rsync connection to Windows 2008 Server
I have run into a problem that I cannot find the answer to using Google and I am hoping someone has seen this before. I am connecting to a Windows 2008 server running cwRsync as a daemon. One of my six sites will not connect to the server. No error messages are seen in the cwRsync log file or the Event Viewer on the Windows 2008 computer. My network configuration is as follows. STL --WAN-- Firewall --IPsec Tunnel -- 192.168.100.56. On the remote computer, using the following command line, and I receive the following messages. rsync -avz /home 192.168.100.56::Homes rsync: read error: Connection reset by peer (54) rsync error: error in rsync protocol data stream (code 12) at io.c(604) [sender=2.6.9] Looking at tcpdump, I think the connection is started, but the computer on my end is not responding after a certain time. 12:00:17.817759 IP (tos 0x0, ttl 64, id 64973, offset 0, flags [DF], proto: TCP (6), length: 64) N-ST-LOUIS.65460 192.168.100.56.rsync: S, cksum 0x9834 (correct), 1279331061:1279331061(0) win 65535 mss 1460,nop,wscale 1,nop,nop,timestamp 486332914 0,sackOK,eol 12:00:17.817891 IP (tos 0x0, ttl 64, id 64973, offset 0, flags [DF], proto: TCP (6), length: 64) N-ST-LOUIS.65460 192.168.100.56.rsync: S, cksum 0x9834 (correct), 1279331061:1279331061(0) win 65535 mss 1460,nop,wscale 1,nop,nop,timestamp 486332914 0,sackOK,eol 12:00:17.871976 IP (tos 0x0, ttl 63, id 11982, offset 0, flags [none], proto: TCP (6), length: 52) 192.168.100.56.rsync N-ST-LOUIS.65460: S, cksum 0xb379 (correct), 992395985:992395985(0) ack 1279331062 win 5640 mss 1380,nop,nop,sackOK,nop,wscale 0 12:00:17.872064 IP (tos 0x0, ttl 64, id 64974, offset 0, flags [DF], proto: TCP (6), length: 40) N-ST-LOUIS.65460 192.168.100.56.rsync: ., cksum 0x889c (correct), 1:1(0) ack 1 win 33120 12:00:17.872233 IP (tos 0x0, ttl 64, id 64974, offset 0, flags [DF], proto: TCP (6), length: 40) N-ST-LOUIS.65460 192.168.100.56.rsync: ., cksum 0x889c (correct), 1:1(0) ack 1 win 33120 12:00:17.872280 IP (tos 0x0, ttl 64, id 64975, offset 0, flags [DF], proto: TCP (6), length: 52) N-ST-LOUIS.65460 192.168.100.56.rsync: P, cksum 0x0923 (correct), 1:13(12) ack 1 win 33120 12:00:17.872349 IP (tos 0x0, ttl 64, id 64975, offset 0, flags [DF], proto: TCP (6), length: 52) N-ST-LOUIS.65460 192.168.100.56.rsync: P, cksum 0x0923 (correct), 1:13(12) ack 1 win 33120 12:00:17.872592 IP (tos 0x0, ttl 63, id 11984, offset 0, flags [none], proto: TCP (6), length: 40) 192.168.100.56.rsync N-ST-LOUIS.65460: ., cksum 0x0f00 (correct), 1:1(0) ack 13 win 64240 12:00:38.882477 IP (tos 0x0, ttl 63, id 12123, offset 0, flags [none], proto: TCP (6), length: 40) 192.168.100.56.rsync N-ST-LOUIS.65460: R, cksum 0x4848 (correct), 992395986:992395986(0) win 4344 For testing, my firewall rules were set to pass in quick all, pass out quick all. The remote server is at the end of an ipsec tunnel maintained by racoon. Ping times are reasonable 53ms between sites. What really baffles me is the other five (5) sites I maintain are connecting without any problems. All are running the same version of rsync. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Racoon to Cisco ASA 5505
Thank you for all your help!! IT WORKS!!! One final question. If I want to clean up my racoon configuration file, instead of using sainfo anonymous can the following be used instead? sainfo address 10.129.0.0/16 any address 192.168.100.0/22 any Thank you again for all your help! Jay From : Mike Tancsa m...@sentex.net To : jh...@socket.net Subject : Re: Racoon to Cisco ASA 5505 Date : Fri, 26 Aug 2011 21:37:56 -0400 On 8/26/2011 5:09 PM, jh...@socket.net wrote: Yes, post that to the list. I am not sure if this is the entire configuration or not, but this is what they have posted. crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map rackmap 201 match address 201 crypto map rackmap 201 set peer Jefferson_City crypto map rackmap 201 set transform-set ESP-3DES-SHA crypto map rackmap interface outside crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 access-list 201 line 1 extended permit ip 192.168.100.0 255.255.252.0 10.129.10.0 255.255.255.0 access-list 201 line 2 extended permit ip 192.168.100.0 255.255.252.0 10.129.20.0 255.255.255.0 access-list 201 line 3 extended permit ip 192.168.100.0 255.255.252.0 10.129.30.0 255.255.255.0 access-list 201 line 4 extended permit ip 192.168.100.0 255.255.252.0 10.129.50.0 255.255.255.0 access-list 201 line 5 extended permit ip 192.168.100.0 255.255.252.0 10.129.60.0 255.255.255.0 access-list 201 line 6 extended permit ip 192.168.100.0 255.255.252.0 10.129.70.0 255.255.255.0 access-list 201 line 7 extended permit ip 192.168.100.0 255.255.252.0 10.129.80.0 255.255.255.0 Get rid of the gif interface as its not needed and make sure you match their policy's. And of course 1.1.1.1 is your actual public IP. setkey -F setkey -FP setkey -f /etc/ipsec.conf where ipsec.conf has the info below spdadd 10.129.10.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.10.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; spdadd 10.129.20.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.20.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; spdadd 10.129.30.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.30.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; spdadd 10.129.40.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.40.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; spdadd 10.129.50.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.50.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; again, startup racoon with -d start tcpdumping the outside interface with the flags -s0 -vvv host 184.106.120.244 From inside your network, go to a machine that has an IP within the private range. e.g. 10.129.10.1 and ping the other side ping -S 10.129.10.1 192.160.100.1 ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Racoon to Cisco ASA 5505
I am seeing a couple of things that are concerning me. First, I am not seeing any traffic over the gif interface, except return traffic. For example if I ping from one of my sites (e.g. 10.129.30.0/24), I do not see any traffic on the gif interface. Second, I am seeing the following error message, Header checksum: 0X [incorrect, should be 0x8d84 (maybe caused by IP Checksum Offload?)]. I spoke to our vendor this morning, an they are seeing encrypted packets flowing to them. However, I am not able to ping their devices until they initiate the traffic. This is when I am not seeing any traffic on the gif interface. Following are the policies I have defined for the 10.129.30 network. All policies are a copy of these with the correct networks added. spdadd 10.129.30.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/use; spdadd 192.168.100.0/22 10.129.30.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/use; spdadd 184.106.120.244/32 10.129.30.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/use; spdadd 10.129.30.0/24 184.106.120.244/32 any -P out ipsec esp/tunnel/184.106.120.244-1.1.1.1/use; Thank you for all your help. If you would like the results of the capture posted, please let me know and I will post them as well. Jay From : Mike Tancsa m...@sentex.net To : jh...@socket.net Subject : Re: Racoon to Cisco ASA 5505 Date : Thu, 25 Aug 2011 14:39:12 -0400 On 8/25/2011 11:52 AM, jh...@socket.net wrote: I find wireshark helpful in these cases as it nicely decodes what options are being set. Your racoon conf is set to obey. Its possible they are proposing something different to you that you accept, where as what you are proposing might not be acceptable My vendor came back to me today and stated they found a configuration error on their end. Their most recent message states the traffic I am sending to them through the IPSec tunnel is not encrypted. What does your actual policy look like ? Is this the only ipsec config on your box ? If so, lets say your public IP is 1.1.1.1 and their ip is 184.106.120.244 try adding this to /etc/ipsec.conf spdadd 10.129.30.0/24 192.168.100.0/22 any -P out ipsec esp/tunnel/1.1.1.1-184.106.120.244/unique; spdadd 192.168.100.0/22 10.129.30.0/24 any -P in ipsec esp/tunnel/184.106.120.244-1.1.1.1/unique; do a setkey -F setkey -FP setkey -f /etc/ipsec.conf This is saying that you will create an ipsec policy between 2 networks. Your side behind 1.1.1.1 and their side behind 184.106.120.244. The policy states that packets with a source address of 10.129.30.0/24 destined to 192.168.100.0/22 will be encapsulated in an ipsec tunnel. Similarly, everything going the other direction - 192.168.100.0/22 going to 10.129.30.0/24... And *only* those packets. If you have a packet with a source address of 10.0.0.1 destined to 192.168.100.0/22, it will not be passed through the tunnel. Following is what they sent me from the ASA. Crypto map tag: rackmap, seq num: 201, local addr: 184.106.120.244 access-list 201 extended permit ip 192.168.100.0 255.255.252.0 10.129.30.0 255.255.255.0 local ident (addr/mask/prot/port): (192.168.100.0/255.255.252.0/0/0) remote ident (addr/mask/prot/port): (10.129.30.0/255.255.255.0/0/0) current_peer: Jefferson_City You then need to make sure your key exchange settings agree. Ask them for that portion of the ASA's config. You are proposing exchange_mode main,base,aggressive; You are known to them by IP (my_identifier address) You should probably add peers_identifier address; and then make sure in your psk.txt file you have something like 184.106.120.244 the-secret-psk-you-agreed-on Also, make sure their side is expecting 3des and hmac is sha1 or md5 as you posted in your original config. On your public wan interface, do a tcpdump of the remote IP. e.g. if its em0, do tcpdump -ni em0 -s0 -w /tmp/186.pcap host 184.106.120.244 startup racoon with the debug flag and from your network, try and ping an IP in their private network from your private network e.g. ping -S 10.129.30.1 192.168.100.1 When testing ipsec, get in the habbit of ALWAYS specifying the source IP so that you know the packet you are generating falls within the policy you have specified. If things dont work, look at the racoon logs for clues as well as look at the pcap afterwards with - tcpdump - -nr /tmp/186.pcap port 500 if it worked and you get a ping response, look at the full traffic to make sure its ESP and that the contents are indeed encrypted. ---Mike -- --- Mike Tancsa, tel +1 519 651 3400 Sentex Communications, m...@sentex.net Providing Internet services since 1994 www.sentex.net Cambridge, Ontario Canada http://www.tancsa.com/
Re: Re: Racoon to Cisco ASA 5505
IP-IP interface ? (GIF). If you are using that, then you will need very
different policies on both sides. You should mention these little
details when posting your configs. Can you please post your FULL
configuration / topology. Otherwise, its kind of impossible to know what
the issue might be
---Mike
Connecting 10.129.0.0/16 to 192.168.100.0/22. Their router is
192.168.100.1, and my BSD box is 10.129.10.40.
GIF is configured as follows.
gif21: flags=8051UP,POINTOPOINT,RUNNING,MULTICAST metric 0 mtu 1280
tunnel inet 1.1.1.1 -- 184.106.120.244
inet 10.129.10.40 -- 192.168.100.1 netmask 0xff00
options=1ACCEPT_REV_ETHIP_VER
racoon.conf
remote 184.106.120.244
{
exchange_mode main,base,aggressive;
# exchange_mode main,passive;
doi ipsec_doi;
situation identity_only;
mode_cfg on;
my_identifier address 65.117.48.155;
# certificate_type x509 my.cert.pem my.key.pem;
# nonce_size 16;
# initial_contact on;
lifetime time 86400 secs;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo address 1.1.1.1/32 any address 184.106.120.244 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 28800 secs;
authentication_algorithm hmac_sha1, hmac_md5;
compression_algorithm deflate;
}
setkey - only one site is shown since others are simply a copy of this
one.
spdadd 10.129.30.0/24 192.168.100.0/22 any -P out ipsec
esp/tunnel/1.1.1.1-184.106.120.244/use;
spdadd 192.168.100.0/22 10.129.30.0/24 any -P in ipsec
esp/tunnel/184.106.120.244-1.1.1.1/use;
spdadd 184.106.120.244/32 10.129.30.0/24 any -P in ipsec
esp/tunnel/184.106.120.244-1.1.1.1/use;
spdadd 10.129.30.0/24 184.106.120.244/32 any -P out ipsec
esp/tunnel/184.106.120.244-1.1.1.1/use;
route table - only the routes to the remote network are listed.
192.168.100.0/22 192.168.100.1 UGS 0 131 gif21
192.168.100.1 link#19UH 0 185 gif21
Packet forwarding is enabled.
# sysctl net.inet.ip.forwarding
net.inet.ip.forwarding: 1
Firewall rules
pass in quick all
pass out quick all
What else is needed?
Thanks for all your help.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Racoon to Cisco ASA 5505
What does their policy look like ? Are they really setting up an IP-IP tunnel on their side too ? Or just a regular ESP IPSEC tunnel. If they are not setting up an IP-IP tunnel, than get rid of the gif interface. I have sent them an email, and I am waiting hear from them. I do have the configuration on their Cisco equipment, if that will help. Thank you for all your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Racoon to Cisco ASA 5505
Yes, post that to the list. I am not sure if this is the entire configuration or not, but this is what they have posted. crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map rackmap 201 match address 201 crypto map rackmap 201 set peer Jefferson_City crypto map rackmap 201 set transform-set ESP-3DES-SHA crypto map rackmap interface outside crypto isakmp identity address crypto isakmp enable outside crypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400 access-list 201 line 1 extended permit ip 192.168.100.0 255.255.252.0 10.129.10.0 255.255.255.0 access-list 201 line 2 extended permit ip 192.168.100.0 255.255.252.0 10.129.20.0 255.255.255.0 access-list 201 line 3 extended permit ip 192.168.100.0 255.255.252.0 10.129.30.0 255.255.255.0 access-list 201 line 4 extended permit ip 192.168.100.0 255.255.252.0 10.129.50.0 255.255.255.0 access-list 201 line 5 extended permit ip 192.168.100.0 255.255.252.0 10.129.60.0 255.255.255.0 access-list 201 line 6 extended permit ip 192.168.100.0 255.255.252.0 10.129.70.0 255.255.255.0 access-list 201 line 7 extended permit ip 192.168.100.0 255.255.252.0 10.129.80.0 255.255.255.0 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Racoon to Cisco ASA 5505
I find wireshark helpful in these cases as it nicely decodes what options are being set. Your racoon conf is set to obey. Its possible they are proposing something different to you that you accept, where as what you are proposing might not be acceptable ---Mike My vendor came back to me today and stated they found a configuration error on their end. Their most recent message states the traffic I am sending to them through the IPSec tunnel is not encrypted. Following is what they sent me from the ASA. Crypto map tag: rackmap, seq num: 201, local addr: 184.106.120.244 access-list 201 extended permit ip 192.168.100.0 255.255.252.0 10.129.30.0 255.255.255.0 local ident (addr/mask/prot/port): (192.168.100.0/255.255.252.0/0/0) remote ident (addr/mask/prot/port): (10.129.30.0/255.255.255.0/0/0) current_peer: Jefferson_City #pkts encaps: 0, #pkts encrypt: 0, #pkts digest: 0 #pkts decaps: 789, #pkts decrypt: 789, #pkts verify: 789 Crypto map tag: rackmap, seq num: 201, local addr: 184.106.120.244 access-list 201 extended permit ip 192.168.100.0 255.255.252.0 10.129.10.0 255.255.255.0 local ident (addr/mask/prot/port): (192.168.100.0/255.255.252.0/0/0) remote ident (addr/mask/prot/port): (10.129.10.0/255.255.255.0/0/0) current_peer: Jefferson_City #pkts encaps: 112, #pkts encrypt: 112, #pkts digest: 112 #pkts decaps: 0, #pkts decrypt: 0, #pkts verify: 0 Usually this indicates that the encryption domains on both sides of the VPN are not matched up exactly. If possible, please send us the encryption domains and nat-exemptions you currently have configured on the other side of the tunnel. What concerns me is, if I am reading this correctly, traffic from 10.129.10.0/24 is not being encrypted and 10.129.10.40 is my end of the tunnel. 10.129.30.0/24 lies behind the the 10.129.10.40 server. Is it possible for me to check if traffic being sent over the IPSec tunnel is being encrypted? I am sorry if this is an extremely easy question, but I am really new to IPSec. Thank you to everyone for their help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Racoon to Cisco ASA 5505
I have run into a weird situation, and I do not know if the problem lies
on my side of the connection or my vendors.
The tunnel comes up only after the vendor sends traffic to me. My side of
the tunnel shows up and using tcpdump, I see packets flowing out the
correct interface, to the correct IP address, but nothing is returned
until the device(s) behind the vendor's ASA attempt to send traffic to me.
Attached is the relevant output from setkey -DP
10.129.10.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=357 seq=7 pid=12885
refcnt=1
10.129.80.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=359 seq=6 pid=12885
refcnt=1
10.129.20.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=361 seq=5 pid=12885
refcnt=1
10.129.30.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=363 seq=4 pid=12885
refcnt=1
10.129.40.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=365 seq=3 pid=12885
refcnt=1
10.129.60.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=367 seq=2 pid=12885
refcnt=1
10.129.50.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=369 seq=1 pid=12885
refcnt=1
10.129.70.0/24[any] 192.168.100.0/22[any] any
out ipsec
esp/tunnel/1.1.1.1-2.2.2.2/use
spid=371 seq=0 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.10.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=358 seq=18 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.80.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=360 seq=17 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.20.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=362 seq=16 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.30.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=364 seq=15 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.40.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=366 seq=14 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.50.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=368 seq=13 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.60.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=370 seq=12 pid=12885
refcnt=1
192.168.100.0/22[any] 10.129.70.0/24[any] any
in ipsec
esp/tunnel/2.2.2.2-1.1.1.1/use
spid=372 seq=11 pid=12885
Following are the entries from racoon.conf. The padding, etc. was left at
the default.
remote anonymous
{
exchange_mode main,base,aggressive;
# exchange_mode main,passive;
doi ipsec_doi;
proposal_check obey;
situation identity_only;
mode_cfg on;
my_identifier address ;
# certificate_type x509 my.cert.pem my.key.pem;
# nonce_size 16;
# initial_contact on;
proposal_check obey;# obey, strict, or claim
lifetime time 86400 secs;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo anonymous
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 28800 secs;
authentication_algorithm hmac_sha1, hmac_md5;
compression_algorithm deflate;
}
I am using anonymous because, if I am reading the logs right, that is
being requested.
I am using a PF firewall with pass in quick and pass out quick rules.
This is just for testing and will be tightened later.
What additional information is needed?
Thanks in advance for all your help.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Source Upgrade
Based on this configuration, you grabbed CURRENT, and not 8.2. Have a look here and alter your configuration, and rebuild. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html Hope this helps -jgh THANK YOU! I don't know how long I had looked at that and did not see the default tag=. Removing that fixed the problem. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Source Upgrade
I am attempting to upgrade my server from 8.0 to 8.2 Release by upgrading the source code and recompiling the kernel. I am using cvs to download the source code. Following are the entries in my cvs-supfile. The system is an HP server. Following is the system information. FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 r...@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 *default host=cvsup15.us.FreeBSD.org *default base=/var/db *default prefix=/usr *default release=cvs tag=RELENG_8_2 *default delete use-rel-suffix *default tag=. src-all ports-all The download completes without any errors. The first time I attempted to compile the source code, I assumed I had made a mistake. So, I deleted all of /usr/src and downloaded it again using cvs. When I attempt make buildworld, I still receive the following messages. === kerberos5/tools/asn1_compile (all) cd /usr/src/kerberos5/tools/asn1_compile/../make-roken make cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen.c cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen_copy.c cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen_decode.c cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen_encode.c cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen_free.c cc -O2 -pipe -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/roken -I/usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1 -I. -DHAVE_CONFIG_H -I/usr/src/kerberos5/tools/asn1_compile/../../include -std=gnu99 -I/usr/obj/usr/src/tmp/legacy/usr/include -c gen_glue-fixed.c gen_glue-fixed.c: In function 'generate_2int': gen_glue-fixed.c:55: warning: assignment from incompatible pointer type gen_glue-fixed.c:55: error: 'Member' has no member named 'next' gen_glue-fixed.c: In function 'generate_int2': gen_glue-fixed.c:83: warning: assignment from incompatible pointer type gen_glue-fixed.c:83: error: 'Member' has no member named 'next' gen_glue-fixed.c: In function 'generate_units': gen_glue-fixed.c:114: error: 'struct memhead' has no member named 'prev' gen_glue-fixed.c:114: error: 'Member' has no member named 'prev' gen_glue-fixed.c: At top level: gen_glue-fixed.c:129: error: conflicting types for 'generate_glue' /usr/src/kerberos5/tools/asn1_compile/../../../crypto/heimdal/lib/asn1/gen_locl.h:65: error: previous declaration of 'generate_glue' was here *** Error code 1 Stop in /usr/src/kerberos5/tools/asn1_compile. *** Error code 1 Stop in /usr/src/kerberos5/tools. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. *** Error code 1 Stop in /usr/src. My Googling has not resulted in any results that are helpful. Any suggestions would be greatly appreciated. Thank you in advance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
DHCP Question
I am working with a vendor and they are wanting me to send them ip addresses via option 74 in DHCP (irc-server). After I defined this in my dhcpd.conf file, the option is still not being sent. However, I am not receiving a request for this option. I have done a bunch of Googling this morning/afternoon, and have not been able to find a way to send the option whether it is requested or not. Is it possible to do this? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: DHCP Question
From : Chuck Swiger cswi...@mac.com To : jh...@socket.net Subject : Re: DHCP Question Date : Tue, 14 Jun 2011 11:28:00 -0700 You want: option dhcp-parameter-request-list uint16; This option, when sent by the client, specifies which options the client wishes the server to return.Normally, in the ISC DHCP client, this is done using the request statement. If this option is not specified by the client, the DHCP server will normally return every option that is valid in scope and that fits into the reply. When this option is specified on the server, the server returns the specified options.This can be used to force a client to take options that it hasn't requested, and it can also be used to tailor the response of the DHCP server for clients that may need a more lim- ited set of options than those the server would normally return. Regards, -- -Chuck They are not using the option for the IRC Server, but to point to the nodes where the Virutal Desktops are. Thank you for all your help. That did the trick! Jay Thank you! That did the trick. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Installing a root certificate in openssl
I am attempting to get TLS with Postfix working and I have run into a problem and nothing I have tried seems to resolve the problem. When a TLS connection is started, I see the following in /var/log/maillog Jun 3 17:38:13 mo-bak-s1 postfix/smtp[41281]: certificate verification failed for abc.org.s9a1.def.com[WW.XX.YY.ZZ]:25: untrusted issuer /C=US/O=Equifax/OU=Equifax Secure Certificate Authority I have downloaded the Equifax Secure Certificate Authority.cer, converted it to PEM format. Then, I added the certificate to my certfile and restarted Postfix. I had the same result. My guess is that I am doing something wrong importing the Equifax certificate. Any suggestions would be appreciated. Have a nice weekend. Thanks for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPSec routing (long post)
Ladies and Gentlemen,
First, please excuse this extremely long post. I have tried to include
all of the information I thought was relevant, and may have included too
much.
I have established an IPSec connection to our vendor using transport mode.
However, I am having problems successfully routing the traffic. We using
a preshared key for authentication. The connection is successfully made.
My vendor has verified they are able to see the connection up on their
router and I am able to see a successful connection when running racoon in
the foreground. I am running FBSD 8.1.
My external IP address is 1.2.3.4 and the vendor's is 5.6.7.8. The
default gateway on my system is 1.2.3.5. My internal IP address range is
192.168.1.0/24 and the vendor's is 192.168.2.0//24.
Following is what I have done/tried.
Following are my entries in racoon.conf. I have not changed any of the
default settings for padding/spacing/etc.
remote 5.6.7.8
{
exchange_mode main,aggressive;
doi ipsec_doi;
situation identity_only;
my_identifier address 1.2.3.4;
proposal_check obey;# obey, strict, or claim
lifetime time 86400 secs;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
}
}
sainfo address 192.168.1.024 any address 192.168.2.0/24 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 192.168.2.0/24 any address 192.168.1.024 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 1.2.3.4/32 any address 192.168.2.0/24 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 192.168.2.0/24 any address 65.1117.48.155/32 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 1.2.3.4/32 any address 5.6.7.8 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
sainfo address 1.2.3.4/32 any address 5.6.7.8 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 5.6.7.8/32 any address 1.2.3.4/32 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 192.168.1.024 any address 5.6.7.8 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
sainfo address 192.168.1.024 any address 5.6.7.8 any
{
pfs_group 2;
encryption_algorithm 3des;
lifetime time 3600 secs;
authentication_algorithm hmac_sha1;
compression_algorithm deflate;
}
The following entries are made using setkey.
flush;
spdflush;
spdadd 1.2.3.4/32 5.6.7.8/32 any -P out ipsec
esp/tunnel/1.2.3.4-5.6.7.8/require;
spdadd 192.168.1.0/24 192.168.2.0//24 any -P out ipsec
esp/transport/1.2.3.4-5.6.7.8/require;
spdadd 1.2.3.4/32 192.168.2.0//24 any -P out ipsec
esp/transport/1.2.3.4-5.6.7.8/require;
spdadd 192.168.1.0/24 5.6.7.8 any -P out ipsec
esp/transport/1.2.3.4-5.6.7.8/require;
spdadd 5.6.7.8/32 1.2.3.4/32 any -P in ipsec
esp/tunnel/5.6.7.8-1.2.3.4/require;
spdadd 192.168.2.0//24 192.168.1.0/24 any -P in ipsec
esp/transport/5.6.7.8-1.2.3.4/require;
spdadd 192.168.2.0//24 1.2.3.4/32 any -P in ipsec
esp/transport/5.6.7.8-1.2.3.4/require;
spdadd 5.6.7.8/32 192.168.1.0/24 any -P in ipsec
esp/transport/5.6.7.8-1.2.3.4/require;
Using setkey -DP all of the entries have been made.
I see the following in the log which indicates, to me anyway, the proper
policy has been applied.
2011-05-21 10:10:29: DEBUG: suitable inbound SP found: 192.168.2.0/24[0]
1.2.3.4/32[0] proto=any dir=in.
2011-05-21 10:10:29: DEBUG: new acquire 1.2.3.4/32[0] 192.168.2.0/24[0]
proto=any dir=out
2011-05-21 10:10:29: DEBUG: configuration found for 5.6.7.8.
2011-05-21 10:10:29: DEBUG: getsainfo params: loc='1.2.3.4',
rmt='192.168.2.0/24', peer='NULL', id=0
2011-05-21 10:10:29: DEBUG: getsainfo pass #2
2011-05-21 10:10:29: DEBUG: evaluating sainfo: loc='ANONYMOUS',
rmt='ANONYMOUS', peer='ANY', id=0
2011-05-21 10:10:29: DEBUG: evaluating sainfo: loc='192.168.1.0/24',
Re: Re: IPSec routing (long post)
From : claudiu vasadi claudiu.vas...@gmail.com To : jh...@socket.net Subject : Re: IPSec routing (long post) Date : Sat, 21 May 2011 18:45:07 +0200 Some additional points: - have you been following the FreeBSD handbook on this ? - http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html - pls post your ifconfig interface settings - you can use tcpdump to sniff traffic off of your real network interface (tcpdump (-v) -i interface host vendor_ext_IP and dst local_ext_IP) - do you have options IPSEC and device crypto in your kernel ? My understanding is the handbook was using tunnel mode to connect the networks, and I am using transport mode. Are these the same, and I am misunderstanding what I am reading. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
IPSec with Public IP Addresses only
Ladies and Gentlemen, I am attempting to connect a FreeBSD server, 8.1-RELEASE to a Juniper J2320 router running the JUNOS operating system. The Juniper router I am connecting to has a public IP address of 1.2.3.4. The provider has not given me a private IP address and has stated it is not needed. The FreeBSD server, has a public IP address of 2.3.4.5 and a private IP address of 6.7.8.9. I am able to create the gif tunnel without any problem. However, the provider I am connecting to has told me there is not a private IP address available for the creation of the private IP tunnel. I will be connecting to private addresses in the 5.6.7.0/24 range on the provider's server. Here is the output of the ifconfig command. gif0: flags=8050POINTOPOINT,RUNNING,MULTICAST metric 0 mtu 1280 tunnel inet 2.3.4.5 -- 1.2.3.4 options=1ACCEPT_REV_ETHIP_VER Following are the relevant route table entries. 1.2.3.4/32 2.3.4.5 US 1 798 bge1 5.6.7.0/24 1.2.3.4 UGS 2 192 bge1 Is it possible to connect to the private address on the provider's server without a private IP address? I have done this before, but I have always private IP addresses as well. I do not have racoon running yet. Could this make a difference? Thanks for your help. Jay Hall ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
GnuPG not allowing passphrase entry
Ladies and Gentlemen, I an attempting to decrypt a file using the following command line. /usr/local/bin/gpg --output /usr/local/scripts/test. --no-default-keyring --secret-keyring 09-2010.sec --keyring 09-2010.pub --always-trust --decrypt --recipient wed_sep_1_00_01_00_cdt_2...@abc.org /usr/local/scripts/test.gpg When doing so, I receive the following output. You need a passphrase to unlock the secret key for user: Wed_Sep_1_00_01_00_CDT_2010 (Monthly Archive Encryption Key) wed_sep_1_00_01_00_cdt_2...@abc.org 1024-bit ELG key, ID E8E5F849, created 2010-09-01 (main key ID 557E7C04) gpg: cancelled by user gpg: encrypted with 1024-bit ELG key, ID E8E5F849, created 2010-09-01 Wed_Sep_1_00_01_00_CDT_2010 (Monthly Archive Encryption Key) wed_sep_1_00_01_00_cdt_2...@abc.org gpg: public key decryption failed: General error gpg: decryption failed: No secret key While the prompt to enter a passphrase does appear, it is skipped without allowing me to enter anything. gpg-agent is running. I am running FreeBSD 8.0. My GnuPG version is 2.0.14 I have also tried adding the public and secret keys to the default keyring and receive the same result. Thanks for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Ultrium 920 Autoloader Question
If this is a double post, please excuse me. I just realized I sent my initial question to the wrong address. Today, I received my Ultrium 1/8 920 autoloader. I just realized the tape drive can be assigned an IP address so it can be backed up to over the network. And, I would like to explore this before taking the time to install the SCSI card. Is this something I can do from the command line with FreeBSD, or am I better off using software such as AMANDA or Bacula? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: Re: Ultrium 920 Autoloader Question
Depends a little on what sort of software is on the tape drive. But, probably you can either use dump(8)/restore(8) or tar with no problem. They can dump/restore to/from remote devices/files. No software on the drive. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Capturing tar output
Ladies and Gentlemen, I am using the following command to perform backups each evening. /usr/local/gtar/bin/tar -C /usr/home/photos --listed-incremental \ /var/db/photos.snar -cvf - ./ | /usr/local/bin/gpg --encrypt --recipient \ recipient | dd of=/dev/nsa0 obs=128K Since I am having tar write the output of the command to stdout is it possible to capture the names of the files being displayed as a result of the -v option? If so, how can this be done? I am not having any luck. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Capturing tar output
redirect stderr with 2 operator Using the following command, # /usr/local/gtar/bin/tar -cvf - /home/hallja 2 /var/log/test.txt | /usr/local/bin/gpg --encrypt recipient | dd of=/dev/nsa0 obs=128k I receive an error meesage stating, Ambiguous output redirect. Any additional suggestions would be appreciated. Thanks for all your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
DHCP and Encapsulating Vendor Options
Ladies and Gentlemen,
I have a need to encapsulate option 125 for my phone system on my isc-dhcp
server.
Following is a snippet from my dhcpd.conf file.
option space MITEL;
option MITEL.Option-125 code 125 = string;
subnet 1.2.3.0 netmask 255.255.255.0 {
range 1.2.3.100 1.2.3.200;
option routers 1.2.3.1;
option domain-name-servers 1.2.3.1;
vendor-option-space MITEL;
option MITEL.Option-125 Mitel hexadecimal data goes here
}
Is this the right way to encapsulate the Hex data? I have not been able
to find any information from Mitel concerning how to setup this option on
an isc-dhcp server. The information I found was for a Windows 2003 DHCP
server, and the data type needed to be encapsulated. So, my assumption is
(I know, I know), the data will have to be encapsulated on the isc dhcp
server as well.
Any help would be appreciated.
Thanks,
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
DHCP Question
I am in the process of moving my phone system DHCP from my Mitel 3300 to a FreeBSD so I can parse the DHCP file. In order to make Mitel's option 125 work correctly, I have to specify some vendor specific options. I believe this is option 124 if I understand the Mitel documentation correctly. I have searched Google and have not found any helpful information or examples. I'm guessing I will have to create a new class and specify the options within that class. Can someone point me in the right direction? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Booting from Memory Stick
I am working on getting a FreeBSD system to boot from a USB memory stick. Would it be possible to install the operating system using the following: cd /usr/src make DESTDIR=/mnt/usbdisk world boot0cfg -v -B -o noupdate da0 Or, is there an easier way to do this? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
OT: TikiWiki Thumbnail problem
Ladies and Gentlemen, Please accept my appologies for the lack of information in my previous post. I am running FreeBSD 6.2, TikiWiki 1.9.9, mysql 5.0, php-5.2.5. Images are being saved in the mysql database. The images are being saved, but no thumbnails are being generated. After working with the TikiWiki users forums they believe this is a problem with the gd graphics library. I have gd-2.0.35 installed as well as libjpeg, libpng and zlib. PHP was compiled with the following options. './configure' '--with-mysql' '--with-apxs2=/usr/local/apache/bin/apxs' '--with-gd=/usr/local/gd/lib' '--with-jpeg-dir=/usr/local/lib' '--with-png-dir=/usr/local/lib' I am not seeing any errors in the TikiWiki log files. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
OT: TikiWiki Thumbnails
Ladies and Gentlemen, Please excuse the off topic post. I have installed TikiWiki, but I have not been able to get the software to generate thumbnails at all. The images are always displayed at their original size. This happens with gd from the ports collection, or compiling from source. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Setting CPPFLAGS and LDFLAGS
I'm hoping I have missed something simple, but I am experiencing a problem compiling OpenLDAP. My BerkeleyDB files are in a non-standard location and I trying to set CPPFLAGS and LDFLAGS to point to the correct location. I am logged in as a normal user, and I am using the following commands to set CPPFLAGS and LDFLAGS. $ export CPPFLAGS=-I/usr/local/BerkelyDB/include $ export LDFLAGS=-L/usr/local/BerkelyDB/lib However, OpenLDAP still fails to compile with the following message. Checking Berkeley DB version for BDB/HDB backends... no configure: error: BDB/HDB: BerkeleyDB version incompatible Am I correctly setting CPPFLAGS and LDFLAGS so they can be seen by OpenLDAP's configuration script? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Redirecting STDOUT
# command file this will redirect both STDERR and STDOUT to file -- Best regards, Michael mailto:[EMAIL PROTECTED] Thank you to everyone for their help. I have this working now. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Redirecting STDOUT
I am in the process of debugging a script and I would like to have the output of stdout redirected to a file. After reading about redirection on the Internet, I was under the impression the following would redirect stdout to a file, but I cannot seem to get it to work. tar -cvzf root.tgz /root /dev/null 2/home/jay/tarlog I'm sure it is something simple I am doing wrong, but I am not seeing it. Thanks for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Redirecting STDOUT
Hello, jhall. On 21 ??? 2007 ?., 17:49:28 you wrote: jvn tar -cvzf root.tgz /root /dev/null 2/home/jay/tarlog jvn I'm sure it is something simple I am doing wrong, but I am not seeing it. what is your shell? -- Best regards, Michael mailto:[EMAIL PROTECTED] /bin/sh Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Redirecting STDOUT
At 08:49 AM 12/21/2007, [EMAIL PROTECTED] wrote: I am in the process of debugging a script and I would like to have the output of stdout redirected to a file. After reading about redirection on the Internet, I was under the impression the following would redirect stdout to a file, but I cannot seem to get it to work. tar -cvzf root.tgz /root /dev/null 2/home/jay/tarlog I'm sure it is something simple I am doing wrong, but I am not seeing it. Thanks for your help. Jay In your command line above you are redirecting stdout to /dev/null and stderr to your file. try: tar -cvzf root.tgz /root /home/jay/tarlog 21 When I run the above, I receive the following message. Ambiguous output redirect. Any suggestions? What I found Googling on the message indicates I am trying to write the output to multiple locations. I am using the bourne shell. I am using the right syntax? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Redirecting STDOUT
In that case you only redirecting STDERR to file. As you've been already told STDOUT will be redirected with $ command 1file or $ command file adding 21 will also redirect STDERR to this file When I run this as a non-root user it works fine. But, when running it as root, it does not produce the expected results. $ ls -l /fjdkslafjdl 2/home/hallja/test2 And, in the file test2, I see ls: /fjdkslafjdl: No such file or directory Running the same command as root, I receive the following results. # ls -l /fjdkslafjdl 2/home/hallja/test2 ls: /fjdkslafjdl: No such file or directory And, in /home/hallja/test2 I see the following. -rw-r--r-- 1 root hallja 0 Dec 21 08:02 2 Why does this not work as root? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Jail question
Ladies and Gentlemen, I want to check the understanding of jails. My understanding is a jail uses the existing kernel configuration and cannot use its own kernel configuration. Is this correct? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: bash and strings
See the `dirname' and `basename' commands:
$ dirname /usr/local/scripts/firewall.sh
/usr/local/scripts
$
$ basename /usr/local/scripts/firewall.sh
firewall.sh
$
Be careful about properly quoting the filenames though (note how the
first invocation of `dirname' fails below, and try to understand why
it fails):
$ testname='foo bar baz'
$ dirname $testname
usage: dirname string
$ dirname ${testname}
.
$
Thank you very much this is exactly what I was looking for.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
bash and strings
Everyone, I'm sure this is easy, and I am making it harder than it is. I am being supplied a list of files, and need to create the files and directories to hold them, but I cannot figure out how to take the string apart. For example, I am given /usr/local/scripts/firewall.sh I need to create the /usr/local/scripts directory and then create firewall.sh. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NAT Question
I have a question regarding ipf and ipnat. I have a firewall with two public IP addresses. One of the IP addresses is for incoming Internet traffic only and the other is for incoming e-mail. I'm not sure why my ISP has done, this, but they have. In otherwords, all incoming http traffic (port 80) will be going to the address 1.2.3.4 and all incoming smtp traffic (port 25) will be going to 1.2.3.5. The internal address of the firewall is 10.129.10.40/24. The webserver has an internal address of 10.129.10.49 and a default gateway of 10.129.10.40 (the firewall). If I use rdr on an incoming connection, will repsonses exit the network on the same interface they entered the firewall on? Following are the rules I would use. ipnat.rules rdr em1 1.2.3.4/32 port 80 - 10.129.10.49 port 80 tcp ipf.rules pass in on em1 from any to 1.2.3.4 port = 80 keep state pass out on em1 from 1.2.3.4 port = 80 to any keep state Does this solution make sense, or is there a better way to accomplish the same thing? Thanks for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Adding CR/LF
On 2007-09-28 18:34, [EMAIL PROTECTED] wrote:
I know this should be easy, but I cannot get it to work right.
Basically, I have a list of items, and I need to place each one on a
separate line.
Here is the script I am using.
#!/bin/sh
FILENAMES=test1 test2 test3
FILELIST=
for filename in ${FILENAMES}
do
FILELIST=${FILELIST}${filename}$'\n\r'
echo ${FILELIST}
done
And, here is the output I am getting.
test1$\n\r
test1$\n\rtest2$\n\r
test1$\n\rtest2$\n\rtest3$\n\r
The output I would like to see is:
test1
test2
test3
How about skipping the trick with '\n\r' altogether?
This should work better:
#!/bin/sh
FILENAMES=test1 test2 test3
for fname in ${FILENAMES}
do
echo ${fname}
done
Thanks. I hadn't thought of that.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Adding CR/LF
On Sep 28, 2007, at 11:34 AM, [EMAIL PROTECTED] wrote:
Here is the script I am using.
#!/bin/sh
FILENAMES=test1 test2 test3
FILELIST=
for filename in ${FILENAMES}
do
FILELIST=${FILELIST}${filename}$'\n\r'
echo ${FILELIST}
done
And, here is the output I am getting.
test1$\n\r
test1$\n\rtest2$\n\r
test1$\n\rtest2$\n\rtest3$\n\r
The output I would like to see is:
test1
test2
test3
Thanks in advance for your assistance.
/bin/echo and the builtin echo command found in /bin/sh and /bin/tcsh
do not understand the C-style \r and \n escapes; you could switch
your script to using Bash or ZSH and it would work in those shells,
or else use printf command rather than echo.
man builtin might give some insight.
--
-Chuck
Thanks to everyone for their help. Since I am traveling, I am just going
to use printf for now and worry about rewriting the script when I get
home.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Adding CR/LF
I know this should be easy, but I cannot get it to work right. Basically,
I have a list of items, and I need to place each one on a separate line.
Here is the script I am using.
#!/bin/sh
FILENAMES=test1 test2 test3
FILELIST=
for filename in ${FILENAMES}
do
FILELIST=${FILELIST}${filename}$'\n\r'
echo ${FILELIST}
done
And, here is the output I am getting.
test1$\n\r
test1$\n\rtest2$\n\r
test1$\n\rtest2$\n\rtest3$\n\r
The output I would like to see is:
test1
test2
test3
Thanks in advance for your assistance.
Jay
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Capturing data on the serial port
I have a need to temporarily capture data from our phone system via the serial port on one of my FreeBSD servers. What would be the best way to do this? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ntpd time server
Is it possible to use ntpd as a client as well as a server? I have my firewall setup to get updates from the Internet which it does without any problem. However, I am not seeing any clients syncrhonizing with the firewall. The firewall ntp.conf files contains the following. server ntp-2.mcs.anl.gov prefer driftfile /data_prgs/local/etc/ntp.drift The clients contain the following. server firewall driftfile /var/db/ntp.drift firewall is a resolved via internal DNS, and it is resolved to the correct IP address. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Moving user/group databases
All of my FreeBSD servers boot from CD, and we are going to be having several temporary employees coming and going over the next 6-12 months. Is it possible to move the user/group databases from their location in /etc (which is read only on my CDs) to another location? I have read the man page concerning pw and still do not understand what I should be doing. Any suggestions, or direction to a how-to would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Moving user/group databases
At 03:52 PM 9/7/2007, [EMAIL PROTECTED] wrote: All of my FreeBSD servers boot from CD, and we are going to be having several temporary employees coming and going over the next 6-12 months. Is it possible to move the user/group databases from their location in /etc (which is read only on my CDs) to another location? I have read the man page concerning pw and still do not understand what I should be doing. Any suggestions, or direction to a how-to would be greatly appreciated. Thanks, Jay The simplest way would be to put a symbolic link from /etc to a writable location. You will need to re-make your boot CD to have this change. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. I have recreated the CD with the sym links, and I still run into a problem because adduser tries to create temporary files in /etc. If I remember correctly, the files it tries to create are /etc/passwd.XX. I was able to get pw to work to add the user accounts, but now I am trying to set the password for new account, and have hit the temp file snag. Is this something which can be reconfigured in pw.conf? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Moving user/group databases
At 03:52 PM 9/7/2007, [EMAIL PROTECTED] wrote: All of my FreeBSD servers boot from CD, and we are going to be having several temporary employees coming and going over the next 6-12 months. Is it possible to move the user/group databases from their location in /etc (which is read only on my CDs) to another location? I have read the man page concerning pw and still do not understand what I should be doing. Any suggestions, or direction to a how-to would be greatly appreciated. Thanks, Jay The simplest way would be to put a symbolic link from /etc to a writable location. You will need to re-make your boot CD to have this change. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. I have recreated the CD with the sym links, and I still run into a problem because adduser tries to create temporary files in /etc. If I remember correctly, the files it tries to create are /etc/passwd.XX. I was able to get pw to work to add the user accounts, but now I am trying to set the password for new account, and have hit the temp file snag. Is this something which can be reconfigured in pw.conf? Thanks, Jay OK. After some more digging, this is what I have found that I think will work. pw -V ///etc other information for user. vipw -d ///etc and make the necessary password changes, etc. The only hangup I have now is how to generate the encrypted password. Any suggestions would be greatly appreciated. The passwords in my passwd file start with $1$ which, if I remember correctly, is DES encryption. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Moving user/group databases
On Sep 7, 2007, at 2:51 PM, [EMAIL PROTECTED] wrote: At 03:52 PM 9/7/2007, [EMAIL PROTECTED] wrote: All of my FreeBSD servers boot from CD, and we are going to be having several temporary employees coming and going over the next 6-12 months. Is it possible to move the user/group databases from their location in /etc (which is read only on my CDs) to another location? I have read the man page concerning pw and still do not understand what I should be doing. Any suggestions, or direction to a how-to would be greatly appreciated. Thanks, Jay The simplest way would be to put a symbolic link from /etc to a writable location. You will need to re-make your boot CD to have this change. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. I have recreated the CD with the sym links, and I still run into a problem because adduser tries to create temporary files in /etc. If I remember correctly, the files it tries to create are /etc/passwd.XX. I was able to get pw to work to add the user accounts, but now I am trying to set the password for new account, and have hit the temp file snag. Is this something which can be reconfigured in pw.conf? Thanks, Jay It sounds like you made a link for /etc/master_passwd. I'm pretty sure what DR meant was a symlink for the entire /etc directory: /etc - /somewhere_writable/etc/ You need this because adduser also has to rewrite /etc/passwd and / etc/group when you add/delete users. This means copying your entire / etc hierarchy somewhere writable; naturally I don't know if this is acceptable in your organization. OK. I have been able to get this to work the way I wanted to. This is what I have done. Create symbloic links in /etc to a rw directory for passwd, master.passwd, group, pw.db, spwd.db. This directory is not located on the CD. Use pw to add users, change passwords, etc. To add a user. pw -V /location/of/directory adduser -n username -h 0 Using the -h 0, you are prompted to enter the password for the user. To modify a user. pw -V /location/of/directory usermod -h 0 Changes the password for the user. Thanks to everyone for their help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Incoming SSL Proxy
We have a corporate server which allows incoming connections on port 443 for checking e-mail. There is a possibility that soon, part of the data center will be moved to a new location. Unfortunately, due to corporate politics and the way the corporate network is setup, it is not possible to change the configuration of this server. I am running ipnat, so is it possible to simply use rdr to redirect the incoming connections to a different server? Or, is there something else I should be looking at? NAT incoming connections? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Tape Capacity Used?
I am trying to calculate how much of the space on my tape has been used. This is what I have done, and I want to make sure I barking up the right tree before going too far. Move the tape to the end of the data. (mt eod). Find the logical block location of the drive (mt rdspos). /dev/nsa0: logical block location 2242573 If I multiply the result (2242573) by my blocksize, does this give me the total amount of the tape that has been used? And, if there is an easier way to do this, please let me know. Thanks in advance for your assistance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
mkisofs and file size
I am in the process of creating a bootable CD for the offices I maintain to hopefully make upgrades easier in the future. At this point in time /dev/ad0s1a (where the root partition is located) has 13% of 512 MB. When I create the ISO image, it is twice the size it was under FBSD 6.1. Comparing the file sizes between the files on FBSD 6.1 and 6.2, they appear to be the same. I looked at sizes at the root directory, but did not go any further. Has anyone else encountered this type of issue? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD 6.2 Boot Issue
I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.2 Boot Issue
Both of those checked OK. Is it possible I have specified the C/H/S incorrectly during setup? Thanks, Jay At 10:49 AM 4/26/2007, [EMAIL PROTECTED] wrote: I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Check your BIOS that you are ALLOWING the boot sector to be written. If that is OK, try disabling hyperthreading if that is turned on in your BIOS. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.2 Boot Issue
At 12:52 PM 4/26/2007, [EMAIL PROTECTED] wrote: Both of those checked OK. Is it possible I have specified the C/H/S incorrectly during setup? Thanks, What is your type and model hard drive? Did you specify the geometry when you ran sysinstall? How did you partition and slice the hard drive? -Derek Derek, In the server I currently have three 376595-001 drives (146 GB serial SCSI) and three 432146-001 drives (300 GB serial SCSI). These drives are configured as a single drive in a RAID 5 configuration. I did not specify any geometry during the installation. I have the hard drive configured as a single partition with the appropriate lables (/, /var, /usr, /tmp and a swap area). Thanks for your help. Jay Jay At 10:49 AM 4/26/2007, [EMAIL PROTECTED] wrote: I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Check your BIOS that you are ALLOWING the boot sector to be written. If that is OK, try disabling hyperthreading if that is turned on in your BIOS. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.2 Boot Issue
At 01:16 PM 4/26/2007, [EMAIL PROTECTED] wrote: At 12:52 PM 4/26/2007, [EMAIL PROTECTED] wrote: Both of those checked OK. Is it possible I have specified the C/H/S incorrectly during setup? Thanks, What is your type and model hard drive? Did you specify the geometry when you ran sysinstall? How did you partition and slice the hard drive? -Derek Derek, In the server I currently have three 376595-001 drives (146 GB serial SCSI) and three 432146-001 drives (300 GB serial SCSI). These drives are configured as a single drive in a RAID 5 configuration. I did not specify any geometry during the installation. I have the hard drive configured as a single partition with the appropriate lables (/, /var, /usr, /tmp and a swap area). Thanks for your help. Sounds like your system is not booting, but you're not getting any error message. Check the boot order in your BIOS, and turn on diagnostic boot messages if they are not turned on. Does they system boot from a CD ok? -Derek Yes, the system boots from CD just fine. And, it is able to run newfs during the install without any problems. The total size of the drive is 683.5 GB. The boot order in the BIOS is CD and then E200i controller. Thanks, Jay Jay Jay At 10:49 AM 4/26/2007, [EMAIL PROTECTED] wrote: I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Check your BIOS that you are ALLOWING the boot sector to be written. If that is OK, try disabling hyperthreading if that is turned on in your BIOS. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.2 Boot Issue
I have been able to make the system boot. I had to change one of the Array options to Max Boot enabled 8gb. I found this in an older post concerning a different controller, but it worked. Specifically, my server is an ML350 with the E200i controller. Thanks to everyone for your help. Jay At 01:31 PM 4/26/2007, [EMAIL PROTECTED] wrote: At 01:16 PM 4/26/2007, [EMAIL PROTECTED] wrote: At 12:52 PM 4/26/2007, [EMAIL PROTECTED] wrote: Both of those checked OK. Is it possible I have specified the C/H/S incorrectly during setup? Thanks, What is your type and model hard drive? Did you specify the geometry when you ran sysinstall? How did you partition and slice the hard drive? -Derek Derek, In the server I currently have three 376595-001 drives (146 GB serial SCSI) and three 432146-001 drives (300 GB serial SCSI). These drives are configured as a single drive in a RAID 5 configuration. I did not specify any geometry during the installation. I have the hard drive configured as a single partition with the appropriate lables (/, /var, /usr, /tmp and a swap area). Thanks for your help. Sounds like your system is not booting, but you're not getting any error message. Check the boot order in your BIOS, and turn on diagnostic boot messages if they are not turned on. Does they system boot from a CD ok? -Derek Yes, the system boots from CD just fine. And, it is able to run newfs during the install without any problems. The total size of the drive is 683.5 GB. The boot order in the BIOS is CD and then E200i controller. Thanks, Jay Can you boot the CD, mount the root filesystem and check that everything is there (/boot /kernel, etc.) -Derek Jay Jay At 10:49 AM 4/26/2007, [EMAIL PROTECTED] wrote: I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Check your BIOS that you are ALLOWING the boot sector to be written. If that is OK, try disabling hyperthreading if that is turned on in your BIOS. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 6.2 Boot Issue
On Thu, Apr 26, 2007 at 06:31:05PM -, [EMAIL PROTECTED] wrote: At 01:16 PM 4/26/2007, [EMAIL PROTECTED] wrote: At 12:52 PM 4/26/2007, [EMAIL PROTECTED] wrote: Both of those checked OK. Is it possible I have specified the C/H/S incorrectly during setup? Thanks, What is your type and model hard drive? Did you specify the geometry when you ran sysinstall? How did you partition and slice the hard drive? -Derek Derek, In the server I currently have three 376595-001 drives (146 GB serial SCSI) and three 432146-001 drives (300 GB serial SCSI). These drives are configured as a single drive in a RAID 5 configuration. I did not specify any geometry during the installation. I have the hard drive configured as a single partition with the appropriate lables (/, /var, /usr, /tmp and a swap area). Thanks for your help. Sounds like your system is not booting, but you're not getting any error message. Check the boot order in your BIOS, and turn on diagnostic boot messages if they are not turned on. Does they system boot from a CD ok? -Derek Yes, the system boots from CD just fine. And, it is able to run newfs during the install without any problems. The total size of the drive is 683.5 GB. The boot order in the BIOS is CD and then E200i controller. One question you didn't quite answer. Someone asked 'how did you partition the device. I think the intent was to ask what process did you use - for example sysinstall or manual fdisk/bsdabel/newfs? Did you first create a single slice on the drive and then divide that slice in to partitions? In either case, you must tell either sysinstall or fdisk bsdlabel to make the drive and slice bootable, to write either a generic boot record or the FreeBSD MBR in fdisk or the fdisk portion of sysinstall and then select make the slice bootable in bsdlabel or the bsdlabel part of sysinstall. If you don't, it won't find a bootable device there. If you have done those things, then, back to the drawing board. jerry I used sysinstall to partition the device. And, I selected boot mgr for the boot manager. When the system booted, it would boot to the point to where I had to press F1 to boot FreeBSD. When F1 was pressed, or the timeout was waited for, the system would just beep, the drive lights would flash, and nothing else would happen. Sorry for the confusion. Jay Thanks, Jay Jay Jay At 10:49 AM 4/26/2007, [EMAIL PROTECTED] wrote: I have installed FreeBSD 6.2 on an HP Proliant G5 server with an E200i Smart Controller installed. The installation was flawless. When I reboot the server after the installation, the boot loader screen is displayed. I press F1 and the system beeps and comes back to the boot loader prompt. What should I be looking at? I am at a loss since I usually end up with leftover hardware and this time I acutally got to purchase new hardware just for this project. Any suggestions would be greatly appreciated. Thanks for your help. Check your BIOS that you are ALLOWING the boot sector to be written. If that is OK, try disabling hyperthreading if that is turned on in your BIOS. -Derek -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Proliant G5 and E200i controller
I have purchased a new Proliant G5 server with the E200i RAID controller. FreeBSD is not recognizing the the drives. The ciss module for the controller is not loaded. Do I need to do something special to make FreeBSD recognize the controller? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
ISO Image Size Increasing
I have run into a rather weird problem, that I am not sure how to correct. I have created a bootable CD for my FreeBSD systems which is approximately 234 MB in size. While deploying the image, I found an error I would like to correct. All I am doing is adding a symlink to a folder in the /home directory. Please let me know if you see anything flawed in my procedure which may be causing this problem. 1. Create a directory to work in /home/CDImage. 2. Copy the existing image to the /home/CDImage directory. tar -cpf - /cdrom | tar -xpf - 3. Add the necessary symlink. 4. Create the ISO image. /usr/local/bin/mkisofs -allow-leading-dots -l -R -T -iso-level 4 -b boot/cdboot -no-emul-boot -o fwcd.iso CDImage The image copied from the CD is approximately 234 MB in size, and the image created by mkisofs is 664 MB. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Ultrium 448 Tape Drive
From what I have read, I think the Ultrium tape drive is completely compatible with FreeBSD. If I am understanding the specs correctly, it uses hardware compression to compress data. And, again if I am understanding everything correctly, I should be able to use the mt command to tell the tape drive to use hardware compression. This is the first server I have used FreeBSD on with a tape drive and want to make sure everything goes as smooth as possible. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Secure Telnet
I am working with oone of my vendors and they are asking for a secure telnet program on my FreeBSD box. Can anyone recommend a port for the secure telnet program, or a source where I can obtain one? I was able to make rlogin work (from my laptop), but I was not able to use rlogion from the FreeBSD box since I need to connect to a non-standard port (2002). As an alternative, is it possible to make the rlogin client connect to a non-standard port? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Secure Telnet
[EMAIL PROTECTED] wrote: I am working with one of my vendors and they are asking for a secure telnet program on my FreeBSD box. [EMAIL PROTECTED] wrote: What's wrong with ssh? Indeed. Perhaps you can tell us what client the vendor is using; it seems likely that most programs that do secure telnet will also talk to sshd. If they're using Windows (most likely) and don't have a particular must use client, PuTTY is fine, and does SSH and telnet pretty well. Can anyone recommend a port for the secure telnet program, or a source where I can obtain one? Interestingly enough, if you take a look at the Makefile in src/libexec/telnetd/ it seems to indicate that FreeBSD's telnetd is compiled with SSL support; you might attempt telnet from within the BSD box and see if it works, as telnet(1) seems to indicate that data is encrypted by default. Grab packets and see if you can read things like passphrases ;-) [1] I was able to make rlogin work (from my laptop), but I was not able to use rlogion from the FreeBSD box since I need to connect to a non-standard port (2002). Interesting choice of numbers; ssh is port 22. Are you sure they're not open to using ssh? As an alternative, is it possible to make the rlogin client connect to a non-standard port? I wouldn't think of rlogin as an alternative, and, no, the manpage doesn't seem to indicate this. Also, unless this system isn't publicly available (and the need for secure telnet from a vendor seems to indicate that this isn't the case), you shouldn't allow rlogin; once again, ssh can do anything rlogin/rsh can, and do it with encryption. Kevin Kinsey DaleCo, S.P. (Jasper, MO!!! Hi!) [1] Keep in mind that there **must** be a reason why SSH is preferred over telnet, even if telnet supports SSL/Kerberos/TLS/Whatever, and encourage the use of ssh from your vendor if possible. -- Progress is impossible without change, and those who cannot change their minds cannot change anything. -- George Bernard Shaw Thanks. I'll see if there is the preferred method, and ssh is an alternative. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Checking processes without PIDs
I have written a script to determine if processes are running. I am using, as an example, ps -ax | grep -c postgrey Ocassionally, I am receiving a notification a process is not running (and it varies which process I receive notifications for). And, when checking, the process actually is running. Is there a better way to determine if a process is running than using ps and grep? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Checking processes without PIDs
In the last episode (Nov 27), [EMAIL PROTECTED] said: I have written a script to determine if processes are running. I am using, as an example, ps -ax | grep -c postgrey Ocassionally, I am receiving a notification a process is not running (and it varies which process I receive notifications for). And, when checking, the process actually is running. Is there a better way to determine if a process is running than using ps and grep? Reading the program's pidfile and checking to see if that pid still exists is the best way. That only works if your program generates a pidfile, though. Most of the time they're in /var/run or a subdirectory. If it doesn't generate a pidfile, you can try the pgrep command, which is better than a ps|grep combo because it won't ever accidentally match itself. Yes, that works much better for most of the processes I am testing against! Two are still giving me problems since their command line has (perl) listed at the end. Any suggestions on how to better deal with these two? They display as follows 422 ?? Ss 8:04.49 /home/postgrey/postgrey --inet=10023 --greylist-text=Greylisted, see http://www.mnea.org/greylisted.html -d (perl) Thanks, Jay -- Dan Nelson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Checking remote processes
Is there a way to test a remote server to determine if certain processes are running? For example, can server 1 check server 2, which is at a remote location, to ensure squid is running? I have not been able to figure out how to do this, or if it is even possible. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Checking remote processes
In the last episode (Oct 02), [EMAIL PROTECTED] said: Is there a way to test a remote server to determine if certain processes are running? For example, can server 1 check server 2, which is at a remote location, to ensure squid is running? I have not been able to figure out how to do this, or if it is even possible. Easiest way would be to try connecting to squid's listening port. This only works with daemons that listen on internet sockets, but quite a few do. -- Dan Nelson [EMAIL PROTECTED] I hadn't thought of that. I'll give it a try. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Streaming video real time
I have a need to stream video from my server room to wherever I am via the web. Basically, I need to be able to see the temperature sensor in the room when an alarm is indicated, and I need to be able to see what mode the A/C is in. I have found some articles regarding streaming video, but nothing which seemed to relate to streaming video realtime. I have a USB web cam, and Apache installed. And, I am running FBSD 5.3 on the server. Any suggestions as to what I should look at would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FBSD 6.0 and ppp
Hello jhall! Sun, Jun 11, 2006 at 07:03:35PM - you wrote: OK. I added the -unit to ppplogin with no luck. ppplogin now contains #!/bin/sh /usr/sbin/ppp -direct -untit1 incoming ^ a typo? And I don't have the ``incoming'' (the name of the system?) in my config... -- DoubleF No virus detected in this message. Ehrm, wait a minute... /kernel: pid 56921 (antivirus), uid 32000: exited on signal 9 Oh yes, no virus:) Still no luck. I am still not seeing tun1 opened when an incoming call is answered. Would it be possible for you to post a copy of your ppp.conf, /etc/gettytab and ppplogin? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FBSD 6.0 and ppp
Hello jhall! Sun, Jun 11, 2006 at 03:34:14AM - you wrote: Hello jhall! Fri, Jun 09, 2006 at 06:07:26PM - you wrote: incoming: set device /dev/cuad0 set ifaddr 10.0.0.1 10.0.0.0/24 ^ Experience shows that the slightly-braindead Windows client needs a ``trigger address'' to negotiate successfully. Here's what I use (my net is 192.168.0.x and I insist on him to be 192.168.0.3, but first I show 0.0.0.0): set ifaddr 192.168.0.1 192.168.0.3 255.255.255.255 0.0.0.0 ^^^ /etc/ppp/ppp.secret TABpasswordTAB10.0.0.95 ^ The man page doesn't say you really have to supply an address. Try omitting it to see what happens... When the connection is initially dialed, I see tun1 opened (tun0 is a DSL connection) and the PID displayed. However, the Windows system hangs with Verifying Password and will eventually report error 721. If all else fails, the output of ppp with `set log Phase Physical Debug IPCP LCP' could be somewhat helpful in debugging. Firewall rules are in place and allow all traffic from tun1. Doesn't matter, as the IP layer isn't started yet. HTH, OK. If I implement the dial-in strategy on a system which does not have any tun devices in use, it works fine. When I try to implement it on a system which already has a tun device in use (e.g. for DSL), the dial in connection fails. I run my dial-in on the device which happens to be tun1. I use mgetty and use the following command in my configuration: /usr/sbin/ppp -unit 1 -direct I missed what you have in your /usr/local/bin/ppplogin, but I think it should look similar. -- DoubleF OK. I added the -unit to ppplogin with no luck. ppplogin now contains #!/bin/sh /usr/sbin/ppp -direct -untit1 incoming When I dial in, I am not seeing the connection even logged in /var/log/ppp.log. It looks like ppp is not opening the connection. I copied the files to another FBSD server, which does not have an active ppp connection and I am able to dial in fine. As soon as I bring up the PPP connection for the DSL, I am not able to dial in. Any ideas what I have missed? Should I be looking at multi-link ppp? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FBSD 6.0 and ppp
I am trying to setup a remote FreeBSD server to allow me to dial in and check the network in case the WAN link goes does. I accomplished this with 5.3, and cannot figure out what I am doing wrong on FBSD 6.0. I am dialing using WIndows XP to establish a PPP connection I am using the second method outlined in man ppp. I added the following line to /etc/gettytab. :pp=/usr/local/bin/ppplogin:\ /etc/ttys was changed to ttyd0 /usr/libexec/getty std.38400 dialup on secure /usr/local/bin/ppplogin was created and permissions are 775. The following was added to /etc/ppp/ppp.conf incoming: set device /dev/cuad0 set ifaddr 10.0.0.1 10.0.0.0/24 enable pap enable chap allow users /etc/ppp/ppp.secret TABpasswordTAB10.0.0.95 When the connection is initially dialed, I see tun1 opened (tun0 is a DSL connection) and the PID displayed. However, the Windows system hangs with Verifying Password and will eventually report error 721. Firewall rules are in place and allow all traffic from tun1. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: FBSD 6.0 and ppp
The modem is answering the call. However, it looks like the ppplogin script is not being called. No information for tun1 is showing up in the log file. Permissions on ppplogin are 650 and the owners are root:network. If I run ppplogin from the command line, tun1 information shows up in the log file, but other wise it doesn't. Have I done something wrong in /etc/gettytab? Jay You have to use modem AT commands to tell FreeBSD modem to answer in coming calls. I complete detailed write up on 'user ppp' for answering incoming calls can be found in the install guide at www.a1poweruser.com. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of [EMAIL PROTECTED] Sent: Friday, June 09, 2006 2:07 PM To: freebsd-questions@freebsd.org Subject: FBSD 6.0 and ppp I am trying to setup a remote FreeBSD server to allow me to dial in and check the network in case the WAN link goes does. I accomplished this with 5.3, and cannot figure out what I am doing wrong on FBSD 6.0. I am dialing using WIndows XP to establish a PPP connection I am using the second method outlined in man ppp. I added the following line to /etc/gettytab. :pp=/usr/local/bin/ppplogin:\ /etc/ttys was changed to ttyd0 /usr/libexec/getty std.38400 dialup on secure /usr/local/bin/ppplogin was created and permissions are 775. The following was added to /etc/ppp/ppp.conf incoming: set device /dev/cuad0 set ifaddr 10.0.0.1 10.0.0.0/24 enable pap enable chap allow users /etc/ppp/ppp.secret TABpasswordTAB10.0.0.95 When the connection is initially dialed, I see tun1 opened (tun0 is a DSL connection) and the PID displayed. However, the Windows system hangs with Verifying Password and will eventually report error 721. Firewall rules are in place and allow all traffic from tun1. Any suggestions would be greatly appreciated. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
newsyslog.conf question
I have developed a boot image for a CD to be used on servers througout the organization I work for. Everything is working great, except for one small problem. When I boot from the CD I created, I receive a message stating newsyslog: malformed 'at' value. /var/log/wtmp 640 5 * @01T05 B If I change the time specification to $M1D05 and start newsyslog, no error messages are generated. And, if I boot from the server's hard drive (from which the image was created), newsyslog does not generate any error messages. I have created a symlink from /etc to /usr/local/etc in case I should ever need to modify the file. I am running FreeBSD 6.0. Any insight into why this is happening would be greatly appreciated. Thanks in advance for your assistance. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
UFS and USB Chasis
In the near future, I will be doing FreeBSD server upgrades. I am looking for a utility with will allow me to read a FreeBSD drive, in a USB chasis connected to my Windows PC. I have found some utilities which will allow me to accomplish this on a desktop computer, using IDE interfaces, but nothing I have been able to make work when using a USB chasis. Thanks in advance for your help. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
BIND zone transfers
I have been running BIND for several years in the Regional Offices I maintain and the problem in one office has me confused and I'm not sure where to look. Under FreeBSD 4.8 BIND was making zone transfers normally. In my network, Windows 2000 is the master and bind is the salve. Recently, the server was upgraded to FreeBSD 6.0, and suddenly BIND stopped making zone transfers, except for the first zone, which is transferred just as it should be. Zone transfers are taking place from a W2K server. I am seeing this problem with BIND 9.3.2 and BIND 9.3.1 I am using the same configuration file in two other offices without any problems and the offices are configured identically (hardware, software, etc.). Traceroutes to, and from, the Windows 2000 Server show the proper routes being taken both directions and response times from the servers range between 36ms and 40ms. Event Viewer on the Windows 2000 server shows Event 6002 and the text indicates the remote computer aborted the transfer and the transfer should be restarted at the secondary. When restarting the transfer the same results are achieved. The Windows 2000 Server's DNS is configured to allow BIND secondaries. The FreeBSD server has two interfaces which are controlled by mpd (DSL and VPN). When running named -g, I see the transfers start (zone .XXX/IN: Transfer started), but receive a message later, 30-45 minutes, stating the transfer timed out. The zones I am transferring contain less than 100 entries each. Any suggestions as to how to proceed would be greatly appreciated. Thanks in advance for your assistance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: BIND zone transfers
On Wed, Feb 08, 2006 at 12:45:02PM -, [EMAIL PROTECTED] wrote: Under FreeBSD 4.8 BIND was making zone transfers normally. In my network, Windows 2000 is the master and bind is the salve. Recently, the server was upgraded to FreeBSD 6.0, and suddenly BIND stopped making zone transfers, except for the first zone, which is transferred just as it should be. Zone transfers are taking place from a W2K server. I am seeing this problem with BIND 9.3.2 and BIND 9.3.1 Saw this in the BIND FAQ, maybe it applies to your situation: QUOTE Q: Zone transfers from my BIND 9 master to my Windows 2000 slave fail. Why? A: This may be caused by a bug in the Windows 2000 DNS server where DNS messages larger than 16K are not handled properly. This can be worked around by setting the option transfer-format one-answer;. Also check whether your zone contains domain names with embedded spaces or other special characters, like John\032Doe\213s\032Computer, since such names have been known to cause Windows 2000 slaves to incorrectly reject the zone. /QUOTE -- - Tim Utschig [EMAIL PROTECTED] I did not properly explain the situation. The Windows 2000 server is functioning as a secondary server for the parent organization's DNS, and I am using BIND to download the zones to the local offices, from the W2K server, to help reduce network traffic. Sorry this was not clear the first time. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD and mpd
Recently, I upgraded from FreeBSD 4.8 to FreeBSD 6.0. And, I upgraded mpd from version 3.17 to 3.18. After the upgrade, several sites began experiencing problems maintaining their connections (especially under high traffic loads). When I put the 4.8 server back in place, everything began working normally again. This is really perplexing to me since I use FreeBSD 6 and mpd in several locations without any problems. The server is a Celeron processor with 128 MB of RAM, and two em interfaces. I have also added ipf support to the kernel. I am not seeing any errors in the logs concerning either interface. And, I am not seeing any error messages in the MPD log. Does anyone know of any problems with mpd 3.18 on FreeBSD? Or, can someone suggest a good testing strategy to determine where the problem lies? Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Serial Port Logging
Ladies and Gentlemen, The organization I work for has a need to log information from the phone system. The phone system has a serial port output. Since I already have a FreeBSD server in place at this location, I was wondering if it is possible to send the information from the phone system, to the FreeBSD server, have the information saved via the serial port? I'm thinking something like cu -l /dev/cuua0 outputfile.txt Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Hard Drive Problems
The actual enclosure is made by Western Digital. If I run usbdevs I receive the following output. addr 1: UHCI root hub, Intel addr 1: UHCI root hub, Intel addr 1: EHCI root hub, Intel addr 2: External HDD, Western Digital I'm guessing the device would be /dev/da0s1. Thanks for your help. Jay What type of enclosure are you using, is the actual enclosure made by Western Digital? We use a 'generic' enclosure with a 250GB ATA Western Digital drive in it - and aside from not having USB 2.0 host/speed... it works quite well. Mounts as /dev/da1s1d. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ [EMAIL PROTECTED] wrote: Recently, I purchased several Western Digital External Hard Drives to be used for backup purposes. The test unit I purchased worked out of the box, but I am having problems getting the newer ones to work. When they are plugged in to a FreeBSD 5.3 or 5.4 server, I receive the following messages: Nov 8 01:31:12 test kernel: umass0: Western Digital External HDD, rev 2.00/6.02 Nov 8 01:31:12 test kernel: uhid0: Western Digital External HDD, rev 2.00/6.02, addr2, iclass 8/6 This is where my confusion lies. From what I can see the hard drive is detected properly as a umass device, but is also detected as a human input device. And, the da device, which I think I will use to access the device is not created. If I plug my memory stick into the USB port, the memory stick is detected and I am able to access the device through da0. Any suggestions would be greatly appreciated. Thanks in advance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Hard Drive Problems
What I have found is that if I boot with the USB HDD attached to the system, the system will hang when starting to mount the file systems. However, if I connect the drive after the system is booted, everything is fine. da0 appears, etc. What should I be looking at to make the system boot with the external hard drive attached? Thanks, Jay What type of enclosure are you using, is the actual enclosure made by Western Digital? We use a 'generic' enclosure with a 250GB ATA Western Digital drive in it - and aside from not having USB 2.0 host/speed... it works quite well. Mounts as /dev/da1s1d. -- Nathan Vidican [EMAIL PROTECTED] Windsor Match Plate Tool Ltd. http://www.wmptl.com/ [EMAIL PROTECTED] wrote: Recently, I purchased several Western Digital External Hard Drives to be used for backup purposes. The test unit I purchased worked out of the box, but I am having problems getting the newer ones to work. When they are plugged in to a FreeBSD 5.3 or 5.4 server, I receive the following messages: Nov 8 01:31:12 test kernel: umass0: Western Digital External HDD, rev 2.00/6.02 Nov 8 01:31:12 test kernel: uhid0: Western Digital External HDD, rev 2.00/6.02, addr2, iclass 8/6 This is where my confusion lies. From what I can see the hard drive is detected properly as a umass device, but is also detected as a human input device. And, the da device, which I think I will use to access the device is not created. If I plug my memory stick into the USB port, the memory stick is detected and I am able to access the device through da0. Any suggestions would be greatly appreciated. Thanks in advance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: USB Hard Drive Problems
On 11/8/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The actual enclosure is made by Western Digital. If I run usbdevs I receive the following output. addr 1: UHCI root hub, Intel addr 1: UHCI root hub, Intel addr 1: EHCI root hub, Intel addr 2: External HDD, Western Digital I'm guessing the device would be /dev/da0s1. Most likely. The EHCI device claims to be buggy in 5.3 and 5.4. You might try disabling it to see if the drive is correctly classified when it is handled by the UHCI device. Actually, I don't even know if those are the drivers that do the device classification, but in the absence of that information, it seems worth a try. - Bob Removing the EHCI device does not have any affect. Thanks, Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
USB Hard Drive Problems
Recently, I purchased several Western Digital External Hard Drives to be used for backup purposes. The test unit I purchased worked out of the box, but I am having problems getting the newer ones to work. When they are plugged in to a FreeBSD 5.3 or 5.4 server, I receive the following messages: Nov 8 01:31:12 test kernel: umass0: Western Digital External HDD, rev 2.00/6.02 Nov 8 01:31:12 test kernel: uhid0: Western Digital External HDD, rev 2.00/6.02, addr2, iclass 8/6 This is where my confusion lies. From what I can see the hard drive is detected properly as a umass device, but is also detected as a human input device. And, the da device, which I think I will use to access the device is not created. If I plug my memory stick into the USB port, the memory stick is detected and I am able to access the device through da0. Any suggestions would be greatly appreciated. Thanks in advance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Bootable CD with Custom Kernel
Is it possible to create a bootable CD with a custom kernel for FreeBSD? I maintain several servers in remote locations and rather than drive whenever there is an update, I would prefer to just simply send the offices a bootable CD with the new software. So, all they would have to do is restart the server with the new CD and the software/operating system/whatever is updated. On the CD I can see having the kernel, /sbin and /bin directories, with the remainder of the directories (i.e. /var, /etc, etc.) remaining on the hard drive. I'd appreciate any direction anyone can give me regarding this. Thanks in advance for your assistance. Jay ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
pptp client, cap and DES
I am trying to connect a remote office to the corporate office using pptpclient. However, I am not able to connect, and I am seeing the following message in /var/log/ppp.log tun0: Warning: CHAP 0X81 not supported without DES. From what I have read, my understanding is that I am missing the DES encryption library, or ppp has not been complied with DES support. I am using FreeBSD 4.8-RELEASE and pptpclient-1.1.0. ppp has not been modified. How can I check to see if DES is installed, and what else should I be looking for? Thanks for your help. Jay ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
