Development on a FreeBSD5.3
Hi, I'm trying to use C,C++ and MySQL on FreeBSD. I have install "mysql++" for connection to MySQL data base from C++. The problem is: When I include in my code "mysql++" library, or "iostream" library, the system doesn't see this libraries. But I have check they are installed. So what can I do to make it work properly? Thanks for any help. Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
configuration of "XFree86"
Hi, I'm first time installing FreeBSD. I'm trying to configure X server. And I have a problem with configuring of X server. I use the instructions for installation and configuration. Which says: "use /stand/sysinstall" Take "Configure" Then pick "XFree86" The problem is that I can't find "XFree86"; it's not there. So, how can I configure X server? Can you send me a link,or instruction how can I do it? And the second question is the funny one. How can I see help on the FreeBSD? I have tried "MAIN" but it did not work. What command should I use? Thank you. Leon. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
HI
Hi, I have unusual question. I have tried to install and configurate FreeBSD but unfortunately I couldn't do it myself. So I would like to know if you can give me a phone number of somebody who lives in Brooklyn, NY with whom I can contact and who can help me to install and configurate it. Thanks, Leon. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Kernel configuration
Hi, I'm installing a BSD, and by documentation what provided, on the beginning of installation I should see "Kernel Configuration" screen. But after the system buts from my CD, it bring me to the "Sysinstall Main Menu". It skip "Kernel Conf." Should I configurate a Kernel? If yes, how can a get to this screen? Thanks, Leon. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Access to the Internet
Hi, I installed a "BSD" on the "VMware station" as a guest operating system. I use a 'NAT'. I would like to "BSD" to be connected to my main op. system, via "VMware station". I have set "BSD" as a "GATE". But when I have tried to connect to the Internet by using "KDE", it did not work. It gave me an error: "Unknown host www.dke-look.org. How can I configure it properly? What should I do? Thanks, Leon. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
VIM
Hi, I have installed a VIM editor. When I create a new file with this editor, I can't type anything. What is wrong. Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Text Filter
Hi, Where can I get advanced "Text Filter" for printer "Dell AIO A960" . Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Printer
Hi, I have tried to configure printer by "KDE". When I start to print it gave me an error: The rlpr executable could not be found in you path. Check your installation. What should I do? What should I install? Where I can find this file? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
CUPS server
Hi, How can I check if SUPS server is running? If it is not running , how can I Install it, and configure? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
tarball
Hi, What is the "tarball"? How can I extract it? Where I can extract it from? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
create device
Hi, I have 5.3 "BSD". I'm trying to create device with command "MAKEDEV" But this command is not recognizable. Which command can I use to create device? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Create device
Hi, I'm trying to create device by using command "MAKEDEV" But it does not work. What command can I use? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Printer
Hi, I have a "BSD5.3" I'm trying to set-up a printer.(Dell AIO A960) I think, that this printer made by "Lexmark". They have one looks like what I have(Lexmark X6170) I do not know if "BSD" support this printer. So if you know, pleas let me know. Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
crontab file
Hi All, I edited "crontab" file to update my ports every day at certain time. But , when time comes, I do not see any information on the screen, that something was updated. Should the system sow any information about update or not? If not, how can I check If ports was updated? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Printing
Hi All, I have an Windows XP pro. as my main O/S. I have installed "VMWare" station. On the "VMWare" station I have installed "FreeBSD" as a virtual machine. I have installed CUPS and SAMBA on "BSD". But I can not make printer work. I use a printer, which does not supported by "BSD". But it works good under the XP. So the question is: Is it possible to use my windows printer from "BSD" via "VMWare" ? If yes( I hope) what can I do else to make it work? Thanks to All, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
sco utility
Hi, I have installed KDE 3.3 on free bsd. But the KDE doesn't have a SCO utility. Where can I download this utility from? Thanks, Leon. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: rc.conf
in /etc/ run ./netstart -Original Message- From: DerAlSem [mailto:[EMAIL PROTECTED] Sent: 11 February 2004 01:16 PM To: [EMAIL PROTECTED] Subject: rc.conf Hello freebsd-newbies, I've made some changes to rc.conf. Is there a way to apply them without rebooting entire system? (i've added some ports to redirect in my NAT) -- Best regards, DerAlSem mailto:[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-newbies To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Re[2]: rc.conf
Are you ssh'ing into the system in conjunction with running DHCP? I know netstart sometimes doesn't like DHCP. If not then something might be physically wrong with the hardware -Original Message- From: DerAlSem [mailto:[EMAIL PROTECTED] Sent: 11 February 2004 02:30 PM To: Leon Verheem Subject: Re[2]: rc.conf Hello Leon, Wednesday, February 11, 2004, 2:39:58 PM, you wrote: LV> in /etc/ run ./netstart Hmm... system hangs... Just hard reset. How can i see, what ports are currently open and being redirected to my comp? su-2.05b# ./netstart hw.bus.devctl_disable: 1 -> 1 xl0: flags=8843 mtu 1500 options=3 inet6 fe80::204:75ff:feaa:247d%xl0 prefixlen 64 scopeid 0x1 inet 194.135.17.85 netmask 0xfe00 broadcast 194.135.17.255 ether 00:04:75:aa:24:7d media: Ethernet autoselect (100baseTX ) status: active rl0: flags=8843 mtu 1500 inet6 fe80::250:baff:fe5b:80e2%rl0 prefixlen 64 scopeid 0x2 inet 192.168.0.1 netmask 0xff00 broadcast 192.168.0.255 ether 00:50:ba:5b:80:e2 media: Ethernet autoselect (100baseTX ) status: active lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff00 -- Best regards, DerAlSemmailto:[EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Help with a routing issue
I have a freebsd 4.7 box at a client. The box has an ip of 192.168.254.22 The default gateway is 192.168.254.1 which is the inside interface of the gateway. The outside interface of the gateway is 196.25.37.18 and it also has an alias of 196.25.37.19. When i ping 196.25.37.18 from the clients box (192.168.254.22) i get this. mmrserver# ping 196.25.37.18 PING 196.25.37.18 (196.25.37.18): 56 data bytes 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f4 0 40 01 c9ca 192.168.254.22 196.25.37.18 64 bytes from 196.25.37.18: icmp_seq=0 ttl=63 time=66.616 ms 36 bytes from brandford.trusc.net (192.168.254.24): Redirect Host(New addr: 192.168.254.1) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 08f8 0 40 01 c9c6 192.168.254.22 196.25.37.18 When i ping 196.25.37.19 i get this. mmrserver# ping 196.25.37.19 PING 196.25.37.19 (196.25.37.19): 56 data bytes 64 bytes from 196.25.37.19: icmp_seq=0 ttl=64 time=5.445 ms 64 bytes from 196.25.37.19: icmp_seq=1 ttl=64 time=4.630 ms 64 bytes from 196.25.37.19: icmp_seq=2 ttl=64 time=5.226 ms That is correct the way it should be. My routes on the clients box look as follows: mmrserver# netstat -rn Routing tables Internet: DestinationGatewayFlagsRefs Use Netif Expire default192.168.254.1 UGSc7 1952dc0 127.0.0.1 127.0.0.1 UH 00lo0 192.168.60 link#2 UC 110rl0 192.168.60.1 00:10:dc:f5:9c:9d UHLW0 10rl0972 192.168.60.11 00:0d:61:1b:f0:fc UHLW1 418rl0442 192.168.60.12 00:00:21:e2:8d:e1 UHLW02rl0642 192.168.60.15 00:90:f5:08:32:cb UHLW0 435rl0256 192.168.60.16 00:50:22:8c:ee:51 UHLW01rl0790 192.168.60.18 00:50:bf:97:e8:8a UHLW0 371rl0 1022 192.168.60.21 00:0c:76:25:74:fc UHLW1 1422rl0858 192.168.60.22 00:50:bf:ec:27:a3 UHLW1 10rl0 1032 192.168.60.33 00:0d:61:4d:5b:9e UHLW3 17rl0873 192.168.60.133 00:50:22:8d:ed:86 UHLW1 10rl0 1122 192.168.60.255 ff:ff:ff:ff:ff:ff UHLWb 2 49rl0 192.168.254link#1 UC 20dc0 192.168.254.1 00:02:6f:32:24:90 UHLW8 268dc0 1149 192.168.254.255ff:ff:ff:ff:ff:ff UHLWb 2 94dc0 Can anyone help me with why the 196.25.37.18 ip is being redirected via 192.168.254.24? PLEASE ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Help with a routing issue
Could you provide the output of ifconfig -a of the gateway box? Should shed some more light about the issues, also the parts of /etc/rc.conf, where the cards are configured, could be interesting. Olaf -- Olaf Hoyer[EMAIL PROTECTED] Fuerchterliche Erlebniss geben zu raten, ob der, welcher sie erlebt, nicht etwas Fuerchterliches ist. (Nietzsche, Jenseits von Gut und Boese) FROM THE GATEWAY: ifconfig fxp0: flags=8843 mtu 1500 inet 196.25.37.18 netmask 0xfff8 broadcast 196.25.37.23 inet 196.25.37.19 netmask 0x broadcast 196.25.37.19 ether 00:20:ed:11:00:e8 media: Ethernet autoselect (100baseTX ) status: active fxp1: flags=8843 mtu 1500 inet 192.168.254.1 netmask 0xff00 broadcast 192.168.254.255 ether 00:20:ed:11:00:e9 media: Ethernet autoselect (100baseTX ) status: active rc.conf ifconfig_fxp0="inet 196.25.37.18 netmask 255.255.255.248" ifconfig_fxp0_alias0="inet 196.25.37.19 netmask 255.255.255.255" ifconfig_fxp1="inet 192.168.254.1 netmask 255.255.255.0" natd_enable="YES" natd_interface="fxp0" natd_flags="" gateway_enable="YES" defaultrouter="196.25.37.17" Ipfw show 00300 22467 1425741 fwd 196.25.37.20 tcp from any to any 80 out xmit fxp0 01000 64432 13724943 divert 8668 ip from any to any via fxp0 01100 11754 6690334 allow ip from any to any via lo0 01200 00 deny ip from any to 127.0.0.0/8 01300 00 deny ip from 127.0.0.0/8 to any 01400 5223 533128 fwd 196.25.37.22 tcp from any to any 443 out xmit fxp0 01500 00 fwd 196.25.37.22 tcp from any to any 3306 out xmit fxp0 0160050027082 fwd 196.25.37.22 tcp from any to any 22 out xmit fxp0 01700193 9455 fwd 196.25.37.22 tcp from any to any 110 out xmit fxp0 01800 00 fwd 196.25.37.22 tcp from any to any 119 out xmit fxp0 01900 00 deny log logamount 2 tcp from any to any 445,2556,9996,5554 in recv fxp1 65000 171424 31989301 allow ip from any to any 65535 00 deny ip from any to any FROM THE CLIENT BOX: Ifconfig dc0: flags=8843 mtu 1500 inet 192.168.254.22 netmask 0xff00 broadcast 192.168.254.255 ether 00:50:bf:97:e8:83 media: Ethernet autoselect (10baseT/UTP) status: active rl0: flags=8843 mtu 1500 inet 192.168.60.2 netmask 0xff00 broadcast 192.168.60.255 ether 00:50:bf:43:37:c1 media: Ethernet autoselect (100baseTX ) status: active rc.conf ifconfig_rl0="inet 192.168.60.2 netmask 255.255.255.0" ifconfig_dc0="inet 192.168.254.22 netmask 255.255.255.0" gateway_enable="YES" defaultrouter="192.168.254.1" nfs_client_enable="YES" firewall_enable="YES" firewall_type="open" natd_enable="YES" natd_interface="dc0" natd_flags="" Ipfw show 00050 8360 3676585 divert 8668 ip from any to any via dc0 00100 00 allow ip from any to any via lo0 00200 00 deny ip from any to 127.0.0.0/8 00300 00 deny ip from 127.0.0.0/8 to any 65000 44744 16464427 allow ip from any to any 65535 00 deny ip from any to any ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Help with a routing issue
Can you show us the routing on the server please rather than the client ? What is the subnet mask of the alias 196.25.37.19 ? It should have a subnet of 255.255.255.255 as it's on the same network as 196.25.37.18. Cheers, -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc "Unix IS user friendly.. It's just selective about who its friends are." The below is only sections of the output. Most of the individual hosts have been removed. Just a few examples left. 10.5/16192.168.254.29 UGSc0 11 fxp1 10.6/16192.168.254.12 UGSc00 fxp1 10.7/16192.168.254.12 UGSc00 fxp1 10.8/16192.168.254.12 UGSc00 fxp1 10.9/16192.168.254.27 UGSc00 fxp1 10.11/16 192.168.254.28 UGSc00 fxp1 10.12/16 192.168.254.33 UGSc00 fxp1 10.13/16 192.168.254.34 UGSc00 fxp1 10.14/16 192.168.252.23 UGSc00 fxp1 127.0.0.1 127.0.0.1 UH 0 2214lo0 192.168.0 192.168.254.23 UGSc00 fxp1 192.168.2 192.168.254.24 UGSc00 fxp1 192.168.7 192.168.254.31 UGSc00 fxp1 192.168.60 192.168.254.22 UGSc00 fxp1 192.168.252192.168.254.12 UGSc8 161 fxp1 192.168.253192.168.254.12 UGSc 13 212 fxp1 192.168.254link#2 UC 340 fxp1 192.168.254.1 00:20:ed:11:00:e9 UHLW2 1425lo0 192.168.254.22 00:02:6f:32:27:6b UHLW1 1032 fxp1116 192.168.254.23 00:50:bf:97:e4:9d UHLW1 2292 fxp1777 192.168.254.24 00:50:bf:43:2c:16 UHLW3 3476 fxp1421 192.168.254.25 00:a0:cc:db:03:75 UHLW1 836 fxp1 1117 192.168.254.27 00:02:6f:07:86:5b UHLW1 224 fxp1878 192.168.254.28 link#2 UHLW10 fxp1 192.168.254.29 00:02:6f:07:86:57 UHLW1 139 fxp1924 192.168.254.30 00:02:6f:07:86:6a UHLW0 779 fxp1741 192.168.254.31 00:02:6f:08:9f:a6 UHLW1 161 fxp1936 192.168.254.32 00:02:6f:04:7a:1e UHLW0 165 fxp1 59 192.168.254.33 link#2 UHLW1 92 fxp1 192.168.255192.168.254.21 UGSc337107 fxp1 196.25.37.16/29link#1 UC 40 fxp0 196.25.37.17 00:e0:fc:0c:be:d9 UHLW 29 230 fxp0790 196.25.37.18 00:20:ed:11:00:e8 UHLW1 2127lo0 196.25.37.19 00:20:ed:11:00:e8 UHLW1 370lo0 => 196.25.37.19/32link#1 UC 10 fxp0 196.25.37.20 00:0c:f1:ae:c6:99 UHLW144305 fxp0908 196.25.37.22 00:09:5b:3f:2f:63 UHLW111942 fxp0910 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Help with a routing issue
Set it to zero mmrserver# sysctl net | grep direct net.inet.ip.redirect: 0 net.inet.icmp.drop_redirect: 0 net.inet.icmp.log_redirect: 0 Results are the same. Also tried adding a fixed route as such: Route add -host 196.25.37.18 192.168.254.1 No luck. -Original Message- From: Nelis Lamprecht [mailto:[EMAIL PROTECTED] Sent: 26 May 2004 13:55 To: [EMAIL PROTECTED] Subject: RE: Help with a routing issue One other thing you can try. There is a sysctl variable net.inet.ip.redirect: 1 Try turning that off by setting it to 0 on the client machine. What happens ? Nelis On Wed, 2004-05-26 at 13:08, Leon Botes wrote: > Tried that already - no luck. > > -Original Message- > From: Nelis Lamprecht [mailto:[EMAIL PROTECTED] > Sent: 26 May 2004 13:01 > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: RE: Help with a routing issue > > On Wed, 2004-05-26 at 12:28, Leon Botes wrote: > > > The below is only sections of the output. Most of the individual > > hosts have been removed. Just a few examples left. > > 10.5/16192.168.254.29 UGSc0 11 fxp1 > > 10.6/16192.168.254.12 UGSc00 fxp1 > > 10.7/16192.168.254.12 UGSc00 fxp1 > > 10.8/16192.168.254.12 UGSc00 fxp1 > > 10.9/16192.168.254.27 UGSc00 fxp1 > > 10.11/16 192.168.254.28 UGSc00 fxp1 > > 10.12/16 192.168.254.33 UGSc00 fxp1 > > 10.13/16 192.168.254.34 UGSc00 fxp1 > > 10.14/16 192.168.252.23 UGSc00 fxp1 > > 127.0.0.1 127.0.0.1 UH 0 2214lo0 > > 192.168.0 192.168.254.23 UGSc00 fxp1 > > 192.168.2 192.168.254.24 UGSc00 fxp1 > > 192.168.7 192.168.254.31 UGSc00 fxp1 > > 192.168.60 192.168.254.22 UGSc00 fxp1 > > 192.168.252192.168.254.12 UGSc8 161 fxp1 > > 192.168.253192.168.254.12 UGSc 13 212 fxp1 > > 192.168.254link#2 UC 340 fxp1 > > 192.168.254.1 00:20:ed:11:00:e9 UHLW2 1425lo0 > > 192.168.254.22 00:02:6f:32:27:6b UHLW1 1032 fxp1 116 > > 192.168.254.23 00:50:bf:97:e4:9d UHLW1 2292 fxp1 777 > > 192.168.254.24 00:50:bf:43:2c:16 UHLW3 3476 fxp1 421 > > 192.168.254.25 00:a0:cc:db:03:75 UHLW1 836 fxp1 1117 > > 192.168.254.27 00:02:6f:07:86:5b UHLW1 224 fxp1 878 > > 192.168.254.28 link#2 UHLW10 fxp1 > > 192.168.254.29 00:02:6f:07:86:57 UHLW1 139 fxp1 924 > > 192.168.254.30 00:02:6f:07:86:6a UHLW0 779 fxp1 741 > > 192.168.254.31 00:02:6f:08:9f:a6 UHLW1 161 fxp1 936 > > 192.168.254.32 00:02:6f:04:7a:1e UHLW0 165 fxp1 59 > > 192.168.254.33 link#2 UHLW1 92 fxp1 > > 192.168.255192.168.254.21 UGSc337107 fxp1 > > 196.25.37.16/29link#1 UC 40 fxp0 > > 196.25.37.17 00:e0:fc:0c:be:d9 UHLW 29 230 fxp0 790 > > 196.25.37.18 00:20:ed:11:00:e8 UHLW1 2127lo0 > > 196.25.37.19 00:20:ed:11:00:e8 UHLW1 370lo0 => > > 196.25.37.19/32link#1 UC 10 fxp0 > > 196.25.37.20 00:0c:f1:ae:c6:99 UHLW144305 fxp0 908 > > 196.25.37.22 00:09:5b:3f:2f:63 UHLW111942 fxp0 910 > > Can't see any peculiarities. Try adding the following route on the > client > machine: > > route add -host 196.25.37.18 192.168.254.1 255.255.255.255 > > See if that helps. > > -- > Nelis Lamprecht > PGP: http://www.8ball.co.za/pgpkey/nelis.asc > "Unix IS user friendly.. It's just selective about who its friends are." -- Nelis Lamprecht PGP: http://www.8ball.co.za/pgpkey/nelis.asc "Unix IS user friendly.. It's just selective about who its friends are." ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Problem installing ruby
When trying to install /usr/ports/lang/ruby18
FreeBSD 4.7-RELEASE-p10
Cvsup done 30 mins ago
I get this and it breaks.
Anyone got any ideas?
Openssl ssl is installed from the ports recently.
In file included from ossl.h:208,
from ossl_asn1.c:11:
ossl_engine.h:15: syntax error before `cEngine'
ossl_engine.h:16: syntax error before `eEngineError'
ossl_asn1.c:25: syntax error before `VALUE'
ossl_asn1.c:74: syntax error before `time'
ossl_asn1.c:183: syntax error before `sIMPLICIT'
ossl_asn1.c:184: syntax error before `sUNIVERSAL'
ossl_asn1.c:190: syntax error before `obj'
ossl_asn1.c:262: syntax error before `sec'
ossl_asn1.c:273: redeclaration of `t'
ossl_asn1.c:260: `t' previously declared here
ossl_asn1.c:275: syntax error before `sec'
ossl_asn1.c:305: syntax error before `p'
ossl_asn1.c:316: redeclaration of `p'
ossl_asn1.c:303: `p' previously declared here
ossl_asn1.c:317: syntax error before `VALUE'
ossl_asn1.c:318: parameter `status' is initialized
ossl_asn1.c:320: syntax error before `p'
ossl_asn1.c:335: redeclaration of `p'
ossl_asn1.c:316: `p' previously declared here
ossl_asn1.c:337: syntax error before `VALUE'
ossl_asn1.c:361: redeclaration of `p'
ossl_asn1.c:335: `p' previously declared here
ossl_asn1.c:362: syntax error before `VALUE'
ossl_asn1.c:363: parameter `status' is initialized
ossl_asn1.c:363: redeclaration of `status'
ossl_asn1.c:318: `status' previously declared here
ossl_asn1.c:365: syntax error before `p'
ossl_asn1.c:380: redeclaration of `p'
ossl_asn1.c:361: `p' previously declared here
ossl_asn1.c:382: syntax error before `p'
ossl_asn1.c:394: redeclaration of `p'
ossl_asn1.c:380: `p' previously declared here
ossl_asn1.c:395: syntax error before `VALUE'
ossl_asn1.c:399: syntax error before `p'
ossl_asn1.c:423: redeclaration of `p'
ossl_asn1.c:394: `p' previously declared here
ossl_asn1.c:424: syntax error before `VALUE'
ossl_asn1.c:425: parameter `status' is initialized
ossl_asn1.c:425: redeclaration of `status'
ossl_asn1.c:363: `status' previously declared here
ossl_asn1.c:427: syntax error before `p'
ossl_asn1.c:445: syntax error before `ossl_asn1_info'
ossl_asn1.c:479: parameter `ossl_asn1_info_size' is initialized
ossl_asn1.c:479: `ossl_asn1_info' undeclared (first use in this function)
ossl_asn1.c:479: (Each undeclared identifier is reported only once
ossl_asn1.c:479: for each function it appears in.)
ossl_asn1.c:481: syntax error before `obj'
ossl_asn1.c:481: storage class specified for parameter
`ossl_asn1_default_tag'
ossl_asn1.c:484: syntax error before `obj'
ossl_asn1.c:492: syntax error before `tag'
ossl_asn1.c:592: parameter `ret' is initialized
ossl_asn1.c:594: syntax error before `s'
ossl_asn1.c:613: parameter `ret' is initialized
ossl_asn1.c:613: redeclaration of `ret'
ossl_asn1.c:592: `ret' previously declared here
ossl_asn1.c:615: syntax error before `s'
ossl_asn1.c:682: conflicting types for `tag'
ossl_asn1.c:490: previous declaration of `tag'
ossl_asn1.c:682: parameter `is_cons' is initialized
ossl_asn1.c:684: redeclaration of `p'
ossl_asn1.c:423: `p' previously declared here
ossl_asn1.c:686: syntax error before `value'
ossl_asn1.c:702: parameter `newlen' is initialized
ossl_asn1.c:702: `der' undeclared (first use in this function)
ossl_asn1.c:702: syntax error before `('
ossl_asn1.c:712: redeclaration of `len'
ossl_asn1.c:336: `len' previously declared here
ossl_asn1.c:712: parameter `off' is initialized
ossl_asn1.c:712: `offset' undeclared (first use in this function)
ossl_asn1.c:713: redeclaration of `tag'
ossl_asn1.c:682: `tag' previously declared here
ossl_asn1.c:714: syntax error before `VALUE'
ossl_asn1.c:762: redeclaration of `flag'
ossl_asn1.c:490: `flag' previously declared here
ossl_asn1.c:763: syntax error before `if'
ossl_asn1.c:815: parameter `offset' is initialized
ossl_asn1.c:817: syntax error before `obj'
ossl_asn1.c:829: redeclaration of `p'
ossl_asn1.c:684: `p' previously declared here
ossl_asn1.c:830: parameter `offset' is initialized
ossl_asn1.c:830: redeclaration of `offset'
ossl_asn1.c:815: `offset' previously declared here
ossl_asn1.c:832: syntax error before `obj'
ossl_asn1.c:845: redeclaration of `p'
ossl_asn1.c:829: `p' previously declared here
ossl_asn1.c:846: parameter `offset' is initialized
ossl_asn1.c:846: redeclaration of `offset'
ossl_asn1.c:830: `offset' previously declared here
ossl_asn1.c:848: syntax error before `obj'
ossl_asn1.c:893: redeclaration of `tc'
ossl_asn1.c:713: `tc' previously declared here
ossl_asn1.c:894: redeclaration of `length'
ossl_asn1.c:683: `length' previously declared here
ossl_asn1.c:895: redeclaration of `buf'
ossl_asn1.c:335: `buf' previously declared here
ossl_asn1.c:895: redeclaration of `p'
ossl_asn1.c:845: `p' previously declared here
ossl_asn1.c:896: syntax error before `VALUE'
ossl_asn1.c:932: redeclaration of `length'
ossl_asn1.c:894: `length' previously declared here
ossl_asn1.c:933: redeclaration of `p'
ossl_asn1.c:895: `p' previously declared here
ossl_asn1.c:934: syntax e
Routing question
I have a box with 5 nics. Cal them A,B,C,D,E. A & B are different internet connections. E is a connection to a mail server on a public /29 C & D are connections for 2 differnet client networks. Is it possible to have all traffic coming in via C sent to a default gateway on A's network and all traffic coming in via D sent to a default gateway on B's network. And secondly will both client networks be able to see the E/29? If so how? Thanks Leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Routing question
Well the reason is that our dsl connections are limited to a max speed of 512K in this country. So I thought of splitting the load between two dsl lines. If the box is able to do that dynamically then great. My question is how? -Original Message- From: Ben Timby [mailto:[EMAIL PROTECTED] Sent: 11 June 2004 18:16 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Routing question Perhaps if you post more info, we can come up with creative solutions for you. My big question is why? AFAIK, you cannot have more than one default gateway, unless you are using netgraph to balance between network interfaces. However, you could NAT C & D to their respective "public" interfaces. If E is a real IP, then the NATed traffic should flow to that interface. I would suggest using pf, as it is a most excellent firewall package. Here is the section of a PF guide regarding NAT. http://www.openbsd.org/faq/pf/nat.html Your rules would look like this (these are from memory, so sanity check them): -- #define your interfaces as macros: A = "fxp0" B = "fxp1" C = "fxp2" D = "fxp3" E = "fxp4" #define your NAT translations using our macros: nat on $A from ($C:network) to any -> $A nat on $B from ($D:network) to any -> $B #define your filtering rules: ... -- However, you will find that route add will not allow multiple default routes. You must use another package to allow for that, or at least it is beyond my knowledge. Let me know if you figure it out, I would be very interested. Leon Botes wrote: > I have a box with 5 nics. > Cal them A,B,C,D,E. > A & B are different internet connections. > E is a connection to a mail server on a public /29 C & D are > connections for 2 differnet client networks. > > Is it possible to have all traffic coming in via C sent to a default > gateway on A's network and all traffic coming in via D sent to a > default gateway on B's network. > And secondly will both client networks be able to see the E/29? > > If so how? > > Thanks > Leon > > ___ > [EMAIL PROTECTED] mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Routing question
Greed the static route for E is best. But how do you add a route that applies only to connections coming into C or D Route add (if source from net C then use interface A) ?? Adding failover would be an even bigger bonus. -Original Message- From: Thompson, Jimi [mailto:[EMAIL PROTECTED] Sent: 11 June 2004 18:12 To: [EMAIL PROTECTED] Subject: RE: Routing question Leon, This is possible, but will require you to run static routes so that you can manually manage the connections. You should be able to set the routing metrics so that all your traffic from client D goes to B and if they want email, B will have to have the appropriate records to send them back to E, which is a remarkably BAD idea. Your better bet would be put in a static route with a lower routing metric than the Internet connection (say 2) from D to E for a specific IP/range so that they can get to the mail server without going out to the Internet to do so. Give the Internet connection a routing metric of 3. The same applies for C. This way, for the IP/range that you specify for the mail server(s), your email traffic from these guys will go straight to the mail server without traversing the Internet first. The next part depends on how you want to manage the Internet connections. Do you want Customer C to use D's Internet connection if Customer C's connection fails and vice versa? If so then you put a route in your routing table and give that a really high metric (like 90) from C to B and the same for D to A. Give their "normal" connection a really low metric (like 3) and their traffic will go out the "preferred" connection unless that connection fails or becomes really congested. If you don't want them to be able to use each other's connections EVER, just don't add a route for it at all. HTH, Jimi -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Leon Botes Sent: Friday, June 11, 2004 10:15 AM To: [EMAIL PROTECTED] Subject: Routing question I have a box with 5 nics. Cal them A,B,C,D,E. A & B are different internet connections. E is a connection to a mail server on a public /29 C & D are connections for 2 differnet client networks. Is it possible to have all traffic coming in via C sent to a default gateway on A's network and all traffic coming in via D sent to a default gateway on B's network. And secondly will both client networks be able to see the E/29? If so how? Thanks Leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 4.11 IPv6-over-IPv4 tunnel problem
Hi List, I want to establish an IPv6-over-IPv4 tunnel to my ISP. After some hours trying i got myself acounts at HE and XS26 for testing and they work. My Setup is FreeBSD 4.11-STABLE with ip(6)fw (stateful) and natd running. My ISP gave the appended setup information which is for Debian Linux (which i've never used). The IPv4 endpoints are 217.197.85.214(me) and 192.109.42.23(ISP) the IPv6 endpoints are 2001:bf0:c00c::c00c:0002:2(me) and 2001:bf0:c00c::c00c:0002:1(ISP). I asked my ISP for support but they don't know the way for FreeBSD and they tell me the tunnel is definitely working. I tried doing the following but this and several other approaches did not yield anything : zwelf:~# ifconfig gif0 create tunnel 217.197.85.214 192.109.42.23 up zwelf:~# ifconfig gif0 inet6 alias 2001:bf0:c00c::c00c:0002:2 zwelf:~# ping6 ff02::1%gif0 PING6(56=40+8+8 bytes) fe80::250:bfff:fe58:6c75%gif0 --> ff02::1%gif0 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=0 hlim=64 time=0.746 ms 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=1 hlim=64 time=0.422 ms 16 bytes from fe80::250:bfff:fe58:6c75%gif0, icmp_seq=2 hlim=64 time=0.427 ms ^C --- ff02::1%gif0 ping6 statistics --- 3 packets transmitted, 3 packets received, 0% packet loss round-trip min/avg/max/std-dev = 0.422/0.532/0.746/0.152 ms Thanks for reading, any comments appreciated Leon /* /etc/network/interfaces for a Debian system */ auto zwelf6 iface zwelf6 inet6 v4tunnel address 2001:bf0:c00c::c00c:0002:2 netmask 112 local 217.197.85.214 endpoint 192.109.42.23 ttl 64 up ip tunnel change zwelf6 ttl 64 up echo 1 > /proc/sys/net/ipv6/conf/all/forwarding up ip -6 route add2001::/3 dev zwelf6 down ip -6 route delete 2001::/3 dev zwelf6 /* full ifconfig */ rl0: flags=8843 mtu 1500 options=40 inet 192.168.10.1 netmask 0xff00 broadcast 192.168.10.255 inet6 fe80::250:bfff:fe58:6c75%rl0 prefixlen 64 scopeid 0x1 ether 00:50:bf:58:6c:75 media: Ethernet autoselect (100baseTX ) status: active rl1: flags=8843 mtu 1500 options=40 inet6 fe80::230:84ff:fe0b:15d4%rl1 prefixlen 64 scopeid 0x2 ether 00:30:84:0b:15:d4 media: Ethernet 10baseT/UTP status: active lp0: flags=8851 mtu 1500 lo0: flags=8049 mtu 16384 inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff00 ppp0: flags=8010 mtu 1500 sl0: flags=c010 mtu 552 tun0: flags=8051 mtu 1492 inet 217.197.85.214 --> 192.109.42.172 netmask 0x inet6 fe80::250:bfff:fe58:6c75%tun0 prefixlen 64 scopeid 0x7 Opened by PID 70 gif0: flags=8051 mtu 1280 tunnel inet 217.197.85.214 --> 192.109.42.23 inet6 fe80::250:bfff:fe58:6c75%gif0 prefixlen 64 scopeid 0x8 inet6 2001:bf0:c00c::c00c:2:2 prefixlen 64 -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IPFW & SQUID & 2 bsd boxes & 2 different internet routers
Here is something that gave me uphill for a long time which I thought I might share with anyone who is interested. The problem was the traffic was too much for the one line so we installed a second line. How to divert all the http 80 stuff down the second line using a second box as a proxy? Box A is the bsd gateway with nics IIF and OIF. Runs ipfw which forwards the tcp 80 connections from the IIF network to box B It has a default gateway of internet router C Box B is the squid proxy running in httpd accelerator mode with one nic on the same network as the Box A OIF. Runs ipfw which forwards the tcp 80 connections coming into it to 127.0.0.1:3128. It has a default gateway of internet router D The answer is all in the ipfw rules. On box A: Add this rule AFTER the natd rules Ipfw add (rulenumber) fwd (Box B) tcp from any to any 80 out via (oif) On box B: Ipfw add (firstrulenumber) fwd 127.0.0.1,3128 tcp from any to any 80 in via (oif) That rule forwards all incoming requests to the squid running on the localhost. If you are stuck with only one box do this in the rules: Ipfw add fwd 127.0.0.1,3128 tcp from any to any 80 in via IIF Ipfw fwd (router for the http) tcp from any to any 80 out via OIF Any suggestions, improvements or shoot me downs are welcome. Leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Help
I downloaded FreeBSD and was using it to learn Unix. Now I need to use that computer for Windows. I need help unistalling FreeBSD in particular the unix partion. I have used Fdask and have visited several webasite, but can't find what I need. The hard drive is 6GB but I can't get it to recognize more than 473 MB. Any Ideas??? Thank for your help. Leon __ Do you Yahoo!? Yahoo! Tax Center - File online by April 15th http://taxes.yahoo.com/filing.html ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
MultiLinking ADSL connections
Just curious if anyone has experimented with multilinking adsl connections ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Help with incorrect received date on microsoft clients
System is freebsd 4.7 with up to date sources. Mailer is exim 4.24 with mysql Pop3 server is TPOP3D 1.5.2 System was exim 4.10 and tpop3d 1.4.2 before upgrade After upgrade of exim and tpop3d clients using outlook or outlook express with versions less than 5.5 have the received date of all emails showing 4th October 2001. The mail is received by exim and dropped correctly into the users mailbox. Viewing the mailbox file contents shows no reference to this date only correct date headers. So telnet into the pop server and view the mail - no reference to this incorrect date and all headers correct. Yet when the client draws the mail through their mail client with version prior to 5.5 the received dates are incorrect. Only the time varies. To fix the problem is simple upgrade the few hundred clients to explorer 5.5 or above - right. Any had this or got ANY suggestions. Amavis is running on the server but it does the same even if i remove amavis from the exim configure file. By the way it does it on both our servers on separate networks after they were upgraded. Please help. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
vsftpd and PAM
When configuring vsftpd to use virtual accounts using PAM for authentication which pam version needs to be installed ? eg pam-mysql or pam_pwdfile ect ect. Running FreeBSD 4.8 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Problem with samba - windows clients reboot when saving.
Freebsd 4.7 Recent install world and kernel after cvsup Samba 2.2.8a The clients have files in their home directories and on a common share on the BSD box. Every so often when they make a change to a file and save it the client machine reboots. Clients run win98 and office XP with SP2. error for the log.smbd: smbd version 2.2.8a started. Copyright Andrew Tridgell and the Samba Team 1992-2002 [2003/10/15 08:04:55, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/10/15 08:17:43, 0] lib/util_sock.c:read_socket_with_timeout(300) read_socket_with_timeout: timeout read. read error = Connection reset by peer. [2003/10/15 08:17:43, 0] smbd/oplock.c:oplock_break(794) oplock_break: receive_smb error (Connection reset by peer) oplock_break failed for file HONDE OORLASTE.doc (dev = 27406, inode = 2861321, file_id = 3). [2003/10/15 08:17:43, 0] smbd/oplock.c:oplock_break(879) oplock_break: client failure in break - shutting down this smbd. [2003/10/15 08:18:11, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/10/15 08:18:15, 0] smbd/oplock.c:request_oplock_break(1011) request_oplock_break: no response received to oplock break request to pid 934 on port 1127 for dev = 27406, inode = 2861321, file_id = 3 [2003/10/15 08:20:21, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/10/15 08:38:18, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/10/15 08:42:08, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer [2003/10/15 08:49:09, 0] lib/util_sock.c:read_data(436) read_data: read failure for 4. Error = Connection reset by peer There have been a lot more reboots that don't appear in the log - don't know why. smb.conf : # Global parameters [global] workgroup = MATZIKAMA netbios name = BSD1 encrypt passwords = Yes unix password sync = Yes preferred master = Yes domain master = Yes admin users = %S create mask = 0777 directory mask = 0777 [homes] valid users = %S read only = No browseable = No [shared] path = /usr/home/shared read only = No guest ok = Yes vfs object = /usr/local/lib/samba/recycle.so vfs options = /usr/local/etc/recycle.conf.default [printers] path = /var/spool/samba guest ok = Yes printable = Yes browseable = No [hp5000] comment = Hp 5000 at Amanda path = /var/spool/lpd/hp5000 read only = No guest ok = Yes printable = Yes printer name = hp5000 oplocks = No . and six more printers identical to this one. The problem appeared about 2 months after i upgraded to 2.2.8a I have set the permissions on the users files to 777 and checked ownership just to be sure. Still does the same. I'm not sure if the problem lies on samba office xp or win98. All antivirus software on the clients have been disabled. Any help is needed urgently. Thanks in advance leon. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
SIS 900 card not being detected.
I have a MSI board with onboard sis900. I have built the kernel with device sis device miibus output of dmesg is: sis0: port 0xe800-0xe8ff mem 0xed102000-0xed102fff irq 11 at device 4.0 on pci0 sis0: Ethernet address: ff:ff:ff:ff:ff:ff sis0: MII without any PHY! device_probe_and_attach: sis0 attach returned 6 Can someone tell me what this means / is wrong? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Samba not compiling -- libtool error.
When i try to install samba 2.2.8a on a 4.7 or 4.8 stable machine it gives this: checking for gcc... gcc checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking whether we are using GNU C... yes checking whether gcc accepts -g... yes checking for libtool... no FATAL ERROR: libtool does not seem to be installed. cannot be built without a working libtool installation. *** Error code 1 Environment is: New installation of 4.7 Nothing installed. CVSUP the box for 4.7 buildworld, kernel, install kernel & world, mergemaster The i install samba and it breaks. I have cvsupped to 4.8 it still breaks. Even brought libtool up to 1.4 and 1.5 Tried the same with 4.8 Just keeps breaking. these are the packages installed at present, the box is 4.8 and cvsup is just done. autoconf-2.13.000227_5 jpeg-6b_1 ruby-1.6.8.2003.04.19 cvsup-without-gui-16.1h libiconv-1.9.1_1 ruby-bdb1-0.1.9 expat-1.95.6_1 libtool-1.3.5_1 ruby-rdoc-0.0.0.b2 ezm3-1.1m4-1.4_1 ruby-shim-ruby18-1.8.0.p2.2003.04.19 gettext-0.11.5_1pkgdb.db tiff-3.5.7_1 gmake-3.80 png-1.2.5_2 help2man-1.29 portupgrade-20030427 Someone PLEASE help. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Routing question
I have a box with three interface cards. inside interface - 192.168.0.0/24 outside interface 1 - 196.15.149.64/26 outside interface 2 - 172.16.254.0/24 Inside connects to lan with windows pc's outside 1 permanently connected to isp via wan router with diginet (t1 type line) and is viewable from internet. inside 2 connects to internet via DSl router using nat , connection ip cahnges daily. What i want the box to do is send all outgoing requests that originated from the box or the inside lan out the outside interface 2 which it does by setting default route. However when a connectio originates from internet to the outside 1 interface it must route its reply back via the same route and not via the outside interface 2 which it is doing hence making the box invisible to the outside. PLEASE any suggestions? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Routing question
Thanks for the ideas however i dont think they will work. You see the problem is for example this. A connection from outside on the internet can only see the outside interface 1 - 196.15.149.64/26 hence the request is sent to that interface which is correct. However and heres the problem. All replies from that interface are sent out via outside interface 2 - 172.16.254.0/24 which is the nat interface and default gateway. So what i need to make the machine do is make the machine send any reply back via the same route that is was received on. Can this be done? -Original Message- From: Nathan Nieblas [mailto:[EMAIL PROTECTED] Sent: 10 June 2003 09:08 To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: Routing question You can probably get what you want by compiling IPDIVERT and IPFIREWALL into your kernel. Then running some rules, this may or may not be accurate: ipfw add 100 divert 172.16.254.1 ip from 192.168.0.0/24 to any via out2 ipfw add 101 divert 196.15.149.65 ip from 196.15.149.64/26 to any via out1 ipfw add 102 divert 172.16.254.1 ip from 172.16.254.0/24 to any via out2 Anyways, you get the idea.. play with that for awhile let me know if I helped any. You probably only need to use rule 101 or something very similar to it. Regards - Original Message - From: "Leon Botes" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 09, 2003 11:18 PM Subject: Routing question I have a box with three interface cards. inside interface - 192.168.0.0/24 outside interface 1 - 196.15.149.64/26 outside interface 2 - 172.16.254.0/24 Inside connects to lan with windows pc's outside 1 permanently connected to isp via wan router with diginet (t1 type line) and is viewable from internet. inside 2 connects to internet via DSl router using nat , connection ip cahnges daily. What i want the box to do is send all outgoing requests that originated from the box or the inside lan out the outside interface 2 which it does by setting default route. However when a connectio originates from internet to the outside 1 interface it must route its reply back via the same route and not via the outside interface 2 which it is doing hence making the box invisible to the outside. PLEASE any suggestions? ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
NFSv4 directory listing issues.
Hi, i'm just testing a kerberized NFSv4 export of a ZFS-Filesystem. Both client and server are FreeBSD at the moment. I tried Linux clients, but could not mount with sec=krb5. If i mount an exported directory with -o sec=krb5(i|p)i, directory listings with ls do sometimes take a very long time (about 20times). Example output below. > time ls -la total 8 drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile 0.003u 0.003s 0:00.23 0.0% 0+0k 0+0io 0pf+0w > time ls -la total 8 drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile 0.000u 0.007s 0:04.27 0.0% 0+0k 0+0io 0pf+0w The share is mounted by a local user with a kerberos ticket by mount -t nfs -o nfsv4,sec=krb5 130.149.58.249:/home mount. Mounting with sec=sys does not produce this problem. Has anyone experienced similar issues ? cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: NFSv4 directory listing issues.
On Tue, Aug 23, 2011 at 01:11:52AM +0200, Leon Meßner wrote: > Hi, > > i'm just testing a kerberized NFSv4 export of a ZFS-Filesystem. Both > client and server are FreeBSD at the moment. I tried Linux clients, but > could not mount with sec=krb5. If i mount an exported directory with > -o sec=krb5(i|p)i, directory listings with ls do sometimes take a very > long time (about 20times). Example output below. > > > time ls -la > total 8 > drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . > drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. > drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir > -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile > 0.003u 0.003s 0:00.23 0.0% 0+0k 0+0io 0pf+0w > > time ls -la > total 8 > drwxr-xr-x+ 3 rootwheel 4 Aug 16 13:27 . > drwxr-xr-x 3 locadm locadm 512 Aug 22 23:46 .. > drwxr-xr-x+ 2 rootwheel 2 Aug 16 13:27 testdir > -rw-r--r-- 1 rootwheel 0 Aug 16 13:27 testfile > 0.000u 0.007s 0:04.27 0.0% 0+0k 0+0io 0pf+0w > > The share is mounted by a local user with a kerberos ticket by > mount -t nfs -o nfsv4,sec=krb5 130.149.58.249:/home mount. > Mounting with sec=sys does not produce this problem. > Has anyone experienced similar issues ? It looks like this could be related to kern/158432 [1] although i'm using IPv4 and amd64. I can't test it at the moment because the testmachine is temp. out of service but i got the same error messages in my kdc's log file. Greetings, Leon [1] http://www.freebsd.org/cgi/query-pr.cgi?pr=158432&cat=kern ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
NFSv4 and file locking
Hi, Does anyone know what you have to do to get locking working under NFSv4? I tried the following: # mount_nfs -o nfsv4,sec=sys ip.nfsv4:/nfstest /mnt/test # mount | grep ip.nfsv4 ip.nfsv4:/nfstest on /mnt/test (newnfs) # kldstat | grep nfs 62 0x8103f000 1015fnfscommon.ko 91 0x81054000 3008fnfscl.ko # cd /mnt/test # lockf testlockfile ls lockf: cannot open testlockfile: Operation not supported Client runs 8.2-RELEASE-p6, Server runs 8-STABLE from about a month ago. cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: NFSv4 and file locking
On Thu, Jan 12, 2012 at 05:37:57PM +0100, Leon Meßner wrote: > Hi, > > Does anyone know what you have to do to get locking working under NFSv4? > I tried the following: > > # mount_nfs -o nfsv4,sec=sys ip.nfsv4:/nfstest /mnt/test > # mount | grep ip.nfsv4 > ip.nfsv4:/nfstest on /mnt/test (newnfs) > # kldstat | grep nfs > 62 0x8103f000 1015fnfscommon.ko > 91 0x81054000 3008fnfscl.ko > # cd /mnt/test > # lockf testlockfile ls > lockf: cannot open testlockfile: Operation not supported Looks like lockf is the wrong tool for this job. I tried the NFSv4 lock testing suite from [1] and this worked flawlessly. I don't know if this test actually does what it claims to do but as i couldn't find any freebsd specific testing tool this will probably suffice. Thanks, Leon [1] http://nfsv4.bullopensource.org/tools/tests_index.php (see locks robustness) ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SSD for ZIL suggestions?
On Fri, Jan 13, 2012 at 09:40:58PM -0600, Rob wrote: > I'm looking at getting a couple of SSDs to act as ZIL drives on FreeBSD > 8/9 systems. Are there any recommended drives? We recently bought the Intel 311 for that purpose. This drive is quite cheap and should perform ok. If you want something better have a look at the 710 line. You should always mirror your ZIL drives. There's a lot of content available on this subject actually. I once read about a tool called zilstat which should help you decide if you do actually need a SSD. NFS and db's are the usual usecases. cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Mentioning of geom in the handbook's RAID chapter.
Hi, I recently searched google for "FreeBSD software raid" because i wanted to compare the advice google gives me for creating a software raid in linux and freebsd. First hit here was the link to the handbook page (18.4). This page still is only talking about ccd and vinum. I know there is a whole chapter about geom but why is there no mentioning about that in the Storage.RAID part of the Handbook ? Sincerly, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Kernel loading very slowly with specific (wrong?) loader.conf
Hi, when you use the following loader.conf: # cat /boot/loader.conf hint.sio.1.flags="0x20" comconsole_speed="115200" boot_multicons="yes" and have no /boot.config, then booting the kernel is extremely slow. It writes about one character per second on the screen. Also i dont actually have a serial device (dmesg says so), although i should. cu, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
dnssec with freebsd's resolver(3)
Hi, does the freebsd resolver(3) support sending the DO bit in queries and thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a signed zone but i still get the "insecure Key" message from ssh on FreeBSD (works on some other OS). cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: dnssec with freebsd's resolver(3)
On Mon, Jun 20, 2011 at 06:17:23AM +0100, Matthew Seaman wrote: > On 20/06/2011 01:37, Leon Meßner wrote: > > does the freebsd resolver(3) support sending the DO bit in queries and > > thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a > > signed zone but i still get the "insecure Key" message from ssh on > > FreeBSD (works on some other OS). > > My understanding is that the stub resolver in the base system does not > handle any DNSSEC functionality. It's not clear (at least to me) that > DO bit processing in stub resolvers is very useful -- without support in > the recursive resolver you use upstream, it won't work, but if your > recursive resolver does DO processing, then you don't need it in your > stub resolver. Ok, my recursive resolver does DO processing. How do i tell ssh to set the bit ? Doesn't ssh use my base system stub resolveer to query my in resolv.conf configured DNS ? thanks, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: dnssec with freebsd's resolver(3)
This mail got only send to Matthew because of bad time of day ;) On Wed, Jun 22, 2011 at 10:58:00PM +0100, Matthew Seaman wrote: > On 22/06/2011 20:02, Osterweil, Eric wrote: > > > > > > > > On 6/22/11 2:56 PM, "Leon Meßner" wrote: > > > >> On Mon, Jun 20, 2011 at 06:17:23AM +0100, Matthew Seaman wrote: > >>> On 20/06/2011 01:37, Leon Meßner wrote: > >>>> does the freebsd resolver(3) support sending the DO bit in queries and > >>>> thus do DNSSEC validation ? I tried using ssh with SSHFP RR's in a > >>>> signed zone but i still get the "insecure Key" message from ssh on > >>>> FreeBSD (works on some other OS). > >>> > >>> My understanding is that the stub resolver in the base system does not > >>> handle any DNSSEC functionality. It's not clear (at least to me) that > >>> DO bit processing in stub resolvers is very useful -- without support in > >>> the recursive resolver you use upstream, it won't work, but if your > >>> recursive resolver does DO processing, then you don't need it in your > >>> stub resolver. > >> > >> Ok, my recursive resolver does DO processing. How do i tell ssh to set > >> the bit ? Doesn't ssh use my base system stub resolveer to query my in > >> resolv.conf configured DNS ? > > > > I'm not sure what you mean by "DO processing," but validation requires a > > little more than issuing queries w/ the DO bit set (that has been the > > default in BIND for a while). You need to have the root (or some other) > > trust-anchor configured, and you need to enable DNSSEC validation in your > > named.conf. > > > > Only after that will you see the AD bit at the stub. > > Actually, typically with a correctly configured validating resolver, as > an end user issuing queries from the system's stub resolver, you'll only > see responses with data that is either: > > -- completely unsigned > > -- signed, and that validates correctly > > Data that doesn't validate correctly is discarded. Better make sure > your DNSSEC setup is correctly maintained and updated, or your domains > may effectively disappear from the net. > > "validates correctly" is a function of how your recursive resolver is > configured: for instance, you will probably want to trust DLV secured > data until authentication paths up to the root become more prevalent in > all corners of the DNS. The only thing i want to do at the moment is serve my local zone to my local clients. If i do % dig @dns +dnssec rosa.physik-pool.tu-berlin.de i get ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 2, AUTHORITY: 4, ADDITIONAL: 3 and also i can see the D0 bit set when looking at the tcpdump. If i now use the stub resolver through telnet/ssh the D0 bit does _not_ get set in the query. So there is no way for the recursive NS to supply AD data, right ? thanks for helping the blind. Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SAS controller for FreeBSD
On Fri, Jun 24, 2011 at 06:51:37PM -0400, Daniel Feenberg wrote: > > We have been using ZFS under FreeBSD for a while, and are very pleased, > but are considering building a system with SAS drives, in the hope that > they will be faster (any truth to that?). I am assuming that I should look > for a non-RAID controller, but I can't find any SAS controllers that don't > claim to do RAID and are on the FreeBSD compatibility list. I have always > thought that using a RAID controller for a non-raid partition was a bad > idea, since it limited ones ability to swap controllersm, and presumably > if we are using ZFS for our RAID we don't need another level of RAID > provided by the controller. Is that prejudice justified? > > There are some SAS RAID controllers that claim to support FreeBSD but I > can't tell if their JBOD mode is a true pass-through, or leaves some > undesirable junk on the disk. > > So does anyone have a recomendation for a reasonably priced SAS > controller? We aren't looking for anything fancy at this point. We are using two of the LSI SAS2008 based cards here and have no problems with them. Be sure to run a recent STABLE as the mps driver is relatively new. Speed and reliability are very nice. The only thing we are missing is IR-Firmware support but if you only want a HBA this won't bother you. cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SAS controller for FreeBSD
On Sat, Jun 25, 2011 at 04:47:19PM -0400, Daniel Feenberg wrote: > > > On Sat, 25 Jun 2011, Leon Meßner wrote: > > > On Fri, Jun 24, 2011 at 06:51:37PM -0400, Daniel Feenberg wrote: > > ... > >> > >> There are some SAS RAID controllers that claim to support FreeBSD but I > >> can't tell if their JBOD mode is a true pass-through, or leaves some > >> undesirable junk on the disk. > >> > >> So does anyone have a recomendation for a reasonably priced SAS > >> controller? We aren't looking for anything fancy at this point. > > > > We are using two of the LSI SAS2008 based cards here and have no > > problems with them. Be sure to run a recent STABLE as the mps driver is > > relatively new. Speed and reliability are very nice. The only thing we > > February of this year: > >http://lists.freebsd.org/pipermail/freebsd-scsi/2011-February/004784.html > > > are missing is IR-Firmware support but if you only want a HBA this won't > > bother you. > > If I search the LSI website for "SAS2008" the first hit includes a > description of the chipset features, including the bullet point > >* Integrated RAID > > All the cards on the LSI website that I can find using the SAS2008 chipset > include the sentence "Integrated RAID avoids additional host CPU overhead" > in their brief description, even the ones labeled "HBA". Apparently the > FreeBSD driver does not include an interface to the RAID capability, but > it seems that the chipset still provides it. I suppose this still avoids > controller lock in, so it should be satisfactory. Can I ask what model you > have? We are running the SAS 9200-8e and the onboard version on the X8SI6-F Mainboard from Supermicro. It was possible to Flash IT-Firmware on Systems that had been delivered with IR-Firmware. I think they removed that feature from their flashing utility. cheers, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
8.3Release status?
Hi, is there already any information regarding the release process of 8.3 available ? On http://www.freebsd.org/releng/index.html 8.2 is still listed under the "Upcoming release schedule" section. I'm too curious to see which work/project made the release (like http://wiki.freebsd.org/Releng/8.2TODO for 8.2). cherio, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
openldap-sasl fails after 8.1 upgrade
Hi, after binary upgrading to freebsd8.1 from 7.2 i encounter an error with openldap24, cyrus-sasl2 and kerberos: # ldapsearch uid=whatever SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80) additional info: SASL(-1): generic failure: GSSAPI Error: No credentials were supplied, or the credentials were unavailable or inaccessible. (unknown mech-code 0 for mech unknown) Simple binding to the ldap server does work. The KDC behind this is still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported Problems with such a setup, but as i can login through ssh and kerberos i suppose these [1] don't apply here (also already tested the proposed changes). If anybody got any insight please share. Thanks in Advance, Leon [1] http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.html ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: openldap-sasl fails after 8.1 upgrade
On Wed, Aug 25, 2010 at 10:34:27PM +0300, Reko Turja wrote: > Sadly the GSSAPI/Kerberos has been broken in 8.x for a good while now. > You can either install the heimdal or MIT port, although getting that > to work in stead of the base can be messy. > > kern/147454 PR actually has a working fix, although I'm not sure if it > applies cleanly as it's pretty big - I managed to get working GSSAPI > with it on 8.1 PRERELEASE. I'll try that. > See also discussion at > http://lists.freebsd.org/pipermail/freebsd-stable/2010-July/057734.html Following the link in the other thread to http://lists.freebsd.org/pipermail/freebsd-stable/2010-February/055017.html i made the changes to /usr/bin/krb5-config: # diff /usr/bin/krb5-config /usr/bin/krb5-config.org 96c96 < lib_flags="$lib_flags -lgssapi -lgssapi_spnego -lgssapi_krb5 -lheimntlm" --- > lib_flags="$lib_flags -lgssapi -lheimntlm" After that, rebuilding openldap+dependencies makes it work again. I suppose this is quite dirty and i have to see if it introduces other problems. Thanks, leon > > -- > From: "LeonMeßner" > Sent: Wednesday, August 25, 2010 7:04 PM > To: > Subject: openldap-sasl fails after 8.1 upgrade > > > Hi, > > > > after binary upgrading to freebsd8.1 from 7.2 i encounter an error > > with openldap24, cyrus-sasl2 and kerberos: > > > > # ldapsearch uid=whatever > > SASL/GSSAPI authentication started > > ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) > > error (80) > >additional info: SASL(-1): generic failure: GSSAPI Error: No > > credentials were supplied, or the credentials were unavailable or > > inaccessible. (unknown mech-code 0 for mech unknown) > > > > Simple binding to the ldap server does work. The KDC behind this is > > still on kerberos 0.6.3 (FreeBSD7.3) and there have been reported > > Problems with such a setup, but as i can login through ssh and > > kerberos > > i suppose these [1] don't apply here (also already tested the > > proposed > > changes). > > > > If anybody got any insight please share. > > > > Thanks in Advance, > > Leon > > > > [1] > > http://lists.freebsd.org/pipermail/freebsd-stable/2009-October/052217.html > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to > > "freebsd-questions-unsubscr...@freebsd.org" > > > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Does this look reasonable (y/n)?
Hello, i have quite a common question i think but my google skills didn't bring up anything decent. If you use binary freebsd-update to upgrade between major releases it starts comparing config files at some point. After the manual merges it start's "automerge" and asks you: Does this look reasonable (y/n)? for every file. If you answer n freebsd-update bails out (after working for like ages getting patches/files etc.) So wouldn't it be nice to give the user a chance to resolve the merge or at least ask if the user really wants to quit the upgrade. Am i missing something here? regards, leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Downgrade from 8.1 to 8.0 possible ?
Hi, because of the broken heimdal (gssapi) in 8.1-RELEASE i'm thinking of going back to 8.0-p2 because i suppose the patch mentioned in kern/147454 works there (opposed to 8.1). Can i just csup RELENG_8_0_0_RELEASE and make a new world/kernel plus eventually freebsd-update to -p2 then ? TIA, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
How do we like our base kerberos? Will it flee soon?
Hi, I'm looking for workarounds for this crappy situation which currently prevents FreeBSD8 from working together with libgssapi (see kern/147454) and multiple threads on -questions. What i tried: - Use old RELENG_8 and RELENG_8_1 sources where Benjamin's patch still applied. (Can't build world then). - Modify /usr/bin/krb5-config to include -lgssapi_spnego -lgssapi_krb5 at the right place (works on some machines). What i didn't try: - Use the port. How are you handling this situation. Does anyone know a cvs tag= and date= combination which lets you build world with Benjamin's patch (tried RELENG_8 and _8_1 from 24.6 and 19.7 and now)? Actually a complete base kerberos would be much appreciated. best regards, Leon pgpNaCkW0QB3v.pgp Description: PGP signature
mergemaster comparing everything.
Hi, is there a trick besides using the rcs funktion of mergemaster to get around having to look at every file in /etc for comparison? I know there once was a bug in mergemaster but it's closed for a long time now. Example: *** Displaying differences between ./etc/periodic/daily/300.calendar and installed version: --- /etc/periodic/daily/300.calendar2010-07-29 12:54:42.0 +0200 +++ ./etc/periodic/daily/300.calendar 2010-11-12 17:06:33.0 +0100 @@ -1,6 +1,6 @@ #!/bin/sh # -# $FreeBSD: src/etc/periodic/daily/300.calendar,v 1.5.36.1.4.1 2010/06/14 02:09:06 kensmith Exp $ +# $FreeBSD: src/etc/periodic/daily/300.calendar,v 1.5.36.1 2009/08/03 08:13:06 kensmith Exp $ # # `calendar -a' needs to die. Why? Because it's a bad idea, particular # with networked home directories, but also in general. If you want # the 90% of the differences are just in this cvs? tag lines. This is an upgrade from 8.1 to -STABLE. Greetings, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How do we like our base kerberos? Will it flee soon?
On Thu, Nov 11, 2010 at 04:22:57PM +0100, Joerg Pulz wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > > On Wed, 10 Nov 2010, Leon Meßner wrote: > > > Hi, > > > > What i didn't try: > > > > - Use the port. > > > please take a look at ports/152030 and the patches i mentioned in the PR. > > With applied ports/152030 and the world patch applied, you should be able > to build a world fully against the security/heimdal port by simply > specifying WITH_KERBEROS_PORT=1 in /etc/src.conf and HEIMDAL_HOME= > (normally /usr/local) in /etc/make.conf. > You should specify WITHOUT_KERBEROS=1 in /etc/src.conf to avoid mess and > confusion with two different heimdal version installed. > > Don't forget to install the security/heimdal port first. > > Comments are welcome. Did exactly as told and everything worked fine. Im currently in the process of rebuilding gssapi dependent software. Will tell if it fixed my issue. thanks, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: mergemaster comparing everything.
On Fri, Nov 12, 2010 at 09:40:01AM -0700, Warren Block wrote: > On Fri, 12 Nov 2010, Leon Me?ner wrote: > > > is there a trick besides using the rcs funktion of mergemaster to get > > around having to look at every file in /etc for comparison? > > I know there once was a bug in mergemaster but it's closed for a long > > time now. > ... > > 90% of the differences are just in this cvs? tag lines. This is an > > upgrade from 8.1 to -STABLE. > > 'mergemaster -Ui' helps. thanks, that helped. Did the default behavior of mergemaster change somewhere because i didn't have to do this awhile ago (months not years). greetings, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How do we like our base kerberos? Will it flee soon?
On Fri, Nov 12, 2010 at 06:03:33PM +0100, Joerg Pulz wrote: > On Fri, 12 Nov 2010, Leon Meßner wrote: > > > On Thu, Nov 11, 2010 at 04:22:57PM +0100, Joerg Pulz wrote: > >> On Wed, 10 Nov 2010, Leon Meßner wrote: > > Did exactly as told and everything worked fine. Im currently in the > > process of rebuilding gssapi dependent software. Will tell if it fixed > > my issue. > > Hi, > > good to hear that everything went fine for you. > If you're using 8.x you should remove some of the leftover kerberos/gssapi > libraries by yourself as the ObsoleteFiles list is still incomplete in > 8.x and 'make delete-old delete-old-libs' will not remove everything. > E.g. > in /usr/lib and /usr/lib32 > libasn1* libgssapi* libhdb* libheimntlm* libhx509* > libkadm5* libkafs5* libkrb5* > in /usr/libexec > kcm It looks like i do also still have the old kerberos tools (kinit,kadmin etc.) in the base prefix and they do now segfault: /libexec/ld-elf.so.1: Shared object "libkafs5.so.10" not found, required by "kinit" # ls /usr/local/lib/libkafs* /usr/local/lib/libkafs.a/usr/local/lib/libkafs.la /usr/local/lib/libkafs.so /usr/local/lib/libkafs.so.5 > Btw. > If you're using security/cyrus-sasl2 with GSSAPI please take a look at > PR/152071. Using that. Patch applied and build cleanly. saslauthd starts as expected. But i do have some problems now getting tickets. This machine is a kerberos slave. if i start ipropd-slave with local kdc running i get: krb5_get_init_creds: Client (iprop/lise.physik-pool.tu-berlin...@pcpool.physik.tu-berlin.de) unknown when local kdc is not running authentication works but i get: ipropd-slave[28610]: connection successful to master: marie.physik-pool.tu-berlin.de[130.149.58.147] ipropd-slave[28610]: ipropd-slave started at version: 10166 ipropd-slave[28610]: db->open: dbm_open(/var/heimdal/heimdal): Inappropriate file type or format Which i can understand because the db is at /var/heimdal/heimdal.db which in turn is correctly specified in /etc/krb5.conf. Are there any config syntax changes between 0.6.3 and 1.4, so i have to modify my krb5.conf ? Thanks, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Heimdal 1.4 can't open old 0.6.3 database
Hello, because of the unusable base gssapi i switched to using the security/heimdal port. But now my heimdal tools (ipropd-slave, kdc) can't open my old database the error i get is: kdc[5156]: Failed to open database: opening /var/heimdal/heimdal.db: Invalid argument # /usr/local/libexec/kdc --builtin-hdb builtin hdb backends: db:, keytab:, sqlite: # ls -l /var/heimdal total 1856 -rw--- 1 root wheel 1658880 Nov 1 14:27 heimdal.db -rw--- 1 root wheel157706 Nov 12 22:01 log -rw-r- 1 root wheel 10485760 Aug 16 20:06 log.01 -rw--- 1 root wheel83 Aug 7 22:31 m-key # file heimdal.db heimdal.db: Berkeley DB 1.85/1.86 (Btree, version 3, native byte-order) The old heimdal version was 0.6.3 the new: # /usr/local/libexec/kdc --version kdc (Heimdal 1.4) I can't find any information if i have to merge anything or so. The Kerberos docu only talks about MIT to Heimdal or v4 to v5 conversion. thanks, leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Mutt Port broken ?
Salut, On Sun, Nov 14, 2010 at 04:11:35PM +0100, t...@diogunix.com wrote: > Hello everybody, > > just tried to build /usr/ports/mail/mutt but surprisingly got stuck with an > Error 1 though the ports collectionis updated and well maintained: > > m_err -lcrypto -lasn1 -lroken -lcrypt -lssl -lcrypto -lintl -liconv -liconv > muttlib.o(.text+0x12f2): In function `mutt_mktemp': > : warning: warning: mktemp() possibly used unsafely; consider using > mkstemp() > /usr/lib/libhx509.so: undefined reference to `MD2_Init' > /usr/lib/libhx509.so: undefined reference to `MD2_Final' > /usr/lib/libhx509.so: undefined reference to `MD2_Update' > *** Error code 1 > > Stop in /usr/ports/mail/mutt/work/mutt-1.4.2.3. > *** Error code 1 > > Stop in /usr/ports/mail/mutt/work/mutt-1.4.2.3. > *** Error code 1 > > Stop in /usr/ports/mail/mutt/work/mutt-1.4.2.3. > *** Error code 1 > > Stop in /usr/ports/mail/mutt. > > Any ideas on what could be done ? I'm nut sure but i remember that openssl dropped support for the MD2 Algo. Perhaps try with MD2 enabled. hth, leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Stale NFS file handles on 8.x amd64
Hi, On Mon, Nov 29, 2010 at 08:06:54PM -0500, Adam McDougall wrote: > I've been running dovecot 1.1 on FreeBSD 7.x for a while with a bare > minimum of NFS problems, but it got worse with 8.x. I have 2-4 servers > (usually just 2) accessing mail on a Netapp over NFSv3 via imapd. > delivery is via procmail which doesn't touch the dovecot metadata and > webmail uses imapd. Client connections to imapd go to random servers > and I don't yet have solid means to keep certain users on certain > servers. I upgraded some of the servers to 8.x and dovecot 1.2 and ran > into Stale NFS file handles causing index/uidlist corruption causing > inboxes to appear as empty when they were not. In some situations their > corrupt index had to be deleted manually. I first suspected dovecot 1.2 > since it was upgraded at the same time but I downgraded to 1.1 and its > doing the same thing. I don't really have a wealth of details to go on > yet and I usually stay quiet until I do, and half the time it is > difficult to reproduce myself so I've had to put it in production to get > a feel for progress. This only happens a dozen or so times per weekday > but I feel the need to start taking bigger steps. I'll probably do what Does it depend on the size of the message? > I can to get IMAP back on a stable base (7.x?) and also try to debug 8.x > on the remaining servers. A binary search is within possibility if I > can reproduce the symptoms often enough even if I have to put a test > server in production for a few hours. > > Any tips on where we could start looking, or alterations I could try > making such as sysctls to return to older behavior? It might be worth there were some problems on nullfs mounted nfs shares (like in jails) and dovecot, as dovecot changed its location for temporary file creation to the user home. But IIRC the error message looked more like: http://www.mail-archive.com/dove...@dovecot.org/msg26856.html And are fixed in stable. Just a hint, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Stale NFS file handles on 8.x amd64
I set a wrong cc . Please look over to -stable. Sorry for that, Leon On Tue, Nov 30, 2010 at 03:10:18PM +, krad wrote: > On 30 November 2010 01:48, Leon Meßner wrote: > > > Hi, > > > > On Mon, Nov 29, 2010 at 08:06:54PM -0500, Adam McDougall wrote: > > > I've been running dovecot 1.1 on FreeBSD 7.x for a while with a bare > > > minimum of NFS problems, but it got worse with 8.x. I have 2-4 servers > > > (usually just 2) accessing mail on a Netapp over NFSv3 via imapd. > > > delivery is via procmail which doesn't touch the dovecot metadata and > > > webmail uses imapd. Client connections to imapd go to random servers > > > and I don't yet have solid means to keep certain users on certain > > > servers. I upgraded some of the servers to 8.x and dovecot 1.2 and ran > > > into Stale NFS file handles causing index/uidlist corruption causing > > > inboxes to appear as empty when they were not. In some situations their > > > corrupt index had to be deleted manually. I first suspected dovecot 1.2 > > > since it was upgraded at the same time but I downgraded to 1.1 and its > > > doing the same thing. I don't really have a wealth of details to go on > > > yet and I usually stay quiet until I do, and half the time it is > > > difficult to reproduce myself so I've had to put it in production to get > > > a feel for progress. This only happens a dozen or so times per weekday > > > but I feel the need to start taking bigger steps. I'll probably do what > > > > Does it depend on the size of the message? > > > > > I can to get IMAP back on a stable base (7.x?) and also try to debug 8.x > > > on the remaining servers. A binary search is within possibility if I > > > can reproduce the symptoms often enough even if I have to put a test > > > server in production for a few hours. > > > > > > Any tips on where we could start looking, or alterations I could try > > > making such as sysctls to return to older behavior? It might be worth > > > > there were some problems on nullfs mounted nfs shares (like in jails) > > and dovecot, as dovecot changed its location for temporary file creation > > to the user home. But IIRC the error message looked more like: > > http://www.mail-archive.com/dove...@dovecot.org/msg26856.html > > And are fixed in stable. > > > > Just a hint, > > Leon > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscr...@freebsd.org" > > > > > im seeing similar issues on a large mail platform with netapp and dovecot on > freebsd 8.1 as well. The problems existed in 7.x as well though. Basically > the NFS mount just locks up. I've not managed to pin point it yet but one > thing im certain of its a client os issue rather than the filer. This is > because only one node out fo the 16 will lock at any time on that particular > nfs mount. Strangely as well if I remount the dead nfs share on say /mnt on > the affected node, it works fine. I'm convinced its some kind of locking > issue. > > I have dtrace (WITH_CTF=1) in the kernel, so will have a poke around with > that and see if I can see anything interesting. Can anyone recommend > anything here? > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: A jail with a dash in its name
On Tue, Dec 21, 2010 at 11:31:42PM +0100, Christer Solskogen wrote: > On Tue, Dec 21, 2010 at 9:26 PM, Matthew Seaman > wrote: > > > Of course, there's no problem with using the form 'forest-friend' on the > > RHS of any assignments, so long as it's properly quoted, of course. > > > > Thanks for all your help! > I chose to remove all hyphens instead. I use ezjail and have jails with hyphens. Everything works fine there. salut, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: SAS HBA card for freebsd?
On Thu, Dec 23, 2010 at 10:32:24PM -0500, Robert Boyer wrote: > I need a SAS controller that has preferably 8 ports (two four channel) > connections per card. I don't mind decent buying a RAID card but really > really desire it to be configurable in HBA mode vs. RAID or JBOD with RAID > signatures. There are plenty of HBA only cards that would be suitable but I > can find none that seem to fit the bill in terms of FreeBSD. I have seen a > couple of cheap RAID cards recommended but cannot seem to get a definitive > answer of whether they are actually configurable as plain old disks (HBA > mode) vs JBOD w/ RAID signature. > > Anybody using a reasonably priced card that fits the bill? Not yet, but were planning to get the LSI 9200. The driver is prob. comming in 8.2 if i interpret the TODO list correctly. If you are fine with SAS version 1 there are lots of good supported RAID-cards that can work in JBOD mode. chario, Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Default labeling and space for rebuilding the kernel.
Hi, if one uses the default labeling with current installer it is not possible to rebuild the kernel (GENERIC). It fails on installing the wlan.ko. Isn't that wrong somehow ? ===> wi (install) install -o root -g wheel -m 555 if_wi.ko /boot/kernel install -o root -g wheel -m 555 if_wi.ko.symbols /boot/kernel ===> wlan (install) install -o root -g wheel -m 555 wlan.ko /boot/kernel install -o root -g wheel -m 555 wlan.ko.symbols /boot/kernel /: write failed, filesystem is full install: /boot/kernel/wlan.ko.symbols: No space left on device *** Error code 71 Stop in /usr/src/sys/modules/wlan. *** Error code 1 regards, Leon pgp1J9IYK1Sgu.pgp Description: PGP signature
Re: Default labeling and space for rebuilding the kernel.
On Wed, Mar 31, 2010 at 08:34:59AM -0400, Michael Powell wrote: > Leon Meßner wrote: > > > Hi, > > > > if one uses the default labeling with current installer it is not > > possible to rebuild the kernel (GENERIC). It fails on installing the > > wlan.ko. > > /: write failed, filesystem is full > > install: /boot/kernel/wlan.ko.symbols: No space left on device > [snip] > > There has been some discussion lately about possibly changing the defaults. > If you become faced with having to reinstall jot down your current partition > sizes and adjust manually making / larger. On production machines i have some 2G. This was just an as fast as possible installation. > Since it is full, if you intend to try and recover it will entail deleting > something. This could get tricky, especially if the new 'kernel' space is > what filled up. This would presuppose that the kernel.old area was already > written out successfully. If the machine will not boot successfully with the > new kernel it is imperative that kernel.old still be healthy in order to > recover. However, if the new kernel does actually boot, with the result > being that some modules are missing you may be able to delete the kernel.old > in order to buy space. Messing around with this can potentially be > problematic, for obvious reasons. A strong 'YMMV' is indicated here. I just went the easy way and moved the old kernel away from / . I wouldn't have done so if this machine would be very critical though. > If you can get past that, you may be able to mitigate the / being too small. > Place STRIP= -s into /etc/make.conf and WITHOUT_PROFILE= true into > /etc/src.conf. The con of this is that you lose some debugging ability. The > pro is new kernels will now fit. I have two servers set up this way at home, > and one uses 91MB while the other uses 93MB of space. The 91MB one only has > a / of 200MB total, and is nearly half empty. Allows for rebuilding and > installing a new kernel without running out of space. Hm, never used this file. Looks like it was introduced in FBSD7 somewhere. Looks reasonable to split parameters for /usr/src into a different file than /etc/make.conf thanks, Leon pgpvRV7QIQqB5.pgp Description: PGP signature
security/libassuan's distinfo missing something ?
Hi, as a dependency to gnupg i tried to install security/libassuan and noticed that Makefile's verify section contains a reference to a .sig file which isn't in the distinfo. There are ongoing pr's about this port (ports/144186). Though i don't think this is related this pr would perhaps fix this issue too. The error i get is: ===> gnupg-2.0.14_1 depends on package: libassuan>=1.0.4 - not found ===>Verifying install for libassuan>=1.0.4 in /usr/ports/security/libassuan ===> Vulnerability check disabled, database not found => libassuan-1.0.5.tar.bz2.sig is not in /basejail/usr/ports/security/libassuan/distinfo. => Either /basejail/usr/ports/security/libassuan/distinfo is out of date, or => libassuan-1.0.5.tar.bz2.sig is spelled incorrectly. *** Error code 1 Did anyone run into this problem ? TIA, Leon pgpDxxxlSJ44W.pgp Description: PGP signature
freeBSD nullfs together nfs and "silly rename"
Hi, when you try to do the following inside a nullfs mounted directory, where the nullfs origin is itself mounted with nfs you get an error: # foo # tail -f foo& # rm -f foo tail: foo: Stale NFS file handle # fg This is really a problem when running services inside jails and using NFS as storage. As of [2] it looks like this problem is known for a while. On a normal NFS mount this does not happen as "silly renaming" [1] works there. As freeBSD is getting towards NFSv4 perhaps this would be a solution but i actually would'nt want to use these in production. Is there a fix or anything ? [1] http://nfs.sourceforge.net/#faq_d2 [2] http://ftp.freebsd.org/pub/FreeBSD/development/FreeBSD-CVS/src/sys/nfsclient/nfsnode.h,v rev:1.32.2.1 pgpkbYYlcaFv0.pgp Description: PGP signature
freeBSD nullfs together nfs and "silly rename"
Hi, I hope this is not the wrong list to ask. Didn't get any answers on -questions. When you try to do the following inside a nullfs mounted directory, where the nullfs origin is itself mounted via nfs you get an error: # foo # tail -f foo& # rm -f foo tail: foo: Stale NFS file handle # fg This is really a problem when running services inside jails and using NFS as storage. As of [2] it looks like this problem is known for a while. On a normal NFS mount this does not happen as "silly renaming" [1] works there (producing nasty little .nfs files). TIA, Leon [1] http://nfs.sourceforge.net/#faq_d2 [2] http://ftp.freebsd.org/pub/FreeBSD/development/FreeBSD-CVS/src/sys/nfsclient/nfsnode.h,v rev:1.32.2.1 pgpiC7e0lo2WH.pgp Description: PGP signature
Re: freeBSD nullfs together nfs and "silly rename"
nevermind.. resend and forgot to change the addressee. If anyone has an idea i would of course still be grateful. Regards, leon On Wed, Jun 02, 2010 at 01:50:33PM +0200, Leon Meßner wrote: > Hi, > I hope this is not the wrong list to ask. Didn't get any answers on > -questions. > > When you try to do the following inside a nullfs mounted directory, > where the nullfs origin is itself mounted via nfs you get an error: > > # foo > # tail -f foo& > # rm -f foo > tail: foo: Stale NFS file handle > # fg > > This is really a problem when running services inside jails and using > NFS as storage. As of [2] it looks like this problem is known for a > while. On a normal NFS mount this does not happen as "silly renaming" > [1] works there (producing nasty little .nfs files). > > TIA, > Leon > > [1] http://nfs.sourceforge.net/#faq_d2 > [2] > http://ftp.freebsd.org/pub/FreeBSD/development/FreeBSD-CVS/src/sys/nfsclient/nfsnode.h,v > rev:1.32.2.1 pgplzqWuHVMeY.pgp Description: PGP signature
pf binat problem
# network diagram
#__
# | | ---
# | |
# ---| freebsd | ---
# |pf|
# ---| firewall |
# | |
# (internal nets) |__| (external nets)
Default Gateway is .
When a connection arrives on one of the dsl_if's it is redirected to the
correct port on the dms_srv, traced via tcpdump.
The dmz_srv responds but tries to send its reply out the default gateway
instead of via the interface the connection arrived on.
The dmz server is actually a LVS cluster masqueraded.
All connections coming in via the dig_if get redirected and work fine.
How can i tell pf to return connections out the same interface they
arrived on and not use the default route out dig_if?
dsl1_if = "rl3"
dsl1_rt = "172.16.3.1"
dsl1_ip = "172.16.3.2"
dsl2_if = "rl1"
dsl2_rt = "172.16.4.1"
dsl2_ip = "172.16.4.2"
dmz_if = "rl0"
dmz_srv = "172.16.2.4"
dmz_if_ip = "172.16.2.3"
pri_if = "rl2"
pri_ip = "192.168.254.1"
binat on $dig_if from $dmz_srv to any -> $dig_ip
binat on $dsl1_if from $dmz_srv to any -> $dsl1_ip
binat on $dsl2_if from $dmz_srv to any -> $dsl2_ip
nat on $dig_if from to any -> $dig_ip
nat on $dsl1_if from to any -> $dsl1_ip
nat on $dsl2_if from to any -> $dsl2_ip
rdr on $dsl1_if inet proto tcp from any to $dsl1_ip port { 25, 80, 110 }
-> $dmz_srv
rdr on $dsl2_if inet proto tcp from any to $dsl2_ip port { 25, 80, 110 }
-> $dmz_srv
Thanks
Leon
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
solution: pf with multiple external interfaces for incoming and going traffic.
I am posting this soultion in the hope that it might help someone else
that has been searching for the answer to running multiple external
interfaces and wishes to load balance outgoing private lan traffic and
also have all these interfaces available for incoming connections to a
dmz server. I claim no credit for this since it is a formulation of many
posts to various mailing lists.
example:
## NAT section
#Standard natting for outgoing connections.
nat on $ext_if1 from {$private_net, $dmz_srv} to any -> $ext_if1_ip
nat on $ext_if2 from {$private_net, $dmz_srv} to any -> $ext_if2_ip
nat on $ext_if3 from {$private_net, $dmz_srv} to any -> $ext_if3_ip
#These rdr rules send the incoming connections on the ext_if's to the
dmz server.
rdr on $ext_if1 inet proto tcp from any to $ext_if1_ip port { 25, 80,
110 } -> $dmz_srv
rdr on $ext_if2 inet proto tcp from any to $ext_if2_ip port { 25, 80,
110 } -> $dmz_srv
rdr on $ext_if3 inet proto tcp from any to $ext_if3_ip port { 25, 80,
110 } -> $dmz_srv
This rdr rule sends traffic from the lan destined for services on the
ext interfaces to the dmz since the previous rdr rules will have no effect.
rdr on $int_if inet proto tcp to {$ext_if1_ip, $ext_if2_ip, $ext_if3_ip
} port { 80, 25, 110 } -> $dmz_srv
## RULES section
#The following rules ensure that traffic incoming on the various
interfaces are routed back out the same interface it arrived on.
pass in quick on $ext_if1 reply-to ( $ext_if1 $ext_if1_router ) inet
proto tcp from any to $dmz_srv port { 25, 80, 110 } flags S/SA keep state
pass in quick on $ext_if2 reply-to ( $ext_if2 $ext_if2_router ) inet
proto tcp from any to $dmz_srv port { 25, 80, 110 } flags S/SA keep state
pass in quick on $ext_if3 reply-to ( $ext_if3 $ext_if1_router ) inet
proto tcp from any to $dmz_srv port { 25, 80, 110 } flags S/SA keep state
#Now to load balance the outgoing traffic. The previous sections are not
needed if you do not accept incoming connections.
pass in on $int_if route-to { ($ext_if1 $ext_if1_router), ($ext_if2
$ext_if2_router), ($ext_if3 $ext_if3_router) } round-robin from
$private_net to any keep state
# The following ensure that packets originating from the lan are routed
out the correct interface. Although i have found my setup works fine
without these, the pf guru's recommend it.
pass out on $ext_if1 route-to ($ext_if2 $ext_if2_router) from $ext_if2
to any
pass out on $ext_if1 route-to ($ext_if3 $ext_if3_router) from $ext_if3
to any
pass out on $ext_if2 route-to ($ext_if1 $ext_if1_router) from $ext_if1
to any
pass out on $ext_if2 route-to ($ext_if3 $ext_if3_router) from $ext_if3
to any
pass out on $ext_if3 route-to ($ext_if1 $ext_if1_router) from $ext_if1
to any
pass out on $ext_if3 route-to ($ext_if2 $ext_if2_router) from $ext_if2
to any
Be advised that there could be errors as this was typed in a rush and
adapted from our own ruleset for the sake of ease of reading.
--
Regards
Leon Botes
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Problem with Hard Disk
Hi i would like to install Freebsd 6.0 but my Hard Disk (SAMSUNG ST0822N 80 GB) is not detected (im using it to write this mail) sorry my english is not good see you Victor Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Wireless networking issue with cm9 card
I am using a routerboard 14 on freebsd 6.0. I have Senoa 5354 card installed and setup as an AP an all works fine. I use exactly the same setup with a cm9 card and i get exactly nothing. Tried setting it to be an AP client and it sees nothing. The lights on the routerboard keep flashing rythmically for the cm9 while those on the 5354 are on constantly. Has anyone had experience in this configuration. dmesg gives same output for cm9 as for 5354. Is there any configuration specific to the cm9 that is different. Thanks Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PF ruleset NAT assistance
I have a strange scenario that i am sure pf can cope with but i am not sure how to write the ruleset. We have a gateway freebsd box with the following interfaces ext_if1 (internet connection 1) ext_if1_rt (router ip connected to the ext_if1) ext_if1_ip (the ip of ext_if1) ext_if1_ip2 (the 2nd ip of ext_if1) ext_if2 (internet connection 2) ext_if2_rt (router ip connected to the ext_if2) ext_if2_ip (the ip of ext_if2) ext_if2_ip2 (the 2nd ip of ext_if2) ext_if3 (internet connection 3) ext_if3_rt (router ip connected to the ext_if3) ext_if3_ip (the ip of ext_if3) ext_if3_ip2 (the 2nd ip of ext_if3) dmz_if (DMZ server interface) dmz_srv (DMZ server ip) dmz_if_ip (DMZ interface ip) lan_if (lan pc network interface)# network diagram lan_if_ip (lan interface ip) pri_net (entire subnet of the lan pc's) The default gateway is the router ext_if_rt. All external interfaces need to be natted. The second ips on the interfaces are intended for binat use which is where the problem comes in. I need to allow various ports in on all the ext_if's and be redirected to the dmz server. The returning packets must then be sent back out the same interface they arrived on. These rules seem logical but dont seem to work (specific ports omitted) Can anyone point out my fault? nat on $ext_if1 from pri_net to any -> $ext_if1_ip binat on ext_if1 from dmz_srv to any -> ext_if1_ip2 nat on $ext_if2 from pri_net to any -> $ext_if2_ip binat on ext_if2 from dmz_srv to any -> ext_if2_ip2 nat on $ext_if3 from pri_net to any -> $ext_if3_ip binat on ext_if3 from dmz_srv to any -> ext_if3_ip2 Can someone help me with these three binat rules plz. -- Regards Leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
What is wrong with these pf rules?
binat on $dig_if from $dmz_srv to any -> $dig_ip2
binat on $dsl1_if from $dmz_srv to any -> $dsl1_ip2
binat on $dsl2_if from $dmz_srv to any -> $dsl2_ip2
rdr on $dig_if inet proto tcp from any to $dig_ip2 port { 25, 80, 81,
110 } -> $dmz_srv
rdr on $dsl1_if inet proto tcp from any to $dsl1_ip2 port { 25, 80, 110
} -> $dmz_srv
rdr on $dsl2_if inet proto tcp from any to $dsl2_ip2 port { 25, 80, 110
} -> $dmz_srv
$dig_if, $dsl1_if, dsl2_if are all connected to the net via routers.
The rule works for whichever interface the default route points to.
How can i get pf to return incoming connections out the same interface
they arrived on?
--
Regards
Leon
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Video card
the install is normal after that when i restart the cpu sounds a "beep" and can't use X mode ,i only can use text mode my monitor is a AOC model CT520n On 7/7/06, Lowell Gilbert <[EMAIL PROTECTED]> wrote: "victor leon" <[EMAIL PROTECTED]> writes: > Hi i want to install freebsd 6.1 in my cpu but i dont find drivers , the > videocard is S3 Pro Savage km133 What actually happens when you do the install? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: accidental overwrite
On Mon, Jul 04, 2005 at 04:17:17PM -0700, steve lasiter wrote: > > My question(s) are: Is there any way to revert back to > the original file if this type of mistake is made? If > not is there anyway to get just that one file without > having to do a complete removal and installation? And > finally, is the only way to NOT do this again is to > use the appropriate flags with cp? Hi, i suppose you could either get the right package version and untar/gunzip it or go into the port directory of mysql and do a "make extract" which creates the subdir "work" in which you find the ports files and dirs but pay attention to the right port version here as well. HTH, Leon -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Using unix mail with maildir format
On Tue, Jul 05, 2005 at 08:08:57AM +0200, dick hoogendijk wrote: > > What are the pro's and cons for/against both mail standards? > Won't the maildir format with all this separate mails not be more > difficult to maintain? > > I have to say that running courier/maildir never gave problems 'till now > but having the chooce I very much want some insights/advice on this > matter. Some reading points are OK too ;-) Hi, some reading points ;-) : http://www.courier-mta.org/mbox-vs-maildir/ http://cr.yp.to/proto/maildir.html http://wiki.mutt.org/index.cgi?MuttFaq/Maildir This is all very pro maildir but couldn't find any pro mbox now. Also have a look at the shares maildir feature if using imap with multiple users accessing one mail dump. Greets Leon -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: adding unused disk space for FreeBSD
On Sat, Jul 09, 2005 at 01:04:01PM +, [EMAIL PROTECTED] wrote: > Hi all, > I have a FreeBSD slice (/dev/ad4s3) on which my FreeBSD system lives and > some unused free diskspace (resulting from deletion of another OS (no names > :-))) on the harddisk. I'd like to use this free diskspace with FreeBSD. > I was unable to figure out how to do that using 'fdisk and friends'. > Hi, IMHO the fastest way is using either sysinstall or fdisk to delete the old "no names" slice and create a FreeBSD (type 165/0xA5) slice. After that you can create partition(s) within that new slice using disklabel/sysinstall. You should fsck the partition afterwards. Pay attention to your orig. FreeBSD slice while doing this and have a bootable rescue CD near you. HTH, Leon -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to add CPU on server
On Tue, Jul 12, 2005 at 01:21:28PM +0700, Olivier Nicole wrote: > > Do I need to recompile the kernel? Any hints? > > Yes you'd do, unless you enabled SMP in the kernel of the sincle CPU > machine. > > options SMP > > in /sys/i386/conf/YOURKERNEL I think that is enough (rebuild and > reinstall the kernel of course). IIRC you should also consider to add "device apic" to your kernel config (if you dont have already, of course) and perhaps have a short glimpse at the NOTES file. Cheers, Leon -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: fsck says "UNEXPECTED SOFT UPDATE INCONSISTENCY"
On Thu, Aug 11, 2005 at 03:05:06PM +1000, Jerahmy Pocott wrote: > Hello everyone, > > After a server lost power unexpectedly (read: someone pulled the plug > out), on reboot > the automatic fsck failed with "UNEXPECTED SOFT UPDATE INCONSISTENCY" as > the message. Running fsck interactively doesn't seem to be able to > fix it.. > > Every time in phase one it says: > > CANNOT READ: BLK 66322496 > UNEXPECTED SOFT UPDATE INCONSISTENCY > Any ideas on what I could try to fix this? > You could have a look at tunefs(8) and turn soft updates off for fsck'ing. HTH Leon -- gnupg key ID: 9B820836 & Fingerprint: 6081 8F41 8FEC 0D69 DB98 F014 0FD4 B47D 9B82 0836 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Hardwire drive0 to ad0 on hw raid.
Hi, i'm having a problem with the disk numbering of RAID arrays (3ware 9650SE). When i boot, the array with my system is always the last numbered drive (ATM its ad16). This array is on its own controller. lsdev in the loader shows the array as drive0 (first BIOS drive i assume). Is there a way to hardwire this to ad0 as i dont want my system array to have different numbers when booting with different amounts of drives attached to the system. I couldn't find any hints on this in the 3ware manuals or controller-setup. Thanks in Advance, Leon FWIW: This is on FreeBSD-7.1-p5 (latest binary update). pgpGqN9NZe6lp.pgp Description: PGP signature
Re: Hardwire drive0 to ad0 on hw raid.
On Sat, Apr 25, 2009 at 08:39:09PM -0600, Tim Judd wrote: > On Sat, Apr 25, 2009 at 8:08 PM, Leon Meßner > wrote: > > > Hi, > > > > i'm having a problem with the disk numbering of RAID arrays (3ware > > 9650SE). When i boot, the array with my system is always the last > > numbered drive (ATM its ad16). This array is on its own controller. > > lsdev in the loader shows the array as drive0 (first BIOS drive i > > assume). > > Is there a way to hardwire this to ad0 as i dont want my system > > array to have different numbers when booting with different amounts > > of drives attached to the system. > > That's one of the advantages of putting labels on a filesystem. You > then > specify in fstab that you mount by it's label versus the device name > directly. > Ok, thanks. That works for getting my system mounted ok. Now i have a zfs raid on the rest of my drives (ad0-ad15). If i now boot with one of these removed, will zfs try to use my system disk (now beeing ad15) ? Is it necessary to label all my drives and setup zfs to use the labeled devices ? I need glabel for this right, because there is no fs on these drives. Thanks, Leon pgprfTFa8KaSU.pgp Description: PGP signature
Re: FreeBSD in a cloud
On Thu, May 28, 2009 at 12:35:05PM +0200, Iv Ray wrote: > Does anyone know a place to host FreeBSD in a cloud? Nope, but i heard amazon and some FreeBSD people are working on this. AFAIK it's dependent on the used Hypervisor and works with latest version of Xen (the freebsd wiki says so at least). > Rackspace offer quite interesting cloud servers via www.mosso.com - > but they claim they run only Linux. > > We have had FreeBSD with Rackspace for over 5 years (though they > refuse to officially support it) and I cannot understand if they > cannot or do not want to run it in the cloud. cheers, leon ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
PQI 128MB USB flash drive mount problems
hi, i have a PQI Intelligent Stick 128MB USB flash drive that i'm trying to get working on -CURRENT. i added: device da device scbus device umass to my kernel configuration. when i attach the drive, it detects it correctly, and i get the following kernel messages on the console: umass0: Intelligent Stick Intelligent Stick, rev 1.10/1.00, addr 2 da0 at umass-sim0 bus 0 target 0 lun 0 da0: Removable Direct Access SCSI-0 device da0: 1.000MB/s transfers da0: 127MB (260448 512 byte sectors: 64H 32S/T 127C) umass0: Phase Error, residue = 0 (da0:umass-sim0:0:0:0): Synchronize cache failed, status == 0x4, scsi status == 0x0 after the above is printed, it prints: Opened disk da0 -> 5 Opened disk da0 -> 5 Opened disk da0 -> 5 Opened disk da0 -> 5 4 times, and then it appears to give up. any attempt to mount /dev/da0s1 fails after a timeout of about 15-20 seconds or so. ash# mount -t msdos /dev/da0s1 /mnt/istick msdosfs: /dev/da0s1: Input/output error any ideas where in /usr/src/sys the culprit is to be found? thanks! leon nb: please cc me on responses. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
GRUB 0.92 on FreeBSD 5.x
hi, is it a new feature of 5.x disallowing direct writes to the device nodes /dev/ad*? getting weird behaviour trying to use the GRUB 0.92 port on all versions of 5.x i've used so far (currently on 5.1-RELEASE). the problem being that i can't see any disks in the 'grub' shell. the 'device' command works, and then a subsequent command like 'root' still fails with "No such disk". i've tracked down the problem to a call in the GRUB source where its trying to open(2) the device node /dev/ad0 with O_RDWR which fails with EPERM, which causes GRUB to delete the drive from its device map without any warning, just silent failure. i am running the 'grub' executable as root though. when i patch that section of the source file (asmstub.c, function get_diskinfo()) to accept EPERM and only open in read-only mode, suddenly i can see my drives. but obviously anything wanting to modify the drive, like 'setup', fails. is my only recourse to install GRUB from floppy when using it from FreeBSD? please cc me on replies, i'm not subscribed to -questions. thanks leon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Errors found in Freebsd
Good day, Firstly I like to say that I believe the developers are doing a standup job and that Freebsd is but the best of the best. I have however one little problem. There is an issue with Broadcom nic (bge) on the dell 2650 machines that are constantly running Ierrs. The bce,em,xl or any other card connected to a server patched to the same switch has no errors only that card. I have logged a fault on your site for this already but I have received no response and it has been quite some time. Is there anyone I can contact in this regard? Thank You Kind Regards, Leon Swanepoel New from MWEB: Cellphone and Internet bundles! Bundle your Internet access with your cellular contract from R75 per month. Call 08600 32000 or click here(http://www.mweb.co.za/productsservices/MTALKMobile/tabid/1223/Default.aspx) for more info on the great deals available. MWEB :-) JUST LIKE THAT This electronic communication and the attached file(s) are subject to a disclaimer which can be accessed on the following link: Disclaimer - or copy the following URL into your browser - http://www.mweb.co.za/disclaimer. If you are unable to view the disclaimer, please contact [EMAIL PROTECTED] for a copy. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
