Re: Mysterious reboot

[Olivier Nicole]

> /var/log/messages just shows a user connectig via pop, and then the next
> line is the machine booting.

Does the reboot correspond to the rainstorm?

Do you have UPS?

If time matches and no UPS I'd highly suspect a micro power faillure,
that other machines could over go, but that this specific machine
could not handle. It could be enough that a capacitor in the power
supply of the machine is drying out and the micro cut could not be
filtered as well as it used to be.

I'd not expect laptopn of TV to be affected by such micro shortage.

Olivier



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Mysterious reboot

[Mike Loiterman]

Afte being up for more than two months, I just noticed that my ver reliable
and stable server mysteriously rebooted.  I've had the same hardware and
system setup for more than a year and haven't ever experienced anything like
this before.  I haven't added any new hardware in a very long time.  I did
upgrade mysql this morning via portupgrade, however.

The system appears to have crashed, as dmesg shows that the various
filesystems weren't unmounted correctly upon reboot, but aside from that
single error, nothing else points to what the problem was.

/var/log/messages just shows a user connectig via pop, and then the next
line is the machine booting.

We are having a pretty good rainstorm, but nothing else seems to have lost
power and I have several other machines in this space that did not go down
(servers, TVs, XBOX, laptops, etc).

The machine seems to have gone down around 11:23 PM, so I checked /etc/cron
to see if I had scheduled a job to be run at that time, but there are no
jobs scheduled to be run on or near this time.

Where can I begin to look for more clues as to why this machine seems to
have crashed?  Where would a kernel core dump be or a mysql core dump?

--
Mike Loiterman
grantADLER
Tel: 630-302-4944
Fax: 773-442-0992
Email: [EMAIL PROTECTED]
PGP Key: 0xD1B9D18E

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Arpwatch?

[Kurt Buff]

All,

I've installed arpwatch-2.1.a13_2 on FBSD 6.0 (6.0-RELEASE #0 GENERIC
I386), and it looks like it installed just fine.

However, when I run the rc.d script (/usr/local/etc/rc.d/arpwatch.sh
start) to start it, nothing happens, except that it echoes 'meuh' and
then dies - I found that string in the script, so that seems to be
working, as far as that goes.

I'm wanting to accept defaults for the startup, so haven't edited the
script, nor am I passing any arguments on the command line.

Man arpwatch doesn't reveal anything to me - it's kinda terse, per usual.

However, I am running ntop on the same box, if that makes a difference.

Anyone out there knowledgable about this, and can tell me what goof I'm
making?

Thanks,

Kurt
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

UTF-8 locales and display corruption

[Jeramey Crawford]

If I should set my LANG environment variable to "en_US.UTF-8", many
terminal applications which link to and use ncurses begin to have
various degrees of display corruption. Does anyone know how to fix this,
or what the cause is?

The applications I have noticed it the most in are mutt (including
mutt-devel) and ncmpc, both from ports, and I am running FreeBSD-STABLE
as of just a couple of days ago.

Thanks!

Jeramey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: automount external usb hard drive?

[Igor Robul]

On Wed, Feb 15, 2006 at 01:59:21AM +, Daniel Bye wrote:
> On Tue, Feb 14, 2006 at 08:01:44PM -0500, Peter wrote:
> > Hi, is it possible to have an external USB hard drive automounted once
> > connected?  
Also you'll need to umount it manually if you dont wish lose data.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Stale Dependancy

[Chris Maness]

On Thu, 16 Feb 2006, Bob Perry wrote:


Chris Maness wrote:



On Wed, 15 Feb 2006, Bob Perry wrote:


Chris Maness wrote:

This might be Newbie question:

What is the cleanest way to resolve stale dependency with gamin-0.1.5_3. 
I think I remember seeing a message that it merged into fam.  I did a 
portupgrade -a, and it's still there.  I was surprised this was not self 
cleansing because I used CVSUP to sync my port tree.


Hi Chris,
I ran into a stale dependency situation where I thought gamin-0.1.5_3 was 
replacing fam.   I posted the issue and received the following command 
which replaced fam:


"You can only have one (fam or gamin) installed.  The following command 
will replace fam with gamin:

>
> portupgrade -o devel/gamin -f fam"


I posted my message around 1/31.  You may want to review archives and 
determine if this may apply to your situation.


Bob Perry




That fixed the stale dependency problem, but didn't fam merge into gamin. 
Isn't that what caused the issue in the first place?



Not sure Chris.  However, I did not see fam, or gamin mentioned in 
/usr/ports/UDATING.


Bob



Thanks, maybe I had it mistaken for another port that merged.

Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help Installing FreeBSD 6.0 with GUI

[Igor Robul]

On Thu, Feb 16, 2006 at 05:04:01PM +1100, Norberto Meijome wrote:
> 1) once you installed the graphics/dri , how do you enable them in
> xorg.conf?
Unfortunately I cannot tell you about configuration you need for 855G,
but at least you need load kernel module for 855G, and place
Load "dri"
Load "glx"
to "Module" section of xorg.cfg
> 
> 2) can you define what is 'good performance with glxgears'? I get about
> 200 fps... but GL-based xscreensaver modules push very low fps.
I have about 750 fps on Radeon 9200 at home with installed
graphics/dri, and I have same fps with native nVidia drivers at work on
GeForce MX440.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Stale Dependancy

[Bob Perry]

Chris Maness wrote:



On Wed, 15 Feb 2006, Bob Perry wrote:


Chris Maness wrote:

This might be Newbie question:

What is the cleanest way to resolve stale dependency with 
gamin-0.1.5_3.  I think I remember seeing a message that it merged 
into fam.  I did a portupgrade -a, and it's still there.  I was 
surprised this was not self cleansing because I used CVSUP to sync my 
port tree.


Hi Chris,
I ran into a stale dependency situation where I thought gamin-0.1.5_3 
was replacing fam.   I posted the issue and received the following 
command which replaced fam:


"You can only have one (fam or gamin) installed.  The following 
command will replace fam with gamin:

>
> portupgrade -o devel/gamin -f fam"


I posted my message around 1/31.  You may want to review archives and 
determine if this may apply to your situation.


Bob Perry




That fixed the stale dependency problem, but didn't fam merge into 
gamin. Isn't that what caused the issue in the first place?



Not sure Chris.  However, I did not see fam, or gamin mentioned in 
/usr/ports/UDATING.


Bob
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help Installing FreeBSD 6.0 with GUI

[Norberto Meijome]

Igor Robul wrote:
> On Sat, Feb 11, 2006 at 07:36:08AM +, Robert Slade wrote:
>   
>> There are some minor issues with nvida video 3d cards but there are
>> nvida drivers for BSD. ATI cards are a bit more of a problem. In both
>> cases search the mailing list archives the info is there.
>> 
> I dont see any problems with ATI Radeon 9200 on my home PC, except I
> cant play linux-enemyterritory with it :-). X.org driver "just work",
> also you can have good 3D performance (at least with glxgears :-) ) if
> you'll install graphics/dri port.
>   
Hi there,
Intel i855GM here.

1) once you installed the graphics/dri , how do you enable them in
xorg.conf?

2) can you define what is 'good performance with glxgears'? I get about
200 fps... but GL-based xscreensaver modules push very low fps.

thanks!!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Stale Dependancy

[Chris Maness]

On Wed, 15 Feb 2006, Bob Perry wrote:


Chris Maness wrote:

This might be Newbie question:

What is the cleanest way to resolve stale dependency with gamin-0.1.5_3.  I 
think I remember seeing a message that it merged into fam.  I did a 
portupgrade -a, and it's still there.  I was surprised this was not self 
cleansing because I used CVSUP to sync my port tree.


Hi Chris,
I ran into a stale dependency situation where I thought gamin-0.1.5_3 was 
replacing fam.   I posted the issue and received the following command which 
replaced fam:


"You can only have one (fam or gamin) installed.  The following command will 
replace fam with gamin:

>
> portupgrade -o devel/gamin -f fam"


I posted my message around 1/31.  You may want to review archives and 
determine if this may apply to your situation.


Bob Perry




That fixed the stale dependency problem, but didn't fam merge into gamin. 
Isn't that what caused the issue in the first place?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

kdm and fluxbox

[RYAN M. vAN GINNEKEN]

I am tring to get kdm to log me into fluxbox i have followed the handbook to 
the letter and can login to gnome kde and enlightnment also options for defaut 
and failsafe and some others none of which i have tried yet.  However flux box 
is not there and i cannot seem to find where kde is getting these sessions 
from.  There does not seem to be any option in kcontrol for session like 
mentioned in the freebsd handbook i did go into

usr/X11R6/lib/X11/xdm/Xsession 

and added some lines but nothing happened  

   failsafe)
exec /usr/X11R6/bin/xterm -geometry 80x24-0-0
;;
kde)
exec /usr/local/bin/startkde
;;
GNOME)
exec /usr/X11R6/bin/gnome-session
;;
FluxBox)
exec /usr/X11R6/bin/fluxbox
;;
esac
esac


WHERE IS KDM GETTING ITS SESSION INFO FROM AND HOW DO I TELL IT TO ADD FLUXBOX


-- 
Computer King/CaNMail

http://www.computerking.ca http://www.canmail.org

Sales, Service, and Hosting
Email, Data, and Web Packages
Ask about web design specials

Affiliates
http://www.computerking.ca/pages/links/affiliates/affiliates.htm

Maybe Computer Science should be in the College of Theology. -- R. S. Barton 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: [Total OT] Trying to improve some numbers ...

[David Benfell]

On Thu, 16 Feb 2006 01:01:33 -0400, Marc G. Fournier wrote:
> 
> FreeBSD is showing 4th place right now behind Linux, SunOS and Netware for 
> Average Uptimes ... with ours being an average of 120 days
> 
Which shows yet again how utterly worthless this kind of rating is.

So here's the problem as *I* see it: Do you participate in such
silliness for dubious PR value at the risk of supporting the use of
invalid methodology, or do you refuse at the risk of appearing to have
something to hide?  Now, the way I frame this makes pretty clear *my*
preference, but possibly others have other ways to frame it.

-- 
David Benfell, LCP
[EMAIL PROTECTED]
---
Resume available at http://www.parts-unknown.org/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

FreeBSD-6 + Jail + MultipleIP

[mr sicon]

Anyone have a patch or know if and when it will be implemented into the base
jail system?

thanks
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Ethernet Stopping Problem

[Ian Barnes]

Hi Danial,

Any ideas as to how I would be able to find out more if it was an arp
problem. I don't see how it could be because I have only 3 machines on the
network at the time that it died. The three where the router, the freebsd
gateway, and my notebook. Is there something I could enable on the sysctl
side of things? Or syslogd side of things to try and see if it is an arp
problem, and if it is, how can I rectify it ?

Cheers
Ian

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Danial Thom
Sent: 16 February 2006 02:36 AM
To: [EMAIL PROTECTED]; freebsd-questions@freebsd.org
Subject: RE: Ethernet Stopping Problem

Things that stop after 5-10 minutes are usually
ARP related, but I can't be certain.

--- [EMAIL PROTECTED] wrote:

> Need more background info.
> Explain where you are getting the public
> non-routable 10.0.0.0 ip
> address from.
> You say the ADSL router is using them.
> Did you edit your real ip address to hide then
> from this public
> post?
> Also you have to post your ppp.conf file.
> Are you trying to configure PPPoe?
> 
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Behalf Of Ian Barnes
> Sent: Wednesday, February 15, 2006 5:47 PM
> To: freebsd-questions@freebsd.org
> Subject: Ethernet Stopping Problem
> 
> 
> Hi,
> 
> I have a freebsd 5.2 box setup as my gateway
> for my home network.
> The
> network is layed out as follows:
> 
> FreeBSD Gateway - 10.0.0.1/16
> ADSL Router - 10.0.0.2/16
> 
> DHCP Network - 10.0.1.0 - 10.0.1.254 all /16
> with default gateway as
> .1
> 
> I have ppp enabled on the freebsd unit, and it
> connects fine and
> then
> everything works perfectly for anything between
> 5 and 10 minutes. At
> this
> stage, the freebsd machine cant get to the
> 10.0.1.0 network anymore.
> It can
> still ping 10.0.0.2 fine and its connection to
> the internet remains
> perfect.
> It just wont let anyone else come in from
> anywhere else on the
> network. It
> kills all SSH sessions, web sessions etc. I
> replaced the ifac card
> with an
> ed0 card, and also replaced cables and the
> switch in between.
> 
> The card in question is both a dc0 and an ed0
> card which I have
> swapped into
> another PCI port and it still does the same
> thing there. Below is an
> ifconfig:
> 
> ed0:
>
flags=108843
> mtu 1500
> inet 10.0.0.1 netmask 0x
> broadcast 10.0.255.255
> ether 00:c0:df:fa:b8:74
> plip0:
> flags=108810 mtu
> 1500
> lo0: flags=8049
> mtu 16384
> inet 127.0.0.1 netmask 0xff00
> tun0:
> flags=8051
> mtu 1492
> inet 165.x.x.x --> 165.x.x.x netmask
> 0x
> Opened by PID 218
> [EMAIL PROTECTED] ~ #
> 
> 
> Here is a rc.conf:
> [EMAIL PROTECTED] ~ # cat /etc/rc.conf
> defaultrouter="10.0.0.2"
> hostname="gateway.domain.local"
> ifconfig_ed0="inet 10.0.0.1 netmask
> 255.255.0.0"
> saver="logo"
> sshd_enable="NO"
> usbd_enable="YES"
> blanktime="3600"
> apache2_enable="YES"
> mysql_enable="YES"
> sendmail_enable="NONE"
> gateway_enable="YES"
> inetd_enable="NO"
> kern_securelevel_enable="NO"
> ppp_enable="YES"
> ppp_nat="YES"
> ppp_mode="ddial"
> ppp_profile="dsl1"
> dhcpd_enable="YES"
> dhcpd_flags="-q"
> dhcpd_conf="/usr/local/etc/dhcpd.conf"
> dhcpd_ifaces="ed0"
> [EMAIL PROTECTED] ~ #
> 
> 
> I don't have any sysctl rules in place, and
> everything else about
> this unit
> is standard.
> 
> I am not running a firewall at this stage and
> was just wondering
> what the
> cause of this problem could be?
> 
> Cheers
> Ian
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Ethernet Stopping Problem

[Ian Barnes]

Hi,

Here might be a better drawing (possibly)

Router (10.0.0.2)
|
|   
FreeBSD Gateway (10.0.0.1)
|
|
Switch (10/100)
|
-   (10.0.1.0/24)
|   |   |
Laptop  Desktop Wireless AP


The router is in bridge mode and my FreeBSD box gets its tun0 IP from DHCP
from the ISP through pppoe. The 10.0.0.1 is a static address and all the
machines (excluding the wireless), are dhcp in the 10.0.1.0/24 range.

I removed the read IP addresses from the post, I replaced them with x.x.x. I
howevere don't feel that the PPP is the problem because it is working for
about 5-10 minutes. Then everything stops working. Like an ARP problem. Cant
explain why I would have an arp problem though. I am not trying to configure
ppp as that works fine, its just that the network stops working after 5-10
minutes that its already working.

Cheers
Ian

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: 16 February 2006 01:53 AM
To: Ian Barnes; freebsd-questions@freebsd.org
Subject: RE: Ethernet Stopping Problem

Need more background info.
Explain where you are getting the public non-routable 10.0.0.0 ip
address from.
You say the ADSL router is using them.
Did you edit your real ip address to hide then from this public
post?
Also you have to post your ppp.conf file.
Are you trying to configure PPPoe?



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ian Barnes
Sent: Wednesday, February 15, 2006 5:47 PM
To: freebsd-questions@freebsd.org
Subject: Ethernet Stopping Problem


Hi,

I have a freebsd 5.2 box setup as my gateway for my home network.
The
network is layed out as follows:

FreeBSD Gateway - 10.0.0.1/16
ADSL Router - 10.0.0.2/16

DHCP Network - 10.0.1.0 - 10.0.1.254 all /16 with default gateway as
.1

I have ppp enabled on the freebsd unit, and it connects fine and
then
everything works perfectly for anything between 5 and 10 minutes. At
this
stage, the freebsd machine cant get to the 10.0.1.0 network anymore.
It can
still ping 10.0.0.2 fine and its connection to the internet remains
perfect.
It just wont let anyone else come in from anywhere else on the
network. It
kills all SSH sessions, web sessions etc. I replaced the ifac card
with an
ed0 card, and also replaced cables and the switch in between.

The card in question is both a dc0 and an ed0 card which I have
swapped into
another PCI port and it still does the same thing there. Below is an
ifconfig:

ed0: flags=108843 mtu 1500
inet 10.0.0.1 netmask 0x broadcast 10.0.255.255
ether 00:c0:df:fa:b8:74
plip0: flags=108810 mtu 1500
lo0: flags=8049 mtu 16384
inet 127.0.0.1 netmask 0xff00
tun0: flags=8051 mtu 1492
inet 165.x.x.x --> 165.x.x.x netmask 0x
Opened by PID 218
[EMAIL PROTECTED] ~ #


Here is a rc.conf:
[EMAIL PROTECTED] ~ # cat /etc/rc.conf
defaultrouter="10.0.0.2"
hostname="gateway.domain.local"
ifconfig_ed0="inet 10.0.0.1 netmask 255.255.0.0"
saver="logo"
sshd_enable="NO"
usbd_enable="YES"
blanktime="3600"
apache2_enable="YES"
mysql_enable="YES"
sendmail_enable="NONE"
gateway_enable="YES"
inetd_enable="NO"
kern_securelevel_enable="NO"
ppp_enable="YES"
ppp_nat="YES"
ppp_mode="ddial"
ppp_profile="dsl1"
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="ed0"
[EMAIL PROTECTED] ~ #


I don't have any sysctl rules in place, and everything else about
this unit
is standard.

I am not running a firewall at this stage and was just wondering
what the
cause of this problem could be?

Cheers
Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: PAE kernel

[Chuck Swiger]

Robert Uzzi wrote:
> What is the secret to compiling a PAE kernel?

42?  No, no, that's not it. [1] Try:

  cd /usr/src && make buildkernel KERNCONF="PAE"

Look at and perhaps modify /usr/src/sys/i386/conf/PAE first, if you like.

-- 
-Chuck

[1]: I'm in a whimsical humor, sorry.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Jim Csoka]

No...I ran make maps, as well as make install for the blacklist feature, and 
make restart.


However, here is something interesting.  When I access my corporate email 
via openwebmail, it functions as I would expectyou cannot send or 
receive to the given address.  However, when using Outlook Express (internal 
mail client at work), you can still send mail to the address I am trying to 
block.


Why should this be so?


- Original Message - 
From: "Nathan Vidican" <[EMAIL PROTECTED]>

To: 
Cc: <[EMAIL PROTECTED]>
Sent: Wednesday, February 15, 2006 5:00 PM
Subject: Re: Blocking an individual email address



Lowell Gilbert wrote:

"James Csoka" <[EMAIL PROTECTED]> writes:


After reading the page you linked to, and looking at the examples, I 
added
the line To:[EMAIL PROTECTED] REJECT (using my personal email), and it had 
no

effect.  I can't find any good reason it didn't work, but it fails to
prevent me from sending mail from inside my work network to my home 
address.



Maybe putting an alias on the home address?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"




cd /etc/mail
vi access
make maps

You probably forgot to 'make maps'.

--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
"[EMAIL PROTECTED]"




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ethernet Interface haywire ???

[Danial Thom]

I wouldn't think that a bus error would have
anything to do with the version of the OS. If the
hardware gets hosed, its likely to do almost
anything.

--- brent <[EMAIL PROTECTED]> wrote:

> Thanks--the server has em (intel gigabit) nics.
> Have you seen this on any
> specific version of FreeBSD and *hopefully* not
> on others (e.g. RELENG_6_0)?
> 
> Brent
> 
> Danial Thom writes:
> 
> > I've seen it happen when the ethernet device
> gets
> > a bus error and throws it into some strange
> > state. I've seen it mostly with on-board
> intel
> > devices (fxp), but thats what we use mostly
> so it
> > may not be part specific.
> >
> > DT
> >
> > --- brent <[EMAIL PROTECTED]> wrote:
> >
> >> Has anyone run into this scenario where a
> BSD
> >> Box (RELENG_5_4) takes down
> >> the whole subnet for only FreeBSD boxes.
> >> Here’s the scenario: One of my
> >> web servers goes into a crazy state which
> kills
> >> all traffic on the network
> >> for only FreeBSD boxes.  Linux boxes can
> talk
> >> to other linux boxes, but
> >> FreeBSD boxes are dead. You can ping a
> FreeBSD
> >> box (from linux) but services
> >> such as SSH go half-way and never completely
> >> connect. Other services such as
> >> http don’t work either.  Rebooting that
> >> offending box fixes the problem.
> >> I’ve seen this once it a great moon;
> however,
> >> it recently happened two
> >> days in a row. Any suggestions would be
> >> appreciated.  I have other
> >> RELENG_5_4 and RELENG_6_0 boxes that don’t
> >> seem to be the culprit, as well
> >> as an identical hardware box running
> >> RELENG_6_0. Thanks.
> >>
> >>
> ___
> >> freebsd-questions@freebsd.org mailing list
> >>
> >
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> >> To unsubscribe, send any mail to
> >> "[EMAIL PROTECTED]"
> >>
> >
> >
> >
>
__
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam
> protection around
> > http://mail.yahoo.com
> 
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

[Total OT] Trying to improve some numbers ...

[Marc G. Fournier]

Always trying to find new tools to monitor our servers, I came across the 
following a little while ago:


   http://www.mreriksson.net/uptimes/intro

FreeBSD is showing 4th place right now behind Linux, SunOS and Netware for 
Average Uptimes ... with ours being an average of 120 days ... so, figured 
I'd send out a note to the list, since few ppl probably know about it ...


It installs via ports: /usr/ports/sysutils/uptimec ... add your hosts to 
the stats, help push our numbers higher ...



Marc G. Fournier   Hub.Org Networking Services (http://www.hub.org)
Email: [EMAIL PROTECTED]   Yahoo!: yscrappy  ICQ: 7615664
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help with strange web server problem

[Chuck Swiger]

Jerry Bell wrote:
[ ... ]
> I've done some more troubleshooting and some strange things have
> appeared.  First, the colo says there is NO proxy, and NO firewall in
> front of this server.

That's believable too, perhaps you simply have a NIC which is failing or is
screwing up the packet checksums in some odd case.  You would have to sniff the
traffic from another machine (perhaps a sysadmin's laptop?) and grab the full
packets ("-s 0" to tcpdump to be sure.

Have you tried swapping NICs or adding a PCI NIC card?  BTW:

> 1671172334:1671172334(0) win 64512  

This is not quite enough data to tell, but this looks like maybe you're seeing
the IPv6 MSS of 1260 rather than what I get by default (1460?) under FreeBSD?
Of course, it could just be a Windows client machine or something going through
something like a VPN/PPTP tunnel which reduces the MTU...?

What happens if you reduce your interface MTU to 1260?

You ought to be looking for all traffic between your server and a test host,
BTW, sometimes the ICMP traffic, if any, is important to understanding the 
issue.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Stale Dependancy

[Bob Perry]

Chris Maness wrote:

This might be Newbie question:

What is the cleanest way to resolve stale dependency with 
gamin-0.1.5_3.  I think I remember seeing a message that it merged into 
fam.  I did a portupgrade -a, and it's still there.  I was surprised 
this was not self cleansing because I used CVSUP to sync my port tree.


Hi Chris,
I ran into a stale dependency situation where I thought gamin-0.1.5_3 
was replacing fam.   I posted the issue and received the following 
command which replaced fam:


"You can only have one (fam or gamin) installed.  The following command 
will replace fam with gamin:

> >
> > portupgrade -o devel/gamin -f fam"

I posted my message around 1/31.  You may want to review archives and 
determine if this may apply to your situation.


Bob Perry

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: SATA Raid

[Beastie]

Robert Uzzi wrote:


That still dosen't connedt SATA to a non sata board though. That's my
situation I have 6 SATA drives but no SATA native board. Looking for a
cheap addin card to build this upon.

 

 

I'll buy Intel SRCS16 (500$) this week, will talk to u later about it's 
compatibility and performance for RAID 5 with 4 SATA drive.


regards
reza

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Help with strange web server problem

[Jerry Bell]

Path MTU problem?



That would be my vote also.

Ted

  
I've done some more troubleshooting and some strange things have 
appeared.  First, the colo says there is NO proxy, and NO firewall in 
front of this server.


I captured a misfire on both the server and on my freebsd gateway.  The 
two traffic flows don't seem to quite line up.


First, here is the view from the server:
www# tcpdump - -vvv -A port 80
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96 
bytes
2006-02-15 22:18:11.014600 IP (tos 0x0, ttl 110, id 10713, offset 0, 
flags [DF], length: 48) c-71-199-184-251.hsd1.ga.comcast.net.3945 > 
www.musiclodge.com.http: S [tcp sum ok] 1671172334:1671172334(0) win 
64512 


E..0)[EMAIL PROTECTED]>QG...?.d,.i.Pc...p..._...
2006-02-15 22:18:11.014650 IP (tos 0x0, ttl  64, id 34040, offset 0, 
flags [DF], length: 48) www.musiclodge.com.http > 
c-71-199-184-251.hsd1.ga.comcast.net.3945: S [bad tcp cksum a4c0 
(->9a1f)!] 1547658190:1547658190(0) ack 1671172335 win 65535 1460,nop,nop,sackOK>


[EMAIL PROTECTED]@..2?.d,GP.i\?c.c...p...
2006-02-15 22:18:11.060824 IP (tos 0x0, ttl 110, id 10715, offset 0, 
flags [DF], length: 40) c-71-199-184-251.hsd1.ga.comcast.net.3945 > 
www.musiclodge.com.http: . [tcp sum ok] 1:1(0) ack 1086692403 win 64856


E..()[EMAIL PROTECTED]>WG...?.d,.i.Pc...P..X..
2006-02-15 22:18:11.060837 IP (tos 0x0, ttl  64, id 60576, offset 0, 
flags [DF], length: 40) www.musiclodge.com.http > 
c-71-199-184-251.hsd1.ga.comcast.net.3945: R [bad tcp cksum a4b8 
(->5e83)!] 2634350593:2634350593(0) win 0


E..([EMAIL PROTECTED]@...?.d,GP.iP...
2006-02-15 22:18:11.065196 IP (tos 0x0, ttl 110, id 10716, offset 0, 
flags [DF], length: 40) c-71-199-184-251.hsd1.ga.comcast.net.3945 > 
www.musiclodge.com.http: . [tcp sum ok] 387:387(0) ack 1086692403 win 64856


E..()[EMAIL PROTECTED]>VG...?.d,.i.Pc..qP..X..
2006-02-15 22:18:11.065208 IP (tos 0x0, ttl  64, id 4488, offset 0, 
flags [DF], length: 40) www.musiclodge.com.http > 
c-71-199-184-251.hsd1.ga.comcast.net.3945: R [bad tcp cksum a4b8 
(->5e83)!] 2634350593:2634350593(0) win 0


E..([EMAIL PROTECTED]@...?.d,GP.iP...
2006-02-15 22:18:11.069569 IP (tos 0x0, ttl 110, id 10717, offset 0, 
flags [DF], length: 426) c-71-199-184-251.hsd1.ga.comcast.net.3945 > 
www.musiclodge.com.http: P 1:387(386) ack 1086692403 win 64856

E...)[EMAIL PROTECTED]<.G...?.d,.i.Pc...P..X'1..GET / HTTP/1.1

   Accept: image/gif, image/x
2006-02-15 22:18:11.069579 IP (tos 0x0, ttl  64, id 40159, offset 0, 
flags [DF], length: 40) www.musiclodge.com.http > 
c-71-199-184-251.hsd1.ga.comcast.net.3945: R [bad tcp cksum a4b8 
(->5e83)!] 2634350593:2634350593(0) win 0


E..([EMAIL PROTECTED]@..R?.d,GP.iP...
2006-02-15 22:18:14.014594 IP (tos 0x0, ttl  64, id 12734, offset 0, 
flags [DF], length: 48) www.musiclodge.com.http > 
c-71-199-184-251.hsd1.ga.comcast.net.3945: S [bad tcp cksum a4c0 
(->9a1f)!] 1547658190:1547658190(0) ack 1671172335 win 65535 1460,nop,nop,sackOK>


[EMAIL PROTECTED]@.dl?.d,GP.i\?c.c...p...
2006-02-15 22:18:14.073367 IP (tos 0x0, ttl 110, id 10734, offset 0, 
flags [none], length: 40) c-71-199-184-251.hsd1.ga.comcast.net.3945 > 
www.musiclodge.com.http: R [tcp sum ok] 1671172335:1671172335(0) win 0




Next, here is the view from the gateway (time is off on that one):
beta# tcpdump - -vvv -A port 80 and host 63.175.100.44
tcpdump: listening on xl0, link-type EN10MB (Ethernet), capture size 96 
bytes
2006-02-16 03:29:02.970756 IP (tos 0x0, ttl 128, id 10713, offset 0, 
flags [DF], length: 48) atllapjbell1.iss.local.3945 > 
www.musiclodge.com.http: S [tcp sum ok] 1671172334:1671172334(0) win 
64512 


E..0)[EMAIL PROTECTED],.i.Pc...p...
2006-02-16 03:29:03.016989 IP (tos 0x0, ttl  32, id 0, offset 0, flags 
[DF], length: 40) www.musiclodge.com.http > atllapjbell1.iss.local.3945: 
S [tcp sum ok] 2634350592:2634350592(0) ack 1671172335 win 64512


E..([EMAIL PROTECTED] ...?.d,.P.ic...P...-p..
2006-02-16 03:29:03.017099 IP (tos 0x0, ttl  45, id 34040, offset 0, 
flags [DF], length: 48) www.musiclodge.com.http > 
atllapjbell1.iss.local.3945: S [tcp sum ok] 1547658190:1547658190(0) ack 
1671172335 win 65535 


[EMAIL PROTECTED],.P.i\?c.c...p...
2006-02-16 03:29:03.017963 IP (tos 0x0, ttl 128, id 10715, offset 0, 
flags [DF], length: 40) atllapjbell1.iss.local.3945 > 
www.musiclodge.com.http: . [tcp sum o

k] 1:1(0) ack 1086692403 win 64856

E..()[EMAIL PROTECTED],.i.Pc...P..X,.
2006-02-16 03:29:03.018308 IP (tos 0x0, ttl 128, id 10716, offset 0, 
flags [DF], length: 40) atllapjbell1.iss.local.3945 > 
www.musiclodge.com.http: . [tcp sum o

k] 387:387(0) ack 1086692403 win 64856

E..()[EMAIL PROTECTED],.i.Pc..qP..X*.
2006-02-16 03:29:03.018794 IP (tos 0x0, ttl 128, id 10717, offset 0, 
flags [DF], length: 426) atllapjbell1.iss.local.3945 > 
www.music

PAE kernel

[Robert Uzzi]

What is the secret to compiling a PAE kernel?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Strange problem with user account

[Ian A. Tegebo]

On Fri, Feb 10, 2006 at 08:39:06PM -0800, Ian A. Tegebo wrote:
> Somehow I've foobarred a user account.
The account turned out not to have been foobared.  The account had had
18 groups and this exceeded the kern.ngroups default of 16.  Reducing
the number of groups solved the problem.

> # su USER
> su: setusercontext: Invalid argument
A better ktrace as root is:

# ktrace -di su yontege
# kdump -f ktrace.out
...
1080 su   CALL  setgroups(0x11,0xbfbfe5b0)
1080 su   RET   setgroups -1 errno 22 Invalid argument
...
# man setgroups
-
ERRORS
 The setgroups() system call will fail if:

 [EPERM]The caller is not the super-user.

 [EINVAL]   The number specified in the ngroups argument is larger
than the NGROUPS limit.

 [EFAULT]   The address specified for gidset is outside the
process address space.
-

and then it was elementary.  
 
> I suspect that something funny has happened to the account before the
> migration; something like having been removed from /etc/passwd but
> nowhere else.
And this was an incorrect suspicion which was confirmed by investigating
all of the pwd.db related files.

Hope this helps someone someday.

--
ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

CARP question (interpretation clarification)

[Webster, Andrew]

On FreeBSD 5.4-p8, the man page for CARP(4), has a paragraph about
net.inet.carp.preempt which reads :

 

 net.inet.carp.preempt Allow virtual hosts to preempt each
other.  It

   is also used to failover carp interfaces
as a

   group.  When the option is enabled and
one of

   the carp enabled physical interfaces goes
down,

   advskew is changed to 240 on all carp
inter-

   faces.  See also the first example.
Disabled

   by default.

 

If I understand this correctly, a system having multiple carp interfaces
would either see all carp interfaces as all MASTER or all BACKUP, but
not a combination of both?

On my system, I've got preempt turned on, but as shown below on my
"backup" machine, two carp interfaces are in BACKUP config, and one is
MASTER.

On the "master" machine of this pair, I have the reverse, two MASTER,
and one BACKUP corresponding to the appropriate subnets.

 

Am I misinterpreting the documentation, or does the preempt function not
work the way I expected it to? 

 

r2# sysctl -a | grep preempt

net.inet.carp.preempt: 1

r2#  ifconfig -a

...

carp0: flags=41 mtu 1500

inet 172.16.0.230 netmask 0xfc00 

carp: BACKUP vhid 1 advbase 1 advskew 100

carp1: flags=41 mtu 1500

inet 172.16.20.230 netmask 0xfc00 

carp: BACKUP vhid 20 advbase 1 advskew 100

carp2: flags=41 mtu 1500

inet 10.10.88.1 netmask 0xffe0 

carp: MASTER vhid 88 advbase 1 advskew 100

 

 

Thanks!

 

Andrew 

 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: natd with several alias IPs

[Chuck Swiger]

Andrew Pantyukhin wrote:
> I wonder, what tricks do you use to use more than
> one alias IP? I mean, if you have hundreds of
> hosts behind your firewall, what can you do to alias
> some of them to one ip, others to another and so on.

See "man natd" about the following options for 1-to-1 NAT translation, which can
be put into /etc/natd.conf and processed automagicly when the machine boots:

 -redirect_address localIP publicIP
 Redirect traffic for public IP address to a machine on the
 local network.  This function is known as static NAT.  Nor-
 mally static NAT is useful if your ISP has allocated a small
 block of IP addresses to you, but it can even be used in the
 case of single address:

   redirect_address 10.0.0.8 0.0.0.0

 The above command would redirect all incoming traffic to
 machine 10.0.0.8.

 If several address aliases specify the same public address as
 follows

   redirect_address 192.168.0.2 public_addr
   redirect_address 192.168.0.3 public_addr
   redirect_address 192.168.0.4 public_addr

 the incoming traffic will be directed to the last translated
 local address (192.168.0.4), but outgoing traffic from the
 first two addresses will still be aliased to appear from the
 specified public_addr.

 -redirect_address localIP[,localIP[,...]] publicIP
 These forms of -redirect_port and -redirect_address are used
 to transparently offload network load on a single server and
 distribute the load across a pool of servers.  This function
 is known as LSNAT (RFC 2391).  For example, the argument

   tcp www1:http,www2:http,www3:http www:http

 means that incoming HTTP requests for host www will be trans-
 parently redirected to one of the www1, www2 or www3, where a
 host is selected simply on a round-robin basis, without
 regard to load on the net.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Chuck Swiger]

James Csoka wrote:
> After reading the page you linked to, and looking at the examples, I added
> the line To:[EMAIL PROTECTED] REJECT (using my personal email), and it had no
> effect.  I can't find any good reason it didn't work, but it fails to
> prevent me from sending mail from inside my work network to my home address.

Do you do a "make access.db" or "make all" afterwards to rebuild the database?

Maybe try restarting sendmail ("make restart") and see whether /var/log/maillog
says something interesting about that file or something else that might be 
helpful?

(Does a logfile that no-one reads make any noise?  :-)

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: i386 or amd64 ?

[Chuck Swiger]

Panter V. wrote:
[ ... ]
> I have a few questions:
> 
> Can I use the amd64 version for this configuration?

Yes.

> If I use i386 does this mean performances will be visibly lower than
> using amd64?

No, if anything, most software will run faster in 32-bit mode.  YMMV.
If you have a really big database, MySQL might be happier in 64-bit mode.

But you'd need to obtain more than 4 GB of RAM for that to actually matter.
Speaking of which, if you're going to run GUI development tools and a database,
you should get more RAM.

Pick up 2 * 1GB sticks for $200 or so and be happy.

> Are the software and drivers I need 64 bit ready or will their 32 bit
> versions run at least as good as they would do on i386?

Many of the drivers are 64-bit ready, but I'm not so sure about how well USB is
doing these days.  You should figure out what you're doing in terms of printing
software and obtain printers which are known to work with
CUPS/ghostscript/FreeBSD, rather than hoping than any random printer will work.

Be warned that HP color InkJets are very expensive to maintain in terms of ink
and printheads.

> Which version do you recommend me to use i386 or amd64?

Probably i386 until you get more experience with FreeBSD, at which point you can
re-evaluate for yourself based on what you actually need.

> Thank you very much for your answers.

Sure.  PS:

> I want to use this computer as a development server and firewall.

These goals contradict.

If you can't set up two separate machines, try getting a broadband
router/firewall 4-port or 8-port jobby like a Linksys, which can double as a
8-port 10/100 switch if you don't need it for something more complex.

The one I've got (model # BEFS-8 something?) lets me do this OK:

11-sec# ping -s 1492 -f prime
PING prime.local (192.168.1.3): 1492 data bytes
.^C
--- prime.local ping statistics ---
138530 packets transmitted, 138529 packets received, 0% packet loss
round-trip min/avg/max/stddev = 0.589/0.600/1.557/0.021 ms
97.89s real  0.86s user  9.66s system  10%

It's not going to substitute for a smart HP Procurve or a 3com SuperStack in a
rack-oriented situation, but they'll do just fine for most other situations.
Heck, they'll do just fine in a rack, too, if needs must.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

using an amd64 machine to cross compile apps for ia32?

[Palle Girgensohn]

Hi!

I need a simple step-by-step guide to use an amd64-machine (FreeBSD-6.0) to 
compile an app for both amd64 and ia32 (aka i386) versions of FreeBSD-6.0.


Do I need to build a cross compiling gcc binary? The app uses some shared 
libraries, do I need to maintain them in ia32-versions somewhere on the 
amd64 machine?


Any tips appreciated, thanks,

Palle

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Tim Utschig]

On Wed, Feb 15, 2006 at 03:31:46PM -0500, Glenn McCalley wrote:
> If I can get a list of what programs, path and file name, called
> sendmail over (say) the last 24 hours, one of them should jump off the
> page with an unreasonable level of activitiy.

A dirty hack would be to replace the sendmail binary with a script (or
program) which records info about the parent process to some world-
writable file or directory (perhaps create a unique file under a dir
with perms 1773 owned by root:staff) before exec'ing the "real" sendmail
binary.

-- 
   - Tim Utschig <[EMAIL PROTECTED]>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Radeon x1600

[Christian Reiss]

Greetings people!

I am using FreeBSD for quiet some years now, and I just recently
upgraded my PC. Along came a Radeon x1600 (PCIE). Before that I
was a happy-happy joy-joy nvidia (-module) user - it just worked. ;)

Now I am having a dickens of a time to get the Radeon x1600 working
under Xorg (latest) to work - even 2D would suffice. But google'ing
around just yielded my own questions in several forums.

The ati and radeon drivers (native from xorg, which i am using
out of a currents ports tree) did not work with that card.
Unless, of course, some magic incantations are required.
Just to be on the safe side, I am hording virgin blood right now.

Using the vesa driver my screen yells "input not supported", and
forcing the vesa driver didnt work out. I got a TFT that can, and
should do 1280x1024.

Using FreeBSD 6.0 Patch 4.

Any help would be more than welcome.

Kind regards,
Christian Reiss.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Daniel]

On 2/16/06, Greg Barniskis <[EMAIL PROTECTED]> wrote:
> Glenn McCalley wrote:
>
> > Thanks Brian, that's already tonights project to run through those logs and
> > see if anything jumps out there.  What I think he might be doing is either
> > POSTing the parameters (which won't show up) or he's loaded a file of email
> > addresses and just triggers the mailer with a simple cgi request.  Either
> > way he's got to be calling sendmail or mail to get it out the door I
> > believe.
>
> Actually, they can use a number of other ways to create the outbound
> SMTP connections. Perl, for instance, offers the Net::SMTP module
> (and numerous others that'd do the trick). They don't need to call
> on binaries outside of their own cgi-bin or leave any tracks for you
> other than a web access log entry.
>
> You might consider putting your customers in jails with unique IP
> numbers as a way to better strain out whose CGI is the source of
> what packets on your network. Probably not a trivial change to your
> working environment, but maybe worth it in the long run.
>
You might want to consider setting up named virtualhosts with suexec
so each host runs as it's own user.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ng_one2many v.s. AFT (NIC Fault Tolerance/Fail Over/Redundancy Revisited) (fwd)

[Brian A. Seklecki]

-- Forwarded message --
Date: Wed, 15 Feb 2006 20:11:49 -0500 (EST)
From: Brian A. Seklecki <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], Jonathan Donaldson <[EMAIL PROTECTED]>,
Brian J. Creasy <[EMAIL PROTECTED]>
Cc: Chad Ziccardi <[EMAIL PROTECTED]>,
Danny Howard <[EMAIL PROTECTED]>, Brad Bendy <[EMAIL PROTECTED]>
Subject: Re: ng_one2many v.s. AFT (NIC Fault Tolerance/Fail Over/Redundancy
Revisited) (fwd)

On Thu, 12 Jan 2006, Brian J. Creasy wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brian A. Seklecki wrote:
|
| Johnathan's comments suggest that we may need to move to 6.x on the
| production cluster.
|
| 6.x has been upgraded from a technology release to stable, and our goal
| is stability.
|
| Brian:  What are you thoughts so far on the 6.x experience?

no complaints here.. though, i have it running only on my laptop and


Okay.

 |  As of Freebsd 6_0 (which is at RC1 now), the NG_ONE2MANY does
 | support the failure of a link which does not end up with 50% packet
 | loss. There is new code in the One2Many module that xmits a layer 2 "I'm
 | alive" broadcast out all links, as long as this is picked up on the
 | other links, then all interfaces are considered alive. If one of the
 | packets is not received, then after 2 x heartbeat duration that link is
 | considered "down". I have tested this in the 6.0 code and it works with
 | one caveat. When the server is brought up, both interfaces must be
 | connected and live, or for some reason, the failure algorithm never
 | seems to kick in. I saw exactly what you saw in 5.4 and newer with
 | regards to the 50% packet loss.

Jonathan:

I'm not sure where you got the info about this.  Accoring to the NG_ONE2MANY(4) 
page in CVS -rHEAD (-CURRENT):


"Currently, the valid settings for the xmitAlg field are 
NG_ONE2MANY_XMIT_ROUNDROBIN (default) or NG_ONE2MANY_XMIT_ALL.  The only valid 
setting for failAlg is NG_ONE2MANY_FAIL_MANUAL; this is also the default 
setting."


I have 6.1-BETA1 on a box right now and I've got my config setup for 
NG_ONE2MANY_XMIT_ROUNDROBIN + NG_ONE2MANY_FAIL_NOTIFY and I don't see any 
layer2 heartbeat related traffic (watching via tcpdump(8) on another machine in 
the same segment)


Can you share what you saw?

~lava


|> mission critical environment).
|> - Xmit-All causes twice as much load on to be placed on the switch
|> /fabric and switch CPU.
|>
|
|  As of Freebsd 6_0 (which is at RC1 now), the NG_ONE2MANY does
| support the failure of a link which does not end up with 50% packet
| loss. There is new code in the One2Many module that xmits a layer 2 "I'm
| alive" broadcast out all links, as long as this is picked up on the
| other links, then all interfaces are considered alive. If one of the
| packets is not received, then after 2 x heartbeat duration that link is
| considered "down". I have tested this in the 6.0 code and it works with
| one caveat. When the server is brought up, both interfaces must be
| connected and live, or for some reason, the failure algorithm never
| seems to kick in. I saw exactly what you saw in 5.4 and newer with
| regards to the 50% packet loss.
|
|
|> What ng_one2many needs is a "Active-Standy" XMIT algorithm (STP BOFH's
|> will think BLOCKING/FORWARDING).  It could even be used on top of
|> other NetGraph nodes like ng_fec or possibly (hopefully) ng_802.3ad >:}
|>
|

- --
Brian J. Creasy
Collaborative Fusion, Inc.
412.422.3463 x4020   [EMAIL PROTECTED]

pgp public key:
~  http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x5F94E004


IMPORTANT: This message contains confidential information
and is intended only for the individual named. If the reader of
this message is not an intended recipient (or the individual
responsible for the delivery of this message to an intended
recipient), please be advised that any re-use, dissemination,
distribution or copying of this message is prohibited. Please
notify the sender immediately by e-mail if you have received
this e-mail by mistake and delete this e-mail from your system.
E-mail transmission cannot be guaranteed to be secure or
error-free as information could be intercepted, corrupted, lost,
destroyed, arrive late or incomplete, or contain viruses. The
sender therefore does not accept liability for any errors or
omissions in the contents of this message, which arise as a
result of e-mail transmission.

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDxmXvDgwDm1+U4AQRAr3GAJ42+HcJFO595aZvljztWCkd+NWgvACeMQiu
ILXLchBGR90TZTZHjn6DVCY=
=68DY
-END PGP SIGNATURE-

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ng_one2many v.s. AFT (NIC Fault Tolerance/Fail Over/Redundancy Revisited)

[Brian A. Seklecki]

FYI, to bring this thread back to the list

-- Forwarded message --
Date: Wed, 15 Feb 2006 20:53:59 -0500 (EST)
From: Brian A. Seklecki <[EMAIL PROTECTED]>
To: Jonathan Donaldson <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
[EMAIL PROTECTED]
Cc: [EMAIL PROTECTED], Brian J. Creasy <[EMAIL PROTECTED]>,
Chad Ziccardi <[EMAIL PROTECTED]>, Danny Howard <[EMAIL PROTECTED]>,
Brad Bendy <[EMAIL PROTECTED]>
Subject: Re: ng_one2many v.s. AFT (NIC Fault Tolerance/Fail Over/Redundancy
Revisited) (fwd)

On Wed, 15 Feb 2006, Jonathan Donaldson wrote:


Take a look here:

http://www.freebsd.org/cgi/getmsg.cgi?fetch=607312+0+/usr/local/www/db/text/2004/cvs-all/20041128.cvs-all



Yea, I see it now.  Sorry.  I'm CC'ing the developer who commited the changes, 
and the the MFC.


The man page needs to be updated, and it should mention your caveat.

I got caught by your caveat with the one-link-down-at-boot.

However, the code begins to work after bringing up the down link, as if it 
would if they were both active at boot, which is good.


Where I got tripped up was that I thought that quote: "The node listens to flow 
control message from many hooks, and considers link failed if NGM_LINK_IS_DOWN 
is received.",


Where "Flow Control Messages" I interrpted that as something on the wire like a 
STP/802.1q BPDU.


Apparently, it's really an In-Kernel event related to the new ethernet 
link-state code in 6.x, or maybe just glorrified poll()'ing.


Either way, it works well.  Sorry for jumping the gun.

~lava

P.S., in 7.0-CURRENT, there appears to be an import of the OpenBSD bridge(4) to 
relate the old-school "options BRIDGE" code.  This one being 802.1q STP aware. 
When 7.x becomes release production, I suspect I'll end up using that instead 
since it works so well with NetBSD/OpenBSD for HA ethernet, plus I'd rather 
have a PVST+ Cisco switch make the packet forwarding the decisions >:}


~lava



and then look here:

http://fxr.watson.org/fxr/source/netgraph/ng_one2many.h?v=RELENG6


65 /* Algorithms for detecting link failure (XXX only one so far) */
66 #define NG_ONE2MANY_FAIL_MANUAL 1   /* use enabledLinks[] 
array */
67 #define NG_ONE2MANY_FAIL_NOTIFY 2   /* listen to flow control 
msgs */



so set your fail alg to 2 and see if you see the messages and failover...



On Feb 15, 2006, at 8:11 PM, Brian A. Seklecki wrote:


On Thu, 12 Jan 2006, Brian J. Creasy wrote:


-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Brian A. Seklecki wrote:
|
| Johnathan's comments suggest that we may need to move to 6.x on the
| production cluster.
|
| 6.x has been upgraded from a technology release to stable, and our goal
| is stability.
|
| Brian:  What are you thoughts so far on the 6.x experience?

no complaints here.. though, i have it running only on my laptop and


Okay.

 |  As of Freebsd 6_0 (which is at RC1 now), the NG_ONE2MANY does
 | support the failure of a link which does not end up with 50% packet
 | loss. There is new code in the One2Many module that xmits a layer 2 "I'm
 | alive" broadcast out all links, as long as this is picked up on the
 | other links, then all interfaces are considered alive. If one of the
 | packets is not received, then after 2 x heartbeat duration that link is
 | considered "down". I have tested this in the 6.0 code and it works with
 | one caveat. When the server is brought up, both interfaces must be
 | connected and live, or for some reason, the failure algorithm never
 | seems to kick in. I saw exactly what you saw in 5.4 and newer with
 | regards to the 50% packet loss.

Jonathan:

I'm not sure where you got the info about this.  Accoring to the
NG_ONE2MANY(4) page in CVS -rHEAD (-CURRENT):

"Currently, the valid settings for the xmitAlg field are
NG_ONE2MANY_XMIT_ROUNDROBIN (default) or NG_ONE2MANY_XMIT_ALL.  The only
valid setting for failAlg is NG_ONE2MANY_FAIL_MANUAL; this is also the
default setting."

I have 6.1-BETA1 on a box right now and I've got my config setup for
NG_ONE2MANY_XMIT_ROUNDROBIN + NG_ONE2MANY_FAIL_NOTIFY and I don't see any
layer2 heartbeat related traffic (watching via tcpdump(8) on another
machine in the same segment)

Can you share what you saw?

~lava


|> mission critical environment).
|> - Xmit-All causes twice as much load on to be placed on the switch
|> /fabric and switch CPU.
|>
|
|  As of Freebsd 6_0 (which is at RC1 now), the NG_ONE2MANY does
| support the failure of a link which does not end up with 50% packet
| loss. There is new code in the One2Many module that xmits a layer 2 "I'm
| alive" broadcast out all links, as long as this is picked up on the
| other links, then all interfaces are considered alive. If one of the
| packets is not received, then after 2 x heartbeat duration that link is
| considered "down". I have tested this in the 6.0 code and it works with
| one caveat. When the server is brought up, both interfaces must be
| connected and live, or for some reason, the failure algorithm ne

Re: ethernet Interface haywire ???

[brent]

Thanks--the server has em (intel gigabit) nics. Have you seen this on any
specific version of FreeBSD and *hopefully* not on others (e.g. RELENG_6_0)?

Brent

Danial Thom writes:


I've seen it happen when the ethernet device gets
a bus error and throws it into some strange
state. I've seen it mostly with on-board intel
devices (fxp), but thats what we use mostly so it
may not be part specific.

DT

--- brent <[EMAIL PROTECTED]> wrote:


Has anyone run into this scenario where a BSD
Box (RELENG_5_4) takes down
the whole subnet for only FreeBSD boxes.
Here’s the scenario: One of my
web servers goes into a crazy state which kills
all traffic on the network
for only FreeBSD boxes.  Linux boxes can talk
to other linux boxes, but
FreeBSD boxes are dead. You can ping a FreeBSD
box (from linux) but services
such as SSH go half-way and never completely
connect. Other services such as
http don’t work either.  Rebooting that
offending box fixes the problem.
I’ve seen this once it a great moon; however,
it recently happened two
days in a row. Any suggestions would be
appreciated.  I have other
RELENG_5_4 and RELENG_6_0 boxes that don’t
seem to be the culprit, as well
as an identical hardware box running
RELENG_6_0. Thanks.

___
freebsd-questions@freebsd.org mailing list


http://lists.freebsd.org/mailman/listinfo/freebsd-questions

To unsubscribe, send any mail to
"[EMAIL PROTECTED]"




__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: natd with several alias IPs

[Andrew Pantyukhin]

On 2/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I am not a ipfw expert. The truth of it is I was a ipfw user before
> I added a LAN behind my gateway box. Ipfw does it's nating from
> within ipfw and that it what makes ipfw nating so hard to get right.
> It's even harder if you use keep state processing.  Ipfilter and PF
> do the nating separate from the firewall so the firewall always sees
> the true LAN packets. For that reason I now use ipfilter. Your ipfw
> question may get better answers from the ipfw questions list. In
> reading your original post it was not clear to me that you had to do
> this using ipfw. I read it as you were asking if it could be done at
> all. Using alias ip's is not the correct term I believe.
> Good luck finding a ipfw solution.

I'm afraid you've got it all a little bit wrong. It's pf and ipf
that have built-in nat facilites. ipfw uses divert sockets
and an external natd process (so when one says natd,
it's clear that he's dealing with ipfw). Alias ip is a natd
term.

Thanks anyway
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: natd with several alias IPs

[bob]

I am not a ipfw expert. The truth of it is I was a ipfw user before
I added a LAN behind my gateway box. Ipfw does it's nating from
within ipfw and that it what makes ipfw nating so hard to get right.
It's even harder if you use keep state processing.  Ipfilter and PF
do the nating separate from the firewall so the firewall always sees
the true LAN packets. For that reason I now use ipfilter. Your ipfw
question may get better answers from the ipfw questions list. In
reading your original post it was not clear to me that you had to do
this using ipfw. I read it as you were asking if it could be done at
all. Using alias ip's is not the correct term I believe.
Good luck finding a ipfw solution.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Andrew
Pantyukhin
Sent: Wednesday, February 15, 2006 7:16 PM
To: [EMAIL PROTECTED]
Cc: FreeBSD Questions
Subject: Re: natd with several alias IPs


On 2/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I am not sure just what you are asking about.
>
> Are you saying that you have 4 static public ip address assigned
to
> you by your ISP and you want to round robin those 4 in the NATing
> process to your hundreds of LAN users?
>
> If that's what you are after then any of FreeBSD's 3 built in
> firewall can do that by how you code the NAT statements.  Read the
> handbook firewall ipfilter section for details. There is no
special
> tricks or need for several NATed process.

I'm quite aware of the fact that both pf and ipf have
mature nat frameworks. The question is, how to do
that with natd (and ipfw). Could you be so kind and
throw an example of a round-robin setup without
several natd processes, 'cuz I can hardly imagine
that?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Greg Barniskis]

Glenn McCalley wrote:


Thanks Brian, that's already tonights project to run through those logs and
see if anything jumps out there.  What I think he might be doing is either
POSTing the parameters (which won't show up) or he's loaded a file of email
addresses and just triggers the mailer with a simple cgi request.  Either
way he's got to be calling sendmail or mail to get it out the door I
believe.


Actually, they can use a number of other ways to create the outbound 
SMTP connections. Perl, for instance, offers the Net::SMTP module 
(and numerous others that'd do the trick). They don't need to call 
on binaries outside of their own cgi-bin or leave any tracks for you 
other than a web access log entry.


You might consider putting your customers in jails with unique IP 
numbers as a way to better strain out whose CGI is the source of 
what packets on your network. Probably not a trivial change to your 
working environment, but maybe worth it in the long run.


--
Greg Barniskis, Computer Systems Integrator
South Central Library System (SCLS)
Library Interchange Network (LINK)
, (608) 266-6348
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Ethernet Stopping Problem

[Danial Thom]

Things that stop after 5-10 minutes are usually
ARP related, but I can't be certain.

--- [EMAIL PROTECTED] wrote:

> Need more background info.
> Explain where you are getting the public
> non-routable 10.0.0.0 ip
> address from.
> You say the ADSL router is using them.
> Did you edit your real ip address to hide then
> from this public
> post?
> Also you have to post your ppp.conf file.
> Are you trying to configure PPPoe?
> 
> 
> 
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Behalf Of Ian Barnes
> Sent: Wednesday, February 15, 2006 5:47 PM
> To: freebsd-questions@freebsd.org
> Subject: Ethernet Stopping Problem
> 
> 
> Hi,
> 
> I have a freebsd 5.2 box setup as my gateway
> for my home network.
> The
> network is layed out as follows:
> 
> FreeBSD Gateway - 10.0.0.1/16
> ADSL Router - 10.0.0.2/16
> 
> DHCP Network - 10.0.1.0 - 10.0.1.254 all /16
> with default gateway as
> .1
> 
> I have ppp enabled on the freebsd unit, and it
> connects fine and
> then
> everything works perfectly for anything between
> 5 and 10 minutes. At
> this
> stage, the freebsd machine cant get to the
> 10.0.1.0 network anymore.
> It can
> still ping 10.0.0.2 fine and its connection to
> the internet remains
> perfect.
> It just wont let anyone else come in from
> anywhere else on the
> network. It
> kills all SSH sessions, web sessions etc. I
> replaced the ifac card
> with an
> ed0 card, and also replaced cables and the
> switch in between.
> 
> The card in question is both a dc0 and an ed0
> card which I have
> swapped into
> another PCI port and it still does the same
> thing there. Below is an
> ifconfig:
> 
> ed0:
>
flags=108843
> mtu 1500
> inet 10.0.0.1 netmask 0x
> broadcast 10.0.255.255
> ether 00:c0:df:fa:b8:74
> plip0:
> flags=108810 mtu
> 1500
> lo0: flags=8049
> mtu 16384
> inet 127.0.0.1 netmask 0xff00
> tun0:
> flags=8051
> mtu 1492
> inet 165.x.x.x --> 165.x.x.x netmask
> 0x
> Opened by PID 218
> [EMAIL PROTECTED] ~ #
> 
> 
> Here is a rc.conf:
> [EMAIL PROTECTED] ~ # cat /etc/rc.conf
> defaultrouter="10.0.0.2"
> hostname="gateway.domain.local"
> ifconfig_ed0="inet 10.0.0.1 netmask
> 255.255.0.0"
> saver="logo"
> sshd_enable="NO"
> usbd_enable="YES"
> blanktime="3600"
> apache2_enable="YES"
> mysql_enable="YES"
> sendmail_enable="NONE"
> gateway_enable="YES"
> inetd_enable="NO"
> kern_securelevel_enable="NO"
> ppp_enable="YES"
> ppp_nat="YES"
> ppp_mode="ddial"
> ppp_profile="dsl1"
> dhcpd_enable="YES"
> dhcpd_flags="-q"
> dhcpd_conf="/usr/local/etc/dhcpd.conf"
> dhcpd_ifaces="ed0"
> [EMAIL PROTECTED] ~ #
> 
> 
> I don't have any sysctl rules in place, and
> everything else about
> this unit
> is standard.
> 
> I am not running a firewall at this stage and
> was just wondering
> what the
> cause of this problem could be?
> 
> Cheers
> Ian
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: ethernet Interface haywire ???

[Danial Thom]

I've seen it happen when the ethernet device gets
a bus error and throws it into some strange
state. I've seen it mostly with on-board intel
devices (fxp), but thats what we use mostly so it
may not be part specific.

DT

--- brent <[EMAIL PROTECTED]> wrote:

> Has anyone run into this scenario where a BSD
> Box (RELENG_5_4) takes down
> the whole subnet for only FreeBSD boxes.
> Here’s the scenario: One of my
> web servers goes into a crazy state which kills
> all traffic on the network
> for only FreeBSD boxes.  Linux boxes can talk
> to other linux boxes, but
> FreeBSD boxes are dead. You can ping a FreeBSD
> box (from linux) but services
> such as SSH go half-way and never completely
> connect. Other services such as
> http don’t work either.  Rebooting that
> offending box fixes the problem.
> I’ve seen this once it a great moon; however,
> it recently happened two
> days in a row. Any suggestions would be
> appreciated.  I have other
> RELENG_5_4 and RELENG_6_0 boxes that don’t
> seem to be the culprit, as well
> as an identical hardware box running
> RELENG_6_0. Thanks.
> 
> ___
> freebsd-questions@freebsd.org mailing list
>
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

devfs ruleset appropriate for jail'd environment ...

[Marc G. Fournier]

I had thought there used to be a sample one in /etc/devfs.conf, but its 
either no longer there, or my memory is failing me ...


Does anyone have one that is appropriate for mounting devfs into a jail 
where ppl have shell access?


thanks ...


Marc G. Fournier   Hub.Org Networking Services (http://www.hub.org)
Email: [EMAIL PROTECTED]   Yahoo!: yscrappy  ICQ: 7615664
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

slapd and bdb-4.2.52

[Jon Falconer]

Knowledgeable Ones,

I'm setting up a FreeBSD 6.0 RELEASE system. I've installed from ports:

courier-authlib-0.58_1
courier-imap-4.0.6_1,1
cyrus-sasl-2.1.21_2
db42-4.2.52_4
openldap-sasl-client-2.2.30
openldap-sasl-server-2.2.30
openssl-stable-0.9.7i
postfix-2.2.8_2,1

and other related ports.

While starting slapd I get the following log entries:

Feb 15 15:24:38 ecf3 slapd[23761]: @(#) $OpenLDAP: slapd 2.2.30 (Feb  2  2006 
17:42:01) $
[EMAIL 
PROTECTED]:/usr/ports/net/openldap22-sasl-server/work/openldap-2.2.30/servers/slapd
Feb 15 15:24:38 ecf3 slapd[23761]: bdb_db_init: Initializing BDB database
Feb 15 15:24:38 ecf3 slapd[23762]: slapd starting
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 fd=10 ACCEPT from IP=127.0.0.1:55323 
(IP=0.0.0.0:389)
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=0 BIND 
dn="cn=admin,dc=ds,dc=puc,dc=edu" method=128
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=0 BIND 
dn="cn=admin,dc=ds,dc=puc,dc=edu" mech=SIMPLE ssf=0
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=0 RESULT tag=97 err=0 text=
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=1 SRCH base="dc=ds,dc=puc,dc=edu" 
scope=2 deref=0 filter="(objectClass=*)"
Feb 15 15:25:06 ecf3 slapd[23762]: bdb(dc=ds,dc=puc,dc=edu): illegal flag 
specified to txn_begin
Feb 15 15:25:06 ecf3 slapd[23762]: bdb_txn_get: BerkeleyDB 4.2.52 library needs 
TXN patch!
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=1 SEARCH RESULT tag=101 err=0 
nentries=7 text=
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 op=2 UNBIND
Feb 15 15:25:06 ecf3 slapd[23762]: conn=0 fd=10 closed

Note the complaint about needing a TXN patch. I looked at the four
available patched for db-4.2.52 on sleepycat.com and none seemed related
to TXN. Can this error be ignored? does anyone know how to fix it?

TIA

Jon

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Derek Ragona]

If you installed MailScanner from the ports, look to change:
/usr/local/etc/MailScanner/rules/spam.blacklist.rules

You can specify To, and From rules, there, maybe more.  I am no expert.

Hope this helps,

-Derek

At 09:52 AM 2/15/2006, James Csoka wrote:
I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
firewall and mailserver.  I am running Mailscanner, which invokes sendmail 
when necessary to process mail.  Sendmail is not started by 
defaultMailscanner invokes individual instances of it when it needs to.


Here is my problem.  I have an employee at my office that is sending work 
email to her home email address.  I need to find a way to block her email 
address, whether To, From, Cc, Bcc, or whatever, from passing through my 
mailserver.  I have already added a line to /etc/mail/access  (in the 
format  [EMAIL PROTECTED]  REJECT), and have run makemap hash 
/etc/mail/access.db < /etc/mail/access. I tested this with my personal 
email address (external to my network), and it had the effect of blocking 
any email orginating from my personal email to any address at my work, 
however it does not prevent me from sending emails to this address from a 
work address, which is the whole point.


Does anyone have any ideas?  I could tag the address as spam, but I would 
rather not.  There has to be a way to block anyone from sending to a 
certain email address, I would think.


Any help would be appreciated.

-Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Gerard Seibert]

James Long wrote:

> > Date: Wed, 15 Feb 2006 10:52:26 -0500
> > From: "James Csoka" <[EMAIL PROTECTED]>
> > Subject: Blocking an individual email address
> > To: 
> > Message-ID: <[EMAIL PROTECTED]>
> > Content-Type: text/plain;   charset="iso-8859-1"
> > 
> > I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
> > firewall and mailserver.  I am running Mailscanner, which invokes sendmail 
> > when necessary to process mail.  Sendmail is not started by 
> > defaultMailscanner invokes individual instances of it when it needs to.
> > 
> > Here is my problem.  I have an employee at my office that is sending work 
> > email to her home email address.  I need to find a way to block her email 
> > address, whether To, From, Cc, Bcc, or whatever, from passing through my 
> > mailserver.  I have already added a line to /etc/mail/access  (in the 
> > format  [EMAIL PROTECTED]  REJECT), and have run makemap hash 
> > /etc/mail/access.db < /etc/mail/access. I tested this with my personal 
> > email address (external to my network), and it had the effect of blocking 
> > any email orginating from my personal email to any address at my work, 
> > however it does not prevent me from sending emails to this address from a 
> > work address, which is the whole point.
> > 
> > Does anyone have any ideas?  I could tag the address as spam, but I would 
> > rather not.  There has to be a way to block anyone from sending to a 
> > certain email address, I would think.
> > 
> > Any help would be appreciated.
> > 
> > -Jim
> 
> I am not a sendmail expert, but try adding this line to your sendmail.mc:
> 
> FEATURE(blacklist_recipients)
> 
> My understanding is that this causes blacklisted email addresses to be
> applied to both sender (which you verified, sending from your home personal
> address) and recipients (which you're trying to accomplish, blocking the
> employee's address when designated as a To:/Cc:/Bcc: recipient).
> 
> Add that line, remembering to re-create your sendmail.cf, restart sendmail,
> and try again.
> 
> Jim

Well, if you want a positive solution, you could just dismiss her. It
would seem that you have good cause. Simply document that you have
instructed her to cease abusing the email system. Then when she does
violate your orders, terminate her.

-- 
Gerard
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: natd with several alias IPs

[Andrew Pantyukhin]

On 2/16/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I am not sure just what you are asking about.
>
> Are you saying that you have 4 static public ip address assigned to
> you by your ISP and you want to round robin those 4 in the NATing
> process to your hundreds of LAN users?
>
> If that's what you are after then any of FreeBSD's 3 built in
> firewall can do that by how you code the NAT statements.  Read the
> handbook firewall ipfilter section for details. There is no special
> tricks or need for several NATed process.

I'm quite aware of the fact that both pf and ipf have
mature nat frameworks. The question is, how to do
that with natd (and ipfw). Could you be so kind and
throw an example of a round-robin setup without
several natd processes, 'cuz I can hardly imagine
that?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

ethernet Interface haywire ???

[brent]

Has anyone run into this scenario where a BSD Box (RELENG_5_4) takes down
the whole subnet for only FreeBSD boxes. Here’s the scenario: One of my
web servers goes into a crazy state which kills all traffic on the network
for only FreeBSD boxes.  Linux boxes can talk to other linux boxes, but
FreeBSD boxes are dead. You can ping a FreeBSD box (from linux) but services
such as SSH go half-way and never completely connect. Other services such as
http don’t work either.  Rebooting that offending box fixes the problem.
I’ve seen this once it a great moon; however, it recently happened two
days in a row. Any suggestions would be appreciated.  I have other
RELENG_5_4 and RELENG_6_0 boxes that don’t seem to be the culprit, as well
as an identical hardware box running RELENG_6_0. Thanks.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: Ethernet Stopping Problem

[bob]

Need more background info.
Explain where you are getting the public non-routable 10.0.0.0 ip
address from.
You say the ADSL router is using them.
Did you edit your real ip address to hide then from this public
post?
Also you have to post your ppp.conf file.
Are you trying to configure PPPoe?



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ian Barnes
Sent: Wednesday, February 15, 2006 5:47 PM
To: freebsd-questions@freebsd.org
Subject: Ethernet Stopping Problem


Hi,

I have a freebsd 5.2 box setup as my gateway for my home network.
The
network is layed out as follows:

FreeBSD Gateway - 10.0.0.1/16
ADSL Router - 10.0.0.2/16

DHCP Network - 10.0.1.0 - 10.0.1.254 all /16 with default gateway as
.1

I have ppp enabled on the freebsd unit, and it connects fine and
then
everything works perfectly for anything between 5 and 10 minutes. At
this
stage, the freebsd machine cant get to the 10.0.1.0 network anymore.
It can
still ping 10.0.0.2 fine and its connection to the internet remains
perfect.
It just wont let anyone else come in from anywhere else on the
network. It
kills all SSH sessions, web sessions etc. I replaced the ifac card
with an
ed0 card, and also replaced cables and the switch in between.

The card in question is both a dc0 and an ed0 card which I have
swapped into
another PCI port and it still does the same thing there. Below is an
ifconfig:

ed0: flags=108843 mtu 1500
inet 10.0.0.1 netmask 0x broadcast 10.0.255.255
ether 00:c0:df:fa:b8:74
plip0: flags=108810 mtu 1500
lo0: flags=8049 mtu 16384
inet 127.0.0.1 netmask 0xff00
tun0: flags=8051 mtu 1492
inet 165.x.x.x --> 165.x.x.x netmask 0x
Opened by PID 218
[EMAIL PROTECTED] ~ #


Here is a rc.conf:
[EMAIL PROTECTED] ~ # cat /etc/rc.conf
defaultrouter="10.0.0.2"
hostname="gateway.domain.local"
ifconfig_ed0="inet 10.0.0.1 netmask 255.255.0.0"
saver="logo"
sshd_enable="NO"
usbd_enable="YES"
blanktime="3600"
apache2_enable="YES"
mysql_enable="YES"
sendmail_enable="NONE"
gateway_enable="YES"
inetd_enable="NO"
kern_securelevel_enable="NO"
ppp_enable="YES"
ppp_nat="YES"
ppp_mode="ddial"
ppp_profile="dsl1"
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="ed0"
[EMAIL PROTECTED] ~ #


I don't have any sysctl rules in place, and everything else about
this unit
is standard.

I am not running a firewall at this stage and was just wondering
what the
cause of this problem could be?

Cheers
Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: natd with several alias IPs

[bob]

I am not sure just what you are asking about.

Are you saying that you have 4 static public ip address assigned to
you by your ISP and you want to round robin those 4 in the NATing
process to your hundreds of LAN users?

If that's what you are after then any of FreeBSD's 3 built in
firewall can do that by how you code the NAT statements.  Read the
handbook firewall ipfilter section for details. There is no special
tricks or need for several NATed process.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Andrew
Pantyukhin
Sent: Wednesday, February 15, 2006 3:45 PM
To: FreeBSD Questions
Subject: natd with several alias IPs


I wonder, what tricks do you use to use more than
one alias IP? I mean, if you have hundreds of
hosts behind your firewall, what can you do to alias
some of them to one ip, others to another and so on.

I know pf can probably do it in a better fashion, I just
wonder how we can do it with natd. Several natd
processes? Some other tricks?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

RE: PPPoE question

[bob]

Ian,
This is what works for most people.
Doing nat in pppoe is not normally done.
Doing nat as part of your firewall process is the accepted place.
And I see no reason to have compiled NETGRAPH in your kernel.






PPPoE, ppp.conf statements for DSL connection



  start of DSL ppp.conf  ###
default:

 set log Phase tun #use to avoid excessive log sizes
 set timeout 0 # no idle time out, will not disconnect

dialisp:
 set device PPPoE:XXX  # replace xxx with your NIC device
name
 set authname YOURLOGINNAME# Replace with your ISP account
username
 set authkey YOURPASSWORD  # Replace with your ISP account
password
 add default HISADDR   # Add a (sticky) default route
(Mandatory)
 enable dns # Gets the ISP's DNS IP address & places
them
# in resolv.conf for reference by FBSD box.

###   End of DSL ppp.conf
#


Replace the XXX in the [set device PPPoE:XXX] statement with the
NIC's FBSD interface name. Sometimes it will be necessary to use a
service tag to establish your connection depending on how your ISP
and/or the phone company has its DSL network configured. Service
tags are used to distinguish between different PPPoE servers
attached to a given network. You should have been given any required
service tag information in the documentation provided by your ISP.
If you cannot locate it there, ask your ISP's tech support
personnel. This is the format of the command with the service tag
added:

set device PPPoE::service_tag

The  is the FBSD interface name used by PPPoE. The interface
must be UP (IE: enabled). It is only used as a transport, and does
not need to be assigned an IP address. This can be done
automatically at boot time by updating the /etc/rc.conf file. The
format of the statement to add is ifconfig_=up where  is the
NIC's FBSD interface name used by PPPoE that you specified in the
/etc/ppp/ppp.conf file.


ee /etc/rc.conf  # add following statements

ifconfig_=up

ifconfig_tun0="DHCP"# get your ISP assigned IP address



To setup user ppp to dial your ISP automatically at FBSD boot time,
you have to add the following statements to the rc.conf file. The
ddial option means to redial every time the connection to the ISP
gets dropped.

ee /etc/rc.conf


# Activate user ppp auto start at boot time
ppp_enable="YES" # Start User PPP task
ppp_mode="ddial" # ddial, auto, background
ppp_profile="dialisp"# section in ppp.conf to exec







-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ian Barnes
Sent: Wednesday, February 15, 2006 3:26 PM
To: freebsd-questions@freebsd.org
Subject: PPPoE question


Hi,



I am trying to setup my pppoe connection and I keep getting the
following
error:



Gateway ppp[526]: tun0: Error: ipcp_InterfaceUP: unable to set ip
address



My ppp.conf looks something like this:



default:

 nat enable yes

 nat same_ports yes

 nat use_sockets yes

 nat unregistered_only yes



dsl1:

 set log Phase Chat tun command

 set mru 1492

 set mtu 1492

 set device PPPoE:dc0# Where xl0 is your NIC code

 set authname [EMAIL PROTECTED]

 set authkey password

 set dial

 set login

 set timeout 120

 set ifaddr 10.10.0.1/0 10.10.0.2/0

 add default HISADDR



I have the following options compiled into my kernel:



#PPPOE stuff

options NETGRAPH

options NETGRAPH_SOCKET

options NETGRAPH_PPPOE

options NETGRAPH_ETHER

options  PPP_DEFLATE





I run ppp: ppp -nat -ddial dsl1. It tries to connect, but I keep
getting
that error.



Any ideas ?



Cheers

Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Weird KDE error - nss_ldap

[Per olof Ljungmark]

Running 6.1-STABLE, KDE 3.5.1, xorg 6.9.0. cvsupped and portupgraded 
this morning just to be sure.


When in konqueror using the "root file system" view, if I click on 
/home, nothing happens. All other directories are displayed ok.


In the terminal that started X I note the following cryptic message:

Assertion failed: (cfg->ldc_uris[__session.ls_current_uri] != NULL), 
function do_init, file ldap-nss.c, line 1245.

kioslave: ### CRASH ## protocol = file pid = 93413 signal = 6

The file ldap-nss.c is part of the nss_ldap port.

This is my workstation at home, and it uses LDAP through PAM for 
authentication. If I take out the references to ldap in nsswitch.conf, 
the problem goes away.


It may be just me who misconfigured the system but it did start after a 
major system/ports upgrade round about a week ago.


Could someone shed some light please?

Per olof

--

nsswitch.conf:
passwd: files [NOTFOUND=continue] ldap
group: files [NOTFOUND=continue] ldap
shells: files [NOTFOUND=continue] ldap
hosts: files dns
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Ethernet Stopping Problem

[Ian Barnes]

Hi,

I have a freebsd 5.2 box setup as my gateway for my home network. The
network is layed out as follows:

FreeBSD Gateway - 10.0.0.1/16
ADSL Router - 10.0.0.2/16

DHCP Network - 10.0.1.0 - 10.0.1.254 all /16 with default gateway as .1

I have ppp enabled on the freebsd unit, and it connects fine and then
everything works perfectly for anything between 5 and 10 minutes. At this
stage, the freebsd machine cant get to the 10.0.1.0 network anymore. It can
still ping 10.0.0.2 fine and its connection to the internet remains perfect.
It just wont let anyone else come in from anywhere else on the network. It
kills all SSH sessions, web sessions etc. I replaced the ifac card with an
ed0 card, and also replaced cables and the switch in between. 

The card in question is both a dc0 and an ed0 card which I have swapped into
another PCI port and it still does the same thing there. Below is an
ifconfig:

ed0: flags=108843 mtu 1500
inet 10.0.0.1 netmask 0x broadcast 10.0.255.255
ether 00:c0:df:fa:b8:74
plip0: flags=108810 mtu 1500
lo0: flags=8049 mtu 16384
inet 127.0.0.1 netmask 0xff00 
tun0: flags=8051 mtu 1492
inet 165.x.x.x --> 165.x.x.x netmask 0x 
Opened by PID 218
[EMAIL PROTECTED] ~ #


Here is a rc.conf:
[EMAIL PROTECTED] ~ # cat /etc/rc.conf
defaultrouter="10.0.0.2"
hostname="gateway.domain.local"
ifconfig_ed0="inet 10.0.0.1 netmask 255.255.0.0"
saver="logo"
sshd_enable="NO"
usbd_enable="YES"
blanktime="3600"
apache2_enable="YES"
mysql_enable="YES"
sendmail_enable="NONE"
gateway_enable="YES"
inetd_enable="NO"
kern_securelevel_enable="NO"
ppp_enable="YES"
ppp_nat="YES"
ppp_mode="ddial"
ppp_profile="dsl1"
dhcpd_enable="YES"
dhcpd_flags="-q"
dhcpd_conf="/usr/local/etc/dhcpd.conf"
dhcpd_ifaces="ed0"
[EMAIL PROTECTED] ~ #


I don't have any sysctl rules in place, and everything else about this unit
is standard.

I am not running a firewall at this stage and was just wondering what the
cause of this problem could be?

Cheers
Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[James Long]

> Date: Wed, 15 Feb 2006 10:52:26 -0500
> From: "James Csoka" <[EMAIL PROTECTED]>
> Subject: Blocking an individual email address
> To: 
> Message-ID: <[EMAIL PROTECTED]>
> Content-Type: text/plain; charset="iso-8859-1"
> 
> I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
> firewall and mailserver.  I am running Mailscanner, which invokes sendmail 
> when necessary to process mail.  Sendmail is not started by 
> defaultMailscanner invokes individual instances of it when it needs to.
> 
> Here is my problem.  I have an employee at my office that is sending work 
> email to her home email address.  I need to find a way to block her email 
> address, whether To, From, Cc, Bcc, or whatever, from passing through my 
> mailserver.  I have already added a line to /etc/mail/access  (in the format  
> [EMAIL PROTECTED]  REJECT), and have run makemap hash /etc/mail/access.db 
> < /etc/mail/access. I tested this with my personal email address 
> (external to my network), and it had the effect of blocking any email 
> orginating from my personal email to any address at my work, however it does 
> not prevent me from sending emails to this address from a work address, which 
> is the whole point.
> 
> Does anyone have any ideas?  I could tag the address as spam, but I would 
> rather not.  There has to be a way to block anyone from sending to a certain 
> email address, I would think.
> 
> Any help would be appreciated.
> 
> -Jim

I am not a sendmail expert, but try adding this line to your sendmail.mc:

FEATURE(blacklist_recipients)

My understanding is that this causes blacklisted email addresses to be
applied to both sender (which you verified, sending from your home personal
address) and recipients (which you're trying to accomplish, blocking the
employee's address when designated as a To:/Cc:/Bcc: recipient).

Add that line, remembering to re-create your sendmail.cf, restart sendmail,
and try again.

Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best approach to clone a disk?

[Steve Quinn]

--- Joe Auty <[EMAIL PROTECTED]> wrote:

> 
> It sort of helps, but sort of doesn't at the same time. I've tried  
> the dump command from the script using the correct slices, and still  
> had that kernel panic. I figured that using the Freesbie CD might be  
> a way of testing whether my install on my master/source drive was  
> somehow messed up, but I haven't gone very far with that (dump  
> reports "unsupported file system" errors).
> 
> I've also looked at growfs, but I'm not entirely sure how to handle  
> the prequisite to using it which is using bsdlabel. It seems that  
> running bsdlabel within /stand/sysinstall doesn't recognize the free  
> space, so I can't create a new partition map that reflects this free  
> space. I'll keep working at it though...
> 
> 
> Thanks for your help!
> 

Hi Joe

I didnt want to confuse you by adding the fact that dump/restore also 
eliminated the need to worry
about empty blocks but I'm glad Jerry mentioned it.  Thanks Jerry

I hope that you have a better handle on this now Joe

I'd be interested in seeing your /etc/fstab and script just to see if it's a 
simple typo or
something.

Take care

Steve

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Nathan Vidican]

Lowell Gilbert wrote:

"James Csoka" <[EMAIL PROTECTED]> writes:



After reading the page you linked to, and looking at the examples, I added
the line To:[EMAIL PROTECTED] REJECT (using my personal email), and it had no
effect.  I can't find any good reason it didn't work, but it fails to
prevent me from sending mail from inside my work network to my home address.



Maybe putting an alias on the home address?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



cd /etc/mail
vi access
make maps

You probably forgot to 'make maps'.

--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Large imap server.

[Francisco Reyes]

Foo Ji-Haw writes:


I'm not sure what's the peak traffic like, but we were using a standard P3
800Mhz server h/w w/ 1GB RAM, and SCSI drives.


How many of those?
Also is that your front-end (ie POP/IMAP) machine or your storage (NFS 
server) machine?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Help with the disappearing keys

[John S]

When I start the system and get to the lines:

Sun Feb 12 14:17:52 CET 2006

FreeBSD/i386 (jfs000) (ttyv0)

login:

I can type my login which is john, but I can also type the letters ÅÄÖ 
or åäö.
But as soon as I log in as john (or root) and see the message of the day 
and the prompt:


$

I can no longer type ÅÄÖ or åäö - all I get is beep for each key press 
for those keys.


Note also that my /etc/rc.conf has the lines

font8X8="iso-8x8"
font8x14="iso-8x14"
font8x16="iso-8x16"
keymap="swedish.iso"

Also

I set up the login classes as per the handbook and that appearently went 
well.

I use only USB mouse and keyboard and not AT keyboard or mouse.

What is the difference in the keyboard (or console or terminal) before 
and after the logon?


Grateful for any tips!


Thanks!
/John

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: math/lapack (lapack-3.0) (unknown build error)

[Michael L. Squires]

On Wed, 8 Feb 2006, Anthony Philipp wrote:


Hello,

I was doing an upgrade today and one of the ports failed. I have
since checked /usr/ports/UPDATING, the mailing list and then
updated my ports tree again, all to no avail. Here is the error:

---
f77 -O -c ssyr2k.f
f77 -O -c strmm.f
f77 -O -c strsm.f
i386 cr ../../BLAS/SRC/libblas.a isamax.o sasum.o saxpy.o scopy.o sdot.o 
snrm2.o  srot.o srotg.o sscal.o sswap.o lsame.o xerbla.o  sgemv.o sgbmv.o 
ssymv.o ssbmv.o sspmv.o  strmv.o stbmv.o stpmv.o strsv.o stbsv.o stpsv.o  
sger.o ssyr.o sspr.o ssyr2.o sspr2.o sgemm.o ssymm.o ssyrk.o ssyr2k.o strmm.o 
strsm.o
i386:No such file or directory
*** Error code 1

Stop in /usr/ports/math/lapack/work/LAPACK/BLAS/SRC.
*** Error code 1

Stop in /usr/ports/math/lapack/work/LAPACK.
*** Error code 1

Stop in /usr/ports/math/lapack.
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade78155.12 
make
** Fix the problem and try again.
** Detected a package name change: libmikmod (audio/libmikmod) -> 
'libmikmod-esound' (audio/libmikmod)
** No need to upgrade 'libmikmod-3.1.11' (>= libmikmod-esound-3.1.11). (specify 
-f to force)
** Detected a package name change: mpg123 (audio/mpg123) -> 'mpg123-esound' 
(audio/mpg123)
** No need to upgrade 'mpg123-0.59r_17' (>= mpg123-esound-0.59r_17). (specify 
-f to force)
** Detected a package name change: libao (audio/libao) -> 'libao-esound' 
(audio/libao)
** No need to upgrade 'libao-0.8.5' (>= libao-esound-0.8.5). (specify -f to 
force)
--->  Skipping 'math/scilab' (scilab-3.1.1_1) because a requisite package 
'lapack-3.0' (math/lapack) failed (specify -k to force)
** Listing the failed packages (*:skipped / !:failed)
   ! math/lapack (lapack-3.0)  (unknown build error)
   * math/scilab (scilab-3.1.1_1)
--->  Packages processed: 0 done, 561 ignored, 1 skipped and 1 failed
---



I have the same problem with 5.5-PRERELEASE.  It's obvious that "i386" is 
being used instead of "ar" - the routine that creates libraries - but the 
problem is not in the source directory since using "make" there uses "ar" 
correctly.


I suspect it has something to do with a patch that was reversed today, so 
you may want to re-cvsup your ports sources and try again - I am.


Mike Squires

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Lowell Gilbert]

"James Csoka" <[EMAIL PROTECTED]> writes:

> After reading the page you linked to, and looking at the examples, I added
> the line To:[EMAIL PROTECTED] REJECT (using my personal email), and it had no
> effect.  I can't find any good reason it didn't work, but it fails to
> prevent me from sending mail from inside my work network to my home address.

Maybe putting an alias on the home address?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Aaron Peterson]

On 2/15/06, Glenn McCalley <[EMAIL PROTECTED]> wrote:
>
> - Original Message -
> From: "Björn König" <[EMAIL PROTECTED]>
> To: "Glenn McCalley" <[EMAIL PROTECTED]>
> Cc: 
> Sent: Wednesday, February 15, 2006 11:13 AM
> Subject: Re: how to tell what ran what
>
>
> > Glenn McCalley schrieb:
> >
> > > Is there a way to find out -which- -process- calls another process?
> >
> > Each process is associated with a parent; look at the ppid column:
> >
> >ps axo user,pid,ppid,command
> >
> > Björn
> >
> >
> Thanks, I stated the question poorly.  My fault.
> Is historical info available and is it available by file name?
>
> I trying to find out (for example) what (unknown) program ran another
> (known) program between 0900 and 1000 yesterday - something like that.
>
> I've got a customer sending our emails that he shouldn't - I don't know
> which customer it is.  The program that sends the mail is running as a cgi
> so it all shows up as user "nobody".
>
> If I can get a list of what programs, path and file name, called sendmail
> over (say) the last 24 hours, one of them should jump off the page with an
> unreasonable level of activitiy.
>
> Thanks!
> Glenn.

Perhaps I'm missing something, but if a script is being called via CGI
it would need to be called by a process running as user "nobody" in
your case (like a web server).  In which case, you probably will never
know who called it, but you might get their IP address from the web
server access logs as has already been mentioned...  If you have a
server with multiple accounts for say, shared web hosting, you should
definitely grep through their scripts for something like "mail" to
look for the person who installed scripts with mailing functions... 
anyhow, wish you luck :-)

Aaron
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Nathan Vidican]

Glenn McCalley wrote:



Glenn McCalley schrieb:



Is there a way to find out -which- -process- calls another process?


Each process is associated with a parent; look at the ppid column:

  ps axo user,pid,ppid,command

Björn




Thanks, I stated the question poorly.  My fault.
Is historical info available and is it available by file name?

I trying to find out (for example) what (unknown) program ran another
(known) program between 0900 and 1000 yesterday - something like that.

I've got a customer sending our emails that he shouldn't - I don't know
which customer it is.  The program that sends the mail is running as a


cgi


so it all shows up as user "nobody".

If I can get a list of what programs, path and file name, called


sendmail


over (say) the last 24 hours, one of them should jump off the page with


an


unreasonable level of activitiy.



The web server logs don't tell you anything in the URL data?  A CGI script
usually has some parameters which might provide some assistance.

brian


--
Brian Sobolak
http://www.planetshwoop.com/




Thanks Brian, that's already tonights project to run through those logs and
see if anything jumps out there.  What I think he might be doing is either
POSTing the parameters (which won't show up) or he's loaded a file of email
addresses and just triggers the mailer with a simple cgi request.  Either
way he's got to be calling sendmail or mail to get it out the door I
believe.
Thanks!
Glenn.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


Another option would be to search CGI directories and grep files for 
'sendmail'.. if the CGI script calls sendmail externally and it's written in any 
non-compiled binary (usually are) - you should be able to grep 'sendmail' * in 
each cgi-enabled dir and find the cuplrit.


I've had this happen quite often with my hosting customers, where they put up a 
simple Perl script that pipe's it's output to sendmail, and abusers (not 
customers), and someone embeds an email in the 'comments' field or similar by 
adding header fields. There are of course numerous ways to get around this.


I find human-readable images are amongst the best way and are very easily 
implemented (took me a whole 20mins to write the code to do it generically 
accross all system for all hosting customers). (ie: 
http://www.wmptl.com/cgi-bin/contact.pl) - other ways include stripping colons 
from all fields returned via forms, etc.


Just bear in mind, it may be a customer's script causing spam/etc... but may not 
be their intention nor fault either. You'll always do better to approach them 
with a solution than a complaint.




--
Nathan Vidican
[EMAIL PROTECTED]
Windsor Match Plate & Tool Ltd.
http://www.wmptl.com/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best approach to clone a disk?

[Jerry McAllister]

> 
> > Thanks Steve, but this is exactly the same script I've been using all  
> > along, while in Single User Mode.
> > 
> > However, could you explain the zeroing of blocks, and what its  
> > purpose is for? Does this solve the problem of space being lost when  
> > cloning a disk to a larger disk?
> 
> Hi Joe
> 
> 
> Don't worry Joe, you are very very close
> 
> Regarding zeroing empty or unused blocks, have a look at this
> 
> http://www.digitalissues.co.uk/html/os/misc/partimage.html#22

If you use dump/restore, this does not apply at all.
Dump/restore goes by file nodes and uses only the existing files 
starting with the base of the file system directory structure and 
will not write out anything that is not in the current file tree.

Unless you are doing some experiment with sector mapping or some such,
you don't really want to do a binary clone of a disk or file system.
You want an functionally exact copy of the file system regardless of
the size or geometry of the receiving disk.   Dump/restore will give
you that and the other cloning utilities such as thag G4... or even dd
will not do that.

jerry


> 
> Regarding space lost cloning to a larger disk, zeroing unused blocks wont 
> help that.  Imagine your
> 10GB FreeBSD hard disk is cloned with G4U to a 20GB hard disk.  It will 
> probably work great but
> your 20GB disk is only half full.  You will have to use growfs to expand a 
> slice or create a new
> partition to reclaim the empty space. Sorry, I have not tried this yet and 
> have no experience.
> 
> In cloning to a bigger disk, I prefer the dump/restore script method as I get 
> to fully utilize the
> larger disk capacity
> 
> I hope this helps
> 
> Take care
> 
> Steve
> 
> __
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> 
> 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Glenn McCalley]

> >
> >
> >> Glenn McCalley schrieb:
> >>
> >> > Is there a way to find out -which- -process- calls another process?
> >>
> >> Each process is associated with a parent; look at the ppid column:
> >>
> >>ps axo user,pid,ppid,command
> >>
> >> Björn
> >>
> >>
> > Thanks, I stated the question poorly.  My fault.
> > Is historical info available and is it available by file name?
> >
> > I trying to find out (for example) what (unknown) program ran another
> > (known) program between 0900 and 1000 yesterday - something like that.
> >
> > I've got a customer sending our emails that he shouldn't - I don't know
> > which customer it is.  The program that sends the mail is running as a
cgi
> > so it all shows up as user "nobody".
> >
> > If I can get a list of what programs, path and file name, called
sendmail
> > over (say) the last 24 hours, one of them should jump off the page with
an
> > unreasonable level of activitiy.
> >
>
> The web server logs don't tell you anything in the URL data?  A CGI script
> usually has some parameters which might provide some assistance.
>
> brian
>
>
> --
> Brian Sobolak
> http://www.planetshwoop.com/
>
>
Thanks Brian, that's already tonights project to run through those logs and
see if anything jumps out there.  What I think he might be doing is either
POSTing the parameters (which won't show up) or he's loaded a file of email
addresses and just triggers the mailer with a simple cgi request.  Either
way he's got to be calling sendmail or mail to get it out the door I
believe.
Thanks!
Glenn.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: PPPoE question

[Björn König]

My ppp.conf looks like this:

  default:

  qdsl:
nat enable yes
set device PPPoE:fxp1
add! default HISADDR
set authname 
set authkey 

Maybe the missing "!" after the "add" keyword is the solution to your 
problem.


Björn

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Malibox is full

[Jerry McAllister]

> 
> Please Help Me
> 
> I have FreeBSD mail server but I have a problem that some emails I can’t 
> receive them because when they send the mail to me they receive a mail 
> written on it mailbox is full but when they send to me an email from yahoo 
> or hotmail I receive the mail

Do you have quotas turned on?

How full is the disk where the incoming mail actually resides?

If they send it from one place does it send it in multiple versions
such as plain text plus html plus some other graphic-ish code, but
their yahoo account sends it in only one way.

Are they including attachments some of the time, but not others?

Do you have a message size limit set somewhere?

Lots of things to check.
Probably there are others too.

jerry

> 
> Thank
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best approach to clone a disk?

[Joe Auty]

On Feb 15, 2006, at 2:40 PM, Steve Quinn wrote:


--- Joe Auty wrote:


Thanks Steve, but this is exactly the same script I've been using all
along, while in Single User Mode.

However, could you explain the zeroing of blocks, and what its
purpose is for? Does this solve the problem of space being lost when
cloning a disk to a larger disk?


Hi Joe

Sorry, you mentioned Freesbie and I assumed you had not used dump  
under your FreeBSD install


Now that I think about it, I was getting errors like yours when I  
was first learning this script

I remember having to adjust it to taste

Have a look at your fstab (cat /etc/fstab) and ensure the scripts  
references to your FreeBSD

slices match your system.

In the script I sent you, my clone destination disk was ad2 so you  
will need to look at that as

well

Don't worry Joe, you are very very close

Regarding zeroing empty or unused blocks, have a look at this

http://www.digitalissues.co.uk/html/os/misc/partimage.html#22

Regarding space lost cloning to a larger disk, zeroing unused  
blocks wont help that.  Imagine your
10GB FreeBSD hard disk is cloned with G4U to a 20GB hard disk.  It  
will probably work great but
your 20GB disk is only half full.  You will have to use growfs to  
expand a slice or create a new
partition to reclaim the empty space. Sorry, I have not tried this  
yet and have no experience.


In cloning to a bigger disk, I prefer the dump/restore script  
method as I get to fully utilize the

larger disk capacity




It sort of helps, but sort of doesn't at the same time. I've tried  
the dump command from the script using the correct slices, and still  
had that kernel panic. I figured that using the Freesbie CD might be  
a way of testing whether my install on my master/source drive was  
somehow messed up, but I haven't gone very far with that (dump  
reports "unsupported file system" errors).


I've also looked at growfs, but I'm not entirely sure how to handle  
the prequisite to using it which is using bsdlabel. It seems that  
running bsdlabel within /stand/sysinstall doesn't recognize the free  
space, so I can't create a new partition map that reflects this free  
space. I'll keep working at it though...



Thanks for your help!






---
Joe Auty
NetMusician: web publishing software for musicians
http://www.netmusician.org
[EMAIL PROTECTED]


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: i386 or amd64 ?

[Mark Kane]

Andrew Pantyukhin wrote:
> On 2/15/06, Panter V. <[EMAIL PROTECTED]> wrote:
>> I want to use this computer as a development server and firewall. I will
>> run Apache 2, PHP 5, MySQL, Samba, an FTP server ...
> 
> You'll have no problems with these programs on amd64. Printer
> drivers are probably platform-independent
> 
>> At a later time I would like to use this computer as a workstation as
>> well and I will need KDE, OpenOffice 2, Thunderbird, Firefox, Eclipse ...
> 
> You'll probably want to use i386 on a workstation for
> various compatibility issues. Difference in speed is close
> to unmeasurable. Give amd64 a shot, but you might
> find a show-stopper and will have to switch to i386.
> 
> So if you have some time to experiment, try amd64
> anyway. If you need to set up a box that you don't
> want to mess with once again, you'll have to stick to
> i386.

I use amd64 on my main workstation. There are a few things that I wish
worked, such as Flash (without using the Linux versions) and the nVidia
display drivers. Generally though everything else works great. Xorg,
Xfce, Firefox, Thunderbird, XChat, XMMS, mplayer, VLC, rTorrent, irssi,
klibido, K3b, Audacity, GIMP, etc are all programs that I use quite a
bit and have no problems with.

OpenOffice might be a little problem as I have not figured out Java yet
on amd64. I believe I have seen people do it but I have not had the need
to use it. I know it's a hassle even on i386 with getting all the files
manually from Sun's site and logging in and all that, so I just have not
bothered.

I'd try amd64 and see how it works for you. If it doesn't, you can
always switch.

-Mark

-- 
GnuPG Public Key:
http://www.mkproductions.org/mk_pubkey.asc

Internet Radio:
Party107 (Trance/Electronic) - http://www.party107.com
Rock 101.9 The Edge (Rock) - http://www.rock1019.net

IRC:
MIXXnet IRC Network - irc.mixxnet.net (Nick: MIXX941)



signature.asc
Description: OpenPGP digital signature

natd with several alias IPs

[Andrew Pantyukhin]

I wonder, what tricks do you use to use more than
one alias IP? I mean, if you have hundreds of
hosts behind your firewall, what can you do to alias
some of them to one ip, others to another and so on.

I know pf can probably do it in a better fashion, I just
wonder how we can do it with natd. Several natd
processes? Some other tricks?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Brian Sobolak]

Glenn McCalley wrote:
>
> - Original Message -
> From: "Björn König" <[EMAIL PROTECTED]>
> To: "Glenn McCalley" <[EMAIL PROTECTED]>
> Cc: 
> Sent: Wednesday, February 15, 2006 11:13 AM
> Subject: Re: how to tell what ran what
>
>
>> Glenn McCalley schrieb:
>>
>> > Is there a way to find out -which- -process- calls another process?
>>
>> Each process is associated with a parent; look at the ppid column:
>>
>>ps axo user,pid,ppid,command
>>
>> Björn
>>
>>
> Thanks, I stated the question poorly.  My fault.
> Is historical info available and is it available by file name?
>
> I trying to find out (for example) what (unknown) program ran another
> (known) program between 0900 and 1000 yesterday - something like that.
>
> I've got a customer sending our emails that he shouldn't - I don't know
> which customer it is.  The program that sends the mail is running as a cgi
> so it all shows up as user "nobody".
>
> If I can get a list of what programs, path and file name, called sendmail
> over (say) the last 24 hours, one of them should jump off the page with an
> unreasonable level of activitiy.
>

The web server logs don't tell you anything in the URL data?  A CGI script
usually has some parameters which might provide some assistance.

brian


--
Brian Sobolak
http://www.planetshwoop.com/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Malibox is full

[mamaj m]

Please Help Me

I have FreeBSD mail server but I have a problem that some emails I can’t 
receive them because when they send the mail to me they receive a mail 
written on it mailbox is full but when they send to me an email from yahoo 
or hotmail I receive the mail


Thank

_
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: bsd.port.mk broken since last commit

[Kris Kennaway]

On Wed, Feb 15, 2006 at 08:58:29PM +0100, Joerg Pulz wrote:
> 
> Hi,
> 
> i recently found out, that the OPENLDAP part of ports/Mk/bsd.port.mk is 
> broken since the last commit.
> I think it was only by accident, because the commit message says:
> - Update the OpenLDAP default version. [8]
> 
> Unfortunately, not the default version of OpenLDAP was changes but the 
> OpenLDAP shared library version was bumped.
> 
> I think the commit should change
> WANT_OPENLDAP_VER?=   22
> to
> WANT_OPENLDAP_VER?=   23
> 
> and not
> 
> LIB_DEPENDS+= ldap-2.3.1:${PORTSDIR}/net/openldap23${_OPENLDAP_FLAVOUR}-client
> to
> LIB_DEPENDS+= ldap-2.3.2:${PORTSDIR}/net/openldap23${_OPENLDAP_FLAVOUR}-client
> 
> Can someone please take a look at this and fix it.

Please raise this on ports@ and/or with the person who submitted the
change I committed.

Kris


pgp6WzLmmV9E1.pgp
Description: PGP signature

Re: Blocking an individual email address

[Dan Nelson]

In the last episode (Feb 15), James Csoka said:
> After reading the page you linked to, and looking at the examples, I
> added the line To:[EMAIL PROTECTED] REJECT (using my personal email),
> and it had no effect.  I can't find any good reason it didn't work,
> but it fails to prevent me from sending mail from inside my work
> network to my home address.

I thought To: checks would work on outgoing mail, but it looks like
that's not the case.  From
http://www.sendmail.org/m4/features.html#blacklist_recipients :

blacklist_recipients

  Turns on the ability to block incoming mail for certain recipient
  usernames, hostnames, or addresses. For example, you can block
  incoming mail to user nobody, host foo.mydomain.com, or
  [EMAIL PROTECTED] These specifications are put in the access db
  as described in the Anti-Spam Configuration Control section later in
  this document.
 
> any ideas?

Try posting your question to the comp.mail.sendmail newsgroup; search
the archives at http://groups.google.com/group/comp.mail.sendmail
first, though.  Someone must have wanted to do what you're trying
before.

-- 
Dan Nelson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: i386 or amd64 ?

[Andrew Pantyukhin]

On 2/15/06, Panter V. <[EMAIL PROTECTED]> wrote:
> I want to use this computer as a development server and firewall. I will
> run Apache 2, PHP 5, MySQL, Samba, an FTP server ...

You'll have no problems with these programs on amd64. Printer
drivers are probably platform-independent

> At a later time I would like to use this computer as a workstation as
> well and I will need KDE, OpenOffice 2, Thunderbird, Firefox, Eclipse ...

You'll probably want to use i386 on a workstation for
various compatibility issues. Difference in speed is close
to unmeasurable. Give amd64 a shot, but you might
find a show-stopper and will have to switch to i386.

So if you have some time to experiment, try amd64
anyway. If you need to set up a box that you don't
want to mess with once again, you'll have to stick to
i386.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Glenn McCalley]

- Original Message - 
From: "Björn König" <[EMAIL PROTECTED]>
To: "Glenn McCalley" <[EMAIL PROTECTED]>
Cc: 
Sent: Wednesday, February 15, 2006 11:13 AM
Subject: Re: how to tell what ran what


> Glenn McCalley schrieb:
>
> > Is there a way to find out -which- -process- calls another process?
>
> Each process is associated with a parent; look at the ppid column:
>
>ps axo user,pid,ppid,command
>
> Björn
>
>
Thanks, I stated the question poorly.  My fault.
Is historical info available and is it available by file name?

I trying to find out (for example) what (unknown) program ran another
(known) program between 0900 and 1000 yesterday - something like that.

I've got a customer sending our emails that he shouldn't - I don't know
which customer it is.  The program that sends the mail is running as a cgi
so it all shows up as user "nobody".

If I can get a list of what programs, path and file name, called sendmail
over (say) the last 24 hours, one of them should jump off the page with an
unreasonable level of activitiy.

Thanks!
Glenn.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

PPPoE question

[Ian Barnes]

Hi,

 

I am trying to setup my pppoe connection and I keep getting the following
error:

 

Gateway ppp[526]: tun0: Error: ipcp_InterfaceUP: unable to set ip address

 

My ppp.conf looks something like this:

 

default:

 nat enable yes

 nat same_ports yes

 nat use_sockets yes

 nat unregistered_only yes

 

dsl1:

 set log Phase Chat tun command

 set mru 1492

 set mtu 1492

 set device PPPoE:dc0# Where xl0 is your NIC code

 set authname [EMAIL PROTECTED]

 set authkey password

 set dial

 set login

 set timeout 120

 set ifaddr 10.10.0.1/0 10.10.0.2/0

 add default HISADDR

 

I have the following options compiled into my kernel:

 

#PPPOE stuff

options NETGRAPH

options NETGRAPH_SOCKET

options NETGRAPH_PPPOE

options NETGRAPH_ETHER

options  PPP_DEFLATE

 

 

I run ppp: ppp -nat -ddial dsl1. It tries to connect, but I keep getting
that error.

 

Any ideas ?

 

Cheers

Ian

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Syslog

[Noel Jones]

On 2/15/06, Peter Ankerstål <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I'm trying to get syslog to log on a remote host. This part is really
> not a problem, but when I try to define at the "loghost" to which files
> i want to log my incoming logs I don't get anything to work. I cant find
> anything in the manual either.
>
> I've tried this:
> +sphere
> *.* /var/log/sphere/messages
>

Read the syslog.conf and syslogd man pages carefully, they contain all
the info you need.
You probably need to adjust the syslogd entry in /etc/rc.conf to
remove the -s option, and add -a RemoteIP.  Then stop and restart
syslogd before continuing your test.

You also likely need to clear the "program specification" in
syslog.conf by using:
!*
+sphere
*.*  /var/log/sphere/messages


--
Noel Jones
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

bsd.port.mk broken since last commit

[Joerg Pulz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1


Hi,

i recently found out, that the OPENLDAP part of ports/Mk/bsd.port.mk is 
broken since the last commit.

I think it was only by accident, because the commit message says:
- - Update the OpenLDAP default version. [8]

Unfortunately, not the default version of OpenLDAP was changes but the 
OpenLDAP shared library version was bumped.


I think the commit should change
WANT_OPENLDAP_VER?= 22
to
WANT_OPENLDAP_VER?= 23

and not

LIB_DEPENDS+=   ldap-2.3.1:${PORTSDIR}/net/openldap23${_OPENLDAP_FLAVOUR}-client
to
LIB_DEPENDS+=   ldap-2.3.2:${PORTSDIR}/net/openldap23${_OPENLDAP_FLAVOUR}-client

Can someone please take a look at this and fix it.

Thanks a lot
Joerg

- -- 
The beginning is the most important part of the work.

-Plato
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFD84fnSPOsGF+KA+MRAgMdAKCqi1W5D2Jr4pVnxx6FFw6+L8Mk8wCfWBEZ
vBn6XZrMqZ3GmY0HsEGi1oc=
=Nz6o
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[James Csoka]

After reading the page you linked to, and looking at the examples, I added
the line To:[EMAIL PROTECTED] REJECT (using my personal email), and it had no
effect.  I can't find any good reason it didn't work, but it fails to
prevent me from sending mail from inside my work network to my home address.

any ideas?


- Original Message - 
From: "Dan Nelson" <[EMAIL PROTECTED]>
To: "James Csoka" <[EMAIL PROTECTED]>
Cc: "Freebsd - Questions" 
Sent: Wednesday, February 15, 2006 11:12 AM
Subject: Re: Blocking an individual email address


> In the last episode (Feb 15), James Csoka said:
> > Okay...I think I answered part of my question.  /etc/mail/access only
> > governs mail relaying.  Which would mean that of course, it wouldn't
accept
> > mail from that address, but would have no problem sending mail to it.
>
> It covers local and outgoing delivery as well.  If you add
>
> To:[EMAIL PROTECTED] REJECT
>
> then no-one will be able to send mail to that user from your site.  See
> http://www.sendmail.org/m4/anti_spam.html#access_db_fine .
>
> -- 
> Dan Nelson
> [EMAIL PROTECTED]
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best approach to clone a disk?

[Steve Quinn]

--- Joe Auty wrote:

> Thanks Steve, but this is exactly the same script I've been using all  
> along, while in Single User Mode.
> 
> However, could you explain the zeroing of blocks, and what its  
> purpose is for? Does this solve the problem of space being lost when  
> cloning a disk to a larger disk?

Hi Joe

Sorry, you mentioned Freesbie and I assumed you had not used dump under your 
FreeBSD install

Now that I think about it, I was getting errors like yours when I was first 
learning this script
I remember having to adjust it to taste

Have a look at your fstab (cat /etc/fstab) and ensure the scripts references to 
your FreeBSD
slices match your system.

In the script I sent you, my clone destination disk was ad2 so you will need to 
look at that as
well

Don't worry Joe, you are very very close

Regarding zeroing empty or unused blocks, have a look at this

http://www.digitalissues.co.uk/html/os/misc/partimage.html#22

Regarding space lost cloning to a larger disk, zeroing unused blocks wont help 
that.  Imagine your
10GB FreeBSD hard disk is cloned with G4U to a 20GB hard disk.  It will 
probably work great but
your 20GB disk is only half full.  You will have to use growfs to expand a 
slice or create a new
partition to reclaim the empty space. Sorry, I have not tried this yet and have 
no experience.

In cloning to a bigger disk, I prefer the dump/restore script method as I get 
to fully utilize the
larger disk capacity

I hope this helps

Take care

Steve

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

i386 or amd64 ?

[Panter V.]

Hello,

I have a AMD Sempron 2600+ 64 bit processor running on a soket 754 ECS 
motherboard 
(http://www.ecs.com.tw/ECSWeb/Products/ProductsDetail.aspx?DetailID=555&MenuID=21&LanID=9__)
_ 
_Computer 
has 256 DDRAM and I also want to connect 2 USB printers to it (a laser 
Xerox 3116 and an inkjet HP PSC 1110)


I want to use this computer as a development server and firewall. I will 
run Apache 2, PHP 5, MySQL, Samba, an FTP server ...
At a later time I would like to use this computer as a workstation as 
well and I will need KDE, OpenOffice 2, Thunderbird, Firefox, Eclipse ...


I have a few questions:

Can I use the amd64 version for this configuration?
If I use i386 does this mean performances will be visibly lower than 
using amd64?
Are the software and drivers I need 64 bit ready or will their 32 bit 
versions run at least as good as they would do on i386?

Which version do you recommend me to use i386 or amd64?

Thank you very much for your answers.

Panter.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: SATA Raid

[Chad Leigh -- Shire.Net LLC]

On Feb 15, 2006, at 4:17 AM, Robert Uzzi wrote:


That still dosen't connedt SATA to a non sata board though. That's my
situation I have 6 SATA drives but no SATA native board. Looking for a
cheap addin card to build this upon.


define "cheap"

LSI MegaRaid SATA-150 6 (or some comination of those words and  
numbers) are in the upper $200 range and support 6 SATA drives, have  
FreeBSD tools and drivers, and are not simple sw raid type cards.   
monarchcomputer.com has had the best LSI SATA card price I have found.


I use the 4 -port version successfully under FreeBSD and Solaris 10  
(Solaris had to be slightly hacked as they had the driver but not the  
right PCI ids)


Chad



In that case maybe you want to consider software raid on freebsd.  
It's

dead
easy to install and configure.
http://www.onlamp.com/pub/a/bsd/2005/11/10/FreeBSD_Basics.html




___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions- 
[EMAIL PROTECTED]"


---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: RELENG_6 and a Razer Copperhead mouse don't work

[lars]

I have a Diamondback that works well under Xorg and console:

ums0: Razer Razer Diamondback Optical Mouse, rev 2.00/1.00, addr 2,
iclass 3/1

Section "InputDevice"
Identifier  "Mouse0"
Driver  "mouse"
Option  "Protocol" "auto"
Option  "Device" "/dev/sysmouse"
Option  "Buttons" "5"
Option  "ZAxisMapping" "4 5"
EndSection

I think that enabling usdb in /etc/rc.conf will kickstart moused,
giving you console access to the mouse; and this even though moused is
disabled by default in /etc/defaults/rc.conf.

Thanks, it was the entry in /etc/rc.conf which I changed to:



usbd_enable="YES"

moused_enable="YES"
moused_type="auto"
moused_port="/dev/sysmouse"



Before, it was with
moused_port="/dev/ums0"

It's a bit jumpy, not to say erratic, and selects things by itself,
but maybe I need to twiddle with some settings in KDE.
But it works now, neat.

Thanks a lot for the pointer, Joe.

Regards,
lars.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: RELENG_6 and a Razer Copperhead mouse don't work

[Joe Altman]

On Tue, Feb 14, 2006 at 07:57:09PM +, [EMAIL PROTECTED] wrote:
>
>   19. RELENG_6 and a Razer Copperhead mouse don't work (lars)
> 
> --
> 
> Message: 19
> Date: Tue, 14 Feb 2006 19:26:53 +0100
> From: lars <[EMAIL PROTECTED]>
> Subject: RELENG_6 and a Razer Copperhead mouse don't work
> 
> Hi all
> 
> I run FreeBSD RELENG_6 on an A8N32-SLI Deluxe motherboard
> http://www.asus.com/products4.aspx?l1=3&l2=15&l3=0&model=744&modelmenu=1
> with a Razer Copperhead (www.razerzone.com) mouse connected via USB.
> 
> The OS boots without error and also recognizes my USB keyboard.
> 
> But when I try to configure my mouse with sysinstall the mouse
> cursor flickers for a split second and then disappears.
> 
> An entry /dev/ums0 in rc.conf doesn't help either.
> 
> It also doesn't work in X, of course. A Logitech MX300 USB mouse
> works however.
> 
> Has anyone managed to get this Razer mouse (which is quite comfy)

It's like a glove, yes, it is.

> to run correctly with FreeBSD?

I have a Diamondback that works well under Xorg and console:

ums0: Razer Razer Diamondback Optical Mouse, rev 2.00/1.00, addr 2,
iclass 3/1

Section "InputDevice"
Identifier  "Mouse0"
Driver  "mouse"
Option  "Protocol" "auto"
Option  "Device" "/dev/sysmouse"
Option  "Buttons" "5"
Option  "ZAxisMapping" "4 5"
EndSection

I think that enabling usdb in /etc/rc.conf will kickstart moused,
giving you console access to the mouse; and this even though moused is
disabled by default in /etc/defaults/rc.conf.

-- 
In my country there is problem; and that problem is GOP; it take
everybody's money; and it never give it back...throw GOP down the
well; so my country can be free...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Michel Di Croci]

2006/2/15, Philip Hallstrom <[EMAIL PROTECTED]>:
>
> > I am running a FreeBSD 5.4p10 machine at my office.  It functions as our
> > firewall and mailserver.  I am running Mailscanner, which invokes
> > sendmail when necessary to process mail.  Sendmail is not started by
> > defaultMailscanner invokes individual instances of it when it needs
> > to.
> >
> > Here is my problem.  I have an employee at my office that is sending
> > work email to her home email address.  I need to find a way to block her
>
> > email address, whether To, From, Cc, Bcc, or whatever, from passing
> > through my mailserver.  I have already added a line to /etc/mail/access
> > (in the format [EMAIL PROTECTED] REJECT), and have run makemap hash
> > /etc/mail/access.db < /etc/mail/access.  I tested this with my personal
> > email address (external to my network), and it had the effect of
> > blocking any email orginating from my personal email to any address at
> > my work, however it does not prevent me from sending emails to this
> > address from a work address, which is the whole point.
>
> I doubt we know the whole story, but even if you do find a way to make
> this work what stops her from...
>
> - emailing her work to her gmail/hotmail/yahoo account?
> - copying her email and putting it on a thumb drive?
> - printing it out and taking it home?
>
> If you are trying to stop her from taking "work material" home then you've
>
> got a much bigger problem.
>


There's also the issue that she can use a webmail to send mail to her house
account and joining document there
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Stale Dependancy

[Chris Maness]

This might be Newbie question:

What is the cleanest way to resolve stale dependency with 
gamin-0.1.5_3.  I think I remember seeing a message that it merged into 
fam.  I did a portupgrade -a, and it's still there.  I was surprised 
this was not self cleansing because I used CVSUP to sync my port tree.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Philip Hallstrom]

I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
firewall and mailserver.  I am running Mailscanner, which invokes 
sendmail when necessary to process mail.  Sendmail is not started by 
defaultMailscanner invokes individual instances of it when it needs 
to.


Here is my problem.  I have an employee at my office that is sending 
work email to her home email address.  I need to find a way to block her 
email address, whether To, From, Cc, Bcc, or whatever, from passing 
through my mailserver.  I have already added a line to /etc/mail/access 
(in the format [EMAIL PROTECTED] REJECT), and have run makemap hash 
/etc/mail/access.db < /etc/mail/access.  I tested this with my personal 
email address (external to my network), and it had the effect of 
blocking any email orginating from my personal email to any address at 
my work, however it does not prevent me from sending emails to this 
address from a work address, which is the whole point.


I doubt we know the whole story, but even if you do find a way to make 
this work what stops her from...


- emailing her work to her gmail/hotmail/yahoo account?
- copying her email and putting it on a thumb drive?
- printing it out and taking it home?

If you are trying to stop her from taking "work material" home then you've 
got a much bigger problem.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Robert Slade]

On Wed, 2006-02-15 at 15:52, James Csoka wrote:
> I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
> firewall and mailserver.  I am running Mailscanner, which invokes sendmail 
> when necessary to process mail.  Sendmail is not started by 
> defaultMailscanner invokes individual instances of it when it needs to.
> 
> Here is my problem.  I have an employee at my office that is sending work 
> email to her home email address.  I need to find a way to block her email 
> address, whether To, From, Cc, Bcc, or whatever, from passing through my 
> mailserver.  I have already added a line to /etc/mail/access  (in the format  
> [EMAIL PROTECTED]  REJECT), and have run makemap hash /etc/mail/access.db 
> < /etc/mail/access. I tested this with my personal email address 
> (external to my network), and it had the effect of blocking any email 
> orginating from my personal email to any address at my work, however it does 
> not prevent me from sending emails to this address from a work address, which 
> is the whole point.
> 
> Does anyone have any ideas?  I could tag the address as spam, but I would 
> rather not.  There has to be a way to block anyone from sending to a certain 
> email address, I would think.
> 
> Any help would be appreciated.
> 
> -Jim

Jim,

Just a thought have you tired adding the address to /etc/aliases and
sending the mail to a different address or a back hole?

Rob
  

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: IPFILTER rule error

[Giorgos Keramidas]

On 2006-02-15 16:23, Erik Norgaard <[EMAIL PROTECTED]> wrote:
> Maxim Vetrov wrote:
> >
> >#  Internal interface #1 - rl0 (10.0.1.0/29)
> >#
> >
> >
> >#% Block-and-log everything that is not allowed explicitly
> >%
> >block in log on rl0 all head 20
> >block out log on rl0 all head 25
> >#% Allow Sun RPC incoming calls
> >
> >pass in quick on rl0 \
> >  proto tcp/udp from any to any port = sunrpc keep state group 20
> >pass in quick on rl0 \
> >  proto tcp/udp from any to any port = 717 keep state group 20
> ># the next line raise the error when uncommented
> >#pass out quick on rl0 \
> >#  proto udp from any to any port = 111 keep state group 20
>
> I think someone else already pointed at this: You try to add a rule for
> outbound traffic to the inbound group in the offending line. Try correct
> to group 25.

That's true.  I did post the relevant message:

Date: Tue, 14 Feb 2006 17:13:33 +0200
From: Giorgos Keramidas <[EMAIL PROTECTED]>
Subject: Re: IPFILTER rule error
To: Maxim Vetrov <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], [EMAIL PROTECTED]

[...]

Note that you have only set up a group numbered '25' for outgoing
traffic, but then attempt to add a rule to an outgoing group of '20'.
This is the cause of the error you're seeing.

This ruleset should work fine:

#   block in log on rl0 all head 20
#   block out log on rl0 all head 25
#
#   pass in quick on rl0 \
# proto tcp/udp from any to any port = sunrpc keep state group 20
#   pass in quick on rl0 \
# proto tcp/udp from any to any port = 717 keep state group 20
#   pass out quick on rl0 \
# proto udp from any to any port = 111 keep state group 25

[...]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: how to tell what ran what

[Björn König]

Glenn McCalley schrieb:


Is there a way to find out -which- -process- calls another process?


Each process is associated with a parent; look at the ppid column:

  ps axo user,pid,ppid,command

Björn
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Dan Nelson]

In the last episode (Feb 15), James Csoka said:
> Okay...I think I answered part of my question.  /etc/mail/access only
> governs mail relaying.  Which would mean that of course, it wouldn't accept
> mail from that address, but would have no problem sending mail to it.

It covers local and outgoing delivery as well.  If you add

To:[EMAIL PROTECTED]REJECT

then no-one will be able to send mail to that user from your site.  See
http://www.sendmail.org/m4/anti_spam.html#access_db_fine .

-- 
Dan Nelson
[EMAIL PROTECTED]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: NVidia GeForce 6600 problems

[Alejandro Pulver]

On Thu, 2 Feb 2006 11:39:19 -0300
Alejandro Pulver <[EMAIL PROTECTED]> wrote:

> On Thu, 02 Feb 2006 12:05:14 +
> Alex Zbyslaw <[EMAIL PROTECTED]> wrote:
> 
> > Alejandro Pulver wrote:
> > 
> > >On Wed, 1 Feb 2006 15:06:21 -0300
> > >Alejandro Pulver <[EMAIL PROTECTED]> wrote:
> > >
> > >  
> > >
> > >>Hello,
> > >>
> > >>I have recently bought a GeForce 6600 video card, and sometimes
> > >>(not very often) I experience the following problem:
> > >>
> > >>A little after starting X11 (for example when I start downloading
> > >>e-mails), the screen freezes a few seconds, after that the screen
> > >>looks like if widgets (buttons, text, etc.) aren't drawn, and the
> > >>white background of Sylpheed-Claws covers the screen. Then I am
> > >>forced to switch to the 1st console (Ctrl+Alt+F1), which takes
> > >>around 30 seconds, and then kill X11.
> > >>
> > >>I have FreeBSD 5.4 release, Xorg 6.8.2 and nvidia-driver 1.0.8178.
> > >>
> > >>
> > I have a 6600 with FreeBSD 5.4 XOrg 6.8.2 but still 
> > nvidia-driver-1.0.7676_1.  I have an occasional problem where the
> > whole screen is shifted left on startup, but exiting and restarting
> > X fixes it.  You could try downgrading to an older nvidia-driver and
> > see if it helps.  Portdowngrade should do that, but I've never used
> > it myself.
> > 
> > You may have more luck if you try the nvidia support forum.
> > Definitely slower than this mailing list but someone from nvidia was
> > reading it, last time I used it.
> > 
> > http://www.nvnews.net/vbulletin/forumdisplay.php?f=47
> > 
> > --Alex
> > 
> 
> Hello,
> 
> Thank you for your reply.
> 
> I have recently (started yesterday, and finishing yoday) upgraded my
> ports (including Xorg -> 6.9). If the problems persist I will try the
> old dirver and post information about the error in the NVidia forums.
> 
> Best Regards,
> Ale

Hello again,

I have discovered the problem: the lock of the AGP slot wasn't on
(when I changed the video card I forgot the lock isn't automatic as the
one in the memory slots).

I noticed this when the card was disconnected completely (it has a
cooler, so I guess the vibration did it). Once I rebooted and the
screen was black (the integrated video card was used instead of the
NVidia). Other time I saw the kernel message indicating the card was
detached and instantly detected again.

Best Regards,
Ale
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: best approach to clone a disk?

[Joe Auty]

On Feb 15, 2006, at 10:51 AM, Steve Quinn wrote:


--- Joe Auty <[EMAIL PROTECTED]> wrote:


Thanks Steve,

These were the exact instructions I started with, only on a different
page

The problem with these for me is that dump caused a core dump. I've
been trying to run dump while booted up from a Freesbie CD, but I was
getting "unknown file system" errors I didn't know how to deal with.

I'm going to try g4u next, but I'm surprised that what I originally
thought would be a simple task has turned out to be such an amazing
chore =(




Hi Joe

Have you tried booting the system you want to clone into single  
user mode and running dump fron
that file system?  This would guarantee that dump understands the  
file system


Attached is my script if you want to give it a go

Before you do anything though, I suggest making a full disk G4U backup

Dont forget to zero out any empty blocks

I do this under the operating system prior to G4U to guarantee any  
unused blocks are zero'd


dd if=/dev/zero of=/zerobits bs=1024k
rm /zerobits
dd if=/dev/zero of=/tmp/zerobits bs=1024k
rm /tmp/zerobits
dd if=/dev/zero of=/usr/zerobits bs=1024k
rm /usr/zerobits
dd if=/dev/zero of=/var/zerobits bs=1024k
rm /var/zerobits

I hope this helps





Thanks Steve, but this is exactly the same script I've been using all  
along, while in Single User Mode.


However, could you explain the zeroing of blocks, and what its  
purpose is for? Does this solve the problem of space being lost when  
cloning a disk to a larger disk?










---
Joe Auty
NetMusician: web publishing software for musicians
http://www.netmusician.org
[EMAIL PROTECTED]


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[Ken Stevenson]

James Csoka wrote:

I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
firewall and mailserver.  I am running Mailscanner, which invokes sendmail when 
necessary to process mail.  Sendmail is not started by defaultMailscanner 
invokes individual instances of it when it needs to.

Here is my problem.  I have an employee at my office that is sending work email to 
her home email address.  I need to find a way to block her email address, whether 
To, From, Cc, Bcc, or whatever, from passing through my mailserver.  I have 
already added a line to /etc/mail/access  (in the format  [EMAIL PROTECTED]  
REJECT), and have run makemap hash /etc/mail/access.db < /etc/mail/access. 
I tested this with my personal email address (external to my network), and it had 
the effect of blocking any email orginating from my personal email to any address 
at my work, however it does not prevent me from sending emails to this address 
from a work address, which is the whole point.

Does anyone have any ideas?  I could tag the address as spam, but I would 
rather not.  There has to be a way to block anyone from sending to a certain 
email address, I would think.

Any help would be appreciated.

-Jim


I don't mean to be a wise ass but this sounds wrong on so many levels. 
Why can't she send email to her home email address? If there's a good 
reason, can't you firmly explain the company policy to her, tell her 
all mail is logged and that she'll be fired if she continues to 
violate company policy?


Bottom line, if she doesn't care about following company policy, 
she'll get around any countermeasures you try to employ, one way or 
the other.


--
Ken Stevenson
Allen-Myland Inc.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Blocking an individual email address

[James Csoka]

Okay...I think I answered part of my question.  /etc/mail/access only
governs mail relaying.  Which would mean that of course, it wouldn't accept
mail from that address, but would have no problem sending mail to it.

Soany ideas on how I can simply block 1 particular email address,
without marking it as spam?


- Original Message - 
From: "James Csoka" <[EMAIL PROTECTED]>
To: 
Sent: Wednesday, February 15, 2006 10:52 AM
Subject: Blocking an individual email address


> I am running a FreeBSD 5.4p10 machine at my office.  It functions as our
firewall and mailserver.  I am running Mailscanner, which invokes sendmail
when necessary to process mail.  Sendmail is not started by
defaultMailscanner invokes individual instances of it when it needs to.
>
> Here is my problem.  I have an employee at my office that is sending work
email to her home email address.  I need to find a way to block her email
address, whether To, From, Cc, Bcc, or whatever, from passing through my
mailserver.  I have already added a line to /etc/mail/access  (in the format
[EMAIL PROTECTED]  REJECT), and have run makemap hash
/etc/mail/access.db < /etc/mail/access. I tested this with my personal
email address (external to my network), and it had the effect of blocking
any email orginating from my personal email to any address at my work,
however it does not prevent me from sending emails to this address from a
work address, which is the whole point.
>
> Does anyone have any ideas?  I could tag the address as spam, but I would
rather not.  There has to be a way to block anyone from sending to a certain
email address, I would think.
>
> Any help would be appreciated.
>
> -Jim
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
>
>

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: Odd daily run output

[Ceri Davies]

On 15 Feb 2006, at 13:26, Lowell Gilbert wrote:


Jimmie James <[EMAIL PROTECTED]> writes:


I know there's 8% reserved for softupdates, but how is it possible
that there's _extra_ space on /tmp ?  What am I missing?  This is the
first time I've seen this.


This is a FAQ.
In fact, it's listed in the FAQ list.
"How is it possible for a partition to be more than 100% full?"
http://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/ 
disks.html#DISK-MORE-THAN-FULL


Except that it isn't, and you should read the questions more carefully.

Ceri
--
That must be wonderful!  I don't understand it at all.
  -- Moliere





PGP.sig
Description: This is a digitally signed message part

Re: Concerns about wording of man blackhole

[Chuck Swiger]

Fabian Keil wrote:
> I set Followup-To freebsd-questions.

OK.

[ ... ]
> In which way does this protect against stealth port scans?
 Returning a RST tells the scanner that the port is definitely
 closed. Returning nothing gives less information.
>>> As open ports still show up as open I don't see the protection.
>>> If some port are open, the attacker can assume that all the
>>> "filtered" ports are closed.
>> Most people use a firewall because they are running services (and
>> thus have open ports) which they do not want the rest of the Internet
>> to be able to connect to.
> 
> What does this have to do with "blackhole".  

The "blackhole" sysctl makes it somewhat harder for an intruder to figure out
which ports are really closed versus which ports are being filtered, and
how/where that filtering is being done.

Firewalls are used to make open ports appear "filtered" to external connection
attempts.  Someone who assumes that all filtered ports are really closed is not
making a correct assumption.

>> If there exists someone who assumes all "filtered" ports are closed,
>> well, wouldn't that fact demonstrate that the blackhole mechanism
>> does help...?
>  
> Help with what? From the attacker's point of view it makes little
> difference if a port appears as filtered or closed.

A knowledgeable security analyst or a blackhat trying to crack the network would
certainly not assume "closed" and "filtered" are the same thing.

Many networks have been compromised by poorly configured proxies which let
skillful intruders leapfrog around the firewall by abusing the HTTP CONNECT
method, including some high-profile examples at the NYTimes and other big-name
companies.

Other techniques include using the IP option for explicit source routing and can
fool poorly designed firewall configurations into thinking the connection comes
from the firewall itself, or some other trusted IP.

[ ... ]
 These reconnection attempts will greatly slow down attempts to scan
 ports rapidly.
>>> Which shouldn't result in a DOS anyway. The reconnection attempts
>>> will even increase the inbound traffic.
>> Yes, but to ports that aren't actually open.
>>
>> It's relatively cheap and easy to process such packets by just
>> dropping them, compared with processing them in a userland daemon.
> 
> What userland daemon?

The canonical example is inetd, but any process which listen()s on a port and
accept()s incoming connections would qualify as a "userland daemon".

>> And I'd much rather have malicious traffic heading towards a closed
>> port than towards a critical service.
> 
> Sure, but "blackhole behaviour" alone doesn't prevent malicious traffic
> from reaching critical services.

True.  Like the manpage said, "blackhole" isn't a substitute for a firewall.

>> [ ... ]
>>> Again I don't see the gain. Eventually the port scan will be
>>> finished and open ports found.
>> If you can flip a sysctl which increases the time it takes for
>> Slammer or Nimda or some other worm to scan through all of the IP's
>> on your network, the admins there have more time to respond, and
>> there is a better chance that AV software will get updates to block
>> the malware before too many systems get infected.
> 
> If you already have the firewall to drop those unwanted connections
> you might as well just reset them.

Unfortunately, a firewall can only affect traffic which passes by it.  There are
plenty of cases where someone opens an attachment in a malicious email, which
infects their system and causes it to scan/probe LAN IPs.

Having a firewall won't do a thing to protect you from local scans.  Using
"blackhole" on internal machines can help this scenario somewhat.

-- 
-Chuck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Blocking an individual email address

[James Csoka]

I am running a FreeBSD 5.4p10 machine at my office.  It functions as our 
firewall and mailserver.  I am running Mailscanner, which invokes sendmail when 
necessary to process mail.  Sendmail is not started by defaultMailscanner 
invokes individual instances of it when it needs to.

Here is my problem.  I have an employee at my office that is sending work email 
to her home email address.  I need to find a way to block her email address, 
whether To, From, Cc, Bcc, or whatever, from passing through my mailserver.  I 
have already added a line to /etc/mail/access  (in the format  [EMAIL 
PROTECTED]  REJECT), and have run makemap hash /etc/mail/access.db < 
/etc/mail/access. I tested this with my personal email address (external to 
my network), and it had the effect of blocking any email orginating from my 
personal email to any address at my work, however it does not prevent me from 
sending emails to this address from a work address, which is the whole point.

Does anyone have any ideas?  I could tag the address as spam, but I would 
rather not.  There has to be a way to block anyone from sending to a certain 
email address, I would think.

Any help would be appreciated.

-Jim
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Re: IPFILTER rule error

[Erik Norgaard]

Maxim Vetrov wrote:


#  Internal interface #1 - rl0 (10.0.1.0/29)   #


#% Block-and-log everything that is not allowed explicitly %
block in log on rl0 all head 20
block out log on rl0 all head 25
#% Allow Sun RPC incoming calls 
pass in quick on rl0 \
  proto tcp/udp from any to any port = sunrpc keep state group 20
pass in quick on rl0 \
  proto tcp/udp from any to any port = 717 keep state group 20
# the next line raise the error when uncommented
#pass out quick on rl0 \
#  proto udp from any to any port = 111 keep state group 20


I think someone else already pointed at this: You try to add a rule for 
outbound traffic to the inbound group in the offending line. Try correct 
to group 25.


Cheers, Erik

--
Ph: +34.666334818  web: www.locolomo.org
S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt
Subject ID:  9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72
Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

mount_smbfs performance

[Nenad Mihajlovic]

Hello all,

I have the smbfs performance problem while connecting to the Windows 
(w2k3) share in the AD environment, wint 6.1-PRERELEASE - with the 
filesystem mounted through mount_smbfs i get 300-350 kBps (kiloBytes 
per sec) speed, while through the smbclient i get the speeds in excess 
of 8MB/s.

Is this possible bug in mount_smbfs or just the simple misconfiguration?
I have configured the /etc/nsmb.conf file as per manual and it really 
gets connected nicely but afterwards it presents me with catastrophic 
results.


With respect
Nenad Mihajlovic

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

how to tell what ran what

[Glenn McCalley]

Hi there,
Is there a way to find out -which- -process- calls another process?
OK, for instance, I know that user "userid" called sendmail 3 times because
sa or lastcomm or whatever tells me so, but what -program- issued the call.
Something like:

usercalledcalled from
nobodysendmail/usr/local/apache/cgi-bin/

Failed attempts would be nice to know as well.

Thanks!
Glenn.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"