freebsd doesm't see my script on boot

2006-11-27 Thread Gregory Edigarov 

Hello, Everybody

Well, here is what I am doing:
ls -l /usr/local/etc/rc.d
total 30
-r-xr-xr-x  1 root  wheel  4744 Nov 13 11:38 apache22
-r-xr-xr-x  1 root  wheel   673 Nov 13 14:27 clamav-clamd
-r-xr-xr-x  1 root  wheel   722 Nov 13 14:27 clamav-freshclam
-r-xr-xr-x  1 root  wheel  1057 Nov 13 14:27 clamav-milter
-r-xr-xr-x  1 root  wheel  1254 Nov 13 13:01 gnugk
-r-xr-xr-x  1 root  wheel   198 Nov 15 01:17 l2tpd
-r-xr-xr-x  1 root  wheel   196 Nov 14 12:35 popa3d
-r-xr-xr-x  1 root  wheel  1642 Nov 13 11:19 quagga
-r-xr-xr-x  1 root  wheel  4371 Nov 13 14:00 samba
-r-xr-xr-x  1 root  wheel  1324 Nov 14 15:20 squid
-r-xr-xr-x  1 root  wheel   564 Nov 13 11:19 watchquagga

cat /usr/local/etc/rc.d/l2tpd
#!/bin/sh

#PROVIDE l2tpd
#REQUIRE NETWORKING

. /etc/rc.subr

name=l2tpd
rcvar=`set_rcvar`
command=/usr/local/sbin/${name}
flags=
echo l2tp debug

load_rc_config $name
run_rc_command $1

in rc.conf:
l2tpd_enable=YES

Then after  reboot:
ps ax | grep l2tpd
667  v1  RL+0:00.00 grep l2tpd

i.e no l2tpd has been started.
no messages on console, either. My script just got silently skipped, all 
other services are starting up fine.


What's  wrong?

--
With best  regards,
   Gregory Edigarov



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

[no subject]

2004-06-30 Thread Gregory Edigarov 
[EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED],[EMAIL PROTECTED]
Cc: 
Bcc: 
Subject: PPP Multilink, FreeBSD, Squid
Reply-To: 

Hello,

I have Squid-2.5 running on FreeBSD 5-Current. We have 2 ppp links,
and use them in multilink mode, through userlevel ppp.
If one or both links fail and then come up, say, if I just turn the
modem power off and on all the  web browsing becomes very slow squid.
It takes forever for squid to show a page which, in a normal
conditions, would take only a few seconds. Pings to those sites I am
trying to open are just fine.
Taking squid down and then up have no effect. The only thing help is rebooting 
the whole system. 

Is there anything I can do?
-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Squid, FreeBSD, Multilink PPP

2004-06-30 Thread Gregory Edigarov 
Hello,

I have Squid-2.5 running on FreeBSD 5-Current. We have 2 ppp links,
and use them in multilink mode, through userlevel ppp.
If one or both links fail and then come up, say, if I just turn the
modem power off and on all the  web browsing becomes very slow
squid.
It takes forever for squid to show a page which, in a normal
conditions, would take only a few seconds. Pings to those sites I am
trying to open are just fine.
Taking squid down and then up have no effect. The only thing help is
rebooting
the whole system.

Is there anything I can do?


-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

ipfw, 2 scripts

2004-05-28 Thread Gregory Edigarov 
Hello,


bellow you will find 2 ipfw scripts, first one working, and second
is a very good looking, but not working.
what am I missing in the second script?

 first script starts here ---
#!/bin/sh
ipfw -f flush

ipfw add 1 check-state


ipfw add 100 allow all from any to any via lo0

ipfw add deny all from 10.0.0.0/8 to any in via tun0
ipfw add deny all from 172.16.0.0/12 to any in via tun0
ipfw add deny all from 192.168.0.0/16 to any in via tun0

ipfw add deny all from any to any frag
ipfw add divert natd all from any to 195.5.17.86 in

ipfw add allow icmp from me to any 
ipfw add allow icmp from any to me 


ipfw add allow gre from 192.168.5.0/24 to me
ipfw add allow gre from me to any

ipfw add allow tcp from me to any keep-state
ipfw add allow udp from me to any keep-state
ipfw add allow udp from any to me 53
ipfw add allow tcp from any to any established
ipfw add allow tcp from any to me 25 setup
ipfw add allow tcp from any to me ssh setup
ipfw add allow tcp from any to me http setup via tun0
ipfw add allow tcp from 192.168.7.0/24 to me 3128 setup via ppp\*
ipfw add allow tcp from 192.168.7.0/24 to me 2080 setup via ppp\*
ipfw add allow tcp from 192.168.7.0/24 to me pop3 setup via ppp\*
ipfw add allow tcp from 192.168.5.0/24 to me pptp setup
ipfw add allow tcp from 192.168.5.0/24 to me ftp\\-data-ftp setup via em0
ipfw add allow tcp from any to me 53 setup


ipfw add skipto 1 all from 192.168.7.40 to any in keep-state
ipfw add skipto 1 all from 192.168.7.65 to any in keep-state
ipfw add skipto 1 all from 192.168.7.100 to any in keep-state
ipfw add deny all from any to any

ipfw add 1 divert natd all from 192.168.7.40 to any out keep-state
ipfw add divert natd all from 192.168.7.65 to any out keep-state
ipfw add divert natd all from 192.168.7.100 to any out keep-state
ipfw add allow all from any to any
 first script ends here 

after some more thinking I have decided to structurize the firewall
behavior, i.e. I wanted to have different sets of rules for 2 my
nets, plus one for nat.
Here's how I've tryed to do it:

 second script starts here 

#!/bin/sh
ipfw -f flush

ipfw add 1 check-state

ipfw add deny all from 10.0.0.0/8 to 195.5.17.86
ipfw add deny all from 172.16.0.0/16 to 195.5.17.86
ipfw add deny all from 192.168.0.0/16 to 195.5.17.86

ipfw add deny all from any to any frag

ipfw add allow udp from me to any keep-state
ipfw add allow tcp from me to any keep-state
ipfw add allow icmp from me to any keep-state
ipfw add allow all from me to any


ipfw add allow tcp from any to any established

ipfw add skipto 1000 all from any to 195.5.17.86 in via tun0
ipfw add skipto 2000 all from 192.168.5.0/24 to me in via em0
ipfw add skipto 3000 all from 192.168.7.0/24 to me in via ppp\*
ipfw add skipto 4000 all from 192.168.5.0/24 to not me via em0
ipfw add skipto 5000 all from 10.100.105.0/24 to not me via em0
ipfw add skipto 6000 all from 192.168.7.0/24 to not me out xmit tun0
ipfw add deny log all from any to any  

ipfw add 1000 divert natd all from any to 195.5.17.86

ipfw add allow tcp from any to me smtp setup
ipfw add allow tcp from any to me ssh setup
ipfw add allow tcp from any to me domain setup
ipfw add deny all from any to any

ipfw add 2000 allow tcp from 192.168.5.0/24 to me ftp\\-data-ftp setup
ipfw add allow tcp from 192.168.5.0/24 to me pptp setup
ipfw add allow udp from 192.168.5.0/24 to me 53
ipfw add allow icmp from 192.168.5.0/24 to me 
ipfw add allow gre from 192.168.5.0/24 to me 
ipfw add deny all from any to any

ipfw add 3000 allow tcp from 192.168.7.0/24 to me 3128 setup
ipfw add allow tcp from 192.168.7.0/24 to me 2080 setup
ipfw add allow tcp from 192.168.7.0/24 to me 25 setup
ipfw add allow tcp from 192.168.7.0/24 to me 80 setup
ipfw add allow tcp from 192.168.7.0/24 to me 110 setup
ipfw add allow udp from 192.168.7.0/24 to me 53 

ipfw add deny all from any to any

ipfw add 4000 allow all from any to 10.100.105.0/24 via em0
ipfw add deny all from any to any

ipfw add 5000 deny all from 10.100.105.0/24 to any out via tun0
ipfw add deny all from 10.100.105.0/24 to me via em0
ipfw add allow all from 10.100.105.0/24 to any
ipfw add deny all from any to any

ipfw add 6000 divert natd all from 192.168.7.40 to any via ppp\*
ipfw add divert natd all from 192.168.7.100 to any via ppp\*
ipfw add divert natd all from 192.168.7.65 to any via ppp\*
ipfw add allow all from any to any
 second script ends here ---

some comments:
192.168.5.0/24 - my base network.
192.168.7.0/24 - my vpn network
10.100.105.0/24 - network of our friends. we can use some of the
services there, 192.168.5.77 - is the gateway between 192.168.5.0/24
and 10.100.105.0/24.

with second script (which is logically correct for the situation)
nothing works.

What should I do?
If you need some additional info  - just ask me.


-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.ua

ipfw q

2004-05-07 Thread Gregory Edigarov 
Hello, list.

Can anybody help me as I can really understand nothing.
The scenario:  
there is two nets: 192.168.5.0/24 and 192.168.7.0/24.
All users normally sit in 192.168.5.0/24, using 192.168.7.0/24 as
VPN addresses.
All VPN users have access to squid, socks, mail, and pop3.
everithing works fine, but now I need to give a direct access for
2 hosts: 192.168.5.220 and 192.168.7.70.
I wrote the following rc.firewall script (tun0 is my outside
interface):
---
#!/bin/sh
ipfw -f flush

ipfw add check-state
ipfw add allow all from me to any

ipfw add allow all from any to any via lo0

ipfw add deny all from 10.0.0.0/8 to any in via tun0
ipfw add deny all from 172.16.0.0/12 to any in via tun0
ipfw add deny all from 192.168.0.0/16 to any in via tun0
ipfw add allow icmp from me to any keep-state
ipfw add allow icmp from 192.168.5.0/24 to me 
ipfw add deny all from any to any frag

ipfw add divert natd all from 192.168.5.220 to any out xmit tun0
ipfw add divert natd all from 192.168.7.70  to any out recv ppp\* xmit tun0
ipfw add divert natd all from any to 195.5.17.86 in recv tun0
ipfw add allow all from 192.168.5.220 to any in via sk0 
ipfw add allow all from 192.168.7.70 to any in via ppp\*
ipfw add allow all from me to any
ipfw add unreach filter-prohib ip from not me to any out recv any xmit tun0

ipfw add allow gre from 192.168.5.0/24 to me
ipfw add allow gre from me to any


ipfw add allow tcp from me to any keep-state
ipfw add allow udp from me to any keep-state
ipfw add allow udp from any to me 53
ipfw add allow tcp from any to any established
ipfw add allow tcp from any to me 25 setup
ipfw add allow tcp from any to me ssh setup
ipfw add allow tcp from any to me http setup via tun0
ipfw add allow tcp from 192.168.7.0/24 to me 3128 setup via ppp\*
ipfw add allow tcp from 192.168.7.0/24 to me 2080 setup via ppp\*
ipfw add allow tcp from 192.168.7.0/24 to me pop3 setup via ppp\*
ipfw add allow tcp from 192.168.5.0/24 to me pptp setup
ipfw add allow tcp from 192.168.5.0/24 to me ftp\\-data-ftp setup via sk0
ipfw add allow tcp from any to me 53 setup

ipfw add deny log all from any to any


Installed it, then used natd -n tun0.
Then I am trying to go somewhere using something like: 
ping freebsd.org.
it doesn't work. 
What am I missing? How should I rewrite my script to achieve a full
power?
Thanks a lot in advance. 
-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

any way to recover root password on 5.2

2004-05-06 Thread Gregory Edigarov 
Hello,

I forgot root pasword on my just installed server.
I've tryed to recover it by going to single user, then doing 
mount -a; passwd root, but no success. It says entropy device
blocking. Dance fandago on keyboard to unlock.
what can I do?
-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

APC BackUPS RS 500 (USB) (it continues)

2004-04-08 Thread Gregory Edigarov 
OK folks, with the great help of Mike Tancsa I am half the way
through the writing of my daemon.
Now I need to know how can I kill the inverter after
successful system shutdown.
The sources of apcupsd are very Linux-specific, so I cannot use them
as a reference. 
Anybody?

-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

APC UPS with USB ? Anybody?

2004-04-06 Thread Gregory Edigarov 
Hi,

I need to connect my freebsd server to APC BackUPS 500 RS. The
problem is that apcupsd does not support this combination.
Ports was not really helpful. So, if anybody have the patches, or
any idea of how to make it working I would realy appreciate it. 
Thanks a lot in advance.
-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

ipfw keep-state (ASAP anwser need)

2003-12-09 Thread Gregory Edigarov 
Hello,

The folowing is a fragment of my rc.firewall which must allow all
traffic in and out of my named.


ipfw add 4100 allow udp from me to any 53 keep-state
ipfw add 4200 allow udp from any to me 53
ipfw add 4300 allow udp from me 53 to any
---
This is a fragment from my kernel configuration:
---
options IPFIREWALL  #firewall
options IPFIREWALL_VERBOSE  #enable logging to
syslogd(8)
options IPFIREWALL_FORWARD  #enable transparent proxy
support
options IPFIREWALL_VERBOSE_LIMIT=100#limit verbosity
options IPDIVERT#divert sockets
options IPSTEALTH
options ICMP_BANDLIM
options DUMMYNET
options BRIDGE
options IPFW2
---
It doesn't work. What am I missing?

-- 
With best regards,
Gregory Edigarov
--
profi.kharkov.uaSystems Administrator
--
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]