Re: Chromium Crashes

[The Todds]

Yes this is the latest build (5th June) of Chromium. I suppose I could
revert to the  18.0.1025.168 version using portdowngrade until this
fault is fixed.

Glenn

On Sun, 2012-06-10 at 10:37 +0530, Subhro Sankha Kar wrote:
> Hello,
> 
> It looks like you have hit a documented bug. See this:
> 
> http://code.google.com/p/chromium/issues/detail?id=125447
> http://src.chromium.org/viewvc/chrome?view=rev&revision=141116
> 
> Did you try upgrading your ports?
> 
> Thanks
> Subhro
> 
> --
> Subhro Sankha Kar
> System Administrator
> Working and Playing with FreeBSD since 2002
> 
> On 10-Jun-2012, at 10:11 AM, The Todds wrote:
> 
> > I have just have built and installed Chromium 19.0.1084.52 from the
> > ports on my amd64 machine - 8.2-STABLE FreeBSD 8.2-STABLE #0: Sat Nov  5
> > 08:40:03 NZDT 2011 
> > 
> > Portversion chromium-19.0.1084.52_2 =  up-to-date with port
> > 
> > On web sites which contains graphics Chromium crashes with the following
> > error:
> > 
> > [3152:171983296:14310963010:ERROR:CONSOLE(1)] "Uncaught ReferenceError:
> > ntp is not defined", source:  (1)
> > 
> > Any ideas how to resolve this issue.
> > 
> > Glenn
> > 
> > 
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
> 
> 


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ran out of inodes on /var, recommended value?

[Subhro Sankha Kar]

On 10-Jun-2012, at 6:13 AM, ill...@gmail.com wrote:

> On 9 June 2012 18:38, RW  wrote:
>> On Sat, 09 Jun 2012 07:22:50 -0600
>> Gary Aitken wrote:
>> 
>>> I reconfigured my ssd filesystem with the /var partition of size
>>> 512M.  Unfortunately, something in portsnap or the ports tree in
>>> general uses a boatload of small files, and i ran out of inodes.  Can
>>> anyone recommend an appropriate size for the newfs -i value?  1024?
>>> less?
>> 
>> portsnap needs roughly one file per port plus one for each
>> out of date port during a fetch. There are 23658 ports.
>> 
>> In FreeBSD 9 the fragment size increased, halving the default number of
>> inodes. With only 32k inodes it's possible to run out with portsnap
>> alone. You can probably get away with the old default of 64k (-i
>> 8192), or perhaps 128k (-i 4096). Check how many files you have outside
>> of portsnap and do the arithmetic.
>> 
> 
> Or, move the portsnap tree to somewhere other than /var
> (see /etc/portsnap.conf for that & such).
> I think that a file-backed md* mounted only when portsnap
> was in use would save on inodes, yeah?

Actually I think that is a very good idea. That is how I have set up my system 
as well with one difference. I have tons of memory and use a memory based 
filesystem to store all the in-compile objects.

--
Subhro Sankha Kar
System Administrator
Working and Playing with FreeBSD since 
2002___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Chromium Crashes

[Subhro Sankha Kar]

Hello,

It looks like you have hit a documented bug. See this:

http://code.google.com/p/chromium/issues/detail?id=125447
http://src.chromium.org/viewvc/chrome?view=rev&revision=141116

Did you try upgrading your ports?

Thanks
Subhro

--
Subhro Sankha Kar
System Administrator
Working and Playing with FreeBSD since 2002

On 10-Jun-2012, at 10:11 AM, The Todds wrote:

> I have just have built and installed Chromium 19.0.1084.52 from the
> ports on my amd64 machine - 8.2-STABLE FreeBSD 8.2-STABLE #0: Sat Nov  5
> 08:40:03 NZDT 2011 
> 
> Portversion chromium-19.0.1084.52_2 =  up-to-date with port
> 
> On web sites which contains graphics Chromium crashes with the following
> error:
> 
> [3152:171983296:14310963010:ERROR:CONSOLE(1)] "Uncaught ReferenceError:
> ntp is not defined", source:  (1)
> 
> Any ideas how to resolve this issue.
> 
> Glenn
> 
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: link_elf_obj: symbol ata_controlcmd undefined

[Subhro Sankha Kar]

Hello,

Looks like you have missed out something related to ATA in the kernel 
configuration file. Can you post your complete kernel config?

Thanks
Subhro

--
Subhro Sankha Kar
System Administrator
Working and playing with FreeBSD since 2002

On 20-May-2012, at 5:53 PM, C. P. Ghost wrote:

> Hello,
> 
> what does this boot message means, and where
> does it come from?
> 
> link_elf_obj: symbol ata_controlcmd undefined
> linker_load_file: Unsupported file type
> 
> It appears between between
>  ZFS storage pool version 28
> and
>  drm0:  on vgapci0
> 
> uname -a:
> 
> FreeBSD phenom.cordula.ws 9.0-STABLE FreeBSD 9.0-STABLE #0
> r235604: Fri May 18 15:49:06 CEST 2012 r...@phenom.cordula.ws:
> /usr/obj/usr/src/sys/GENERIC  amd64
> 
> TIA,
> -cpghost.
> 
> -- 
> Cordula's Web. http://www.cordula.ws/
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Chromium Crashes

[The Todds]

I have just have built and installed Chromium 19.0.1084.52 from the
ports on my amd64 machine - 8.2-STABLE FreeBSD 8.2-STABLE #0: Sat Nov  5
08:40:03 NZDT 2011 

Portversion chromium-19.0.1084.52_2 =  up-to-date with port

On web sites which contains graphics Chromium crashes with the following
error:

[3152:171983296:14310963010:ERROR:CONSOLE(1)] "Uncaught ReferenceError:
ntp is not defined", source:  (1)

Any ideas how to resolve this issue.

Glenn


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Making a bootable backup (hard)disk... how?

[Warren Block]

On Sat, 9 Jun 2012, Ronald F. Guilmette wrote:



Also, I don't like backups taking longer than absolutely necessary, and
this is why I am specifically _not_ attracted to either the dd solution
or to dump/restore, because as I understand it, with either of these methods
you end up copying perhaps a metric buttload worth of unallocated free
disk space.


No, that is one of the biggest advantages of dump over dd.  dump knows 
UFS, and only copies occupied sectors and needed information.  That's 
why it can be restored file-by-file or to a partition of a different 
size.



Also, in one case, one of my partitions has one directory that contains
a really massive amount of stuff, and I specifically _don't_ need any of
that particular stuff (in that one directory) backed up.  So again, I'm
looking at tar or cpio or perhaps pax.  (Of course cpio is more full-featured
than tar, and I don't really know anything about pax, so that leaves me
with cpio.)


Directories and files can be skipped with the nodump flag.


P.S.  It really is a Damn Shame[tm] that nobody ever hacked FreeBSD cpio
to make it be able to copy (a) the extra file flag/mode bits and/or (b)
file ACLs and/or (c) file attributes.


A quick search shows dump should support ACLs.  The other stuff is also 
there.  Try it.


http://www.wonkity.com/~wblock/docs/html/backup.html
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Making a bootable backup (hard)disk... how?

[Ronald F. Guilmette]

In message <4fd38b9a.4010...@qeng-ho.org>,
Arthur Chance  wrote:

>There's a BFI (brute force and ignorance) way of doing it in the base 
>system - dd. Provided your system disk is quiescent (ideally when 
>running from a live CD or all partitions mounted read-only, otherwise 
>pray to the deity of your choice) and the backup disk is a) at least as 
>large as the system disk, and b) has the same sector size, then a simple 
>dd from the system disk to the backup should work.

Thank you Arthur, and yes, trying to back up a partition that's currently
mounted r/w using dd will almost certainly not produce the desired results.

And of course, as you correctly note also, the target partition had best be
at least as big as the source (and perhaps even identical in size).

I don't care to take own my system to make backups... and don't believe
that I should have to do so, and thus, this is one of the reasons why I
would prefer to use something like cpio.

Also, I don't like backups taking longer than absolutely necessary, and
this is why I am specifically _not_ attracted to either the dd solution
or to dump/restore, because as I understand it, with either of these methods
you end up copying perhaps a metric buttload worth of unallocated free
disk space.  (I would prefer not to do that.  It just seems wasteful...
of time, if nothing else.)

Also, in one case, one of my partitions has one directory that contains
a really massive amount of stuff, and I specifically _don't_ need any of
that particular stuff (in that one directory) backed up.  So again, I'm
looking at tar or cpio or perhaps pax.  (Of course cpio is more full-featured
than tar, and I don't really know anything about pax, so that leaves me
with cpio.)

>[Greybeard war story:] Going back about 25-30 years, a friend of mine 
>was responsible for running the Unix systems in an EE department of a UK 
>university. He used to back up the disks (probably around 10 MB in those 
>days) to 1/2" tape every night. Eventually he got sick of undergraduates 
>asking him to restore files they'd accidentally deleted, and hit upon 
>the idea of dd'ing the disk to tape, and then if a student wanted a 
>restore, he'd mount the tape as a r/o file system (these were the days 
>of tape block devices and trusting all users) and tell them to use 
>restore to get the files themselves. It took forever, but it was the 
>student's time that was wasted, not his. Most of them learned not to 
>delete wanted files after one or two times of doing this.

My own greybeard story:  Back in the late 70s I was in college and had
just switched major to CS.  My college had a mainframe, but also a PDP-11
to which were connected a number of ASR-33s (Who could ever forget THOSE!)
Students who asked could get an account on the PDP-11/RSTS-E system.
I did, and started experimenting.

I remember one day I really pissed off the specific Computer Center
staff member who was assigned to the care & feeding of the RSTS-E system
when her backup tape started whizzing back and forth for no apparent
reason.  At least it seemed that way to her, since she had only just
mounted the tape and _she_ had not issued any console commands yet which
would have caused the tape drive to do anything.
:-)

Needless to say RSTS-E was, apparently, not quite as sophisticated at that
time as, say, UNIX, in terms of protecting physical I/O devices from general
Joe-Schmo users.

I never became friends with that specific Computer Center staff member,
but I did end up as the only CS undergraduate who got a job in the
campus Computer Center.

Sorry.  You talking about tapes just reminded of that incident, way back
when.  (Sigh.  The good old daze when men were men, and the bits ran
scared!)

Moral of the story is that sometimes it actually does pay to be a smartass.


Regards,
rfg


P.S.  It really is a Damn Shame[tm] that nobody ever hacked FreeBSD cpio
to make it be able to copy (a) the extra file flag/mode bits and/or (b)
file ACLs and/or (c) file attributes.

I guess I have found a new project for myself... when/if I ever find some
free time.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

[Damien Fleuriot]

On 9 Jun 2012, at 18:48, Chad Perrin  wrote:

> On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote:
>> 
>> On 6 Jun 2012, at 21:52, Dave U. Random  
>> wrote:
>> 
>>> Polytropon  wrote:
>>> 
 On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
> Having to pay Verisign instead of Microsoft makes no difference: the
> point is why should I have to pay anything to a third party in order to
> run whatever OS I want on a piece of hardware I own?
>>> 
>>> It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
>>> NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
>>> an overgrown ugly mess.
>>> 
>>> We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
>>> and run a free (or in the case of Linux "apparently free") OS on free
>>> hardware.
>>> 
>>> There are increasing numbers of SBCs and plenty of used servers on
>>> Ebay. They're all built better than commodity Intel mafiaware. Good
>>> riddance!
>>> 
>> 
>> You have no idea what you're talking about.
>> 
>> This kind of religious propaganda post is neither constructive nor
>> helpful.
> 
> It should be noted that your tone is neither constructive nor helpful, to
> say nothing of your contentless response.  Do you have anything useful to
> say in response to what Dave U. Random contributed -- perhaps a
> thoughtful refutation of some specific point(s)?  I hope you have more of
> value to contribute than your obvious disdain for people who disagree
> with you about something (without even specifying on what points you
> disagree).
> 
> -- 
> Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
> 

If you had bothered to read all the other mails I've posted on this very 
specific thread, you wouldn't need to ask the question.


If you're going to participate in the Linux zealots' propaganda that makes OSS 
defenders sound so ridiculous and delusional, so be it.

Fact is, if Microsoft didn't deliver acceptable products, people wouldn't use 
them.
Calling them a mafia is neither constructive (I invite you to look up the word 
mafia in a thesaurus), nor backed up by actual facts.

OP is just going on a rampage about MS and intel.



You want to follow his advice and advocate the exclusive use of alpha machines ?
I guess we'll have to agree to disagree here.
No, I'm not gonna use alphas.
And no, I'm not going to let a random person (hey, choice words !) call intel 
or MS a mafia just because he's on a zealot crusade.


You might want to take a minute to consider the contributions of both to 
computing.
Without MS (and IBM amongst others) it's possible that computing would never 
have reached such an audience as it has.
So I'm going with the (possibly false) assumption that without MS and other 
major actors, not many people would use computers nowadays.
All this magnificent OSS wouldn't be of much use then.
After all, who would need FreeBSD servers to host web sites that had neither 
visitors nor purpose ?

One might see MS as the ultimate evil, yet they're strongly implemented in 
corporate IT.
One might wonder why, before engaging in a crusade, and brandishing empty words 
as their weapons.

I invite you to re-read OP's post and highlight what in "mafiaware", "wintel" 
and "microshaft" you find constructive.
I also invite you to read all his points about why exactly intel is an 
"overgrown ugly mess".
I regret to report I have found none, might you point them out for me ?



Now, I shall leave you to read my other posts on this "secure boot" topic, that 
you might quit claiming I have nothing to 
contribute.___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ran out of inodes on /var, recommended value?

[ill...@gmail.com]

On 9 June 2012 18:38, RW  wrote:
> On Sat, 09 Jun 2012 07:22:50 -0600
> Gary Aitken wrote:
>
>> I reconfigured my ssd filesystem with the /var partition of size
>> 512M.  Unfortunately, something in portsnap or the ports tree in
>> general uses a boatload of small files, and i ran out of inodes.  Can
>> anyone recommend an appropriate size for the newfs -i value?  1024?
>> less?
>
> portsnap needs roughly one file per port plus one for each
> out of date port during a fetch. There are 23658 ports.
>
> In FreeBSD 9 the fragment size increased, halving the default number of
> inodes. With only 32k inodes it's possible to run out with portsnap
> alone. You can probably get away with the old default of 64k (-i
> 8192), or perhaps 128k (-i 4096). Check how many files you have outside
> of portsnap and do the arithmetic.
>

Or, move the portsnap tree to somewhere other than /var
(see /etc/portsnap.conf for that & such).
I think that a file-backed md* mounted only when portsnap
was in use would save on inodes, yeah?


*I guess mdmfs(8) is the jawns y'all use nowadays, yo?

-- 
--
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ran out of inodes on /var, recommended value?

[RW]

On Sat, 09 Jun 2012 07:22:50 -0600
Gary Aitken wrote:

> I reconfigured my ssd filesystem with the /var partition of size
> 512M.  Unfortunately, something in portsnap or the ports tree in
> general uses a boatload of small files, and i ran out of inodes.  Can
> anyone recommend an appropriate size for the newfs -i value?  1024?
> less?

portsnap needs roughly one file per port plus one for each
out of date port during a fetch. There are 23658 ports.

In FreeBSD 9 the fragment size increased, halving the default number of
inodes. With only 32k inodes it's possible to run out with portsnap
alone. You can probably get away with the old default of 64k (-i
8192), or perhaps 128k (-i 4096). Check how many files you have outside
of portsnap and do the arithmetic. 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

[ANN] tperimeter 1.113 Released And Available

[Tim Daneliuk]

'tperimeter' Version 1.113 is released and available at:

  http://www.tundraware.com/Software/tperimeter/

The last public release was 1.112

What's New
--

Changed the wrapper file rebuild logic to delete outstanding access
requests independently of how often the script is run (either by
cron, or manually).  This means that the 'cron' frequency now
determines the average waiting time before a user's request is
fulfilled.  The '${DURATION}' variable in 'rebuild-hosts.allow.sh'
sets how long access will be permitted (The default value is 10
minutes).

Minor documentation updates, typo fixes, and housekeeping.


What Is 'tperimeter'?
-

Have you ever been away from the office and needed, say, ssh access to
your system? Ooops - you can't do that because in your zealous pursuit
of security, you set your TCP wrappers to prevent outside access to all
but a select group of hosts. Worse still, everywhere you go, your local
IP address changes so there is no practical way to open up the wrappers
for this situation.

'tperimeter' is a dynamic TCP wrapper control system that gives you
(limited) remote control of your TCP wrapper configuration. It does this
via a web interface that you've (hopefully) secured with https/SSL. You
just log in, specify your current IP address and one of the services you
want to access. 'tperimeter' will then briefly open a hole in your
wrappers long enough to let you in. It then automatically closes the
hole again. Voila! Remote access to your system, wherever you are. You
get much of the facility of a VPN or so-called "port knocking" without
most of the aggravation. As a side benefit, 'tperimeter' will also
simplify management of your standard /etc/hosts.allow TCP wrapper
control file.

'tperimeter' is written in python, shell script, and html. It is very
small and easy to maintain. It was developed and tested on FreeBSD 4.x/8.x,
and apache 1.x/2.x, but should run with very minor (or no) modification on
most Unix-like systems like Linux or Mac OS X hosts. It comes complete
with documentation in html, pdf, dvi, and Postscript formats. There is
no licensing fee for any use, personal, commercial, government,
or institutional.

--

Tim Daneliuk tun...@tundraware.com
PGP Key: http://www.tundraware.com/PGP/





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Problems with portupgrade libreoffice

[Walter Hurry]

On Sat, 09 Jun 2012 18:12:25 +0100, Dave Morgan wrote:

> On 09/06/12 at 04:41P, Walter Hurry wrote:
>> FreeBSD 9 on x86_64.
>>
>> I am in the process of doing a portupgrade on libreoffice (from 3.4.4
>> to 3.5.2.5). During the build it has (so far) errored out 4 times, in
>> the following modules:
>>
>> vcl framework sfx2 tail_build
>>
>> Each time, it told me to go into the subdirectory, do a gmake clean and
>> a gmake -r there, then return to the top level and rerun make.
>>
>> This I duly did, but to my surprise, each time I ran the gmake -r, it
>> completed successfully.
>>
>> When the top-level make finally succeeds, I intend simply to rerun the
>> portupgrade, on the theory that seeing everything already made, it will
>> just do the uninstall/reinstall, sort out the dependencies and so
>> forth.
>>
>> Q1) Is this a sensible approach?
>>
>> Q2) Has anyone else seen this? What is going on?
>
> There is a thread in the forums which recommends removing boost-libs and
> boost-jam, building libreoffice then reinstalling them.
> 
> I did this and it worked for me.

Thanks. I'll try that and report back.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: FreeBSD: SOLVED: FreeBSD9 - I can't get my mouse to work (was : FreeBSD9 - I can't get my mouse to work)

[Walter Hurry]

On Sat, 09 Jun 2012 05:58:25 +0200, Bernt Hansson wrote:

> 2012-06-09 00:10, Walter Hurry skrev:
>> On Fri, 08 Jun 2012 20:58:49 +0200, Bernt Hansson wrote:
>>
>>> 2012-06-08 17:51, Walter Hurry skrev:
 On Fri, 08 Jun 2012 15:39:22 +, Walter Hurry wrote:
 Never mind: Stupid moi. The answer was staring me in the face in man
 rc.conf. moused_port.


>>> You also have moused_flags="Put your flags here"
>>>
>>> That does not help, not me anyway.
>>
>> Indeed you do. But I didn't need moused_flags (nor moused_type) - just
>> moused_port. I was then able to restore /etc/rc.d/moused to its
>> pristine state.
> 
> That would be moused_flags="-p /dev/sysmouse"

Ah, good point. As ever, there's always more than one way to skin a 
cat. :-)

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: cvsup of RELENG_8_1

[Jim Nasby]

On 6/9/12 2:43 PM, Lowell Gilbert wrote:

Jim Nasby  writes:


I keep getting this error when trying to update source on 8.1:

TreeList failed: Error in "/var/db/sup/src-all/checkouts.cvs:RELENG_8_1": 
13890: Could not parse status record.  Delete it and try again.


Have you tried deleting /var/db/sup/src-all/checkouts.cvs:RELENG_8_1 and
retrying cvsup?


Somehow I got it in my head that that was a file living on the cvsup server and 
not locally.

After deleting that file all is good. Thanks for your help!
--
Jim C. Nasby, Database Architect   j...@nasby.net
512.569.9461 (cell) http://jim.nasby.net
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: cvsup of RELENG_8_1

[Lowell Gilbert]

Jim Nasby  writes:

> I keep getting this error when trying to update source on 8.1:
>
> TreeList failed: Error in "/var/db/sup/src-all/checkouts.cvs:RELENG_8_1": 
> 13890: Could not parse status record.  Delete it and try again.

Have you tried deleting /var/db/sup/src-all/checkouts.cvs:RELENG_8_1 and
retrying cvsup?

> I realize that 8.1 isn't formally supported anymore, but should cvsup still 
> work? I can't upgrade right now because of the conflict between GPT and 
> gmirror what was introduced in 8.2.

Right. This isn't version-related.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Making a bootable backup (hard)disk... how?

[Arthur Chance]

On 06/09/12 00:58, Warren Block wrote:

On Fri, 8 Jun 2012, Robert Huff wrote:



Ronald F. Guilmette writes:


I got a lot of disks here, so that part is not a problem. I just
need to make sure that I'm gonna do this the Right Way[tm].
(I've already been making my own ham-fisted disk-to-disk backups
in the past, but I'm sure that the way I have been doing that is
sub-optimal, so I'm here seeking knowledge of how to do this the
Right Way.)

The bottom line is this... I know how to use cpio, and would like
to use it to create a complete and _bootable_ backup of my main
system disk. (My main system disk has only one BIOS partition,
and that is sub-divided into the usual set of FreeBSD partitions,
you know, /, /dev, /tmp, /usr, /var, /usr/compat/linux/proc, and
/var/named/dev.)


As far as I know, the only way guaranteed to preserve metadata
is dump/restore. See previous (not necessarily recent) discussion
(on this list, and possibly in the Handbook) for more information.


The rsync port has a flags option. I haven't tried it for a full backup.
Even if it can copy all filesystem attributes like dump, there are still
non-filesystem things needed for booting that neither can copy, like
partition tables and boot blocks.


There's a BFI (brute force and ignorance) way of doing it in the base 
system - dd. Provided your system disk is quiescent (ideally when 
running from a live CD or all partitions mounted read-only, otherwise 
pray to the deity of your choice) and the backup disk is a) at least as 
large as the system disk, and b) has the same sector size, then a simple 
dd from the system disk to the backup should work.


[Greybeard war story:] Going back about 25-30 years, a friend of mine 
was responsible for running the Unix systems in an EE department of a UK 
university. He used to back up the disks (probably around 10 MB in those 
days) to 1/2" tape every night. Eventually he got sick of undergraduates 
asking him to restore files they'd accidentally deleted, and hit upon 
the idea of dd'ing the disk to tape, and then if a student wanted a 
restore, he'd mount the tape as a r/o file system (these were the days 
of tape block devices and trusting all users) and tell them to use 
restore to get the files themselves. It took forever, but it was the 
student's time that was wasted, not his. Most of them learned not to 
delete wanted files after one or two times of doing this.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Question about FreeBSD for IA-64 software

[Julian H. Stacey]

Hi,
Reference:
> From: Denis Guzanov  
> Date: Sat, 9 Jun 2012 15:45:54 +0400 
> Message-id:   
>  

Denis Guzanov wrote:
> Dear FreeBSD Team,
> 
> Firstly I would like to say you Big thanks for your really good job and the
> best system for us, small IT staff.
> 
> Second, I would like to ask you about some problem with FreeBSD source.
> 
> I've downloaded .iso Image from this link:
> ftp://ftp.freebsd.org/pub/FreeBSD/releases/ia64/ia64/ISO-IMAGES/9.0/following
> iso file: FreeBSD-9.0-RELEASE-ia64-release.iso

did you check the MD5 ?

> And when I tried to install it I have nothing

You'll need to be more specific.

> I did it many times, but
> have no result. When I've downloaded 8.3 version Installation was completed
> successfully.
> 
> Dear FreeBSD Team, could you, please, check your .iso file for IA-64
> systems or maybe consult me what I need to do?
> 
> 
> Thanks and Best regards,
> Denis.
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
> 


Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script, & indent with "> ".
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: prune ports tree?

[Julian H. Stacey]

Gary Aitken wrote:
> Is it possible to specify that parts of the ports tree should never be used?

Yes. 
Although as others pointed out it depend quite what you mean by that :-)

Example
setenv DUDS SomeEndPortToSkip_eg_ghostview

One could also do
setenv DUDS "`printenv DUDS` vietnamese chinese" ; make fetch
if for instance you wanted to fetch most but not all distiles

It prevents a recusion into SUBDIR (either into the 30 main ports/ dirs,
or the 20,000+ 2nd level dirs.

How I find DUDS useful:
When I do an upgrade, I copy
(using my shell
http://berklix.com/~jhs/bin/.csh/customise
)
about 30 Makefile.local from my personal preference directory
http://berklix.com/~jhs/src/bsd/fixes/FreeBSD/ports/jhs/
into
/usr/ports/*/Makefile.local
Then I let loose a monstrous make with something like
cd /usr/ports ;\
nice make BERKLIX_CLIENT=YES \
all install package package-recursive ; bell
that takes days & always breaks a few times on route,
(& using make -k or make -i is a bad idea, as it messes upports that
other ports then think are built, but are not - so I avoid -i & -k )

 Sometimes I dont have time to immediately analyse each breakage,
& just want topush the compiles on, & come back later to debug 
broken faults, so I then use (with csh
setenv DUDS "whatever_port_just_broke `printenv DUDS`"
& start the make again.

(PS & later after most stuff is build I start the truly monster builds
 eg openoffice etc with eg
nice make BERKLIX_AMBITIOUS=YES \
all install package package-recursive ; bell
# http://www.berklix.com/~jhs/bin/.sh/bell
)

For DUDS & other ideas See:
vi -c/DUDS /usr/ports/Mk/bsd.port.subdir.mk

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script, & indent with "> ".
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Problems with portupgrade libreoffice

[Dave Morgan]

On 09/06/12 at 04:41P, Walter Hurry wrote:
> FreeBSD 9 on x86_64.
>
> I am in the process of doing a portupgrade on libreoffice (from 3.4.4 to
> 3.5.2.5). During the build it has (so far) errored out 4 times, in the
> following modules:
>
> vcl
> framework
> sfx2
> tail_build
>
> Each time, it told me to go into the subdirectory, do a gmake clean and a
> gmake -r there, then return to the top level and rerun make.
>
> This I duly did, but to my surprise, each time I ran the gmake -r, it
> completed successfully.
>
> When the top-level make finally succeeds, I intend simply to rerun the
> portupgrade, on the theory that seeing everything already made, it will
> just do the uninstall/reinstall, sort out the dependencies and so forth.
>
> Q1) Is this a sensible approach?
>
> Q2) Has anyone else seen this? What is going on?
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

There is a thread in the forums which recommends removing boost-libs and
boost-jam, building libreoffice then reinstalling them.

I did this and it worked for me.

--
Dave.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Is this something we (as consumers of FreeBSD) need to be aware of?

[Chad Perrin]

On Wed, Jun 06, 2012 at 11:42:37PM +0200, Damien Fleuriot wrote:
> 
> On 6 Jun 2012, at 21:52, Dave U. Random  
> wrote:
> 
> > Polytropon  wrote:
> > 
> >> On Wed, 06 Jun 2012 11:47:11 +0100, Matthew Seaman wrote:
> >>> Having to pay Verisign instead of Microsoft makes no difference: the
> >>> point is why should I have to pay anything to a third party in order to
> >>> run whatever OS I want on a piece of hardware I own?
> > 
> > It's time to dump the Intel/Microshaft mafia forever. FreeBSD, OpenBSD,
> > NetBSD, and even Linux have ports to many platforms. Why stay on Intel? It's
> > an overgrown ugly mess.
> > 
> > We need to stop buying Intel mafiaware with preinstalled Microshaft mafiware
> > and run a free (or in the case of Linux "apparently free") OS on free
> > hardware.
> > 
> > There are increasing numbers of SBCs and plenty of used servers on
> > Ebay. They're all built better than commodity Intel mafiaware. Good
> > riddance!
> > 
> 
> You have no idea what you're talking about.
> 
> This kind of religious propaganda post is neither constructive nor
> helpful.

It should be noted that your tone is neither constructive nor helpful, to
say nothing of your contentless response.  Do you have anything useful to
say in response to what Dave U. Random contributed -- perhaps a
thoughtful refutation of some specific point(s)?  I hope you have more of
value to contribute than your obvious disdain for people who disagree
with you about something (without even specifying on what points you
disagree).

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Problems with portupgrade libreoffice

[Walter Hurry]

FreeBSD 9 on x86_64.

I am in the process of doing a portupgrade on libreoffice (from 3.4.4 to 
3.5.2.5). During the build it has (so far) errored out 4 times, in the 
following modules:

vcl
framework
sfx2
tail_build

Each time, it told me to go into the subdirectory, do a gmake clean and a 
gmake -r there, then return to the top level and rerun make.

This I duly did, but to my surprise, each time I ran the gmake -r, it 
completed successfully.

When the top-level make finally succeeds, I intend simply to rerun the 
portupgrade, on the theory that seeing everything already made, it will 
just do the uninstall/reinstall, sort out the dependencies and so forth.

Q1) Is this a sensible approach?

Q2) Has anyone else seen this? What is going on?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: ran out of inodes on /var, recommended value?

[Michael Sierchio]

On Sat, Jun 9, 2012 at 6:22 AM, Gary Aitken  wrote:
> I reconfigured my ssd filesystem with the /var partition of size 512M.  
> Unfortunately, something in portsnap or the ports tree in general uses a 
> boatload of small files, and i ran out of inodes.  Can anyone recommend an 
> appropriate size for the newfs -i value?  1024?  less?

You may find this solution cheesy, but it works.  I found the problem
to be /var/db, and ran into it when doing a pkg_add -r for a package
with a lot of dependencies.  Some things - like freebsd-update - are
configurable to use a different dir without this nonsense.

- M

pvpn 206> ls -l /var/db
total 228
--  1 root  wheel990 May 11 03:03 dhclient.leases.vr0
drwx--  2 operator  operator 512 Jun  9 16:33 entropy
lrwxr-xr-x  1 root  wheel 37 May 11 02:32 freebsd-update
-> ../../usr/local/var/db/freebsd-update
drwx--  2 root  wheel512 Apr  9 21:10 ipf
-r--r--r--  1 nobodywheel 183727 Jun  9 04:15 locate.database
-rw---  1 root  wheel  40790 May 16 20:05 mergemaster.mtree
lrwxr-xr-x  1 root  wheel 26 May 11 02:32 pkg ->
../../usr/local/var/db/pkg
lrwxr-xr-x  1 root  wheel 28 May 11 02:32 ports ->
../../usr/local/var/db/ports
lrwxr-xr-x  1 root  wheel 31 May 11 02:32 portsnap ->
../../usr/local/var/db/portsnap
drwx--  3 root  wheel512 May 21 20:54 sudo
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: wired memory - again!

[Colin Barnabas]

http://apple.stackexchange.com/questions/31801/what-is-in-wired-memory

On Sat, Jun 09, 2012 at 09:21:35AM +0200, Wojciech Puchar wrote:
> top reports wired memory 128MB
> 
> 
> WHERE it is used? below results of vmstat -m and vmstat -z
> values does not sum up even to half of it
> FreeBSD 9 - few days old.
> 
 
> ___
> freebsd-hack...@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
> To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"

-- 
Colin Barnabas
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to filter network by MAC and IP at the same time

[Bill Yuan]

Thanks very much,
According to your description , I changed my firewall settings ,
(
Because I already tried add the "via em0" or "via em1",  it's not working,
so I remove it ,
my FreeBSD is WAN is em0  ,LAN is em1
)
and made it like this below

and I still cannot download things through it , and i found the result


Seems some place still not working properly , the traffic has been block by
some reason!





On Sat, Jun 9, 2012 at 5:12 PM, Christian Hiris <4...@chello.at> wrote:

> hi Bill,
> afaik, in your case the packets checked twice against the ipfw-rules - once
> for the layer2-filtering part and 2nd time for the ip-filtering part.
>
> 1st enable filtering on ethernet demux/eth. output frame:
> # sysctl net.link.ether.ipfw=1
>
> then start your fw-script:
>
> # -- sniplet from fw-script -- #
>  iif="em0"
>  ip_client="192.168.123.45"
>  ether_client="88:99:aa:bb:cc:dd"
>  ether_broadcast="ff:ff:ff:ff:ff:ff"
>
>  ${fwcmd} add 10 pass MAC ${ether_broadcast} ${ether_client} via ${iif}
>  ${fwcmd} add 20 pass MAC any ${ether_client} via ${iif}
>  ${fwcmd} add 21 pass MAC ${ether_client} any via ${iif}
>  ${fwcmd} add 30 pass ip from ${ip_client} to any via ${iif}
>  ${fwcmd} add 31 pass ip from any to ${ip_client} via ${iif}
> # -- sniplet from fw-script -- #
>
> this results in:
>
> # ipfw show
> 00010   128 allow ip from any to any MAC ff:ff:ff:ff:ff:ff \
>  88:99:aa:bb:cc:dd via em0
> 00020  74  9564 allow ip from any to any MAC any 88:99:aa:bb:cc:dd via em0
> 00021  87 85336 allow ip from any to any MAC 88:99:aa:bb:cc:dd any via em0
> 00030  74  9564 allow ip from 192.168.123.45 to any via em0
> 00031  86 85290 allow ip from any to 192.168.123.45 via em0
> 65535 487 35078 deny ip from any to any
>
> Most of this logic is described in the section "PACKET FLOW" section in man
> ipfw.
>
> "Note that as packets flow through the stack, headers can be stripped or
> added to it, and so they may or may not be available for inspection.
> E.g., incoming packets will include the MAC header when ipfw is invoked
> from ether_demux(), but the same packets will have the MAC header
> stripped off when ipfw is invoked from ip_input() or ip6_input()."
>
> Cheers
> ch
>
>
> On Saturday 09 June 2012, Bill Yuan wrote:
> > rule like below
> >
> > #allow the traffic which source mac is belong to the machine
> > ipfw add 1 allow all from any to any MAC  any
> > #allow the ..  destination mac is that machine
> > ipfw add 1 allow all from any to any MAC any 
> > ipfw add 1 deny all from any to any
> >
> >
> > it is not working , all the traffic will be block by the deny !!!  how
> come
> > ?
> >
> >
> >
> > On Sat, Jun 9, 2012 at 4:30 AM, Lowell Gilbert <
> >
> > freebsd-questions-lo...@be-well.ilk.org> wrote:
> > > Bill Yuan  writes:
> > > > i am using freebsd 9.0 as a firewall and i want to filter the traffic
> > > > by the mac and the ip at the same time,
> > > >
> > > > for example, i only allow my laptop  can go throught
> the
> > > > firewalll when it's using IP 
> > > >
> > > > for how to config the firewall rules?
> > > >
> > > >
> > > > I tried to configure the firewall by  the rule below , but it doesnt
> > > > work
> > > >
> > > >  ipfw add  1 allow all from  to any MAC 
> > > >  any ipfw add  1 allow all from any to   MAC any  > > >  Address
> > >
> > > 1>
> > >
> > > Well, for one thing if I understand your intent, you have the MAC
> > > addresses in the wrong order. Unless your firewall is acting as a
> > > bridge, you also need to keep in mind that the MAC addresses are
> changed
> > > when passing through, so those rules will only work on one side (i.e.,
> > > you'll need "in via" type rules).
> > >
> > > > but it doesnt work. also found the explanation on google, someone
> > > > already asked this question before.
> > >
> > > I don't understand. Was there a suggested approach or not?
> > >
> > > > but I did not find the solution for this requirement.  can someone
> tell
> > >
> > > me
> > >
> > > > how ? thanks in advance.
> > >
> > > I can't guarantee this will work, and I don't have any way to test it,
> > >
> > > but my above comments would suggest something more like:
> > > >  ipfw add  1 allow all from  to any MAC any  Address
> > >
> > > in via $iif
> > >
> > > >  ipfw add  1 allow all from any to   MAC  1>
> > >
> > > any out via $oif
> > >
> > > Good luck.
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

ran out of inodes on /var, recommended value?

[Gary Aitken]

I reconfigured my ssd filesystem with the /var partition of size 512M.  
Unfortunately, something in portsnap or the ports tree in general uses a 
boatload of small files, and i ran out of inodes.  Can anyone recommend an 
appropriate size for the newfs -i value?  1024?  less?

Thanks,

Gary
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Question about FreeBSD for IA-64 software

[Mehmet Erol Sanliturk]

On Sat, Jun 9, 2012 at 4:45 AM, Denis Guzanov  wrote:

> Dear FreeBSD Team,
>
> Firstly I would like to say you Big thanks for your really good job and the
> best system for us, small IT staff.
>
> Second, I would like to ask you about some problem with FreeBSD source.
>
> I've downloaded .iso Image from this link:
>
> ftp://ftp.freebsd.org/pub/FreeBSD/releases/ia64/ia64/ISO-IMAGES/9.0/following
> .iso file: FreeBSD-9.0-RELEASE-ia64-release.iso
>
> And when I tried to install it I have nothing I did it many times, but
> have no result. When I've downloaded 8.3 version Installation was completed
> successfully.
>
> Dear FreeBSD Team, could you, please, check your .iso file for IA-64
> systems or maybe consult me what I need to do?
>
>
> Thanks and Best regards,
> Denis.
>



>From your question , it is not possible to understand which 8.3 version is
used .

It is very unlikely that 9.0 fails completely but 8.3 succeeds completely .


ia64 is for Itanium 64 processor ,
amd64 is Intel and AMD 64-bit capable desktop or notebook processors  .

They are different processors , and one can not execute code for the other .

Thank you very much .

Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Question about FreeBSD for IA-64 software

[Denis Guzanov]

Dear FreeBSD Team,

Firstly I would like to say you Big thanks for your really good job and the
best system for us, small IT staff.

Second, I would like to ask you about some problem with FreeBSD source.

I've downloaded .iso Image from this link:
ftp://ftp.freebsd.org/pub/FreeBSD/releases/ia64/ia64/ISO-IMAGES/9.0/following
.iso file: FreeBSD-9.0-RELEASE-ia64-release.iso

And when I tried to install it I have nothing I did it many times, but
have no result. When I've downloaded 8.3 version Installation was completed
successfully.

Dear FreeBSD Team, could you, please, check your .iso file for IA-64
systems or maybe consult me what I need to do?


Thanks and Best regards,
Denis.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: how to filter network by MAC and IP at the same time

[Christian Hiris]

hi Bill,
afaik, in your case the packets checked twice against the ipfw-rules - once 
for the layer2-filtering part and 2nd time for the ip-filtering part.

1st enable filtering on ethernet demux/eth. output frame:
# sysctl net.link.ether.ipfw=1

then start your fw-script:

# -- sniplet from fw-script -- #
  iif="em0"
  ip_client="192.168.123.45"
  ether_client="88:99:aa:bb:cc:dd"
  ether_broadcast="ff:ff:ff:ff:ff:ff"

  ${fwcmd} add 10 pass MAC ${ether_broadcast} ${ether_client} via ${iif}
  ${fwcmd} add 20 pass MAC any ${ether_client} via ${iif}
  ${fwcmd} add 21 pass MAC ${ether_client} any via ${iif}
  ${fwcmd} add 30 pass ip from ${ip_client} to any via ${iif}
  ${fwcmd} add 31 pass ip from any to ${ip_client} via ${iif}
# -- sniplet from fw-script -- #

this results in:

# ipfw show
00010   128 allow ip from any to any MAC ff:ff:ff:ff:ff:ff \
 88:99:aa:bb:cc:dd via em0
00020  74  9564 allow ip from any to any MAC any 88:99:aa:bb:cc:dd via em0
00021  87 85336 allow ip from any to any MAC 88:99:aa:bb:cc:dd any via em0
00030  74  9564 allow ip from 192.168.123.45 to any via em0
00031  86 85290 allow ip from any to 192.168.123.45 via em0
65535 487 35078 deny ip from any to any

Most of this logic is described in the section "PACKET FLOW" section in man 
ipfw. 

"Note that as packets flow through the stack, headers can be stripped or
 added to it, and so they may or may not be available for inspection.
 E.g., incoming packets will include the MAC header when ipfw is invoked
 from ether_demux(), but the same packets will have the MAC header
 stripped off when ipfw is invoked from ip_input() or ip6_input()."

Cheers
ch 


On Saturday 09 June 2012, Bill Yuan wrote:
> rule like below
> 
> #allow the traffic which source mac is belong to the machine
> ipfw add 1 allow all from any to any MAC  any
> #allow the ..  destination mac is that machine
> ipfw add 1 allow all from any to any MAC any 
> ipfw add 1 deny all from any to any
> 
> 
> it is not working , all the traffic will be block by the deny !!!  how come
> ?
> 
> 
> 
> On Sat, Jun 9, 2012 at 4:30 AM, Lowell Gilbert <
> 
> freebsd-questions-lo...@be-well.ilk.org> wrote:
> > Bill Yuan  writes:
> > > i am using freebsd 9.0 as a firewall and i want to filter the traffic
> > > by the mac and the ip at the same time,
> > > 
> > > for example, i only allow my laptop  can go throught the
> > > firewalll when it's using IP 
> > > 
> > > for how to config the firewall rules?
> > > 
> > > 
> > > I tried to configure the firewall by  the rule below , but it doesnt
> > > work
> > > 
> > >  ipfw add  1 allow all from  to any MAC 
> > >  any ipfw add  1 allow all from any to   MAC any  > >  Address
> > 
> > 1>
> > 
> > Well, for one thing if I understand your intent, you have the MAC
> > addresses in the wrong order. Unless your firewall is acting as a
> > bridge, you also need to keep in mind that the MAC addresses are changed
> > when passing through, so those rules will only work on one side (i.e.,
> > you'll need "in via" type rules).
> > 
> > > but it doesnt work. also found the explanation on google, someone
> > > already asked this question before.
> > 
> > I don't understand. Was there a suggested approach or not?
> > 
> > > but I did not find the solution for this requirement.  can someone tell
> > 
> > me
> > 
> > > how ? thanks in advance.
> > 
> > I can't guarantee this will work, and I don't have any way to test it,
> > 
> > but my above comments would suggest something more like:
> > >  ipfw add  1 allow all from  to any MAC any  > 
> > in via $iif
> > 
> > >  ipfw add  1 allow all from any to   MAC 
> > 
> > any out via $oif
> > 
> > Good luck.
> 
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"