Re: Ping and general network weirdness
XP can offer all the DNS it is aware of, but unless you updated a DNS server somewhere with fragile->192.168.1.204, it can't resolve. You have to do more than setting a hostname to make it resolve on the network. If you are obtaining the IP address on fragile dynamically anyway (via DHCP), you are going to have trouble keeping any DNS or host files up to date without getting into more complicated things like DHCP reservations or dyndns. If you haven't explicitly set fragile->192.168.1.204 in a DNS server, it won't resolve from any other machine unless you put it in that machines host file as well (windows has one, but the path eludes me right now). On Thu, 2005-06-30 at 01:23 +0100, Phil Cooper wrote: > As far as I know, not knowing much, doesn't the win XP box which > connects to the net do all the DHCP and local DNS when XP's internet > connection sharing is turned on? Which it is. It's at 192.168.0.1, > which netstat is correctly reporting as the default gateway... > > So is it a case of working out how to get XP to update things? > > > On 30 Jun 2005, at 01:22, Christopher Black wrote: > > > It depends where fragile is mapped to the IP. If it's only in the > > hosts > > file, the other machines have no way of knowing, and will probably > > fail > > to resolve 'fragile' to an IP. If it's in DNS somewhere, you just > > need > > to correct the DNS record. > > > -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: Ping and general network weirdness
It depends where fragile is mapped to the IP. If it's only in the hosts
file, the other machines have no way of knowing, and will probably fail
to resolve 'fragile' to an IP. If it's in DNS somewhere, you just need
to correct the DNS record.
Try pinging by IP?
On Thu, 2005-06-30 at 01:10 +0100, Phil Cooper wrote:
> Thanks;
>
> I checked with ifconfig, and fragile's IP is actually 192.168.0.224,
> and I put this in the hosts file.
>
> Now, I can ping and ssh into fragile using the IP address, but
> pinging "fragile" still assumes 192.168.0.116 is it's IP - so does
> the fault now lie with the other machines on the network? How do I
> get them to realise that fragile==192.168.0.224 and not .116?
>
> - P
>
>
> On 30 Jun 2005, at 00:57, fbsd_user wrote:
> >
> > Do you have fragile.mshome.net in the /etc/hosts file?
> >
> > To ping using fragile.mshome.net you would need a DSN server
> > to resolve that name to an internal IP address.
> >
> > Look in the ports collection for djbdns
> >
> >
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] Behalf Of Phil Cooper
> > Sent: Wednesday, June 29, 2005 7:43 PM
> > To: freebsd-questions@freebsd.org
> > Subject: Ping and general network weirdness
> >
> >
> > Hi everybody;
> >
> > Not doing too well with my first freeBSD install. I have a machine
> > set up with the name "fragile", no ipv6, DHCP, no ipfw, and sshd on.
> >
> > Problem is, I can ping out to other machines on the network, or to
> > another machine on the Internet ('net connection via another winXP
> > machine), but neither of the other machine on the network can ping
> > fragile. Fragile can ping itself via localhost, but not by name.
> >
> > From any machine, or fragile itself, pinging "fragile" or the IP
> > gives:
> >
> > bramley:~ phil$ ping fragile
> > PING fragile.mshome.net (192.168.0.116): 56 data bytes
> > ping: sendto: No route to host
> > ping: sendto: Host is down
> > ping: sendto: Host is down
> > ping: sendto: Host is down
> > ping: sendto: Host is down
> > ^C
> > --- fragile.mshome.net ping statistics ---
> > 10 packets transmitted, 0 packets received, 100% packet loss
> > bramley:~ phil$
> >
> > Any ideas?
> >
> >
> >
> >
> > ___
> > freebsd-questions@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> > "[EMAIL PROTECTED]"
> >
> >
>
>
>
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
--
Christopher Black
Chief Security Engineer
Secure Crossing
22750 Woodward Suite 304 - Ferndale, MI 48220
Tel (800) 761-4299 | Direct (248) 658-6120
[EMAIL PROTECTED] | www.securecrossing.com
signature.asc
Description: This is a digitally signed message part
RE: Ping and general network weirdness
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Phil Cooper
> Sent: Wednesday, June 29, 2005 7:43 PM
> To: freebsd-questions@freebsd.org
> Subject: Ping and general network weirdness
>
>
> Hi everybody;
>
> Not doing too well with my first freeBSD install. I have a machine
> set up with the name "fragile", no ipv6, DHCP, no ipfw, and sshd on.
>
> Problem is, I can ping out to other machines on the network, or to
> another machine on the Internet ('net connection via another winXP
> machine), but neither of the other machine on the network can ping
> fragile. Fragile can ping itself via localhost, but not by name.
>
> From any machine, or fragile itself, pinging "fragile" or the IP
> gives:
>
> bramley:~ phil$ ping fragile
> PING fragile.mshome.net (192.168.0.116): 56 data bytes
> ping: sendto: No route to host
> ping: sendto: Host is down
> ping: sendto: Host is down
> ping: sendto: Host is down
> ping: sendto: Host is down
> ^C
> --- fragile.mshome.net ping statistics ---
> 10 packets transmitted, 0 packets received, 100% packet loss
> bramley:~ phil$
>
> Any ideas?
On Wed, 2005-06-29 at 19:57 -0400, fbsd_user wrote:
>
> Do you have fragile.mshome.net in the /etc/hosts file?
>
> To ping using fragile.mshome.net you would need a DSN server
> to resolve that name to an internal IP address.
>
> Look in the ports collection for djbdns
It's obviously resolving the IP to 192.168.0.116, it could be a routing issue.
What is the output of 'netstat -rn' and ifconfig?
--
Christopher Black
Chief Security Engineer
Secure Crossing
22750 Woodward Suite 304 - Ferndale, MI 48220
Tel (800) 761-4299 | Direct (248) 658-6120
[EMAIL PROTECTED] | www.securecrossing.com
signature.asc
Description: This is a digitally signed message part
Re: Looking for arp scanner
On Wed, 2005-06-29 at 16:30 -0700, Glenn Dawson wrote:
> At 03:45 PM 6/29/2005, Vince Hoffman wrote:
>
>
> >On Wed, 29 Jun 2005, Fabian Anklam wrote:
> >
> >>On 6/29/05, Glenn Dawson <[EMAIL PROTECTED]> wrote:
> >>>At 02:18 PM 6/29/2005, Fabian Anklam wrote:
> >>>>Hi there,
> >>>>
> >>>>I've browsing freshports.org for an arp scanner and found only
> >>>>arpscan, which is marked broken and knowlan, which hasn't been updated
> >>>>in years. What's the tool of choice to map out IP-Adresses on a subnet
> >>>>when you know that quite a few hosts are firewalled from ping?
> >>>
> >>>Try nmap. It has a variety of different ways to "look" for systems on a
> >>>given subnet.
> >>Thanks. Tried nmap. As I said, some systems that i want to have in my
> >>output are locally firewalled and I doubt the -sP switch catches
> >>them. Port scans are out of the question.
> >
> >Thinking about it even if the host blocks ping then it will have to reply
> >to an arp request. so make a short script to clear the arp cache ('arp -a
> >-d' as root) then do your nmap -sP xxx.xxx.xxx.xxx/yyy and do an arp -a
> >which will list all the arp entries in your arp cache (should be every
> >host that responded to an arp request when you did the ping scan but maybe
> >pipe it through grep to only get the arps for ips in that range)
> >
> >also arping may be of use.
>
> I suppose if you need to be totally passive, you could do:
>
> tcpdump -i fxp0 arp
>
> (assuming of course that your network interface is on fxp0)
> and let it run for a bit. Eventually you'll catch all the active hosts on
> the network.
>
> -Glenn
>
>
> >Vince
> >
> >>
> >>>-Glenn
> >>>
> >>>
> >>>>Thanks, Fabian
Try putting this in a file called map.pl, and execute 'perl map.pl >
map.txt'. It'd be better if it were mutli-threaded for speed and could
parse a subnet mask, but this is a start. Be sure to edit the path to
arping if need be, change the 'wi0' in the ARPING_ARGS to whatever your
interface is, and set the subnet you want to search. Good luck.
#!/usr/bin/perl -w
use strict;
$|=1;
my $ARPING = '/usr/local/sbin/arping';
my $ARPING_ARGS = '-i wi0 -c 1 -r';
my $BASEIP = '192.168.1';
print "Scanning...\n";
my $i;
for( $i=1; $i < 256; $i++ ){
if( `$ARPING $ARPING_ARGS $BASEIP\.$i` ){
print "$BASEIP.$i\n";
}
}
print "Done.\n";
--
Christopher Black
Chief Security Engineer
Secure Crossing
22750 Woodward Suite 304 - Ferndale, MI 48220
Tel (800) 761-4299 | Direct (248) 658-6120
[EMAIL PROTECTED] | www.securecrossing.com
signature.asc
Description: This is a digitally signed message part
Re: waiting 15 seconds for scsi devices to settle
On Mon, 2005-06-27 at 20:20 +0100, Scott Neville wrote: > I am using the smart array controler 3200 for the drive cage that I am using. > When i set up the server using smart start, I selected the operting system > "other". Many thanks > Odd, I'm using the same controller with the same type of drives. I chose "SCO Unix" for my operating system. If turning off ACPI doesn't help, is it an option to start swapping parts to see if it's a bad drive or raid card? Perhaps also plug the drive caddy into the onboard scsi controller (no raid, sadly) and see if the problem persists? -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: waiting 15 seconds for scsi devices to settle
I'm running 5.3 and 5.4 on roughly 6 of these 1850Rs with anywhere from 450-600mHz dual-procs. I loaded all from CD and never had any issues. What is the controller card you're using? Also, in the SmartStart config tool, what OS did you specify the machine would be used for? On Mon, 2005-06-27 at 19:42 +0100, Scott Neville wrote: > Hi there > I have been trying to install FreeBSD 5.4 on a compaq proliant server model > 1850R, The server is correctly configured and will run all the operating > systems I have tried with the exception of FreeBSD. I have used the floppies > to install the system in the hope of using FTP. The installer asks for all > the disks as usual and gets to load the kernal but gets to the "waiting 15 > for SCSI devices to settle" and stays there forever. I have tried launching > the installer with option 6 and used set vm.old_contigmalloc=1 but this did > nothing. I tried the installation with FreeBSD 5.3 and the same thing > happened. Hope you can help me sort this out as I have a simmilar compaq > server which has it installed and works fine. Many thanks for your time. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: (starbucks) "ssid = tmobile" and 5.x (hit-n-miss)
Andrew L. Gould wrote: On Thursday 16 June 2005 11:36 pm, Bill Schoolcraft wrote: At Thu, 16 Jun 2005 it looks like Andrew L. Gould composed: Try adding "ssid tmobile" to the ifconfig arguments in /etc/rc.conf. If adding it to your rc.conf file doesn't work for you, try removing the wi0 stuff from rc.conf and execute the following as root: ifconfig wi0 ssid tmobile dhclient wi0 You'll need to make sure that the default gateway and nameservers are obtained from the DHCP server. I hope this helps. Thanks Andrew, Yes, I've done the manual command but would like to try the rc.conf options, so I'd be looking at: ifconfig_wi0="ssid tmobile" ifconfig_wi0="DHCP" Does that look correct? Thanks I'm not sure whether all ifconfig arguments need to be on the same line. If it doesn't work, try: ifconfig_wi0="ssid tmobile DHCP" The other option is to put the manual commands in an executable file at: /usr/local/etc/rc.d/tmobile.sh That way the manual commands would be executed automatically at bootup. Caveat: The delayed network configuration may interfere with the loading of firewall rules; so you may need to add a line to the script to load your firewall rules after wi0 is up. Best of luck, Andrew Gould I believe it should be: ifconfig_wi0="DHCP" ifconfig_wi0_flags="ssid tmobile" HTH -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward, Ferndale, MI 48220 Tel 800-761-4299 www.securecrossing.com [EMAIL PROTECTED] signature.asc Description: OpenPGP digital signature
Re: GnuPG in the enterprise
Tony Shadwick wrote: On Wed, 15 Jun 2005, Dan Nelson wrote: In the last episode (Jun 15), Tony Shadwick said: Are there any good documents out there on managing GnuPG in the enterprise? There are basic issues I need to be able to address, such as a situation when an employee leaves a company. The admin needs to have the rights to revoke that user's public key, and be able decrypt any old messages to that user, and be able to decrypt messages sent to that user that are now being redirected to someone else for handling. Are there established mechanisms for handling centralized key management in a company to where the Administrator has access to everything required? One solution is to make a copy of all keys (with known passphrases) when they are created, and put the copy in a secure location. If an employee leaves suddenly, you can retrieve the key to decrypt leftover files and revoke the key. Pgp.com's Windows PGP software uses special Revoker keys and Additional Decryption keys that get added when files are signed, so files are always encrypted to multiple recipients and keys are always revokable even if the original key no longer exists. gpg doesn't recognize ADKs, though. Just so I'm following then, let's say I have gnupg installed on my server, and I'm creating all of my employee's secret keys there, then installing gnupg on their workstations so that they can use local mail clients to encrypt. What's to prevent them from chaning their secret key passphrase or revoking the key themselves and creating a new public key, then publishing that to the keyservers? (Other than knowing enough about gnupg in the first place to do any of this of course...) Not to mention I've always wondering how gnupg plays with multiple recipients or internal company mailing lists. For example if I send a message to VIP1, VIP2, and VIP3, and it is an important internal document that requires encryption, when I encrypt the message, won't it get encrypted with VIP'1 public key, thus VIP2 and VIP3 won't be able to open the message? The reason for the secret password is to encrypt the actual key while it's stored on your disk. Changing the password doesn't change the key, just how it's stored. The un-encrypted key is what's used to encrypt/decrypt messages, so if you create the key with one password, give the user a copy of the key, and they change the password, your key will still decrypt messages encrypted with their key. It would actually be wise to have the user set their own password on their key anyway. As for creating a new key, there's nothing you can do to prevent it, other than perhaps run your own modified key-server, and control who can check keys into or out of it. Using the public infrastructure, there's nothing you can do about this. The way to handle multiple recipients is that gpg generates a random "session key", which it uses to encrypt the message, using symmetric encryption like AES or DES. Then it encrypts a copy of this session key with each of the recipients public keys using a public key algorithm like RSA, and attaches each encrypted session key to the message. So when VIP2 tries to read the email, gpg will look for the encrypted session key it can decrypt, decrypt it with VIP2's private key to get the session key, then use the session key to decrypt the message. -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Newbie - Configuration File Location?
On Wed, 2005-06-15 at 11:25 -0400, Lowell Gilbert wrote: > Warren Block <[EMAIL PROTECTED]> writes: > > > That's odd. Xorg is pretty good about autoconfiguring, but I didn't > > think it would run without any xorg.conf at all. > > I think it does; I'm pretty sure that it managed to do so on at least > one of my systems. [I then created a conf file anyway to tweak the > desired resolution, so I can't double-check my memory at the moment.] This has been my experience with many 5.x boxes as well, that Xorg will generate a temporary config on startup if no config file is found. -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: OT: GnuPG
On Tue, 2005-06-14 at 16:52 -0500, Brian Henning wrote: > Greetings: > > When I run gnupg using the same rsa key on the same input file I > noticed that it returns different cipher text files as resuts. Both > the cipher files decrypt to the same plain text file just fine. Can > someone explain to my why that is the cipher text is different? > > Thanks, > > Brian The way GnuPG works in public key mode (ie: RSA) is by encrypting the data with a random symmetric session key, then encrypting that session key with the public key you choose. The reason for this is that symmetric encryption is much easier to do, and far more secure than asymmetric (public-key) encryption for any given key-size. Also, if you're encrypting a file to 10 different people, this way you can just encrypt the symmetric keys with 10 separate public keys, and attach them to the actual encrypted file, instead of having 10 seperate encrypted files. When the file could be hundreds of megabytes, this is a huge resource saver. -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: Celeron
On Mon, 2005-06-13 at 12:12 -0500, Nikolas Britton wrote: > On 6/13/05, Andreas Davour <[EMAIL PROTECTED]> wrote: > > On Mon, 13 Jun 2005, Nikolas Britton wrote: > > > > > On 6/7/05, Nosehouse <[EMAIL PROTECTED]> wrote: > > >> Hello FreeBSD :D > > >> A question and I'm out: I have an old pc, running on a 300 MHz Intel > > >> Celeron CPU, on an Intel MOBO. Now, what platform should I choose from > > >> your site: Alpha, i386? And also for and AMD Athlon XP 2600+ with an > > >> Asus A7V600-X, what distribution? > > >> Thanks! > > >> > > >> > > > > > > FreeBSD is an operating system, Linux is a distribution. > > > > Nope. Linux is an operating system kernel, as is FreeBSD. The latter > > also happens to be the name of the operating environment. > > > > SuSE Linux, RedHat Linux or Debian GNU/Linux is distributions. > > When I say "operating system" I mean a "complete system". What good is > a kernel if you have no way to make it do something? > > Windows = Kernel + GUI + System tools + User tools > OS-X = Kernel + GUI + System tools + User tools > FreeBSD = Kernel + CLI + System tools + User tools > > With Windows, OS-X, FreeBSD, and the other BSDs you don't update this > tool or that shell or even the kernel when it becomes out of date, > you update the whole system. The OS is managed by one party. > > Linux = Kernel > SuSE, RedHat, Debian, etc. = Linux + 3rd party shell + 3rd party > system tools + 3rd party user tools > > Those are distributions that "bundle" the Linux Kernel with other peoples > stuff. > > You could call GNU/Linux an operating system but I wouldn't, not after > being introduced to an engineered system like FreeBSD. FreeBSD is to > Linux as Gold is to Lead, there very similar but one is worthless. On the contrary, lead has great worth if, for example, you need radiation shielding. A point of note is that the third party shells packaged with Linux (such as bash or zsh) are the same third party tools packaged with FreeBSD. I would be inclined to say FreeBSD actually uses a higher percentage of third party configuration tools than RedHat or SuSE, who tend to write their own in order to be more user friendly. Perhaps I'm wrong, but I don't know of many instances where FreeBSD provides custom (graphical) configuration utilities. -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: changing network card MAC address
Check out /etc/dhclient.conf. The options are described in 'man 5 dhclient.conf' On Sun, 2005-06-12 at 17:26 -0500, M. L. Dodson wrote: > Just set up a new box (5.4-RELEASE) as a home gateway and had to > change the network card MAC address that does DHCP through the > cable modem. I put the following in /etc/rc.early, but this seems > inelegant and possibly deprecated. What is the proper way to do > this on a DHCP interface? > > ifconfig rl1 ether 'aa:bb:cc:dd:ee:ff' > > Thanks -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: cant su forgot passwd
There's no way to recover the original password since it's stored in a one-way hash. You can boot into single user mode and reset it though. On Sun, 2005-06-12 at 14:53 -0700, Angelo Munez wrote: > hi.. > is there anyway i can retrieve my root password? > and is there anyway i can copy all my configuration > and run to anothere box? thnaks more power > > > > __ > Discover Yahoo! > Get on-the-go sports scores, stock quotes, news and more. Check it out! > http://discover.yahoo.com/mobile.html > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: Problems with command line scratch files in zsh
Why not just 'cat /etc/motd | wc' ? On Sun, 2005-06-12 at 03:31 -0500, Mike Meyer wrote: > Since going to 5.x with devfd, I've noticed that some of the shell > constructs used by zsh (and other shells - I know zsh didn't invent > this) quit working. To wit: > > guru% wc <(cat /etc/motd) > wc: /dev/fd/11: open: No such file or directory > > The <(...) construct runs the pipe in (), and replaces the <(...) with > the name of the /dev/fd/ entry for the output of that pipe. The file > exists for the shell process doing all this. But when the comm process > tries to open the file to read the data, the file doesn't exist. This > is pretty nasty. > > Anyone got any suggestions on how to fix this? A bug report with a > patch, maybe (I couldn't find any such bug report)? Workarounds? Maybe > this should go to [EMAIL PROTECTED] > > Thanks, > signature.asc Description: This is a digitally signed message part
Re: FreeBSD && MP3 Player's
On Sat, 2005-06-11 at 19:07 +1000, anon wrote: > Hi everyone, >I am looking to get an mp3 player that I can use with > my FreeBSD laptop. If anyone out there uses a mp3 player with thier > BSD system, *ptrs and suggestions would be great :). Basically I am look > for something with 5G or more capacity and 12 hr + batery time, FM radio > capability would also be good. I have both firewire and USB on the > laptop so connection is not a problem, I am also tracking STABLE. > > Cheers, > > Hubert Farnswoth. I am using the Creative Zen Touch (40gb for ~$280 US), and had excellent luck with it. Using gnomad2, you can store data or mp3s on it, but it is fairly slow to load the local directories of music since it does not just generate a list of filenames, it also scans the ID3 tags and determines song length, etc. Using USB1.1 it is also quite slow to transfer songs to the Zen Touch, and I have not yet had the opportunity to try USB2.0, though the Zen Touch supports it. It does not, however, support Ogg Vorbis or other formats, only MP3, WMA, and WAV. The optional remote control (~$50 US) adds FM radio, voice recording, and recording from the radio. Sound quality is superb, and battery life is reported as 24hrs, with many users regularly seeing 20+hrs in real use. -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
Re: RE:VM pager read error
Good food for thought. I'm not using NFS, so there should be no issues related to dropped packets. Also, I've never seen the swap being touched, which makes me doubt the boxes are just running out of memory. Is it possible that cheap hardware or buggy RAM could be causing this, or is it more likely a software issue? If it's software, has anyone seen similar issues with FBSD 5.4? Thanks, Chris On Tue, 2005-05-24 at 20:12 +0300, Bigbrother wrote: > > I have a distributed network of systems running FreeBSD 4.10-Release, > > and periodically, I see the following errors on the console: > > > > vm_fault: pager read error, pid 1 (init) > > I have also a network with many diskless boxes of 4.11 FreeBSD and every now > and then I see messages like this. > The process that dies varies...It is not always (init)..Some times it is > (mrtg) some times (sshd) or (syslogd) and some other processes that the > boxes are running. > > > I have resolved this situation by running a series of crontab scripts that > rlogin to every diskless box and checks/restarts every > service that is critical for that box (e.g. syslogd, cron, sshd...). > > Of course if your (init )dies then you cannot do anything with it and you > should ask/phone a worker there to do a reboot on that machine. I think the > problem relies on poor hardware (my network has some low-end network cards). > > It would be nice if we could find any solution to this (without buying new > cards). > > > > Perhaps if we could define that some processes would never be swapped out > (like init) this problem would disappeared, but I > do not have time for such experiments. > > > > BB > > > p.s. Even though people leave the office, perhaps crontab and periodic > execute some scripts...So perhaps the machines > have a high cpu load and some NFS packets are dropped resulting in the > process to die. > > --- > Give a man fire, and he'll be warm for a day; set a man on fire, and he'll > be warm for the rest of his life > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Christopher Black Chief Security Engineer Secure Crossing 22750 Woodward Suite 304 - Ferndale, MI 48220 Tel (800) 761-4299 | Direct (248) 658-6120 [EMAIL PROTECTED] | www.securecrossing.com signature.asc Description: This is a digitally signed message part
VM pager read error
Hello List, I have a distributed network of systems running FreeBSD 4.10-Release, and periodically, I see the following errors on the console: vm_fault: pager read error, pid 1 (init) These will be repeated, filling the screen quickly, and the box is unable to do anything at all. These are mission-critical boxes, and I catch a lot of flak for any downtime. Are there any ideas what might be causing this? There's plenty of unused memory (128mb total), and swap is always 100% free. The boxes are running snort_inline, squid, and ipfw with dynamic rules. The errors tend to occur when there's no load at all on the boxes, such as when everyone has gone home for the night. Thanks! Chris -- Christopher Black <[EMAIL PROTECTED]> Secure Crossing signature.asc Description: This is a digitally signed message part
