TCPmux
Good Morning, Is there a flag or a setting in the PF firewall in FreeBSD that you can set to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to work, however if I disable PF completely then the TCPmux traffic flow through. Kind Regards Important Notice: This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal notice available at: http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: TCPmux
31.05.2013 10:29, Stefan Desancic: Good Morning, Is there a flag or a setting in the PF firewall in FreeBSD that you can set to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to work, however if I disable PF completely then the TCPmux traffic flow through. I have no problems with tcpmux and pf. Can you show your config? On my machines tcpmux is served from inetd on default port (1). -- Sphinx of black quartz, judge my vow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 30, 2013, at 6:38 PM, Teske, Devin devin.te...@fisglobal.com wrote:
On May 30, 2013, at 9:18 AM, Joe wrote:
Pietro Paolini wrote:
On May 30, 2013, at 2:29 PM, Joe fb...@a1poweruser.com wrote:
Pietro Paolini wrote:
Hello all,
I am a new bye on the FreeBSD and I am looking at the VIMAGE features
experiencing some problems.
I added the options :
VIMAGE
if_bridge
and I removed
STCP
then I recompiled my kernel and install it.
After that, following this tutorial
http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the
Exercise 2 which consist on the following commands:
vimage -c n1
vimage -c n2
ngctl mkpeer efface ether ether
ngctl mkpeer efface ether ether
ngctl mkpeer em0: bridge lower link0
ngctl name em0:lower bridge0
ngctl connect em0: bridge0: upper link1
ngctl connect ngeth0: bridge0: ether link2
ngctl connect ngeth1: bridge0: ether link3
vimage -i n1 ngeth0 e0
But my virtual interface on the n1 vimage does not receive any packet
from the external network while I can see the packet go out from it.
For instance using DHCP, e0 on n1 sends DHCP packets but it does not
receive the answers (which are send, I verified it from wireshark), in
adding
the ARP request for his IP address (if I try to add it statically) are
not received then it can not answer.
At the end of the line the question is: how can I make this virtual
network and the external real network be able to communicate ?
Thanks in advance.
Pietro.
1. That link is from 2007. So very much has changed since then.
There are more current links on the internet about this subject. Most are
for 8.X releases.
2. If your running 8.2-RELEASE or 9.1-RELEASE all you need to add is
options vimage statement to your kernel source and recompile.
3. There are 2 networking methods available for creating vnet/vimage jail
networks, if_bridge/epair and netgraph. The if_bridge/epair method is far
simpler to config and use then the netgraph method.
4. There are 2 methods of jail setup, the rc.d method where your jail
definition parameters go into the hosts rc.conf and the jail(8) method
where you can place each jails definition parameter in separate files.
5. There are two very important show stopper PRs on vimage,
164763 memory leak and 149050 the rc.d keyword nojail problem.
Vimage is a very long way from prime time usage, thats why it's labeled as
highly experimental. Host system freezes and page faults are common.
6. When it comes to running a firewall in a vnet/vimage jail your limited
to IPFW and it has limitations. Dummynet and in kernel NAT cause system
freezes. IPFILTER causes page fault at boot time. PF will run on the host
but not run in the vnet/vimage jail. Here are a bunch of PRs on vimage
firewall problems, 143621, 176092, 161094, 176992, 143808, 148155, 165252,
178480, 178482
Check out these links
http://druidbsd.sourceforge.net/vimage.shtml
http://devinteske.com/vimage-jails-on-freebsd-8
http://lists.freebsd.org/pipermail/freebsd-virtualization/2011-September/000747.html
http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto
http://zewaren.net/site/?q=node/78
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
freebsd-questions-unsubscr...@freebsd.org
Thanks so much, really interesting and good links but I can't again
accomplish my task - I followed
http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto as a base
tutorial - I would like simulate more client for my PC using this
technology, and that's my topology:
1 - Two epairs created 2 - Two jail created
3 - Assign one intf for jail
4 - Add the real interface to a bridge where I put all the interfaces
---
JAIL1
0b
---
---
JAIL2 1b
---
---
HOST
0a
1a
em0 -- REAL
---
Where {0,1}a is the first pair and {0,1}b is the second and em0 is my real
interface (it has an IP address), then I got to the problem, I tried to :
jexec 2 dhclient epair1b And I can see the DHCP packet with the correct
MAC address going out, the server reply (I have a sniffer pc) but the
transaction does not end successfully, what is really strange is that if I
attach tcpdump on em0 I can NOT see the answer server sends while when I try
dhclient em0 I can see the packet going in and out and the DHCP transaction
finish successfully. Do you have any idea about how can I accomplish my
target ? Maybe I am using the wrong technology ?
I would not surprised if I make a error on my configuration but what really
interest me is if I CAN do that using jail.
Thanks a lot, and in advance ! :-)
Pietro.
Pietro;
You really have to provide a lot more info about your host system and jail
configuration.
What version of FreeBSD are you running?
Which method do you use to create your jails,
New kernel 9.1 informs me to report wbwd0 to FreeBSD
Hi, I upgraded to 9.1 ( 9.1-STABLE FreeBSD 9.1-STABLE #0 r251140: ) today and my dmesg kernel prints: wbwd0: DevID 0x60 DevRev 0x12, please report this. wbwd0: DevID 0x60 DevRev 0x12, please report this. wbwd0: Unknown Winbond/Nuvoton model at port 0x2e-0x2f on isa0 wbwd0: Before watchdog attach: Watchdog enabled. Watchdog fired. Scaling by 1s, timer at 255 (=255s left). CRF5 0x00 CRF7 0xff I am willing to provide any help necessary. Regards, BB ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: TCPmux
Hi,
Thank you for your very speedy response.
Also Attached is the config file.
Kind Regards
Stefan
# Section: Interfaces
public_if19=em0
private_if18=em1
mgmt_if=em1
# End: Interfaces
# Section: Ports
Management = {22,}
ikeports = {500,4500}
# End: Ports
# Section: Address Table
table CENTER-CONTACT {192.168.50.250}
table CONTACT-EDGE1 {192.168.50.1}
table IP_10.0.0.1 {10.0.0.1}
table IP_10.0.0.2 {10.0.0.2}
table IP_192.168.50.250 {192.168.50.250}
table LPN_192.168.100.0_24 {192.168.100.0/24}
table LPN_192.168.50.0_24 {192.168.50.0/24}
table CENTER-CONTACTN {192.168.50.250}
# End: Address Table
# Section: Options
set ruleset-optimization none
set block-policy return
set skip on lo
# End: Options
# Section: Scrubbing
scrub in all
# End: Scrubbing
# Section: Anti Spoofing
antispoof quick for {$public_if19, $private_if18} inet
# End: Anti Spoofing
# Section: Firewall Rules
# Section: System Rules
block in from any to any label RuleId[111]
pass out from any to any label RuleId[112]
# End: System Rules
# Section: VPN LPN access Rules
pass from {LPN_192.168.100.0_24} to {LPN_192.168.50.0_24} tagged vpn label
RuleId[140]
pass from {LPN_192.168.50.0_24} to {LPN_192.168.100.0_24} label RuleId[141]
# End: VPN LPN access Rules
# Section: User Rules
# block from any to any no state label RuleId[149]
# pass in from {LPN_192.168.100.0_24} to {LPN_192.168.50.0_24} label
RuleId[151]
# pass in from {LPN_192.168.50.0_24} to {LPN_192.168.100.0_24} label
RuleId[152]
pass from any to any label RuleId[157]
# End: User Rules
# Section: IPsec Rules
pass in on $mgmt_if proto {udp} from {CENTER-CONTACTN} to {CONTACT-EDGE1}
port $ikeports label RuleId[117]
pass in on $mgmt_if proto {esp} from {CENTER-CONTACTN} to {CONTACT-EDGE1}
label RuleId[118]
pass in on $mgmt_if proto {ipencap} from {CENTER-CONTACTN} to
{CONTACT-EDGE1} tag management label RuleId[119]
pass proto {udp} from {IP_192.168.50.250} to {IP_10.0.0.2} port $ikeports
label RuleId[131]
pass proto {udp} from {IP_10.0.0.2} to {IP_192.168.50.250} port $ikeports
label RuleId[132]
pass proto {esp} from {IP_192.168.50.250} to {IP_10.0.0.2} label RuleId[133]
pass proto {esp} from {IP_10.0.0.2} to {IP_192.168.50.250} label RuleId[134]
pass in on $public_if19 proto {udp} from {IP_10.0.0.2} to {IP_10.0.0.1}
port $ikeports label RuleId[135]
pass out on $public_if19 proto {udp} from {IP_10.0.0.1} to {IP_10.0.0.2}
port $ikeports label RuleId[136]
pass in on $public_if19 proto {esp} from {IP_10.0.0.2} to {IP_10.0.0.1}
label RuleId[137]
pass out on $public_if19 proto {esp} from {IP_10.0.0.1} to {IP_10.0.0.2}
label RuleId[138]
pass in on $public_if19 proto {ipencap} from {IP_10.0.0.2} to {IP_10.0.0.1}
tag vpn label RuleId[139]
# End: IPsec Rules
# Section: Management Rules
pass in on $mgmt_if proto {tcp} from {CENTER-CONTACT} to {CONTACT-EDGE1}
port $Management tagged management label RuleId[120]
# End: Management Rules
# End: Firewall Rules
-Original Message-
From: Volodymyr Kostyrko [mailto:c.kw...@gmail.com]
Sent: 31 May 2013 10:32 AM
To: Stefan Desancic; questi...@freebsd.org
Subject: Re: TCPmux
31.05.2013 10:29, Stefan Desancic:
Good Morning,
Is there a flag or a setting in the PF firewall in FreeBSD that you can set
to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to
work, however if I disable PF completely then the TCPmux traffic flow through.
I have no problems with tcpmux and pf. Can you show your config? On my machines
tcpmux is served from inetd on default port (1).
--
Sphinx of black quartz, judge my vow.
Important Notice:
This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal
notice available at:
http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx
pf.conf
Description: pf.conf
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Clang cannot finds standard system lib libssl.a
Hi, I'm trying to compile a single big file project written in C. It compiled fine, without problems in my develop machine (FreeBSD 9.1 STABLE, Clang3.2) but not on the server (FreeBSD 9.1 Release#0, Clang 3.1). The app uses openssl dtls and links to system ssl libs. Am I missing something? For compile I do: %clang gog_server.c -o gog_server -v -I /usr/include/openssl but I get a lot of undefined references to whole openssl lib functions, structs etc in Link phase: ... gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks' gog_server.c:(.text+0x50): undefined reference to `CRYPTO_num_locks' ... I have manually checked that: a) /usr/lib/libssl.a /usr/lib/libssl.so exist b) The linker has /usr/lib path %clang -print-search-dirs programs: =/usr/bin libraries: =/usr/bin/../lib/clang/3.1:/usr/lib c) Add -Xlinker -L /usr/lib d) Add -Xlinker -l /usr/lib/libssl.a, get this from linker: /usr/bin/ld --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 -o gog_server /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/gog_server-8bAHxn.o -l /usr/lib/libssl.a -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o /usr/bin/ld: cannot find -l /usr/lib/libssl.a e) Tried c) and d) without , but get the same answers /usr/bin/ld: cannont find ... Finally, this is the relevant output of last try: % clang gog_server.c -o gog_server -v -I /usr/include/openssl -Xlinker /usr/lib/libssl.a 2err FreeBSD clang version 3.1 (branches/release_31 156863) 20120523 Target: x86_64-unknown-freebsd9.0 Thread model: posix /usr/bin/clang -cc1 -triple x86_64-unknown-freebsd9.0 -emit-obj -mrelax-all -disable-free -main-file-name gog_server.c -mrelocation-model static -mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables -target-cpu x86-64 -momit-leaf-frame-pointer -v -resource-dir /usr/bin/../lib/clang/3.1 -I /usr/include/openssl -fmodule-cache-path /var/tmp/clang-module-cache -fdebug-compilation-dir /home/gowen/clang/Gog -ferror-limit 19 -fmessage-length 0 -mstackrealign -fgnu-runtime -fobjc-runtime-has-arc -fobjc-runtime-has-weak -fobjc-dispatch-method=non-legacy -fdiagnostics-show-option -o /tmp/gog_server-mK51RB.o -x c gog_server.c clang -cc1 version 3.1 based upon LLVM 3.1 default target x86_64-unknown-freebsd9.0 ignoring nonexistent directory /usr/bin/../lib/clang/3.1/include #include ... search starts here: #include ... search starts here: /usr/include/openssl /usr/include/clang/3.1 /usr/include End of search list. /usr/bin/ld --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 -o gog_server /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib /tmp/gog_server-mK51RB.o /usr/lib/libssl.a -lgcc --as-needed -lgcc_s --no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o /usr/lib/crtn.o /tmp/gog_server-mK51RB.o: In function `THREAD_setup': gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks' . and a lot of similar lines. So, Am I missing something? Thanks in advance. --- --- Eduardo Morras emorr...@yahoo.es ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Clang cannot finds standard system lib libssl.a
On 2013-05-31 15:26, Eduardo Morras wrote: I'm trying to compile a single big file project written in C. It compiled fine, without problems in my develop machine (FreeBSD 9.1 STABLE, Clang3.2) but not on the server (FreeBSD 9.1 Release#0, Clang 3.1). The app uses openssl dtls and links to system ssl libs. Am I missing something? For compile I do: %clang gog_server.c -o gog_server -v -I /usr/include/openssl but I get a lot of undefined references to whole openssl lib functions, structs etc in Link phase: ... gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks' gog_server.c:(.text+0x50): undefined reference to `CRYPTO_num_locks' ... CRYPTO_num_locks is in libcrypto so try linking with that in addition to libssl. signature.asc Description: OpenPGP digital signature
Re: Clang cannot finds standard system lib libssl.a
On Fri, 31 May 2013 16:12:24 +0200 Tijl Coosemans t...@coosemans.org wrote: CRYPTO_num_locks is in libcrypto so try linking with that in addition to libssl. Now i works, thanks a lot!! Forgot to add -Xlinker /usr/lib/libcrypto.a and -Xlinker /usr/lib/libpthread.a Now everything works as expected. Bytes bite bitter when abuse caffeine... --- --- Eduardo Morras emorr...@yahoo.es ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: TCPmux
31.05.2013 14:10, Stefan Desancic:
Hi,
Thank you for your very speedy response.
Also Attached is the config file.
Kind Regards
Stefan
# Section: Interfaces
public_if19=em0
private_if18=em1
mgmt_if=em1
# End: Interfaces
# Section: Ports
Management = {22,}
ikeports = {500,4500}
# End: Ports
# Section: Address Table
table CENTER-CONTACT {192.168.50.250}
table CONTACT-EDGE1 {192.168.50.1}
table IP_10.0.0.1 {10.0.0.1}
table IP_10.0.0.2 {10.0.0.2}
table IP_192.168.50.250 {192.168.50.250}
table LPN_192.168.100.0_24 {192.168.100.0/24}
table LPN_192.168.50.0_24 {192.168.50.0/24}
table CENTER-CONTACTN {192.168.50.250}
# End: Address Table
# Section: Options
set ruleset-optimization none
set block-policy return
set skip on lo
# End: Options
# Section: Scrubbing
scrub in all
# End: Scrubbing
# Section: Anti Spoofing
antispoof quick for {$public_if19, $private_if18} inet
# End: Anti Spoofing
# Section: Firewall Rules
# Section: System Rules
block in from any to any label RuleId[111]
pass out from any to any label RuleId[112]
# End: System Rules
# Section: VPN LPN access Rules
pass from {LPN_192.168.100.0_24} to {LPN_192.168.50.0_24} tagged vpn label
RuleId[140]
pass from {LPN_192.168.50.0_24} to {LPN_192.168.100.0_24} label RuleId[141]
# End: VPN LPN access Rules
# Section: User Rules
# block from any to any no state label RuleId[149]
# pass in from {LPN_192.168.100.0_24} to {LPN_192.168.50.0_24} label
RuleId[151]
# pass in from {LPN_192.168.50.0_24} to {LPN_192.168.100.0_24} label
RuleId[152]
pass from any to any label RuleId[157]
# End: User Rules
# Section: IPsec Rules
pass in on $mgmt_if proto {udp} from {CENTER-CONTACTN} to {CONTACT-EDGE1}
port $ikeports label RuleId[117]
pass in on $mgmt_if proto {esp} from {CENTER-CONTACTN} to {CONTACT-EDGE1}
label RuleId[118]
pass in on $mgmt_if proto {ipencap} from {CENTER-CONTACTN} to
{CONTACT-EDGE1} tag management label RuleId[119]
pass proto {udp} from {IP_192.168.50.250} to {IP_10.0.0.2} port $ikeports
label RuleId[131]
pass proto {udp} from {IP_10.0.0.2} to {IP_192.168.50.250} port $ikeports
label RuleId[132]
pass proto {esp} from {IP_192.168.50.250} to {IP_10.0.0.2} label RuleId[133]
pass proto {esp} from {IP_10.0.0.2} to {IP_192.168.50.250} label RuleId[134]
pass in on $public_if19 proto {udp} from {IP_10.0.0.2} to {IP_10.0.0.1}
port $ikeports label RuleId[135]
pass out on $public_if19 proto {udp} from {IP_10.0.0.1} to {IP_10.0.0.2}
port $ikeports label RuleId[136]
pass in on $public_if19 proto {esp} from {IP_10.0.0.2} to {IP_10.0.0.1}
label RuleId[137]
pass out on $public_if19 proto {esp} from {IP_10.0.0.1} to {IP_10.0.0.2}
label RuleId[138]
pass in on $public_if19 proto {ipencap} from {IP_10.0.0.2} to {IP_10.0.0.1}
tag vpn label RuleId[139]
# End: IPsec Rules
# Section: Management Rules
pass in on $mgmt_if proto {tcp} from {CENTER-CONTACT} to {CONTACT-EDGE1}
port $Management tagged management label RuleId[120]
# End: Management Rules
# End: Firewall Rules
I'm missing a rule which would pass tcp connections to port 1 on any
interface. However I can see a pass all rule. Remote connections should
be enabled.
How your tcpmux server is configured? Can you show the output of
`sockstat | grep ':1 '`?
Good Morning,
Is there a flag or a setting in the PF firewall in FreeBSD that you can set to
allow TCPmux traffic to flow through it? The pass all rule doesn't seem to
work, however if I disable PF completely then the TCPmux traffic flow through.
I have no problems with tcpmux and pf. Can you show your config? On my machines
tcpmux is served from inetd on default port (1).
--
Sphinx of black quartz, judge my vow.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
pkgng dependencies change / update
Hi, I am trying to figure out how to change / update the dependencies on a package. I have a postfix package which comes from a server where mysql-client is in version 5.1 And I would like to install the same package on a server where mysql-client is in version 5.6 I am not sure if this is feasible. Of course when I try to install this package on the server, it tells me : jail: ns3 15:03:57 /home/gregober # pkg add postfix-2.10.0,1.txz Installing postfix-2.10.0,1...missing dependency mysql-client-5.1.68 Failed to install the following 1 package(s): postfix-2.10.0,1.txz I have tried to set the dependency to an updated version of the port : jail: ns3 15:04:16 /home/gregober # pkg set -o databases/mysql51-client:databases/mysql56-client Change origin from databases/mysql51-client to databases/mysql56-client for all dependencies? [y/N]: y But no luck !! Any idea how to do that ? «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ Your provider of OpenSource Appliances www.osnet.eu «?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§ PGP ID -- 0x1BA3C2FD ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
mount_smbfs in base?
is mount_smbfs, smbutil and friends part of base system? this is FreeBSD amd64 9.1-RELEASE then what is extra in samba port? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mount_smbfs in base?
El día Saturday, June 01, 2013 a las 02:09:58AM +0800, Quark escribió: is mount_smbfs, smbutil and friends part of base system? this is FreeBSD amd64 9.1-RELEASE $ which mount_smbfs /usr/sbin/mount_smbfs $ which smbutil /usr/bin/smbutil then what is extra in samba port? a SMB client and server matthias -- Sent from my FreeBSD netbook Matthias Apitz | - No system with backdoors like Apple/Android E-mail: g...@unixarea.de | - Never being an iSlave WWW: http://www.unixarea.de/ | - No proprietary attachments, no HTML/RTF in E-mail phone: +49-170-4527211 | - Respect for open standards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mount_smbfs in base?
- Original Message - From: Matthias Apitz g...@unixarea.de To: freebsd-questions@freebsd.org Cc: Sent: Saturday, 1 June 2013 12:01 AM Subject: Re: mount_smbfs in base? El día Saturday, June 01, 2013 a las 02:09:58AM +0800, Quark escribió: is mount_smbfs, smbutil and friends part of base system? this is FreeBSD amd64 9.1-RELEASE $ which mount_smbfs /usr/sbin/mount_smbfs $ which smbutil /usr/bin/smbutil I saw that, but suspected I must have done something stupid that those binaries got placed there. then what is extra in samba port? a SMB client and server so this SMB client is recentish than what is in base? I 'guess' samba was GPL, is it OK to let live GPL s/w in base when such strides are being attempted to oust GCC? matthias -- Sent from my FreeBSD netbook Matthias Apitz | - No system with backdoors like Apple/Android E-mail: g...@unixarea.de | - Never being an iSlave WWW: http://www.unixarea.de/ | - No proprietary attachments, no HTML/RTF in E-mail phone: +49-170-4527211 | - Respect for open standards ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mount_smbfs in base?
On Fri, May 31, 2013 at 1:41 PM, Quark unixuser2000-f...@yahoo.com wrote: I saw that, but suspected I must have done something stupid that those binaries got placed there. then what is extra in samba port? a SMB client and server so this SMB client is recentish than what is in base? Yes. I 'guess' samba was GPL, is it OK to let live GPL s/w in base when such strides are being attempted to oust GCC? mount_smbfs isn't GPL. -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 31, 2013, at 1:48 AM, Pietro Paolini wrote: On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? Let's start from scratch on a freshly booted box… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l [sudo] Password: There are 4 total nodes: Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 0 Name: ngctl1719 Type: socket ID: 0004 Num hooks: 0 Name: msk0Type: ether ID: 0001 Num hooks: 0 Ok… we have an ether type node for each of our physical adapters (these are provided by ng_ether(4); you didn't have to do anything to get these nodes). We also have a single socket type node. This is the ngctl connection to the netgraph subsystem (you can learn more by reading ng_socket(4)). Here's the corresponding hardware behind em0, em1, and msk0: === dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ grep '\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot mskc0: Marvell Yukon 88E8050 Gigabit Ethernet port 0xdc00-0xdcff mem 0xfcffc000-0xfcff irq 16 at device 0.0 on pci5 msk0: Marvell Technology Group Ltd. Yukon EC Id 0xb6 Rev 0x02 on mskc0 msk0: Ethernet address: xx:xx:xx:xx:xx:xx miibus0: MII bus on msk0 e1000phy0: Marvell 88E Gigabit PHY PHY 0 on miibus0 e1000phy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto mskc0: [ITHREAD] em0: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec80-0xecbf mem 0xfebe-0xfebf irq 16 at device 4.0 on pci7 em0: [FILTER] em0: Ethernet address: xx:xx:xx:xx:xx:xx em1: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec00-0xec3f mem 0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7 em1: [FILTER] em1: Ethernet address: xx:xx:xx:xx:xx:xx em0: link state changed to UP === Next, let's make a bridge (think of it as a big software switch that we're going to hook a bunch of interfaces; created, physical, or otherwise). Since I'm doing this over an SSH connection (a mistake I made earlier today), I'm not going to touch em0 (the adapter my SSH connection is using). Creating the bridge on an actively configured PHY will knock it off the net. This is not to say you can't have an active configuration on a bridged interface… just that the creation of the bridge (something you should only do once each time you boot) will disrupt an active connection. So… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl mkpeer em1: bridge lower link0 NOTE: No output == Success. === Now let's look at our handiwork… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl info em1:lower Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Ok, we see that the lower peer hook of the em1 ether-node goes off to something named link0. To see where link0 is off-to… we need a full listing (back to ngctl ls -l). dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l There are 5 total nodes: Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 1 Local
Where to get source for 10?
For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/ But where can I get the source for FreeBSD10? Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Where to get source for 10?
On 05/31/2013 07:23 PM, Walter Hurry wrote: For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/ But where can I get the source for FreeBSD10? I assume it'd be the head branch: http://svn.freebsd.org/base/head/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Where to get source for 10?
On 5/31/2013 6:27 PM, Ayan George wrote: On 05/31/2013 07:23 PM, Walter Hurry wrote: For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/ But where can I get the source for FreeBSD10? I assume it'd be the head branch: http://svn.freebsd.org/base/head/ Yes, it's the head branch, but beware, it's experimental and breaks sometimes. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: pkgng dependencies change / update
On 31/05/2013 16:26, b...@todoo.biz wrote: Hi, I am trying to figure out how to change / update the dependencies on a package. I have a postfix package which comes from a server where mysql-client is in version 5.1 And I would like to install the same package on a server where mysql-client is in version 5.6 I am not sure if this is feasible. Of course when I try to install this package on the server, it tells me : jail: ns3 15:03:57 /home/gregober # pkg add postfix-2.10.0,1.txz Installing postfix-2.10.0,1...missing dependency mysql-client-5.1.68 Failed to install the following 1 package(s): postfix-2.10.0,1.txz I have tried to set the dependency to an updated version of the port : jail: ns3 15:04:16 /home/gregober # pkg set -o databases/mysql51-client:databases/mysql56-client Change origin from databases/mysql51-client to databases/mysql56-client for all dependencies? [y/N]: y But no luck !! Any idea how to do that ? Well, the best way is generally to use a package compiled against the correct set of dependencies in the first place. postfix will be linking against the MySQL client shared libraries. Those have different ABI versions between mysql51 and mysql56. Meaning you can't simply swap one for the other and expect things to still work. 'pkg set -o' looks like it does what you want, but really, it doesn't. What it does is allow smoothly replacing one complete dependency tree with another. So, running: # pkg set -o databases/mysql51-client:databases/mysql56-client is fine and dandy, and a necessary prerequisite to then running an upgrade against a package repo where everything that links against mysql client has been linked against mysql56-client specifically. In fact, you're doing things the wrong way round. 'pkg set -o' works on what has already been installed. You could in principle use 'pkg set -o' to switch your mysql56-client machine to using mysql51-client -- which means running 'pkg set -o ...' and then *reinstalling all the packages that depend on mysql56-client with equivalent packages linked against mysql51-client*. After that, your postfix package should install OK. Ultimate plans are that the need to use 'pkg set -o' should disappear entirely, as the package dependency solver should be clever enough to work out all this stuff for itself. There's also ideas about making more finely grained binary packages -- several packages from one port essentially. So out of each mysqlXX-client port there'd be several packages created, one of which contains just the shared libraries. The good thing about that is it will be possible to install shared libraries for several different mysqlXX versions simultaneously, which would make your postfix problem fairly trivial to solve. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey signature.asc Description: OpenPGP digital signature
Re: Where to get source for 10?
On Fri, 31 May 2013 19:27:36 -0400, Ayan George wrote: On 05/31/2013 07:23 PM, Walter Hurry wrote: For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/ But where can I get the source for FreeBSD10? I assume it'd be the head branch: http://svn.freebsd.org/base/head/ Thanks. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Where to get source for 10?
On Fri, 31 May 2013 18:41:49 -0500, Joshua Isom wrote: On 5/31/2013 6:27 PM, Ayan George wrote: On 05/31/2013 07:23 PM, Walter Hurry wrote: For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/ But where can I get the source for FreeBSD10? I assume it'd be the head branch: http://svn.freebsd.org/base/head/ Yes, it's the head branch, but beware, it's experimental and breaks sometimes. Thanks for the cautionary advice, but it's OK, it's only experimental on my side too. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: VIMAGE
On May 31, 2013, at 3:05 PM, Teske, Devin wrote: On May 31, 2013, at 1:48 AM, Pietro Paolini wrote: On May 30, 2013, at 6:25 PM, Teske, Devin devin.te...@fisglobal.commailto:devin.te...@fisglobal.com wrote: On May 30, 2013, at 3:35 AM, Pietro Paolini wrote: Hello all, I am a new bye on the FreeBSD and I am looking at the VIMAGE features experiencing some problems. I added the options : VIMAGE if_bridge and I removed STCP then I recompiled my kernel and install it. After that, following this tutorial http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the Exercise 2 which consist on the following commands: vimage -c n1 vimage -c n2 ngctl mkpeer efface ether ether ngctl mkpeer efface ether ether Don't you just love autocorrect? (does the same thing to me… turns eiface into efface) ngctl mkpeer em0: bridge lower link0 Looks good. ngctl name em0:lower bridge0 I usually do my connect before the name… but shouldn't matter. Should work all the same. ngctl connect em0: bridge0: upper link1 This looks wrong to me. I'd expect: ngctl connect em0: bridge0:lower upper link1 Many thanks for the answer Devin, when I try to use that last command I receive: ngctl connect em0: bridge0:lower upper link1 ngctl: send msg: Invalid argument What's wrong ? Let's start from scratch on a freshly booted box… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l [sudo] Password: There are 4 total nodes: Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type: ether ID: 0003 Num hooks: 0 Name: ngctl1719 Type: socket ID: 0004 Num hooks: 0 Name: msk0Type: ether ID: 0001 Num hooks: 0 Ok… we have an ether type node for each of our physical adapters (these are provided by ng_ether(4); you didn't have to do anything to get these nodes). We also have a single socket type node. This is the ngctl connection to the netgraph subsystem (you can learn more by reading ng_socket(4)). Here's the corresponding hardware behind em0, em1, and msk0: === dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ grep '\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot mskc0: Marvell Yukon 88E8050 Gigabit Ethernet port 0xdc00-0xdcff mem 0xfcffc000-0xfcff irq 16 at device 0.0 on pci5 msk0: Marvell Technology Group Ltd. Yukon EC Id 0xb6 Rev 0x02 on mskc0 msk0: Ethernet address: xx:xx:xx:xx:xx:xx miibus0: MII bus on msk0 e1000phy0: Marvell 88E Gigabit PHY PHY 0 on miibus0 e1000phy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto mskc0: [ITHREAD] em0: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec80-0xecbf mem 0xfebe-0xfebf irq 16 at device 4.0 on pci7 em0: [FILTER] em0: Ethernet address: xx:xx:xx:xx:xx:xx em1: Intel(R) PRO/1000 Legacy Network Connection 1.0.3 port 0xec00-0xec3f mem 0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7 em1: [FILTER] em1: Ethernet address: xx:xx:xx:xx:xx:xx em0: link state changed to UP === Next, let's make a bridge (think of it as a big software switch that we're going to hook a bunch of interfaces; created, physical, or otherwise). Since I'm doing this over an SSH connection (a mistake I made earlier today), I'm not going to touch em0 (the adapter my SSH connection is using). Creating the bridge on an actively configured PHY will knock it off the net. This is not to say you can't have an active configuration on a bridged interface… just that the creation of the bridge (something you should only do once each time you boot) will disrupt an active connection. So… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl mkpeer em1: bridge lower link0 NOTE: No output == Success. === Now let's look at our handiwork… dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl info em1:lower Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Ok, we see that the lower peer hook of the em1 ether-node goes off to something named link0. To see where link0 is off-to… we need a full listing (back to ngctl ls -l). dte...@scu0a.jbsd.vicor.commailto:dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl ls -l There are 5 total nodes: Name: unnamed Type: bridge ID: 0007 Num hooks: 1 Local hook Peer name Peer typePeer ID Peer hook -- - ---- - link0 em1 ether0003lower Name: em0 Type: ether ID: 0002 Num hooks: 0 Name: em1 Type:
Re: make release fails
On 05/23/2013 06:52 AM, Jack Mc Lauren wrote:
Hi
snip
find //usr/obj/usr/src/release/dist/doc -empty -delete
find: -delete: //usr/obj/usr/src/release/dist/doc: relative path potentially
not
safe
*** [distributeworld] Error code 1
snip
What's wrong with this?
Thanks in advance
Huh. Apparently I ran across this myself in the past, since I found a
patch lurking in my source tree.
8
diff --git a/Makefile.inc1 b/Makefile.inc1
index 4567e5d..1830483 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -685,7 +685,7 @@ distributeworld installworld: installcheck
${IMAKEENV} rm -rf ${INSTALLTMP}
.if make(distributeworld)
.for dist in ${EXTRA_DISTRIBUTIONS}
- find ${DESTDIR}/${DISTDIR}/${dist} -empty -delete
+ find ${DESTDIR}/${DISTDIR}/${dist} -empty -exec rmdir {} +
.endfor
.endif
8
The reason this occurs is because you and I are building with NODOC,
which leaves dist/doc empty, and the above find construct will refuse to
-delete if the directory specified on the command line is one of the
ones that would have been deleted.
Either patch the makefile as above, tell make to ignore the return code
of this find invocation, or put some non-empty files into
/usr/obj/usr/src/release/dist/doc during the release building process
(like a README pointing to the docs tarball on the mirrors) to make it
not trigger the empty condition.
Hope this helps!
--
Fuzzy love,
-CyberLeo
Technical Administrator
CyberLeo.Net Webhosting
http://www.CyberLeo.Net
cyber...@cyberleo.net
Furry Peace! - http://www.fur.com/peace/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
