Re: Mouse Trails?

2013-08-17 Thread Polytropon 
On Sun, 18 Aug 2013 03:08:16 +0200, cpghost wrote:
> On 08/17/13 18:14, Walter Hurry wrote:
> > On Sat, 17 Aug 2013 17:31:26 +0200, Polytropon wrote:
> > 
> >> If LXDE uses an ugly white mouse cursor, try changing it to black (the
> >> normal color for mouse cursors on all serious GUI systems). The
> >> classical way of solving the "where is the mouse cursor" problem is to
> >> install xeyes. :-)
> > 
> > I am reluctant to install Compiz, but xeyes looks to be just the ticket!
> 
> Good ole Xeyes... ;-)

Old but still useful in specific cases.



> But beware, xeyes crashes X server right now! Using
> 
> xeyes-1.1.1
> xorg-server-1.7.7_8,1
> 
> on
> FreeBSD 9.2-PRERELEASE #0 r253323 Sat Jul 13 21:00:32 CEST 2013 amd64

WHAT?! Unbelievable... that such a simple program could crash the
whole X server... Does this happen in similar programs (speyes,
wmeyes, xeyes+) too?



> @Polytropon: what version of xeyes/xorg-server are you using?

Currently none. My system is too old, I currently can't install any
new software without reinstalling the whole system. Still on 8.2 at
home, because I never touch a running system. :-)



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Myrinet 10Gb odd behavior - SOLVED

2013-08-17 Thread aurfalien 
Spoke to soon. Fine for a while (doing a 5 day rsync of 38TB) but getting those 
errors every 7 min.  And I'm only getting 1.24Gb/s over a 10Gb jumbo link.

Definitely causing connection issues.

Using it for ethernet.

Gonna go in tomorrow and give my Solarflare another shot as it was giving me 
issues but the rel notes say to try this, so I will;

 - The driver uses mbufs to store packet data which come from a set of pools
   of limted size. See man 7 tuning for more details. The following command
   can display the number of used and free mbufs within the pools the Solarflare
   driver uses

# vmstat -z | head -n 1; vmstat -z | grep mbuf
ITEM SIZE LIMIT  USED  FREE  REQUESTS  FAILURES
mbuf_cluster:2048,25600, 1408,  658,31604,0
mbuf_jumbo_page: 4096,12800,0,   76, 2063,0
mbuf_jumbo_9k:   9216, 6400,0,0,0,0
mbuf_jumbo_16k: 16384, 3200,0,0,0,0

  If a pool is exhausted (i.e. the failure count in the right hand column is
  non-zero, networking applications may hang or received packets may be dropped.
  Hence you may need to increase these limits using the following sysctls:
 kern.ipc.nmbclusters (for mbuf_cluster)
 kern.ipc.nmbjumbop   (for mbuf_jumbo_page)
 kern.ipc.nmbjumbo9   (for mbuf_jumbo_9k)
 kern.ipc.nmbjumbo16  (for mbuf_jumbo_16k)


- aurf



On Aug 17, 2013, at 8:14 PM, iamatt wrote:

> Wow myricom still around...  used to use the lanai stuff never on bsd though. 
>  All FDR Infiniband these days.  Are you using the myrinet protocol or 
> ethernet,  just curious.  Glad you got it working!
> 
> On Aug 16, 2013 8:12 PM, "aurfalien"  wrote:
> 
> On Aug 16, 2013, at 8:47 AM, aurfalien wrote:
> 
> > Forgot to mention my loader.conf;
> >
> > if_mxge_load="YES"
> > mxge_ethp_z8e_load="YES"
> > mxge_eth_z8e_load="YES"
> > mxge_rss_ethp_z8e_load="YES"
> > mxge_rss_eth_z8e_load="YES"
> >
> >
> > I blindly added these w/o thinking what they do.
> >
> > Should I simply only load the first line?
> >
> > - aurf
> >
> >
> > On Aug 16, 2013, at 8:18 AM, aurfalien wrote:
> >
> >> Hi,
> >>
> >> I've been suspecting my NIC is not up to par and notice this in the logs 
> >> every few minutes;
> >>
> >> Aug 16 08:05:06 prometheus kernel: mxge0: slice 0 struck? ring state:
> >> Aug 16 08:05:06 prometheus kernel: mxge0: tx.req=1914503981 
> >> tx.done=1914503810, tx.queue_active=0
> >> Aug 16 08:05:06 prometheus kernel: mxge0: tx.activate=0 tx.deactivate=0
> >> Aug 16 08:05:06 prometheus kernel: mxge0: pkt_done=1824019832 fw=1824019931
> >> Aug 16 08:05:06 prometheus kernel: mxge0: Watchdog reset!
> >> Aug 16 08:05:06 prometheus kernel: mxge0: NIC did not reboot, not resetting
> >>
> >> Could tis be effecting throughput?
> >>
> >> My card is a Myri-10G-PCIE-8A
> >>
> >> I did install the Myrinet dev tools for FreeBSD and ran myri_info which 
> >> yields;
> >>
> >> pci-dev at 05:00.0 vendor:product(rev)=14c1:0008(00)
> >>  behind bridge root-port: 00:03.0 8086:3c08 (x8.1/x16.3)
> >> Myri-10G-PCIE-8A -- Link x8
> >>  EEPROM String-spec:
> >>  MAC=00:60:dd:45:73:23
> >>  SN=413665
> >>  PWR=100
> >>  PC=10G-PCIE-8A-R
> >>  PN=09-03852
> >>  XFI=AEL1010
> >>  TAG=ze_tools-1_4_45
> >>
> >>  EEPROM MCP, PRESENT, length = 103384, crc=0x119daf46
> >>  ETHZ::1.4.45 2009/08/22 18:57:06 self extracting firmware
> >>  Bundle: exec_len=72144, PCI-ROM-len = 31232
> >>  Running MCP:
> >>  ETH ::1.4.55 -P- 2012/04/21 01:48:34 myri10ge firmware
> >>
> >> Any insights are appreciated.
> >>
> >> - aurf
> 
> 
> Did the ole RTFM and re programmed the firmware, all good now.
> 
> - aurf
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Myrinet 10Gb odd behavior - SOLVED

2013-08-17 Thread iamatt 
Wow myricom still around...  used to use the lanai stuff never on bsd
though.  All FDR Infiniband these days.  Are you using the myrinet protocol
or ethernet,  just curious.  Glad you got it working!
On Aug 16, 2013 8:12 PM, "aurfalien"  wrote:

>
> On Aug 16, 2013, at 8:47 AM, aurfalien wrote:
>
> > Forgot to mention my loader.conf;
> >
> > if_mxge_load="YES"
> > mxge_ethp_z8e_load="YES"
> > mxge_eth_z8e_load="YES"
> > mxge_rss_ethp_z8e_load="YES"
> > mxge_rss_eth_z8e_load="YES"
> >
> >
> > I blindly added these w/o thinking what they do.
> >
> > Should I simply only load the first line?
> >
> > - aurf
> >
> >
> > On Aug 16, 2013, at 8:18 AM, aurfalien wrote:
> >
> >> Hi,
> >>
> >> I've been suspecting my NIC is not up to par and notice this in the
> logs every few minutes;
> >>
> >> Aug 16 08:05:06 prometheus kernel: mxge0: slice 0 struck? ring state:
> >> Aug 16 08:05:06 prometheus kernel: mxge0: tx.req=1914503981
> tx.done=1914503810, tx.queue_active=0
> >> Aug 16 08:05:06 prometheus kernel: mxge0: tx.activate=0 tx.deactivate=0
> >> Aug 16 08:05:06 prometheus kernel: mxge0: pkt_done=1824019832
> fw=1824019931
> >> Aug 16 08:05:06 prometheus kernel: mxge0: Watchdog reset!
> >> Aug 16 08:05:06 prometheus kernel: mxge0: NIC did not reboot, not
> resetting
> >>
> >> Could tis be effecting throughput?
> >>
> >> My card is a Myri-10G-PCIE-8A
> >>
> >> I did install the Myrinet dev tools for FreeBSD and ran myri_info which
> yields;
> >>
> >> pci-dev at 05:00.0 vendor:product(rev)=14c1:0008(00)
> >>  behind bridge root-port: 00:03.0 8086:3c08 (x8.1/x16.3)
> >> Myri-10G-PCIE-8A -- Link x8
> >>  EEPROM String-spec:
> >>  MAC=00:60:dd:45:73:23
> >>  SN=413665
> >>  PWR=100
> >>  PC=10G-PCIE-8A-R
> >>  PN=09-03852
> >>  XFI=AEL1010
> >>  TAG=ze_tools-1_4_45
> >>
> >>  EEPROM MCP, PRESENT, length = 103384, crc=0x119daf46
> >>  ETHZ::1.4.45 2009/08/22 18:57:06 self extracting firmware
> >>  Bundle: exec_len=72144, PCI-ROM-len = 31232
> >>  Running MCP:
> >>  ETH ::1.4.55 -P- 2012/04/21 01:48:34 myri10ge firmware
> >>
> >> Any insights are appreciated.
> >>
> >> - aurf
>
>
> Did the ole RTFM and re programmed the firmware, all good now.
>
> - aurf
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "
> freebsd-questions-unsubscr...@freebsd.org"
>
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Mouse Trails?

2013-08-17 Thread cpghost 
On 08/17/13 18:14, Walter Hurry wrote:
> On Sat, 17 Aug 2013 17:31:26 +0200, Polytropon wrote:
> 
>> If LXDE uses an ugly white mouse cursor, try changing it to black (the
>> normal color for mouse cursors on all serious GUI systems). The
>> classical way of solving the "where is the mouse cursor" problem is to
>> install xeyes. :-)
> 
> I am reluctant to install Compiz, but xeyes looks to be just the ticket!

Good ole Xeyes... ;-) But beware, xeyes crashes X server right now! Using

xeyes-1.1.1
xorg-server-1.7.7_8,1

on
FreeBSD 9.2-PRERELEASE #0 r253323 Sat Jul 13 21:00:32 CEST 2013 amd64

I'm not the only one who's got X server crashes with xeyes:

http://lists.freebsd.org/pipermail/freebsd-x11/2012-May/011833.html

@Polytropon: what version of xeyes/xorg-server are you using?

-cpghost.

-- 
Cordula's Web. http://www.cordula.ws/

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VPN where local private address collide

2013-08-17 Thread Adam Vande More 
On Sat, Aug 17, 2013 at 6:29 PM, Terje Elde  wrote:

> On 17. aug. 2013, at 16:37, Frank Leonhardt  wrote:
> > This is just the sort of problem Google will have when it buys Facebook
> :-)
>
> Probably not. If Google were to buy Facebook, I'm confident they'd be able
> to renumber their networks if they have to.
>
> > Your explanation of the foul-up possible with NAPT is well made,
> although not really talking about the kind of NAT used on Home/SME routers
> (one public address hiding many private one) - I'm thinking of Basic NAT -
> one-to-one replacement, not one-to-many. (i.e. static address assignment).
> All the router (or firewall) needs to do is swap the IP address in the
> header as it passes through, and swap it back when it returns. The two
> hosts shouldn't notice a thing.
>
> That's a good theory. In reality, it's much more complicated.
>
> What about SSL/TLS for example?  How would the router swap the header in
> an encrypted session?


Same as it would any sessions since only the payload is encrypted.  What
Frank calls basic nat, most people call static nat(at least people who have
read enough Cisco docs) and it works just fine. Also you are confusing
headers.  IP itself has a header and TCP and UDP each have their own.
 SIP/TLS works just fine on static nat.   IPsec is different as it encrypts
the port info but there is almost always something can be done about this
at that level.

> Swapping headers is also a bit outside the scope of NAT

No, it's the entire point of NAT.  How do you think the "Translation"
occurs?  Again you are confusing header levels.  In general, NAT doesn't
care about whatever info is in the payload, only layer 3 and usually layer
4 and in certain configs layer 5 are pertinent to NAT configs.



-- 
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VPN where local private address collide

2013-08-17 Thread Terje Elde 
On 17. aug. 2013, at 16:37, Frank Leonhardt  wrote:
> This is just the sort of problem Google will have when it buys Facebook :-)

Probably not. If Google were to buy Facebook, I'm confident they'd be able to 
renumber their networks if they have to. 

> Your explanation of the foul-up possible with NAPT is well made, although not 
> really talking about the kind of NAT used on Home/SME routers (one public 
> address hiding many private one) - I'm thinking of Basic NAT - one-to-one 
> replacement, not one-to-many. (i.e. static address assignment). All the 
> router (or firewall) needs to do is swap the IP address in the header as it 
> passes through, and swap it back when it returns. The two hosts shouldn't 
> notice a thing.

That's a good theory. In reality, it's much more complicated. 

What about SSL/TLS for example?  How would the router swap the header in an 
encrypted session?

(That's a likely scenario with blth VoIP, teleconferencing and ftp over ssl 
btw). 

Swapping headers is also a bit outside the scope of NAT, and over to 
application level gateway. I've seen probably hundreds of attempts at such 
solutions, most didn't work at all, and few - if any - worked well. 

> FWIW it works pretty well without NAT if you can avoid address conflicts, and 
> in a small installation its possible. But consider this really trivial 
> example:

If you're fine with the way it works without conflicts, why not just move 
things around? Change statically configured IPs, and narrow the DHCP scopes to 
avoid conflict?

> The obvious answer is IPv6, of course. I'm surprised no one has mentioned it 
> yet.

You seemed dead set on not renumbering the networks, and moving to IPv6 would 
not only be just that, but also be harder than just renumbering IPv4-nets, so 
you answered that question for us already. 

> mpd does handle NAT (Section 4.14 of its manual). It doesn't go in to great 
> detail execept to say it uses ng_nat, which in turn uses libalias (like 
> natd). Looking at the ng_nat 'C' interface, NGM_NAT_REDIRECT_ADDR sounds like 
> what I'm after but it all looks geared to NAPT (which is, I guess, what most 
> people use NAT for). And I've got this nagging feeling that ipfw is going to 
> be involved somewhere, just to make it really tricky.

If you do insist on shooting the networkowner(s) in the foot, pf would probably 
do fine for the NAT. 

Best of luck on your adventure sir, you'll need it. If not today, then some day 
ahead. Bring a towel. 

Terje

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

NAT loopback using natd and ipfw

2013-08-17 Thread Frank Leonhardt 
Does anyone know how to get NAT loopback (aka NAT hairpin or NAT 
reflection) working with natd and ipfw? It seems to work with the 
in-kernel NAT without the need for configuration, but not if you're 
using natd.


I have a feeling it may be something do do with the ipfw 
"diverted-loopback" test in natd but if I experiment and get it wrong 
it's five hours on the motorway for me.


Incidentally, I've set net.inet.ip.fw.one_pass set to 0 but it didn't help.

Thanks, Frank.

(By "NAT loopback" I mean the situation when you're using NAT to 
translate one WAN IP to many local LAN IPs (i.e. the usual). If a LAN 
machine tries to access the WAN IP, you need NAT to treat it as an 
incoming connection and port-forward it as appropriate to a LAN IP as if 
the packet had come from the Internet. This is not weird; it's what most 
home and small office routers do by default).


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: jail.conf ignoring exec.fib?

2013-08-17 Thread Arthur Chance 

On 14/08/2013 16:49, Karl Pielorz wrote:



--On 14 August 2013 08:58 -0400 Fbsd8  wrote:


The jail(8) man page lacks details about how to use exec.fib.

It requires either a new kernel (with "options ROUTETABLES=2" or however
many you want), or a boot-time setting with "net.fibs=2" in
/boot/loader.conf (requiring a reboot).


Yup, done that :)


setfib 1 route add default 198.192.64.21
creates routing table number 1 with that IP address.

In this example exec.fib="1" would be coded.

See setfib(8) and setfib(2) for details.


Yeah, I do that as well - but 'netstat -r -n' from within the jail shows
the systems default routing table.

As opposed to 'setfib 1 netstat -r -n' (outside the jail) which shows
fib either has no default gateway, or the one I set (which is right).

Just within the jail, it only every shows it's using the systems default
routing table :(

Fib's work fine outside the jail (i.e. I can show them, set differing
default gateways) - but no matter what I do, the 'exec.fib=' line in
jail.conf seems to be ignored, when the jail is run up - it only ever
sees the default routing table :(


What do you get in the jail from

sysctl net.fibs
sysctl net.my_fibnum

?

You should be getting 2 and 1 respectively. If you are, what happens in 
the jail when you ping an address that's covered by the fib 0 default 
route but that should be unroutable in the jail? You will need to enable 
allow.raw_sockets for the jail temporarily to try that.


--
In the dungeons of Mordor, Sauron bred Orcs with LOLcats to create a
new race of servants. Called Uruk-Oh-Hai in the Black Speech, they
were cruel and delighted in torturing spelling and grammar.

_Lord of the Rings 2.0, the Web Edition_
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Mouse Trails?

2013-08-17 Thread Walter Hurry 
On Sat, 17 Aug 2013 17:31:26 +0200, Polytropon wrote:

> On Sat, 17 Aug 2013 09:07:20 + (UTC), Walter Hurry wrote:
>> My sight is deteriorating. I can still see and read the screen, but
>> sometimes locating the mouse pointer (LXDE here) is difficult.
> 
> If LXDE uses an ugly white mouse cursor, try changing it to black (the
> normal color for mouse cursors on all serious GUI systems). The
> classical way of solving the "where is the mouse cursor" problem is to
> install xeyes. :-)
> 
> 
> 
>> Is there a port which will give me mouse trails when the rodent is
>> moved?
> 
> This is usually done by the means of the desktop environment's mouse
> configuration, but if I remember correctly, LXDE does not offer this.
> 
> Additional software like Compiz could help you here: There seems to be a
> plugin that adds a mouse trail.

Thanks once again, Polytropon. The mouse pointer is indeed black.

LXDE only offers three mouse config options: acceleration, sensitivity 
and handedness (swap buttons).

I am reluctant to install Compiz, but xeyes looks to be just the ticket!

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Mouse Trails?

2013-08-17 Thread Polytropon 
On Sat, 17 Aug 2013 09:07:20 + (UTC), Walter Hurry wrote:
> My sight is deteriorating. I can still see and read the screen, but 
> sometimes locating the mouse pointer (LXDE here) is difficult.

If LXDE uses an ugly white mouse cursor, try changing it to
black (the normal color for mouse cursors on all serious GUI
systems). The classical way of solving the "where is the mouse
cursor" problem is to install xeyes. :-)



> Is there a port which will give me mouse trails when the rodent is moved?

This is usually done by the means of the desktop environment's
mouse configuration, but if I remember correctly, LXDE does not
offer this.

Additional software like Compiz could help you here: There
seems to be a plugin that adds a mouse trail.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Torrent Link Dead

2013-08-17 Thread Jim Dunn 
Hey, I noticed that the http://torrents.freebsd.org:8080/ link is dead
(it's listed on http://distrowatch.com/table.php?distribution=freebsd)

Thx!
-- 

*Jim Dunn*
*jimd...@usa.net* 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VPN where local private address collide

2013-08-17 Thread Frank Leonhardt 

On 17/08/2013 12:02, Terje Elde wrote:

On 17. aug. 2013, at 12:42, Frank Leonhardt  wrote:

The setup is basically as described and the desired outcome is to NAT "the other 
end" so the addresses appear different.

That's a solution to a problem, but I don't yet know what the problem is, which 
makes it harder to give any advice.

Do you need "everything" to work in both directions? If so, then what is 
"everything"?

Say both networks are at 192.168.0.0/24, and you remap so network A is 
available as 192.168.1.0/24 in network B, all machines at the same last octet 
(you can do that), and fix DNS for it. All good right?

Well, it's not always that simple. Say you have a server running at 192.168.0.5 in 
network A, available at 192.168.1.5 in network B. A client connects (successfully) to it, 
ask for some data, and the server says "Get the data at 192.168.0.5:45756". Now 
the client will try to connect to that ip/port in network B, rather than following DNS 
for the IP that goes over the VPN and through the NAT, and get nowhere.

You first hearing of that can be someone saying "The Foo-server is broken". 
You've just layered hack on top of hack, so you don't initially know if it's the user, 
his computer, the server, the VPN, the NAT or DNS, an incompatible protocol that doesn't 
like the setup, or the weird routing you'll have to set up.

If you're looking at this as an easy fix to reach a specific server or service, 
by all means. But if you're looking at this as a general solution to bridging 
two networks, then just don't do it. Save yourself the grief, because if this 
works at all, it's down to luck, and even if you're get lucky now, you might 
not stay lucky. What happens if you add VoIP to the mix in two years? Or 
teleconferencing in three?

Basing network-design on present and future luck is just going to give you more 
grief that I than I'd wish for anyone.


This is just the sort of problem Google will have when it buys Facebook :-)

Your explanation of the foul-up possible with NAPT is well made, 
although not really talking about the kind of NAT used on Home/SME 
routers (one public address hiding many private one) - I'm thinking of 
Basic NAT - one-to-one replacement, not one-to-many. (i.e. static 
address assignment). All the router (or firewall) needs to do is swap 
the IP address in the header as it passes through, and swap it back when 
it returns. The two hosts shouldn't notice a thing.


FWIW it works pretty well without NAT if you can avoid address 
conflicts, and in a small installation its possible. But consider this 
really trivial example:


Both LANS are on the same subnet. You connect a single local host to the 
remote LAN on a VPN. It should be allocated a remote address that 
doesn't conflict with anything there. So far, so good. Now you try to 
connect to a remote IP address. How does your host know which interface 
to use - local LAN or VPN?!? If you're doing Layer 2 on the VPN, ARP 
seems to sort it out but its hardly clean, and when you end up with a 
clash (same IP on local and remote) it's never going to work.


The obvious answer is IPv6, of course. I'm surprised no one has 
mentioned it yet.


For the NAT I'm talking about see RFC2663. Take a look a Section 2.8, 
last paragraph. This exact problem was described back in 1999 :-)


mpd does handle NAT (Section 4.14 of its manual). It doesn't go in to 
great detail execept to say it uses ng_nat, which in turn uses libalias 
(like natd). Looking at the ng_nat 'C' interface, NGM_NAT_REDIRECT_ADDR 
sounds like what I'm after but it all looks geared to NAPT (which is, I 
guess, what most people use NAT for). And I've got this nagging feeling 
that ipfw is going to be involved somewhere, just to make it really tricky.


Regards, Frank.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: jail.conf ignoring exec.fib?

2013-08-17 Thread Fbsd8 

Karl Pielorz wrote:



--On 14 August 2013 08:58 -0400 Fbsd8  wrote:


The jail(8) man page lacks details about how to use exec.fib.

It requires either a new kernel (with "options ROUTETABLES=2" or however
many you want), or a boot-time setting with "net.fibs=2" in
/boot/loader.conf (requiring a reboot).


Yup, done that :)


setfib 1 route add default 198.192.64.21
creates routing table number 1 with that IP address.

In this example exec.fib="1" would be coded.

See setfib(8) and setfib(2) for details.


Yeah, I do that as well - but 'netstat -r -n' from within the jail shows 
the systems default routing table.


As opposed to 'setfib 1 netstat -r -n' (outside the jail) which shows 
fib either has no default gateway, or the one I set (which is right).


Just within the jail, it only every shows it's using the systems default 
routing table :(


Fib's work fine outside the jail (i.e. I can show them, set differing 
default gateways) - but no matter what I do, the 'exec.fib=' line in 
jail.conf seems to be ignored, when the jail is run up - it only ever 
sees the default routing table :(


-Karl




What your describing seems that the netstat command issued from within 
the jail is not "JAIL" aware. Develop another way from the host to 
verify that jail's  'exec.fib=' parameter is working or not.





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Laptop Fn key causes X (Gnome 2) to sleep immediately

2013-08-17 Thread Matthias Petermann 
At the moment it is not clear to me at which layer the issue is  
originated. In fact the acpi_ibm module doesn't work completely for  
the Lenovo X121e (brightness control with Fn+F8/F7 nonfunctional), so  
the issue might be related to this. I shall file a PR during the day.


Kind regards,
Matthias


Zitat von Adrian Chadd :


Right, but this sounds like some bug to send upstream. Or at least patch in
our port(s) for this stuff.

What keyboard / laptop has the key code '150' map to 'go to sleep' ?



-adiran


On 16 August 2013 17:09, Matthias Petermann  wrote:


 Hi,

a short update on this. I just found out: at least in Gnome 2 the behavior
can be prevented by using the gconf-settings tool, changing the value of
the key "/apps/gnome-power-manager/buttons/suspend" from "suspend" to
"nothing". Seems like some ubuntu users had the same issue as I found the
workaround there.

Kind regards,
Matthias


Am 16.08.2013 08:44, schrieb Adrian Chadd:

Hi!

 I'm glad someone else is seeing this!

 I have the same behaviour with KDE4 on my T60 and T400. If I go to run
amiwm (because hey, Workbench is awesome!) it doesn't happen.

 .. and bah, I wish the resume worked for you. It works fine for me on
T42i, T60, T400.



 -adrian



On 15 August 2013 23:32, Matthias Petermann  wrote:



Hello,

I have a Lenovo X121e running Current with X and the Gnome desktop.
Beside other issues[1] there is a strange behavior of Gnome-Desktop (and
GDM too). When I press "Fn" without any additional key, the device
immediately goes to sleep. As the X121e cannot resume properly from sleep,
this forces me to reboot.

This problem appears to be only exist when using Gnome / GDM.
Pure X with TWM doesn't have this issue.

I already tried to re-map the Fn key (I found in some mailing this might
have the keycode 150) to a "less dangerous" key:
$ xmodmap -e "keycode 150 = Delete"
this brought no change.

Has anyone an idea if Gnome re-maps the keys in some way or how I can
disable this? At the moment this is the only blocker to use this Laptop for
daily work, as I tend to accidently touch the Fn key more often than I want
to reboot ;-)

Thanks in advance & kind regards,
Matthias


[1]
http://docs.freebsd.org/cgi/getmsg.cgi?fetch=544740+551865+/usr/local/www/db/text/2013/freebsd-current/20130707.freebsd-current
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "
freebsd-questions-unsubscr...@freebsd.org"






___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"



--
Matthias Petermann 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Laptop Fn key causes X (Gnome 2) to sleep immediately

2013-08-17 Thread Matthias Petermann 

Am 17.08.2013 03:22, schrieb Polytropon:

On Fri, 16 Aug 2013 18:07:25 -0700, Adrian Chadd wrote:

What keyboard / laptop has the key code '150' map to 'go to sleep' ?

My Sun Type 7 USB keyboard has the "Copy" key at code 150... :-)



In my case it is a Lenovo X121e.

Regards,
Matthias
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VPN where local private address collide

2013-08-17 Thread Terje Elde 
On 17. aug. 2013, at 12:42, Frank Leonhardt  wrote:
> The setup is basically as described and the desired outcome is to NAT "the 
> other end" so the addresses appear different.

That's a solution to a problem, but I don't yet know what the problem is, which 
makes it harder to give any advice. 

Do you need "everything" to work in both directions? If so, then what is 
"everything"?

Say both networks are at 192.168.0.0/24, and you remap so network A is 
available as 192.168.1.0/24 in network B, all machines at the same last octet 
(you can do that), and fix DNS for it. All good right?

Well, it's not always that simple. Say you have a server running at 192.168.0.5 
in network A, available at 192.168.1.5 in network B. A client connects 
(successfully) to it, ask for some data, and the server says "Get the data at 
192.168.0.5:45756". Now the client will try to connect to that ip/port in 
network B, rather than following DNS for the IP that goes over the VPN and 
through the NAT, and get nowhere. 

You first hearing of that can be someone saying "The Foo-server is broken". 
You've just layered hack on top of hack, so you don't initially know if it's 
the user, his computer, the server, the VPN, the NAT or DNS, an incompatible 
protocol that doesn't like the setup, or the weird routing you'll have to set 
up. 

If you're looking at this as an easy fix to reach a specific server or service, 
by all means. But if you're looking at this as a general solution to bridging 
two networks, then just don't do it. Save yourself the grief, because if this 
works at all, it's down to luck, and even if you're get lucky now, you might 
not stay lucky. What happens if you add VoIP to the mix in two years? Or 
teleconferencing in three?

Basing network-design on present and future luck is just going to give you more 
grief that I than I'd wish for anyone. 

Terje

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VPN where local private address collide

2013-08-17 Thread Frank Leonhardt 

On 16/08/2013 20:30, Terje Elde wrote:

On 16. aug. 2013, at 19:17, Frank Leonhardt  wrote:

Has anyone actually done this, and if so, how?

This is wrong on so many levels, and you'll have to work around all og them. 
Yes, you can use nat, but what about adress-resolution? And so on.

If it's a specific thing you need to work - a spesific server for example - nat 
can work, but if you need general bridging, best to avoid conflicts.

Note that there are alternatives, such as L2-bridging rather than L3.

If you explain a bit more of the setup, and what you need to work, it'd be 
easier to suggest something.

Right now, we know bits of the setup, but not really what problem(s) you're 
trying to solve.




The setup is basically as described and the desired outcome is to NAT 
"the other end" so the addresses appear different. FWIW it only has to 
be done one way, which I didn't mention. Address resolution is not a 
problem - easily fixed at DNS. As I said, the only thing that cannot be 
changed are the local IP addresses in use, so thanks for heeding my 
warning. Lesser mortals might have change the ranges anyway. Yes, its 
obviously best to avoid conflicts but if you're bigger than Fred-in-shed 
you're going to get them.


What I'm asking (VPN NAT) is possible, and a recognised solution to the 
problem I've described - the big boys do it all the time, apparently. My 
local Cisco expert was able to talk me through doing it, but only on IOS 
:-( Basically you put the VPN traffic through a NAT table on both ends, 
so all the remote addresses get mapped to an alternative local range. 
You pretty much have to do it both ways (source and destination) or you 
won't get a reply.


I can think of dozens of workaround for specific situations (e.g. it it 
was to access a limited number of hosts, dual-home the ones you need) 
but this is specially a general solution.


I'm sure this is going to be a PITA to work out on FreeBSD, because I'm 
not that familiar with the tools. I was hoping someone had done it, but 
if I have to I may be gone for some time.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Mouse Trails?

2013-08-17 Thread Walter Hurry 
My sight is deteriorating. I can still see and read the screen, but 
sometimes locating the mouse pointer (LXDE here) is difficult.

Is there a port which will give me mouse trails when the rodent is moved?

Thanks.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"