Re: using portsnap and portmaster on my ns1.thought.org server.
On Thu, May 27, 2010 at 10:46:24PM -0700, Gary Kline wrote: On Fri, May 28, 2010 at 07:41:33AM +0200, Roland Smith wrote: On Thu, May 27, 2010 at 03:59:56PM -0700, Gary Kline wrote: i just tried using portmaster -a -B -d on my server that has many fewer ports than anywhere else. both here [on tao] and on the server, portmaster Aborts suddenly after complaining about my have defined or set WITH_KDE_PHONON anybody know what i'm foing wrong? Do you have WITH_KDE_PHONON in your make.conf? Are you trying to upgrade to KDE/QT 4? If so, look at the port makefiles for multimedia/phonon and multimedia/qt4-phonon and you'll see why it aborts. i =did= comment out the .ifdef [qt4 stuff and still gott he complaint that WITH_KDE_PHONON was defined. --the only thing left is to reboot; but that is a bit drastic, :-) actually, i just realized this was for KDE4 only. altho the UPDATING mentioned kde 3.5.X to 4.4. anyhow, looks like i'm safe. still touching stuff. strangely, i was sending mail when tao did a sudden reboot. i lost every bit of mail... [[right now anm doing a portsnap extract.] Wait. i just remembered that i was on ethic, my server; i think i did try to build kde4 and must have setenv'd WITH_KDE_PHONON there. it's on my server where portmaster chokes. i cannot seen to unsetenv that qt4 stuff. well, anyhow, it's late: time for a kwik bath and get some sleep. i'm beat. gary Roland -- R.F.Smith http://www.xs4all.nl/~rsmith/ [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: linux cp -u question
On Thu, 27 May 2010 18:41:21 +0200, Coert lgro...@waagmeester.co.za wrote: Hello all, Is there a FreeBSD equivalent for the linux cp -u ? http://linux.die.net/man/1/cp (-u, --update) Check out cpdup (available via ports or packages). -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: any shortcuts to doc to ascii?
On Thu, 27 May 2010 16:36:08 -0700, Gary Kline kl...@thought.org wrote: i don't see any ascii suffix [for OOo]. i saved as .txt. This should be right. The .txt extension refers to ASCII text, at least in standard-compliant operating systems. same krap. the \x94, x9d, \x9c... same with catdoc. i'll try antiword. [forgot about that. ] This makes me believe that the original DOC file has been created with a wrong character set or language setting. Windows - as far as I know - does not use standard locales such as all other systems do, but uses an arbitrary setting. Another idea may be that the character that you think should be an apostrophe isn't an apostrophe. I often do see this in german texts with misplaces apostrophes that are in fact accent grave or accent acute, or a character from UTF-8 that just looks like an apostrophe. For example, if the original document contains We don`t and this ` is not a real ', then conversion tools will of course use the escape notation for this unknown character. Other characters that may lead to such escape notation replacements can be quotation marks (usually typographical ones), ellipsis and hyphens. I know I'm saying this too often, but you wouldn't have such problems with LaTeX. :-) I'm not sure in how far conflicting codepages may be involved. It is known that Windows does have problems supporting standards, and this applies to character sets and language variations, too. your words could be emblazoned in 24k gold on some Monument of Truth. It's my job - I'm working for the Ministry of Truth. :-) i've been fighting going for mac to OOo and back... Keep on fighting - I've got a new idea. It's much more complicated than using OpenOffice for conversion - but it MIGHT work. 1. Open the DOC file in OpenOffice. 2. Mark all content you want to convert, e. g. Ctrl+A. 3. Get it into edit buffer, Ctrl+C. 4. Open KDE's text editor (or any other text editor you have installed), output the edit buffer, Ctrl+V. 5. Save the file you now got in the editor. It should be all in ASCII and with correct interpretation of special characters. Because I don't have a test setting here, I cannot predict that it will compensate malformed codings, but if OpenOffice shows a character as an apostrophe, it should be transferred exactly as that through the edit buffer. ps: antiword same as catdoc. back to my per substitutions. that works, along with vi's Builtin subs. The joy of modern programs: You start to do everything manually again. :-) -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
devel/gobject-introspection
When doing daily portupgrades I have a problem with
devel/gobject-introspection :
...
/giscanner/xmlwriter.py, line 71, in module
from giscanner._giscanner import collect_attributes
File
/usr/ports/devel/gobject-introspection/work/gobject-introspection-0.6.11
/giscanner/libtoolimporter.py, line 53, in load_module
('.so', 'rb', 3))
ImportError: Shared object libz.so.4 not found, required by
libgio-2.0.so.0
gmake[2]: *** [GLib-2.0.gir] Error 1
gmake[2]: Leaving directory
`/usr/ports/devel/gobject-introspection/work/gobject
-introspection-0.6.11/gir'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory
`/usr/ports/devel/gobject-introspection/work/gobject
-introspection-0.6.11'
gmake: *** [all] Error 2
*** Error code 1
Stop in /usr/ports/devel/gobject-introspection.
It looks for libz.so.4 but
$ locate libz.so
/lib/libz.so.5
/usr/compat/linux/usr/lib/libz.so.1
/usr/compat/linux/usr/lib/libz.so.1.2.2.2
/usr/lib/libz.so
This system was upgraded from 7.2 to 8.0.
It still seems to look for a 7.2 version of libz instead of libz.so.5 which
is what is used in 8.0
I tried
# cd /usr/ports/devel/gobject-introspection
# make deinstall
(reports no problems)
# make reinstall
but this gives the same errors
# pkgdb -F
--- Checking the package registry database
Stale dependency: consolekit-0.4.1_2 - gobject-introspection-0.6.10
(devel/gobj
ect-introspection):
Install stale dependency? ([y]es/[n]o/[a]ll) [yes]
How to fix this?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Serious' crypto?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27/05/2010 21:49:12, Peter Cornelius wrote: NAT. Doing serious crypto slows things up somewhat. I've been pondering this since a while but thought that crypto engines on modern hardware would make 'extra' hardware accelerators obsolete? Yes -- in many use cases this is true. Modern processors are fast enough that they don't need an external accelerator to perform. It doesn't mean that running crypto imposes *no* extra cost on a server. For instance, a web server running HTTP will (roughly speaking) be able to support an order of magnitude more simultaneous sessions than the same site served over HTTPS. Or is it still worthwhile to consider hardware accelerators such as the ones guys like soekris [1] and others offer? Does anyone have an idea how much such an accelerator may help on older vs. on newer hardware? Those soekris boards are designed to work in low power (both in wattage and in compute capability) appliances. That is a perfectly viable alternative design for a crypto-gateway router / packet filter intended for traffic levels within the specification they claim. Hmmm... 250Mb/s IPSec throughput is (I think -- not having tried this, I cannot be certain) easily accessible through a fairly run of the mill server such as the HP Proliant DL120 G6. Of course, the HP box costs about 4--5 times as much as the Soekris. It will have a great deal more spare RAM, disk, compute capacity etc. No idea abut on-going support costs, but I don't think you could get support cover with a 4 hour on-site response from Soekris... Would multiple engines work (and help) at all? From crypto(4), I would not guess so. One consequence would be that there may be certain limitations in using a separate accelerator once the platform comes with its own accelerator device? One feature that hardware accelerator boards provide which is hard to get otherwise is plenty of random numbers on tap. Generating cryptographically strong randomness in volume is pretty hard computationally, and a hardware solution really helps things like IPSec throughput. Also, if you need really high volume crypto traffic throughput (multiple Gb/s levels), then yes, you will need specialised hardware. However, in this case, you're likely to be using pretty fancy routers (Cisco, Juniper, etc.) and those all have options for hardware acceleration built into interface cards. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv/c3QACgkQ8Mjk52CukIxJIwCbBTN1wcUcOodn6s7Sxa8yv4lE d+sAmwTZLxLo7KyMIdEKJJOLfa8OfVmI =KzX7 -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Serious' crypto? (was: FreeBSD router - large scale)
Hi Chuck, Thanks for the response. Or is it still worthwhile to consider hardware accelerators such as the ones guys like soekris [1] and others offer? Does anyone have an idea how much such an accelerator may help on older vs. on newer hardware? Something like a 1GHz P3 or equivalent can generally do the symmetric crypto about as fast as a decent PCI crypto card like the HiFN 795x could; bus limitations made faster CPUs better, although a newer PCIe crypto device ought to be more competitive. What matters more for some common use cases is that crypto H/W tends to do asymmetric crypto like RSA/DSA signing to negotiate a shared session key-- aka SSL session creation for SSL websites, secure email, SSH keys, etc much faster than normal CPUs could. I guess I try first without and see where I hit the ceiling. Then go to plan b. I was more thinking of many IPSEC connections but then there's also only so many slots and so many NICs in them. I'll try without and monitor that for a while and then see what happens. Would multiple engines work (and help) at all? From crypto(4), I would not guess so. One consequence would be that there may be certain limitations in using a separate accelerator once the platform comes with its own accelerator device? Sure, you can setup multiple engines, although this does better if you have separate services using each, since you do want to use an SSL session cache, but you don't want to pollute one for HTTPS with sessions from IMAPS and vice versa. Also, the config interface for Apache/IIS/whatever, or Dovecot/Cyrus/Exchange, etc might not let you specify more than one SSLEngine. On the other hand, it's not very much coding to adjust things to use multiple engines even within Apache or whatever-- I can recall some custom webserver modules from CryptoSwift for NSAPI / ISAPI / ASAPI which let you use multiple CryptoSwift boxes via ethernet network or local PCI slots, for example. Hmm... I was thinking more like round-robin the devices but I probably now too little about 'serious' crypto to see the side-effects. Anyways, I think the question is a bit academic at this time since I probably divide the servers anyways. Thanks again, All the best regards, Peter. -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Serious' crypto?
Hi Matthew, Thanks for the response. NAT. Doing serious crypto slows things up somewhat. I've been pondering this since a while but thought that crypto engines on modern hardware would make 'extra' hardware accelerators obsolete? Yes -- in many use cases this is true. Modern processors are fast enough that they don't need an external accelerator to perform. It doesn't mean that running crypto imposes *no* extra cost on a server. For instance, a web server running HTTP will (roughly speaking) be able to support an order of magnitude more simultaneous sessions than the same site served over HTTPS. And a hardware crypto device will level HTTPS to the HTTP volume without it? Or is it still worthwhile to consider hardware accelerators such as the ones guys like soekris [1] and others offer? Does anyone have an idea how much such an accelerator may help on older vs. on newer hardware? Those soekris boards are designed to work in low power (both in wattage and in compute capability) appliances. That is a perfectly viable alternative design for a crypto-gateway router / packet filter intended for traffic levels within the specification they claim. That is what I currently consider. The low power is a good thing. I just wonder whether it is worthwhile to hunt for a newer hardware (= more expensive, both in wattage and procurement) or stick to a known platform and just add a new component. Hmmm... 250Mb/s IPSec throughput is (I think -- not having tried this, I cannot be certain) easily accessible through a fairly run of the mill server such as the HP Proliant DL120 G6. Of course, the HP box costs about 4--5 times as much as the Soekris. It will have a great deal more spare RAM, disk, compute capacity etc. No idea abut on-going support costs, but I don't think you could get support cover with a 4 hour on-site response from Soekris... I know the DL series though I have used more the DL360 G4-G6 ones. I like something with low noise and power intake, hopefully achieving passive cooling. Would multiple engines work (and help) at all? From crypto(4), I would not guess so. One consequence would be that there may be certain limitations in using a separate accelerator once the platform comes with its own accelerator device? One feature that hardware accelerator boards provide which is hard to get otherwise is plenty of random numbers on tap. Generating cryptographically strong randomness in volume is pretty hard computationally, and a hardware solution really helps things like IPSec throughput. I think I do understand that (I hope :)) Also, if you need really high volume crypto traffic throughput (multiple Gb/s levels), then yes, you will need specialised hardware. However, in this case, you're likely to be using pretty fancy routers (Cisco, Juniper, etc.) and those all have options for hardware acceleration built into interface cards. Yes, I know the Ciscos very well but currently the Junipers look more appropriate to me for one application we have. The Junipers probably go outside the ASAs inside. My reason for the post was considering more another 'quiet' and 'lowpower' project I have, so that's probably a completely different pair of shoes. I'll try without first and then see what comes out of it. Thanks again, and All the best, Peter. -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: BSD support for latest hardware
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/05/2010 05:18:35, chip_bai...@dell.com wrote: I'm interested in finding out if the latest version of freebsd supports the latest processors from AMD (Magny-Cours) Intel Nehalem EP(Westmere) EX? Yes, sure it does. How many cpu cores are supported in a single server? Max memory? I think the formal limit is more than you could sensibly expect to use. Practically speaking, FreeBSD will perform well on a machine with 8 or 16 cores given an appropriate multi-threaded workload. Maximum RAM is always determined by the capacity of the motherboard (assuming a 64bit machine). You want 768GB RAM? No problem. The release notes seem to reference old hardware (not a bad thing) but I'm focused on latest architectures. Thanks for any input or pointers to where I can find this information. Asking whether *processors* are supported is really the wrong question. Processors are by their nature code-compatible with older models, so, yes, the OS will run on those CPUs[*]. You want to look at the motherboard chipsets and peripherals such as SAS/SATA controllers as the limiting factors. Unfortunately in this case, you won't find a great deal of information about what is supported at the leading edge -- motherboard manufacturers seem to think that testing against Windows and Linux is sufficient. FreeBSD tends to list support by the model name and number of the specific components in question, rather than the whole hardware platform. See, for example the man pages for eg. amr(4) http://www.freebsd.org/cgi/man.cgi?query=amrapropos=0sektion=0manpath=FreeBSD+8.0-RELEASEformat=html The FreeBSD project does target the hardware produced by big-name vendors such as HP, Dell, Intel. Probably none of those will officially support FreeBSD (not that hardware vendor support of an OS is really that critical when making purchasing decisions) -- but find the right bod in their support departments, and they will tell you off the record if FreeBSD works or not. Commodity H/W manufacturers like Asus, Tyan, Supermicro are a different matter -- there are more or less formal arrangements for getting sample kit into the hands of FreeBSD developers from some of these, but it's all a bit ad hoc. If you can, try firing up a live CD on the hardware before you put your money down. You will generally be pleasantly surprised: most server grade kit is pretty well supported. Cheers, Matthew [*] Support for the very latest code features and CPU specific optimizations does take some time to percolate through to RELEASE versions; exacerbated at the moment by the incompatibility of the GPLv3 license and hence the ongoing project to shift from gcc to llvm/clang as the system compiler. - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv/fswACgkQ8Mjk52CukIxDhgCeOuHoJDn507zmtGYnyLKE8bab 46EAoISQtZ25cMlp9CSVV5BAWzyhgLMR =wEIS -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
hmm [???]
ok,here is what i'm seeing via ``portmanager -a -B -d'' both here on tao [desktop and my Server. i'm not clear on exactly what's wht except that the sourcefile to build this qt4-* is HUGE. I can probably build ti on my server and use the package. yes? no? foobar? this is the tail end before the abort: === Launching child to update qt4-phonon-4.6.1 to qt4-phonon-4.6.2 === Port directory: /usr/ports/multimedia/qt4-phonon === This port is marked IGNORE === conflicts with multimedia/phonon. You have defined WITH_KDE_PHONON to override Qt4 phonon === If you are sure you can build it, remove the IGNORE line in the Makefile and try again. === Update for qt4-phonon-4.6.1 failed === Aborting update suggestions? explainations?, etc? and now off to saw some logs. gary PS, entirely offtopic-- to Polyt:: you and the Ministry of Truth was the best laugh the entire week! -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: devel/gobject-introspection
On Fri, 2010-05-28 at 09:09 +0200, n dhert wrote:
When doing daily portupgrades I have a problem with
devel/gobject-introspection :
...
/giscanner/xmlwriter.py, line 71, in module
from giscanner._giscanner import collect_attributes
File
/usr/ports/devel/gobject-introspection/work/gobject-introspection-0.6.11
/giscanner/libtoolimporter.py, line 53, in load_module
('.so', 'rb', 3))
ImportError: Shared object libz.so.4 not found, required by
libgio-2.0.so.0
gmake[2]: *** [GLib-2.0.gir] Error 1
gmake[2]: Leaving directory
`/usr/ports/devel/gobject-introspection/work/gobject
-introspection-0.6.11/gir'
gmake[1]: *** [all-recursive] Error 1
gmake[1]: Leaving directory
`/usr/ports/devel/gobject-introspection/work/gobject
-introspection-0.6.11'
gmake: *** [all] Error 2
*** Error code 1
Stop in /usr/ports/devel/gobject-introspection.
It looks for libz.so.4 but
$ locate libz.so
/lib/libz.so.5
/usr/compat/linux/usr/lib/libz.so.1
/usr/compat/linux/usr/lib/libz.so.1.2.2.2
/usr/lib/libz.so
This system was upgraded from 7.2 to 8.0.
It still seems to look for a 7.2 version of libz instead of libz.so.5 which
is what is used in 8.0
I tried
# cd /usr/ports/devel/gobject-introspection
# make deinstall
(reports no problems)
# make reinstall
but this gives the same errors
The problem here is that devel/glib20 still links agains the 7.2 libz
(which is gone) while this port wants to link agains 8.0 libz.
As a rule of the thumb if you upgrade to another major freebsd release.
You will need to reinstall _all_ of your ports. You can do this by using
portmaster or portupgrade. Or make a list of all installed ports, then
use pkg_delete -a to remove them all. And reinstall them then.
# pkgdb -F
--- Checking the package registry database
Stale dependency: consolekit-0.4.1_2 - gobject-introspection-0.6.10
(devel/gobj
ect-introspection):
Install stale dependency? ([y]es/[n]o/[a]ll) [yes]
How to fix this?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Serious' crypto?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 28/05/2010 09:20:11, Peter Cornelius wrote: Yes -- in many use cases this is true. Modern processors are fast enough that they don't need an external accelerator to perform. It doesn't mean that running crypto imposes *no* extra cost on a server. For instance, a web server running HTTP will (roughly speaking) be able to support an order of magnitude more simultaneous sessions than the same site served over HTTPS. And a hardware crypto device will level HTTPS to the HTTP volume without it? Probably. The usual approach with HTTPS once traffic levels get big enough is crypto-offload. You use a separate device as the crypto endpoint: typically built into a load balancer. You can do this using a PF based firewall using relayd(8) for a lot less money, and in this case one crypto accelerator card in your firewall could support several webservers behind it. Also, if you need really high volume crypto traffic throughput (multiple Gb/s levels), then yes, you will need specialised hardware. However, in this case, you're likely to be using pretty fancy routers (Cisco, Juniper, etc.) and those all have options for hardware acceleration built into interface cards. Yes, I know the Ciscos very well but currently the Junipers look more appropriate to me for one application we have. The Junipers probably go outside the ASAs inside. Heh. When I said 'pretty fancy kit' I meant something considerably more *shiny* than a Cisco ASA5510. In fact, running OpenBSD on a commodity server is roughly performance compatible with a 5510 but considerably cheaper if you want all the trimmings like high-availability, unlimited numbers of servers, GB on all interfaces etc. Note that ASA5510 level kit tends to do things like deep packet inspection, content based filtering etc. [Not to mention fubar'ing EDNS0 and screwing with SMTP so hard it breaks.] PF itself is purely based on dealing with packet headers: however you can easily add things like squid caching and filtering, snort etc. but these will ramp up the CPU requirements beyond what a small appliance could support. My reason for the post was considering more another 'quiet' and 'lowpower' project I have, so that's probably a completely different pair of shoes. I'll try without first and then see what comes out of it. Commodity servers certainly don't fulfil the quiet requirement. Most of them have enough fannage to build a fairly respectable hovercraft. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate JID: matt...@infracaninophile.co.uk Kent, CT11 9PW -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkv/gz4ACgkQ8Mjk52CukIwOfgCfXdrawnYYFZj3npV3gleqJlcY 5msAn2tVjGtoUJQTB/lR3dqMM4X+PS1U =LS+F -END PGP SIGNATURE- ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 'Serious' crypto?
Hi Matthew, And a hardware crypto device will level HTTPS to the HTTP volume without it? Probably. The usual approach with HTTPS once traffic levels get big enough is crypto-offload. You use a separate device as the crypto endpoint: typically built into a load balancer. You can do this using a PF based firewall using relayd(8) for a lot less money, and in this case one crypto accelerator card in your firewall could support several webservers behind it. That's pretty close to what I had in mind though I considered a separate device in a DMZ for load balancing and mod_proxy/mod_security, as a minimum. However, HTTP(s) is only one of so many protocols. Heh. When I said 'pretty fancy kit' I meant something considerably more *shiny* than a Cisco ASA5510. In fact, running OpenBSD on a commodity Ok, you win that one :) We typically use one up from that as a minimum. Dunno if that regains me my face though... server is roughly performance compatible with a 5510 but considerably cheaper if you want all the trimmings like high-availability, unlimited numbers of servers, GB on all interfaces etc. That is all true but these arguments do only work if you talk to security-literate people, not managers who prefer something with a real seal on and regular updates etc. Since the latter are the ones who authorise the cash, here we go. There are some who I can convince but frequently it's just not worth the discussion. Imho, unfortunately, but I don't want to start an advocacy thread here. Note that ASA5510 level kit tends to do things like deep packet inspection, content based filtering etc. [Not to mention fubar'ing EDNS0 and screwing with SMTP so hard it breaks.] PF itself is purely based on dealing with packet headers: however you can easily add things like squid caching and filtering, snort etc. but these will ramp up the CPU requirements beyond what a small appliance could support. As indicated initially, I intend to shift the load off the firewall to a separate device which then may do a lot more to the traffic than the firewall. But I don't see why I should'nt try to use the same kind of hardware platform for both. However it may be, I first set up this with the hardware I already have and then see what I find and where to optimise best before going to series. I also must improve significantly on my config management before I actually can do that just as others do when I look at other threads. My reason for the post was considering more another 'quiet' and 'lowpower' project I have, so that's probably a completely different pair of shoes. I'll try without first and then see what comes out of it. Commodity servers certainly don't fulfil the quiet requirement. Most of them have enough fannage to build a fairly respectable hovercraft. Nope, they don't. I used to dry my hair behind the cabinets. And I used to have a lot of that :) Thanks again for your responses, and All the best regards, Peter. -- GRATIS für alle GMX-Mitglieder: Die maxdome Movie-FLAT! Jetzt freischalten unter http://portal.gmx.net/de/go/maxdome01 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: hmm [???]
On Fri, 28 May 2010 01:35:09 -0700 Gary Kline kl...@thought.org wrote: ok,here is what i'm seeing via ``portmanager -a -B -d'' both here on tao [desktop and my Server. i'm not clear on exactly what's wht except that the sourcefile to build this qt4-* is HUGE. I can probably build ti on my server and use the package. yes? no? foobar? this is the tail end before the abort: === Launching child to update qt4-phonon-4.6.1 to qt4-phonon-4.6.2 === Port directory: /usr/ports/multimedia/qt4-phonon === This port is marked IGNORE === conflicts with multimedia/phonon. You have defined WITH_KDE_PHONON to override Qt4 phonon === If you are sure you can build it, remove the IGNORE line in the Makefile and try again. === Update for qt4-phonon-4.6.1 failed === Aborting update suggestions? explainations?, etc? deinstall multimedia/qt4-phonon or undefine WITH_KDE_PHONON ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD router - large scale
On 27.05.2010 17:00, Kevin Wilcox wrote: Hello everyone. We're in the very early stages of considering [Free|Open]BSD on commodity hardware to handle NAT *and* firewall duties for (what I consider to be) a sizable deployment. Overall bandwidth is low, only a gigabit connection, but we handle approximately fifteen thousand devices. DHCP and DNS would be passed through to other servers, this hardware would only be responsible for address translation and pf. I've done this on a very, very small scale (small/home office, small business) but I'm curious how many other folks are doing it on this scale, the hardware they are running on and any gotchas they may have faced. Does pf on FreeBSD take advantage of multiple cores/SMP? Is it preferable, as with OpenBSD, to go for a very stout processor without much consideration to cores? Would freebsd-net@ be a better place to ask this? I'm getting ready to start digging in to memory and other resources needed based on available documentation but real-world usage is much preferred to my academic assessment. Actually, I'd find an answer from the FreeBSD Networking gurus useful as well. My trusted Cisco 3640 is getting old (had it's ten-years-of-service birthday a little while ago), so I guess I must be prepared to replace it with something new. Preferrably something that can do proper NAT port mapping to the inside servers in an RFC1918-adressed DMZ, proper NAT mapping for the client net, incoming VPDN (virtual private dialin network, such as PPTP+MPE and L2TP+IPSEC tunelling), sane IDS in the border-gateway, GRE or IPinIP tunelling with crypto for remote-sites, etc If somebody has a good starting-point for documentation on these features, I'm more than willing to do a procject on it to create a mini-howto/handbook-section on setting up FreeBSD as your border gateway, provided I have someone to ask when the documentation is ... flaky. ;) It would be interesting to see what kind of performance modern hardware could get, compared to dedicated hardware a decade old. :) //Svein -- +---+--- /\ |Svein Skogen | sv...@d80.iso100.no \ / |Solberg Østli 9| PGP Key: 0xE5E76831 X|2020 Skedsmokorset | sv...@jernhuset.no / \ |Norway | PGP Key: 0xCE96CE13 | | sv...@stillbilde.net ascii | | PGP Key: 0x58CD33B6 ribbon |System Admin | svein-listm...@stillbilde.net Campaign|stillbilde.net | PGP Key: 0x22D494A4 +---+--- |msn messenger: | Mobile Phone: +47 907 03 575 |sv...@jernhuset.no | RIPE handle:SS16503-RIPE +---+--- If you really are in a hurry, mail me at svein-mob...@stillbilde.net This mailbox goes directly to my cellphone and is checked even when I'm not in front of my computer. Picture Gallery: https://gallery.stillbilde.net/v/svein/ signature.asc Description: OpenPGP digital signature
Re: FreeBSD router - large scale
On 28/05/2010 12:31, Svein Skogen (Listmail Account) wrote: On 27.05.2010 17:00, Kevin Wilcox wrote: Hello everyone. We're in the very early stages of considering [Free|Open]BSD on commodity hardware to handle NAT *and* firewall duties for (what I consider to be) a sizable deployment. Overall bandwidth is low, only a gigabit connection, but we handle approximately fifteen thousand devices. DHCP and DNS would be passed through to other servers, this hardware would only be responsible for address translation and pf. I've done this on a very, very small scale (small/home office, small business) but I'm curious how many other folks are doing it on this scale, the hardware they are running on and any gotchas they may have faced. Does pf on FreeBSD take advantage of multiple cores/SMP? Is it preferable, as with OpenBSD, to go for a very stout processor without much consideration to cores? Would freebsd-net@ be a better place to ask this? I'm getting ready to start digging in to memory and other resources needed based on available documentation but real-world usage is much preferred to my academic assessment. Actually, I'd find an answer from the FreeBSD Networking gurus useful as well. My trusted Cisco 3640 is getting old (had it's ten-years-of-service birthday a little while ago), so I guess I must be prepared to replace it with something new. Preferrably something that can do proper NAT port mapping to the inside servers in an RFC1918-adressed DMZ, proper NAT mapping for the client net, incoming VPDN (virtual private dialin network, such as PPTP+MPE and L2TP+IPSEC tunelling), sane IDS in the border-gateway, GRE or IPinIP tunelling with crypto for remote-sites, etc If somebody has a good starting-point for documentation on these features, I'm more than willing to do a procject on it to create a mini-howto/handbook-section on setting up FreeBSD as your border gateway, provided I have someone to ask when the documentation is ... flaky. ;) This is possibly the wrong place to be saying this, but isn't OpenBSD usually recommended for routers? I believe the version of pf, for example, is normally kept more up-to-date than than in FreeBSD. The major downside I know of is that it's not nearly as user-friendly; for example my recollection of its installer is that you have to input sector offsets manually in the partition editor! -- Bruce Cran ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
cron not sending emails
Hi All! After upgrading to 8.0 RELEASE, I'm not getting any emails from cron. If I put this into root's crontab * * * * * echo TEST then I see this in the maillog: May 14 10:53:00 server postfix/sendmail[2958]: fatal: user(1001): No recipient addresses found in message header I'm using postfix. Sendmail config looks fine: A /etc/mail/mailer.conf -ban ez van: # # Execute the Postfix sendmail program, named /usr/local/sbin/sendmail # sendmail/usr/local/sbin/sendmail send-mail/usr/local/sbin/sendmail mailq/usr/local/sbin/sendmail newaliases/usr/local/sbin/sendmail I tried to run cron -x: # cron -x bit,ext,load,misc,pars,proc,sch cron.log debug flags enabled: ext sch proc pars load misc bit [92380] cron started log_it: (tmp.27734 92380) ORPHAN (no passwd entry) log_it: (root 92429) CMD (echo Test) ^C The cron.log file itself is very very long (there are many programs and user configs). I'll paste the relevant parts only: root:load_user() load_env, read MAILTO=gandalf load_env, MAILTO gandalf - MAILTO=gandalf load_env, read SHELL=/bin/sh load_env, SHELL /bin/sh - SHELL=/bin/sh load_env, read PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin load_env, PATH /bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin - PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin load_env, read * * * * * echo Test load_env, parse error, state = 7 load_entry()...about to eat comments load_entry()...about to parse numerics load_entry()...about to parse command load_entry()...returning successfully ...load_user() done [done] At the end of the file: [2400] checking account with PAM [2401] grandchild process Vfork()'ed [2402] grandchild process Vfork()'ed [2403] grandchild process Vfork()'ed [2404] grandchild process Vfork()'ed [2405] grandchild process Vfork()'ed [2395] child continues, closing pipes [2395] child reading output from grandchild [2406] grandchild process Vfork()'ed [2396] child continues, closing pipes [2396] child reading output from grandchild [2397] child continues, closing pipes [2397] child reading output from grandchild [2398] child continues, closing pipes [2398] child reading output from grandchild [2399] child continues, closing pipes [2399] child reading output from grandchild [2400] child continues, closing pipes [2400] child reading output from grandchild [2395] closing pipe to mail [2331] sigchld...pid #2395 died, stat=0 [2331] sigchld...no dead kids [2331] TargetTime=1275040320, sec-to-wait=60 [2331] sleeping for 60 seconds [2399] got EOF from grandchild [2399] waiting for grandchild #2 to finish [2399] grandchild #2404 finished, status= [2399] waiting for grandchild #1 to finish [2399] no more grandchildren--mail written? [2399] child process done, exiting [2331] sigchld...pid #2399 died, stat=0 [2331] sigchld...no dead kids [2331] TargetTime=1275040320, sec-to-wait=60 [2331] sleeping for 60 seconds [2398] got EOF from grandchild [2398] waiting for grandchild #2 to finish [2398] grandchild #2405 finished, status= [2398] waiting for grandchild #1 to finish [2398] no more grandchildren--mail written? [2398] child process done, exiting [2331] sigchld...pid #2398 died, stat=0 [2331] sigchld...no dead kids [2331] TargetTime=1275040320, sec-to-wait=60 [2331] sleeping for 60 seconds [2397] got EOF from grandchild [2397] waiting for grandchild #2 to finish [2397] grandchild #2403 finished, status= [2397] waiting for grandchild #1 to finish [2397] no more grandchildren--mail written? [2397] child process done, exiting [2331] sigchld...pid #2397 died, stat=0 [2331] sigchld...no dead kids [2331] TargetTime=1275040320, sec-to-wait=59 [2331] sleeping for 59 seconds So, what is wrong? Thanks, Laszlo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD router - large scale
On 28.05.2010 13:38, Bruce Cran wrote: *snip!* This is possibly the wrong place to be saying this, but isn't OpenBSD usually recommended for routers? I believe the version of pf, for example, is normally kept more up-to-date than than in FreeBSD. The major downside I know of is that it's not nearly as user-friendly; for example my recollection of its installer is that you have to input sector offsets manually in the partition editor! My main reasoning for wanting this done on FreeBSD i don't introduce yet another OS into the equation, there is sufficient confusion as there is ;) //Svein -- +---+--- /\ |Svein Skogen | sv...@d80.iso100.no \ / |Solberg Østli 9| PGP Key: 0xE5E76831 X|2020 Skedsmokorset | sv...@jernhuset.no / \ |Norway | PGP Key: 0xCE96CE13 | | sv...@stillbilde.net ascii | | PGP Key: 0x58CD33B6 ribbon |System Admin | svein-listm...@stillbilde.net Campaign|stillbilde.net | PGP Key: 0x22D494A4 +---+--- |msn messenger: | Mobile Phone: +47 907 03 575 |sv...@jernhuset.no | RIPE handle:SS16503-RIPE +---+--- If you really are in a hurry, mail me at svein-mob...@stillbilde.net This mailbox goes directly to my cellphone and is checked even when I'm not in front of my computer. Picture Gallery: https://gallery.stillbilde.net/v/svein/ signature.asc Description: OpenPGP digital signature
port system bug report
Egorka# uname -a FreeBSD Egorka.noc.kstu-kai.ru 7.3-RELEASE FreeBSD 7.3-RELEASE #0: Thu Apr 15 16:40:38 MSD 2010 Egorka# cd /usr/ports/ports-mgmt/portupgrade Egorka# make clean Makefile, line 60: Could not find /usr/ports/misc/ldconfig_compat/bsd.ldconfig.mk make: fatal errors encountered -- cannot continue Egorka# cd /usr/ports/ Egorka# make search name=ldconfig_compat Port: ldconfig_compat-1.0_8 Path: /usr/ports/misc/ldconfig_compat Info: Ldconfig compatibility script Maint: f...@freebsd.org B-deps: R-deps: WWW: Port: misc/ldconfig_compat Moved: Date: 2010-05-14 Reason: Supported releases don't need the port anymore Problem can be solved by commenting of line 60 in /usr/ports/ports-mgmt/portupgrade/Makefile ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: any shortcuts to doc to ascii?
On Thu, May 27, 2010 at 10:53:39PM -0700, Gary Kline wrote: On Thursday 27 May 2010 05:18:07 pm Bob Hall wrote: On Thu, May 27, 2010 at 04:36:08PM -0700, Gary Kline wrote: ps: antiword same as catdoc. back to my per substitutions. that works, along with vi's Builtin subs. Have you considered using whatever replaces the most special characters, and fixing the few characters that remain with sed? exactly!!! Another possibility, if you haven't considered it, is using sed to convert everything. If you know all the characters that need to be swapped out, you can write a sed script that will do it for you in one pass. If you don't know sed, creating the script may be a PITA, but you'll only have to do it once, and then you can reuse the script whenever needed. As I recall, the hard part is figuring out how to represent the special characters in sed. It's been a few years since I used sed on doc files, but I recall that the character codes that displayed on my screen were not the codes that I needed to use in sed scripts. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cron not sending emails
Hi-- On May 28, 2010, at 4:42 AM, Laszlo Nagy wrote: If I put this into root's crontab * * * * * echo TEST then I see this in the maillog: May 14 10:53:00 server postfix/sendmail[2958]: fatal: user(1001): No recipient addresses found in message header These do not correspond. It seems to think that the crontab is for uid 1001, but it can't seem to lookup a passwd entry for that uid: log_it: (tmp.27734 92380) ORPHAN (no passwd entry) -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: any shortcuts to doc to ascii?
On Fri, May 28, 2010 at 10:45:38AM -0400, Bob Hall wrote: Another possibility, if you haven't considered it, is using sed to convert everything. If you know all the characters that need to be Never mind. I just remembered about the garbage at the beginning of doc files. I had forgotten that I using both sed and awk to deal with that when I was working with doc files. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cron not sending emails
Chuck Swiger írta: Hi-- On May 28, 2010, at 4:42 AM, Laszlo Nagy wrote: If I put this into root's crontab * * * * * echo TEST then I see this in the maillog: May 14 10:53:00 server postfix/sendmail[2958]: fatal: user(1001): No recipient addresses found in message header These do not correspond. I can assure you, that the maillog DOES correspond to the cron job. E.g. if I add two jobs for the same point in time, then two new lines will appear in the maillog, at exactly the given time. If I remove them, then no line will show up etc. It seems to think that the crontab is for uid 1001, but it can't seem to lookup a passwd entry for that uid: log_it: (tmp.27734 92380) ORPHAN (no passwd entry) Well, actually it is not just user=1001. Many users have crontabs on this system. I cannot tell which one is orphaned. (Maybe munin? That was removed recently from the system...) Actually, user 1001 does have a password entry. So do others, and their crontabs are working. Programs are started by cron, but their output is lost. L ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: cron not sending emails
Am 28.05.10 13:42, schrieb Laszlo Nagy: If I put this into root's crontab * * * * * echo TEST a quick guess, you have a line like: MAILTO=address Bye, Matthias -- Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the universe trying to produce bigger and better idiots. So far, the universe is winning. -- Rich Cook ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Media streaming
Date: Fri, 28 May 2010 00:14:09 +0100 From: Graeme Dargie a...@tangerine-army.co.uk Subject: RE: Media streaming To: freebsd-questions@freebsd.org Message-ID: 01fb8f39bad0bd49a6d0da8f7897392904f...@mercury.galaxy.lan.lcl Content-Type: text/plain; charset=us-ascii In your first message you said that The Sony TV was DTLA compliant. Because you specifically mentioned it, I assumed you knew what that meant. Your streaming server *will not* be DTLA compliant unless you are running Windows media center edition or something. I did not want to bring it up, because there was no evidence that your problem was DRM related. SNIP! Okies well so far I have tried mediatomb, the TV sees the server but gives the same message as with ushare this server does not support be useful if it said what it didn't support but there we go. I will look at The server does not support Digital Transmission Content Protection: http://www.dtcp.com/ Overview presentation: http://www.dtcp.com/documents/dtcp/DTCP_Overview.pdf In essence, you are supposed to encrypt the video stream lest you copy it. I am a little surprised the TV would refuse to work with an unencrypted stream, which is why I did not respond to your first post. Regards, James Phillips ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Media streaming
From: Adam Vande More [mailto:amvandem...@gmail.com] Sent: 28 May 2010 01:25 To: Graeme Dargie Cc: freebsd-questions@freebsd.org Subject: Re: Media streaming On Thu, May 27, 2010 at 6:14 PM, Graeme Dargie a...@tangerine-army.co.uk wrote: Okies well so far I have tried mediatomb, the TV sees the server but gives the same message as with ushare this server does not support be useful if it said what it didn't support but there we go. I've used mediatomb fairly regularly. I stream to my ps3 and it works quite well but it is quite picky about format of the video. Check to make sure yours meets the specs. I don't know of anything that does transcoding on-demand if I understand your desires correctly. The video must be in the correct format to be streamed. Finding the correct format required trial and error and a lot of time. I suggest splitting off like 30 secs of a file and getting that work. After that, you can re-encode the files you want streamed. -- Adam Vande More Hi Adam, I can happily stream to my xbox 360 via ushare it seems to be fine with xvid and divx encoded avi`s. My Sony Television on the other hand supports only mpeg2, avchd I did re-encode 1 file to mpeg2 and it plays fine but not via BSD only via win 7 and wmp12 but that really is not a viable option for me as I have 640gb of media files that would require this treatment. The TV streams ok via win 7 and wmp12 that would have been acceptable solution if it were not for two major niggles with that solution, it will not play a file to the TV that does not reside on the local system, all of my media is on a ZFS raidz pool on FreeBSD 8.0 and I have to use the PC to start the playing of the file. I have also tried mezzamo on win 7 which is only a trial, on the limited testing I have tried it has a nasty habit of just stopping streaming, sometimes it takes 3 or 4 goes to get a file to play through, but at least that one lets me select via the television. I will keep hunting, there will be a solution somewhere . Regards Graeme ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Media streaming
-Original Message- From: James Phillips [mailto:anti_spam...@yahoo.ca] Sent: 28 May 2010 18:23 To: freebsd-questions@freebsd.org Subject: RE: Media streaming Date: Fri, 28 May 2010 00:14:09 +0100 From: Graeme Dargie a...@tangerine-army.co.uk Subject: RE: Media streaming To: freebsd-questions@freebsd.org Message-ID: 01fb8f39bad0bd49a6d0da8f7897392904f...@mercury.galaxy.lan.lcl Content-Type: text/plain; charset=us-ascii In your first message you said that The Sony TV was DTLA compliant. Because you specifically mentioned it, I assumed you knew what that meant. Your streaming server *will not* be DTLA compliant unless you are running Windows media center edition or something. I did not want to bring it up, because there was no evidence that your problem was DRM related. SNIP! Okies well so far I have tried mediatomb, the TV sees the server but gives the same message as with ushare this server does not support be useful if it said what it didn't support but there we go. I will look at The server does not support Digital Transmission Content Protection: http://www.dtcp.com/ Overview presentation: http://www.dtcp.com/documents/dtcp/DTCP_Overview.pdf In essence, you are supposed to encrypt the video stream lest you copy it. I am a little surprised the TV would refuse to work with an unencrypted stream, which is why I did not respond to your first post. Regards, James Phillips Hi James I said the TV was DLNA compliant, those links at the brief look I had appears to be the sort of encryption you would see on a HD signal via HDMI that would prevent you say recording HD content to your PVR device and then playing it back to a blu-ray recorder and recording it to disc. I had done a fair bit of googling on this before posting to the list, it seems Sonys' implementation of DLNA is a bit loose shall we say, I have seen a lot of people having issues with DLNA complaint NAS devices not working with Sony TV`s. As I have stated in a previous post it does work with wmp12, but it is not elegant or the solution I want for the reasons I stated earlier. Regards Graeme ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
HP ML110 G6.. Raid 0+1 nfg?
Not sure if this is supported.. Looks like the card is an HP Smart Array B110i.. But when setup as raid 0+1 in the bios.. FreeBSD 8.0 amd64 says it can not find any disks.. Anyone have this working? Thanks in advance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bash lockups
Giorgos Keramidas keram...@ceid.upatras.gr writes: On Fri, 21 May 2010 09:30:05 -0700, Carl Johnson ca...@peak.org wrote: Giorgos Keramidas keram...@ceid.upatras.gr writes: Does this lock-up happen if you leave the shell 'idle' for too long over an ssh session? There may be problems with stateful connection tracking between your terminal and the remote shell :-/ No, I don't think that could be the problem. I am just using ssh between local machines and there is no firewall between them. It also often seems to happen to a shell as I switch away from it to another one. One suspicion is that something is sending a signal to the shell as it switches, and bash sometimes doesn't handle that signal properly. I also should have mentioned that I have been running bash as my default shell for years under Linux and have never seen this problem there. Thanks for the suggestion. That's ok. If you can attach to the bash process with ktrace please try to grab a ktrace file from a deadlocked shell. We may be able to see why it gets deadlocked by running kdump(8) on the shell trace file. You can run a second shell under ktrace (and hope that the parent doesn't deadlock before the traced child shell), by running: bash$ ktrace -f bash.trace bash --login When you exit from the child shell you can dump ktrace(8) events from the bash.trace file with: bash$ kdump -f bash.trace logfile 21 Looking near the last records dumped in 'logfile' should be quite informative if the process is dead-locked or spinning around the same code over and over again. I finally got one after starting ktrace a few days ago. It is informative, but it raises as many questions as it answers. It basically just wrote out the prompt, *started* to setup for reading the input and just stopped. I ran gdb on it and it is stuck looping somewhere in getenv. I don't have the system compiled with debugging, so I have limited information on what it is doing there. I checked multiple times, and I also saw getenv running routines such as memset, strlen, mbrtowc, and wcsnrtombs. The following is the tail end of the 'kdump -Ef' output: 67263 bash 61412.013860 GIO fd 2 wrote 28 bytes 0x 0d0f 1b5b 316d 5b63 6172 6c6a 4063 6a62 7364 3874 207e 5d24 1b5b |...[1m[ca...@cjbsd8t ~]$.[| 0x001a 6d20 |m | 67263 bash 61412.013867 RET write 28/0x1c 67263 bash 61412.013874 CALL sigprocmask(SIG_SETMASK,0x80e133c,0) 67263 bash 61412.013880 RET sigprocmask 0 and the following is the similar section of a normal prompt: 67263 bash 61403.461469 GIO fd 2 wrote 27 bytes 0x 0f1b 5b31 6d5b 6361 726c 6a40 636a 6273 6438 7420 7e5d 241b 5b6d |..[1m[ca...@cjbsd8t ~]$.[m| 0x001a 20 | | 67263 bash 61403.461476 RET write 27/0x1b 67263 bash 61403.461483 CALL sigprocmask(SIG_SETMASK,0x80e133c,0) 67263 bash 61403.461489 RET sigprocmask 0 67263 bash 61403.461497 CALL sigprocmask(SIG_BLOCK,0,0x80e1e3c) 67263 bash 61403.461504 RET sigprocmask 0 67263 bash 61403.461513 CALL read(0,0xbfbfd95f,0x1) I just realized there is an extra CR at the beginning of that prompt (28 bytes instead of 27) that I don't see elsewhere, but nothing else before that looks different. This one is an i368 8.0 release, but I also have another hung shell in a amd64 7.3 release system in VirtualBox. I just checked my other ktrace logs and I found one other place where that extra CR occurs, but there is no lockup there and that was my other system. The following is a section of a backtrace from gdb: #0 0x28308540 in mbrtowc () from /lib/libc.so.7 #1 0x080c7ce6 in getenv () #2 0x080c1335 in getenv () #3 0x080ae1d4 in getenv () #4 0x080ac4b0 in getenv () #5 0x080ac815 in getenv () #6 0x080c3955 in getenv () #7 0x080c3ac9 in getenv () #8 0x080ac4b0 in getenv () #9 0x080ac815 in getenv () #10 0x080acb6c in getenv () #11 0x080acf55 in getenv () #12 0x08054611 in ?? () #13 0x284a9a80 in ?? () ... #67 0x2832cbfd in time () from /lib/libc.so.7 The first few entries change when I let it run for a while, but the last 8-9 getenv addresses and everything before them remain the same. There are a total of about 65 backtrace entries this time, some of which are 0x addresses which seem suspicious. The backtrace from the other hung shell is also in getenv, but I didn't have ktrace running on that one. I am at the limit of my experience, so does anybody else have any ideas about what could cause this, or how I could trace it further? I am keeping the processes attached to gdb, so I can do further checking on them if anyone has any other ideas. Thanks in advance for any help, and thanks for the help that allowed me to get this far. -- Carl Johnsonca...@peak.org
Re: cron not sending emails
Matthias Fechner írta: Am 28.05.10 13:42, schrieb Laszlo Nagy: If I put this into root's crontab * * * * * echo TEST a quick guess, you have a line like: MAILTO=address Bye, Matthias It doesn't work. With, or without the MAILTO. Just for completeness, I have used this: MAILTO=gandalf The gandalf user is a local user on the system. I can send local mail to this user using the sendmail postfix program (checked twice). Best, Laszlo ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
ipfw/natd in 8.1
Since a rebuild to FBSD 8.1, I can't get natd to function correctly. Below is
my ipfw config. It closely follows the example in the Handbook.
http://www.freebsd.org/doc/en/books/handbook/firewalls-ipfw.html (30.6.5.7 An
Example NAT and Stateful Ruleset -- Ruleset #1)
firewall config (logging enabled temporarily while troubleshooting)
3 16133 2323153 allow ip from any to any via em0
4 672 144006 allow ip from any to any via lo0
00100965322 divert 8668 log ip from any to any in via fxp0
00101 0 0 check-state
00120644542 skipto 500 log udp from any to any out via fxp0 keep-state
00125 203 49916 skipto 500 log tcp from any to any out via fxp0 setup
keep-state
00130262184 skipto 500 icmp from any to any out via fxp0 keep-state
00300 0 0 deny ip from 192.168.0.0/16 to any in via fxp0
00301 0 0 deny ip from 172.16.0.0/12 to any in via fxp0
00302 0 0 deny ip from 10.0.0.0/8 to any in via fxp0
00303 0 0 deny ip from 127.0.0.0/8 to any in via fxp0
00304 0 0 deny ip from 0.0.0.0/8 to any in via fxp0
00305 0 0 deny ip from 169.254.0.0/16 to any in via fxp0
00306 0 0 deny ip from 192.0.2.0/24 to any in via fxp0
00307 0 0 deny ip from 204.152.64.0/23 to any in via fxp0
00308 0 0 deny ip from 224.0.0.0/3 to any in via fxp0
00400101306 allow log udp from any to any dst-port 53,123 in keep-state
00401 0 0 allow log icmp from any to any icmptypes 0,3,11
00420 91112 allow log tcp from any to me dst-port
20,21,53,76,80,123,443 in via fxp0 setup limit src-addr 20
0045024 876 deny log logamount 1 ip from any to any
00500 293 56642 divert 8668 log ip from any to any
0051078 21591 allow log ip from any to any
65535 262 18726 deny ip from any to any
/etc/natd.conf
use_sockets
same_ports
unregistered_only
interface fxp0
Natd only properly NATs the first packet out:
# /sbin/natd -v -f /etc/natd.conf
Loading /lib/libalias_cuseeme.so
Loading /lib/libalias_ftp.so
Loading /lib/libalias_irc.so
Loading /lib/libalias_nbt.so
Loading /lib/libalias_pptp.so
Loading /lib/libalias_skinny.so
Loading /lib/libalias_smedia.so
natd[10702]: Aliasing to 74.94.69.225, mtu 1500 bytes
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 74.94.69.225:61447 - 65.61.153.152:80
In {default}[TCP] [TCP] 65.61.153.152:80 - 74.94.69.225:61447 aliased to
[TCP] 65.61.153.152:80 - 192.168.1.6:61447
In {default}[TCP] [TCP] 65.61.153.152:80 - 192.168.1.6:61447 aliased to
[TCP] 65.61.153.152:80 - 192.168.1.6:61447
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
In {default}[TCP] [TCP] 65.61.153.152:80 - 74.94.69.225:61447 aliased to
[TCP] 65.61.153.152:80 - 192.168.1.6:61447
In {default}[TCP] [TCP] 65.61.153.152:80 - 192.168.1.6:61447 aliased to
[TCP] 65.61.153.152:80 - 192.168.1.6:61447
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
[TCP] 192.168.1.6:61447 - 65.61.153.152:80
I'm not sure why this happens! Same config worked w/ FBSD 7x.
TIA,
Casey
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Possible to run Linux distro in a jail?
When I googled linux in a jail I got some references but no particular howto. Since currently VirtualBox is broken (hangs OS after a while), is it really possible to install Linux into a jail as a virtual machine? Yuri ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: NANOBSD dhclient freeze
I did again the same build with include generic option and all binaries.
same results.
Did truss on the build host
Here is the result
truss /sbin/dhclient wlan-[K0
__sysctl(0xbfbfe5a4,0x2,0xbfbfe5ac,0xbfbfe5b0,0x0,0x0) = 0 (0x0)
mmap(0x0,328,PROT_READ|PROT_WRITE,MAP_ANON,-1,0x0) = 671764480 (0x280a5000)
munmap(0x280a5000,328) = 0 (0x0)
__sysctl(0xbfbfe608,0x2,0x2809be3c,0xbfbfe610,0x0,0x0) = 0 (0x0)
mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) =
671764480 (0x280a5000)
issetugid(0x28094867,0xbfbfeadc,0x104,0x0,0x0,0x0) = 0 (0x0)
open(/etc/libmap.conf,O_RDONLY,0666) ERR#2 'No such file or
directory'
open(/var/run/ld-elf.so.hints,O_RDONLY,00) = 2 (0x2)
read(2,ehnt\^a\0\0\0...@\0\0\0\m^o\0\0...,128) = 128 (0x80)
lseek(2,0x80,SEEK_SET) = 128 (0x80)
read(2,/lib:/usr/lib:/usr/lib/compat:/u...,143) = 143 (0x8f)
close(2) = 0 (0x0)
access(/lib/libc.so.7,0) = 0 (0x0)
open(/lib/libc.so.7,O_RDONLY,00) = 2 (0x2)
fstat(2,{ mode=-r--r--r-- ,inode=218,size=1369196,blksize=16384 }) = 0 (0x0)
pread(0x2,0x2809ad80,0x1000,0x0,0x0,0x0) = 4096 (0x1000)
mmap(0x0,1376256,PROT_NONE,MAP_PRIVATE|MAP_ANON|MAP_NOCORE,-1,0x0) =
671797248 (0x280ad000)
mmap(0x280ad000,1257472,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_FIXED|MAP_NOCORE,2,0x0)
= 671797248 (0x280ad000)
mmap(0x281e,24576,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED,2,0x133000)
= 673054720 (0x281e)
mprotect(0x281e6000,94208,PROT_READ|PROT_WRITE) = 0 (0x0)
close(2) = 0 (0x0)
sysarch(0xa,0xbfbfe670,0x2805d89b,0x2809a2f8,0x28072929,0x2809a2f8) = 0 (0x0)
mmap(0x0,736,PROT_READ|PROT_WRITE,MAP_ANON,-1,0x0) = 673173504 (0x281fd000)
munmap(0x281fd000,736) = 0 (0x0)
mmap(0x0,21896,PROT_READ|PROT_WRITE,MAP_ANON,-1,0x0) = 673173504 (0x281fd000)
munmap(0x281fd000,21896) = 0 (0x0)
sigprocmask(SIG_BLOCK,SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2,0x0)
= 0 (0x0)
sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0)
__sysctl(0xbfbfe624,0x2,0x805c520,0xbfbfe62c,0x0,0x0) = 0 (0x0)
sigprocmask(SIG_BLOCK,SIGHUP|SIGINT|SIGQUIT|SIGKILL|SIGPIPE|SIGALRM|SIGTERM|SIGURG|SIGSTOP|SIGTSTP|SIGCONT|SIGCHLD|SIGTTIN|SIGTTOU|SIGIO|SIGXCPU|SIGXFSZ|SIGVTALRM|SIGPROF|SIGWINCH|SIGINFO|SIGUSR1|SIGUSR2,0x0)
= 0 (0x0)
sigprocmask(SIG_SETMASK,0x0,0x0) = 0 (0x0)
socket(PF_LOCAL,SOCK_DGRAM,0)= 2 (0x2)
fcntl(2,F_SETFD,FD_CLOEXEC) = 0 (0x0)
connect(2,{ AF_UNIX /var/run/logpriv },106)= 0 (0x0)
__sysctl(0xbfbfe754,0x2,0x281ec400,0xbfbfe75c,0x0,0x0) = 0 (0x0)
__sysctl(0xbfbfe644,0x2,0xbfbfe5dc,0xbfbfe64c,0x281d7c34,0xc) = 0 (0x0)
__sysctl(0xbfbfe5dc,0x2,0x281ec4f8,0xbfbfe6a8,0x0,0x0) = 0 (0x0)
readlink(/etc/malloc.conf,0xbfbfe763,1024) ERR#2 'No such file or
directory'
issetugid(0x281d6951,0xbfbfe763,0x400,0xbfbfe75c,0x0,0x0) = 0 (0x0)
break(0x810) = 0 (0x0)
__sysctl(0xbfbfe9e4,0x2,0xbfbfe9ec,0xbfbfe9f0,0x0,0x0) = 0 (0x0)
mmap(0x0,1048576,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) =
673173504 (0x281fd000)
mmap(0x282fd000,12288,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0)
= 674222080 (0x282fd000)
munmap(0x281fd000,12288) = 0 (0x0)
access(/etc/localtime,4) = 0 (0x0)
open(/etc/localtime,O_RDONLY,00) = 3 (0x3)
fstat(3,{ mode=-r--r--r-- ,inode=49456,size=751,blksize=16384 }) = 0 (0x0)
read(3,TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0...,29000) = 751 (0x2ef)
close(3) = 0 (0x0)
clock_gettime(13,{1275078174.0 })= 0 (0x0)
open(/etc/dhclient.conf,O_RDONLY,0666) = 3 (0x3)
fstat(3,{ mode=-rw-r--r-- ,inode=49370,size=277,blksize=16384 }) = 0 (0x0)
read(3,# $FreeBSD: src/etc/dhclient.con...,16384) = 277 (0x115)
read(3,0x2820d000,16384) = 0 (0x0)
close(3) = 0 (0x0)
socket(PF_INET,SOCK_DGRAM,0) = 3 (0x3)
ioctl(3,SIOCGIFMEDIA,0xbfbfebb0) = 0 (0x0)
close(3) = 0 (0x0)
open(/dev/null,O_RDWR,00) = 3 (0x3)
stat(/etc/nsswitch.conf,{ mode=-rw-r--r--
,inode=49408,size=327,blksize=16384 }) = 0 (0x0)
open(/etc/nsswitch.conf,O_RDONLY,0666) = 4 (0x4)
ioctl(4,TIOCGETA,0xbfbfe920) ERR#25 'Inappropriate ioctl
for device'
fstat(4,{ mode=-rw-r--r-- ,inode=49408,size=327,blksize=16384 }) = 0 (0x0)
read(4,#\n# nsswitch.conf(5) - name ser...,16384) = 327 (0x147)
read(4,0x28234000,16384) = 0 (0x0)
Re: any shortcuts to doc to ascii?
Polytropon wrote:
On Thu, 27 May 2010 16:36:08 -0700, Gary Kline kl...@thought.org wrote:
i don't see any ascii suffix [for OOo]. i saved as .txt.
This should be right. The .txt extension refers to ASCII text,
at least in standard-compliant operating systems.
same krap. the \x94, x9d, \x9c... same with catdoc. i'll
try antiword. [forgot about that. ]
This makes me believe that the original DOC file has been created
with a wrong character set or language setting. Windows - as far
as I know - does not use standard locales such as all other systems
do, but uses an arbitrary setting.
It is a valid UTF-8 encoded text:
[...@moby ~]$ python -c 'print Don%c%c%ct % (0xe2, 0x80, 0x99)' | file -
/dev/stdin: UTF-8 Unicode text
You'll be able to see the character if you fire up a UTF-8 capable
terminal with proper locale settings.
[...@moby ~]$ LC_ALL=en_US.UTF-8 xterm -u8
After that, just print the char:
python -c 'print Don%c%c%ct % (0xe2, 0x80, 0x99)'
and use copy paste to pass it to tr to translate it to something else,
for example:
tr ' ' $file $output
Another idea may be that the character that you think should be
an apostrophe isn't an apostrophe. I often do see this in german
texts with misplaces apostrophes that are in fact accent grave
or accent acute, or a character from UTF-8 that just looks like
an apostrophe. For example, if the original document contains
We don`t
and this ` is not a real ', then conversion tools will of course
use the escape notation for this unknown character.
Indeed, the standard tool for encoding translations, iconv, chocks on
this. Yet, it worked when I tried to convert from utf-8 to greek
encoding('iconv -f utf-8 -t iso-8859-7'). Some info on the char:
http://www.fileformat.info/info/unicode/char/2019/index.htm
HTH, Nikos
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw/natd in 8.1
Здравствуйте, Casey.
00300 0 0 deny ip from 192.168.0.0/16 to any in via fxp0
00301 0 0 deny ip from 172.16.0.0/12 to any in via fxp0
00302 0 0 deny ip from 10.0.0.0/8 to any in via fxp0
00303 0 0 deny ip from 127.0.0.0/8 to any in via fxp0
00304 0 0 deny ip from 0.0.0.0/8 to any in via fxp0
00305 0 0 deny ip from 169.254.0.0/16 to any in via fxp0
00306 0 0 deny ip from 192.0.2.0/24 to any in via fxp0
00307 0 0 deny ip from 204.152.64.0/23 to any in via fxp0
00308 0 0 deny ip from 224.0.0.0/3 to any in via fxp0
you can replace that all by:
deny all from any to not me in recv fxp0
in recv/in via are very different things!
CS 00100965322 divert 8668 log ip from any to any in via fxp0
CS 00500 293 56642 divert 8668 log ip from any to any
What are you trying to do by this rules??? what you do is wrong
they do different work with conjactions with keep-state and other
rules in your firewall. Devide logic in your firewall!
What is one_pass option in you kernel?
kes# sysctl -a | grep one_pass
maybe you have 1, but must 0
CS 00420 91112 allow log tcp from any to me dst-port
20,21,53,76,80,123,443 in via fxp0 setup limit src-addr 20
this rule will not pass packets to undivert I think, or will have some
effect on divert rule
CS 0051078 21591 allow log ip from any to any
this rule is useless!!!
CS Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
CS[TCP] 74.94.69.225:61447 - 65.61.153.152:80
CS In {default}[TCP] [TCP] 65.61.153.152:80 - 74.94.69.225:61447 aliased to
CS[TCP] 65.61.153.152:80 - 192.168.1.6:61447
before setup all works fine
after setup, you firewall fail. established connections does not work
CS In {default}[TCP] [TCP] 65.61.153.152:80 - 192.168.1.6:61447 aliased to
CS[TCP] 65.61.153.152:80 - 192.168.1.6:61447
CS Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
CS[TCP] 192.168.1.6:61447 - 65.61.153.152:80
CS Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
CS[TCP] 192.168.1.6:61447 - 65.61.153.152:80
CS Out {default}[TCP] [TCP] 192.168.1.6:61447 - 65.61.153.152:80 aliased to
CS[TCP] 192.168.1.6:61447 - 65.61.153.152:80
try to understand divert, then will try keep-state,setup etc.
good luck
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Sound mixer
Hi, I'm using the snd_hda driver on FreeBSD 8.0 for my ATI SB600 sound chip. First, I can't adjust the main volume with the mixer(8) command. If I set it to 0 everything is muted, when I set it to 1-100 sound is unmuted but has the same volume for all values. Second, is it possible to mute the sound with the mixer command and later unmute it restoring the values I had before muting? Thanks for any help, Anselm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Sound mixer
Anselm Strauss wrote: Hi, the same volume for all values. Second, is it possible to mute the sound with the mixer command and later unmute it restoring the values I had before muting? I'm embarrassed to admit I'm on a Windows machine so can't check but I think the second is something like mixer -s mixer.settings #back up mixer settings mixer mixer.settings #restore mixer settings Chris Thanks for any help, Anselm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
External USB drive causes system to hang completely
Hi, This is just a comment to get your feedback on this issue. I am rsyncing 500 MB from one usb drive to the other. If any of the drives should fail, the whole system hangs. For example, if there is a power glitch in one of the drives, the whole system hangs. As you may know, some of the external enclusores and/or power cables can get in the way and even the slightest movement can disturb the drive. What I don't understand is why does it have to hang the system?! Has anyone else experienced this? I mean I can understand that you may get corrupted data etc. but how is it possible for a failed write operation to hang the complete system!? Maybe this issue is only related to USB drives? Both drives are USB 2 and have UFS. Thanks beforehand for any feedback or ideas. Alejandro Imass ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Details on the Resort for Sale
{Arquivo:Angra Fashion EN.doc}
VENDE-SE
For Sale
Brokers Protected
Angra Fashion Resort Hotel
ANGRA DOS REIS ISLANDS
BRASIL
visit resort at: HYPERLINK http://www.angrafashion.com.br;
www.angrafashion.com.br
Watch video of the Island: http://www.youtube.com/watch?v=OLitgJK_wGY
Contact Joe Pereira 00351 249 533 118
Email to:avea...@hotmail.comSkype: HAVANA7591
Valued at 3.5 Million Euros
Offers over 2 Million Considered
TERMS OFFERED
27 APARTMENTS WITH OCEAN VIEW
AND PRIVATE BEACH
Each guestroom has Air Conditioning, Television , Shower, Mini Bar,
Balcony/Terrace. To suit guests' convenience, this Angra Dos Reis accommodation
offers Room Service 24hr, Bar/Pub, Laundry Service/Dry Cleaning, Restaurant,
Hotel/Airport Transfer. The hotel offers Sauna, Water Sports (non-motorized),
Pool Outdoor, Garden to provide extra pleasure and relaxation for all guests.
The hotel provides a warm and welcoming service of international standard.
«Recipients»
ABOUT THE AREA:
Angra dos Reis is a complex comprised of 365 islands and two thousand beaches
filled with natural beauty, legends and social happenings. It is located on the
Fluminense Green Coast, between the States of São Paulo and Rio de Janeiro,
just off the Rio-Santos Highway (BR-101).
The best way to explore this part of
the Fluminense Green Coast and to take advantage of its crystal clear waters,
and view the mansions the rich and famous have built on private islands is by
boat.
Ilha Grande stands out among all of the islands. Considered an adventurers'
paradise, with trails, waterfalls and deserted beaches, it played an important
role in Brazil's historical-cultural scenario for having housed a prison for
almost 60 years.
In the past, Angra dos Reis was one of the most important ports of the
Fluminense coast. Ships loaded with goods docked there coming from the other
side of the world. Slave ships also arrived there carrying hundreds of slaves
to supply forced labour to the coffee plantations in the region.
Today, in addition to being a national and international tourism reference
point, Angra is the stage of an intense debate due to the installation of the
only Brazilian nuclear plants, Angra I and Angra II within its limits.
Ilha Grande
It is the largest of all the islands of Angra dos Reis. It has
fascinating landscapes, 86 beaches with different features, backwaters, rivers,
lagoons, waterfalls, plains, mountains and peaks spread out over 193 sq km. The
Atlantic Forest and the sea are very close to each other and the paradisiacal
sites are abundant. Many beaches are accessible only by trail or boat.
The Ilha Grande bay has one of the largest concentrations of shipwrecks in the
world, and is an excellent option for diving enthusiasts. Standing out in these
scenarios are locations such as Lage do Guriri (Ponta de Castelhanos), Jorge
Grego Island, Meros and Naufragios Island. On the ocean bed one finds a great
variety of fish, corals and caves with sizes varying between 10 and 20 m tall.
Ilha Grande is a sensational location for trekking, trails and walks. There are
many options, from hills, mountains, brooks, rocks, slopes and beaches, most of
which located within the Atlantic Forest. The island has some urban centres
such as Abraão Village, where one can find restaurants, inns and commerce. It
is 1 hr 30 min by boat from Angra dos Reis.
Owners and Property Info* -
First Name *JORGE
Last name * REIS
Email * HYPERLINK mailto:otel...@hotmail.com; otel...@hotmail.com
Contact number +351 917 574 464
Mobile number +351 917 574 464
Reason for sale e.g. broken chain, moving abroad, divorce etc. Due to
management of other properties requiring presence of ownership it makes it
difficult to properly manage this asset.
Any other information or comments
Owners willing to consider favorable terms to potential buyers.
Property Details
Address of property, town, county, post code etcAngra dos Reis, Brasil
Near Rio de Janeiro
How many bedrooms
How many bathrooms
Reception rooms
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: FreeBSD router - large scale
Svein Skogen (Listmail Account) wrote: Actually, I'd find an answer from the FreeBSD Networking gurus useful as well. My trusted Cisco 3640 is getting old (had it's ten-years-of-service birthday a little while ago), so I guess I must be prepared to replace it with something new. Preferrably something that can do proper NAT port mapping to the inside servers in an RFC1918-adressed DMZ, proper NAT mapping for the client net, incoming VPDN (virtual private dialin network, such as PPTP+MPE and L2TP+IPSEC tunelling), sane IDS in the border-gateway, GRE or IPinIP tunelling with crypto for remote-sites, etc If somebody has a good starting-point for documentation on these features, I'm more than willing to do a procject on it to create a mini-howto/handbook-section on setting up FreeBSD as your border gateway, provided I have someone to ask when the documentation is ... flaky. ;) Although I feel that you'll have to write book to cover all the things mentioned above, I'll try to reply to your question... These is just pointers... Several forms of NAT are supported with the following tools: ipfw pf ipf ng_nat I doubt there is some form of NAT you will miss. the net/mpd5 port can do PPTP, the MPPE part is blurry to me. L2TP is supported for LNS/LAC scenarios. I don't know if you can/how difficult is to combine IPSEC with L2TP. The most famous open source IDS is snort, you'll find it in the ports. For GRE and IPIP read gre and gif manual pages. Again, IPSEC is not integrated to these, yet there is IKE support via ipsec-tools port. You'll have to check for yourself the documentation. Though I can say that all the FreeBSD stuff mentioned above are well documented as usual and there is always this list if you have questions. Good luck replacing the aging Cisco... Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Possible to run Linux distro in a jail?
On 5/28/10, Yuri y...@rawbw.com wrote: When I googled linux in a jail I got some references but no particular howto. Since currently VirtualBox is broken (hangs OS after a while), is it really possible to install Linux into a jail as a virtual machine? Yuri No. Jail is a userland world sharing the kernel linux in it's own term is a kernel If you mean a distribution, I still doubt it heavily; only possible remote chance is a kFreeBSD/gnu userland. I discourage further attempts at it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Media streaming
Date: Fri, 28 May 2010 18:40:14 +0100 From: Graeme Dargie a...@tangerine-army.co.uk Subject: RE: Media streaming To: freebsd-questions@freebsd.org Message-ID: 01fb8f39bad0bd49a6d0da8f7897392904f...@mercury.galaxy.lan.lcl Content-Type: text/plain; charset=iso-8859-1 -Original Message- From: James Phillips [mailto:anti_spam...@yahoo.ca] Sent: 28 May 2010 18:23 To: freebsd-questions@freebsd.org Subject: RE: Media streaming Date: Fri, 28 May 2010 00:14:09 +0100 From: Graeme Dargie a...@tangerine-army.co.uk Subject: RE: Media streaming To: freebsd-questions@freebsd.org Message-ID: 01fb8f39bad0bd49a6d0da8f7897392904f...@mercury.galaxy.lan.lcl Content-Type: text/plain; charset=us-ascii Sorry, DRM is an alphabet soup of Standards and industry consortia. I was unaware of DLNA and read it as: DTLA. However, if you look at the Overview and Vision White Paper, you will see that DTCP/IP (administered by DTLA) is required for the link layer of DLNA: http://www.dlna.org/about_us/roadmap/DLNA_Whitepaper.pdf - page 4, Table 1 The Wikipedia page lists some software that may or may not work: http://en.wikipedia.org/wiki/Digital_Living_Network_Alliance SNIP! The server does not support Digital Transmission Content Protection: http://www.dtcp.com/ Overview presentation: http://www.dtcp.com/documents/dtcp/DTCP_Overview.pdf In essence, you are supposed to encrypt the video stream lest you copy it. I am a little surprised the TV would refuse to work with an unencrypted stream, which is why I did not respond to your first post. Regards, James Phillips Hi James I said the TV was DLNA compliant, those links at the brief look I had appears to be the sort of encryption you would see on a HD signal via HDMI that would prevent you say recording HD content to your PVR device and then playing it back to a blu-ray recorder and recording it to disc. I had I get the impression that DTCP is an umbrella DRM standard that that allows the other DRM standards to inter-operate. DTCP is administered by the Digital Transmission Licensing Administrator: a consortium of five companies including Hitachi, Intel, Panasonic, Sony, and Toshiba. HDMI uses another scheme called High-bandwidth Digital Content Protection (HDCP) for encrypting the video. http://www.digital-cp.com/ http://en.wikipedia.org/wiki/High-bandwidth_Digital_Content_Protection DTCP will likely intervene in the step where you move the video from the PVR to the Blu-ray recorder. When it comes time to record the information on the disk, a third scheme comes into play: Advanced Access Content System (AACS) http://www.aacsla.com/home http://en.wikipedia.org/wiki/Advanced_Access_Content_System The Wikipedia page appears to be more readable. done a fair bit of googling on this before posting to the list, it seems Sonys' implementation of DLNA is a bit loose shall we say, I have seen a lot of people having issues with DLNA complaint NAS devices not working with Sony TV`s. As I have stated in a previous post it does work with wmp12, but it is not elegant or the solution I want for the reasons I stated earlier. I would expect wmp12 to work because Windows Vista and 7 implement DTCP, and Microsoft is listed as one of the sponsors of DLNA. Regards, James Phillips PS: my brain hurts reading that too :( Regards Graeme ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: any shortcuts to doc to ascii?
On Fri, May 28, 2010 at 10:45:38AM -0400, Bob Hall wrote: On Thu, May 27, 2010 at 10:53:39PM -0700, Gary Kline wrote: On Thursday 27 May 2010 05:18:07 pm Bob Hall wrote: On Thu, May 27, 2010 at 04:36:08PM -0700, Gary Kline wrote: ps: antiword same as catdoc. back to my per substitutions. that works, along with vi's Builtin subs. Have you considered using whatever replaces the most special characters, and fixing the few characters that remain with sed? exactly!!! Another possibility, if you haven't considered it, is using sed to convert everything. If you know all the characters that need to be swapped out, you can write a sed script that will do it for you in one pass. If you don't know sed, creating the script may be a PITA, but you'll only have to do it once, and then you can reuse the script whenever needed. As I recall, the hard part is figuring out how to represent the special characters in sed. It's been a few years since I used sed on doc files, but I recall that the character codes that displayed on my screen were not the codes that I needed to use in sed scripts. the DOC file i was trying to convert is only around 250 line [ ascii ] and i finished it, kwik-and-dirty with perl, sed, and vi's regex. it prob'ly isn't worth merely complaining about. doing it one time will, as you point out, let me reuse the script hundred of time. (i bot a sed and awk book few years ago. time to get serious!) tx much gary ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: hmm [???]
On Fri, May 28, 2010 at 12:09:32PM +0100, RW wrote: On Fri, 28 May 2010 01:35:09 -0700 Gary Kline kl...@thought.org wrote: ok,here is what i'm seeing via ``portmanager -a -B -d'' both here on tao [desktop and my Server. i'm not clear on exactly what's wht except that the sourcefile to build this qt4-* is HUGE. I can probably build ti on my server and use the package. yes? no? foobar? this is the tail end before the abort: === Launching child to update qt4-phonon-4.6.1 to qt4-phonon-4.6.2 === Port directory: /usr/ports/multimedia/qt4-phonon === This port is marked IGNORE === conflicts with multimedia/phonon. You have defined WITH_KDE_PHONON to override Qt4 phonon === If you are sure you can build it, remove the IGNORE line in the Makefile and try again. === Update for qt4-phonon-4.6.1 failed === Aborting update suggestions? explainations?, etc? deinstall multimedia/qt4-phonon or undefine WITH_KDE_PHONON YES. Finally somebody with a clear directive. i think i wrote the last post when i was about to nuke my computer, but just gave up. Just now i did a de-install; then re-ran portmaster [on my server], and things are vhugging away. next question is: is the a flag to tell portmaster to just take the default build rather than pop up the blue screen? I think the man page said that The -G switch would do that. i want to automate this so i can keep my 7.3 system as current as possible. if things bomb i will read UPDATING. O/W, just cron it. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org -- Gary Kline kl...@thought.org http://www.thought.org Public Service Unix The 7.83a release of Jottings: http://jottings.thought.org/index.php http://journey.thought.org 99 44/100% Guaranteed Novel ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
