Re: Question about torrents via console
rtorrent should work for you bye Norman 2008/6/11 Steve Lake <[EMAIL PROTECTED]>: >Hi all. Ok, I'm curious of something. I've done torrents before > via the graphical interface before, but I want to setup a way to download > isos and various FOSS apps via bittorrent, but I want to do it via the > console so I can start a torrent in screen and then walk away, allowing my > server to finish the work without having to leave my main workstation > running to do the work like I normally do. I'm using bittornado right now, > and if there's a way to do this, I'd love to know how. > > > Steven Lake > Owner/Technical Writer > Raiden's Realm > www.raiden.net > Bringing Linux and BSD to the World > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > [EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: zfs list and non-root user
Hi, even if the zfs module is loaded I get the error message: [EMAIL PROTECTED] ~]$ kldstat | grep zfs 71 0xfcc1c000 80ee8zfs.ko [EMAIL PROTECTED] ~]$ zfs list internal error: failed to initialize ZFS library Anyway thx for the info.. At least now I know why it "should" not work ;-) bye Norman 2008/5/29 Pawel Jakub Dawidek <[EMAIL PROTECTED]>: > On Fri, Apr 11, 2008 at 01:41:28PM -0500, Mark Kane wrote: >> On Fri, Apr 11, 2008, at 15:13:16 +0200, Norman Maurer wrote: >> > Hi all, >> > >> > is it normal that I can't do a 'zfs list' ( for example ) as non-root >> > user ? >> > >> > $ zfs list >> > internal error: failed to initialize ZFS library >> > >> > I think there is really a use case for use some zfs commands as >> > non-root user.. >> > >> > Thx >> > Norman >> >> Hi. >> >> One way to do this as a non-root user is to add the account to the >> "operator" group. This is what I do on my personal desktop machine >> and it has worked fine, but I understand that may not be best in all >> cases. >> >> You might also try changing the permissions on /dev/zfs. I don't do >> this method and I'm not sure if it's a proper way, but from trying it >> very briefly it seems to work correctly with the user not in the >> "operator" group. > > In Solaris anyone can open /dev/zfs and the kernel side of ZFS decides > if the user has permission to perform some action or not. In FreeBSD we > try to be more careful for now, but it will change soon, once we import > delegated administration functionality. > > Although... The error above (failed to initialize ZFS library) most > likely means that zfs.ko module wasn't loaded. zfs(8) tries to do that > automatically, but of course it will only succeed if we are root. In > this case zfs.ko has to be manually loaded by root and then members of > operator group can use zfs(8) command. > > -- > Pawel Jakub Dawidek http://www.wheel.pl > [EMAIL PROTECTED] http://www.FreeBSD.org > FreeBSD committer Am I Evil? Yes, I Am! > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD crashed
Just type "?" to get the possible values. If this not help use the livefs cd to start a shell and mount the disk. Cheers, Norman 2008/5/25 gahn <[EMAIL PROTECTED]>: > Hello all: > > My FreeBSD crashed. It boots fine but can't mount root directory. Here is the > message: > > / > ... > > Trying to mount root from ufs:/dev/ad0s2a > > Manual root filesystem specification: > : Mount using filesystem > eg. ufs:da0s1a > ? List valid disk boot devices > Abort manual input > > mountroot> > > /// > > > Could any gurus here help me out this? I just want to save the files in the > home directory so that I can rebuild the system. > > Regards > > Dave > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Fwd: Question about a recent installation
-- Forwarded message -- From: Norman Maurer <[EMAIL PROTECTED]> Date: 2008/5/7 Subject: Re: Question about a recent installation To: Mario Vazquez <[EMAIL PROTECTED]> 2008/5/6 Mario Vazquez <[EMAIL PROTECTED]>: > > On May 5, 2008, at 6:17 PM, doug wrote: > > > > To give limited priviledges I think sudo (as in linux??) would be > > used. > > > I concur that sudo is really a very good way of managing privileges. > I don't even know the root passwords on the systems that I administer > (OK, I do have them stored in a nice secured place if I ever do need > them). > > Cheers, > > -j > > > -- > > In fact, I use sudo for managing too. My question is not about sudo itself, it's about the possible risks (if any) of having a default installation (FreeBSD7-RELEASE) which assigns ownership of the root folder to root:wheel, thus allowing anyone with wheel privileges be able to see (and copy btw) root folder contents. > I still not get the point.. If the files are create the default is a umask of 022 anway. So if you want to protect your files in the root folder to get accessed, use umask 066 and maybe chmod 700 /root. Cheers Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: simple network traffic query tool
2008/4/24 AngryWolf <[EMAIL PROTECTED]>: > Hi, > > Perhaps try 'bmon'. It doesn't support displaying peak values though, but > simple enough. > > -- > AngryWolf > [EMAIL PROTECTED] > > On Thursday 24 April 2008 20.10.40 Tobias Kirschstein wrote: > > unfortunately the network monitor build into superkaramba does not work > > for freebsd, os i want to write a widget which uses sysctl or any other > > tool if available got get this information. systat is not appropriate > > to be used because it does not terminate on its own as i see. > > nload should do the job ... Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD7 + pf + ipsec
Am Mittwoch, den 16.04.2008, 12:02 +0300 schrieb Roman Otsaljuk: > hi all. > i have two localnets linked over ipsec: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html > > network schema: > > 192.168.0.0/24 <---> [192.168.0.12=freebsd=2.2.2.2] <--inet--> > [1.1.1.1=freebsd1=10.31.0.5] <>10.31.0.5/26 > > on both points was 6.2, firewall - pf. > after updating to 7.0 vpn doesn't work: > 0) pings go normal > 0) tcp packets go too, but third packet with R flag: > from 192.168.0.12 try: ssh 10.31.0.42, on second console: > mail# tcpdump -ni gif0 > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on gif0, link-type NULL (BSD loopback), capture size 68 bytes > 10:49:43.912469 IP 192.168.0.12.63996 > 10.31.0.42.22: S > 1756351354:1756351354(0) win 65535 51087105 0> > 10:49:43.936245 IP 217.20.174.35 > 195.43.43.238: IP 10.31.0.42.22 > > 192.168.0.12.63996: S 4244314344:4244314344(0) ack 1756351355 win 65535 1460,[|tcp]> (ipip-proto-4) > 10:49:43.936360 IP 192.168.0.12.63996 > 10.31.0.42.22: R > 1318200353:1318200353(0) win 0 > > 0) adding the first rule (pass quick all) on both - without changes; > 0) downing pf: in localnet, in wich pf downed - all good. > > > any ideas? > > > p.s. the same if IPsec replaced by vpnd > sorry my bad English Freebsd 7.0 use the "new" ipsec implementation (IPSEC_FAST) so you need to allow ipencap protocol too.. Cheers Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
zfs list and non-root user
Hi all, is it normal that I can't do a 'zfs list' ( for example ) as non-root user ? $ zfs list internal error: failed to initialize ZFS library I think there is really a use case for use some zfs commands as non-root user.. Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ZFS-Pool is lost after reboot ( amd64 )
Am Donnerstag, den 10.04.2008, 22:50 +0200 schrieb Toni Schmidbauer: > At Thu, 10 Apr 2008 21:22:42 +0200, > Norman Maurer wrote: > > All is fine till I reboot. The pool is just disappearing :-/ > > have you tried to import the pool? > > zpool import x1 > > or just > > zpool import > > to list pools available to import. > > maybe the pool isn't imported on boot, which should not happen, but > who knows... > > zfs should remember the import/export status of the pool, so if the > pool is imported and you reboot, it should also get imported on the > subsequent boot. > > hth > toni Well thats not the case.. I think thats why it is called experimental ;-) If I run zpool import x1 it works. But as you say it should do it by its own. Maybe it whould be the best to open a bugreport ? Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ZFS-Pool is lost after reboot ( amd64 )
Am Donnerstag, den 10.04.2008, 20:07 + schrieb Christian Walther: > On 10/04/2008, Norman Maurer <[EMAIL PROTECTED]> wrote: > > Hi all, > > > [...] > > All is fine till I reboot. The pool is just disappearing :-/ > > Did you try to import the pool? > > # zpool import x1 hmm this works, but shouldn't it work with run import manually after reboot ? I just miss something ? Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ZFS-Pool is lost after reboot ( amd64 )
Hi all, we want to use ZFS ( raidz2 without spares ) for store big amount of data on it. It's just a mirror so we don't give at damn if zfs is experimental ;-) I created some pool with the command: # zpool create x1 raidz2 aacd0 aacd1 aacd2 aacd3 aacd4 aacd5 It shows up correctly: # zpool status pool: x1 state: ONLINE scrub: none requested config: NAMESTATE READ WRITE CKSUM x1 ONLINE 0 0 0 raidz2ONLINE 0 0 0 aacd0 ONLINE 0 0 0 aacd1 ONLINE 0 0 0 aacd2 ONLINE 0 0 0 aacd3 ONLINE 0 0 0 aacd4 ONLINE 0 0 0 aacd5 ONLINE 0 0 0 errors: No known data errors ]# zpool list NAMESIZEUSED AVAILCAP HEALTH ALTROOT x1 816G230K816G 0% ONLINE - All is fine till I reboot. The pool is just disappearing :-/ Here are the relevant config stuff: # grep "zfs" /etc/rc.conf zfs_enable="YES" # cat /boot/loader.conf geom_mirror_load="YES" zfs_load="YES" vm.kmem_size_max="512M" vm.kmem_size="512M" vfs.zfs.zil_disable=1 After reboot the module is loaded: # kldstat | grep zfs 21 0x80bc7000 f5a40zfs.ko But the pool is loast: # zpool list no pools available Some more infos about the system: # uname -v FreeBSD 7.0-RELEASE #0: Sun Feb 24 10:35:36 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/GENERIC Some parts of dmesg: WARNING: ZFS is considered to be an experimental feature in FreeBSD. Timecounters tick every 1.000 msec hptrr: no controller detected. aacd0: on aac0 aacd0: 139890MB (286494720 sectors) aacd1: on aac0 aacd1: 139890MB (286494720 sectors) aacd2: on aac0 aacd2: 139890MB (286494720 sectors) aacd3: on aac0 aacd3: 139890MB (286494720 sectors) aacd4: on aac0 aacd4: 139890MB (286494720 sectors) aacd5: on aac0 aacd5: 139890MB (286494720 sectors) aacd6: on aac0 aacd6: 139890MB (286494720 sectors) aacd7: on aac0 aacd7: 139890MB (286494720 sectors) ZFS filesystem version 6 ZFS storage pool version 6 GEOM_MIRROR: Device mirror/gm0 launched (2/2). SMP: AP CPU #3 Launched! SMP: AP CPU #2 Launched! SMP: AP CPU #1 Launched! SMP: AP CPU #4 Launched! SMP: AP CPU #6 Launched! SMP: AP CPU #7 Launched! Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: Temperature Monitoring on PowerEdge 1950
Am Donnerstag, den 03.04.2008, 13:28 -0500 schrieb Andy Christianson: > In response to "Andy Christianson" <[EMAIL PROTECTED]>: > > >We've been able to do this using IPMI. > > Thanks for the fast response. I have installed the ipmitool port, but I > have no /dev/ipmi. Do I have to manually load the driver? > You have to load the module. Add the following line to /boot/loader.conf: ipmi_load="YES" If you want to load the module without reboot use: kldload ipmi Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 7.0 and pf
Am Mittwoch, den 19.03.2008, 16:18 +0530 schrieb Girish Venkatachalam: > On 10:30:38 Mar 19, Norman Maurer wrote: > > > > btw, if i remove pf all works fine :-/ > > > > > Are you using any scrub rule? > > Comment those out and try. > > -Girish > I removed the "options IPSEC_FILTERTUNNEL" from kernel config, recompiled , installed kernel and all seems to work fine again .. Strange... bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 7.0 and pf
Am Mittwoch, den 19.03.2008, 09:40 +0100 schrieb Norman Maurer: > Am Mittwoch, den 19.03.2008, 14:04 +0530 schrieb Girish Venkatachalam: > > On 07:56:48 Mar 19, Norman Maurer wrote: > > > Hi all, > > > > > > im using freebsd 7.0 + gif interfaces + racoon + pf to filter stuff on > > > my box. After upgrading to freebsd 7.0 I see some strange behavior. I > > > see packets get dropped because of bad hdr length. The problems only > > > seems to happen on traffic between the local nets and nets routed via > > > ipsec. Here is a tcpdump snipped: > > > > > > block in on em5: 192.168.175.4.1107 > 192.168.116.6.22: tcp 544 [bad > > > hdr length 12 - too short, < 20] > > > > > > gif interface: > > > gif5: flags=8051 metric 0 mtu 1402 > > > tunnel inet 213.157.17.67 --> 213.23.198.131 > > > inet 192.168.116.1 --> 192.168.175.1 netmask 0xff00 > > > > > > > > > Any help is welcome. > > > > A TCP header can never be less than 20 bytes. > > > > And 12 is odd since all headers are a multiple of 4 bytes (word > > boundary). > > > > Check your MTU of the PPPoE/PPPoA/Ethernet/WiFi or whatever datalink > > layer. I bet there is a problem there. > > > > Best, > > Girish > > > Maybe the problem is the mtu of the gif interface ( 1402 ) ? > I have a 4 mbit broadband connection ( no dsl ). > > bye > Norman btw, if i remove pf all works fine :-/ Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 7.0 and pf
Am Mittwoch, den 19.03.2008, 14:04 +0530 schrieb Girish Venkatachalam: > On 07:56:48 Mar 19, Norman Maurer wrote: > > Hi all, > > > > im using freebsd 7.0 + gif interfaces + racoon + pf to filter stuff on > > my box. After upgrading to freebsd 7.0 I see some strange behavior. I > > see packets get dropped because of bad hdr length. The problems only > > seems to happen on traffic between the local nets and nets routed via > > ipsec. Here is a tcpdump snipped: > > > > block in on em5: 192.168.175.4.1107 > 192.168.116.6.22: tcp 544 [bad > > hdr length 12 - too short, < 20] > > > > gif interface: > > gif5: flags=8051 metric 0 mtu 1402 > > tunnel inet 213.157.17.67 --> 213.23.198.131 > > inet 192.168.116.1 --> 192.168.175.1 netmask 0xff00 > > > > > > Any help is welcome. > > A TCP header can never be less than 20 bytes. > > And 12 is odd since all headers are a multiple of 4 bytes (word > boundary). > > Check your MTU of the PPPoE/PPPoA/Ethernet/WiFi or whatever datalink > layer. I bet there is a problem there. > > Best, > Girish > Maybe the problem is the mtu of the gif interface ( 1402 ) ? I have a 4 mbit broadband connection ( no dsl ). bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 7.0 and pf
Hi all, im using freebsd 7.0 + gif interfaces + racoon + pf to filter stuff on my box. After upgrading to freebsd 7.0 I see some strange behavior. I see packets get dropped because of bad hdr length. The problems only seems to happen on traffic between the local nets and nets routed via ipsec. Here is a tcpdump snipped: block in on em5: 192.168.175.4.1107 > 192.168.116.6.22: tcp 544 [bad hdr length 12 - too short, < 20] gif interface: gif5: flags=8051 metric 0 mtu 1402 tunnel inet 213.157.17.67 --> 213.23.198.131 inet 192.168.116.1 --> 192.168.175.1 netmask 0xff00 Any help is welcome. Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pf.conf -> diagramm
Am Mittwoch, den 12.03.2008, 10:41 +0100 schrieb Arek Czereszewski: > Norman Maurer pisze: > > Hi all, > > > > anyone knows some tool to generate some diagramm from a pf.conf ? > > > > I whould like to generate some diagramm from my pf.conf every day to add > > to the docs.. > > > You can use pfstat > > Port: pfstat-2.2_3 > Path: /usr/ports/sysutils/pfstat > Info: Utility to render graphical statistics for pf > > Regards > Arek Hi I need something which displays me the rules in a diagramm :-/ Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
pf.conf -> diagramm
Hi all, anyone knows some tool to generate some diagramm from a pf.conf ? I whould like to generate some diagramm from my pf.conf every day to add to the docs.. Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: kernel error when upgrading to 7.0
Hi, you have to exec "make installworld" before exec "make installkernel" .. bye Norman Am Montag, den 10.03.2008, 21:11 -0400 schrieb Dave: > Hello, > I've got a 6.2 or 3 box that i'm wanting to update to 7.0. I've cvsupped > my source, made world, and built a kernel, all went successfully. This is > the GENERIC kernel. When i do a make installkernel i am getting the error > > kldxref: file isn't dynamically linked > > Is this a show stopping error/ if so is there a workaround? > Thanks. > Dave. > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: strange issue with carp interface aliases
Am Freitag, den 07.03.2008, 18:45 +0100 schrieb Wouter de Jong: > Hi, > > We have 2 FreeBSD machines running as a firewall in a CARP+pf+pfsync setup. > Worked great, however . today I noticed something weird. > > I had to reboot the master machine, and when it came back ... > one of the CARP addresses no longer worked. > > Looking in the logs, I got carp4: incorrect hash > > And looking at the carp interface both machines were running MASTER for > this interface. > > Looking closer, I noticed my primary machine had this configuration : > > carp4: flags=49 metric 0 mtu 1500 > inet 213.206.xx.62 netmask 0xfff0 > inet 213.206.xx.49 netmask 0xfff0 > carp: MASTER vhid 4 advbase 1 advskew 100 > > and my secondary : > > carp4: flags=49 metric 0 mtu 1500 > inet 213.206.xx.49 netmask 0xfff0 > inet 213.206.xx.62 netmask 0xfff0 > carp: MASTER vhid 4 advbase 1 advskew 100 > > It swapped the carp alias alias (213.206.xx.62) to be the first address on > the interface. > This was the only interface it happened. > > The config : > > primary: > ## > defaultrouter="213.206.yy.193" > hostname="fw01.xxx.yyy" > > cloned_interfaces="carp0 carp1 carp2 carp3 carp4 carp5 carp6 carp7 carp8 > carp9 carp10 carp11 carp12 carp13 carp14 carp15 carp16 carp17 carp18 carp19 > carp20 carp21 carp22 carp23 carp24 carp25 carp26 carp27 carp28" > > ifconfig_bge0="inet 213.206.yy.194 netmask 255.255.255.240" > ifconfig_bge1="inet 213.206.xx.2 netmask 255.255.255.240" > ifconfig_bge1_alias0="inet 213.206.xx.18 netmask 255.255.255.240" > ifconfig_bge1_alias1="inet 213.206.xx.34 netmask 255.255.255.240" > ifconfig_bge1_alias2="inet 213.206.xx.50 netmask 255.255.255.240" > ifconfig_bge1_alias3="inet 213.206.xx.66 netmask 255.255.255.240" > ifconfig_bge1_alias4="inet 213.206.xx.82 netmask 255.255.255.240" > > ifconfig_carp0="vhid 255 pass blubVIP0255 213.206.yy.206/28" > ifconfig_carp1="vhid 1 pass blubVIP0001 213.206.xx.1/28" > ifconfig_carp2="vhid 2 pass blubVIP0002 213.206.xx.17/28" > ifconfig_carp2_alias0="vhid 2 pass blubVIP0002 213.206.xx.30/28" > ifconfig_carp3="vhid 3 pass blubVIP0003 213.206.xx.33/28" > ifconfig_carp4="vhid 4 pass blubVIP0004 213.206.xx.49/28" > ifconfig_carp4_alias0="vhid 4 pass blubVIP0004 213.206.xx.62/28" > ifconfig_carp5="vhid 5 pass blubVIP0005 213.206.xx.65/28" > ifconfig_carp6="vhid 6 pass blubVIP0006 213.206.xx.81/28" > ## > > secondary: > ## > defaultrouter="213.206.yy.193" > hostname="fw02.xxx.yyy" > > cloned_interfaces="carp0 carp1 carp2 carp3 carp4 carp5 carp6 carp7 carp8 > carp9 carp10 carp11 carp12 carp13 carp14 carp15 carp16 carp17 carp18 carp19 > carp20 carp21 carp22 carp23 carp24 carp25 carp26 carp27 carp28" > > ifconfig_bge0="inet 213.206.yy.195 netmask 255.255.255.240" > ifconfig_bge1="inet 213.206.xx.3 netmask 255.255.255.240" > ifconfig_bge1_alias0="inet 213.206.xx.19 netmask 255.255.255.240" > ifconfig_bge1_alias1="inet 213.206.xx.35 netmask 255.255.255.240" > ifconfig_bge1_alias2="inet 213.206.xx.51 netmask 255.255.255.240" > ifconfig_bge1_alias3="inet 213.206.xx.67 netmask 255.255.255.240" > ifconfig_bge1_alias4="inet 213.206.xx.83 netmask 255.255.255.240" > > ifconfig_carp0="vhid 255 advskew 100 pass blubVIP0255 213.206.yy.206/28" > ifconfig_carp1="vhid 1 advskew 100 pass blubVIP0001 213.206.xx.1/28" > ifconfig_carp2="vhid 2 advskew 100 pass blubVIP0002 213.206.xx.17/28" > ifconfig_carp2_alias0="vhid 2 advskew 100 pass blubVIP0002 213.206.xx.30/28" > ifconfig_carp3="vhid 3 advskew 100 pass blubVIP0003 213.206.xx.33/28" > ifconfig_carp4="vhid 4 advskew 100 pass blubVIP0004 213.206.xx.49/28" > ifconfig_carp4_alias0="vhid 4 advskew 100 pass blubVIP0004 213.206.xx.62/28" > ifconfig_carp5="vhid 5 advskew 100 pass blubVIP0005 213.206.xx.65/28" > ifconfig_carp6="vhid 6 advskew 100 pass blubVIP0006 213.206.xx.81/28" > ## > > After rebooting the secondary, it still gave me incorrect hash. > But, it gave me the same thing on carp2 now. ... however, here the secondary > had the carp2_alias0 listed as first, > where as the primary had the carp2 as first, and the carp2_alias0 as second > address. > > How can this ever happen ? > > Now I'm redundant but I must pray that the addresses will come up in > the same order. > > Never had this issue on FreeBSD 6.x(p*)-RELEASE, but now I'm running FreeBSD > 7.0-RELEASE. > > Help ! :) > > > Kind regards, > > Wouter de Jong > The Netherlands Same happend to me :-/ But with 6.3-p* and 7.0 ... No idea yet. Any help is welcome :-) Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Is there a Relay proxy port can do this?
Hi, maybe mod_proxy can help you ( apache module ) or rinetd. Cheers Norman Am Dienstag, den 04.03.2008, 01:49 -0800 schrieb Abdullah Ibn Hamad Al-Marri: > Hello Network Gurus, > > I have Adobe Flex 2 application which hosts the flash applet on apache 2.2.8, > then flash applet will connect to port 28001 but users who are behind > firewalls and proxies which only allow connections to port 80. > > So I need a daemon to work around this problem and allow these users to > connect to my application. > > Is there a port can do this? > > > Regards, > > -Abdullah Ibn Hamad Al-Marri > Arab Portal > http://www.WeArab.Net/ > > > > > > > > Never miss a thing. Make Yahoo your home page. > http://www.yahoo.com/r/hs > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Kernel compilation error for 7.0 ( with IPSEC )
Be sure to have this stuff in kernel config file: options IPSEC options IPSEC_FILTERTUNNEL device crypto Cheers Norman Am Montag, den 03.03.2008, 15:15 +0300 schrieb Leonid Satanovsky: > Hi, people! > I've just "CvsUP"ed the "src-all" collection for "RELENG_7_0" > [This is a 7.0-RELEASE, as I understand, am I correct? ] > > trying to compile the source with IPSEC reselts in the following: > --- > <...> > > xform_ipcomp.o(.text+0xcac):/usr/src/sys/netipsec/xform_ipcomp.c:570: > undefined reference to `M_XDATA' > xform_ipcomp.o(.text+0xcbc):/usr/src/sys/netipsec/xform_ipcomp.c:571: > undefined reference to `crypto_freereq' > xform_ipcomp.o(.text+0xda6):/usr/src/sys/netipsec/xform_ipcomp.c:584: > undefined reference to `M_XDATA' > xform_ipcomp.o(.text+0xdb6):/usr/src/sys/netipsec/xform_ipcomp.c:585: > undefined reference to `crypto_freereq' > *** Error code 1 > > Stop in /usr/obj/usr/src/sys/TKLGW_7. > *** Error code 1 > > Stop in /usr/src. > *** Error code 1 > > Stop in /usr/src. > > -- > The question: what may be wrong with that? > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Using ZFS on FreeBSD 7.0
Am Donnerstag, den 28.02.2008, 07:52 +0100 schrieb Wojciech Puchar: > > On Wed, Feb 27, 2008 at 4:13 PM, Wojciech Puchar > > <[EMAIL PROTECTED]> wrote: > >>> will replace all other FS's -ya all others!!! > >> how sure you are? > > I would second this. Just as a "fun" test, setup a test machine with > > hotswap drives in a RAID 10 zfspool. Add a hot spare for good > > ZFS looks for me like windows - it solves some problems (2/3 of them > imaginary) creating more others. UFS was just too good :) > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ZFS kicks ass but I whould stay with solaris for using it under production... bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: CARP and FreeBSD 6.3
Am Donnerstag, den 24.01.2008, 22:45 -0800 schrieb shinny knight: > Rakhesh Sasidharan <[EMAIL PROTECTED]> wrote: > > Hi, > > > > I have two machines. Each have two interfaces, xl0 and fxp0. And each have > > two carp interfaces -- carp1 (xl0 of both) and carp2 (fxp0 of both). One of > > the machines is master, the other is backup. > > > > I also have the following sysctl set: net.inet.carp.preempt -> 1 > > > > My understanding is that if I down one of the interfaces on the master > > machine (say ''ifconfig xl0 down''), then both carp interfaces on the > > master > > will be marked as down. And the backup will become the new master. Later, > > when the interface is marked up (''ifconfig xl0 up''), the old master will > > resume control. This is my understanding and that's how things were till > > yesterday (when I was on FreeBSD 6.2/i386 with both machines). > > > > Today morning I upgraded both machines to FreeBSD 6.3 and that does not > > seem > > to be the case any more. > > > > Now, on the master machine when I down the xl0 interface, only carp1 (the > > group containing xl0) goes into init state (and the other machine's carp1 > > interface becomes the new master). Ditto for fxp0 and carp2. So in essence, > > the net.inet.carp.preempt=1 sysctl does not seem to be working as expected > > which is unlike how things were in FreeBSD 6.2. > > > > Has something changed with regards to carp between FreeBSD 6.2 and 6.3? Any > > one else encountering a similar problem? > > I happened to reboot the machines now while sitting at the console. And I > noticed that the master machine emits an error like ''carp2: incorrect > hash'' while booting up. Checking the console logs showed me that the > errors have been appearing ever since I upgraded the machine. Most of the > times it was to do with carp2, once it was to do with carp1. > > Here's the relevant bits of my rc.conf file from the master machine. > > ---8<-- > ifconfig_fxp0="inet 192.168.10.10 netmask 255.255.255.0 polling" > ifconfig_fxp0_alias0="inet 192.168.10.11 netmask 255.255.255.255" > > ifconfig_xl0="inet 192.168.20.20 netmask 255.255.255.0 polling" > > cloned_interfaces="carp1 carp2" > ifconfig_carp1="vhid 1 pass password advskew 0 192.168.10.2 netmask > 255.255.255.0" > ifconfig_carp2_alias0="vhid 2 pass password advskew 0 192.168.20.1 netmask > 255.255.255.0" > ifconfig_carp2_alias1="vhid 2 pass password advskew 0 192.168.20.2 netmask > 255.255.255.0" > ---8<-- > > Its the same on the backup machine, except for the different IPs for fxp0 > and xl0. > > Thanks, > Rakhesh > > --- > http://rakhesh.net/ > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > Hello Rakhesh, > > I never had hash errors on startup for CARP, but for demote, promote you > should try /usr/ports/net/ifstated. It's working fine for me. > > > > Best Regards, > Catalin Any news on this ? I see the same problem on our freebsd + pf + carp installation... Cheers, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 32 bit and 64 bit freebsd binary compatiblty
Am Montag, den 18.02.2008, 20:42 +0530 schrieb navneet Upadhyay: > it and 64 bit RHEL. > > We are porting the product to FreeBSD and when we tried the same, > i.erunning binaries compiled on 32 bit FreeBSD > 6.2 on 64 bit FreeBSD system they produce *core dump.* > > > Any known reasons, do we have to compile binaries on 64 bit machine. > > Thanks, Do you have the lib32's installed ? bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: LDAP user authentication?
Am Freitag, den 15.02.2008, 09:45 +0700 schrieb Olivier Nicole: > Hi, > > > >I have googled for a very long time, but I haven't found any useful > > > howto on this issue. Well, there is > > > > > http://www.cultdeadsheep.org/FreeBSD/docs/Quick_and_dirty_FreeBSD_5_x_and_nss_ldap_mini-HOWTO.html > > > but that seems to be a bit confusing an not up-to-date. I guess it > > > _should_ be possible - and indeed very useful (especially combinde > > > with Samba PDC and an easily maintainlable mail server). So please, if > > I read through the link you gave. My first impression is: > > - pam-ldap is used for authentication: allow the user to login to the > machine > > - nss-ldap is used by the system when it needs to resolve things like > gid<->group name, user home directory, etc. > > I will give it a try soon. > > Though I am looking one step ahead, how to allow a user to > authenticate to this machine and not that machine, using the same ldap > directory. > > Bests, > > Olivier > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" You can use the pam_filter option for this.. bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 6.3 racoon cpu 99,9% after some time workin
Am Dienstag, den 29.01.2008, 10:24 +0100 schrieb Norman Maurer: > Am Dienstag, den 29.01.2008, 00:04 -0800 schrieb Christopher Cowart: > > On Tue, Jan 29, 2008 at 08:46:18AM +0100, Norman Maurer wrote: > > > I have some strange problem.. After racoon works some hours it seems to > > > "freeze" and get a cpu usage of 99,9%. The vpns don't work anymore too.. > > > Any idea ? > > > > By any chance do you have a large number of tunnels? We went so far as > > to write a daemon to watch racoon and restart it automatically. We > > finally ended up bumping up buffer sizes in the ipsec-tools sources and > > sysctl. > > > > See this thread from -net: > > http://lists.freebsd.org/pipermail/freebsd-net/2007-August/015046.html > > > > We have about 15 tunnels.. Can you please show me the changes you did > ( maybe a diff ) and the shell script ? > > Thx > Norman btw, can you show me your relevant sysctl settings ? sysctl -a net.key Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD 6.3 racoon cpu 99,9% after some time workin
Am Dienstag, den 29.01.2008, 00:04 -0800 schrieb Christopher Cowart: > On Tue, Jan 29, 2008 at 08:46:18AM +0100, Norman Maurer wrote: > > I have some strange problem.. After racoon works some hours it seems to > > "freeze" and get a cpu usage of 99,9%. The vpns don't work anymore too.. > > Any idea ? > > By any chance do you have a large number of tunnels? We went so far as > to write a daemon to watch racoon and restart it automatically. We > finally ended up bumping up buffer sizes in the ipsec-tools sources and > sysctl. > > See this thread from -net: > http://lists.freebsd.org/pipermail/freebsd-net/2007-August/015046.html > We have about 15 tunnels.. Can you please show me the changes you did ( maybe a diff ) and the shell script ? Thx Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 6.3 racoon cpu 99,9% after some time workin
Hi all, I have some strange problem.. After racoon works some hours it seems to "freeze" and get a cpu usage of 99,9%. The vpns don't work anymore too.. Any idea ? bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: passive ftp transfer with pkg_add
Am Montag, den 28.01.2008, 07:19 +0100 schrieb Zbigniew Szalbot: > Hello, > > I have been trying to install KDE by using pkg_add -r kde but the > download is always failing. Reading man pkg_add I see a reference to > change the FTP mode to passive if the download constantly fails. > However, man does not say which file should be edited to change it. I > tried pkgtools.conf but I have not found anything about FTP transfer > mode in there. > > Can you advise which file needs to be edited? > > Also: > > "Note: If you wish to use passive mode ftp in such transfers, set the > variable FTP_PASSIVE_MODE to some value in your environment." > > What value should be set for FTP_PASSIVE_MODE? Any value? > > Many thanks! > > Zbigniew Szalbot Yes just do something like that: # export FTP_PASSIVE_MODE=true bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dell 1950 hangs on reboot
Am Freitag, den 25.01.2008, 14:53 +0200 schrieb Link: > Hi all. > I have problem described in > http://lists.freebsd.org/pipermail/freebsd-stable/2006-October/029108.html > I`ve been googling for about 2 days, but i did not found any fix of this > problem. > I have freeBSD-6.2-p10 and dell 1950. > As described it hangs on reboot. But not every time. > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" Maybe upgrade the raid firmware ? Cheers Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: VM Options
Am Mittwoch, den 23.01.2008, 13:11 -0600 schrieb Jack Barnett: > Are there any good VM Options for FreeBSD? > > There is VMWare in ports; which I really like - but it's a few years old > and still stuck on version 3 the last time I tried it. > > Are there any other options available? If you just want to run other FreeBSD's I whould try jail ( man jail ). It's covered in the handbook too.. Cheer, Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dell PowerEdge 1900
We use a Poweredge 1950... works without probs.. bye Norman Am Freitag, den 18.01.2008, 01:43 -0800 schrieb Doug Hardie: > Has anyone used the 1900 with FreeBSD? The NIC is listed as a IntelĀ® > PRO 1000PT Dual Port Server Adapter. I didn't find any reference to > that device in the 6.3 hardware > information.___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: some help please
Hi, please reread the handbook I think all you need is explained there in detail bye Norman Am Mittwoch, den 16.01.2008, 09:46 +0200 schrieb Moazzar Battah: > Dear Sir, > > I need some help , I am a new user for Linux and freebsd so I need your help > I need to know how to install the freebsd in the best way and how I can > install the ports like gnome and openmail interface ? also I will be > thankful if you send me the commands and what every command mean and how I > can use it ? > > I already get in the directory /usr/ports/gnome2 & /usr/ports/www and make > install and its start downloading but nothing happened after that > installation done ??? > > I also need to now how to configure the hostname and ip addresses like local > ip and fixed ip to trait the local lan and I real lan in the same way.. > > Thank u very much > > > > - > > Regards, > > Moazzer Battah > > IT Support > > Medical Supply & Services. > > Fax: 02-2959375 > > Tel : 02-2959372/1 > > Jawwal : 0598-919658 > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
RE: newest security patch and custom kernel
Well it depends ... If you know it only change the version string i whould say no on a production server. bye Norman Am Dienstag, den 15.01.2008, 16:57 + schrieb John Clement: > > The -p10 includes no kernel updates so restarting is not neccesarry. > > Would it not be advisable to reboot after installing a new kernel > anyway, to make sure it restarts ok... better that than finding out it > doesn't boot next time to reboot... > > > > bye > > Norman > > > > Am Dienstag, den 15.01.2008, 08:52 +0100 schrieb zbigniew szalbot: > > > Hello again, > > > > > > Norman Maurer pisze: > > > > It should be enough to just building and installing the kernel. > The > > > > freebsd-update should have patched the kernel src files anyway. > > > > > > > Thank you for very helpful advice. One last question, is it > necessary > > > to restart the machine? Or can I keep it online after building and > > > installing the kernel? I don't care about uname -a details not being > > > updated unless the machine needs restarting to include the updates. > > > > > > Thank you! > > > > > > Zbigniew Szalbot > > > > bye > > > > Norman > > > > > > > > > > > > Am Dienstag, den 15.01.2008, 07:24 +0100 schrieb zbigniew szalbot: > > > > > Hello, > > > > > > > > > > > > > > > Norman Maurer pisze: > > > > > > Hi, > > > > > > > > > > > > the /usr/src/sys* stuff should be patched anyway. But you need > > to build > > > > > > your kernel again and install it to reflect the changes. Even > > if i think > > > > > > it only update the -p10 label in the case of -p10 patch set. > > > > > > > > > > > OK. So this page applies to me now? > > > > > http://www.freebsd.org/doc/en_US.ISO8859- > > 1/books/handbook/kernelconfig-building.html > > > > > > > > > >1. > > > > > > > > > > Change to the /usr/src directory: > > > > > > > > > > # cd /usr/src > > > > > > > > > > > > > > >2. > > > > > > > > > > Compile the kernel: > > > > > > > > > > # make buildkernel KERNCONF=/MYKERNEL/ > > > > > > > > > > > > > > >3. > > > > > > > > > > Install the new kernel: > > > > > > > > > > # make installkernel KERNCONF=/MYKERNEL/ > > > > > > > > > > > > > > > *Note:* It is required to have full FreeBSD source tree to > > build the > > > > > kernel. > > > > > > > > > > > > > > > I am interested if I need to download latest FBSD sources then? > I > > have > > > > > not touched them since I built a custom kernel. > > > > > > > > > > Thank you! > > > > > > > > > > Zbigniew Szalbot > > > > > > > > > > > cheers > > > > > > Norman > > > > > > > > > > > > > > > > > > Am Dienstag, den 15.01.2008, 07:03 +0100 schrieb zbigniew > > szalbot: > > > > > > > Hello, > > > > > > > > > > > > > > Using freebsd-update I applied the latest security patches > > which were > > > > > > > announced yesterday. However, I then notice this message: > > > > > > > > > > > > > > The following files will be updated as part of updating to > > 6.2-RELEASE-p10: > > > > > > > /boot/GENERIC/kernel > > > > > > > > > > > > > > My question is whether my update missed the point because I > > have a > > > > > > > custom kernel? If so, do I need to apply it manually as > > described in the > > > > > > > security advisory? If I still want to go down the binary > > road, how can I > > > > > > > make sure my custom kernel gets patched, too? > > > > > > > > > > > > > > Thank you very much! > > > > > > > > > > > > > > Zbigniew Szalbot > > > > > > > ___ > > > > > > > freebsd-questions@freebsd.org mailing list > > > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > > > > > To unsubscribe, send any mail to "freebsd-questions- > > [EMAIL PROTECTED]" > > > > > > > > > > > > > > > > > > > > > > > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "freebsd-questions- > > [EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: newest security patch and custom kernel
The -p10 includes no kernel updates so restarting is not neccesarry. bye Norman Am Dienstag, den 15.01.2008, 08:52 +0100 schrieb zbigniew szalbot: > Hello again, > > Norman Maurer pisze: > > It should be enough to just building and installing the kernel. The > > freebsd-update should have patched the kernel src files anyway. > > > Thank you for very helpful advice. One last question, is it necessary > to restart the machine? Or can I keep it online after building and > installing the kernel? I don't care about uname -a details not being > updated unless the machine needs restarting to include the updates. > > Thank you! > > Zbigniew Szalbot > > bye > > Norman > > > > > > Am Dienstag, den 15.01.2008, 07:24 +0100 schrieb zbigniew szalbot: > > > Hello, > > > > > > > > > Norman Maurer pisze: > > > > Hi, > > > > > > > > the /usr/src/sys* stuff should be patched anyway. But you need to build > > > > your kernel again and install it to reflect the changes. Even if i think > > > > it only update the -p10 label in the case of -p10 patch set. > > > > > > > OK. So this page applies to me now? > > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html > > > > > >1. > > > > > > Change to the /usr/src directory: > > > > > > # cd /usr/src > > > > > > > > >2. > > > > > > Compile the kernel: > > > > > > # make buildkernel KERNCONF=/MYKERNEL/ > > > > > > > > >3. > > > > > > Install the new kernel: > > > > > > # make installkernel KERNCONF=/MYKERNEL/ > > > > > > > > > *Note:* It is required to have full FreeBSD source tree to build the > > > kernel. > > > > > > > > > I am interested if I need to download latest FBSD sources then? I have > > > not touched them since I built a custom kernel. > > > > > > Thank you! > > > > > > Zbigniew Szalbot > > > > > > > cheers > > > > Norman > > > > > > > > > > > > Am Dienstag, den 15.01.2008, 07:03 +0100 schrieb zbigniew szalbot: > > > > > Hello, > > > > > > > > > > Using freebsd-update I applied the latest security patches which were > > > > > announced yesterday. However, I then notice this message: > > > > > > > > > > The following files will be updated as part of updating to > > > > > 6.2-RELEASE-p10: > > > > > /boot/GENERIC/kernel > > > > > > > > > > My question is whether my update missed the point because I have a > > > > > custom kernel? If so, do I need to apply it manually as described in > > > > > the > > > > > security advisory? If I still want to go down the binary road, how > > > > > can I > > > > > make sure my custom kernel gets patched, too? > > > > > > > > > > Thank you very much! > > > > > > > > > > Zbigniew Szalbot > > > > > ___ > > > > > freebsd-questions@freebsd.org mailing list > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > > > > > > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: newest security patch and custom kernel
It should be enough to just building and installing the kernel. The freebsd-update should have patched the kernel src files anyway. bye Norman Am Dienstag, den 15.01.2008, 07:24 +0100 schrieb zbigniew szalbot: > Hello, > > > Norman Maurer pisze: > > Hi, > > > > the /usr/src/sys* stuff should be patched anyway. But you need to build > > your kernel again and install it to reflect the changes. Even if i think > > it only update the -p10 label in the case of -p10 patch set. > > > OK. So this page applies to me now? > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/kernelconfig-building.html > >1. > > Change to the /usr/src directory: > > # cd /usr/src > > >2. > > Compile the kernel: > > # make buildkernel KERNCONF=/MYKERNEL/ > > >3. > > Install the new kernel: > > # make installkernel KERNCONF=/MYKERNEL/ > > > *Note:* It is required to have full FreeBSD source tree to build the > kernel. > > > I am interested if I need to download latest FBSD sources then? I have > not touched them since I built a custom kernel. > > Thank you! > > Zbigniew Szalbot > > > cheers > > Norman > > > > > > Am Dienstag, den 15.01.2008, 07:03 +0100 schrieb zbigniew szalbot: > > > Hello, > > > > > > Using freebsd-update I applied the latest security patches which were > > > announced yesterday. However, I then notice this message: > > > > > > The following files will be updated as part of updating to > > > 6.2-RELEASE-p10: > > > /boot/GENERIC/kernel > > > > > > My question is whether my update missed the point because I have a > > > custom kernel? If so, do I need to apply it manually as described in the > > > security advisory? If I still want to go down the binary road, how can I > > > make sure my custom kernel gets patched, too? > > > > > > Thank you very much! > > > > > > Zbigniew Szalbot > > > ___ > > > freebsd-questions@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > > > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: newest security patch and custom kernel
Hi, the /usr/src/sys* stuff should be patched anyway. But you need to build your kernel again and install it to reflect the changes. Even if i think it only update the -p10 label in the case of -p10 patch set. cheers Norman Am Dienstag, den 15.01.2008, 07:03 +0100 schrieb zbigniew szalbot: > Hello, > > Using freebsd-update I applied the latest security patches which were > announced yesterday. However, I then notice this message: > > The following files will be updated as part of updating to 6.2-RELEASE-p10: > /boot/GENERIC/kernel > > My question is whether my update missed the point because I have a > custom kernel? If so, do I need to apply it manually as described in the > security advisory? If I still want to go down the binary road, how can I > make sure my custom kernel gets patched, too? > > Thank you very much! > > Zbigniew Szalbot > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Network monitoring program.
trafshow ... bye Norman Am Donnerstag, den 10.01.2008, 09:47 -0600 schrieb Eric Crist: > tcpdump and pump that through ethereal? > > > On Jan 10, 2008, at 9:14 AM, Darryl Hoar wrote: > > > Greetings, > > I need to monitor the network traffic from specific IP addresses. > > I need to be able to deduce the applications that are running > > that are generating the traffic. > > > > What software in the ports collection will allow me to do this ? > > > > thanks, > > Darryl > > ___ > > freebsd-questions@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to "[EMAIL PROTECTED] > > " > > - > Eric F Crist > Secure Computing Networks > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: dell Power Edge 2950
Am Mittwoch, den 09.01.2008, 11:24 -0500 schrieb Brian A. Seklecki: > On Thu, 27 Dec 2007, Olivier Nicole wrote: > > > Hello, > > > > This is just to confirm that Dell Power Edge 2950, with Quad Core Xeon > > E5420 is OK with FreeBSD 6.2/6.3. > > Make sure that you get a Revision 2 (R2). We had some serious stability > issues with two R1s. Yay for beta testing $6k servers. > > You'll want to read the entire thread about mfi(4) and bce(4) instability > on RELENG_6. Someone just reported a geometry size reporting error with > the new PERC/6 that Dell is pushing, so stick with PERC/5. > > My personal recommendation is to use em(4) and disable onboard Broadcom > and forget that Dell ever started shipping Broadcom. > > ~BAS We using 6.2-p9 on two Dell Power Edge 2950 without problems yet. bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ipsec with dynamic ip clients
Hi all, im using ipsec-tools + gif interfaces for connection some diffrent offices via ipsec. This works perfectly! Now I want to setup some config which allow some people to connection via ipsec client to this ipsec router. They have a dynamic ip so I think a certificate is the way to go. But im not sure how i need to setup the gif interface because the ip address will change probally. So any idea ? I couldn't find any docu :-/ bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PF and fitering statefull on GIF interface
Hi all, im using FreeBSD 6.2-p9 on my server which acts as IPSec router using ipsec-tools. This works fine... But now i need to filter traffic which comes from the local private network to the vpn private network. I tried todo this with pf and using keep state. The return packets just get dropped. So I reread the gif manpage and read about the IPSEC_FILTERGIF option. I rebuilded the kernel with the option and tried it again. No luck! So I suspect this option is only valid for ipfw and ipf ? Any idea how i can use pf + ipsec ( over gif interface ) to filter the needed stuff. This for example not work: LOCAL_NET = 10.0.0.0/24 VPN_REMOTE_NET = 192.168.10.0/28 pass proto tcp from $LOCAL_NET to $VPN_REMOTE_NET port 22 flags S/SA keep state This works: LOCAL_NET = 10.0.0.0/24 VPN_REMOTE_NET = 192.168.10.0/28 pass proto tcp from $LOCAL_NET to $VPN_REMOTE_NET port 22 pass proto tcp from $VPN_REMOTE_NET port 22 to $LOCAL_NET Thx for the help bye Norman ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"