Re: clicky driver
On Fri, 25 Dec 2009 20:23:22 -0800 Gary Kline kl...@thought.org wrote: On Sat, Dec 26, 2009 at 01:10:45AM +, Chris Whitehouse wrote: Gary Kline wrote: On Fri, 25 Dec 2009 13:37:13 -0800, Gary Kline kl...@thought.org wrote: at first I'm lookings for a cots (commericial, off-the-shelf) solution. The XO has stereo speakers and so do the notebooks. I am thinking of the 'PC speaker'; something that would sound for around a 25th/second, very low and with at least some loudness control. Hi Gary, someone posted recently about the play-string language for /dev/speaker, see speaker(4). Could you do something with that? btw thanks to whoever posted the play-string code for frere jaques - cracked me up :) Chris Yeah :) I play little tunelets on certain battery power events, when some IP gets blacklisted by some logtailing script, things like that. Wow; the stuff I've never heard about:-) --I just tried spkrtest and have no /dev/speaker. # kldload speaker device speaker isn't in kernel GENERIC. If it doesn't work immediately, try adding speaker_load=YES to /boot/loader.conf .. this assumes that your box _has_ a working speaker, eg beeps once while booting? Some laptops use the sound'card' for speaker, and provide a mixer level. The short answer [Guess] is no, I dont think so. If getting the keys to have an auditory feedback with beeps or shorter clicks were that easy, it would have been done after 15 years. Even Linux lacks this--and I'd bet Minux too. What I've got to do is pick up where I kwit ten years ago with the kernel driver code and drop the the code to make the speaker-audio create tiny, brief clicks, preferably low, thunky sounds like ye ancient IBM Selectrics. You can do quite a lot with various tempos, intervals and frequencies; see speaker(4) and play around. Making a short click or thunk! should be easy enough, but spkrtest and echoing playstrings /dev/speaker are userland processes; I've no idea how much 'fun' it would be to invoke /dev/speaker ioctls from the kbd drivers. But if you're really keen: % find /sys/ -name speaker* -o -name spkr* cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd for children
In freebsd-questions Digest, Vol 290, Issue 11, Message: 1 On Fri, 25 Dec 2009 19:53:49 +0700 Anh Ky Huynh ky...@viettug.org wrote: On Fri, 25 Dec 2009 11:33:14 + Anton Shterenlikht me...@bristol.ac.uk wrote: Can somebody recommend a graphical port which could be used to teach kids 6-8 years programming? I know it's a very vague question, but what I have in mind (possibly) is say an interpreter linked with some graphical enviroment, perhaps drawing with commands, or making animations, or maybe music? Something that would make kids or that age curious, some programming environment that they can easily understand and enjoy. A programming game of sorts? I know the `logo` language (aport lang/ucblogo, lang/klogoturtle, etc) which is used in our educational environment (Vietnamese), but for the older pupils (= 10 years old). Hope this helps, Regards, -- Anh Ky Huynh Another vote for LOGO. Michael Grunewald mentions having learned it at 7, and I knew a couple of then 5-6 year olds who had good fun with it in '84 on the first 128K Macintosh, and before that on the Apple II. LOGO's simplicity is deceptive, to adults anyway, as it teaches quite advanced programming concepts straight away; the simple vector graphics lets kids make pretty geometrical drawings early on, teaching maths - especially trigonometry and dynamics - to kids before they could spell either, progressing easily to fairly sophisticated list processing, content addressible memory concepts and such if you dig into it a bit. I'd (still) recommend Seymour Papert's Mindstorms: Children, Computers and Powerful Ideas (Harvester Press 1980) to anybody interested in introducing children to computer programming, especially using Logo. KDE3 includes Kturtle, not 'pure' Logo at all but a reasonable interface and some decent starter examples to see if kids find it interesting, then maybe move onto ucblogo (which I haven't played with, but looks fully-featured and well-documented on a quick scan of the pkglist) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re-compiling PHP changes server responsiveness
Matthew Seaman wrote: Ian Fitzgerald wrote: Recently upgraded (fresh install) FBSD 8, including MySql, Apache22, phpMyAdmin, KDE4 Gnome2.26 from DVD iso. Running ok as test server, but unusual error from added, complex CMS prompted me to re-install PHP5 and PHP5-extensions as pkg_add -r (using ports files from iso), then with no success, compiling them (using ports files from iso), with slightly different make config. Now server does not respond, either to 'localhost' request on its browser, or specific address request from another machine on local network. I assume re-compiling PHP would not clobber hosts or resolv.conf (they look ok). I get: [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter, and no new errors in /var/log/httpd-error.log four times Tried adding accf_http=YES to /boot/loader.conf, and re-booting of course. This is just a warning message and doesn't stop apache working or not. Enabling accf_http should give you a bit of a performance boost under heavy load and help you withstand certain types of DoS attack, but it's not required. Tried refreshing ports (inital re-compile attempt failed with make complaining that postgres-client had been marked invalid - when will someone fixit?), and re-compiling apache22 = no change. ps -auxc: no httpd. FF3 under Gnome on the machine fetches external pages, of course (using router DNS). What else should I look at? Try restarting httpd from the command line: /usr/local/etc/rc.d/apache22 restart This will run a configtest and then try and start up apache. Then check that apache is still running: /usr/local/etc/rc.d/apache22 status If apache has mysteriously disappeared and there are no messages in log files, then it means apache crashed during the startup process soon after daemonising. That's pretty diagnostic for loading a dynamic module that disagrees with it. At a guess, and given that you've reinstalled all your php modules, I think you may be being hit by the php module load order problem. In that case, running php from the command line will probably also segv on you. This is something that has had quite a lot of attention on this list, but there isn't a really good solution yet, other than manually reordering the entries in /usr/local/etc/php/extensions.ini Also, if you're running eAccelerator, make sure you recompile it at the same time you upgrade the main lang/php5 port: eAccelerator will cause Apache to crash if you try and run it against a different version of PHP than it was originally compiled for. Cheers, Matthew Thank you . That gets me off to a good start. I guess the solution for the maintainers is simple: a script which automates every combination of module load to test for error-prone sequences or combinations. These could then be tested for and a warning notice issued at config time, or after compilation, preferably. It would also provide a definitive answer to the question of whether the sequence/combination is a contributing factor in the first place, or whether some other factor is a pre-condition. -- ianf http://www.metapixeldesigns.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: is this getting out?
In freebsd-questions Digest, Vol 289, Issue 4, Message 14 On Sat, 12 Dec 2009 15:32:07 -0800 Gary Kline kl...@thought.org wrote: ariatotle is offline; i'm exclusively on my new server. will somebody please do a digg thought.org and see if they see what i see? hope i get this. At this moment just seeing SERVFAIL for thought.org, and (thus) its listed nameservers at your registrar: Name Server:NS1.THOUGHT.ORG Name Server:ETHIC.THOUGHT.ORG === smithi on sola% dig thought.org ; DiG 9.3.4-P1 thought.org ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: SERVFAIL, id: 20499 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;thought.org. IN A ;; Query time: 4730 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Dec 18 12:35:32 2009 ;; MSG SIZE rcvd: 29 === That's from Australia (as good as anywhere else in this regard :) It's a bit fraught, and not recommended (indeed, frowned upon by RFCs), to have both/all of your domain nameserver IPs on one physical network. I know you had too many before, but if you know someone who can and will provide secondary/slave DNS for you, with a decent expiry time you can be offline for longish periods without your domain disappearing from view, even if your mail/web//etc servers are temporarily offline. Rather than having to ask others to look it up, try locating some public recursive nameserver that you can use, maybe provided by your ISP, let's call it ns1.example.org .. then (assuming basic connectivity) you can: % dig @ns1.example.org [whatever.]thought.org [a|ns|soa|mx|..] to check visibility for yourself while you're tinkering with your DNS, remembering to allow time for changes to propagate. So it's best to be running a short default TTL (say 3600 seconds) until you're running ok, then once OK increase it to something more reasonable, say 1 day. Don't forget to increase your zone's serial number with each change to your configuration, or slave servers won't notice and fetch updates. If in doubt, it never hurts to bump the serial and restart named. Use the standard format so you never use a smaller integer than before, eg 2009121801 for the first update today. Check the supplied HTML docs. Ensure that your firewall allows both TCP and UDP connections inbound on port 53 on each of your externally accessible nameservers, and of course allows response traffic outbound. cheers, Ian PS because thought.org is SERVFAIL at the mo, you won't get this mail direct till the domain reappears here. It'll be queued for two days. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re-compiling PHP changes server responsiveness
Recently upgraded (fresh install) FBSD 8, including MySql, Apache22, phpMyAdmin, KDE4 Gnome2.26 from DVD iso. Running ok as test server, but unusual error from added, complex CMS prompted me to re-install PHP5 and PHP5-extensions as pkg_add -r (using ports files from iso), then with no success, compiling them (using ports files from iso), with slightly different make config. Now server does not respond, either to 'localhost' request on its browser, or specific address request from another machine on local network. I assume re-compiling PHP would not clobber hosts or resolv.conf (they look ok). I get: [warn] (2)No such file or directory: Failed to enable the 'httpready' Accept Filter, and no new errors in /var/log/httpd-error.log four times Tried adding accf_http=YES to /boot/loader.conf, and re-booting of course. Tried refreshing ports (inital re-compile attempt failed with make complaining that postgres-client had been marked invalid - when will someone fixit?), and re-compiling apache22 = no change. ps -auxc: no httpd. FF3 under Gnome on the machine fetches external pages, of course (using router DNS). What else should I look at? -- ianf http://www.metapixeldesigns.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0 installation doesn't contain X distributions
In freebsd-questions Digest, Vol 287, Issue 16, Message: 8 On Sat, 05 Dec 2009 19:39:08 +0200 Manolis Kiagias son...@otenet.gr wrote: Nicky Chorley wrote: Hi, I downloaded the DVD ISO for FreeBSD 8.0 (i386) and verified the MD5 checksum before burning. With regards to choosing distributions for installation, the handbook says If a graphical user interface is desired then a distribution set that is preceded by an X should be chosen and the help for the Choose Distributions section of sysinstall says An X- prefixed before a distribution set means that the Xorg base distribution, libraries, manual pages, servers and a set of default fonts will be selected in addition to the set itself... However, I do not see any distributions listed that are prefixed with X-. The choices are All, Reset, Developer, Kern-Developer, User, Minimal and Custom. Even the Custom option has nothing related to Xorg. That's correct, these have been removed. Hi Manolis, Look, I'm sorry, but I think this is a huge regression, especially if we're still hoping that people with no prior experience of installing freeBSD, people coming from Linux and such, for essentially or including desktop use, are going to have a rewarding installation experience. Is it supposed to be like this (i.e. no distributions containing X are presented on installation), or do I need to download other media from which to install? Note that I'm not asking how to install X and I realise that I can do it post-installation, but I'm just wondering whether I've made a mistake with my download or if the documentation is out of date. You've done nothing wrong, the documentation is in need of an update. Please file a doc-bug PR. Removing X from the distributions is a right step IMO, these are just 3rd party packages and it seems confusing if they get installed along with the base system. I think this is taking base-system-only installation purity to excess. Fine for people installing servers of course, and maybe it will shift more people wanting a GUI environment towards PC-BSD and such if we want to discourage these from using FreeBSD as it is (or maybe, was) but even with my 11 years experience of installing FrreeBSD versions from 2.2 till now, I kept on wondering, how would a newbie fare at this point? If you wish to install X during initial installation you can still do it when you get to the packages stage. I believe you will need the DVD for that. I used the memstick.img (discussed in another thread) and then FTP for installing packages. I've done this before using bootonly CDs, and it has advantages and disadvantages; for me it's been mostly positive. The main advantage is access to all packages. If you know what you want, and which categories they live in, it's great; an hour or so picking and away you go (modulo failures with this FTP site or that). There still exist people with slow net connections and older, slower kit for whom building everything from source would be very tedious. The main disadvantage is - access to all packages :) In the case of X, you and I, developers and most people here know to hunt for the Xorg meta-port. But the naive or new installer knows of no such thing, and could beat around in the huge lists of X software for ages, wondering what's required and what's not to get a desktop going. The previous basic setup menus in sysinstall for X were not only useful; I suspect that they are virtually essential for someone, say, coming from Debian or Ubuntu or such, wanting to try FreeBSD on their system, or the genuine first-time installer of FreeBSD. sysinstall used to assume as little prior knowledge or need to pre-read the Handbook and/or FAQ or follow the lists as possible. Now it's seeming much more firmly targeted at the already experienced user, and I feel that's regressive. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0-RELEASE-i386-memstick fixit - No USB devices found!
On Sat, 5 Dec 2009, Randi Harper wrote: On Sat, Dec 5, 2009 at 4:01 AM, Ian Smith smi...@nimnet.asn.au wrote: In freebsd-questions Digest, Vol 286, Issue 12, Message 7 On Fri, 27 Nov 2009 06:51:50 -0800 Randi Harper ra...@freebsd.org wrote: On Fri, Nov 27, 2009 at 5:00 AM, Derek (freebsd lists) 48225...@razorfever.net wrote: [..] I made the memstick.img by dd as per the release page on my Thinkpad T23. It only sports USB 1.0 ports, and while I was confident of the dd (which took ~25m at ~600kB/s), I didn't really expect a 2002 laptop to boot from the image, but on seeing the USB stick show up in its BIOS and promoting it in the disk boot order, it did! Never underestimate IBM .. [..] So .. booted into sysinstall, fdisk and label ad0s4, leave boot0 as was, committed that much after two earlier attempts failed due to the below, quit to reboot, checked the labelling, redid the mount points, all ok. Picked pretty much all distributions from custom install, then of course had to select media. Picked USB - and got about what Derek did, no USB disk found. Very long story short: googled for ages and found a forum thread about this very problem, in which someone suggested Options / Rescan Devices then trying again. The OP there said it didn't work for him, but it sure did for me! After knowing that, the install went pretty smoothly, modulo not getting fc-10 to install by FTP, but that's another issue.. And just now, prompted by this thread I tried selecting Fixit, to again get what Derek did. And again, Options / Rescan Devices fixed it for me. Maybe it will for Derek and/or maybe provide another clue? Maybe sysinstall could try a device rescan itself in that circumstance? This is a known issue. It would be possible to write in a hack to fix this problem that would be fairly quick to implement, but sysinstall already has one too many bandaids in place. I'd rather take a little bit of extra time and fix the underlying problem, especially since there is this workaround (forcing a device rescan) that seems to work for users in the meanwhile. At best it's an 'unknown known' :) Except for this present thread, my 'googling for ages' found nothing in FreeBSD lists about it. I was so close to giving up until I could go somewhere to burn a DVD, by then. I appreciate your disinclination to extend that message in sysinstall, it's been about to die for so long it's no longer funny, still it would have saved me half a day, and I'm sure I won't be the last person to run into this. I guess I should file a PR with a patch .. sysinstall was written back in the good 'ol days of pre-devfs and hasn't been updated much since. When it first runs, it does a device scan - that is, there's this really ugly data structure of all possible devices and a description/limit for each. So, just for example (and I'm not checking the code, so this value is probably wrong), say there's an entry for 'fxp' that is a type network with a limit of 16 devices - it's going to poke the system looking for fxp0, fxp1, ..., fxp15. It's doing this for every single network card, all possible disk devices, everything. Back in the day when computers were slower, this process could take a while, so it only happened once unless the user selected it again. But now, a rescan on my T23 was quite fast, and it's only a P3 1133MHz. Needless to say, this is extremely inefficient (sysinstall code has to be changed any time a new driver is added, too!) and there's a lot of better ways to do this. It's very easy to pull a list of network cards, disks, etc, but the work in moving away from that ugly data structure is no small job. Right now, much of my time is being taken up in trying to get gpt support into sysinstall, but getting rid of that data structure is high in my priority list, especially since there's a workaround. Old/cheap USB flash sticks seem to be the main offender, as they are slow to be recognized/probed, and sysinstall has already finished it's device scan by then. Point taken, but an unknown workaround is no use to the newbie installer (see my prior whinge to Manolis re the X installation menu going away) Yes, I was using an older 1GB Shintaro stick, the only one on hand, on a machine using USB 1.0 only, but I doubt I'll be the only one; sysinstall has always striven to work with other than just top-range newer kit. I do know how hard it is for developers to remember what mortals don't know, or to imagine why folks might not be running more recent gear :) While I'm at it .. selecting 'Holographic Shell', while in that state at least, brings up a shell that (perhaps due to stick not being mounted?) has no ls command, making navigation difficult :) pwd works, set works, but no ls. Later (from debug msgs on vty1) I saw that I'd been perhaps in /stand and only much later
Re: 8.0-RELEASE-i386-memstick fixit - No USB devices found!
On Mon, 7 Dec 2009, Derek (freebsd lists) wrote: Ian Smith wrote: Options / Rescan Devices fixed it for me. Maybe it will for Derek and/or maybe provide another clue? Indeed this works for me. I've added a follow-up to the PR. Thanks for the tip! Good to hear. Randi, thanks for your detailed response. Picked up the 'flu visiting Sydney and have been well out of it; hoping for a little energy soon. If nothing else, might adding a quick (try Options/Rescan Devices) to the No USB devices message text help some folks out of this quandary? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0-RELEASE-i386-memstick fixit - No USB devices found!
In freebsd-questions Digest, Vol 286, Issue 12, Message 7 On Fri, 27 Nov 2009 06:51:50 -0800 Randi Harper ra...@freebsd.org wrote: On Fri, Nov 27, 2009 at 5:00 AM, Derek (freebsd lists) 48225...@razorfever.net wrote: Hi, Just wondering if anyone else out there has successfully gotten the 8.0-RELEASE-i386-memstick fixit prompt up. It boots fine, and sysinstall comes up, but I continually get No USB devices found! when I go to the fixit/USB option. When I switch to the debug tty, I see da0, and all my device parameters. I've even created a second USB stick, and stuck it in and tried. No joy. Anyways, has anyone successfully gotten the 8.0-RELEASE-i386-memstick fixit prompt up? Thanks! - Derek That's really weird. I can't say that I've seen this problem. It sounds like you're trying to load the livefs - can you bring up a normal fixit shell prompt and see what entries you have in /dev for da0*? There should be a da0a. Due to sysinstall weirdness, adding this USB support was somewhat of a hack, as it doesn't look for da0 - it looks for da0a. :P Hi Randi, I had the same problem, rather more substantially, installing 8.0 from the memstick.img. This thread and to you seems to be where I should report what I remember of the process, only later finding all this. I made the memstick.img by dd as per the release page on my Thinkpad T23. It only sports USB 1.0 ports, and while I was confident of the dd (which took ~25m at ~600kB/s), I didn't really expect a 2002 laptop to boot from the image, but on seeing the USB stick show up in its BIOS and promoting it in the disk boot order, it did! Never underestimate IBM .. I was being very careful, as I wanted to install 8.0 on ad0s4, hopefully not damaging my 7.0-R on ad0s2, still having memories of a 3.3-R install in similar circumstances that went horribly wrong, 8? years ago :) So .. booted into sysinstall, fdisk and label ad0s4, leave boot0 as was, committed that much after two earlier attempts failed due to the below, quit to reboot, checked the labelling, redid the mount points, all ok. Picked pretty much all distributions from custom install, then of course had to select media. Picked USB - and got about what Derek did, no USB disk found. Very long story short: googled for ages and found a forum thread about this very problem, in which someone suggested Options / Rescan Devices then trying again. The OP there said it didn't work for him, but it sure did for me! After knowing that, the install went pretty smoothly, modulo not getting fc-10 to install by FTP, but that's another issue.. And just now, prompted by this thread I tried selecting Fixit, to again get what Derek did. And again, Options / Rescan Devices fixed it for me. Maybe it will for Derek and/or maybe provide another clue? Maybe sysinstall could try a device rescan itself in that circumstance? While I'm at it .. selecting 'Holographic Shell', while in that state at least, brings up a shell that (perhaps due to stick not being mounted?) has no ls command, making navigation difficult :) pwd works, set works, but no ls. Later (from debug msgs on vty1) I saw that I'd been perhaps in /stand and only much later found that find worked and served as ls .. One more thing, while I remember .. seeing the USB stick is here ad0a, isn't that the old 'dangerously dedicated mode' now dropped from 8.0? And to be a real pest with questions, where in CVS do I find the script or whatever makes memstick.img in the first place? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: 8.0-RELEASE-i386-memstick fixit - No USB devices found!
On Sat, 5 Dec 2009, Ian Smith wrote: One more thing, while I remember .. seeing the USB stick is here ad0a, isn't that the old 'dangerously dedicated mode' now dropped from 8.0? That's da0a of course. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Poor throughput with natd
In freebsd-questions Digest, Vol 286, Issue 4, Message 16
On Mon, 23 Nov 2009 15:28:12 -0800 James Long l...@museum.rain.com wrote:
Please copy me on replies.
I am testing ipfw and natd on a gateway machine running FreeBSD
7.2-STABLE #0: Tue Oct 27 00:12:39 PDT 2009 with the generic
kernel. ipfw.ko and ipdivert.ko are loaded as modules, since
they're not part of the GENERIC kernel.
The symptom is that scp uploads from the gateway machine have
very poor throughput, often showing stalled status in the scp
progress output.
Machines on the LAN do not suffer this problem, and can upload
their traffic via NAT with no observed degradation in throughput.
That's why I haven't noticed this problem until recently, when I
tried rsync-ing some files outbound from the gateway to a remote
machine.
I can work around the problem, but this problem has never cropped
up in the past. Is there a problem in my configuration, or in
recent natd?
Thanks for your time!
Hi Jim,
among the over-copious notes in my rc.firewall is:
#% Julian Elischer, 22Oct06 in freebsd-net:
# one thing that you need to name sure of is that only the packets that
# have potential of being on interest to natd are passed to natd.
# i.e. be VERY specific in your natd rules..
#
# ipfw add 1000 divert natd ip from any to any out recv {inner-ineterface}
#xmit {outer-interface}.
# ipfw add 1001 divert natd ip from any to {inner-interface-address} in
#recv {outer-interface}.
#
# don't waste natd's time with packets it doesn't care about.
1001 is actually not quite right, I'll get to that, but the principle is
correct; the only packets natd can do anything useful with are these:
a) going OUT on the external interface that were received on internal
interface, so needing source address translation to the outside address.
b) coming IN on the external interface, which MAY match previous (a)
packets, so requiring destination address remapping to an internal IP.
In the case you outline, the scp is happening between this box itself
and an outside host so are of no interest to natd, costing extra time.
All commands below were executed on the gateway machine that is
running natd with very basic options:
15:07:37 /root# findps natd
root480 0.0 0.1 3388 1252 ?? Ss 12Nov09 4:32.81 natd -n fxp1
Here I rather use -a ${ext_ip} but that probably doesn't matter.
Here are the ipfw rules:
14:55:41 /root# ipfw show
00100 94930656746770 allow ip from any to any via lo0
002000 0 deny ip from any to 127.0.0.0/8
003000 0 deny ip from 127.0.0.0/8 to any
0040077293 8699526 divert 8668 ip from any to any via fxp1
00500 35245946 28535731864 allow ip from any to any
655350 0 deny ip from any to any
Try, where ext_if=fxp1, int_if=$your_internal_if and ext_ip=$yours
ipfw add 400 divert natd ip from any to any out recv $int_if xmit $ext_if
ipfw add 410 divert natd ip from any to $ext_ip in recv $ext_if
Apart from not passing natd undivertable packets, use of 'via' here has
natd being called at least once and maybe twice on each packet coming or
going on the outside interface, including those from the host itself.
Downloading, scp has no trouble:
14:55:59 /root# scp -p remote:public_html/video/tatra1.mpg .
tatra1.mpg 100%
85MB 559.4KB/s 02:36
But uploads stall. This scp process was killed after about 60 seconds:
Might there be an MTU issue as well? Anything in /etc/natd.conf?
Despite that the above divert rules will prevent outbound host traffic
being diverted at all, I'm still surprised natd's impact was so severe?
14:58:40 /root# scp -p tatra1.mpg remote:/tmp/
tatra1.mpg0%
320KB 1.8KB/s - stalled -
^CKilled by signal 2.
Deleting the DIVERT rule eliminates the stalling:
14:59:54 /root# ipfw delete 400
15:00:04 /root# scp -p tatra1.mpg remote:/tmp/
tatra1.mpg 27%
23MB 248.2KB/s 04:14 ETA
^CKilled by signal 2.
But of course, it also eliminates NAT.
15:01:14 /root# ipfw add 400 divert 8668 ip from any to any via fxp1
00400 divert 8668 ip from any to any via fxp1
Adding this rule works around the natd throughput problem:
15:01:29 /root# ipfw add 350 allow all from me to any via fxp1
00350 allow ip from me to any via fxp1
15:02:03 /root# scp -p tatra1.mpg remote:/tmp/
tatra1.mpg 100%
85MB 266.9KB/s 05:27
350 has same effect as putting the selective requirements on outbound
divert. You still need to check inbound packets for possible NAT'ing.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
login accounts with no sendmail access
Hi all, I hope you'll forgive a sendmail question that's not FreeBSD specific - immediate application is for a Debian Linux system running sendmail 8.13 - but I assume it's most likely applicable to a similar FreeBSD system. We need to (re)create a number of user accounts for Samba to service a nest of windows boxes, but do not want these accounts to be able to send or receive email, rather restricting mail access to only a few accounts, on a box that runs DNS, apache2, mail, audio streaming (fwiw) and Samba access to various fileshares, including users' home directories. I figure we can deny each would-be email address using both From: and To: entries in /etc/mail/access, but I'm wondering if there's an easier way that doesn't involve creating such entries for each new account? (Please don't even mention LDAP) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bad Blocks... Should I RMA?
In freebsd-questions Digest, Vol 285, Issue 3, Message 28 On Mon, 16 Nov 2009 23:16:27 +0100 Roland Smith rsm...@xs4all.nl wrote: On Mon, Nov 16, 2009 at 09:43:31PM +, Bruce Cran wrote: On Mon, 16 Nov 2009 19:23:58 +0100 Roland Smith rsm...@xs4all.nl wrote: Install the smartmontools port, and check the drive with 'smartctl -a /dev/ad4'. If you see a non-zero Reallocated_Sector_Ct, RMA it immediately, as it is about to fail. If see other errors reported, RMA it. (S)ATA disk have spare sectors available. If a sector fails, it is replaced by one of the spares by the firmware. If you see a non-zero Reallocated_Sector_Ct, it means that the drive has run out of spares. This is bad news. Surely it's the other way around - if you see a value of zero in the value column the drive has run out of spare sectors and it's time to RMA the drive? I was talking about the _RAW_VALUE column. There seems to be some differences in interpretation between vendors as to what the VALUE column means. Most of the advice I've seen over the years says to look at the RAW_VALUE. See http://en.wikipedia.org/wiki/S.M.A.R.T. as well. Mmm, but as that article - which really only mentions the 'normalised' values smartctl presents in passing - points out, there can be quite a lot of variation between different manufacturers as to what RAW_VALUE actually represents for various attributes, whereas the usage of VALUE WORST THRESH values is much more consistent, and what the vendor is actually presenting as the SMART good/fair/fail analysis to the world. For instance, I've got two Fujitsu 5400rpm 2.5 drives in two laptops, one MHV2040AH with near 19,000 hours on it, and a much newer MHV2120AH, 40 and 120GB respectively. Nice quiet low-power laptop drives, fwiw. Both show as (more recently) being in the smartctl database, and both show _exactly_ the same values for this one: 5 Reallocated_Sector_Ct 0x0033 100 100 024Pre-fail Always - 8589934592000 Now if that were a number of 512-byte sectors, it'd be 4096000 GB! :) but both drives are 100% ok, as the VALUE / WORST figures show. From what I've seen the 'raw' column appears to count the number of sectors the drive has remapped using the spares buffer. If it gets into the hundreds it's probably time to think about RMA'ing the drive Yes, the raw value is the number of sectors allocated from the spares. I originally thought it was the number of reallocations _beyond_ the spares. That's a misunderstanding on my part. Again, may depend on the drive make/model. With the same make/model you can of course usefully compare raw values, but be careful about drawing inferences for different drives, or you may be RMA'ing needlessly .. Nevertheless this attribute (along with several) is marked on the Wikipedia page for smart as a Potential indicator of imminent electromechanical failure. You can find the same attributes marked as critical when perusing mailing list archives. For me, my data is worth much more than the harddisk it is on. Some of it is literally irreplacable. So my policy is to go look for a replacement harddisk as soon as the RAW_VALUEs of any of these critical indicators start going up from zero. And store any data at least on two harddisks, whether in a mirror or in a cron+rsync setup. That'd be the case for the disks you tend to use. I was first going to reply to Bruce's message when I spotted yours, but you've dropped the last bit of his quote, that I was about to wholeheartedly agree with :) : If it gets into the hundreds it's probably time to think about RMA'ing : the drive - if you trust that the 'raw' column is reporting what you : think it is (you should really only base your decision on the value, : worst and threshold columns). cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Bad Blocks... Should I RMA?
On Tue, 17 Nov 2009, Chuck Swiger wrote: On Nov 17, 2009, at 7:51 AM, Ian Smith wrote: [ ... ] For instance, I've got two Fujitsu 5400rpm 2.5 drives in two laptops, one MHV2040AH with near 19,000 hours on it, and a much newer MHV2120AH, 40 and 120GB respectively. Nice quiet low-power laptop drives, fwiw. Both show as (more recently) being in the smartctl database, and both show _exactly_ the same values for this one: 5 Reallocated_Sector_Ct 0x0033 100 100 024Pre-fail Always - 8589934592000 Now if that were a number of 512-byte sectors, it'd be 4096000 GB! :) but both drives are 100% ok, as the VALUE / WORST figures show. I wouldn't conclude that the drives were 100% OK from that line, although they *might* be; I'd conclude that the drives aren't implementing this SMART field correctly in their firmware. Are you using the latest version of smartctl-- updates to that can sometimes better interpret vendor-specific odditities. Hi Chuck, Well, _Fujitsu_ reckon they're 100% OK on THAT attribute (100 100 024), which is the point I (and Bruce, I think) was trying to make, along with perhaps a gentle don't believe everything you read on Wikipedia :) The smartctl program is not definitive for RAW_VALUE attributes; the manufacturer is. Some raw values are manufacturer-specific, like this one, and the smartctl author likely concentrates on the lowest hanging fruit; its database is already huge. This one is larger than 32 bits, possibly a mis-byte-ordered 48- or 64-bit value? If the two drives showed different values I'd pursue trying different byte orderings. And no, this certainly wouldn't be the latest smartctl; to compare the 120G drive I installed (last night) smartmontools on a 7.0 system that's soon to be upgraded to 7-STABLE, so using a 7.0-RELEASE ports tree with smartctl 5.37, which shows '009 Power_On_Seconds' as the only odd value for this make/model, from smartctl -P show /dev/ad0 cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Partition naming, fstab, and geli
In freebsd-questions Digest, Vol 285, Issue 2, Message 2 On Sun, 15 Nov 2009 19:23:15 -0700 David Allen wrote: Say I have performed a standard installation of FreeBSD onto a single IDE drive with the following entries in /etc/fstab: /dev/ad0s1b none swap sw 0 0 /dev/ad0s1a / ufs rw 1 1 /dev/ad0s1d /var ufs rw 2 2 /dev/ad0s1e /tmp ufs rw 2 2 /dev/ad0s1f /usr ufs rw 2 2 Then I added more drives. 1. The Handbook suggests there is a convention that when partitioning a a drive that's been added, to label the first new partition on that drive as 'e' as opposed to 'a' (which is reserved for the /root partition). Does the following satisfy that convention, or would starting with 'a' in each case make more sense? /dev/ad1e /foo1 ufs rw 2 2 /dev/ad1f /bar1 ufs rw 2 2 /dev/ad1g /baz1 ufs rw 2 2 /dev/ad2e /foo2 ufs rw 2 2 /dev/ad2f /bar2 ufs rw 2 2 /dev/ad3e /foo3 ufs rw 2 2 /dev/ad3f /bar3 ufs rw 2 2 If you added these with sysinstall (or sade) it will tend to choose 'd' for the first partition on other than the / partition (which is named 'a' on install). Or at least, it's always started with 'd' for me :) But if you're doing it manually starting with 'e' is fine. I suspect the handbook section you quoted to Polytropon later is more an example than definitive. You can happily mount an 'a' partition from another drive that was once a system disk; it's more of a convention really. 2. My second question is in regards to using the 'xx' fstype to have the system ignore that device. Consider, for example, a geli encrypted partition. The .eli device doesn't exist at boot time. I discovered by accident that the system won't boot with an fstab entry for a device that doesn't exist. So if I was to record an entry in fstab, I couldn't use /dev/ad1e.eli /home/david/private ufs rw 0 0 Does that mean that the following is what's typically to record fstab entries for ignored devices? /dev/ad1e.eli /home/david/private xx rw 0 0 /dev/ad3e /fakexx rw 0 0 /dev/ad3f /reservedxx rw 0 0 Yes. Here I must differ with Polytropon, though your format for the options isn't perhaps quite right. From an old fstab here: # DeviceMountpoint FStype Options DumpPass# /dev/acd0 /cdrom cd9660 ro,noauto 0 0 /dev/ad0s1 /dosmsdosfs ro,noauto 0 0 /dev/ad0s2b noneswapsw 0 0 /dev/ad0s2a / ufs rw 1 1 /dev/ad0s2d /varufs rw,noatime 2 2 /dev/ad0s2e /usrufs rw,noatime 2 2 /dev/ad0s4d /paqi4.5ufs ro,noauto,nodev,noexec,nosymfollow,noatime 2 3 /dev/ad0s4e /paqi4.5/varufs ro,noauto,nodev,noexec,nosymfollow,noatime 2 4 /dev/ad0s4f /paqi4.5/usrufs ro,noauto,nodev,noexec,nosymfollow,noatime 2 4 # 25Apr06 ext 20Gb USB disk. DON'T autoadd these, deadly if da0 absent! # .. xx fsopts, everything incl fsck must ignore .. /dev/da0s3d /usbdsk ufs xx,noauto,nosymfollow 3 3 /dev/da0s3e /usbdsk/var ufs xx,noauto,nosymfollow 4 4 /dev/da0s3f /usbdsk/usr ufs xx,noauto,nosymfollow 4 4 # 26May06 shintaro 1G flashdrive .. just doc, can't mount using these .. /dev/da0s1 /flash/dos msdosfs xx,noauto 0 0 /dev/da0s2d /flash/ufs ufs xx,noauto,noatime 3 3 /dev/da0s3d /flash/pvt ufs xx,noauto,noatime 3 3 As you say they're useful for doc, and not hard to edit into action. Note the additions above were assigned starting at 'd' by sysinstall. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Does hybernate/wakeup work?
In freebsd-questions Digest, Vol 283, Issue 5, Message 13 On Tue, 03 Nov 2009 10:56:24 -0800 Yuri y...@rawbw.com wrote: Paul B Mahol wrote: On 10/23/09, Yuri y...@rawbw.com wrote: I tried to make system hybernate with 'acpiconf -s4' on my laptop. It quickly turned off, but when I press the power button it boots like no hybernate and begins to check disks. What can be wrong? OS S4 is not implemented, but BIOS S4 is possible on some machines ... And on 8.0 and 9.0 i386 SMP doesnt resume properly (amd64 works). 'acpiconf -s4' also brings laptop to unwakeable state. Power button begins to flash, when I press any button there is some disk activity, power button light turns on. And nothing happens. 'apm -z' produces similar result. Maybe it's better to ask what works? Is there any way I can use suspend/sleep mode? Any basic way to make it sleep? As Paul said, hibernation only works if the machine's BIOS supports it (hw.acpi.s4bios = 1) AND you've already prepared a suitable disk area, usually a separate slice (DOS partition) or as a file in a 'doze slice. To make even a vaguely informed guess as to whether hibernation and/or acpiconf -s3 (suspend/resume) might work, we'd need to know: What version of FreeBSD on which architecture? (output of 'uname -a') What make and model of laptop? (someone may know if that one works) Whether it runs a single or multiple CPUs? (see /var/run/dmesg.boot) The output of 'sysctl hw.acpi' ? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Does hybernate/wakeup work?
On Tue, 3 Nov 2009, Yuri wrote:
Ian Smith wrote:
As Paul said, hibernation only works if the machine's BIOS supports it
(hw.acpi.s4bios = 1) AND you've already prepared a suitable disk area,
usually a separate slice (DOS partition) or as a file in a 'doze slice.
To make even a vaguely informed guess as to whether hibernation and/or
acpiconf -s3 (suspend/resume) might work, we'd need to know:
What version of FreeBSD on which architecture? (output of 'uname -a')
What make and model of laptop? (someone may know if that one works)
Whether it runs a single or multiple CPUs? (see /var/run/dmesg.boot)
The output of 'sysctl hw.acpi' ?
cheers, Ian
Here is this information:
FreeBSD-8.0-RC2
i386 or amd64? It matters, which is why we ask for uname -a .. obscure
your hostname etc if needed. Some Atom models (230 and 330, I read)
have feature 'LM' and so can run amd64; others don't and must run i386.
Laptop is Lenovo S10-2, single CPU, Intel Atom.
But with hyperthreading enabled or not? How many CPUs launched (dmesg)?
Again, it matters. As I understand it, on 8.0 amd64 SMP suspend/resume
(S3) should work, i386 SMP is currently broken, i386 non-SMP should
(still) work, but I'm really not sure about the Atoms.
head -50 /var/run/dmesg.boot (or so) should clear this up. We don't
need the whole thing, but show anything to do with ACPI and CPU(s).
--- sysctl hw.acpi output ---
hw.acpi.supported_sleep_state: S3 S4 S5
hw.acpi.power_button_state: S5
hw.acpi.sleep_button_state: S3
hw.acpi.lid_switch_state: NONE
hw.acpi.standby_state: NONE
hw.acpi.suspend_state: S3
hw.acpi.sleep_delay: 1
hw.acpi.s4bios: 0
So, hibernate won't work. There was talk of someone doing that for a
Google SoC project but I've heard no more about it for a long while.
hw.acpi.verbose: 0
hw.acpi.disable_on_reboot: 0
hw.acpi.handle_reboot: 0
hw.acpi.reset_video: 0
hw.acpi.thermal.min_runtime: 0
hw.acpi.thermal.polling_rate: 10
hw.acpi.thermal.user_override: 0
hw.acpi.thermal.tz0.temperature: 43.0C
hw.acpi.thermal.tz0.active: -1
hw.acpi.thermal.tz0.passive_cooling: 0
Slightly surprising, but again I know nothing about Atom BIOSes.
hw.acpi.thermal.tz0.thermal_flags: 0
hw.acpi.thermal.tz0._PSV: -1
hw.acpi.thermal.tz0._HOT: -1
hw.acpi.thermal.tz0._CRT: 102.0C
hw.acpi.thermal.tz0._ACx: -1 -1 -1 -1 -1 -1 -1 -1 -1 -1
hw.acpi.thermal.tz0._TC1: -1
hw.acpi.thermal.tz0._TC2: -1
hw.acpi.thermal.tz0._TSP: 300
hw.acpi.battery.life: -1
hw.acpi.battery.time: -1
hw.acpi.battery.state: 7
hw.acpi.battery.units: 1
hw.acpi.battery.info_expire: 5
hw.acpi.acline: 1
hw.acpi.cpu.cx_lowest: C1
If this is either i386 uniprocessor or amd64 SMP, suspend/resume should
work, though possibly needing some settings tweaked and/or some modules
unloaded/reloaded in /etc/rc.{suspend,resume} to do so successfully.
If so, I'd next try the freebsd-mobile@ list where several people who
should be able to advise on this tend to hang out. If not, you may be
out of luck at this stage.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: dhcpd related issue - not giving up
In freebsd-questions Digest, Vol 283, Issue 2, Message: 4
On Mon, 2 Nov 2009 02:04:31 -0800 (PST)
Dánielisz László laszlo_daniel...@yahoo.com wrote:
Sorry, I misspell it, (192.168.1.1) at 00:13:8f:86:2f:64 on rl1
permanent [ethernet] - actually this is my rl1 interface on BSD
Ok. Chomping heavily .. I've just reviewed this thread through four
digests, rather a top-posting, multi-tail-quoting mess. Please trim
quotes to the necessary then add your response; we've seen the rest.
mac# $ dhcping -h 00:23:32:dc:72:19 -s 192.168.1.1
no answer
bsd# tcpdump -i rl1 -n port 67 or port 68
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on rl1, link-type EN10MB (Ethernet), capture size 96 bytes
19:14:38.604545 IP 192.168.1.234.68 192.168.1.1.67: BOOTP/DHCP, Request
from 00:23:32:dc:72:19, length 250
19:24:06.600131 IP 192.168.1.234.68 192.168.1.1.67: BOOTP/DHCP, Request
from 00:23:32:dc:72:19, length 250
You could perhaps usefully add 'or arp' to that tcpdump.
Like your earlier tcpdump; the Mac's asking and 192.168.1.1 is not
responding. I don't think anyone's asked yet what you get from:
# netstat -finet -an | grep 67
ie, is dhcpd really listening? something like ..
udp4 0 0 192.168.1.1.67*.*
If not, there's your problem .. if so, looks like your firewall might be
blocking those packets from reaching 192.168.1.1 (OR its responses back)
If dhcpd is running, even if it's misconfigured, I'd expect to see some
response if it's receiving requests.
bsd# arp -a
? (192.168.1.234) at 00:23:6c:86:41:d9 on rl1 [ethernet] - this is my
MacBook
? (192.168.1.1) at 00:13:8f:86:2f:64 on rl1 permanent [ethernet] - this is
the layer 3 switch
So your switch and your rl1 interface have the same IP? That can't be good,
can't see why it would affect things when the switch isn't in action though.
# sockstat -4l | grep dhcp
dhcpddhcpd 4747 7 udp4 *:67 *:*
Yeah sockstat's always useful too; both it and netstat -a will show udp
port 67 listening if dhcpd's running (right).
From a later message ..
pool {
option domain-name-servers cns01.hdsnet.hu;
max-lease-time 300;
range 192.168.1.200 192.168.1.253;
allow unknown-clients;
}
}
.. it seems from the arp -a above that the Mac already has 192.168.1.234
which is within that range? However, concentrate on getting as far as
seeing return responses from dhcpd on port 67 to clients with tcpdump,
with your firewall momentarily disabled if need be ..
HTH, Ian___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Why is sendmail is part of the system and not a package?
In freebsd-questions Digest, Vol 282, Issue 14, Message 14 On Thu, 29 Oct 2009 14:58:54 -0500 (CDT) Lars Eighner luvbeas...@larseighner.com wrote: On Thu, 29 Oct 2009, Ruben de Groot wrote: sendmail is NOT a legacy application. It's actively being developed ON FreeBSD. Actually, the maintainer(s) are doing a great job Bullshit. :) IYNSHO. Why does sendmail call up the internet during boot? If it needs to know who it is, why can't it look in hosts? See the section: WHO AM I? in /usr/src/contrib/sendmail/cf/README (assuming you haven't deleted the documentation from your system) Since it cannot be trusted to send mail, what does it need to know from the internet? The first clause reflects an opinion you apparently formed many years ago from which you seem determined not to let any contrary indications dissuade you. I certainly trust sendmail to send mail - who to accept mail from is always the far greater issue - though after only 11+ years using FreeBSD, I clearly haven't your depth of experience. It has been horribly broken for the 15 years or so that I have run FBSD, What was the last version of sendmail you actually used? Sure 8.8 was a bear to configure against spam back in '98; I almost succumbed to buying the book back then, but always found what I needed here, by searching or at sendmail.org. Since FreeBSD ~4.5 I've done just fine using 'make'. (cd /etc/mail; ee access; make maps) is my usual extent of maintenance. and this m4 stuff is a pile of crap. Works here :) though I just let 'make' hide all of the gritty stuff. There is no documentation whatsoever. Re-sup your sources? There's plenty here, and the abovementioned README contains just about everything I've ever needed to configure sendmail. Mail is never going to be any trivial one-conf-fits-all service and requires some study, with at least a slightly open attitude. Unless you buy a book from O'Reilly and line the pockets of the maintainer(s). Why can't it be a option to configure the system without it? Not any money in that, is there? Maybe a systems programming background helped, but since ~'02 I've felt no further need to explore the intricacies of sendmail.cf tinkering. Others here affirm that you can indeed configure FreeBSD not to use sendmail, or any mailer, but I've never had a need so can't comment. There's an old folk song you may have come across that pretty well covers the best approach to fixing any such perceived brokenness: http://www.songsforteaching.com/folk/theresaholeinthebucket.htm cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: I hate to bitch but bitch I must
, and it's best to stick to technical facts if you want good help here, though all praise to the extraordinary patience of some folks here. Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Question about FreeBSD installation procedure
In freebsd-questions Digest, Vol 278, Issue 4, Message 2 On Tue, 29 Sep 2009 12:36:00 +0800 (WST) Bret Busby b...@busby.net wrote: On Sat, 26 Sep 2009, Manolis Kiagias wrote: Bret Busby wrote: Hello. I have been interested in installing FreeBSD on my laptop (HP/Compaq NX5000, 2MB RAM), in a free 20MB partition. [..] See http://busby.net/bret/Screenshot--dev-sda-GParted.png Presumably from your screenshot, what Linux Gparted calls /dev/sda8 However, with the response above, and, with all of the responses thus far, to the query, it appears that I cannot install FreeBSD on the computer, without a full system rebuild, involving removal of all of the installed operating systems and software from the computer, then repartitioning, or, slicing up, the hard drive, and then creating new logical, extended partitions, and then reinstalling each of the operating systems, and all of the software for each of the operating systems, trying to ensure that I then have at least all of the software that is currently installed on each operating system on the computer, and, the data that is currently present on the computer. Bret, none of that much drama will be necessary :) Manolis nailed it, but I'll add a little reinforcement if it helps reassure you that what you want to do is a) entirely possible and b) not terribly difficult. And, with being required to do all of that, I do not know what would happen, regarding issues such as the interrupt conflict that I encountered when trying to initially install Debian 3.1 on the computer, the interrupt conflict being between the WiFi card and the ethernet card, which reuired Ubuntu to resolve the conflict, then (at the time, as I was then a strictly Debian user) uninstalling Ubuntu to reinstall Debian 3.1, with the solution to the interrupt conflict, having used Mandriva Linux to do the partitioning, so as to retain the initial installation of MS Win XP, which I would probably lose, and have to install from scratch, as part of installing BSD on the system. I can't comment on your wifi or interrupt issues, but there's no reason you need to lose any of your existing systems to install FreeBSD here. First, make SURE you have good backups, whatever else you do. Sooner or later the HD is going to fail anyway, so be prepared and be comfortable. More or less as Manolis later said, using gparted since you have it: a) delete the 20GB logical partition /dev/sda8 for the space you need. b) move the free space in the extended partition to the end, after the present sda9 and sda10. these may then become sda8 and sda9, and you may later need to edit references to these to account for renumbering. c) shrink the extended partition sda2 to the end of (now) sda9, which will provide 20GB of unallocated free space on the disk. d) create a new slice (primary partition in DOS terms) using all of the 20GB free space. gparted will call it /dev/sda3, and it'll be the third partition in the MBR. FreeBSD will see this as slice /dev/ad0s3, and there you can install FreeBSD, probably in several FreeBSD partitions. So, getting the system set up, initially, to get Debian 3.1 running (it has been superseded on the system, first by Debian 4, and, now, by Debian 5), took a fair bit of time and effort, and problem solving, using various operating systems, to get the one extra operating system installed. Sure, and you learned quite a lot in the process :) Due to the time and effort involved, and the apparent complexity, it all seems too difficult, to install BSD. Nope. Just a bit more learning, shifting a bit further from 'DOS-think' If FreeBSD would be able to be installed in a logical partition, within an extended partition, as can be done with Linux, it would probably be able to be done by me - in the meantime, it is simply too difficult. It's only too difficult until you know how to do it. Manolis and I have both shown you a fairly straightforward way of doing it, and others have provided good background info on how FreeBSD uses diskspace. Go for it! As a bonus, you should be able to access all of the other filesystems on your disk from FreeBSD, at least read-only. FAT32 (mount_msdosfs), NTFS (I don't, but many people here have done), ext3 - not sure about write capability, but certainly ext2. Way back on FreeBSD 3.3 I salvaged many OS/2 HPFS filesystems from various extended partitions, readonly, and last time I looked (FreeBSD 7.0) the HPFS code was still in the tree. You'll find that FreeBSD knows the (covering) extended partition as /dev/ad0s5 and the logical partitions within as /dev/ad0s6, s7 etc. FAT32 is reliable read-write, and most useful for shipping files between different OS, especially if you enclose them in a tar(1) or zip(1) file if you need to maintain file ownerships and permissions. cheers, Ian
Error building net-snmp port
I've been building a new 7.2-RELEASE server, putting it into service on Friday. I did a portsnap updated all the ports to the latest version, but was unable to upgrade /usr/ports/net-mgmt/net-snmp - see below for output: === Building for net-snmp-5.4.2.1_5 making all in /usr/ports/net-mgmt/net-snmp/work/net-snmp-5.4.2.1/snmplib making all in /usr/ports/net-mgmt/net-snmp/work/net-snmp-5.4.2.1/agent making all in /usr/ports/net-mgmt/net-snmp/work/net-snmp-5.4.2.1/agent/helpers making all in /usr/ports/net-mgmt/net-snmp/work/net-snmp-5.4.2.1/agent/mibgroup /bin/sh ../../libtool --mode=compile cc -I../../include -I. -I../../agent -I../../agent/mibgroup -I../../snmplib -O -pipe -Ufreebsd7 -Dfreebsd7=freebsd7 -DAPPLLIB_EXP=/usr/local/lib/perl5/5.8.9/BSDPAN -DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -I/usr/local/include -I/usr/local/lib/perl5/5.8.9/mach/CORE -c -o mibII/tcpTable.lo mibII/tcpTable.c cc -I../../include -I. -I../../agent -I../../agent/mibgroup -I../../snmplib -O -pipe -Ufreebsd7 -Dfreebsd7=freebsd7 -DAPPLLIB_EXP=/usr/local/lib/perl5/5.8.9/BSDPAN -DHAS_FPSETMASK -DHAS_FLOATINGPOINT_H -fno-strict-aliasing -pipe -I/usr/local/include -I/usr/local/lib/perl5/5.8.9/mach/CORE -c mibII/tcpTable.c -fPIC -DPIC -o mibII/.libs/tcpTable.o mibII/tcpTable.c: In function 'tcpTable_load': mibII/tcpTable.c:748: error: dereferencing pointer to incomplete type mibII/tcpTable.c:750: error: dereferencing pointer to incomplete type mibII/tcpTable.c:750: error: invalid application of 'sizeof' to incomplete type 'struct xinpgen' mibII/tcpTable.c:754: error: dereferencing pointer to incomplete type mibII/tcpTable.c:758: error: dereferencing pointer to incomplete type mibII/tcpTable.c:763: error: dereferencing pointer to incomplete type *** Error code 1 Stop in /usr/ports/net-mgmt/net-snmp/work/net-snmp-5.4.2.1/agent/mibgroup. *** Error code 1 I tried everything I could think of to fix it - removed CPUTYPE from /etc/make.conf, ran make config de-selected IPV6 support, did a make dist clean and let it fetch the source file again, did a make deinstall but it still stopped at the same point. It was installed as a dependency of nut. Any idea how to fix this? Cheers, Ian -- gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
Re: How to correct *Failed sysctlbyname(net.inet.ip.fw.tables_max)*
In freebsd-questions Digest, Vol 274, Issue 12, Message 18 On Sat, 5 Sep 2009 12:57:46 +0300 ??? ??? kes-...@yandex.ru wrote: vpn# ipfw table 12 list ipfw: Failed sysctlbyname(net.inet.ip.fw.tables_max) vpn# sysctl -a | grep net.inet.ip.fw net.inet.ip.fw.dyn_keepalive: 1 net.inet.ip.fw.dyn_short_lifetime: 5 net.inet.ip.fw.dyn_udp_lifetime: 10 net.inet.ip.fw.dyn_rst_lifetime: 1 net.inet.ip.fw.dyn_fin_lifetime: 1 net.inet.ip.fw.dyn_syn_lifetime: 20 net.inet.ip.fw.dyn_ack_lifetime: 300 net.inet.ip.fw.static_count: 46 net.inet.ip.fw.dyn_max: 4096 net.inet.ip.fw.dyn_count: 0 net.inet.ip.fw.curr_dyn_buckets: 256 net.inet.ip.fw.dyn_buckets: 256 net.inet.ip.fw.default_rule: 65535 net.inet.ip.fw.verbose_limit: 0 net.inet.ip.fw.verbose: 1 net.inet.ip.fw.debug: 1 net.inet.ip.fw.one_pass: 0 net.inet.ip.fw.autoinc_step: 100 net.inet.ip.fw.enable: 1 vpn# uname -a FreeBSD vpn.in 7.1-RELEASE-p7 FreeBSD 7.1-RELEASE-p7 #1: Sat Sep 5 00:26:18 EEST 2009 k...@vpn.in:/usr/obj/usr/src/sys/KES_KERN_v71 i386 I just upgrade from 7.0. Sources are RELENG_7_1 Kes, perhaps your kernel and userland sources may be out of synch? I haven't hunted through CVS, but located a message in ipfw@ from Ganbold with a patch proposing to add that very sysctl to ip_fw2.c dated 1st September 2008 .. was that before or after 7.1-RELEASE? Happy hunting, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
MySql54 Port With_CHARSET and WITH_XCHARSET
Hi, I am wondering if there is a problem with the port or if there is something I don't understand about mysql configure options... Doing: cd /usr/ports/databases/mysql54-server make WITH_CHARSET=utf8 WITH_XCHARSET=none make install It sounds like the only charset that should be available would be utf8 but if I send a show charset query on the server, it lists them all... I am trying to compile while making sure there is only one charset on the server... did I missed something or is it a bug with the port or with mysql ? Thanks ~~ Ian Lord MSD Informatique 143 Rue des Fauvettes St-Colomban (Québec) J5K 0E2 Tél: (514) 776-MSDI - (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Suspend/Resume on Thinkpad x40
On Sat, 22 Aug 2009, Joe Snikeris wrote: On Fri, Aug 21, 2009 at 11:53 PM, Ian Smithsmi...@nimnet.asn.au wrote: On Fri, 21 Aug 2009, Joe Snikeris wrote: On Thu, Aug 20, 2009 at 10:58 PM, Ian Smithsmi...@nimnet.asn.au wrote: [..] At any rate, I gave up on ACPI. I've got suspend-to-ram and suspend-to-disk (hibernation) working perfectly using APM. Does anyone know if there are any disadvantages related to power-saving features when using APM over ACPI? Is powerd able to do its job just as well? The answer to that (at 5.5-STABLE) used to be 'no', but there is some APM code in powerd.c, related to how it determines the AC line state, though it's not clear to me if it would require compiling APM in kernel. Certainly /etc/rc.d/power_profile can't set CPU CX states without ACPI. Ok. Just did a search to find out what CPU CX states were. For a good explanation of the CX states: http://lists.freebsd.org/pipermail/freebsd-current/2009-May/006436.html Good hunting; a good overview of current load/power handling on FreeBSD, also posted to -mobile and/or -acpi as I recall. Switching speeds relies on the dev.cpu.0.freq and dev.cpu.0.freq_levels sysctls - are these available when you're running on APM? If so, try running powerd(8) in verbose foreground mode (-v) and see what happens. Yes they are. And powerd in verbose foreground mode shows that it is lowering the frequency all the way down to 75 MHz depending on the load. Cool. At 75MHz, it should be :) cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Suspend/Resume on Thinkpad x40
On Fri, 21 Aug 2009, Joe Snikeris wrote: On Thu, Aug 20, 2009 at 10:58 PM, Ian Smithsmi...@nimnet.asn.au wrote: On Thu, 20 Aug 2009 14:03:29 -0500 Joe Snikeris j...@snikeris.com wrote: First off, I apologize if this is not the right forum for this question. I was torn between posting this in mobile, ACPI, X11 and here. If I might get a better response in one of those forums, please let me know and I'll post there instead. I suspect -mobile might be the best list for this one, perhaps -acpi but that's usually more about development than usage. You might try searching the archives of either for mention of the X40. I'm having some trouble getting the kinks worked out of the suspend/resume functionality on my laptop, an IBM Thinkpad X40. It is mostly working now, but I am still experiencing some strange behavior. I can suspend and resume from a console just fine (except for the fact that the console comes up blank and only displays new characters); however, suspending and resuming in X is problematic. The first suspend and resume in X works perfectly, but the next time I hit suspend, the machine locks up while still displaying whatever I was doing in X. Note that if I switch to a virtual terminal before hitting suspend, this problem does not occur. Does anyone have any suggestions on what I might do to get this resolved? The details of my machine follows; please let me know if any additional information would be helpful. My T23 requires hw.syscons.sc_no_suspend_vtswitch=1 to suspend/resume cleanly (7.0), so does my old Compaq Armada (but that's APM, not ACPI) Thanks Ian. This fixed the problem where suspend would hang the second time it was executed in X. Good to know another model that this works on, for the archives. At any rate, I gave up on ACPI. I've got suspend-to-ram and suspend-to-disk (hibernation) working perfectly using APM. Does anyone know if there are any disadvantages related to power-saving features when using APM over ACPI? Is powerd able to do its job just as well? The answer to that (at 5.5-STABLE) used to be 'no', but there is some APM code in powerd.c, related to how it determines the AC line state, though it's not clear to me if it would require compiling APM in kernel. Certainly /etc/rc.d/power_profile can't set CPU CX states without ACPI. Switching speeds relies on the dev.cpu.0.freq and dev.cpu.0.freq_levels sysctls - are these available when you're running on APM? If so, try running powerd(8) in verbose foreground mode (-v) and see what happens. cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Suspend/Resume on Thinkpad x40
On Thu, 20 Aug 2009 14:03:29 -0500 Joe Snikeris j...@snikeris.com wrote: First off, I apologize if this is not the right forum for this question. I was torn between posting this in mobile, ACPI, X11 and here. If I might get a better response in one of those forums, please let me know and I'll post there instead. I suspect -mobile might be the best list for this one, perhaps -acpi but that's usually more about development than usage. You might try searching the archives of either for mention of the X40. I'm having some trouble getting the kinks worked out of the suspend/resume functionality on my laptop, an IBM Thinkpad X40. It is mostly working now, but I am still experiencing some strange behavior. I can suspend and resume from a console just fine (except for the fact that the console comes up blank and only displays new characters); however, suspending and resuming in X is problematic. The first suspend and resume in X works perfectly, but the next time I hit suspend, the machine locks up while still displaying whatever I was doing in X. Note that if I switch to a virtual terminal before hitting suspend, this problem does not occur. Does anyone have any suggestions on what I might do to get this resolved? The details of my machine follows; please let me know if any additional information would be helpful. My T23 requires hw.syscons.sc_no_suspend_vtswitch=1 to suspend/resume cleanly (7.0), so does my old Compaq Armada (but that's APM, not ACPI) uname -a FreeBSD sussman.snikeris.com 7.2-RELEASE-p2 FreeBSD 7.2-RELEASE-p2 #0: Wed Jun 24 00:57:44 UTC 2009 r...@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386 cat /boot/loader.conf # Disable boot menu beastie_disable=YES autoboot_delay=-1 # Needed for firefox to display certain HTML5 elements sem_load=YES # Needed so we can resume from suspend w/ a working display. hw.acpi.reset_video=1 # Needed so mouse will work on resume hint.psm.0.flags=0x3000 # Possibly needed for successful resume hint.apic.0.disabled=1 That might be one to try either way, with other combinations. # Needed for sound snd_ich_load=YES # Needed for wireless (iwi) if_iwi_load=YES wlan_load=YES firmware_load=YES iwi_bss_load=YES iwi_ibss_load=YES iwi_monitor_load=YES legal.intel_iwi.license_ack=1 # Needed for 3d graphics acceleration agp_load=YES # Needed for cdrecord to work atapicam_load=YES # See 'man acpi_ibm' acpi_ibm_load=YES I've found that vesa_load=YES helps on my T23 especially if suspending from a VT rather than in X, referring to your 'console comes up blank.' Something to try anyway, and I don't think it ever hurts. cat /etc/rc.conf # -- sysinstall generated deltas -- # Sat Jul 4 11:10:49 2009 # Created: Sat Jul 4 11:10:49 2009 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. # Set by sysinstall hostname=sussman.snikeris.com #ifconfig_em0=DHCP linux_enable=YES moused_enable=YES # Allow X to locate mouse and keyboard automatically using HAL hald_enable=YES dbus_enable=YES keyrate=fast keybell=off cat /etc/sysctl.conf # $FreeBSD: src/etc/sysctl.conf,v 1.8.32.1 2009/04/15 03:14:26 kensmith Exp $ # # This file is read when going to multi-user and its contents piped thru # ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details. # # Uncomment this to prevent users from seeing information about processes that # are being run under another UID. #security.bsd.see_other_uids=0 hw.acpi.standby_state=S0 hw.acpi.suspend_state=S3 hw.acpi.sleep_button_state=S3 vfs.usermount=1 hw.acpi.sleep_delay=3 If hw.syscons.sc_no_suspend_vtswitch=1 is no help, I'd try -mobile .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: please help to uninstall FreeBSD!!!
On Mon, 17 Aug 2009 17:23:29 -0700 Walt Pawley w...@wump.org At 4:44 PM +0200 8/17/09, Heiner Strauß wrote: [..] Putting the symbol names in one word helped the linker / loader a lot. Live was so easy. Heiner C(one word = 32 bit) .NOT. (some word processor software) As something of an ancient curmudgeon these days, I've enjoyed this discussion. As speculation on my part, perhaps the six character limitation is less a software issue than an early architecture issue - DEC's PDP-6/10 design used 36-bit words and packed six characters (clearly from a limited subset of the then current ASCII) per word, making simple searches very effective through symbol tables with a simple word level compare loop. Can I play in the ancient curmudgeonly nostalgia reunion too? While likely not all that closely related to the issue, I recall a technique I was introduced to on Control Data systems called COSY, in which one punched binary coded Hollerith cards with two characters per column encoded (six bits per character). Of course, such cards required excellent handling equipment (which Control Data had) because a stack of cards punched with 960 holes in each one had lots of opportunity for hanging chads. First real systems programming job was converting $multinat's data files from NCR 315 format (12-bit 'slabs' holding 2 6-bit alphanum upper-case characters or 3 4-bit BCD numbers, on 7 track tape and some paper tape) to IBM 360 format (8 bit EBCDIC chars or BCD numerics, on 9 track tape), which only took about 4 months, replacing a whole floor tons of gear. The NCR was also clearly designed around 80-column punch cards; 2 alphas or 3 digits or one 12-bit instruction code per column. The programmer's art was judged (by peers, not management :) on what your best single card 80-slab program could do once booted .. test runs of which involved turning up at the end of The Operator's shift and likely offering some $inducement, after conning one of the punch girls into typing 160 chars of utter gibberish for no apparent reason .. /OT nostalgia cheers, Ian___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: boot sector f*ed
nothing in the functioning) or something is going on with the OS. After you've thoroughly proven the hardware is AOK under sustained and varied pressure, then you can suspect software issues - which tend to be far more consistent and repeatable - but if the hardware's acting flakey then you likely won't see any consistency in software issues, which does seem to concur with your descriptions to date. I must say, it is weird that with FBSD 7.2 things have not been going well at all... Well, since that particular point in time, at least? So, now I am trying to set up 7.2 on this new disk and let's see what happens. I'm going to run some tests on those disks, including the one that maybe is defective... I'll post results if possilbe. I wouldn't even try doing anything with disks until positively ruling out any hardware issues, given that at one stage you _apparently_ lost the boot sector, and it or another possibly intermittent issue prevented booting. You've since said that the 3GHz box with same BIOS boots up 'differently'. Has it always been so? Sometimes, quite often in fact, I've found just disassembling, thorough cleaning, fresh heatsink paste maybe, and reassembly solves many issues, without ever knowing what exactly did the trick. Life's like that .. HTH, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: boot sector f*ed
On Tue, 11 Aug 2009 17:52:29 +0200 Polytropon free...@edvax.de wrote: On Tue, 11 Aug 2009 09:34:13 -0400, PJ af.gour...@videotron.ca wrote: I've got another disk about the same size on the machine and I'm wonderiing how could I transfer the whole shebang to it? Maybe an 1:1 copy using dd with a bs=1m would work. Maybe it would, if the new disk size is = the old one. Would doing a minimum 7.2 install be enough, followed by copying all the slices to the corresponding slices on the new disk? I'm thinking of mounting the broken drive on the new one and then copying... does that sound about right? No. Does not. :-) The proper way of doing this - or at least ONE of the proper ways - is to use the intended tools for this task. These are dump and restore. First of all, you use a FreeBSD live system (such as FreeSBIE) or the livefs CD of the FreeBSD OS to run the OS. The goal is: Most minimal interaction with the drives. Good principles, but .. Let's assume ad0 is your source disk and ad1 the target disk. You can use the sysinstall tool to slice and partition the target disk. You can create the same layout as on the source disk. Of course, using tools like bsdlabel and newfs is valid, too. If you're done, things go like this: 1. Check the source. # fsck /dev/ad0s1a /dev/ad0s1e /dev/ad0s1f /dev/ad0s1g /dev/ad0s1h Er, from PJ's original message (and the subject line) the boot sector, sector 0, is hosed. So the partition/slice table is hosed, or at least untrustworthy. So what then can /dev/ad0s1a and the others refer to? dd may indeed be the best way to at least get a raw copy of the existing disk. After which perhaps the boot sector can be rewritten with the right values (if available?) so that such as fsck and dump can proceed. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: boot sector f*ed
On Wed, 12 Aug 2009, PJ wrote: Ian Smith wrote: On Tue, 11 Aug 2009 17:52:29 +0200 Polytropon free...@edvax.de wrote: [..] Let's assume ad0 is your source disk and ad1 the target disk. You can use the sysinstall tool to slice and partition the target disk. You can create the same layout as on the source disk. Of course, using tools like bsdlabel and newfs is valid, too. If you're done, things go like this: 1. Check the source. # fsck /dev/ad0s1a /dev/ad0s1e /dev/ad0s1f /dev/ad0s1g /dev/ad0s1h Er, from PJ's original message (and the subject line) the boot sector, sector 0, is hosed. So the partition/slice table is hosed, or at least untrustworthy. So what then can /dev/ad0s1a and the others refer to? dd may indeed be the best way to at least get a raw copy of the existing disk. After which perhaps the boot sector can be rewritten with the right values (if available?) so that such as fsck and dump can proceed. Thanks, Ian... I'm actually at the stage of doing the save/copy/transfer or whatever you can call it: here's what I am thinking and on which I need clarification. I ran HDD regenerator and it immediately flagged the very first sector as being Bad. On bootint, just before the crash, the boot process started... hesitated, lurched forward, hesitated and then proceeded to load only some minutes later closing down with a 177mb dump. I knew then there was a problem.. :-) The dump, presumably from a panic, may be related or a consequence of whatever hardware issue may have clobbered your boot sector, or it may not. Your disk may be really in trouble, or it may just need its boot sector rewriting, if not a 'hard' sector error. But first, backup .. I have a 2nd disk just checked (with the regenerator - 12 hrs waiting on 2.4ghz cpu). I don't know of this regenerator. dd'ing a drive to /dev/null is a pretty good way to surface test a disk, not taking a fraction that long. If, indeed, the boot sector is the only thing mucked up, I should be able to copy the rest onto the 2nd(target) disk NP. The question, then, Read man dd carefully, do some practice runs. You'll want conv=noerror to copy all but any bad sectors, or dd may fail. For any section with bad sectors, you may need to use bs=512 and maybe skip (source) and seek (destination) to keep things aligned. I'm no expert on dd, have't had to do that for years, nor am I so hot on fdisk, bsdlabel or boot0cfg on FreeBSD 7, but there are plenty of folks here that are. is how to deal with the boot sector. As I understand it, the boot sector has the partition information needed to run things for the rest of the disk. So, copying the damaged source disk will not give me the boot sector needed. That's right, and no, but if you salvage everything else, and you know which slice/s were used and how big its partition/s are, you should be ok. Once back up, apart from normal backups, having a copy of your boot sector plus fdisk / bsdlabel output on another disk - or even on paper - can be very handy :) I happen to have a another instance of 7.2 installed on a smaller disk but that boot sector, obviously will not be quite right, right? No, you don't want to copy another disk's boot sector; you'll want to use fdisk to make a new one that fits. If there's a jumper for it, write protect the bad drive first, and move it away from being ad0. Seek expert help on the commands, as above .. I presume that I can just boot up the spare 7.2 disk, do the dd stuff from source to target and we have stage 1 done. If the disk sizes match, should be good. I get the impression to get this second stage (the boot stuff) I should do a minimal setup of the original configuration on a third disk the same size as the source and then copy the boot sector to the tartget. If for some reason, I haven't got the slices/partitions right, then I can just redo the whole shebang until I've got it right. A little tortured, but could work, or have I got it wrong? Of course, if there is a more elegant and simpler solution, shoot ! Again, I wouldn't copy a boot sector (though on identical disks, that should work). fdisk will write a new boot sector, and if you've got the slice sizes right, then your old bsdlabels should still be there for your various BSD partitions. Now .. exit the clown and bring on the fdisk / bsdlabel experts, please. Good luck, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: named startup problems upgrading from 7.1p4 to 7.1p5 or 7.1p6
On Sun, 28 Jun 2009 20:54:26 Ian wrote: Hi, I've been meaning to sort this out since the release of 7.1p5, but only just got around to it - I have an installation of 7.1 that runs bind and has been working fine up until I tried to update the system to 7.1p5 (using freebsd-update). As soon as I apply the update reboot, named loads but the startup script hangs. If I press Ctrl+C, the system continues to boot. If I then run /etc/rc.d/named start, named starts, but again the script hangs. I can do DNS lookups while named is running, so it seems to be functioning ok. I tried adding various echo statements to /etc/rc.d/named and found that the script seems to run right through. The hang occurs where /etc/rc.subr echoes out Starting named after the named script has run and that's where things seem to stop! Nothing else that is started by the rc.d scripts hangs, so I'm guessing /etc/rc.subr is ok. I did a diff of /etc/rc.d/named before after the upgrade from p4 to p5 (or p6 which has the same issue) and there are no changes to the file. Nothing seems to be logged anywhere that shows a problem, so I really have no idea what to check next. The only named entry in rc.conf is named_enable=YES. Doing a freebsd-update rollback restores normal operation and given that bind actually loads 7 seems to work apart fromthe hanging script, I suspect there's nothing wrong with my bind configuration. Any suggestions? Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc I've never really solved this problem - even running with the default named.conf as a simple caching server didn't change anything. Instead, I rolled back to 7.1p4 then upgraded to 7.2(p2) and bind works just fine. Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
named startup problems upgrading from 7.1p4 to 7.1p5 or 7.1p6
Hi, I've been meaning to sort this out since the release of 7.1p5, but only just got around to it - I have an installation of 7.1 that runs bind and has been working fine up until I tried to update the system to 7.1p5 (using freebsd-update). As soon as I apply the update reboot, named loads but the startup script hangs. If I press Ctrl+C, the system continues to boot. If I then run /etc/rc.d/named start, named starts, but again the script hangs. I can do DNS lookups while named is running, so it seems to be functioning ok. I tried adding various echo statements to /etc/rc.d/named and found that the script seems to run right through. The hang occurs where /etc/rc.subr echoes out Starting named after the named script has run and that's where things seem to stop! Nothing else that is started by the rc.d scripts hangs, so I'm guessing /etc/rc.subr is ok. I did a diff of /etc/rc.d/named before after the upgrade from p4 to p5 (or p6 which has the same issue) and there are no changes to the file. Nothing seems to be logged anywhere that shows a problem, so I really have no idea what to check next. The only named entry in rc.conf is named_enable=YES. Doing a freebsd-update rollback restores normal operation and given that bind actually loads 7 seems to work apart fromthe hanging script, I suspect there's nothing wrong with my bind configuration. Any suggestions? Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
Re: named startup problems upgrading from 7.1p4 to 7.1p5 or 7.1p6
On Sun, 28 Jun 2009 21:43:49 Matthew Seaman wrote: Ian wrote: Hi, I've been meaning to sort this out since the release of 7.1p5, but only just got around to it - I have an installation of 7.1 that runs bind and has been working fine up until I tried to update the system to 7.1p5 (using freebsd-update). As soon as I apply the update reboot, named loads but the startup script hangs. If I press Ctrl+C, the system continues to boot. If I then run /etc/rc.d/named start, named starts, but again the script hangs. I can do DNS lookups while named is running, so it seems to be functioning ok. I tried adding various echo statements to /etc/rc.d/named and found that the script seems to run right through. The hang occurs where /etc/rc.subr echoes out Starting named after the named script has run and that's where things seem to stop! Nothing else that is started by the rc.d scripts hangs, so I'm guessing /etc/rc.subr is ok. I did a diff of /etc/rc.d/named before after the upgrade from p4 to p5 (or p6 which has the same issue) and there are no changes to the file. Nothing seems to be logged anywhere that shows a problem, so I really have no idea what to check next. The only named entry in rc.conf is named_enable=YES. Doing a freebsd-update rollback restores normal operation and given that bind actually loads 7 seems to work apart fromthe hanging script, I suspect there's nothing wrong with my bind configuration. Any suggestions? Are you sure it's not the thing which starts immediately *after* named that is hanging? Try running: # rcorder /etc/rc.d/* /usr/local/etc/rc.d/* and see what should come next. Note this command shows the order in which all of the rc scripts in those directories would run, not just the ones you have enabled in rc.conf, so you may well have to skip a few lines until you get to something that is enabled. Cheers, Matthew Well the fact that if I run /etc/rc.d/named manually after the system has booted, the script also hangs suggests it's not the next process I have just check however ntpdate is the next one in the list to be started and that does start correctly - you can see it report the clock being adjusted. Also, when you do a Ctrl+C to break the named script on bootup, it says Script /etc/rc.d/named interrupted. Something I've just realised is that named stays loaded even when you 'break' the script. on bootup and DNS lookups work (I didn't think that was the case originally, but it is). Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
Re: phidgets for FreeBSD?
On Fri, 5 Jun 2009, Brooks Davis wrote: On Sat, Jun 06, 2009 at 01:25:09AM +1000, Ian Smith wrote: On Wed, 3 Jun 2009 15:07:53 +0300 Ghirai ghi...@ghirai.com wrote: Is there any (native) FreeBSD supoprt for Phidgets (http://www.phidgets.com? Someone seems to have attempted (and succeeded) to run things on 7.0, some time ago, but there doesn't seem to be any further info (http://www.phidgets.com/phorum/viewtopic.php?f=2t=507). Any ideas? No, but colour me interested too. Thanks for the pointer. Copying this to Brooks, who started that thread in 2005 with a patch for phidgets 2.0, which left me wondering if anything has become of that in the 2.1 linux sources, which I'm just grabbing. I've not really found time to do much since then. I think I've still got an ancient port around somewhere. All my patch did was refactor the error handling which caused basic stuff to work for me. Hi, 'scuse delay, been bogged down trying to (learn how to) resuccitate several old debian linux servers for a community radio station (eek!) The thread mentioned above points to your patch, is that all of it? I tried poking around your p4 area but didn't spot anything else related. I'm generally interested in whether linux applications using libusb are more likely than not to work on FreeBSD, operational differences between libusb on FreeBSD and linux, and whether our new USB stack has changed anything in that equation at all? As a rule, libusb stuff will work. Historically the function to allow a kernel driver (usually hid) to be detached hasn't been supported, but otherwise it's functional. Thanks, but please humour my ignorance - would one install linux libusb in /compat/linux for linux apps, as well as the freebsd port for native? Looks like I need to hang out in freebsd-emulation@ and read lots. Any other pointers (anyone)? I'm really hoping to use a FreeBSD box to talk and listen at 400kHz(+) iicbus with a small gadget we're designing, and everything I've seen, eg the Aardvark, is (apart from 'doze of course) linux-only using libusb, including phidgets. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: phidgets for FreeBSD?
On Wed, 3 Jun 2009 15:07:53 +0300 Ghirai ghi...@ghirai.com wrote: Is there any (native) FreeBSD supoprt for Phidgets (http://www.phidgets.com? Someone seems to have attempted (and succeeded) to run things on 7.0, some time ago, but there doesn't seem to be any further info (http://www.phidgets.com/phorum/viewtopic.php?f=2t=507). Any ideas? No, but colour me interested too. Thanks for the pointer. Copying this to Brooks, who started that thread in 2005 with a patch for phidgets 2.0, which left me wondering if anything has become of that in the 2.1 linux sources, which I'm just grabbing. I'm generally interested in whether linux applications using libusb are more likely than not to work on FreeBSD, operational differences between libusb on FreeBSD and linux, and whether our new USB stack has changed anything in that equation at all? Also wondering if http://www.totalphase.com/products/aardvark_i2cspi/ linux software might be expected to work 'well enough' on FreeBSD 7? Thanks. -- Ghirai. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
What's wrong with this picture?
On Sat, 30 May 2009, freebsd-questions-requ...@freebsd.org wrote in freebsd-questions Digest, Vol 260, Issue 31 [..] 1. Fw: UK Currency Symbol in 7.2 Console (Graham Bentley) 2. Re: find and searching for specific expression in files (Mel Flynn) 3. Re: find and searching for specific expression in files (Valentin Bud) 4. Re: MIME attachments in mbox files (Ian Smith) 5. Re: Canon printer and TurboPrint (Jerry) 6. FreeBSD 7.0-RELEASE-p12 bind9 log files not found (Prokofyev Vladislav) 7. GSM to Serial Converter (Exemys) 8. Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found (Mel Flynn) 9. Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found (Michael Powell) 10. Re: GSM to Serial Converter (Kevin Kinsey) 11. Re: Canon printer and TurboPrint (cpghost) 12. Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found (Prokofyev Vladislav) 13. Re: Canon printer and TurboPrint (Wojciech Puchar) 14. Re: Fresh install 7.2-RELEASE i386, X won't start (Wojciech Puchar) 15. Re: Failure to get past a PCI bridge (Ian Smith) 16. Re: What is this forum for? (Wojciech Puchar) 17. Re: Stable Mail Server And Web Mail (Wojciech Puchar) 18. Re: What is this forum for? (Wojciech Puchar) 19. Re: FreeBSD 7.0-RELEASE-p12 bind9 log files not found (Mel Flynn) 20. Re: On the need for moderated questions lists (Wojciech Puchar) 21. Re: Competition law (was Re: Canon printer and TurboPrint) (Wojciech Puchar) 22. RE: On the need for moderated questions lists (Wojciech Puchar) 23. Re: Canon printer and TurboPrint (Wojciech Puchar) 24. Re: MIME attachments in mbox files (Wojciech Puchar) 25. Re: Canon printer and TurboPrint (Wojciech Puchar) 26. Re: On the need for moderated questions lists (Wojciech Puchar) 27. Re: Remotely edit user disk quota (Wojciech Puchar) 28. Re: find and searching for specific expression in files (Wojciech Puchar) 29. Re: Stable Mail Server And Web Mail (Mel Flynn) 30. Re: Software creating karaoke from mp3 files (Wojciech Puchar) 31. Re: Greylisting and new posters (Wojciech Puchar) 32. Re: find and searching for specific expression in files (Wojciech Puchar) 33. Re: Canon printer and TurboPrint (Wojciech Puchar) 34. Re: Canon printer and TurboPrint (cpghost) 35. Filter request Re: GSM to Serial Converter (Wojciech Puchar) 36. Re: Stable Mail Server And Web Mail (Wojciech Puchar) Woj, 20 out of 36 messages, over 55% of all these messages, are by you. Having been very busy in recent weeks, I'd accumulated about 24 digests unread that I ploughed through yesterday, many of which featured over 50% of messages either from you, or from silly people reacting to you, whose ranks I must join for just this once. I gather that you're hoping to prove that without moderation - as we've enjoyed for 11 years that I've experienced - if you keep on flooding the list with so much off-topic crap, then we'll be forced into accepting your wish for the list to be controlled, post by post, by some poor bastard who needs to be awake 24/7/365 and has little else of a life. I don't have the sort of free time (nor apparent need) that you have to try fashioning this sometimes-helpful list after my own wishes, which is why I get digests, posting occasionally where I think I can maybe help. I'm also subscribed to about a dozen other FreeBSD lists that in total deliver not many more messages per day than this one sometimes does. You're not even being vaguely consistent. You're fast to agree with our resident M$ troll when he argues against government control of anything, even of protecting the population from a 'free' market that's happy to profit by poisoning people in body or mind, but then you insist we need to establish another sort of 'government' to control what people want to discuss on these lists? Fortunately, that's just not going to happen. You are quite capable of being helpful and even useful to the FreeBSD Project, if you'd focus your energies on things you do know something about and by widening your experience in areas covered by other lists. You are equally as capable in this role as wannabe list wrecker, opining on every second message including all the silly wildly off-topic ones. You already HAVE the power to greatly improve this list. Please do so. Sincerely, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: MIME attachments in mbox files
On Fri, 29 May 2009 23:40:52 -0400 Vince Sabio vi...@vjs.org wrote: I have a need (well, I have lots of needs, but I'll try to stay focused here) to be able to take a Windows zip file that is stored as a MIME attachment to an e-mail message in an Mbox-format spool file, and unzip the attachment. I actually need to script the process. In case it helps, I can dedicate a mailbox to the task. If necessary, I can write my own parser to strip out the attachment, in which case I'd need only a widget that can take in a MIME (base64) encoded zip file, convert it to binary, and unzip it. Anyone know of any FreeBSD utility(ies) that do(es) this? /usr/ports/converters/mpack /usr/ports/archivers/unzip You could first export/save each such message to a separate file and run munpack(1) on it to extract any base64 attachment/s, then unzip(1) any identifiable zipfiles. You can most likely rely on the return code from 'unzip -t $file' to check any files are valid zipfiles, if munpack can't recover the original filename from the MIME headers. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Failure to get past a PCI bridge
On Thu, 28 May 2009 16:24:00 +0200 Josef Moellers josef.moell...@ts.fujitsu.com wrote: Hi, I'm trying to install 7.2-RELEASE on a pretty new system (a Fujitsu RX300S5). The first obstacle was the fact that while the system has an AT-Keyboard-Controller, it ist not used (keyboard and mouse are connected via USB) and I have found that I can get past that by specifying set hint.atkbd.0.disabled=1 set hint.atkbdc.0.disabled=1 The install kernel then boots properly and reaches the Country Selection. At that point, no keyboard input is accepted. An optical mouse is off, so I assume the keyboard to be off, too. I have hooked up a serial connection to log the kernel's output (some 1000+ lines): set boot_serial=1 set boot_verbose=1 set boot_multicons=1 set console=comconsole vidconsole The following lines make me wonder if the kernel fails to get past PCI bridges and this can't reach the UHCI controllers: pcib0: ACPI Host-PCI bridge on acpi0 pcib0: could not get PCI interrupt routing table for \_SB_.CPU0 - AE_NOT_FOUND : pcib1: ACPI Host-PCI bridge on acpi0 pcib1: could not get PCI interrupt routing table for \_SB_.CPU1 - AE_NOT_FOUND : pcib2: ACPI Host-PCI bridge port 0xcf8-0xcff on acpi0 pcib2: couldn't find _ADR pcib2: trying bus number 2 pci2: ACPI PCI bus on pcib2 pci2: domain=0, physical bus=2 I talked to the guy who does the BIOS for the machine and he says that it makes no sense for the kernel to try and find the _PRT for \_SB_.CPU0 or \_SB_.CPU1! Can anyone help? I haven't been using FreeBSD since 4.2 and haven't dug through deep kernel functions for quite some time. Not directly, but you may do better posting that to the a...@freebsd.org list. See archives at http://lists.freebsd.org/pipermail/freebsd-acpi/ cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
/etc/ttys
Dumb question because of dumb action: can anyone point me to a place where I can find a copy of /etc/ttys? - suitable for FreeBSD v7.2 Thanks ianf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mod_php5 and apache22
On Mon, 30 Mar 2009, Mel Flynn wrote:
On Wednesday 25 March 2009 05:36:26 Ian Smith wrote:
On Tue, 24 Mar 2009 16:46:16 +0100 Ruben de Groot mai...@bzerk.org wrote:
On Tue, Mar 24, 2009 at 03:20:26PM +0100, Mel Flynn typed:
On Tuesday 24 March 2009 15:13:33 Christoph Kukulies wrote:
I moved a site from some FreeBSD 5.2 or something (with apache2 and
mod_php5 at that time,
about 3 years old) to 7.1 (Beta though) and apache22.
Now I don't find something that looks like mod_php5 in
/usr/ports/www.
Has that changed somehow?
lang/php5 with APACHE_MODULE ticked in options dialog.
The apache module compile is off by default since somewhere in 2006 and
I keep forgetting that occasionally :(
So people using pkg_add -r php5 will not get mod_php5.
That's right, you haven't been able able to install mod_php5 from a
package for at least that long. I've never understood the rationale.
APACHE_MODULE pulls in apache as dep, while CGI and CLI do not. There is not
much difference in performance with the CGI version and mod_fcgid, the major
difference with the module is the ease of site/directory specific
configuration of php through php_value and php_flag directives.
A slave port is easily created with one Makefile, as below.
# New ports collection makefile for:php5-module
# Date created: Jan 11 2009
# Whom: Mel Flynn mel+po...@rachie.is-a-
geek.net
#
# $Coar: ports/local/php5-module/Makefile,v 1.2 2009/03/30 20:37:22 mel Exp $
# NOTE: we cannot use PKGNAMESUFFIX as that triggers extension build in
# MASTERDIR/Makefile
PORTNAME=php5-module
MASTERDIR= ${.CURDIR}/../../lang/php5
CATEGORIES= local lang
PKGORIGIN= local/php5-module
PKGNAMEPREFIX= module-
# Set some options, though the config dialog is still set. This build is
# primarily for jails, where some php5 command line scripting is desired.
# Jails can't use SUHOSIN
WITHOUT_SUHOSIN=yes
WITHOUT_CGI=yes
WITHOUT_FASTCGI=yes
WITHOUT_PATHINFO=yes
WITH_APACHE=yes
APACHE_PORT?=www/apache22
.include ${MASTERDIR}/Makefile
Mel, only two questions:
1) Does it need binding to apache22 specifically?
2) Can you please submit it? :)
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
most signals not being delivered to processes
Hello, I'm new to this list so if this question is better directed elsewhere please point me in the right direction. My research group has a server running 7.2-PRERELEASE and an odd problem has cropped up: most signals are not being delivered to processes. For example, if I run 'sleep 10' from the shell, ctrl-c won't interrupt it. kill -KILL pid still works, but this sort of makes sense since it involves only the OS and doesn't require delivery to the process itself. I have performed a fairly extensive series of tests: using bash: * ctrl-c does nothing * ctrl-z does nothing * kill -XXX pid works for SIGKILL and SIGSTOP only * kill -XXX pid does nothing for all other signals * a C program does not receive a SIGHUP, SIGINT, SIGABRT or SIGTERM that it has sent to itself via 'kill(getpid(), SIGxxx)' * a C program will react appropriately when it sends itself a SIGKILL or SIGSTOP * a C program will react appropriately when you call abort(3) * a C program will die with the error Floating point exception: 8 (core dumped) if it divides by zero, but not if it sends itself a SIGFPE. using csh (or skip this list and see below for just the diffs with bash): * ctrl-c does interrupt processes (and a C program that traps for SIGINT will catch the signal appropriately from a ctrl-c) * ctrl-z does nothing * kill -XXX pid works for SIGHUP, SIGINT, SIGKILL, SIGALRM, SIGSTOP, SIGXCPU, SIGXFSZ only * kill -XXX pid does nothing for all other signals * a C program does not receive a SIGHUP, SIGABRT or SIGTERM that it has sent to itself via 'kill(getpid(), SIGxxx)' * a C program will quit when it sends itself a SIGINT * a C program will react appropriately when it sends itself a SIGKILL or SIGSTOP * a C program will react appropriately when you call abort(3) * a C program will die with the error Floating point exception: 8 (core dumped) if it divides by zero, but not if it sends itself a SIGFPE. or, for brevity, here are just the differences when using csh as opposed to bash: * ctrl-c does interrupt processes (and a C program that traps for SIGINT will catch the signal appropriately from a ctrl-c) * kill -XXX pid works for SIGHUP, SIGINT, SIGALRM, SIGXCPU, SIGXFSZ * a C program will quit when it sends itself a SIGINT This system has been in use for well over a year so I don't know why this would have cropped up all of a sudden. Unfortunately I am not the only one with superuser access on this machine, but nobody else in the group has any idea of what they could have done to mess things up. Some other important details: 1) The problem is not user-specific (other people are seeing the same thing) 2) The problem first appeared Friday (Mar 20) afternoon but it went away after another user re-installed the kernel. But now it returned today. 3) I checked stty -a and my key mapping look fine (e.g. susp = ^Z) Any hints or ideas? thanks very much, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: most signals not being delivered to processes
Hi Chuck, Thanks for the response. My stty -a looks good: cchars: discard = ^O; dsusp = ^Y; eof = ^D; eol = undef; eol2 = undef; erase = ^?; erase2 = ^H; intr = ^C; kill = ^U; lnext = ^V; min = 1; quit = ^\; reprint = ^R; start = ^Q; status = ^T; stop = ^S; susp = ^Z; time = 0; werase = ^W; However, hopefully the problem has gone away. Another member of our team thinks that somehow the issue is related to some system services (sshd and dhcpd) failing to completely detach from their controlling terminal due to a setuid wrapper he set up, and thus they are left holding on to some old bad controlling terminal even though they daemonize themselves. I have to admit I don't completely understand it all (in part because anything involving 'controlling terminals' is usually a bit mystifying for me), but hopefully he's right... cheers, Ian Chuck Swiger wrote: Hi, Ian-- On Mar 26, 2009, at 12:40 PM, Ian Rose wrote: I'm new to this list so if this question is better directed elsewhere please point me in the right direction. Welcome; this list is a good place. My research group has a server running 7.2-PRERELEASE and an odd problem has cropped up: most signals are not being delivered to processes. For example, if I run 'sleep 10' from the shell, ctrl-c won't interrupt it. kill -KILL pid still works, but this sort of makes sense since it involves only the OS and doesn't require delivery to the process itself. Both your shells and /bin/kill should be using kill(2) system call; see /usr/src/bin/kill/kill.c, /usr/src/contrib/tcsh/sh.proc.c, etc for the details. For a signal to work, the OS does deliver it to the process, which must be in a runnable state or else delivery will block until the process has returned from a system call or whatever is blocking it. I have performed a fairly extensive series of tests: using bash: * ctrl-c does nothing * ctrl-z does nothing * kill -XXX pid works for SIGKILL and SIGSTOP only * kill -XXX pid does nothing for all other signals * a C program does not receive a SIGHUP, SIGINT, SIGABRT or SIGTERM that it has sent to itself via 'kill(getpid(), SIGxxx)' * a C program will react appropriately when it sends itself a SIGKILL or SIGSTOP * a C program will react appropriately when you call abort(3) * a C program will die with the error Floating point exception: 8 (core dumped) if it divides by zero, but not if it sends itself a SIGFPE. That's significantly odd. What does stty -a say about your control character settings? You should see something like: % stty -a speed 9600 baud; 58 rows; 90 columns; [ ... ] cchars: discard = ^O; dsusp = ^Y; eof = ^D; eol = undef; eol2 = undef; erase = ^?; erase2 = ^H; intr = ^C; kill = ^U; lnext = ^V; min = 1; quit = ^\; reprint = ^R; start = ^Q; status = ^T; stop = ^S; susp = ^Z; time = 0; werase = ^W; ...which has the mappings for ^C = SIGINT, ^Z = SIGTSTP, etc. Regards, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: mod_php5 and apache22
On Tue, 24 Mar 2009 16:46:16 +0100 Ruben de Groot mai...@bzerk.org wrote: On Tue, Mar 24, 2009 at 03:20:26PM +0100, Mel Flynn typed: On Tuesday 24 March 2009 15:13:33 Christoph Kukulies wrote: I moved a site from some FreeBSD 5.2 or something (with apache2 and mod_php5 at that time, about 3 years old) to 7.1 (Beta though) and apache22. Now I don't find something that looks like mod_php5 in /usr/ports/www. Has that changed somehow? lang/php5 with APACHE_MODULE ticked in options dialog. The apache module compile is off by default since somewhere in 2006 and I keep forgetting that occasionally :( So people using pkg_add -r php5 will not get mod_php5. That's right, you haven't been able able to install mod_php5 from a package for at least that long. I've never understood the rationale. This is probably not what they expected. I could well be wrong, but I've always suspected that _most_ people who install apache (1.3 or 2.x) and php do so because they intend to use it with mod_php, rather than the command-line php interpreter or the cgi. Would it not be a good idea to (re)introduce www/mod_php5? Yes. As far as I can tell, all that would be required is an identical port (with a new name, '+mod_php' would do fine) with the ONLY change being to select the APACHE_MODULE option on, as Mel points out. I wish someone who knows about ports building would just do that. Then you could again install apache+mod_php from packages, right from the dist CDs/DVD if desired. Ah, for the good old days when it wasn't assumed that everyone had both fast boxes and fast net connections :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Creating a 10km wireless bridge...pointers?
On Sun, 22 Mar 2009, Wojciech Puchar wrote: Best encrypted, or at least use point-to-point adhoc in bridge mode rather than point-to-AP unencrypted, which will surely get abused. quite available in Poland where people have unencrypted AP's at home. good antenna and you get free (and anonymous ;) access to the net. My point exactly :) easily. With +15dBm antennae you should get (at least lower) 11g rates, and if you can afford 20+dBm dish grid antennae, so much the faster. grid antennas for 2.4Ghz are not expensive. give best available there are about 24dB, to have LARGE margin for noise. It's a few years since I priced some of those, they're likely much cheaper now. Then something like AU$200 + coax + fittings per end. As others have said - avoid amplifiers, spend most on good antennae and amplifiers make sense ONLY when there are something on the line that damps the signal (like few trees) and you can't avoid that. but still it's not good, snow would fall on trees and then nothing will help. There's good discussion of that and fresnel zones etc in that WNDW book. BTW, I've since explored a bit and found what looks like a very useful companion (free, PDF) book How to Accelerate Your Internet that I've yet to read beyond the table of contents getting my attention, and a quick browse to scope the Traffic Shaping section. http://bwmo.net/ Very timely for me anyway; I have to tackle some Debian boxes in coming weeks, doing a crash course in iptables re both firewall and shaping. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Creating a 10km wireless bridge...pointers?
On Sat, 21 Mar 2009 06:43:01 -0600 Modulok modu...@gmail.com wrote: I have been tasked with getting a DSL connection across about 10km of no-man's-land to a rural location without internet access. Ideally, all traffic inbetween the two directional antennas would be encrypted. Best encrypted, or at least use point-to-point adhoc in bridge mode rather than point-to-AP unencrypted, which will surely get abused. (Nice, but not entirely required.) 3Mb/s would be great! Something like: LAN-BSDrouter-modem-Antenna~~air~~Antenna-modem-DSL I'm looking for general pointers of both hardware and software to achieve this. I'd like to employ FreeBSD as much as is feasible. This is my first WAN network project, so even newbie pointers and general references would be much appreciated. (Hardware suggestions, books to read, etc.) Reliability is of mild concern, simply because I don't want to drive 10km at 3:00am when something breaks. Tips? References? Advice? I suggest downloading Wireless Networking in the Developing World in language of choice from http://wndw.net/download.html .. a great read, good coverage of theory and lots of practical advice. If you're on a budget, a couple of (say) Dlink or Cisco APs - something with decent external antenna connectors anyway - in bridge mode with two yagi or helical antennae with = 12dBm gain should do 10km line of sight easily. With +15dBm antennae you should get (at least lower) 11g rates, and if you can afford 20+dBm dish grid antennae, so much the faster. Might be worth checking out /usr/ports/net/olsrd (http://www.olsr.org/) As others have said - avoid amplifiers, spend most on good antennae and cables, as short and fat as is practicable. You'll likely want short pigtails between the wireless card or bridge and the longer fat leads. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: make installworld fails on RELEASE6.4 amd64
On Tue, 17 Mar 2009 13:05:17 +0700 (ICT) Olivier Nicole o...@cs.ait.ac.th wrote: I am facing a problem that I cannot solve when trying to reinstall wolrd on 6.4 amd 64. More about this issue. Regarding adjkerntz -i. Places that are ahead of UTC don't need to do the adjkerntz -i after rebooting in single user. That's certainly not my experiance here (UTC+11 currently). That got well burnt into my brain after y2k with FreeBSD 2.2.6, having to patch /etc/rc (on advice) to deal with a BIOS that thought 2000 was 1994 :) Suppose you are in a time zone at UTC +7. Boot in multiuser: Wall clock=7:00 CMOS clock=7:00 TZ time= 7:00 UTC= 0:00 Right. It appears that /etc/wall_cmos_clock exists there, yes? From 7:00 to 7:30 you build world, file created will have a creation date of 0:00 to 0:30 UTC. Well yes as UTC, but with wall_cmos_clock everything will show these files as local time (07:xx), just as any other files created multiuser. Reboot in single user: Wall clock=7:30 CMOS clock=7:30 UTC= 7:30 (no adjkerntz) That's exactly WHY you want to run adjkerntz -i then, before anything that creates files is run, ie mergemaster, installworld .. but it only makes any difference if /etc/wall_cmos_clock does exist then of course. So if you'd run adjkerntz -i, times would show the same as in multiuser. Make install world, the install will be done with a UTC at 7:30, that is after the build time of 0:00 to 0:30. Reboot in multiuser: Wall clock=7:45 CMOS clock=7:45 TZ time= 7:45 UTC= 0:45 Now if you look at the newly installed world, it will be in the future, ahead by 7 hours: a file installed at 7:35 will be listed with a time of 14:35. That is odd, but it works. Sorta works, if you don't mind file (and log) timestamps not reflecting reality. I'm fussy about chronology. And then there's that 7 hour wait until those files become dated in the past, and so can be 'updated'. Hence country ahead of UTC don't need adjkerntz -i Sorry, but this demonstrates exactly why you DO need to run that when (ever) working single user, if you want file/log datestamps consistent. I can't comment on i386/amd64 differences, but it's necessary on i386. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Speeding up exit(2)?
On Sun, 15 Mar 2009 11:01:41 +0100 cpghost cpgh...@cordula.ws wrote: On Sun, Mar 15, 2009 at 10:27:53AM +0100, Wojciech Puchar wrote: Not sure what's really going on there, but apparently, the process reads in pages from swap that have been paged out previously (according to top(1)). is it your program and you are sure it's on exit? Every memory hungry program is concerned; and yes: it happens exactly on exit. it's because the program is writted the way it's doing a lot of things (probably unneeded) on exit. Have a look at what happens during exit: /usr/src/sys/kern/kern_exit.c:exit1() especially at the call to vm_waitproc(): /usr/src/sys/vm/vm_glue.c:vm_waitproc which calls vmspace_exitfree(): /usr/src/sys/vm/vm_map.c:vmspace_exitfree() Now, vmspace_exit() and vmspace_exitfree() ultimately call: /usr/src/sys/vm/vm_map.c:vmspace_dofree() It then goes deep into the bowels of vm amd pmap, and that's the place where the pages are paged in again (I think). Sounds right. This is easy to demonstrate on a laptop with 160MB RAM, running a bunch of servers + X + KDE, then running Mozilla, then opening about 30 tabs of pages, many of which run vast and buggy javascript .. By this stage mozilla is about 150MB with about 60MB resident, and swap is pushing 200MB. *seriously* paging, just on flipping to another tab. Now close mozilla and watch top while it's shutting down. Go and pour yourself a cuppa, there's no hurry .. Apart from having to close each tab/window, freeing all its resources, bits of the executable itself need to be paged in to do various things, which may need to page out some more. What's amazing is that it can do that for several minutes, coming out unscathed when it finally quits! (extreme example, but a true story from a wild ebay session yesterday :) not exit(2) itself Well that just starts that big VM ball rolling, so to speak .. so it's a tad more complex than a program that fills memory (+ swap) then exits. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: / partition full
On Fri, 13 Mar 2009 21:33:53 +1000 Warren Liddell shin...@maydias.com wrote: I've looked as much as i can, but with only 5meg free on / .. its making things in terms of building world kernel a lil difficult .. what's the command so i can see exactly what dir on / is using up all the space so i can free it up ? # du -xd1 / | sort -rn | head -7 167521 / 81728 /root 56918 /boot 7630/rescue 4354/sbin 3550/lib 3058/etc sola# du -xd1 /root | sort -rn | head -7 81728 /root 30526 /root/build 23400 /root/mail 7020/root/p45 4402/root/bin 842 /root/from_4_5 552 /root/.kde sola# du -xd1 /boot | sort -rn | head -7 56918 /boot 20048 /boot/kernel 17974 /boot/kernel.old 17968 /boot/kernel.55S_2 18 /boot/defaults 2 /boot/modules You want -x to not descend into mounts such as /usr or /var. Replace -d1 with --max-depth=1 if you like extra typing, or are using linux :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: torrent client traffic shaping question
On Wed, 11 Mar 2009 12:42:23 + RW rwmailli...@googlemail.com wrote: On Wed, 11 Mar 2009 11:13:16 +0200 Brent Clark brentgclarkl...@gmail.com wrote: Hiya I got this question to ask, and I was hoping the TCP/IP gurus would be able to help me understand this. K you know how with traffic shapping you can control only the traffic leaving you, how it is that torrent clients say they can control the download as well as the upload. I would think the client can only control the upload. If the client reads from a TCP socket slower than the data is coming-in, the buffers fill-up and the sliding-window algorithm in TCP causes the sending side to slow down. Sure. A traffic shaper could efficiently regulate downloads by proxying TCP. And even though PF does some limited TCP proxying, unfortunately dummynet and altq work at the IP level. I don't know why you say 'unfortunately' here? I can only talk about ipfw + dummynet from my own experience, but you can use dummynet pipes and their queue/s to shape any sort of IP(v4) traffic, in- or outbound, directed to/from any sort of flow ipfw can distinguish by any of the usual packet selectors (TCP, UDP, ICMP, raw IP or by any IP protocol or options; for TCP/UDP by src/dest ports as well as addresses, whatever) While it's true that shaping listen-only unacknowledged streaming UDP by dropping further packets once the inbound pipe's queue is full involves packet loss, many real-world UDP transfers (eg realaudio) will back off from sending more in the absense of some sort of specific or periodic acknowledgements. I'm not sure what happens with multicast traffic. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: ipfw: Can't see other flows in pipe
On Fri, 6 Mar 2009, Sebastian Mellmann wrote: [.. after merciless snippage ..] $cmd pipe 500 config bw $bottleneck_bandwidth $cmd add pipe 500 all from any to any via $in_if $cmd pipe 510 config bw $bottleneck_bandwidth $cmd add pipe 510 all from any to any via $out_if ipfw pipe show gives me the following: 00510: 100.000 Mbit/s0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 0 tcp 192.168.5.4/47753 192.168.7.1/22610244 609078476 2 104 1 00500: 100.000 Mbit/s0 ms 50 sl. 1 queues (1 buckets) droptail mask: 0x00 0x/0x - 0x/0x BKT Prot ___Source IP/port Dest. IP/port Tot_pkt/bytes Pkt/Byte Drp 0 tcp 192.168.5.4/47753 192.168.7.1/22609337 607754332 2 1552 0 Why do I only see ONE connection inside the 500/510 pipe? I thought I could see any connection going through that pipe. With no masking specified, all flows use the same bucket (0) so totals shown are of all packets through that pipe. src/dest addr/ports shown are those of the first packet using that bucket, not the most recent. You may also find http://info.iet.unipi.it/~luigi/ip_dummynet/ helpful. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
How do I determine the FreeBSD world revision/version?
Good afternoon everyone, I'm asking this question here because I honestly don't know where to turn to otherwise. I've looked through forums, Google search results and the FreeBSD handbook without a specific answer. I understand the concept that FreeBSD is actually an OS, which is a combination of the kernel and the world. Ports are the extraneous userland which is not mandatory for a working system. Now, in order to explain my question, I have to use an analogy: In Linux, you can have a kernel version, a distribution version and software versions. If you're running kernel 2.6.20, CentOS (as an example) 5.1, and bash (another example) 3.2, you know that upgrading can occur at any of those levels. My actual question is this: Is there a way to tell what version of the FreeBSD world you're running outside of uname -a, which tells you what *kernel* version you're running? I do know that any of these can be patched to different levels outside of what you've installed from scratch (or upgraded to at any particular level), but with Linux, when you run the respective commands, you get the *base* revision you started from. In FreeBSD, uname -a gives you the kernel base, and pkg_info will give you the software revision base for a particular port/package. If I have a particular FreeBSD system, and know its a modified kernel, how can I tell what base was originally on it? I've often updated the kernel on a 7.1-RELEASE to 7-STABLE to get more recent updates to the kernel, but the base as been left at 7.1-RELEASE. Now, it could have been 7.0-RELEASE or 7.x-RELEASE and after upgrading the kernel, is this informaiton stored anywhere? Also, if this *is* explained somewhere, and I've missed, I honestly apologize in advance. Thanks, Ian -- So drop on the deck and flop like a fish. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Apache 1.3.41
On Fri, 06 Mar 2009 20:01:09 +0100 Jos Chrispijn j...@webrz.net wrote: For some reason, Apache isn't starting anymore after having my ports upgraded today. That was a major php5 upgrade and I think it might have to do something with it. Could well be. Others offered good suggestions re rebuilding and order in extensions.ini, but I did spot a couple of things in your config: httpd-error.log is empty on this Nothing in /var/log/messages either? my httpd.conf: [..] LoadModule php5_modulelibexec/apache/libphp5.so [..] AddModule mod_php5.c [..] DocumentRoot /usr/local/www [..] Directory /usr/www Options Indexes FollowSymLinks MultiViews ExecCGI Includes AllowOverride AuthConfig Limit Indexes Options FileInfo Order allow,deny Allow from all /Directory Shouldn't that be Directory /usr/local/www ie DocumentRoot? IfModule mod_userdir.c UserDir public_html /IfModule As advised by Apache docs re security, it's worth adding here: UserDir disabled root Ok, annotating this section: IfModule mod_dir.c TRUE IfModule mod_php3.cFALSE IfModule mod_php4.c DirectoryIndex index.php index.php3 index.html /IfModule IfModule !mod_php4.c DirectoryIndex index.php3 index.html /IfModule /IfModule IfModule !mod_php3.c TRUE IfModule mod_php4.cFALSE DirectoryIndex index.php index.html index.htm /IfModule IfModule mod_php5.cTRUE DirectoryIndex index.php index.html index.htm /IfModule IfModule !mod_php4.c TRUE !!! so overriding previous DirectoryIndex index.html /IfModule /IfModule /IfModule The IfModule mod_php5.c section should come last, after !mod_php4.c, or index.php isn't treated as a DirectoryIndex. I don't know if php5 install sticks it in there or what, but I've had to fix it here before. [..] IfModule mod_mime.c [..] IfModule mod_php3.c AddType application/x-httpd-php3 .php3 AddType application/x-httpd-php3-source .php3s /IfModule IfModule mod_php4.c AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps /IfModule IfModule mod_php5.c AddType application/x-httpd-php .php AddType application/x-httpd-php-source .phps /IfModule Looks right here. NameVirtualHost * include /usr/local/etc/apache/httpd.sites Presumably unchanged/ok? cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Free Pascal
Can anyone point me to a method of installing Free Pascal Compiler? I am running FBSD 7.1, with KDE4. The last attempt deleted a file used by X-windows (and perhaps others), but I had no specific instructions as a guide. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: portmanager/portmaster like application for packages?
On Tue, 3 Mar 2009 08:32:10 -0900 Mel fbsd.questi...@rachie.is-a-geek.net wrote: On Sunday 01 March 2009 14:02:19 per...@pluto.rain.com wrote: Mel fbsd.questi...@rachie.is-a-geek.net wrote: On Saturday 28 February 2009 23:06:10 Fbsd1 wrote: I am looking for software like portmanager/portmaster but works on the package system instead of the port system. Is there such am application available? Not (yet). Without /usr/ports it's impossible to find out what software needs updating, or you'd have to download and trust the INDEX-7 on the FreeBSD package servers. ... which may not be much of a stretch for those who are prepared to download and trust the packages themselves, from the same place. It is a stretch in practice. The INDEX is based on /usr/ports, which is ahead of the packages that are actually compiled on the buildservers. Well, sometimes by a day or two, so I guess if you're portupgrading daily or whatever. For larger portupgrades after a while (as I tend :) I very rarely miss finding all the latest packages, ie as perryh said: portupgrade -PP manages somehow. Not somehow, but because it works with /usr/ports. Try renaming your ports directory and see how that goes. Also, -PP wastes a lot of bandwidth. Just look at the ammount of packages that are downloaded which aren't actually installed, because the version is older or equal then installed. I don't get your latter point, Mel. Assuming the ports tree is up to date (I can't comment on using just an INDEX without a ports tree) then the package versions obtained using -PP match those in the ports tree; I don't recall it ever downloading older packages than the ports versions? BTW, the OP may not realize that the package system is a subset of the port system, rather than an alternative. Packages are generated using the port system. It's an alternative way to install the same software. One can in fact use packages without having /usr/ports present at all. I'm using my own tools, using a custom INDEX format on the build server. But there's still too many raw edges that I'd like the tools released into the wild. Fair enough, but I think perryh's point stands; many people appear to believe that ports and packages are separate systems. We've even seen people say you shouldn't mix the two methods which is utter nonsense. For a large (likely overdue :) portupgrade session, after updating the tree I start with portupgrade -anPP which fetches all available packages to /usr/ports/packages, without updating anything yet. Sometimes some regional mirrors aren't quite up to date, so I might need to finish off with a visit to somewhere closer to (ultimately) ftp.freebsd.org. Then portupgrade -aP uses the (now local) packages, builds any ports for which there is no package for licence etc reasons, sometimes grabbing a few more dependent packages along the way, but my poor lil' ol' laptop doesn't need to spend days compiling Xorg, KDE, openoffice if you use it, and a bunch of other big ports; it only takes quite a few hours :) and a little extra bandwidth saving days of building is fine by me .. The only largish port that always needs (re)building here is PHP, where the default options and thus the built package - weirdly, in my view - doesn't include mod_php, though I bet most PHP users wanted it for that. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Odd DNS requests
On Sat, 28 Feb 2009, George Davidovich wrote: On Sat, Feb 28, 2009 at 04:32:47PM +1100, Ian Smith wrote: Recently we've had a Mac notebook of some sort on our LAN, that likes to make these DNS queries from time to time, to no avail, as noticed on a filtering bridge between the LAN and the router+DNS at 192.168.0.1: 16:13:05.020397 192.168.0.59.53207 192.168.0.1.53: 63162+ PTR? b._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18] 16:13:05.021093 192.168.0.1.53 192.168.0.59.53207: 63162 NXDomain* 0/1/0 (128) (DF) 16:13:05.215790 192.168.0.59.64633 192.168.0.1.53: 61059+ PTR? db._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.216469 192.168.0.1.53 192.168.0.59.64633: 61059 NXDomain* 0/1/0 (129) (DF) 16:13:05.226242 192.168.0.59.61635 192.168.0.1.53: 6749+ PTR? r._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18] 16:13:05.226789 192.168.0.1.53 192.168.0.59.61635: 6749 NXDomain* 0/1/0 (128) (DF) 16:13:05.237319 192.168.0.59.56300 192.168.0.1.53: 21450+ PTR? dr._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.237842 192.168.0.1.53 192.168.0.59.56300: 21450 NXDomain* 0/1/0 (129) (DF) 16:13:05.248440 192.168.0.59.60806 192.168.0.1.53: 10032+ PTR? lb._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.249252 192.168.0.1.53 192.168.0.59.60806: 10032 NXDomain* 0/1/0 (129) (DF) What exactly are these hoping to discover, and what needs turning off in the Mac's setup (OSX, most likely a recent version) to quell them? DNS-Based Service Discovery: http://files.dns-sd.org/draft-cheshire-dnsext-dns-sd.txt Skip to the section titled: 12. Discovery of Browsing and Registration Domains (Domain Enumeration)' when it gets boring. There may be something more recent or more authoritative, but that's what I have bookmarked. Thankyou George. Not tonight's bedtime reading but I'll get through it. As for configuring the notebook, etc., perhaps someone else can chime in. On the face of it, it seems not a bad idea. I'm not averse to using DNS in ways that some may consider impure, being more bothered by things I don't understand :) I'll check the Mac's mDNS setup though, there's no sense it banging away forever on NXDOMAIN responses, that often anyway. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Odd DNS requests
Hi, recently we've had a Mac notebook of some sort on our LAN, that likes to make these DNS queries from time to time, to no avail, as noticed on a filtering bridge between the LAN and the router+DNS at 192.168.0.1: 16:13:05.020397 192.168.0.59.53207 192.168.0.1.53: 63162+ PTR? b._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18] 16:13:05.021093 192.168.0.1.53 192.168.0.59.53207: 63162 NXDomain* 0/1/0 (128) (DF) 16:13:05.215790 192.168.0.59.64633 192.168.0.1.53: 61059+ PTR? db._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.216469 192.168.0.1.53 192.168.0.59.64633: 61059 NXDomain* 0/1/0 (129) (DF) 16:13:05.226242 192.168.0.59.61635 192.168.0.1.53: 6749+ PTR? r._dns-sd._udp.0.0.168.192.in-addr.arpa. (57) [tos 0x18] 16:13:05.226789 192.168.0.1.53 192.168.0.59.61635: 6749 NXDomain* 0/1/0 (128) (DF) 16:13:05.237319 192.168.0.59.56300 192.168.0.1.53: 21450+ PTR? dr._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.237842 192.168.0.1.53 192.168.0.59.56300: 21450 NXDomain* 0/1/0 (129) (DF) 16:13:05.248440 192.168.0.59.60806 192.168.0.1.53: 10032+ PTR? lb._dns-sd._udp.0.0.168.192.in-addr.arpa. (58) [tos 0x18] 16:13:05.249252 192.168.0.1.53 192.168.0.59.60806: 10032 NXDomain* 0/1/0 (129) (DF) What exactly are these hoping to discover, and what needs turning off in the Mac's setup (OSX, most likely a recent version) to quell them? cheers, Ian (please cc me, I'm subscribed to the -digest) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Problem with speedtouch 330
On Tue, 24 Feb 2009 19:00:17 +0100 Maciej Piechotka uzytkown...@gmail.com wrote: Hello. I have a problem with Speedtouch 330. I cannot connect with my IPS. In dmesg it is written that the modem_run cannot 'read interrupts'. Regards ppp.conf: default: set log Phase Chat LCP IPCP CCP tun command ident user-ppp VERSION (built COMPILATIONDATE) set ifaddr 10.0.0.1/0 10.0.0.2/0 adsl: set authname mjnys...@webnet24.pl set authkey 53T6gbDt You should change this password, now that you've published it. set device !/usr/local/sbin/pppoa2 -vpi 0 -vci 35 -v 1 -d /dev/ugen0 accep chap It's 'accept', though the abbreviation does work (see below). set sppeed sync It's 'speed'. set timeout 0 set reconnect 10 100 #enable lqr #set lqrperiod 5 #set radial 15 1000 #set dial add default HISADDR #enable dns ppp.log: Feb 23 20:54:33 HOSTNAME ppp[961]: Phase: Using interface: tun0 Feb 23 20:54:33 HOSTNAME ppp[961]: Phase: deflink: Created in closed state Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: default: ident user-ppp VERSION (built COMPILATIONDATE) Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: default: set ifaddr 10.0.0.1/0 10.0.0.2/0 Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set authname ***...@webnet24.pl Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set authkey Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set device !/usr/local/sbin/pppoa3 -vpi 0 -vci 35 -v 1 Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: accep chap Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set spped sync Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Warning: set spped: Invalid command Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Warning: set spped: Failed 1 See above (though this indicates a *different* misspelling of 'speed') Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set timeout 0 Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: enable lqr Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set lqrperiod 5 Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Command: adsl: set radial 15 1000 Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Warning: set radial: Invalid command Feb 23 20:54:48 HOSTNAME ppp[961]: tun0: Warning: set radial: Failed 1 Try 'redial'. This log also doesn't match the config shown above. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: freebsd-questions Digest, Vol 248, Issue 23
On Thu, 26 Feb 2009, freebsd-questions-requ...@freebsd.org wrote: [..] Today's Topics: 1. Re: freebsd-questions Digest, Vol 248, Issue 23 (Kayven Riese) [..] Message: 1 Date: Wed, 25 Feb 2009 15:43:43 -0800 From: Kayven Riese kay...@gmail.com Subject: Re: freebsd-questions Digest, Vol 248, Issue 23 To: freebsd-questions@freebsd.org Message-ID: 28b9b4180902251543t2ce5edfbqaabee48cd371d...@mail.gmail.com Content-Type: text/plain; charset=windows-1252 Never mind. On Wed, Feb 25, 2009 at 3:36 PM, freebsd-questions-requ...@freebsd.orgwrote: We do mind. Please don't ever again top-post a meaningless comment followed by a tail-quoted dump of the previous 80 kilobyte digest into the next one. Ian (on behalf of other questions-digest subscribers) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: w(5) shows non-existent or lost process?
On Tue, 17 Feb 2009 13:43:30 + Anton Shterenlikht me...@bristol.ac.uk wrote: The who (or w, or finger) command shows that I'm still logged into ttyp5, even though I have rebooted the xxx box many times since. Does this mean the corresponding entry in /var/run/utmp is wrong and shouldn't be there, or is there still some process attached to ttyp5? Certainly the former, given you've rebooted. I've had occasions when utmp gets silly, though not for ages. Abrupt shutdown / power loss? ouput of w: USER TTY FROM LOGIN@ IDLE WHAT mexasp4 xxx 1:32pm - w mexasp5 xxx:0. 26Jan09 21days - ps ax | grep ttyp5 shows no process ps would only list it as 'p5' anyway. 'w -d' may be a bit more informative: % w -d 6:00PM up 68 days, 15:22, 1 user, load averages: 0.58, 0.23, 0.13 USER TTY FROM LOGIN@ IDLE WHAT 3733 login [pam] (login) 3734 -csh (csh) 7333 /bin/sh /usr/X11R6/bin/startx 7351 /usr/X11R6/bin/xinit /home/smithi/.xinitrc -- -auth /home/smithi/.serverauth.7333 -nolisten tcp 7352 X :0 -auth /home/smithi/.serverauth.7333 -nolisten tcp (Xorg) 7356 /bin/sh /usr/local/bin/startkde 7421 kwrapper ksmserver smithi v7 -12Dec08 68days /usr/X11R6/bin/xinit /home/smithi/.xinitrc -- -auth / Looking at w(1) man page it seems that - in WHAT can be an indication that the process failed but not cleanly and that there could be some forked sub-process still alive. Does this make sense? Which other commands I can use to see what's going on? utmp(5) makes good bedtime reading :) /var/log/wtmp can get messed up sometimes too, especially if you're logged in when periodic(8) monthly rotates it, but tools include: % last smithi ttyp5dolores Mon Feb 2 15:52 - 15:57 (00:05) wtmp begins Mon Feb 2 15:52:27 EST 2009 !last -f /var/log/wtmp.0 smithi ttyp5rock.-.org Mon Jan 26 19:37 - 23:17 (03:40) smithi ttyp5rock.-.org Thu Jan 15 21:30 - 21:45 (00:14) smithi ttyp5rock.-.org Thu Jan 15 18:04 - 18:05 (00:00) smithi ttyp5rock.-.org Thu Jan 15 18:01 - 18:03 (00:01) somebody ftp ww.xxx.yyy.zzThu Jan 1 10:47 - 10:50 (00:03) [..] % who smithi ttyv7Dec 12 02:39 % who /var/log/wtmp.0 [..] somebody ftp61687 Jan 1 10:47 (ww.xxx.yyy.zz) smithi ttyp5Jan 15 18:01 (rock.-.org) smithi ttyp5Jan 15 18:04 (rock.-.org) smithi ttyp5Jan 15 21:30 (rock.-.org) smithi ttyp5Jan 26 19:37 (rock.-.org) % who am i smithi ttyp4Feb 18 18:16 % tty /dev/ttyp4 you could try opening enough xterms (ono) so your ttyp5 is used, then exit them cleanly? Failing that, you can boot single user, mount /var, rm /var/run/utmp, hit ^D (or reboot) .. IIRC I had to do that once; not sure what happens if you rm /var/run/utmp while running multi-user! :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Top Posting Mania [was Re: FreeBSD 7.O compiled code is very slow]
On Thu, 19 Feb 2009 00:13:08 +0100 (CET) Wojciech Puchar woj...@wojtek.tensor.gdynia.pl wrote: you install it from ports and use explicitly, everything else still uses default On Wed, 18 Feb 2009, Kailash Kailash wrote: Can old version of GCC used with BSD 7.0 without facing any compatibility problem? Thanks, Kailash -Original Message- From: Wojciech Puchar [mailto:woj...@wojtek.tensor.gdynia.pl] Sent: Wednesday, February 18, 2009 1:46 PM To: Kailash Kailash Cc: freebsd-questions@freebsd.org Subject: Re: FreeBSD 7.O compiled code is very slow looks like they improved gcc. you can install older from ports. On Wed, 18 Feb 2009, Kailash Kailash wrote: Woj, I'm really surprised that you, of all people, seem lately to have been converted to the Micro$oft Outlock-trained style of top-posting, including tail-quoting all sorts irrelevant and repeated trailers etc, after years of your (almost too- :) concise postings. This list is getting very hard to follow as a digest anymore, when half of it or more is re-re-repeated overtailquoting of irrelevant trivia. Please come back from the dark side .. Cheers anyway, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Top Posting Mania [was Re: FreeBSD 7.O compiled code is very slow]
On Thu, 19 Feb 2009, Wojciech Puchar wrote: On Wed, 18 Feb 2009, Kailash Kailash wrote: Woj, I'm really surprised that you, of all people, seem lately to have been converted to the Micro$oft Outlock-trained style of top-posting, including tail-quoting all sorts irrelevant and repeated trailers etc, after years of your (almost too- :) concise postings. well, sorry, but i don't use M$ Outlock That's more like it! :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Help with high LA
On Thu, 12 Feb 2009 10:04:41 -0200 (BRST) sc...@centroin.com.br wrote: I need help for some strange problem with one of my servers, that can cost my job. It's a FreeBSD 7.0-RELEASE-p5/amd64 running on a Dell PowerEdge III as a Virtual machine of VMware ESXi. There are only two VM in this box, and one of them (basicly a mail server) is running fine. The problem is with high loads on the other one, that runs (besides other services) http and pop3. TOP show LA from 40 to 90 most of the time. I thought, at first, that was a disk botleneck due to some big mailboxes, or something related to some Apache (2.2.9) fine tuning, but it's something else. If I stop pop3 and apache services (the most active of the box), the LA drops to 1~2. Starting only one of them (any one) the LA rise to 20~40. Sugesting that it's not tied to a specific service. I did a test running just pop3 (Qpopper), pointing the mail spool to a empty directory, to make shure that it's not a disk problem. And the LA also goes to sky (~30). The same happens with only apache running pointing to a simple http page. The console shows messages like: ipfw: install_state: Too many dynamic rules net.inet.ip.fw.dyn_max: 4096 # (here) Maximum number of dynamic rules. When you hit this limit, no more dynamic rules can be installed until old ones expire. To see which traffic is creating 'too many' dynamic rules, check: # ipfw -ted show | less -S ++G (-td for just active rules, but the expired ones tell useful stories) I know I must review my rules and limit the number of keep-state entries, but a tryed to rise the number of dynamic buckets via sysctl: sysctl -w net.inet.ip.fw.dyn_buckets=2048 But it seems it's not working, since the number of current buckets doesn't pass 256: net.inet.ip.fw.curr_dyn_buckets: 256 But did you remember to flush? :) See ipfw(8) under 'SYSCTL VARIABLES'. You might also want to monitor and/or play with some of the other net.inet.ip.fw.dyn_* sysctls to see what's happening and how many dynamic rules you need with comfortable headroom for your workload/s. For TCP, keepalive and *lifetime timeouts may be relevant. I tend to use stateful rules for outbound UDP, and stateless setup and established rules for TCP services here, but your needs may differ. I tryed to make some OS tuning, from the handbook, like increase the maxcon: kern.ipc.somaxconn: 2048 but nothing seems to work. Other entries in the logs: Feb 12 09:06:20 host1 inetd[1248]: accept (for ftp): Software caused connection abort Feb 12 09:06:20 host1 inetd[1248]: accept (for pop3): Software caused connection abort I need some clues to undestand what is happening. Thank you, - Marcelo Yes, 'Too many dynamic rules'; further connections will surely fail. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
sh parameter substitution problem
I'm getting nowhere trying to parse out IP addresses from strings of
this form in /bin/sh, which have been awk'd out of 'tail named.run':
addr='195.68.176.4#1440:'
addr='195.68.176.4#16811:'
addr='195.68.176.4#276:'
sh(1) in hand, I've tried:
ip=${addr:%#*}
ip=${addr:%%#*}
ip=${addr:%[#]*}
ip=${addr:%%[#]*}
but all of these report './testbit: 7: Syntax error: Bad substitution'
How can I split these strings to exclude the '#' and all beyond,
preferably using sh syntax, at least without resorting to perl?
Please cc me as I'm only subscribed to the digest.
TIA, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sh parameter substitution problem
On Wed, 11 Feb 2009, Giorgos Keramidas wrote:
On Wed, 11 Feb 2009 21:47:17 +1100 (EST), Ian Smith smi...@nimnet.asn.au
wrote:
I'm getting nowhere trying to parse out IP addresses from strings of
this form in /bin/sh, which have been awk'd out of 'tail named.run':
addr='195.68.176.4#1440:'
addr='195.68.176.4#16811:'
addr='195.68.176.4#276:'
sh(1) in hand, I've tried:
ip=${addr:%#*}
ip=${addr:%%#*}
ip=${addr:%[#]*}
ip=${addr:%%[#]*}
but all of these report './testbit: 7: Syntax error: Bad substitution'
How can I split these strings to exclude the '#' and all beyond,
preferably using sh syntax, at least without resorting to perl?
Remove the ':' part and quote the text to avoid parsing '#' as a comment
delimiter:
$ addr='195.68.176.4#1440:'
$ echo ${addr%#*}
195.68.176.4
Thankyou Giorgos,
just before yours arrived I'd twigged that the ':' was wrong there, and
tried ip=${addr%#*} which worked fine. I guess # within ${..} doesn't
get taken as a comment .. which makes sense or these would always need
to be double-quoted.
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: sh parameter substitution problem
Thanks Ed - good old sed - and Jonathan too, now the digest's here. 195.68.176.4 Lest anyone get the wrong idea: that's a victim, perpetrator unknown. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: #2 DNS Auto in KPPP in FreeBSD 7.1
On Sat, 07 Feb 2009 16:30:58 +0300 Dmitry anta...@land.ru wrote: Hi to All! Sorry for my bad English. My problem: I am have 3G/EDGE modem ZTE MF622+ and FreeBSD 7.1. In using KPPP (KDE 3.5.10) my modem can't connect to EDGE provider, because in KPPP not enabled option Auto DNS setting. If manually set this option, that says tech support of provider, pppd print, that not connect and not determinate IP adress. Why I can enable this option? In Linux this option is enabled and all working fine. Thank you! pppd(8) has not had any serious work done on it for over two years, see http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/pppd/main.c There was some talk in -net of dropping support for it altogether. The KPPP authors have so far declined to consider adding support for FreeBSD's ppp(8), due perhaps to their primarily Linux orientation. I suggest instead using either ppp(8) - which is extensively supported by the FreeBSD Handbook and in the mailing lists - or the net/mpd5 port, which uses in-kernel netgraph modules. Both support fetching upstream DNS addresses. I happily used ppp(8) for 10 years, but now prefer mpd. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re[2]: IPFW DUMMYNET: Several pipes after each other
On Wed, 28 Jan 2009, KES wrote: , Ian. May be this will be usefull for you Yes, but I need to read it more times :) Nicely answers the question about stats per flow/queue anyway, not too hard to parse for logging. #1. ping -D -S 10.10.16.16 -s 1472 -i 0.01 10.0.16.1 #2. ping -S 10.10.16.17 10.0.16.1 Results suggest that #1 was -S 10.10.16.19 ? A script running the same number of #2 before killing #1 (or such) would make comparisons between different runs easier to follow maybe? Thanks, lots of useful info; hoping to try some weighted queueing soon. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW DUMMYNET: Several pipes after each other
On Mon, 26 Jan 2009, Sebastian Mellmann wrote: Ian Smith wrote: On Thu, 22 Jan 2009 08:10:09 +0100 (CET) So far I've got those rules: in_if=em0 out_if=em1 management_if=em2 in_ip=100.100.100.1 out_ip=200.200.200.1 management_ip=172.16.0.201 client1_subnet=192.168.5.0/26 client2_subnet=192.168.6.0/26 server_subnet=192.168.7.0/24 download_bandwidth=6144Kbit/s upload_bandwidth=1024Kbit/s delay=0 queue_size=10 10 slots ie packets is likely too small a queue size at these rates. You want to check the dropped packet stats from 'ipfw pipe show' re that; see the section in ipfw(8) about calculating sizes / delays. I had a look at the ipfw howto on the freebsd site [1], but I'm not 100% sure how to choose a good value for the queue size. Neither am I :) but I'm using some values that seem to work ok. Well actually, on checking since we went from 1500/256kbps to 8192/384k, I might play a bit more, noticing 0.6% or so drops on a couple of pipes. [1] http://www.freebsd-howto.com/HOWTO/Ipfw-HOWTO That's a very good ipfw tutorial, given parts of it are a bit outdated (FreeBSD 4.x) but it covers a lot of useful background. I just skimmed lots of it now but nothing I read jarred, unlike the Handbook section. If I choose the default (50 packets) it means that it takes approx. 100ms (600kbits / 6144kbits) to fill the queue. So the question is: Which value to choose for the queue? It's going to depend on lots of things, your workload, upstream push .. you could start with more like the default and adjust as necessary? I suggest using 'in recv' and 'out xmit' rather than via for these, for the sake of clarity. 'in recv' and 'in via' come to the same thing, as only the receive interface is known on inbound packets, but 'out via' applies to packets that were *received* on the specified interface as well as those going out on that interface after routing, which can lead to surprising results sometimes, and being more specific never hurts .. Thanks for the hint. I'll change that. Also, I'd take both that howto's and ipfw(8)'s advice about your faster inside pipe, and use one pipe per flow/direction (ie full duplex). But when I have a look at the pipes with 'ipfw show' I can only see packets go through the pipe 50 and nothing goes through the other pipes (which makes sense actually since IPFW work that way?). IPFW works that way if you (likely) have net.inet.ip.fw.one_pass=1 .. so that packets exiting from pipes aren't seen by the firewall again. If you set one_pass=0, packets are reinjected into the firewall at the rule following the pipe (or queue) action, which is what you want to do here. Actually this is also described in the manpage of ipfw(8). Shame on me ;-) As penance, read 7 times before sleeping with it under your pillow :) And you'll surely need a much larger queue for this pipe, at 100Mbit/s. As already asked above: How do I know the queue is large or small enough for my needs? I'm never sure, so tend to experiment. How fast your hardware is and kern.hz setting could be significant factors, as could be TCP/UDP mix and other factors I know little about. Reducing reported packet drops is about all I've used for a guide so far. This one is a FreeBSd 4.8 box, a 2.4GHz P4 doing little but being a filtering bridge between a 8192/384kbps ADSL link and nests of mostly XP boxes in 3 LAN groups: !ipfw pipe show | egrep 'tcp|bit' 00010: 256.000 Kbit/s0 ms 30 KB 1 queues (1 buckets) droptail 0 tcp 192.168.0.23/1043 207.46.17.61/807196387 2897628161 00 9706 00020: 5.120 Mbit/s0 ms 50 KB 1 queues (1 buckets) droptail 0 tcp 207.46.17.61/80 192.168.0.23/1043 9977802 12858014698 0 0 63260 00040: 96.000 Kbit/s0 ms 20 KB 1 queues (1 buckets) droptail 0 tcp 192.168.0.45/103766.249.89.147/443 2315107 299340364 00 2086 00050: 1.536 Mbit/s0 ms 40 KB 1 queues (1 buckets) droptail 0 tcp66.249.89.147/443 192.168.0.45/1037 3279021 3802388928 00 22433 00060: 192.000 Kbit/s0 ms 30 KB 1 queues (1 buckets) droptail 0 tcp 192.168.0.64/1032207.46.106.36/1863 1847947 563209421 00 141 00070: 3.072 Mbit/s0 ms 40 KB 1 queues (1 buckets) droptail 0 tcp207.46.106.36/1863 192.168.0.64/1032 2438211 3075075035 00 4550 It's nearly all streaming rather than more interactive traffic, so pipe latency isn't so much of a concern. Anyway, I rarely actually catch any traffic still in-queue, which you can stare at for tuning. Also, that's aggregate traffic, not per IP as with your masks (which look maybe wider than necessary, 0x covers a /16) so you may wind up with lots of separate queues sharing a pipe, which may look very different. How many hosts, how much memory to spare for each
Re: IPFW DUMMYNET: Several pipes after each other
On Tue, 27 Jan 2009, Sebastian Mellmann wrote: Ian Smith wrote: [..] 00060: 192.000 Kbit/s0 ms 30 KB 1 queues (1 buckets) droptail 0 tcp 192.168.0.64/1032207.46.106.36/1863 1847947 563209421 0 0 141 00070: 3.072 Mbit/s0 ms 40 KB 1 queues (1 buckets) droptail 0 tcp207.46.106.36/1863 192.168.0.64/1032 2438211 3075075035 0 0 4550 It's nearly all streaming rather than more interactive traffic, so pipe latency isn't so much of a concern. Anyway, I rarely actually catch any traffic still in-queue, which you can stare at for tuning. Just for reference re KES' message re ping times with a full queue: we only put established TCP traffic through these pipes; ICMP always, and UDP so far - unless/until it becomes an issue - are free-flowing here. Also, that's aggregate traffic, not per IP as with your masks (which look maybe wider than necessary, 0x covers a /16) so you may wind up with lots of separate queues sharing a pipe, which may look very different. How many hosts, how much memory to spare for each? Is there any chance to get the dropped packets for _each_ queue (e.g. logged to a file for further investigation)? Does ipfw provide something here? I don't know, I've only seen 'ipfw pipe show' results here. If you have numbered queues specified too, I guess 'ipfw queue show' would be what to try; if that's any use you could append results to a file/s by cron? I'm mainly doing experiments with different kinds of settings (bandwidth limitations, variable delay, dropped packets probability etcpp.) and I want to see how many packets are actually dropped by ipfw. Happy experimenting .. soon you'll be the expert we can all consult :) If you want to get deeper into it, freebsd-net is the appropriate list. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: IPFW DUMMYNET: Several pipes after each other
On Thu, 22 Jan 2009 08:10:09 +0100 (CET) Sebastian Mellmann sebastian.mellm...@net.t-labs.tu-berlin.de wrote: I'm using FreeBSD 7.0 with IPFW DUMMYNET enabled. I've got a problem with creating a ruleset which allows me to limit the overall bandwidth of a link and afterwards pass the packets to another pipe for processing. So far I've got those rules: in_if=em0 out_if=em1 management_if=em2 in_ip=100.100.100.1 out_ip=200.200.200.1 management_ip=172.16.0.201 client1_subnet=192.168.5.0/26 client2_subnet=192.168.6.0/26 server_subnet=192.168.7.0/24 download_bandwidth=6144Kbit/s upload_bandwidth=1024Kbit/s delay=0 queue_size=10 10 slots ie packets is likely too small a queue size at these rates. You want to check the dropped packet stats from 'ipfw pipe show' re that; see the section in ipfw(8) about calculating sizes / delays. On the other hand, depending on how many hosts you're running individual queues for (mask 0x), you may need to trade with memory used .. cmd=ipfw $cmd add 10 allow all from any to any via lo0 $cmd pipe 100 config mask src-ip 0x bw $upload_bandwidth queue $queue_size delay $delay $cmd pipe 200 config mask dst-ip 0x bw $download_bandwidth queue $queue_size $cmd add pipe 100 all from $client1_subnet to $server_subnet in via $in_if $cmd add pipe 200 all from $server_subnet to $client1_subnet out via $in_if $cmd add pipe 100 all from $client2_subnet to $server_subnet in via $in_if $cmd add pipe 200 all from $server_subnet to $client2_subnet out via $in_if I suggest using 'in recv' and 'out xmit' rather than via for these, for the sake of clarity. 'in recv' and 'in via' come to the same thing, as only the receive interface is known on inbound packets, but 'out via' applies to packets that were *received* on the specified interface as well as those going out on that interface after routing, which can lead to surprising results sometimes, and being more specific never hurts .. $cmd add 1 allow all from any to any via $management_if $cmd add 2 allow all from any to any via $in_if $cmd add 3 allow all from any to any via $out_if --- What I want to add now, is the possibility to limit the bandwidth of the whole link, e.g. 100Mbit/s. I've tried to add a pipe: $cmd pipe 50 config bw 100Mbit/s queue $queue_size $cmd add pipe 50 all from any to any via $in_if But when I have a look at the pipes with 'ipfw show' I can only see packets go through the pipe 50 and nothing goes through the other pipes (which makes sense actually since IPFW work that way?). IPFW works that way if you (likely) have net.inet.ip.fw.one_pass=1 .. so that packets exiting from pipes aren't seen by the firewall again. If you set one_pass=0, packets are reinjected into the firewall at the rule following the pipe (or queue) action, which is what you want to do here. And you'll surely need a much larger queue for this pipe, at 100Mbit/s. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to re-start freebsd-update?
On Fri, 23 Jan 2009 12:32:39 Ian wrote: Hi, I've started upgrading a machine from 7.0 to 7.1 using freebsd-update. It's the first time I've upgraded to a new os version with it (always used cvsup/ make world mergemaster before). All was going well until it came to merging the new old conf files. I wasn't quite sure what to do when asked to edit some of the files (it's not the same as mergemaster), so I did what I thought was best (having made a backup of /etc first!) Anyway, once that was finished, it then showed me the resulting merged files and asked if each one looked reasonable. I answered yes to the first one, but with the second file wasn't right, so I answered no - assuming it would give me the chance to edit the file again (like mergemaster does). Instead it just dumped me back at the command prompt with no indication as to how to proceed from there. I tried running the freebsd-update install command again, but it said no updates are available to install, run freebsd-update fetch first. Is there some way I can resume the upgrade process? Or do I need to do a rollback and then fetch update again? Cheers, Well I ended up doing a rollback and then ran the update again. It didn't try to download all the updates again, just installed them again, so it wasn't so painful. Now I understand how to use the conf file merging part, it's all very easy and seems to have worked correctly - very nice! Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
How to re-start freebsd-update?
Hi, I've started upgrading a machine from 7.0 to 7.1 using freebsd-update. It's the first time I've upgraded to a new os version with it (always used cvsup/ make world mergemaster before). All was going well until it came to merging the new old conf files. I wasn't quite sure what to do when asked to edit some of the files (it's not the same as mergemaster), so I did what I thought was best (having made a backup of /etc first!) Anyway, once that was finished, it then showed me the resulting merged files and asked if each one looked reasonable. I answered yes to the first one, but with the second file wasn't right, so I answered no - assuming it would give me the chance to edit the file again (like mergemaster does). Instead it just dumped me back at the command prompt with no indication as to how to proceed from there. I tried running the freebsd-update install command again, but it said no updates are available to install, run freebsd-update fetch first. Is there some way I can resume the upgrade process? Or do I need to do a rollback and then fetch update again? Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
Re: FreeBSD 7, how to recieve internet mail
On Wed, 14 Jan 2009 10:56:30 +0100 (CET) Pieter Donche pieter.don...@ua.ac.be wrote: On FreeBSD 7, out of the box, one can send mail to internet destinations and can send mail locally from one user to another user on the same FreeeBSD machine But it can't receive mail from internet as it appears .. A sendmail is running freebsd7box# ps -jaxw | grep sendmail smmsp 26649 1 26649 266490 Is??0:00.00 sendmail: Queue run...@00:30:00 for /var/spool/clientmqueue (sendmail) root 26651 1 26651 266510 Ss??0:00.04 sendmail: accepting connections (sendmail) The machine is listening on port 25 freebsd7box# netstat -na | grep 25 tcp4 0 0 127.0.0.1.25 *.*LISTEN sendmail is only listening on localhost. But telnettting the freebsd box with its own ip address at port 25 from the root account of the box freebsd7box# telnet 143.129.75.1 25 Trying 143.129.75.1... telnet: connect to address 143.129.75.1: Connection refused sendmail is not listening on that address. eg here, when quiet: % netstat -an | grep 25 tcp4 0 0 *.25 *.*LISTEN % sockstat -4 | grep :25 root sendmail 781 3 tcp4 *:25 *:* The only thing that works is freebsd7box# telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. ... That'd be right; it needs to be also listening on an external interface address to receive mail from outside this box .. How do I make the FreeBSD7 box accept connections to port 25 from all of the internet ?? % grep sendmail /etc/rc.conf sendmail_enable=YES cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: cant read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) Thanks ~~ Ian Lord MSD Informatique 1711 Montée Major Terrebonne (Québec) J7M 1E6 Tél: (514) 776-MSDI - (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: cant read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) Thanks p.s. Please reply to me also as I am a digest member thanks ~~ Ian Lord MSD Informatique 1711 Montée Major Terrebonne (Québec) J7M 1E6 Tél: (514) 776-MSDI - (514) 776-6734 Sans Frais: 1(877) 776-MSDI - 1(877) 776-6734 http://www.msdi.ca ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
RE: Urgent help needed please: Gvinum problem
Hi, We had a power lost even though we have ups and generators (still investigating it) and when the machine rebooted one of the disk seems to be failed : The system complains about fsck repaired failed and that I must run it manually. It then boots in single user mode. I entered gvinum and pressed l to see the status of the drive and I get this: My volume is UP My plex is shown as degraded I have 3 of the 4 subdisks shown as UP the 4th is shown as down. Running gvinum /dev/gvinum/RAID5 which is the name of my volume gets me this error: ** /dev/gvinum/RAID5 Cannot find file system superblock Ioctl (GCINFO): Inapropriate ioctl for device fsck_ufs: /dev/gvinum/RAID5: can't read disk label I tried bsdlabel gvinum/RAID5 it tells me there is no valid label found Does anyone knows what I can try to try to put back system online (at least, so I can restore a backup on the disk) I'm trying to find my vinum notes, but can't as of yet... What does a: # fsck -y /dev/gvinum/RAID5 ...yield...anything? Steve ~ Same :( But thanks all, I just did a newfs and currently restoring backups on it Strange... Last time I will will gvinum, nothing as stable as a hardware controller I guess :( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: named won't bind to external interface and ignores other options.
On Wed, 31 Dec 2008 10:03:45 -0500 (EST) le...@edpausa.com wrote:
bind 9.4.2/FreeBSD 7.0 seems to be ignoring many settings I enter in
/etc/namedb/named.conf. zones are being properly served internally, but
can't query or transfer from the outside.
listen-on {216.154.117.227; 192.168.1.1;};
listen-on-v6 { none; };
I wonder if the spaces around curly braces that named examples always
use are mandatory? As in listen-on { 216.154.117.227; 192.168.1.1; };
tcp6 0 0 ::1.953*.*LISTEN
tcp4 0 0 127.0.0.1.953 *.*LISTEN
tcp4 0 0 192.168.1.1.53 *.*LISTEN
Looks like it's not seeing named.conf, assuming that 216.154.117.227
exists as the address of a local interface at the time when named is
started, as Mel mentioned. This can be a problem with ppp or mpd ..
What does 'realpath /etc/named' say? Are you using the FreeBSD default:
% realpath /etc/namedb
/var/named/etc/namedb
% ls -l /etc/namedb
lrwxr-xr-x 1 root wheel 21 Dec 12 02:37 /etc/namedb - /var/named/etc/namedb
If you run '/etc/rc.d/named stop' and then '/etc/rc.d/named start', what
shows up in /var/log/messages ?
What's in /etc/rc.conf concerning named ? Any clues from 'rndc status'?
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Unable to modify sysid with Fdisk
In freebsd-questions Digest, Vol 244, Issue 1, Message 6 On Sun, 28 Dec 2008 17:45:52 +0100 David Scialom dscia...@gmail.com wrote: Hello, It seems that it is impossible to modify the sysid with fdisk since FreeBSD 6.2. I am actually using FreeBSD7.0. When I want to modify my the sysid from 165(ufs) to 12(Fat32) i get the message Geom not found: da0 and no change is made: da0 is stock with sysid = 165. The detail are provided below. I tried also to do the same from the install FreeBSD CD without success. As someone a solution ? David, I've skimmed through this thread so far, but I didn't notice anyone suggest, well, not doing it that way. You want to change the MBR slice type of da0 from ufs to doswin32. Is that to put an msdosfs filesystem on it? Or is it already formatted as one of those? Is it a 1GB USB memory stick? Inserted but not mounted? Try just deleting the existing ufs slice (assuming it's on a disk not in use) then readd that same size slice (here, whole disk) as type 12. That shouldn't touch any slice's data at all, just the MBR (and you've already dd'd the whole GB raw da0 disk to backup just in case ..) I've used the fdisk wrapper in sysinstall to slice usb stick disks, sometimes with both msdos and ufs slices, just because I prefer that interface rather than maybe miscalculating an offset or size .. ymmv. And from the darkside, FDISK x: /MBR probably still works :) HTH, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
OT [was: Out of Office AutoReply: Greater tool ..]
On Thu, 25 Dec 2008 06:19:18 -0500 Jerry ges...@yahoo.com wrote: On Wed, 24 Dec 2008 16:31:10 -0500 Kevin Raleigh kevin.rale...@ledyardbank.com wrote: Kevin Raleigh is out of the office until Monday,January 4, 2009 Wow, still another incorrectly configured OoO application. This one comes complete with a legally unenforceable disclaimer. Are you a friend of Jason Irwin jir...@ohns.stanford.edu by any chance? Jerry, please don't respond to spam, backscatter, misconfigured autoresponders and such. It just adds to the problem. Clearly someone/s are spamming this list and others with mail forged to be from questi...@freebsd.org; they don't call it the silly season for nothing .. If you have any helpful suggestions about dealing with spam or anything to do with the lists, please send mail to postmas...@freebsd.org offlist .. bearing in mind that he's very likely run off his feet right now. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [6.3] Assigning shutdown to eg. Syst?
On Tue, 23 Dec 2008, per...@pluto.rain.com wrote:
The only other thing being in group operator lets you run,
apart from what you've added into /etc/devfs.{conf,rules} is
/sbin/mksnap_ffs ..
In a default devfs config, it grants read permission to
the disk devices (presumably to enable running dump(8)).
True, so if Gilles' dad really wants to run dump, he most likely can.
The .snap directory in the root of a (mounted) file system to be dumped
has owner root, group operator, mode 0770 - paraphrasing from dump(8) -
and then he'd need mount and write permissions on the dump destination.
Doesn't sound too risky if Gilles trusts him enough to run shutdown :)
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [6.3] Assigning shutdown to eg. Syst?
On Mon, 22 Dec 2008 20:53:39 +0100 Gilles gilles.gana...@free.fr wrote: On Mon, 22 Dec 2008 16:09:02 +0100, Polytropon free...@edvax.de wrote: I have a similar setting, but it requires X, WindowMaker and a Sun Type 6 USB keyboard. :-) :) Thanks for the input, but this server is text-only. I'll try to find how FreeBSD is configured so that ALT-CTRL-DEL maps to reboot, and add my own keyboard key to shut it down. Or let your dad login with his own account and password. Just add him to the operator group so that he can run /sbin/shutdown. If he's shy, write him a little script that does 'shutdown -p now [comment ..]' Shutdown is cleaner than reboot, runs 'stop' rc.d scripts for all active daemons, and leaves a nice log entry in messages, including any comment. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: [6.3] Assigning shutdown to eg. Syst?
On Tue, 23 Dec 2008, Robert Huff wrote:
Ian Smith writes:
Or let your dad login with his own account and password. Just
add him to the operator group so that he can run /sbin/shutdown.
If that's the only priveledged command he needs ... is there a
reason sudo isn't a better answer?
Well, it's certainly another answer :)
The only other thing being in group operator lets you run, apart from
what you've added into /etc/devfs.{conf,rules} is /sbin/mksnap_ffs ..
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: bridge ipfw also protect set
On Fri, 19 Dec 2008 10:19:31 +0700 (ICT) Olivier Nicole o...@cs.ait.ac.th wrote: [kho...@singnet.com.sg wrote:] I want to give internet connectivity to a pc behind my Freebsd, which is connected to an aDSL. I know I can add another card to my set and use bridge+IPFW so that the behind pc is firewalled. But will this setup also ensure that my Freebsd set is firewalled? Could now figure it out reading the book and article. You don't want to use bridge! Certainly true in this instance. 1) as far as I remember, ipfw works poorly with bridge: it would filter only based on layer 2, not based on IP (need to confirm). Not true. I've managed a filtering bridge (also providing web and samba servers) with ipfw+dummynet for 5+ years since FreeBSD 4.8, and it works very well indeed. You can filter at layer 2 or 3, bridged and unbridged traffic, though you can only filter bridged traffic that's coming 'in'. 2) bridge means that packets traverse the FreeBSD machine without any modification (think of the bridge like a 2 ports Ethernet switch). Unless you use and ADSL modem (but then you can use a switch and connect your PC and your FreeBSD box each on one port of the switch) it will not work. If your FreeBSD machine is in charge of making the ADSL connection, it will not work. Not as a bridge, no. 3) as suggested in the prvious reply, you need some NAT and some routing in your FreeBSD machine. Routing is not bridge. The 'simple' ruleset in rc.firewall provides a good basic setup to protect a small network as described, including the router of course. You'll want to add a couple of rules allowing some ICMP traffic, remove rules for inbound DNS and web if you're not running those servers, etc. Read ipfw(8) about 10 times, largely ignore the current ipfw section in the handbook, and prosper .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Intel Pentium Dual Core E5200 and Enhanced Speedstep
On Tue, 9 Dec 2008, Gabriel Lavoie wrote: 2008/12/9 Ian Smith [EMAIL PROTECTED] On Mon, 8 Dec 2008 13:37:09 -0500 Gabriel Lavoie [EMAIL PROTECTED] wrote: [ skipping lots until you've seen how powerd goes on it .. and please drop gmail's HTML attachments on messages to the FreeBSD lists] [EMAIL PROTECTED] ~]$ uname -a FreeBSD headless.mutehq.net 7.0-RELEASE-p6 FreeBSD 7.0-RELEASE-p6 #0: Mon Nov 24 10:59:10 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC amd64 Ok. If updated est code isn't in 7.0p6 you maybe could apply a patch if you won't be upgrading to 7.1, assuming I'm right about recent new code. This looks ungood. You maybe should quote the earlier dmesgs re ACPI too. This sounds like an issue to take to the [EMAIL PROTECTED] list. Hum, about ACPI, if I remember well, there is a BIOS option to enable/disable ACPI 2 tables. I will take a look at that. There may be some BIOS stuff about SpeedStep options too. Basically you should expect FreeBSD to ignore BIOS settings, except how they influence the ACPI implementation, but some BIOSes can contain surprises. Either way, EST isn't functioning, or you'd have a larger range of freqs available than these eight, and milliWatt figures instead of those -1. There's no sign of 2.66GHz either, if that's expected? 2.66 GHz isn't expected, the CPU is an Intel Pentium Dual Core E5200 @ 2.5 GHz. It's one of the newest 45nm CPUs that were released in August 2008. The motherboard is an ASUS P5KPL-CM and the BIOS is updated to the latest version. Cool. I vaguely recall seeing recent est patches for some newer cpus, but not having one myself, I didn't pay much attention. Check the last few months of the freebsd-acpi archives for suitable looking subjects. [..] I found this problem with my machine after I looked at an article telling that the new 45nm Intel CPUs were idling at around 3-4W when Speedstep is decreasing their frequency. And I guess it means that I suspect 3-4W, even per core, would be at a much lower freq than 1GHz, probably nearer the minimum of ~125MHz. I've been running my server at 1.25 GHz all the time since I installed it, which would explain why some compiling jobs were slow! Sure. Why it starts at 50% I don't know, unless something thinks there is a temperature problem? Anyway, you need powerd, and you likely need to check the acpi@ list about getting your EST working .. you may even need a BIOS upgrade or hacking on your ACPI ASL, but hopefully not .. And post them more details; at least the full /var/run/dmesg.boot and the results of 'sysctl hw.acpi dev.cpu' .. saving rounds of questions. About the 50%, if I check the CPU frequency in the BIOS, it is always at 50%, probably because there is not much possible CPU load in configuring it. No, if it were based on load while looking at the BIOS it'd show you the lowest speed for sure. This sounds like a selection more than a report? My Core 2 Duo desktop computer has a similar behaviour if I check the frequency when idle, either under Windows, Linux or in the BIOS. The max CPU frequency is 2.66 GHz and it always idles at 2 GHz. 2GHz is hardly idling .. maybe there's a BIOS option affecting that too, but it should only affect the starting freq, which powerd should ignore. Under powerd it should drop right back at idle. In fact there've been problems with some machines dropping back to 125, 100, even 75MHz under no or very light load, such that interactive responsiveness is shot and some processes needing fast interrupt response (bursts of wifi traffic, for one) have had issues, prompting some recent new work on algorithms for powerd on SMP systems. See cpufreq(4) about all this, and especially you might want to set debug.cpufreq.lowest to some sensible minimum freq, say 3-500MHz? The acpi@ list is really a better place for this; not too many of the heavy hitters there seem to have much spare time to read questions@ and where I'm mostly just an interested bystander, trying to learn :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: ipfw and bridged interface
On Thu, 4 Dec 2008 10:33:23 +0700 (ICT) Olivier Nicole [EMAIL PROTECTED] wrote: I remember that I read, many years ago, something about the way ipfw interacts with the IP stack. AFAIR, ipfw would be called on layer 2, where only certain rules would be applied, then on the IP layer where other rules would apply. Is it still the case? Where can I find th description? Hi Olivier, See the ipfw(8) section PACKET FLOW .. it's all there, with examples of how to separate layer2 from layer3 traffic, inbound and outbound. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is there anything weird I should know about using ipfw on alias addresses?
On Thu, 4 Dec 2008, Brett Davidson wrote: Ian Smith wrote: On Tue, 2 Dec 2008, Brett Davidson wrote: Ian Smith wrote: On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED] wrote: ifconfig shows the alias addresses correctly bound. Creating an ipfw rule and testing it from the command line works (connects out from master address, not alias) From website on alias address, the firewall blocks the packets. The weird thing is that it tags them (in the security log) as coming from the master address (not the alias) out the correct interface. In a normal world that would mean the packet would match! What's goin' on here Willis? Difficult to tell without seeing a) ifconfig b) netstat -rn c) at least the relevant firewall rule/s and d) log entries that illustrate your problem. Obscure sensitive information by all means, but otherwise pretend we haven't the slightest clue how your system is configured :) Fair enough. ifconfig below: bce1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=3bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU inet 210.5.50.5 netmask 0xffe0 broadcast 210.5.50.31 NB .. inet 210.5.51.32 netmask 0x broadcast 210.5.51.32 inet 210.5.51.27 netmask 0x broadcast 210.5.51.27 inet 210.5.51.33 netmask 0x broadcast 210.5.51.33 inet 210.5.51.34 netmask 0x broadcast 210.5.51.34 inet 210.5.51.42 netmask 0x broadcast 210.5.51.42 inet 210.5.51.4 netmask 0x broadcast 210.5.51.4 ether 00:1c:c4:c0:56:94 media: Ethernet autoselect (1000baseSX full-duplex) status: active Relevant /etc/rc.conf entries : ifconfig_bce1=inet 210.5.50.5 netmask 255.255.255.224 ifconfig_bce1_alias0=inet 210.5.50.5 netmask 255.255.255.224 Your first alias here is a repeat of the 'primary' address. ifonfig seems to have resolved/merged that above, but it's not an alias. True. Blame that on the piece of software (Plesk) that manages the IP addresses for the websites we host. Ok in this instance. Please copy the list on replies, for archives. ifconfig_bce1_alias1=inet 210.5.51.4 netmask 255.255.255.255 ifconfig_bce1_alias2=inet 210.5.51.27 netmask 255.255.255.255 ifconfig_bce1_alias3=inet 210.5.51.32 netmask 255.255.255.255 ifconfig_bce1_alias4=inet 210.5.51.33 netmask 255.255.255.255 ifconfig_bce1_alias5=inet 210.5.51.34 netmask 255.255.255.255 ifconfig_bce1_alias6=inet 210.5.51.42 netmask 255.255.255.255 I didn't spot on first reading this that the first address is in a different subnet than all the others. I'm not entirely sure whether that's relevant, or how, just pointing it out as being non-obvious, and suspecting one of the 210.5.51 subnet should show a broader netmask. I've wondered that as well but it all works EXCEPT for when ipfw is involved. Looks like we may need to see more, if not all, of your ipfw ruleset. 'ipfw -ted show' is pretty good for seeing everything. try adding 'log' to some more rules, until you can SEE where packets are getting blocked. Doesn't 'tcpdump -pn -i bce1 host 210.5.51.42 and host 208.69.123.164' provide any good clues to these flows? Or in this case maybe better: tcpdump -pn -i bce1 host \(210.5.51.42 or 210.5.50.5\) and host 208.69.123.164 Relevant ipfw rules : ipfw -q add 02012 allow tcp from any to 208.69.123.164 80 out via bce1 setup keep-state ipfw -q add 02012 allow tcp from any to 208.69.123.164 443 out via bce1 setup keep-state Do you have a check-state rule? Where? Are there any skiptos that might miss anything? Do you have rules affecting established traffic? Sorry, but I find this too like a guessing game, or pulling teeth :) netstat -finet -rn (or -rna) please? unclear where your default route goes, or how the 210.5.51 subnet is routed or its netmask, but assume that 208.69.123.164 is probably accessed via the default route .. Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default210.5.50.1 UGS 0 296628406 bce1 127.0.0.1 127.0.0.1 UH 0 4339898lo0 172.16.1/24link#1 UC 00 bce0 172.16.1.1 00:04:28:ad:10:00 UHLW10 bce0 1035 172.16.1.4 00:04:23:08:28:30 UHLW1 167202525 bce0 1189 172.16.1.8 00:04:23:b2:f7:17 UHLW10 bce0 1021 172.16.1.9 00:04:23:c7:79:0d UHLW11 bce0 1190 172.16.1.1200:07:e9:f4:cc:51 UHLW10 bce0 1021 172.16.1.2300
Re: Is there anything weird I should know about using ipfw on alias addresses?
On Tue, 2 Dec 2008, Brett Davidson wrote: Ian Smith wrote: On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED] wrote: ifconfig shows the alias addresses correctly bound. Creating an ipfw rule and testing it from the command line works (connects out from master address, not alias) From website on alias address, the firewall blocks the packets. The weird thing is that it tags them (in the security log) as coming from the master address (not the alias) out the correct interface. In a normal world that would mean the packet would match! What's goin' on here Willis? Difficult to tell without seeing a) ifconfig b) netstat -rn c) at least the relevant firewall rule/s and d) log entries that illustrate your problem. Obscure sensitive information by all means, but otherwise pretend we haven't the slightest clue how your system is configured :) Fair enough. ifconfig below: bce1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500 options=3bRXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU inet 210.5.50.5 netmask 0xffe0 broadcast 210.5.50.31 NB .. inet 210.5.51.32 netmask 0x broadcast 210.5.51.32 inet 210.5.51.27 netmask 0x broadcast 210.5.51.27 inet 210.5.51.33 netmask 0x broadcast 210.5.51.33 inet 210.5.51.34 netmask 0x broadcast 210.5.51.34 inet 210.5.51.42 netmask 0x broadcast 210.5.51.42 inet 210.5.51.4 netmask 0x broadcast 210.5.51.4 ether 00:1c:c4:c0:56:94 media: Ethernet autoselect (1000baseSX full-duplex) status: active Relevant /etc/rc.conf entries : ifconfig_bce1=inet 210.5.50.5 netmask 255.255.255.224 ifconfig_bce1_alias0=inet 210.5.50.5 netmask 255.255.255.224 Your first alias here is a repeat of the 'primary' address. ifonfig seems to have resolved/merged that above, but it's not an alias. ifconfig_bce1_alias1=inet 210.5.51.4 netmask 255.255.255.255 ifconfig_bce1_alias2=inet 210.5.51.27 netmask 255.255.255.255 ifconfig_bce1_alias3=inet 210.5.51.32 netmask 255.255.255.255 ifconfig_bce1_alias4=inet 210.5.51.33 netmask 255.255.255.255 ifconfig_bce1_alias5=inet 210.5.51.34 netmask 255.255.255.255 ifconfig_bce1_alias6=inet 210.5.51.42 netmask 255.255.255.255 I didn't spot on first reading this that the first address is in a different subnet than all the others. I'm not entirely sure whether that's relevant, or how, just pointing it out as being non-obvious, and suspecting one of the 210.5.51 subnet should show a broader netmask. Relevant ipfw rules : ipfw -q add 02012 allow tcp from any to 208.69.123.164 80 out via bce1 setup keep-state ipfw -q add 02012 allow tcp from any to 208.69.123.164 443 out via bce1 setup keep-state netstat -finet -rn (or -rna) please? unclear where your default route goes, or how the 210.5.51 subnet is routed or its netmask, but assume that 208.69.123.164 is probably accessed via the default route .. Interesting entries in /var/log/security : Dec 1 16:42:25 servername kernel: ipfw: Deny TCP 210.5.50.5:49708 208.69.123.164:80 out via bce1 Did that occur =after= the above rules were installed? Just the one? Seems odd on face value, but without knowing what your other rules do. What makes this interesting is that I can connect to that port via the command line. You mean like with 'telnet 208.69.123.164 80' ? With 210.5.50.5 as source address? tcpdump output may help understand or explain this. It's the website that lives on 210.5.51.42 that is having problems. Why, if the rule is valid enough for the command line is it having problems from an aliased address? Hang on; do you mean you're having a webserver on 210.5.51.42 trying to connect out to another webserver on 208.69.123.164 ? If not, what? I guess you have rules allowing inbound port 80 access to 210.5.51.42 ? And that your upstream is routing 210.5.51.42/something to 210.5.50.5 ? This MUST have something to do with the way ipfw is working with aliased addresses but I'm blowed if I know what is wrong. ipfw doesn't do anything different with any address in particular except when using the forward action. ipfw certainly has no concept of primary or alias addresses, it just applies the addresses/masks you specify. Nor does ipfw know or care (even when forwarding) whence the stack is next going to route outbound packets .. but netstat -rn will tell us. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Is there anything weird I should know about using ipfw on alias addresses?
On Mon, 01 Dec 2008 16:52:12 +1300 Brett Davidson [EMAIL PROTECTED] wrote: ifconfig shows the alias addresses correctly bound. Creating an ipfw rule and testing it from the command line works (connects out from master address, not alias) From website on alias address, the firewall blocks the packets. The weird thing is that it tags them (in the security log) as coming from the master address (not the alias) out the correct interface. In a normal world that would mean the packet would match! What's goin' on here Willis? Difficult to tell without seeing a) ifconfig b) netstat -rn c) at least the relevant firewall rule/s and d) log entries that illustrate your problem. Obscure sensitive information by all means, but otherwise pretend we haven't the slightest clue how your system is configured :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem about ppp -nat
script to load the new rules. sh /etc/ipfw.rules Which other rules? But I just can't pass step 3, unless I unload ipdivert. And your ppp.conf or ppp command definitely doesn't mention -nat? Please don't suspect my system. It had just been very freshly installed from CDs before I tried everything. And without ipdivert being loaded into the kernel, I can dial and browse any sites and very fast with my /etc/ppp/ppp.conf. Should note a bug? Maybe it is. I'm out of ideas anyway, and noone else has come forward. I think I should go on with ipfw nat, but to correct some syntax in /etc/ipfw.rules. Well I'm pretty sure you shouldn't load ipdivert as well as using ipfw nat, but I've been almost 100% wrong so far so perhaps best ignore me :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem about ppp -nat
On Fri, 28 Nov 2008, Pongthep Kulkrisada wrote: Hi all, I didn't touch /etc/ppp/ppp.conf, which has been working for 5 years since FBSD5.0R. Even if I go back to GENERIC kernel. I could not dial out to ISP in any ways. I didn't know what I do wrong even if I did read many docs. I tried exactly what being described in the handbook. But all failed, I still can't dial ISP. I think that posting /etc/ppp/ppp.conf may be useful for your diagnostic. Note that this file has been used for long time and never changed. But I've just reminded that ppp is changed from version to version. My ppp.conf may not suit the current version. I don't know. # cat /etc/ppp/ppp.conf default: set log Phase Chat LCP IPCP CCP tun command Try using more logging, at least temporarily, then you should be able to see from your ppp.log just what's going on. For about 10 years I used: set log phase chat connect carrier link ipcp ccp ID0 TUN command ident user-ppp VERSION (built COMPILATIONDATE) set device /dev/cuad0 Try /dev/cuaa0. At least in the olden days, cuad0 was configured more for dialin rather than dialout. This may? explain the next two lines: set ctsrts off # enables software flow control set accmap 000a# comments out these 2 lines for hardware flow control Not sure why you don't want to use hardware flow control? Is this with a regular external modem? Anyway, I've always used ctsrts (with cuaa0). set speed 115200 disable pred1 deny pred1 disable lqr deny lqr set dial ABORT BUSY ABORT NO\\sCARRIER TIMEOUT 5 \ \\ AT OK-AT-OK ATE1Q0 OK \\dATDT\\T TIMEOUT 180 CONNECT set redial 3 20 enable dns # request DNS info (for resolv.conf) Looks ok. TIMEOUT 60 is plenty for a dialup modem, but whatever. isp: set phone 0123456789 set authname [EMAIL PROTECTED] set authkey mypassword set timeout 0 add! default HISADDR # Add a (sticky) default route set openmode active accept pap set ifaddr 10.0.0.1/0 10.0.0.2/0 255.255.255.0 0.0.0.0 add 0 0 HISADDR You probably don't want both those add statements. Try taking out the first one, and replacing the last one with the add! default HISADDR. Unsure if you need an 'enable pap' as well, maybe default. Can't hurt. Anyway, some extra logging should show you when and how it fails, if it still does .. cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem about ppp -nat
manually. That was wrong. Anyone has a clue please point me to the right direction. I would probably go back to external router gateway ``out of the box''. For now I give up and need to rest. Well you can solve your loading-order problem with ppp -auto and a dial filter as above. Then you're free to choose between natd and ipfw nat, or even ppp -nat if you want. Personally I quit using ppp in favour of mpd4, and that works well for me (yes with natd, though on a 5.5 system) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD on a Mac Mini Intel?
On Tue, 25 Nov 2008, Tom Marchand wrote: snip Ian, You could always test it using VMWare Fusionand then let us know Er, Gee thanks. I'll just have a word with the VMware guys about fully abastracting the mini in software... back in a jiffy ;-) Actually VMWare has a Mac Version which is what the poster was probably referring to. ___ FreeBSD 6.x installs and runs well as far as I can tell on VM-Ware Fusion. This I Have done but I don't recall any specifics. I'm pretty sure I tried 6.1 and 6.3 but I forget which processor (amd64 vs i386). However personal preference: I'd rather run the box native FreeBSD and not have to bother with Mac OS X. I was actually musing that this (VM) might be a nice way to pre-install a complete custom system. Install, configure, add packages, tweak your fav kernel stuff, etc then dump/restore to a real disk and pop in to a physical system. I used to so something like this with NeXT systems. Twerked good. It all sounds promising enough to buy a new toy. I'll let you all know real soon now if/how I get it running. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD on a Mac Mini Intel?
On Mon, 24 Nov 2008, Andrew Gould wrote: On Sun, Nov 23, 2008 at 9:08 AM, John Almberg [EMAIL PROTECTED] wrote: On Nov 21, 2008, at 11:42 PM, Ian Jefferson wrote: Is anyone running FreeBSD on a Mac Mini Intel? Ian, You could always test it using VMWare Fusionand then let us know ;-) Er, Gee thanks. I'll just have a word with the VMware guys about fully abastracting the mini in software... back in a jiffy ;-) Ok any comment about other low power platforms? I'm sorely tempted to just buy one (mini-intel) and promise to write up the results on some web page somewhere. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Problem about ppp -nat
problem, but tcpdump is the go to see what's happening. I'd use such as: # tcpdump -pen -i tun0 to check your NAT is working right. Another window running tcpdump on your internal interface will confirm internal flows, or show blockages. At this time I must go back to the original setting in order to dial ISP. And lastly I'm sorry for long questions. A pleasure when we can take sensible questions, nicely presented :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD on a Mac Mini Intel?
Is anyone running FreeBSD on a Mac Mini Intel? I've looked around for a definitive discussion on the topic but couldn't find anything on this list or Google at least. I'd like to replace a couple of relatively high power-consuming servers with a couple of Mac Mini Intel's. For my purposes they are plenty good enough. I'd prefer to stay with the 6.X release for now. I've got a lot of Mac's around running OS X but in this case these boxes would be headless and without keyboards. An alternate serial console would be nice if that can be rigged up via USB and a serial converter. IJ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: some ipfw filter does not function under Release 6.3
118.219.232.123 to any 65500 220 20043 allow udp from any to any 65535 2120 deny ip from any to any Not much use allowing established tcp traffic if you never allow any setup of tcp sessions? This seems like a partial set of rules .. -- traffic captured by tcpdump behind ipfw machine - 04:12:20.940095 IP 221.192.199.36.12200 192.168.2.14.80: S 200229998:200229998(0) win 8192 04:12:21.204430 IP 221.192.199.36.12200 192.168.2.14.80: R 20022:20022(0) win 0 04:31:16.262402 IP 221.192.199.36.12200 192.168.2.14.80: S 200233658:200233658(0) win 8192 04:31:16.541868 IP 221.192.199.36.12200 192.168.2.14.80: R 200233659:200233659(0) win 0 05:27:04.031434 IP 221.192.199.36.12200 192.168.2.14.80: S 200244634:200244634(0) win 8192 05:27:04.303262 IP 221.192.199.36.12200 192.168.2.14.80: R 200244635:200244635(0) win 0 05:28:18.099443 IP 221.192.199.36.3362 192.168.2.14.80: S 2422872529:2422872529(0) win 65535 mss 1452,nop,nop,sackOK 05:28:18.352083 IP 221.192.199.36.3362 192.168.2.14.80: . ack 3968474717 win 65535 05:28:18.367745 IP 221.192.199.36.3362 192.168.2.14.80: P 0:205(205) ack 1 win 65535 05:28:18.621538 IP 221.192.199.36.3362 192.168.2.14.80: R 205:205(0) ack 473 win 0 In this (earlier) case, 192.168.2.14 was receiving but apparently not responding to those packets .. whereas above (later) it was responding? More details of your setup might help to dispel these mysteries. cheers, Ian PS removing ipfw@ from ccs .. that's more about ipfw development. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: some ipfw filter does not function under Release 6.3
On Sun, 16 Nov 2008, Jin Guojun[VFF] wrote: Ian Smith wrote: On Sat, 15 Nov 2008, Jin Guojun[VFF] wrote: I think this is a bug in ipfw because after change the rule order, the problem persists: 0056626 3090 deny ip from 221.192.199.36 to any 65330 2018 983473 allow tcp from any to any established 65535 00 deny ip from any to any Are you saying that the packets shown below from 221.192.199.36 arrived =after= you added rule 566, which denys all traffic from that address? Are you showing us your entire ruleset; it is just those three rules? Is the tcpdump shown running on the same box as ipfw, or another box? If another box, how is it connected through the firewall, to the net? Which machine performs NAT for your network? None of this is obvious. Please show output of 'ifconfig' and 'netstat -rn' on the ipfw box? I have found the problem due to the NIC naming change after motherboard upgrading. The em0 was LAN port, but now it is WAN port. So, the following rule caused Sync coming in: 00123 12 528 allow tcp from any to 192.168.0.0/16 via em0 setup Ahah! This is my configuration fault, and we can close PR kern/128902. Thanks, -Jin Glad you found it so soon, Jin; that was one very short-lived PR :) cheers, Ian ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: UFS2 limits
On Sun, 9 Nov 2008 13:10:46 Jeremy Chadwick wrote: On Sun, Nov 09, 2008 at 01:40:51AM +, [EMAIL PROTECTED] wrote: Hi, I have a FreeBSD server that has about 10,500 subdirectories within a single directory. This number will keep rising and I assume UFS2 has a limit to the number of sub-directories in a single directory - can anyone tell me what it is? As far as I know, there is no such limit on the number of files/dirs inside of a directory. I don't want to change the topic of discussion, but I *highly* recommend you ***stop*** whatever it is you're doing that is creating such a directory structure. Software which has to iterate through that directory using opendir() and readdir() will get slower and slower as time goes on. If this is something you've written or have control over or can work with engineers in regards to, I recommend you change your directory naming scheme to have separate subdirectories with the first 2 or 3 letters of the directory you wish to create. E.g.: /some/place/00/00ilikezeros/* /some/place/01/01binaryheaven/* /some/place/aa/aardvarks/* /some/place/ab/abuse/* /some/place/ac/actuary/* ... /some/place/xy/xylophones/* You get the point. Traversing this structure is much more efficient, and requires very little code change on your part. Those who run nameservers that host many zones, for example, use this structure to ensure the daemon doesn't take 32498231 years to start up. What about ZFS? At some point I'll have to re-arrange things so that I have a deeper directory structure, just wondering when I'll hit the limit so I can plan in advance :-) What baffles me is why you're looking at this problem from a how can the filesystem solve this engineering mistake I made for me standpoint, rather than how can I solve this engineering mistake I made so that it doesn't impact the filesystem. Very strange. Sometimes looking at things in a different light makes all the difference. Hope this helps. P.S. -- I hope this mail makes it to you, because your From line is [EMAIL PROTECTED] (I'll be surprised if your account name really is that!). Thanks for that Jeremy. I didn't invent this structure, but I daresay I can either modify it or get the original writer to do that. I never really gave it a thought before now - it was the system I was given to work with and it's worked fine so far, except when I try to list the contents of the directory - that takes ages! All the folders are 7 digit numbers and we are up to approx. 0010500 entries (ie subdirs) so far. I guess it will just be a matter of experimenting to find the optimum number of sub-sub-directories per sub-directory :-/ Oh, and yes, that email address does work - I use it for mailing lists and other stuff where I'm likely to get spammed - it's ironic really :-) Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
Re: UFS2 limits
On Sun, 9 Nov 2008 22:46:18 Matthew Seaman wrote: Jeremy Chadwick wrote: I don't want to change the topic of discussion, but I *highly* recommend you ***stop*** whatever it is you're doing that is creating such a directory structure. Software which has to iterate through that directory using opendir() and readdir() will get slower and slower as time goes on. With the implementation of UFS_DIRHASH the practical limit on the size of directories is now a great deal larger. In particular the slow down caused by linear search through the contents has been eliminated. See ffs(7). 10,000 files or sub-directories, whist not a particularly elegant setup, is actually not unworkable nowadays. Well that's certainly been my experience so far. Still, I now know we will run into problems when we hit the 32,768 limit, so I'll start designing something better. Cheers, -- Ian gpg key: http://home.swiftdsl.com.au/~imoore/no-spam.asc signature.asc Description: This is a digitally signed message part.
