linux-opera 8.51 and both linux-sun-jdk1.4.2 and  
linux-blackdown-jdk1.4.2 are working. I even managed to use them for my  
on-line banking here in Belgium, although my KBC bank does not support  
opera :)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: is upgrading from 4.x to 6.x possible?

[Erik Trulsson]

On Wed, Feb 08, 2006 at 04:10:02PM -0500, Mikhail Teterin wrote:
> Is there a procedure for upgrading 4.x to 6.x? Simply doing `buildworld' does 
> not work -- even make can not be rebuilt without the stdint.h, for example.

If you are trying to upgrade via source you will have to first upgrade from
4.x to 5.x and then from 5.x to 6.x.  I don't think it is possible to go
directly from 4.x to 6.x.


The other option available is of course to make a backup of all data and
config files, make a new clean install of 6.x, and then restore files from
backup.


-- 

Erik Trulsson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

sshd / ssh setup

[fbsd_user]

Have user who is logging in to USA site from Asian public internet
cafes using his personal windows/xp notebook. Trying to setup the
USA server and his windows/xp notebook to use SSH.
Added sshd_enable="YES" to USA site server rc.conf and rebooted
system.
During boot process, followed sshd instruction and built
the root user keys. Have read the handbook but have no clue as
how to proceed. The handbook covers all the many different ssh
config options, but does not say how to really use it.

Need procedures to
1. setup users on FreeBSD target sshd server.
2. setup users on FreeBSD remote box to ssh to sshd server.
3. setup users on windows/xp remote box to ssh to sshd server.

Is this documented any where?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: A script for poets

[[EMAIL PROTECTED]]

On 2/8/06, Gary Kline <[EMAIL PROTECTED]> wrote:
> On Wed, Feb 08, 2006 at 08:29:21PM +0100, Kristian Vaaf wrote:
> > Again with my script requests, this time I'm wondering if anybody
> > has ever felt like writing a shell script that makes it easy to write
> > rhymes,
> > poems or just make up funny lines.

As below, but textproc/dadadodo is about it so
far as meaningfulness in computer generated
text can get.

>
> This may dovetail into something I was actively working on
> several years ago: a C/C++ program that took unmetered text
> as input and output N-syllabic lines as output.
>
. . .

Quite the task, that.  Reading Spenser, Shakespeare,
and older metrical and rhyming poetry can give you
an indication of how difficult even the bland, mechanical
regurgiation of poetry can be:
Most words ending in -ed have one more syllable than
we usually enunciate.
Room and Rome can rhyme.
Wawain, Gawain, Gawaine are exactly the same person.

Most of this can be scripted around, double entries in
the syllabary for possible pronunciations and known
obscure rhymes, etc.  Still leaves no way to innovate
structure that's not coded in.
Anyway, this gets into AI, and as jwz points out, most of
modern AI research is fairly intellectually dishonest.

--
--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Best Way To Block Range of Addresses with ipfw2?

[Drew Tomlinson]

I want to deny access to addresses in this range:

84.57.113.0 - 84.61.96.255

What is the best way to specify this range for ipfw2?  There must be a 
better way than listing a whole bunch of individual networks.


Thanks,

Drew

--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: sshd / ssh setup

[Ken Stevenson]

fbsd_user wrote:

Have user who is logging in to USA site from Asian public internet
cafes using his personal windows/xp notebook. Trying to setup the
USA server and his windows/xp notebook to use SSH.
Added sshd_enable="YES" to USA site server rc.conf and rebooted
system.
During boot process, followed sshd instruction and built
the root user keys. Have read the handbook but have no clue as
how to proceed. The handbook covers all the many different ssh
config options, but does not say how to really use it.

There are a lot of options here, but here's how I do it. Not 
necessarily the best way, but it works for me.



Need procedures to
1. setup users on FreeBSD target sshd server.

Create a regular login for each outside user using adduser.
Make sure port 22tcp is open inbound.

Login as that user and run:

ssh-keygen -t rsa

I don't have many users so I disable ChallengeResponse authentication 
and require users to submit keys. To do that, edit 
/etc/ssh/sshd_config and set:


ChallengeResponse no

I also set:

Protocol 2


2. setup users on FreeBSD remote box to ssh to sshd server.


Have them run the same ssh-keygen -t rsa

Tell them to send you ~/.ssh/id_rsa.pub

Concatenate that to the ~/.ssh/authorized_keys2 files in their home 
directory on your server. Make sure the key ends up on a new line in 
authorized_keys2. If there wasn't a newline at the end of the file 
previously, it will end up concatenating it to the end of whatever 
keys are already there. If that happens, just go in with a text editor 
and break the line.


The user should then be able to ssh into your box.


3. setup users on windows/xp remote box to ssh to sshd server.


Install Putty

http://www.chiark.greenend.org.uk/~sgtatham/putty/

Run puttygen and generate an SSH2 RSA key (select this at the bottom 
of the dialog box). Tell them to save the public and private keys, and 
then to copy the contents of the Public key for pasting.. field at the 
top of the screen, paste it into a file in notepad, and email it to 
you. Concatenate that to the end of their ~/.ssh/authorized_keys2 file 
as you did for your freebsd users.


If they're going to be logging in often, tell them to run pageant to 
cache the private key.


Then they can run putty and connect to your server.

Again, you might not want to do it this way if you don't want to mess 
around with having users send you keys, but it's a lot more secure. 
Pretty soon you'll be be getting a 100 or more hits a day from 
crackers trying to log into your system. They'll never get anywhere if 
 you're using key based authentication.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



--
Ken Stevenson
Allen-Myland Inc.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Best Way To Block Range of Addresses with ipfw2?

[Chuck Swiger]

Drew Tomlinson wrote:
> I want to deny access to addresses in this range:
> 
> 84.57.113.0 - 84.61.96.255
> 
> What is the best way to specify this range for ipfw2?  There must be a
> better way than listing a whole bunch of individual networks.

deny ip from 84.56.0.0/13 to any

...comes pretty close.  Use finer-grained allow rule before that if you need to
pass stuff in 84.56.0.0/16, for example.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Bill Campbell]

On Wed, Feb 08, 2006, Albert Shih wrote:
> Le 07/02/2006 à 16:26:42-0800, Bill Campbell a écrit
>> On Tue, Feb 07, 2006, Albert Shih wrote:
>> >Hi all
>> >
>> >I search some advice for large imap server.
>> >
>> >For me large is : 1000 users with 1 Go mails for each users. And every
>> >users check by imap/pop those mail every 2 or 3 minutes.
>> >
>> >What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please this
>> >is not a troll).
>> 
>> I prefer Courier-imap because it uses Maildir storage while Cyrus
>> uses something similar in that it stores each message in a file,
>> but Cyrus also maintains index files which can get corrupted.
>> 
>> We have several systems running courier-imap with 6000+ mailboxes
>> on a single server without problems.
>
>Lots of thanks for you answer but what kind of server (hardware) you have ?

Pretty standard Intel machines ranging from 1GhZ Pentium IIIs on
up.  The major factor is whether you're planning on running
spamassassin on incoming mail.

SA is a huge memory hog.  

One of our regional ISP customers with just under 10,000 mail
users has one machine that receives all incoming mail, runing
postfix, amavisd-new, and clamav to trap incoming worms and
phishing attacks.  It uses several DNSRBLs and postfix checking
features to minimize the amount of incoming spam.

The load average on this box averages about 0.35.

Mail that's accepted is then forwarded to one of four machines
that then deliver mail to the user's mailboxes, and also provide
POP and IMAP services to any of the users.  These machines are
running single 2.65GhZ Celeraons with 1GB of RAM, and their load
average is around 2.5, rarely getting higher than 4.0.  These
machines use ldap authentication, and the user's home directories
are NFS mounted to the main server.

The hostnames for internal mail delivery, and for pop/imap
services have multiple IP addresses pointing to the delivery
servers which provides simple load balancing.

Bill
--
INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676

``Now if there is one thing that we do worse than any other nation, it is
try and manage somebody else's affairs.''
Will Rogers

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Best Way To Block Range of Addresses with ipfw2?

[Drew Tomlinson]

On 2/8/2006 3:11 PM Chuck Swiger wrote:

Drew Tomlinson wrote:
  

I want to deny access to addresses in this range:

84.57.113.0 - 84.61.96.255

What is the best way to specify this range for ipfw2?  There must be a
better way than listing a whole bunch of individual networks.



deny ip from 84.56.0.0/13 to any

...comes pretty close.  Use finer-grained allow rule before that if you need to
pass stuff in 84.56.0.0/16, for example.
  


Thanks.  I found that too but was just wondering if there was a way to 
be exact.


Drew

--
Visit The Alchemist's Warehouse
Magic Tricks, DVDs, Videos, Books, & More!

http://www.alchemistswarehouse.com

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

mpd just won't time out of idlesessions

[gahn]

Hi:

Ok, I have a minor problem for the mpd; it just
doesn't time out the idle session, ie, the command
"set iface idle xxx" doesn't seem to be working. I
connected to the PPTP server and idled for hours and
it still connects.
 
But the command of "set iface session xxx" works, it
just cut me off once it reaches the preset session
timer.

Does anyone here have any ideas?

Thanks

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Best Way To Block Range of Addresses with ipfw2?

[Dan Nelson]

In the last episode (Feb 08), Drew Tomlinson said:
> On 2/8/2006 3:11 PM Chuck Swiger wrote:
> >Drew Tomlinson wrote:
> >>I want to deny access to addresses in this range:
> >>
> >>84.57.113.0 - 84.61.96.255
> >>
> >>What is the best way to specify this range for ipfw2?  There must
> >>be a better way than listing a whole bunch of individual networks.
> >
> >deny ip from 84.56.0.0/13 to any
> >
> >...comes pretty close.  Use finer-grained allow rule before that if you 
> >need to pass stuff in 84.56.0.0/16, for example.
> 
> Thanks.  I found that too but was just wondering if there was a way
> to be exact.

You could use an ipfw table to store the required subnets that cover
your range; according to the manpage it's the most efficient way to
store large address sets, and it also saves you from cluttering up your
ruleset.

-- 
Dan Nelson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Porblem with Openoffice 2.0.1

[Per olof Ljungmark]

[EMAIL PROTECTED] wrote:

I have had Openoffice 2.0.1 installed and working perfectly for several
weeks now.  Suddenly, openoffice now fails to start.  I thought maybe
JDK14 was corrupted so I deinstalled and reinstalled it, however I still
get the same problem.  Below is the output from the end of the failed
openoffice compile.  Also, if I try to start openoffice from the command
line I get the same message.
--


got identical problem here -
FreeBSD 6.1-PRERELEASE #1: Wed Feb  8 17:09:32 CET 2006
PORTVERSION?=   2.0.1
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: sshd / ssh setup

[fbsd_user]

fbsd_user wrote:
> Have user who is logging in to USA site from Asian public internet
> cafes using his personal windows/xp notebook. Trying to setup the
> USA server and his windows/xp notebook to use SSH.
> Added sshd_enable="YES" to USA site server rc.conf and rebooted
> system.
> During boot process, followed sshd instruction and built
> the root user keys. Have read the handbook but have no clue as
> how to proceed. The handbook covers all the many different ssh
> config options, but does not say how to really use it.
>
There are a lot of options here, but here's how I do it. Not
necessarily the best way, but it works for me.

> Need procedures to
> 1. setup users on FreeBSD target sshd server.
Create a regular login for each outside user using adduser.
Make sure port 22tcp is open inbound.

Login as that user and run:

ssh-keygen -t rsa

I don't have many users so I disable ChallengeResponse
authentication
and require users to submit keys. To do that, edit
/etc/ssh/sshd_config and set:

ChallengeResponse no

I also set:

Protocol 2

> 2. setup users on FreeBSD remote box to ssh to sshd server.

Have them run the same ssh-keygen -t rsa

Tell them to send you ~/.ssh/id_rsa.pub

Concatenate that to the ~/.ssh/authorized_keys2 files in their home
directory on your server. Make sure the key ends up on a new line in
authorized_keys2. If there wasn't a newline at the end of the file
previously, it will end up concatenating it to the end of whatever
keys are already there. If that happens, just go in with a text
editor
and break the line.

The user should then be able to ssh into your box.

> 3. setup users on windows/xp remote box to ssh to sshd server.

Install Putty

http://www.chiark.greenend.org.uk/~sgtatham/putty/

Run puttygen and generate an SSH2 RSA key (select this at the bottom
of the dialog box). Tell them to save the public and private keys,
and
then to copy the contents of the Public key for pasting.. field at
the
top of the screen, paste it into a file in notepad, and email it to
you. Concatenate that to the end of their ~/.ssh/authorized_keys2
file
as you did for your freebsd users.

If they're going to be logging in often, tell them to run pageant to
cache the private key.

Then they can run putty and connect to your server.

Again, you might not want to do it this way if you don't want to
mess
around with having users send you keys, but it's a lot more secure.
Pretty soon you'll be be getting a 100 or more hits a day from
crackers trying to log into your system. They'll never get anywhere
if
  you're using key based authentication.
--
Ken Stevenson
Allen-Myland Inc.

***

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ken
Stevenson
Sent: Wednesday, February 08, 2006 6:02 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED] ORG
Subject: Re: sshd / ssh setup

Ken
Thanks that helps a lot.
Only thing missing is what is ssh login syntax to login from the
remote FreeBSD pc?
Can I also remotely login as root on sshd server system?
I guess the setup instructions are with the putty pgm for ssh access
from windows/xp


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: sshd / ssh setup

[Ken Stevenson]

fbsd_user wrote:


Ken
Thanks that helps a lot.
Only thing missing is what is ssh login syntax to login from the
remote FreeBSD pc?
Can I also remotely login as root on sshd server system?
I guess the setup instructions are with the putty pgm for ssh access
from windows/xp


On the freebsd machine:

ssh hostname

The first you connect, you'll be prompted to confirm you're sure about 
the identity of the host you're connecting to.


Assuming you assigned a passphrase to your key using ssh-keygen, 
you'll have to enter the passphrase.


For putty, go to the SSH | Auth tab and select the private rsa2 key 
created with puttygen. Enter your username in the Auto-login username 
field on the Connection tab.


Enter the host name, then click the save button to save the profile. 
Then just double click on the profile name to connect. If you 
previously cached the private key with pageant, you won't have to 
enter a passphrase.



--
Ken Stevenson
Allen-Myland Inc.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

How is this List Connected with the usenet?

[Chris Maness]

Does this list crossover into Usenet?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: How is this List Connected with the usenet?

[Kris Kennaway]

On Wed, Feb 08, 2006 at 05:04:09PM -0800, Chris Maness wrote:
> Does this list crossover into Usenet?

There are Various unofficial usenet feeds of it, yes.

Kris


pgpW5ZGhQFqgy.pgp
Description: PGP signature

Re: update problems

[James Long]

> Date: Wed, 8 Feb 2006 13:25:38 -0500
> From: Chuck Teal <[EMAIL PROTECTED]>
> Subject: Re: update problems
> To: freebsd-questions@freebsd.org
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain;  charset="iso-8859-1"
> 
> On Wednesday February 8 2006 10:40, Iantcho Vassilev wrote:
> > If you haven`t delete the megremaster store directory(usually /var/)
> > just rerun it. - mergemaster
> > and ask all the quesions by hand
> >
> > But first i would suggest to find the problem
> >
> > On 2/8/06, zhang <[EMAIL PROTECTED]> wrote:
> > > I've just update to 6.1-PRERELEASE from 6.0. Before I mergemaster -cv ,
> > > the system could work well . But when I mergemaster , I don't check the
> > > differents carefully and choose the " i " option directly most of the
> > > time . Now , all the network programmes can't work , I can't ping
> > > localhost/127.0.0.1 , I can't use " tcpdump " , the c/s kinds like
> > > xserver also go bad ; when the system start , many warnings such as
> > > "...see rc.conf(5)" after dmesg messages.
> > > How can I deal with it ?
> > > Thanks!
> 
> I had a similar problem just yesterday.  Running mergemaster again did not 
> fix 
> the issue.
> 
> In my situation I messed up the /etc/defaults/rc.conf.  It gave me several 
> error messages on boot up similar to yours.  I just copied the rc.conf from 
> the examples directory and replaced the rc.conf in /etc/defaults/rc.conf.  
> Then I did a:
> 
> shutdown now
> exit
> 
> It was working okay when I left this morning.
> 
> I am not sure if this is a good idea or not.  I just know it seems to have 
> solved my problem.  I would keep a backup of the original file somewhere in 
> case you need to revert back to the original.

[EMAIL PROTECTED]'s advice is too narrow, IMO.  The best practice I know 
is to back up the entire /etc directory tree before running mergemaster:

...
rm -rf /etc.old
cp -RLp /etc /etc.old
mergemaster -v
...

Then, if something goes wrong in mergemaster, you can just restore the
backup and re-run mergemaster.


Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Tracking Security in Ports and Base System

[Chris Maness]

Newbie question:

How should I set up cvsup to just track security updates for ports.  And 
would the best thing to do after I synced CVS, do portupgrade -a so that 
everything selected gets rebuilt.


What is the equivalent for the base system?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Chuck Swiger]

Chris Maness wrote:
> How should I set up cvsup to just track security updates for ports.  And
> would the best thing to do after I synced CVS, do portupgrade -a so that
> everything selected gets rebuilt.
> 
> What is the equivalent for the base system?

The ports tree isn't branched; just get HEAD (aka ".") and you'll get the most
current version with the most recent security updates.  You might want to
install security/portaudit, however, which is a very useful tool.

Yes, doing a "portupgrade -ai" is a fine method for updating the ports once you
have finished cvsup'ing.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Kris Kennaway]

On Wed, Feb 08, 2006 at 05:14:42PM -0800, Chris Maness wrote:
> Newbie question:
> 
> How should I set up cvsup to just track security updates for ports.

You can't, but you can track the entire thing and use portaudit to
identify ports in need of security upgrade.

Kris

pgpi5jSueovO1.pgp
Description: PGP signature

Re: Tracking Security in Ports and Base System

[Chris Hill]

On Wed, 8 Feb 2006, Chris Maness wrote:

How should I set up cvsup to just track security updates for ports. 
And would the best thing to do after I synced CVS, do portupgrade -a 
so that everything selected gets rebuilt.


I'm not sure there is a way to do this for ports, other than manually 
checking what's been changed and whether you consider that to be a 
security upgrade, then upgrading each applicable port by hand. As far as 
I understand, there is only one tag for ports ("tag=."), which gets you 
the "current" ports tree. I *can* guarantee that others know more about 
this than I do.



What is the equivalent for the base system?


Much simpler: just track RELENG_your_release to get security updates and 
bug fixes and nothing else. For example, mine is RELENG_5_4 and 
therefore tracks 5.4-RELEASE.


HTH.

--
Chris Hill   [EMAIL PROTECTED]
** [ Busy Expunging <|> ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

need help setting up a new partition

[Peter]

Hi everybody,

I have a dual-boot arrangement with Win2k (on the first and second
partition) and FreeBSD 5.4 (on the third partition).  I am willing to
sacrifice the second partition and give it over to FreeBSD as I am lacking
space there.  I'm just not sure how to proceed.

$ fdisk ad0
*** Working on device /dev/ad0 ***
parameters extracted from in-core disklabel are:
cylinders=77545 heads=16 sectors/track=63 (1008 blks/cyl)

Figures below won't work with BIOS for partitions not in cyl 1
parameters to be used for BIOS calculations are:
cylinders=77545 heads=16 sectors/track=63 (1008 blks/cyl)

Media sector size is 512
Warning: BIOS sector numbering starts with sector 1
Information from DOS bootblock is:
The data for partition 1 is:
sysid 7 (0x07),(OS/2 HPFS, NTFS, QNX-2 (16 bit) or Advanced UNIX)
start 63, size 40965687 (20002 Meg), flag 0
beg: cyl 0/ head 1/ sector 1;
end: cyl 1023/ head 254/ sector 63
The data for partition 2 is:
sysid 12 (0x0c),(DOS or Windows 95 with 32 bit FAT (LBA))
start 40965750, size 12289725 (6000 Meg), flag 0
beg: cyl 1023/ head 0/ sector 1;
end: cyl 1023/ head 254/ sector 63
The data for partition 3 is:
sysid 165 (0xa5),(FreeBSD/NetBSD/386BSD)
start 53255475, size 24900750 (12158 Meg), flag 80 (active)
beg: cyl 1023/ head 0/ sector 1;
end: cyl 1023/ head 254/ sector 63
The data for partition 4 is:



The second partition is FAT32 because I was mounting it from within
FreeBSD.

Any help is appreciated.

--
Peter






__ 
Find your next car at http://autos.yahoo.ca
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Chris Maness]

Kris Kennaway wrote:


On Wed, Feb 08, 2006 at 05:14:42PM -0800, Chris Maness wrote:
 


Newbie question:

How should I set up cvsup to just track security updates for ports.
   



You can't, but you can track the entire thing and use portaudit to
identify ports in need of security upgrade.

Kris

How would I keep from upgrading EVERYTHING when I track the whole tree.  
I just fixed a FreeBSD equivalent of DLL hell when I synced the tree.  I 
now understand portupgrade -r so I can probably avoid that nasty 
expireience again.


This is a production server, and I don't want to hose it up.

Thanks for the Help
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Chris Maness]

Much simpler: just track RELENG_your_release to get security updates 
and bug fixes and nothing else. For example, mine is RELENG_5_4 and 
therefore tracks 5.4-RELEASE.



Is there a way to rebuild just the packages updated?  Or does the whole 
tree have to be rebuilt?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Chris Hill]

On Wed, 8 Feb 2006, Chris Maness wrote:

Much simpler: just track RELENG_your_release to get security updates 
and bug fixes and nothing else. For example, mine is RELENG_5_4 and 
therefore tracks 5.4-RELEASE.


Is there a way to rebuild just the packages updated?  Or does the 
whole tree have to be rebuilt?


The part you quoted was referring to the system, not ports/packages.

Packages, by definition, are already built - you just install them.

Rebuilding the ports tree is yet another matter. When you cvsup ports, 
you get the (possibly updated) Makefiles and so forth, but the tree that 
gets updated is only the structure of the /usr/ports hierarchy. No 
source is downloaded, and nothing gets rebuilt, until you do a 
portupgrade, or `make deinstall' followed by `make reinstall' for a 
particular port.


My usual routine involves `portupgrade -aRr', but that only upgrades the 
ports that have changed; it doesn't rebuild *everything*.


Again, if you're doing packages, there is no building involved.

Hope this has been sufficiently obfuscated  :^)

--
Chris Hill   [EMAIL PROTECTED]
** [ Busy Expunging <|> ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Chris Maness]

Chris Hill wrote:


On Wed, 8 Feb 2006, Chris Maness wrote:

Much simpler: just track RELENG_your_release to get security updates 
and bug fixes and nothing else. For example, mine is RELENG_5_4 and 
therefore tracks 5.4-RELEASE.


Is there a way to rebuild just the packages updated?  Or does the 
whole tree have to be rebuilt?



The part you quoted was referring to the system, not ports/packages.

Packages, by definition, are already built - you just install them.

Rebuilding the ports tree is yet another matter. When you cvsup ports, 
you get the (possibly updated) Makefiles and so forth, but the tree 
that gets updated is only the structure of the /usr/ports hierarchy. 
No source is downloaded, and nothing gets rebuilt, until you do a 
portupgrade, or `make deinstall' followed by `make reinstall' for a 
particular port.


My usual routine involves `portupgrade -aRr', but that only upgrades 
the ports that have changed; it doesn't rebuild *everything*.


Again, if you're doing packages, there is no building involved.

Hope this has been sufficiently obfuscated  :^)



Sorry, I am not using the correct lingo.  I am cool on the ports now.  I 
think I'll just have to figure out how to use portaudit, because I don't 
want to have to rebuild all 200+ packages I have installed on this 
production server.  I just want to rebuild the ones that introduce 
security issues.  I rebuilt all of the ports I had installed and it took 
almost two days.


Thanks

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Foo Ji-Haw]

I've been using FreeBSD + courier IMAP + MySQL (for user authentication).
It's hardly a load issue for more than 200,000 users, and that was years
ago.

- Original Message - 
From: "Bill Campbell" <[EMAIL PROTECTED]>
To: 
Sent: Thursday, February 09, 2006 4:22 AM
Subject: Re: Large imap server.


> On Wed, Feb 08, 2006, Albert Shih wrote:
> > Le 07/02/2006 à 16:26:42-0800, Bill Campbell a écrit
> >> On Tue, Feb 07, 2006, Albert Shih wrote:
> >> >Hi all
> >> >
> >> >I search some advice for large imap server.
> >> >
> >> >For me large is : 1000 users with 1 Go mails for each users. And every
> >> >users check by imap/pop those mail every 2 or 3 minutes.
> >> >
> >> >What's the «best» imap server ? Cyrus Imap or Courier-Imap ? (please
this
> >> >is not a troll).
> >>
> >> I prefer Courier-imap because it uses Maildir storage while Cyrus
> >> uses something similar in that it stores each message in a file,
> >> but Cyrus also maintains index files which can get corrupted.
> >
> >Yes this is I known, but many «voice» tel me the Cyrus imap is for very
> >huge. But I don't known what's mean «very huge»...
> >>
> >> We have several systems running courier-imap with 6000+ mailboxes
> >> on a single server without problems.
> >
> >And how many mail have every mailboxes ?
> >
> >Whith courier-imap when the user check this mail every 1-2 minutes anyone
> >known if the courier-imap daemon check only on
> >
> > Maildir/new
> >
> >or the daemon check also every
> >
> > Maildir/mailbox1/new
> > Maildir/mailbox2/new
>
> I think that depends on the e-mail client.  The default INBOX for
> courier is $HOME/Maildir/{cur,new,tmp}, and each folder will be
> in $HOME/Maildir/.foldername/{cur,new,tmp}.  The client issues
> the IMAP commands to check folders.
>
> POP clients will only see the default INBOX, and these tend to
> download the new messages on every connection leaving the
> mailboxes empty.
>
> IMAP clients tend to stay connected for extended periods of time
> (as I found when using WHOSON to permit mail relaying by
> connecting clients, and modified the whoson processing to update
> the daemon server on every authenticated IMAP command).
>
> Bill
> --
> INTERNET:   [EMAIL PROTECTED]  Bill Campbell; Celestial Software LLC
> URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
> FAX:(206) 232-9186  Mercer Island, WA 98040-0820; (206)
236-1676
>
> ``People from East Germany have found the West so confusing. It's so much
> easier when you have only one party.'' -- Linus Torvalde, Linux Expo
Canada
> when asked about confusion over many Linux distributions.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Robert Huff]

Chris Maness writes:

>  I rebuilt all of the ports I had installed and it took 
>  almost two days.

I have 560+ installed; I feel your pain.
Actually, no I don't.  Use portaudit/portversion to identify
those that need updating, and do some each morning.  Unless you hit
one of the monsters (java, mozilla, gnome, openoffice, etc.) it's
less than an hour.


Robert Huff

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

MySQL port

[Robert Uzzi]

Am I missing something or is the MySQL ports missing the switches to
compile with the CSV engine enabled? Mysql itself has them but not the
port?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: need help setting up a new partition

[Conrad Sabatier]

On 09-Feb-2006 Peter wrote:
> Hi everybody,
> 
> I have a dual-boot arrangement with Win2k (on the first and second
> partition) and FreeBSD 5.4 (on the third partition).  I am willing to
> sacrifice the second partition and give it over to FreeBSD as I am
> lacking space there.  I'm just not sure how to proceed.

Use sysinstall to delete the partition and then re-create it as ufs.
 
-- 
Conrad J. Sabatier <[EMAIL PROTECTED]> -- "In Unix veritas"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Protecting Windows

[Brian Astill]

Greetings, all.
Can anyone help with this issue?

Person with deteriorating vision has discovered Dragon 
Naturally Speaking which not only allows the construction of text 
from speech but can also speak from received text.  ie letter writing 
and email conversing etc become possible for the visually impaired.

All of which is wonderful except - you guessed it - the [EMAIL PROTECTED]& 
program runs on Windows 2000/XP only.  Why would anyone in their  
right mind NOT port a program as sensible as this to a SECURE OS?

So .. what can be done?  Would a good firewall (FBSD?), then distro of 
choice (Ubuntu) and run 2000 in a virtual machine from Linux, protect 
our visually impaired operator from inadvertently triggering a 
virus/trojan/worm embedded in an innocent email or text-based 
web-page or VB-embedded-script in a MSOffice document?

What arrangement would you suggest to enclose Windows in a "safe" 
environment? 

Alternatively, anyone know of a "Dragon Naturally Speaking" port to 
*nix or an app that achieves the same effects in OOO and (say) 
Firefox?

-- 
Regards,
Brian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: IP Banning (Using IPFW)

[Chris]

On 07/02/06, David Scheidt <[EMAIL PROTECTED]> wrote:
>
> On Tue, Feb 07, 2006 at 12:40:22AM +0200, Atis wrote:
> > On Sun, 5 Feb 2006 18:55:13 -0500
> > David Scheidt <[EMAIL PROTECTED]> wrote:
> >
> > >
> > > Nonsense.  There may be some people that only scan well-known ports,
> > > but it's much more common to scan every port on a machine.  If you're
> > > running a server on a non-standard port, an attacker will find it.
> > >
> >
> > sure, but 99% of the time the machines attacking your server are zombies
> > that do not care to do a full portscan. i suppose the purpose is to
> > find other misconfigured, easy-to-hack computers on the network. by
> > putting your services on non-standard ports you get rid of these
> > mindless drones and don't pollute log files with useless garbage.
> >
> > now if somebody _does_ actually target your server in particular then
> > this is definitely not the solution.
> >
> > anywayz, putting things on non-standard ports helps a lot, and is
> > one of the first and easiest security measures an administrator
> > may consider.
> >
>
> Taking your clothes off and painting yourself blue is also one of the
> first and easiest security measures to consider.  It's even more
> effective, too.  I know of no machine that's been cracked that had a
> wheel naked and painted blue.  I've seen lots running standard
> services on non-standard ports.
>
> Security through obscurity doesn't work, it makes tracking down
> other problems harder, and creates work to maintain non-standard
> configurations.


I understand his point, I see 2 types of problems we have to deal with.  The
thousands of drones that scan for boxes that are vulnerable to a specific
exploit, they will often scan ip ranges on a specific port and if its open
see if its vulnerable.  For these types of intruders chnging ports is very
effective since you would simply be skipped past on their scan, for most of
us 99% of attempted intrusions are zombie based or some script a kid has
downloaded of the web.

The argument against changing ports is of course when you have a persistent
hacker who wants in, he will of course scan all the ports and find the
service and this type of protection is nullified.  In this scenario if you
havent taken additional measures to secure the box then you may be in
trouble,

I personally move things like sshd of its normal port simply to stop my logs
been flooded with brute force logins and since I am the only one who uses
ssh there is no downside to it, I of course dont rely on this alone and keep
my software up to date amongst other security measures it is simply an extra
layer of skin on the onion.  For things like httpd I keep on port 80 as I
think moving the port of that is more hassle then its worth.

Chris
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: need help setting up a new partition

[Peter]

--- Conrad Sabatier <[EMAIL PROTECTED]> wrote:

> 
> On 09-Feb-2006 Peter wrote:
> > Hi everybody,
> > 
> > I have a dual-boot arrangement with Win2k (on the first and second
> > partition) and FreeBSD 5.4 (on the third partition).  I am willing to
> > sacrifice the second partition and give it over to FreeBSD as I am
> > lacking space there.  I'm just not sure how to proceed.
> 
> Use sysinstall to delete the partition and then re-create it as ufs.

I tried your suggestion but I cannot write to disk.  I posted a screenshot
here:

http://metawire.org/~petermatulis/ad0_error.png

I tried booting into single-user mode but still no dice.






__ 
Find your next car at http://autos.yahoo.ca
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Tracking Security in Ports and Base System

[Paul Schmehl]

--On February 8, 2006 5:14:42 PM -0800 Chris Maness <[EMAIL PROTECTED]> 
wrote:



Newbie question:

How should I set up cvsup to just track security updates for ports.


Install security/portaudit.  You'll be notified daily regarding any ports 
that need security updates.



And
would the best thing to do after I synced CVS, do portupgrade -a so that
everything selected gets rebuilt.

I do portupgrade -ai.  The last thing you want is to be caught by surprise 
when something is updated that you were not expecting.



What is the equivalent for the base system?


security/freebsd-update

Paul Schmehl ([EMAIL PROTECTED])
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Protecting Windows

[Lee Revell]

On Thu, 2006-02-09 at 14:32 +1030, Brian Astill wrote:
> Greetings, all.
> Can anyone help with this issue?
> 
> Person with deteriorating vision has discovered Dragon 
> Naturally Speaking which not only allows the construction of text 
> from speech but can also speak from received text.  ie letter writing 
> and email conversing etc become possible for the visually impaired. 

AIUI many of these apps actually hook into the video driver, so they can
see exactly what is being output to the screen regardless of the API
used.  Extremely clever but very difficult to port, and I would not be
surprised if it won't work with VMWare either.

Lee

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Protecting Windows

[Lee Revell]

On Thu, 2006-02-09 at 14:32 +1030, Brian Astill wrote:
> Greetings, all.
> Can anyone help with this issue?
> 

Please don't cc: moderated lists when posting to public lists.

"You are not allowed to post to this mailing list, and your message has
been automatically rejected.  If you think that your messages are
being rejected in error, contact the mailing list owner at
[EMAIL PROTECTED]"


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: need help setting up a new partition

[Peter]

--- Peter <[EMAIL PROTECTED]> wrote:

> 
> --- Conrad Sabatier <[EMAIL PROTECTED]> wrote:
> 
> > 
> > On 09-Feb-2006 Peter wrote:
> > > Hi everybody,
> > > 
> > > I have a dual-boot arrangement with Win2k (on the first and second
> > > partition) and FreeBSD 5.4 (on the third partition).  I am willing
> to
> > > sacrifice the second partition and give it over to FreeBSD as I am
> > > lacking space there.  I'm just not sure how to proceed.
> > 
> > Use sysinstall to delete the partition and then re-create it as ufs.
> 
> I tried your suggestion but I cannot write to disk.  I posted a
> screenshot
> here:
> 
> http://metawire.org/~petermatulis/ad0_error.png
> 
> I tried booting into single-user mode but still no dice.

Actually I changed a sysctl setting (sysctl kern.geom.debugflags=16) and I
was able to delete/create the partition.  Now I am stuck trying to create
the slices.  It keeps telling me the mount points do not exist when they
do.  I rebooted after creating them.






__ 
Find your next car at http://autos.yahoo.ca
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

intel high definition audio

[RYAN vAN GINNEKEN]

Hello i am having trouble getting my sound to work in gnome I have an
intel D925XECV2 mainboard has intel high definition audio built in.
There is link to info about board and sound below.  I cannot seem to
find anything in my dmesg (attached to this email) to do with sound
card.  Have added 

snd_driver_load="YES" to my /boot/loader.conf

also tried this command kldload snd_ich but it does not seem to work
either help

  
http://www.intel.com/design/chipsets/hdaudio.htm

[EMAIL PROTECTED] uname -a
FreeBSD rachel.computerking.ca 6.1-PRERELEASE FreeBSD 6.1-PRERELEASE #0:
Tue Feb  7 20:21:07 MST 2006
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC  i386

Waiting (max 60 seconds) for system process `syncer' to stop...
Syncing disks, vnodes remaining...3 2 1 0 done
All buffers synced.
Uptime: 2h11m2s
Shutting down ACPI
Rebooting...
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-RELEASE #0: Thu Nov  3 09:36:13 UTC 2005
[EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC
ACPI APIC Table: 
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Pentium(R) 4 CPU 3.20GHz (3200.11-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf43  Stepping = 3
  
Features=0xbfebfbff
  Features2=0x649d>
  AMD Features=0x2010
  Hyperthreading: 2 logical CPUs
real memory  = 2145579008 (2046 MB)
avail memory = 2094800896 (1997 MB)
ioapic0  irqs 0-23 on motherboard
npx0: [FAST]
npx0:  on motherboard
npx0: INT 16 interface
acpi0:  on motherboard
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
acpi0: Power Button (fixed)
acpi_bus_number: can't get _ADR
acpi_bus_number: can't get _ADR
pci_link0:  irq 11 on acpi0
pci_link1:  irq 3 on acpi0
pci_link2:  irq 5 on acpi0
pci_link3:  irq 10 on acpi0
pci_link4:  irq 0 on acpi0
pci_link5:  irq 0 on acpi0
pci_link6:  irq 0 on acpi0
pci_link7:  irq 9 on acpi0
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x408-0x40b on acpi0
cpu0:  on acpi0
acpi_perf0:  on cpu0
acpi_perf0: failed in PERF_STATUS attach
device_attach: acpi_perf0 attach returned 6
acpi_perf0:  on cpu0
acpi_perf0: failed in PERF_STATUS attach
device_attach: acpi_perf0 attach returned 6
acpi_throttle0:  on cpu0
pcib0:  port 0xcf8-0xcff on acpi0
pci0:  on pcib0
pcib1:  at device 1.0 on pci0
pci1:  on pcib1
pci1:  at device 0.0 (no driver attached)
pci0:  at device 27.0 (no driver attached)
pcib2:  at device 28.0 on pci0
pci5:  on pcib2
pcib3:  at device 28.1 on pci0
pci4:  on pcib3
pci4:  at device 0.0 (no driver attached)
pcib4:  at device 28.2 on pci0
pci3:  on pcib4
pcib5:  at device 28.3 on pci0
pci2:  on pcib5
uhci0:  port 0xcc00-0xcc1f 
irq 23 at device 29.0 on pci0
uhci0: [GIANT-LOCKED]
usb0:  on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1:  port 0xd000-0xd01f 
irq 19 at device 29.1 on pci0
uhci1: [GIANT-LOCKED]
usb1:  on uhci1
usb1: USB revision 1.0
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2:  port 0xd400-0xd41f 
irq 18 at device 29.2 on pci0
uhci2: [GIANT-LOCKED]
usb2:  on uhci2
usb2: USB revision 1.0
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
uhci3:  port 0xd800-0xd81f 
irq 16 at device 29.3 on pci0
uhci3: [GIANT-LOCKED]
usb3:  on uhci3
usb3: USB revision 1.0
uhub3: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub3: 2 ports with 2 removable, self powered
ehci0:  mem 0xf3afb800-0xf3afbbff irq 23 at 
device 29.7 on pci0
ehci0: [GIANT-LOCKED]
usb4: EHCI version 1.0
usb4: companion controllers, 2 ports each: usb0 usb1 usb2 usb3
usb4:  on ehci0
usb4: USB revision 2.0
uhub4: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1
uhub4: 8 ports with 8 removable, self powered
pcib6:  at device 30.0 on pci0
pci6:  on pcib6
xl0: <3Com 3c905C-TX Fast Etherlink XL> port 0xbc00-0xbc7f mem 
0xf3b21000-0xf3b2107f irq 18 at device 2.0 on pci6
miibus0:  on xl0
ukphy0:  on miibus0
ukphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
xl0: Ethernet address: 00:0a:5e:51:71:48
fwohci0:  mem 0xf3b2-0xf3b20fff irq 17 at device 5.0 on 
pci6
fwohci0: OHCI version 1.0 (ROM=0)
fwohci0: No. of Isochronous channels is 8.
fwohci0: EUI64 00:13:20:00:00:42:05:0f
fwohci0: Phy 1394a available S400, 3 ports.
fwohci0: Link S400, max_rec 2048 bytes.
firewire0:  on fwohci0
fwe0:  on firewire0
if_fwe0: Fake Ethernet address: 02:13:20:42:05:0f
fwe0: Ethernet address: 02:13:20:42:05:0f
fwe0: if_start running deferred for Giant
sbp0:  on firewire0
fwohci0: Initiate bus reset
fwohci0: node_

need some advice on our cisco routers..

[Mark Jayson Alvarez]

Hi,
 
 We have a couple of cisco routers. There was one time when suddenly we cannot 
login remotely via telnet. I investigate further and was shocked when I found 
out that there where 16 telnet connections coming from outsiders ip addresses. 
I immediately called our Director(the only cisco certified guy in the office) 
and he begin kicking each of the telnet connections one by one. He then 
replaced every "secret/password" and deleted all unnecessary local accounts. 
However, we're still wondering how those hackers got into the system. Now this 
cisco's aaa is default to a radius server. Since then, outsiders have gone 
away.. Perhaps the hackers got one of the router's local accounts, and trying 
to brute force their way to enable mode.
 
 Now, I have few questions:
 1. Is it possible to think that they still haven't cracked the enable password 
yet or they already know it and just silently been playing with our router?? 
What for? If you are a hacker, what would you do if you got an access to an 
ISP's router??:-)
 2. What will you do if the same thing happened to you??
 3.How do you secure your cisco routers in your office?? Our director said that 
we should look for best practices in securing our routers. 
 
 Our company is an ISP for broadband internet for R&D institutions. We offer no 
dial up connections, only E1's etc. We have 2 stm1(155Mbps) outgoing pipes. One 
cisco 7206 and one cisco 7304.
 We have a radius server running some old version of freebsd(4.6 I guess) but 
the accounting is not working anymore. Only authentication, and radius uses the 
accounts listed in /etc/passwd.
 
 Now, I am trying to configure a new radius server(to replace the old server 
configured by the former net/sys admins) only not sure if it is really what we 
need.. My initial idea of radius is that it ties up authentication, 
authorization and accounting.. however as I have said, I guess we don't need 
any accounting since we don't offer dial up services. In authentication, I 
tried once to make our router work with our kerberos  setup so that telnet 
password doesnt have to be sent but unfortunately, I failed to make it work 
with our heimdal installation(seems like they are having incompatibility issues 
with encryption, though I haven't tried it with MIT yet). Authorization: We 
currently have an ldap directory used only for email services, don't know if it 
is still needed. We also have remote logging through that radius server also, 
and guess what, its not working anymore. I compared the config of that 
compromised router with the other one and found out that the logging lines are
 gone(hmmm..)
 
 I need some tips here. The tools you are currently using. Also some of the 
best practices you are implementing in your noc.. I'm the new admin and the 
services are poorly documented.. Now I am trying to start everything from 
scratch, this time documenting everything I am doing.. Load balancer, proxy 
server, email, dns, web, ldap, kerberos, etc. Unfortunately I don't have any 
cisco training yet and I'm glad that my supervisor is kind enough to lend me 
the enable password (the rest, google and google)
 
 Thank's for your time.
 
 Sincerely 
 -jay
 
 
 
 
 
 
 
 
 
 
 

-
Brings words and photos together (easily) with
 PhotoMail  - it's free and works with Yahoo! Mail.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Protecting Windows

[Romana Branden]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

codeweavers has mixed success:)
http://www.codeweavers.com/site/compatibility/browse/name/?cw=2f920008479e84a8f09e53169236c080;app_id=1229
- --
Romana Branden
Forget not that the earth delights to feel your bare feet
and the winds long to play with your hair. - Kahlil Gibran
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD6t74dXQlYmpAnCIRAhEPAJ9yybK3OTZKzefpUaADuZn/T8PqVwCfWUmd
uz1T0kZteVrC4DfT/nbPnP8=
=xuaT
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: need some advice on our cisco routers..

[Olivier Nicole]

>  3. How do you secure your cisco routers in your office?? Our
>  director said that we should look for best practices in securing
>  our routers.

The very first step would be to limit where from you can telnet to the
router. There is no good reason why whole internet could telnet to the
router.

The following shoud do

access-list 30 permit 192.168.0.0 ! one unique machine ins9ide my network
access-list 30 deny   any log

line vty 0 4
 access-class 30 in
 exec-timeout 0 0
 login local
 refuse-message ^Cnauthorized access prohibited
^C

>  1. Is it possible to think that they still haven't cracked the enable
>  password yet or they already know it and just silently been playing
>  with our router?? What for? If you are a hacker, what would you do
>  if you got an access to an ISP's router??:-)

If you have a back-up of your configuration, you can check if anything
has been changed. You can alos check the config change time stamp in
Cisco "show run".

In any case, play it safe, restore the last running configuration and
change the enable password.

The router could be a good sniffing point to grab hold on some
username/password from the ISP customers.

Olivier
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Mail back-up system

[Olivier Nicole]

Hi,

As a sys-admin, I am often bugged by users who had mistakenly deleted
some very important email, and could I recover it from the tape
back-up.

I try to explain to them that back-up is only run once per 24 hours
and maybe their message arrived since the last run, and that tapes are
there to recover disk crash, not user bad moves, it still eats up
quite some amount of my time (and it is a stupid task).

So I came up with a system whereby messages are duplicated on a second
server and users can use a web page to browse that second server and
recover emails.

Kust in case someone maybe interested, the system is explained there:

http://www.cs.ait.ac.th/laboratory/email/mailback.shtml

Bests,

Olivier
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"