Re: Same MAC address in 2 different VLANs

[Olivier Nicole]

 I think you maybe ok. Ive just looked at my esx config and the esx
 management interfaces use their own generated macs, not the physical
 interfaces ones. All the vms obviously use generated macs as well.

 However I only looked over it at a superficial level.

 Have you considered using a tap or spare phyical interface on your flex box
 and not linking it to the network?

Thank you, that was a brilliant idea: Flex only needs that one
interface, with the specific MAC, exists on the host, it does not
specifically try to use that interface for managing licenses, so a tap
hanging to nowhere is the solution.

Best regards,

Olivier



 On 19 July 2013 10:29, Olivier Nicole olivier.nic...@cs.ait.ac.th wrote:

 Hello,

 Could any one comment about the use of the same MAC address in 2
 separate VLANs?

 All my machines are connected to 2 VLANs (one public and one private)
 with no routing in between the VLANs.

 I used to run a FLEX license manager to a physical machine. When I
 virtualized that service, I had to use the MAC address of that physical
 machine for the virtual machine (FLEX is linked to the MAc address and I
 coul dnot issue new license as licensed the pproduct is not supported
 anymore). The virtual NIC that has the old MAC address is connected to
 the public VLAN.

 Now I want to reuse the physical machine as a VMware server. Dell nor
 VMware offer a solution to change the MAC address (like
 ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the
 NIC with the incriminated MAC to the private VLAN.

 Most (if not all) my servers are FreeBSD. Most will access the virtual
 machine running FLEX and may access the VMware server also. The servers
 are not VLAN aware.

 Will this be an issue?

 Best regars,

 Olivier

 --
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org

 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Same MAC address in 2 different VLANs

[Olivier Nicole]

Hello,

Could any one comment about the use of the same MAC address in 2
separate VLANs?

All my machines are connected to 2 VLANs (one public and one private)
with no routing in between the VLANs.

I used to run a FLEX license manager to a physical machine. When I
virtualized that service, I had to use the MAC address of that physical
machine for the virtual machine (FLEX is linked to the MAc address and I
coul dnot issue new license as licensed the pproduct is not supported
anymore). The virtual NIC that has the old MAC address is connected to
the public VLAN.

Now I want to reuse the physical machine as a VMware server. Dell nor
VMware offer a solution to change the MAC address (like 
ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the
NIC with the incriminated MAC to the private VLAN.

Most (if not all) my servers are FreeBSD. Most will access the virtual
machine running FLEX and may access the VMware server also. The servers
are not VLAN aware.

Will this be an issue?

Best regars,

Olivier

-- 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Same MAC address in 2 different VLANs

[krad]

I think you maybe ok. Ive just looked at my esx config and the esx
management interfaces use their own generated macs, not the physical
interfaces ones. All the vms obviously use generated macs as well.

However I only looked over it at a superficial level.

Have you considered using a tap or spare phyical interface on your flex box
and not linking it to the network?


On 19 July 2013 10:29, Olivier Nicole olivier.nic...@cs.ait.ac.th wrote:

 Hello,

 Could any one comment about the use of the same MAC address in 2
 separate VLANs?

 All my machines are connected to 2 VLANs (one public and one private)
 with no routing in between the VLANs.

 I used to run a FLEX license manager to a physical machine. When I
 virtualized that service, I had to use the MAC address of that physical
 machine for the virtual machine (FLEX is linked to the MAc address and I
 coul dnot issue new license as licensed the pproduct is not supported
 anymore). The virtual NIC that has the old MAC address is connected to
 the public VLAN.

 Now I want to reuse the physical machine as a VMware server. Dell nor
 VMware offer a solution to change the MAC address (like
 ifconfig em0 link xx:xx:xx:xx:xx:xx would do). So I plan to connect the
 NIC with the incriminated MAC to the private VLAN.

 Most (if not all) my servers are FreeBSD. Most will access the virtual
 machine running FLEX and may access the VMware server also. The servers
 are not VLAN aware.

 Will this be an issue?

 Best regars,

 Olivier

 --
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Same MAC address in 2 different VLANs

[joost]

 Hello,

 Could any one comment about the use of the same MAC address in 2
 separate VLANs?

[...]

 Will this be an issue?


You might run into problems if the two (virtual) systems are attached to a
different port on your switch. Some switches don't take the vlan into
account when learning on which port a mac address exists. These switches
will see the mac address jumping between ports all the time.



Joost.



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Paul Kraus]

On Jul 12, 2013, at 2:57 PM, kpn...@pobox.com wrote:

 I thought MacOS X's rsync did handle resource forks if you gave it the
 proper option. The resource fork is reported by rsync in the usual
 convention of having ._ prefixed to the filename.

My understanding was that the files named ._foo were plain files that 
included the metadata that makes up the resource fork. The ._ file is not 
really the resource fork, but a workaround for filesystems that do not support 
resource forks.

As such, they would be copied by rsync just fine.

Now as to the Mac OS X rsync understanding resource forks, that I cannot speak 
to, but it should be easy to test. Copy a directory from an HFS+ volume to a 
non-Mac OS X volume (NFS for example) using rsync and see if it creates the ._ 
files to go with the data.

--
Paul Kraus
Deputy Technical Director, LoneStarCon 3
Sound Coordinator, Schenectady Light Opera Company

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[David Brodbeck]

On Fri, Jul 12, 2013 at 11:25 AM, Chris Maness ch...@chrismaness.comwrote:

 Thank you for the detailed description of what resource forks are.  One
 more clue in this mystery is that appending .mov extension to it fixes the
 problem.


That makes some sense, since without the resource fork some MacOS software
would have trouble identifying the type of the file.  The extension
provides that information in another way.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Chris Maness]

On Tue, Jul 2, 2013 at 3:11 PM, Chris Maness ch...@chrismaness.com wrote:





 Since you are going to wait anyway, why don't you try peeking at some of
 the file checksums while this is running?

 MacOS X comes with a shasum utility which implements SHA-256 checksums,
 so you should be able to look at a few random samples of these files,
 e.g. by running on the source disk:

 shasum -a 256 source_directory/file/path/to/some/file.ext

 shasum -a 256 copied_directory/file/path/to/some/file.ext

 If these are the same, then the applications look elsewhere, e.g. in the
 'hidden' .DS_Store stuff some MacOS directories contain.

 But if the checksums are different, well, then there's your problem.



Checksums are the same.  All other files still work however the HUGE
rendered Final Cut Pro output, so I guess it is something in .DS_Store.
 Last time I just gave up and recopied everything by a simple cut and paste
and that solved the problem.  I made a small change on the project today,
and I don't want to have to copy the WHOLE thing again just for a small
delta.  I already synced the directories, but the new rendered files are
still un-openable in any application even though the checksums match.
 Really weird.  However, the project will still open and work on FCP.  Just
the 12Gb rendered movie files will not play on anything even FCP.  If I
delete .DS_Store will the system regenerate it with the appropriate file
associations?

I know this is a little off topic, but Mac OSX is based on BSD.  You guys
are also the smartest around :D

Thanks,
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Doug Hardie]

On 12 July 2013, at 10:49, Chris Maness ch...@chrismaness.com wrote:

 On Tue, Jul 2, 2013 at 3:11 PM, Chris Maness ch...@chrismaness.com wrote:
 
 
 
 
 
 Since you are going to wait anyway, why don't you try peeking at some of
 the file checksums while this is running?
 
 MacOS X comes with a shasum utility which implements SHA-256 checksums,
 so you should be able to look at a few random samples of these files,
 e.g. by running on the source disk:
 
shasum -a 256 source_directory/file/path/to/some/file.ext
 
shasum -a 256 copied_directory/file/path/to/some/file.ext
 
 If these are the same, then the applications look elsewhere, e.g. in the
 'hidden' .DS_Store stuff some MacOS directories contain.
 
 But if the checksums are different, well, then there's your problem.
 
 
 
 Checksums are the same.  All other files still work however the HUGE
 rendered Final Cut Pro output, so I guess it is something in .DS_Store.
 Last time I just gave up and recopied everything by a simple cut and paste
 and that solved the problem.  I made a small change on the project today,
 and I don't want to have to copy the WHOLE thing again just for a small
 delta.  I already synced the directories, but the new rendered files are
 still un-openable in any application even though the checksums match.
 Really weird.  However, the project will still open and work on FCP.  Just
 the 12Gb rendered movie files will not play on anything even FCP.  If I
 delete .DS_Store will the system regenerate it with the appropriate file
 associations?
 
 I know this is a little off topic, but Mac OSX is based on BSD.  You guys
 are also the smartest around :D

Rsync on the Mac only opens and copies the data forks.  It does not copy the 
resource forks.  There are still a few applications that use resource forks.  
Likewise the checksum apps work on the data forks only.

There is a utility that is a modified rsync that does handle resource forks.  I 
no longer remember what its name is.  Its been a number of years since I last 
used it.  I normally rsync from FreeBSD systems to Mac systems.  I use Minis as 
off-site backups.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Chris Maness]

On Fri, Jul 12, 2013 at 11:12 AM, Paul Kraus p...@kraus-haus.org wrote:

 Dropping the list …

 On Jul 12, 2013, at 1:49 PM, Chris Maness ch...@chrismaness.com wrote:

  Checksums are the same.  All other files still work however the HUGE
  rendered Final Cut Pro output, so I guess it is something in .DS_Store.
  Last time I just gave up and recopied everything by a simple cut and
 paste
  and that solved the problem.  I made a small change on the project today,
  and I don't want to have to copy the WHOLE thing again just for a small
  delta.  I already synced the directories, but the new rendered files are
  still un-openable in any application even though the checksums match.
  Really weird.  However, the project will still open and work on FCP.
  Just
  the 12Gb rendered movie files will not play on anything even FCP.  If I
  delete .DS_Store will the system regenerate it with the appropriate file
  associations?

 The .DS_Store files are created by the Finder when you view a directory.
 Are both source and destination on Mac HFS+ volumes ? If so, then you are
 probably missing the resource forks.

 Back in the very old days of Mac OS (way before 10.x), Mac OS files had
 two parts, the data part that contained the, well, data, and the resource
 fork that contained the meta-data that Mac OS used to associate a file with
 an application. HFS+ volumes on Mac OS X still include the resource forks,
 but foreign filesystems (NFS, UFS, FAT, etc.) do not. The work around
 that Apple came up with is to create .DS_Store and ._foo files to store
 this metadata on non HFS+ volumes.

 You could try using ditto instead of rsync. ditto is a BSD derived copy
 utility similar to rysnc, but I know that the Mac OS X version understands
 resource forks and copies them as necessary. ditto may not be able to just
 copy changed blocks within a file, so you may still have to recopy the
 entire file.

 But…. I am also a little puzzled because applications on Mac OS X do not
 NEED the resource fork to open a file, just to know which application to
 use (and what options to hand it) to open a given file. A complete video
 file, even without resource forks, should be able to be opened if you
 explicitly telly he application to File - Open …. With the checksums
 matching it is even odder. I expect that the large sizes (over 4 GB) are a
 contributing factor.

 Good luck and let me know what you find.

 --
 Paul Kraus
 Deputy Technical Director, LoneStarCon 3
 Sound Coordinator, Schenectady Light Opera Company


Thank you for the detailed description of what resource forks are.  One
more clue in this mystery is that appending .mov extension to it fixes the
problem.  I have never ran into this before, and I have even used rsync to
back up movie projects before.  It is not a big deal, but I always try to
take the time to understand why things behave the way they do.  I also
suspect it has something to do with file size since all of the smaller
files do not have this issue.

Thanks,
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

will freebsd run on a mac osx 10.8.4

[robert reed]

send reply to; rob777reed@gmail .com

 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: will freebsd run on a mac osx 10.8.4

[Jason Birch]

Maybe! Do you mean as a virtual machine, or *instead of* OS X?

If you mean as a virtual machine, almost certainly. If you mean instead of
OS X, please provide some details about the computer hardware itself. Even
When did you buy it? iMac, Mac Pro, MacBook? etc will help us answer
your question.

JB


On Thu, Jul 4, 2013 at 10:10 PM, robert reed rob777r...@gmail.com wrote:

 send reply to; rob777reed@gmail .com


 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: will freebsd run on a mac osx 10.8.4

[Thomas Mueller]

I assume you are running Mac OS X 10.8.4 on Intel CPU.

I assume it must be 64-bits, so you would want amd64 version of FreeBSD, though 
you could also run i386 version.

I don't know if you could install FreeBSD on same hard disk with Mac OS X, but 
you ought to be able to install FreeBSD on a separate disk.

Tom

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

OT: rsync on Mac OSX

[Chris Maness]

I have been using rsync with Mac OSX with no issues until today.  I
generally use it instead of the copy command because if the copy fails on
large files, I can pick up where I left off.  I have backed up entire Final
Cut Pro projects this way with no issues.  However, I recently synced a
drive to a folder in another drive, and the OS does not recognize the final
rendered files as quicktime files.  The files work fine in the parent
drive.  I have no idea what might be going on.  I used the flags: rsync
-vaur like I always do.  Any suggestions?

Thanks,
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Giorgos Keramidas]

On Tue, 2 Jul 2013 13:35:00 -0700, Chris Maness ch...@chrismaness.com wrote:
 I have been using rsync with Mac OSX with no issues until today.  I
 generally use it instead of the copy command because if the copy fails
 on large files, I can pick up where I left off.  I have backed up
 entire Final Cut Pro projects this way with no issues.  However, I
 recently synced a drive to a folder in another drive, and the OS does
 not recognize the final rendered files as quicktime files.  The files
 work fine in the parent drive.  I have no idea what might be going on.
 I used the flags: rsync -vaur like I always do.  Any suggestions?

This is a FreeBSD list, so any issues rsync may have with MacOS X are
not very relevant to what FreeBSD is doing or would do.  Having said
that though, can you try without the -u option?  Maybe modification
times are newer on the target drive and rsync skips everything.

You should probably also enable --stats and have a look at the final
report of rsync, to see if it actually sync'ed any files, or skipped all
of them because of mtime checks.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Chris Maness]

On Tue, Jul 2, 2013 at 2:30 PM, Giorgos Keramidas
keram...@ceid.upatras.grwrote:

 On Tue, 2 Jul 2013 13:35:00 -0700, Chris Maness ch...@chrismaness.com
 wrote:
  I have been using rsync with Mac OSX with no issues until today.  I
  generally use it instead of the copy command because if the copy fails
  on large files, I can pick up where I left off.  I have backed up
  entire Final Cut Pro projects this way with no issues.  However, I
  recently synced a drive to a folder in another drive, and the OS does
  not recognize the final rendered files as quicktime files.  The files
  work fine in the parent drive.  I have no idea what might be going on.
  I used the flags: rsync -vaur like I always do.  Any suggestions?

 This is a FreeBSD list, so any issues rsync may have with MacOS X are
 not very relevant to what FreeBSD is doing or would do.  Having said
 that though, can you try without the -u option?  Maybe modification
 times are newer on the target drive and rsync skips everything.

 You should probably also enable --stats and have a look at the final
 report of rsync, to see if it actually sync'ed any files, or skipped all
 of them because of mtime checks.


Yep, the files copied, and I used touch to force them to recopy.
 However, the files that were copied are not recognizable by their native
aps.  Just big junk files.  I have no clue what happened.  I am just
copying everything by a simple cut and paste this time.  However, this
directory is HUGE and I won't know until about 18 hours from now.

Thanks,
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Giorgos Keramidas]

On Tue, 2 Jul 2013 14:48:03 -0700, Chris Maness ch...@chrismaness.com wrote:
On Tue, Jul 2, 2013 at 2:30 PM, Giorgos Keramidas 
keram...@ceid.upatras.grwrote:
On Tue, 2 Jul 2013 13:35:00 -0700, Chris Maness ch...@chrismaness.com wrote:
 I have been using rsync with Mac OSX with no issues until today.  I
 generally use it instead of the copy command because if the copy fails
 on large files, I can pick up where I left off.  I have backed up
 entire Final Cut Pro projects this way with no issues.  However, I
 recently synced a drive to a folder in another drive, and the OS does
 not recognize the final rendered files as quicktime files.  The files
 work fine in the parent drive.  I have no idea what might be going on.
 I used the flags: rsync -vaur like I always do.  Any suggestions?

 This is a FreeBSD list, so any issues rsync may have with MacOS X are
 not very relevant to what FreeBSD is doing or would do.  Having said
 that though, can you try without the -u option?  Maybe modification
 times are newer on the target drive and rsync skips everything.

 You should probably also enable --stats and have a look at the final
 report of rsync, to see if it actually sync'ed any files, or skipped all
 of them because of mtime checks.

 Yep, the files copied, and I used touch to force them to recopy.
  However, the files that were copied are not recognizable by their native
 aps.  Just big junk files.  I have no clue what happened.  I am just
 copying everything by a simple cut and paste this time.  However, this
 directory is HUGE and I won't know until about 18 hours from now.

Since you are going to wait anyway, why don't you try peeking at some of
the file checksums while this is running?

MacOS X comes with a shasum utility which implements SHA-256 checksums,
so you should be able to look at a few random samples of these files,
e.g. by running on the source disk:

shasum -a 256 source_directory/file/path/to/some/file.ext

shasum -a 256 copied_directory/file/path/to/some/file.ext

If these are the same, then the applications look elsewhere, e.g. in the
'hidden' .DS_Store stuff some MacOS directories contain.

But if the checksums are different, well, then there's your problem.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: OT: rsync on Mac OSX

[Chris Maness]

 Since you are going to wait anyway, why don't you try peeking at some of
 the file checksums while this is running?

 MacOS X comes with a shasum utility which implements SHA-256 checksums,
 so you should be able to look at a few random samples of these files,
 e.g. by running on the source disk:

 shasum -a 256 source_directory/file/path/to/some/file.ext

 shasum -a 256 copied_directory/file/path/to/some/file.ext

 If these are the same, then the applications look elsewhere, e.g. in the
 'hidden' .DS_Store stuff some MacOS directories contain.

 But if the checksums are different, well, then there's your problem.


That could be the issue.  I did see some permission warnings with
.DS_Store.  However, to make space I had to dump all of it, so no files to
do a post mortem on.  I will have to check that out if things go awry this
time.

Thanks,
Chris Maness
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

MAC and Xorg on FBSD 9.1-p4 (re-sending)

[ASV]

Hi all,
as you can see from the footer I've already posted this on the list 
trustedbsd-disc...@freebsd.org
but because that one seems to be dead to me I apologise if I'm trying to get 
some hint here.

Briefly, I'm trying to run X on my FreeBSD 9.1 with the following MAC
modules enabled:
mac_biba
mac_mls
mac_seeotheruids
mac_partition

I'm still actually in the learning process of this very granular but
complex security system but I'm learning fast as I found it very
interesting.
Unfortunately when it comes to X it seems to be more complicated. I
cannot run it not even as root.
I get:
..
Unable to map MMIO aperture. Permission denied (13)
Memory map the MMIO region failed
..

until the timeout and back to prompt.

I get the same error with root which is the default login class and on
an ad-hoc restricted user.
As soon as I disable the modules everything works well.

I know this is a very brief description but it should be enough for now
to know if this is a known issue and/or the X system is known as NOT
WORKING/HAVING PROBLEMS with MAC.

And as MAC on FreeBSD is dark matter (googling is basically useless if
not for basic conf.) any hint would be highly appreciated.

Thanks a lot.

___
trustedbsd-disc...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss
To unsubscribe, send any mail to trustedbsd-discuss-unsubscr...@freebsd.org



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

MAC and Xorg on FBSD 9.1-p4

[ASV]

Hi all,
as you can see from the footer I've already posted this on the list 
trustedbsd-disc...@freebsd.org
but because that one seems to be dead to me I apologise if I'm trying to get 
some hint here.

Briefly, I'm trying to run X on my FreeBSD 9.1 with the following MAC
modules enabled:
mac_biba
mac_mls
mac_seeotheruids
mac_partition

I'm still actually in the learning process of this very granular but
complex security system but I'm learning fast as I found it very
interesting.
Unfortunately when it comes to X it seems to be more complicated. I
cannot run it not even as root.
I get:
..
Unable to map MMIO aperture. Permission denied (13)
Memory map the MMIO region failed
..

until the timeout and back to prompt.

I get the same error with root which is the default login class and on
an ad-hoc restricted user.
As soon as I disable the modules everything works well.

I know this is a very brief description but it should be enough for now
to know if this is a known issue and/or the X system is known as NOT
WORKING/HAVING PROBLEMS with MAC.

And as MAC on FreeBSD is dark matter (googling is basically useless if
not for basic conf.) any hint would be highly appreciated.

Thanks a lot.

___
trustedbsd-disc...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/trustedbsd-discuss
To unsubscribe, send any mail to trustedbsd-discuss-unsubscr...@freebsd.org


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

problems with MAC labels on files

[mohamed]

Hi,?

I'm trying to set up an Biba policy but I'm unable to label files

 
This is the command : # setfsmac cy but I'm unable to label files-ef ut
/etc/policy-biba.context /s???$?AC???

 

This is the error :  setfsmac:   /etc/policy-biba.context: need label 

 

# uname -a

FreeBSD localhost.localdomain 9.0-RELEASE FreeBSD 9.0-RELEASE 

# setfmac biba/high test
setfmac: labeling not supported in test
 
I've read all the documentation and man pages but I cannot find what 
else do I have to do to get it working. Could you please tell what can I do
?
 
thanks in advance 
Mohamed ALsheikh
 

 

 

 

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Unknown IP address shows FreeBSD server MAC in arp cache

[Kaya Saman]

Hi,

I'm experiencing a weird problem and I have no idea where to begin with
this one!


Basically what's happening is that I did a host scan from my NetBSD box
running Cacti in order to 'Auto Discover' machines on my network; a php
script on the Cacti server added an IP address xxx.xxx.1.52.

Seeing this as odd since I haven't configured any machine with this IP
as it's in the DHCP range on my network and there aren't any machines
running on DHCP on the particular VLAN either as everything is
statically configured; I proceeded to check the arp cache of my NetBSD
box which pointed to the MAC address of my FreeBSD server?

Having a look round my network and servers each ping attempt to
xxx.xxx.1.52 gives me a response and in the arp cache of each
machine/device shows the FreeBSD server.

Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall
and all settings in /etc/rc.conf for interfaces and Jails are fine and
consistent with my Network Spec. My network has also had a massive
overhaul since then as I've changed switches and router in the meantime
too

I have thought about arp poisoning but then again no other machine is
connected to my network that I don't know about and since it's a home
network there's really only me connected to it. Also I'm running OpenBSD
as a firewall/router gateway which I've also checked thoroughly
including Packet Filter and haven't found any issues.


I also thought about RARP and bootparamd since I'm running a bunch of
Sun SPARC systems in which I NetBooted but nothing on that front either
showed any result. I additionally have checked the /etc/hosts files of
all my systems and even my local DNS db files but nothing shows
xxx.xxx.1.52 at all.


The BSD version that I'm running on my FreeBSD server is 8.2 x64.


Would anyone be able to help me out with this one?


Basically why is a rogue or unknown IP address pointing to my FreeBSD
box's NIC?


Regards,


Kaya
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Fwd: Unknown IP address shows FreeBSD server MAC in arp cache

[Kaya Saman]

Well I managed to find the answer!!


Scanning through /etc/defaults/rc.conf I noticed this:

dhclient_program=/sbin/dhclient   # Path to dhcp client program.
dhclient_flags=   # Extra flags to pass to dhcp client.


Then I went back to check my DHCP server's log files and indeed a DHCP
request came through from the server even though the IP's are all
statically configured on it.

Now all I have to do is tell the system not to use the dhclient
program and then all will be sorted :-)


Few.


Regards,


Kaya

 Original Message 
Subject:Unknown IP address shows FreeBSD server MAC in arp cache
Date:   Thu, 25 Apr 2013 02:52:21 +0100
From:   Kaya Saman kayasa...@gmail.com
To: freebsd-questions@freebsd.org



Hi,

I'm experiencing a weird problem and I have no idea where to begin with
this one!


Basically what's happening is that I did a host scan from my NetBSD box
running Cacti in order to 'Auto Discover' machines on my network; a php
script on the Cacti server added an IP address xxx.xxx.1.52.

Seeing this as odd since I haven't configured any machine with this IP
as it's in the DHCP range on my network and there aren't any machines
running on DHCP on the particular VLAN either as everything is
statically configured; I proceeded to check the arp cache of my NetBSD
box which pointed to the MAC address of my FreeBSD server?

Having a look round my network and servers each ping attempt to
xxx.xxx.1.52 gives me a response and in the arp cache of each
machine/device shows the FreeBSD server.

Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall
and all settings in /etc/rc.conf for interfaces and Jails are fine and
consistent with my Network Spec. My network has also had a massive
overhaul since then as I've changed switches and router in the meantime
too

I have thought about arp poisoning but then again no other machine is
connected to my network that I don't know about and since it's a home
network there's really only me connected to it. Also I'm running OpenBSD
as a firewall/router gateway which I've also checked thoroughly
including Packet Filter and haven't found any issues.


I also thought about RARP and bootparamd since I'm running a bunch of
Sun SPARC systems in which I NetBooted but nothing on that front either
showed any result. I additionally have checked the /etc/hosts files of
all my systems and even my local DNS db files but nothing shows
xxx.xxx.1.52 at all.


The BSD version that I'm running on my FreeBSD server is 8.2 x64.


Would anyone be able to help me out with this one?


Basically why is a rogue or unknown IP address pointing to my FreeBSD
box's NIC?


Regards,


Kaya



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

ale0: could not disable Tx/Rx MAC(0x00000004)!

[Julien Cigar]

Hello,

I got the following problem today:

66nneewwnnffss  sseerrvveerr 
119922..116688..00..225544:://hhoommee//mmaaggee::  nnoto t 
rreespsopnonddiinngg


newnfs server 192.168.0.254:/home/mage: not responding
ale0: could not disable Tx/Rx MAC(0x0004)!
ale0: link state changed to DOWN
ale0: could not disable Tx/Rx MAC(0x0004)!
ale0: link state changed to UP
in6_purgeaddr: err=65, destination address delete failed
Nov 15 22:08:02 rivendell dhclient[1186]: short write: wanted 20 got 0 bytes
Nov 15 22:08:02 rivendell dhclient[1186]: exiting.

Only a hard reboot fixed the issue (the network was completely frozen)

This is with:

ale0@pci0:2:0:0:class=0x02 card=0x83041043 chip=0x10261969 
rev=0xb0 hdr=0x00

vendor = 'Atheros Communications'
device = 'AR8121/AR8113/AR8114 Gigabit or Fast Ethernet'
class  = network
subclass   = ethernet

on:

FreeBSD rivendell 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0: Thu Nov 1 
18:35:54 CET 2012 root@rivendell:/usr/obj/usr/src/sys/CUSTOM amd64


Any idea what could be the cause of this ?

Thank you,
Julien

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Mac Issue

[Chandra Shekhar]

Hi,


Tell me how create shadow file of Boot Volume(on which OS is running)  under 
MAC OS.



 Thanks  Regards
 CS

Disclaimer:

The information contained in this e-mail, including any attachments to it, is 
confidential and intended only for the person(s) to whom it is addressed. Any 
examination, distribution, disclosure, printing, or copying of this 
information, or reliance upon this information by any person other than the 
intended recipient(s) is strictly prohibited. If this e-mail has been 
misdirected and you are not the intended recipient, please notify the sender 
immediately and delete this e-mail from your system. The views and opinions 
contained in this transmission represent those of the author and do not 
necessarily reflect those of Stellar Information Systems. Stellar Information 
Systems may monitor incoming and outgoing e-mails. By replying to this message, 
you consent to this monitoring. This e-mail has been scanned by antivirus prior 
to transmission. However, recipients are advised to apply their own antivirus 
detection measures to this e-mail and any attachments upon receipt. Stellar Inf
 ormation Systems does not accept liability for any damage or losses arising as 
a result of receiving this e-mail.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: mac powerpc ibook g3 blank screen on start up

[Jeff Tipton]

On 08/12/2012 07:00, Andy Recker wrote:

thanks for the help but there is no CD icon there is no anything to click
on my computer is very unresponsive let e know if u have any other ideas?

On Thu, Aug 9, 2012 at 12:50 AM, Jamie Paul Griffinja...@kode5.net  wrote:


== Jeff Tipton wrote on Thu  9.Aug'12 at  8:36:12 +0300 ==


On 08/09/2012 06:22, Andy Recker wrote:

i installed the power PC version of free BSD and put it on my mac i

book g3

i was in the insulation process when i couldn't get it to work because

of a

few errors and i decided to turn it off and restart when i turned it

back

on it only booted to a blank white screen it has nothing on it and

nothing

is responsive i have tried to reboot the same CD i had the first thing

and

still just a blank screen what can i do to get BSD to work on my

computer?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 

freebsd-questions-unsubscr...@freebsd.org

When you are trying to reboot into the installation CD, are you sure
you have the right boot sequence selected (CD, not HDD)? I guess on
your mac it might mean restarting, holding down the option key,
choosing the CD icon and the arrow on the right side.

-Jeff

Yes, it's either the 'option' key or the 'C' key; can' recall which.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
freebsd-questions-unsubscr...@freebsd.org


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Try to understand what's going on. You were installing FreeBSD on your 
harddisk, interrupted the process somewhere in the middle because you 
had errors, restarted and booted from that harddisk (right?) with 
half-installed operating system, and now you have a blank screen, which 
is no wonder. If your hardware isn't damaged per se (hopefully), then 
you may try once more to boot from the FreeBSD installation CD instead 
of harddisk, and you need to find a way how to do that. Of cource, your 
blank screen  doesn't have any icons to click or command line prompts. 
The boot choice should be done at the first moments of your computer 
startup. If the boot menu is gone, you may still try to enter Open 
Firmware and type your boot command from there (see, for example, 
http://mac.linux.be/content/booting-open-firmware).

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: mac powerpc ibook g3 blank screen on start up

[Andy Recker]

thanks for the help but there is no CD icon there is no anything to click
on my computer is very unresponsive let e know if u have any other ideas?

On Thu, Aug 9, 2012 at 12:50 AM, Jamie Paul Griffin ja...@kode5.net wrote:

 == Jeff Tipton wrote on Thu  9.Aug'12 at  8:36:12 +0300 ==

  On 08/09/2012 06:22, Andy Recker wrote:
  i installed the power PC version of free BSD and put it on my mac i
 book g3
  i was in the insulation process when i couldn't get it to work because
 of a
  few errors and i decided to turn it off and restart when i turned it
 back
  on it only booted to a blank white screen it has nothing on it and
 nothing
  is responsive i have tried to reboot the same CD i had the first thing
 and
  still just a blank screen what can i do to get BSD to work on my
 computer?
  ___
  freebsd-questions@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-questions
  To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org
  When you are trying to reboot into the installation CD, are you sure
  you have the right boot sequence selected (CD, not HDD)? I guess on
  your mac it might mean restarting, holding down the option key,
  choosing the CD icon and the arrow on the right side.
 
  -Jeff

 Yes, it's either the 'option' key or the 'C' key; can' recall which.
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

mac powerpc ibook g3 blank screen on start up

[Andy Recker]

i installed the power PC version of free BSD and put it on my mac i book g3
i was in the insulation process when i couldn't get it to work because of a
few errors and i decided to turn it off and restart when i turned it back
on it only booted to a blank white screen it has nothing on it and nothing
is responsive i have tried to reboot the same CD i had the first thing and
still just a blank screen what can i do to get BSD to work on my computer?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: mac powerpc ibook g3 blank screen on start up

[Jeff Tipton]

On 08/09/2012 06:22, Andy Recker wrote:

i installed the power PC version of free BSD and put it on my mac i book g3
i was in the insulation process when i couldn't get it to work because of a
few errors and i decided to turn it off and restart when i turned it back
on it only booted to a blank white screen it has nothing on it and nothing
is responsive i have tried to reboot the same CD i had the first thing and
still just a blank screen what can i do to get BSD to work on my computer?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
When you are trying to reboot into the installation CD, are you sure you 
have the right boot sequence selected (CD, not HDD)? I guess on your mac 
it might mean restarting, holding down the option key, choosing the CD 
icon and the arrow on the right side.


-Jeff
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: mac powerpc ibook g3 blank screen on start up

[Jamie Paul Griffin]

== Jeff Tipton wrote on Thu  9.Aug'12 at  8:36:12 +0300 ==

 On 08/09/2012 06:22, Andy Recker wrote:
 i installed the power PC version of free BSD and put it on my mac i book g3
 i was in the insulation process when i couldn't get it to work because of a
 few errors and i decided to turn it off and restart when i turned it back
 on it only booted to a blank white screen it has nothing on it and nothing
 is responsive i have tried to reboot the same CD i had the first thing and
 still just a blank screen what can i do to get BSD to work on my computer?
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
 When you are trying to reboot into the installation CD, are you sure
 you have the right boot sequence selected (CD, not HDD)? I guess on
 your mac it might mean restarting, holding down the option key,
 choosing the CD icon and the arrow on the right side.
 
 -Jeff

Yes, it's either the 'option' key or the 'C' key; can' recall which.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

something wrong of ifconfig bridge0 addr - mac address appears on wrong interface

[ProAce]

( untrust ) --- ( em0 , bridge0 , em1 ) --- ( trust )

Sometimes , I cannot connect to trust server from untrust.
I log some information from ifconfig bridge0 addr.
It seems some thing wrong of trust server's mac appear on em0.


trust serv1's mac: 00:50:56:af:2e:43
trust serv2's mac: 00:50:56:af:75:63


STEP1: The serv2 is not shown in bridge addr. table

   tp-fw [~] -root- ifconfig bridge0 addr
   00:50:56:af:2e:43 Vlan1 em1 1200 flags=0
   64:9e:f3:06:52:03 Vlan1 em0 1192 flags=0
   70:ca:9b:e3:a5:83 Vlan1 em0 1192 flags=0
   70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0

STEP2: I ping the serv2's ip from untrust , and I got 100% packet loss.

STEP3: show bridge addr. table again

   tp-fw [~] -root- ifconfig bridge0 addr
   00:50:56:af:75:63 Vlan1 em0 1198 flags=0
   00:50:56:af:2e:43 Vlan1 em1 1200 flags=0
   64:9e:f3:06:52:03 Vlan1 em0 1150 flags=0
   70:ca:9b:e3:a5:83 Vlan1 em0 1150 flags=0
   70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0

OMG! It's wrong of the 00:50:56:af:75:63 is shown with em0 interface.

STEP4: I ping the serv2's ip from tp-fw , and I got icmp reply.

STEP5: show bridge addr. table again

tp-fw [~] -root- ifconfig bridge0 addr
   00:50:56:af:75:63 Vlan1 em1 1197 flags=0
   00:50:56:af:2e:43 Vlan1 em1 1199 flags=0
   64:9e:f3:06:52:03 Vlan1 em0 1170 flags=0
   70:ca:9b:e3:a5:83 Vlan1 em0 1170 flags=0
   70:ca:9b:e3:a5:c3 Vlan1 em0 1200 flags=0

The 00:50:56:af:75:63 is shown with em1 interface correctly.

Why does STEP2 cause the wrong bridge addr table?
How to solve it?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Bill Yuan]

On Wed, Jun 13, 2012 at 4:56 PM, Ian Smith smi...@nimnet.asn.au wrote:

 On Mon, 11 Jun 2012 15:18:18 -0700, Randal L. Schwartz wrote:
Bill == Bill Yuan byc...@gmail.com writes:
   Bill I want to create a white list MAC address,  Only the machine
 which it's MAC
   Bill in the white list will be allowed,  all others will be blocked.
  
   Bad idea.  Since (a) every MAC address that *is* allowed is transmitted
   in the clear and (b) it's trivial to spoof a MAC address.
  
   This. is. no. security.

 Indeed, that's right Randal.  But I got the impression from Bill's mails
 that this is more likely just something inside his internal network.

Filtering by MAC is not secure, I agree. but at least secure enough for a
internal network.
And I am quite sure what I want to archive. I am really want to know how to
FILTER BY MAC .




   Please stop even trying.

 Well I don't think learning how to use ipfw properly at layer2 is a bad
 idea in itself, and I wouldn't want to discourage anyone from that.

 For some years I ran a filtering transparent bridge with ipfw + dummynet
 for a small network of about 20 mostly W98, XP and Mac boxes sharing one
 slow ADSL gateway between various assorted community groups (talk about
 herding cats! :) and MAC filtering was one of the handiest tools when
 some box or other got owned (again!) by some virus and started spewing
 spam, provider complains and/or cuts access .. you know the deal.

 In that sort of environment, none of the punters had any clue about
 forging MACs or anything vaguely like that, and it stopped people
 randomly plugging boxes into the network.  Horses for courses.

 I replied in more detail to another from Bill privately, copy follows.

Thanks. I saw your email already .very helpful . I will continue to try in
that way . and share with all here in the feature.:)
cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Ian Smith]

On Mon, 11 Jun 2012 15:18:18 -0700, Randal L. Schwartz wrote:
   Bill == Bill Yuan byc...@gmail.com writes:
  Bill I want to create a white list MAC address,  Only the machine which 
  it's MAC
  Bill in the white list will be allowed,  all others will be blocked.
  
  Bad idea.  Since (a) every MAC address that *is* allowed is transmitted
  in the clear and (b) it's trivial to spoof a MAC address.
  
  This. is. no. security.

Indeed, that's right Randal.  But I got the impression from Bill's mails 
that this is more likely just something inside his internal network.

  Please stop even trying.

Well I don't think learning how to use ipfw properly at layer2 is a bad 
idea in itself, and I wouldn't want to discourage anyone from that.

For some years I ran a filtering transparent bridge with ipfw + dummynet 
for a small network of about 20 mostly W98, XP and Mac boxes sharing one 
slow ADSL gateway between various assorted community groups (talk about 
herding cats! :) and MAC filtering was one of the handiest tools when 
some box or other got owned (again!) by some virus and started spewing 
spam, provider complains and/or cuts access .. you know the deal.

In that sort of environment, none of the punters had any clue about 
forging MACs or anything vaguely like that, and it stopped people 
randomly plugging boxes into the network.  Horses for courses.

I replied in more detail to another from Bill privately, copy follows.

cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Randal L. Schwartz]

 Bill == Bill Yuan byc...@gmail.com writes:
Bill I want to create a white list MAC address,  Only the machine which it's 
MAC
Bill in the white list will be allowed,  all others will be blocked.

Bad idea.  Since (a) every MAC address that *is* allowed is transmitted
in the clear and (b) it's trivial to spoof a MAC address.

This. is. no. security.

Please stop even trying.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
mer...@stonehenge.com URL:http://www.stonehenge.com/merlyn/
Smalltalk/Perl/Unix consulting, Technical writing, Comedy, etc. etc.
See http://methodsandmessages.posterous.com/ for Smalltalk discussion
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

how to allow by MAC

[Bill Yuan]

Hi,

how to allow by MAC in ipfw

currently i set the rule like below

1  allow ip from any to any MAC any to MAC Address 1
1  allow ip from any to any MAC MAC Address 1 any
2 deny all from any to any

i want to only allow the mac address to go through the freebsd firewall,

but I found it is not working on my freebsd but it works on pfsense!

so maybe that means the environment is not the same ? and how to setup the
ipfw properly to support this ?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Bill Yuan]

come on , someone help please,



On Sun, Jun 10, 2012 at 5:43 PM, Bill Yuan byc...@gmail.com wrote:

 Hi,

 how to allow by MAC in ipfw

 currently i set the rule like below

 1  allow ip from any to any MAC any to MAC Address 1
 1  allow ip from any to any MAC MAC Address 1 any
 2 deny all from any to any

 i want to only allow the mac address to go through the freebsd firewall,

 but I found it is not working on my freebsd but it works on pfsense!

 so maybe that means the environment is not the same ? and how to setup the
 ipfw properly to support this ?


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Julian H. Stacey]

Hi,
Reference:
 From: Bill Yuan byc...@gmail.com 
 Date: Sun, 10 Jun 2012 21:09:01 +0800 
 Message-id:   
 CAC+JH2ySQVCSXY+3Grh+Qe=li3wzsyu8czq3sa1w3azgpjp...@mail.gmail.com 

Bill Yuan wrote:
 come on , someone help please,
 
 
 
 On Sun, Jun 10, 2012 at 5:43 PM, Bill Yuan byc...@gmail.com wrote:
 
  Hi,
 
  how to allow by MAC in ipfw
 
  currently i set the rule like below
 
  1  allow ip from any to any MAC any to MAC Address 1
  1  allow ip from any to any MAC MAC Address 1 any
  2 deny all from any to any
 
  i want to only allow the mac address to go through the freebsd firewall,
 
  but I found it is not working on my freebsd but it works on pfsense!
 
  so maybe that means the environment is not the same ? and how to setup the
  ipfw properly to support this ?

Maybe others ignored it for the same reason I did: blocking by MAC
number seems weird  of no interest, I block  pass by IP net number.

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Julian H. Stacey]

Julian H. Stacey wrote:
 Bill Yuan wrote:
  come on , someone help please,
  
  
  
  On Sun, Jun 10, 2012 at 5:43 PM, Bill Yuan byc...@gmail.com wrote:
  
   Hi,
  
   how to allow by MAC in ipfw
  
   currently i set the rule like below
  
   1  allow ip from any to any MAC any to MAC Address 1
   1  allow ip from any to any MAC MAC Address 1 any
   2 deny all from any to any
  
   i want to only allow the mac address to go through the freebsd firewall,
  
   but I found it is not working on my freebsd but it works on pfsense!
  
   so maybe that means the environment is not the same ? and how to setup the
   ipfw properly to support this ?
 
 Maybe others ignored it for the same reason I did: blocking by MAC
 number seems weird  of no interest, I block  pass by IP net number.

as shown by ifconfig
MAC : 6 byte 
IP : 4 byte (IPV4) 

Cheers,
Julian
-- 
Julian Stacey, BSD Unix Linux C Sys Eng Consultants Munich http://berklix.com
 Reply below not above, cumulative like a play script,  indent with  .
 Format: Plain text. Not HTML, multipart/alternative, base64, quoted-printable.
Mail from @yahoo dumped @berklix.  http://berklix.org/yahoo/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Ian Smith]

In freebsd-questions Digest, Vol 418, Issue 18, Message: 1
On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote:

  how to allow by MAC in ipfw
  
  currently i set the rule like below
  
  1  allow ip from any to any MAC any to MAC Address 1
  1  allow ip from any to any MAC MAC Address 1 any
  2 deny all from any to any
  
  i want to only allow the mac address to go through the freebsd firewall,
  
  but I found it is not working on my freebsd but it works on pfsense!
  
  so maybe that means the environment is not the same ? and how to setup the
  ipfw properly to support this ?

Bill, you did get some good clues in the earlier thread, but it's not 
clear if you took note of them.  There's also been some confusion ..

Firstly, read up on layer2 (ethernet, MAC-level) filtering options in 
ipfw(8).  Thoroughly, several times, until you've got it.  Seriously.

After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf) 
ipfw will be invoked 4 times instead of the normal 2, on every packet.

Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the 
inbound pass invoked from ether_demux() and the outbound pass invoked 
from ether_output_frame() can you test for MAC addresses (or mac-types); 
the 'normal' layer3 passes examine packets that have no layer2 headers.

You could just add 'layer2' to any rules filtering on MAC addresses, and 
omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using 
a method like shown there to separate layer2 and layer3 flows early on:

   # packets from ether_demux
   ipfw add 10 skipto 1000 all from any to any layer2 in
   # packets from ip_input
   ipfw add 10 skipto 2000 all from any to any not layer2 in
   # packets from ip_output
   ipfw add 10 skipto 3000 all from any to any not layer2 out
   # packets from ether_output_frame
   ipfw add 10 skipto 4000 all from any to any layer2 out
 
So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering 
rules (remembering the reversed order of MAC addresses vs IP addresses, 
and to allow broadcasts as well), pass good guys and/or block bad guys, 
then deal with your normal IPv4|v6 traffic in a separate section(s).

Or you could just split the flows into two streams, one for layer2 for 
your MAC filtering, the other for layer3, ie the rest of your ruleset.

HTH, Ian  [please cc me on any reply]
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Bill Yuan]

Hi Lan,

Thanks for your reply, I am reading some old emails which you sent in 2008
while other place asked a same question as mine,


On Mon, Jun 11, 2012 at 1:53 AM, Ian Smith smi...@nimnet.asn.au wrote:

 In freebsd-questions Digest, Vol 418, Issue 18, Message: 1
 On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote:

   how to allow by MAC in ipfw
  
   currently i set the rule like below
  
   1  allow ip from any to any MAC any to MAC Address 1
   1  allow ip from any to any MAC MAC Address 1 any
   2 deny all from any to any
  
   i want to only allow the mac address to go through the freebsd firewall,
  
   but I found it is not working on my freebsd but it works on pfsense!
  
   so maybe that means the environment is not the same ? and how to setup
 the
   ipfw properly to support this ?

 Bill, you did get some good clues in the earlier thread, but it's not
 clear if you took note of them.  There's also been some confusion ..

 Firstly, read up on layer2 (ethernet, MAC-level) filtering options in
 ipfw(8).  Thoroughly, several times, until you've got it.  Seriously.

 After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf)
 ipfw will be invoked 4 times instead of the normal 2, on every packet.

 Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the
 inbound pass invoked from ether_demux() and the outbound pass invoked
 from ether_output_frame() can you test for MAC addresses (or mac-types);
 the 'normal' layer3 passes examine packets that have no layer2 headers.

 You could just add 'layer2' to any rules filtering on MAC addresses, and
 omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using
 a method like shown there to separate layer2 and layer3 flows early on:

   # packets from ether_demux
   ipfw add 10 skipto 1000 all from any to any layer2 in
   # packets from ip_input
   ipfw add 10 skipto 2000 all from any to any not layer2 in
   # packets from ip_output
   ipfw add 10 skipto 3000 all from any to any not layer2 out
   # packets from ether_output_frame
   ipfw add 10 skipto 4000 all from any to any layer2 out

 So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering
 rules (remembering the reversed order of MAC addresses vs IP addresses,
 and to allow broadcasts as well), pass good guys and/or block bad guys,
 then deal with your normal IPv4|v6 traffic in a separate section(s).

 Or you could just split the flows into two streams, one for layer2 for
 your MAC filtering, the other for layer3, ie the rest of your ruleset.

 HTH, Ian  [please cc me on any reply]

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Bill Yuan]

forget to po the link here

http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177636.html

On Mon, Jun 11, 2012 at 11:16 AM, Bill Yuan byc...@gmail.com wrote:

 Hi Lan,

 Thanks for your reply, I am reading some old emails which you sent in 2008
 while other place asked a same question as mine,


 On Mon, Jun 11, 2012 at 1:53 AM, Ian Smith smi...@nimnet.asn.au wrote:

 In freebsd-questions Digest, Vol 418, Issue 18, Message: 1
 On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote:

   how to allow by MAC in ipfw
  
   currently i set the rule like below
  
   1  allow ip from any to any MAC any to MAC Address 1
   1  allow ip from any to any MAC MAC Address 1 any
   2 deny all from any to any
  
   i want to only allow the mac address to go through the freebsd
 firewall,
  
   but I found it is not working on my freebsd but it works on pfsense!
  
   so maybe that means the environment is not the same ? and how to setup
 the
   ipfw properly to support this ?

 Bill, you did get some good clues in the earlier thread, but it's not
 clear if you took note of them.  There's also been some confusion ..

 Firstly, read up on layer2 (ethernet, MAC-level) filtering options in
 ipfw(8).  Thoroughly, several times, until you've got it.  Seriously.

 After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf)
 ipfw will be invoked 4 times instead of the normal 2, on every packet.

 Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the
 inbound pass invoked from ether_demux() and the outbound pass invoked
 from ether_output_frame() can you test for MAC addresses (or mac-types);
 the 'normal' layer3 passes examine packets that have no layer2 headers.

 You could just add 'layer2' to any rules filtering on MAC addresses, and
 omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using
 a method like shown there to separate layer2 and layer3 flows early on:

   # packets from ether_demux
   ipfw add 10 skipto 1000 all from any to any layer2 in
   # packets from ip_input
   ipfw add 10 skipto 2000 all from any to any not layer2 in
   # packets from ip_output
   ipfw add 10 skipto 3000 all from any to any not layer2 out
   # packets from ether_output_frame
   ipfw add 10 skipto 4000 all from any to any layer2 out

 So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering
 rules (remembering the reversed order of MAC addresses vs IP addresses,
 and to allow broadcasts as well), pass good guys and/or block bad guys,
 then deal with your normal IPv4|v6 traffic in a separate section(s).

 Or you could just split the flows into two streams, one for layer2 for
 your MAC filtering, the other for layer3, ie the rest of your ruleset.

 HTH, Ian  [please cc me on any reply]



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Brian W.]

I would ask what problem do you want to solve here; is it preventing a
userjust from getting out unless they are using their assigned address, or
something else?
On Jun 10, 2012 8:16 PM, Bill Yuan byc...@gmail.com wrote:

 Hi Lan,

 Thanks for your reply, I am reading some old emails which you sent in 2008
 while other place asked a same question as mine,


 On Mon, Jun 11, 2012 at 1:53 AM, Ian Smith smi...@nimnet.asn.au wrote:

  In freebsd-questions Digest, Vol 418, Issue 18, Message: 1
  On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote:
 
how to allow by MAC in ipfw
   
currently i set the rule like below
   
1  allow ip from any to any MAC any to MAC Address 1
1  allow ip from any to any MAC MAC Address 1 any
2 deny all from any to any
   
i want to only allow the mac address to go through the freebsd
 firewall,
   
but I found it is not working on my freebsd but it works on pfsense!
   
so maybe that means the environment is not the same ? and how to setup
  the
ipfw properly to support this ?
 
  Bill, you did get some good clues in the earlier thread, but it's not
  clear if you took note of them.  There's also been some confusion ..
 
  Firstly, read up on layer2 (ethernet, MAC-level) filtering options in
  ipfw(8).  Thoroughly, several times, until you've got it.  Seriously.
 
  After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf)
  ipfw will be invoked 4 times instead of the normal 2, on every packet.
 
  Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the
  inbound pass invoked from ether_demux() and the outbound pass invoked
  from ether_output_frame() can you test for MAC addresses (or mac-types);
  the 'normal' layer3 passes examine packets that have no layer2 headers.
 
  You could just add 'layer2' to any rules filtering on MAC addresses, and
  omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using
  a method like shown there to separate layer2 and layer3 flows early on:
 
# packets from ether_demux
ipfw add 10 skipto 1000 all from any to any layer2 in
# packets from ip_input
ipfw add 10 skipto 2000 all from any to any not layer2 in
# packets from ip_output
ipfw add 10 skipto 3000 all from any to any not layer2 out
# packets from ether_output_frame
ipfw add 10 skipto 4000 all from any to any layer2 out
 
  So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering
  rules (remembering the reversed order of MAC addresses vs IP addresses,
  and to allow broadcasts as well), pass good guys and/or block bad guys,
  then deal with your normal IPv4|v6 traffic in a separate section(s).
 
  Or you could just split the flows into two streams, one for layer2 for
  your MAC filtering, the other for layer3, ie the rest of your ruleset.
 
  HTH, Ian  [please cc me on any reply]
 
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to allow by MAC

[Bill Yuan]

Hi Brian,

Thanks for your care, Execute me for my English is not that good , I am
from Singapore :)

I want to create a white list MAC address,  Only the machine which it's MAC
in the white list will be allowed,  all others will be blocked.

Thanks


On Mon, Jun 11, 2012 at 11:21 AM, Brian W. br...@brianwhalen.net wrote:

 I would ask what problem do you want to solve here; is it preventing a
 userjust from getting out unless they are using their assigned address, or
 something else?
 On Jun 10, 2012 8:16 PM, Bill Yuan byc...@gmail.com wrote:

  Hi Lan,

 Thanks for your reply, I am reading some old emails which you sent in 2008
 while other place asked a same question as mine,


 On Mon, Jun 11, 2012 at 1:53 AM, Ian Smith smi...@nimnet.asn.au wrote:

  In freebsd-questions Digest, Vol 418, Issue 18, Message: 1
  On Sun, 10 Jun 2012 17:43:39 +0800 Bill Yuan byc...@gmail.com wrote:
 
how to allow by MAC in ipfw
   
currently i set the rule like below
   
1  allow ip from any to any MAC any to MAC Address 1
1  allow ip from any to any MAC MAC Address 1 any
2 deny all from any to any
   
i want to only allow the mac address to go through the freebsd
 firewall,
   
but I found it is not working on my freebsd but it works on pfsense!
   
so maybe that means the environment is not the same ? and how to
 setup
  the
ipfw properly to support this ?
 
  Bill, you did get some good clues in the earlier thread, but it's not
  clear if you took note of them.  There's also been some confusion ..
 
  Firstly, read up on layer2 (ethernet, MAC-level) filtering options in
  ipfw(8).  Thoroughly, several times, until you've got it.  Seriously.
 
  After enabling sysctl net.link.ether.ipfw=1 (add it to /etc/sysctl.conf)
  ipfw will be invoked 4 times instead of the normal 2, on every packet.
 
  Read carefully ipfw(8) section 'PACKET FLOW', and see that only on the
  inbound pass invoked from ether_demux() and the outbound pass invoked
  from ether_output_frame() can you test for MAC addresses (or mac-types);
  the 'normal' layer3 passes examine packets that have no layer2 headers.
 
  You could just add 'layer2' to any rules filtering on MAC addresses, and
  omit MAC addresses from all layer 3 (IP) rules, but I'd recommend using
  a method like shown there to separate layer2 and layer3 flows early on:
 
# packets from ether_demux
ipfw add 10 skipto 1000 all from any to any layer2 in
# packets from ip_input
ipfw add 10 skipto 2000 all from any to any not layer2 in
# packets from ip_output
ipfw add 10 skipto 3000 all from any to any not layer2 out
# packets from ether_output_frame
ipfw add 10 skipto 4000 all from any to any layer2 out
 
  So at (eg) 1000 and 4000 place your incoming and outgoing MAC filtering
  rules (remembering the reversed order of MAC addresses vs IP addresses,
  and to allow broadcasts as well), pass good guys and/or block bad guys,
  then deal with your normal IPv4|v6 traffic in a separate section(s).
 
  Or you could just split the flows into two streams, one for layer2 for
  your MAC filtering, the other for layer3, ie the rest of your ruleset.
 
  HTH, Ian  [please cc me on any reply]
 
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 freebsd-questions-unsubscr...@freebsd.org


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to filter network by MAC and IP at the same time

[Christian Hiris]

hi Bill,
afaik, in your case the packets checked twice against the ipfw-rules - once 
for the layer2-filtering part and 2nd time for the ip-filtering part.

1st enable filtering on ethernet demux/eth. output frame:
# sysctl net.link.ether.ipfw=1

then start your fw-script:

# -- sniplet from fw-script -- #
  iif=em0
  ip_client=192.168.123.45
  ether_client=88:99:aa:bb:cc:dd
  ether_broadcast=ff:ff:ff:ff:ff:ff

  ${fwcmd} add 10 pass MAC ${ether_broadcast} ${ether_client} via ${iif}
  ${fwcmd} add 20 pass MAC any ${ether_client} via ${iif}
  ${fwcmd} add 21 pass MAC ${ether_client} any via ${iif}
  ${fwcmd} add 30 pass ip from ${ip_client} to any via ${iif}
  ${fwcmd} add 31 pass ip from any to ${ip_client} via ${iif}
# -- sniplet from fw-script -- #

this results in:

# ipfw show
00010   128 allow ip from any to any MAC ff:ff:ff:ff:ff:ff \
 88:99:aa:bb:cc:dd via em0
00020  74  9564 allow ip from any to any MAC any 88:99:aa:bb:cc:dd via em0
00021  87 85336 allow ip from any to any MAC 88:99:aa:bb:cc:dd any via em0
00030  74  9564 allow ip from 192.168.123.45 to any via em0
00031  86 85290 allow ip from any to 192.168.123.45 via em0
65535 487 35078 deny ip from any to any

Most of this logic is described in the section PACKET FLOW section in man 
ipfw. 

Note that as packets flow through the stack, headers can be stripped or
 added to it, and so they may or may not be available for inspection.
 E.g., incoming packets will include the MAC header when ipfw is invoked
 from ether_demux(), but the same packets will have the MAC header
 stripped off when ipfw is invoked from ip_input() or ip6_input().

Cheers
ch 


On Saturday 09 June 2012, Bill Yuan wrote:
 rule like below
 
 #allow the traffic which source mac is belong to the machine
 ipfw add 1 allow all from any to any MAC MAC ADDR1 any
 #allow the ..  destination mac is that machine
 ipfw add 1 allow all from any to any MAC any MAC ADDR1
 ipfw add 1 deny all from any to any
 
 
 it is not working , all the traffic will be block by the deny !!!  how come
 ?
 
 
 
 On Sat, Jun 9, 2012 at 4:30 AM, Lowell Gilbert 
 
 freebsd-questions-lo...@be-well.ilk.org wrote:
  Bill Yuan byc...@gmail.com writes:
   i am using freebsd 9.0 as a firewall and i want to filter the traffic
   by the mac and the ip at the same time,
   
   for example, i only allow my laptop MAC Address 1 can go throught the
   firewalll when it's using IP IP Address 1
   
   for how to config the firewall rules?
   
   
   I tried to configure the firewall by  the rule below , but it doesnt
   work
   
ipfw add  1 allow all from IP Address 1 to any MAC MAC Address 1
any ipfw add  1 allow all from any to IP Address 1  MAC any MAC
Address
  
  1
  
  Well, for one thing if I understand your intent, you have the MAC
  addresses in the wrong order. Unless your firewall is acting as a
  bridge, you also need to keep in mind that the MAC addresses are changed
  when passing through, so those rules will only work on one side (i.e.,
  you'll need in via type rules).
  
   but it doesnt work. also found the explanation on google, someone
   already asked this question before.
  
  I don't understand. Was there a suggested approach or not?
  
   but I did not find the solution for this requirement.  can someone tell
  
  me
  
   how ? thanks in advance.
  
  I can't guarantee this will work, and I don't have any way to test it,
  
  but my above comments would suggest something more like:
ipfw add  1 allow all from IP Address 1 to any MAC any MAC Address
  
  in via $iif
  
ipfw add  1 allow all from any to IP Address 1  MAC MAC Address 1
  
  any out via $oif
  
  Good luck.
 
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to
 freebsd-questions-unsubscr...@freebsd.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to filter network by MAC and IP at the same time

[Bill Yuan]

Thanks very much,
According to your description , I changed my firewall settings ,
(
Because I already tried add the via em0 or via em1,  it's not working,
so I remove it ,
my FreeBSD is WAN is em0  ,LAN is em1
)
and made it like this below

and I still cannot download things through it , and i found the result


Seems some place still not working properly , the traffic has been block by
some reason!





On Sat, Jun 9, 2012 at 5:12 PM, Christian Hiris 4...@chello.at wrote:

 hi Bill,
 afaik, in your case the packets checked twice against the ipfw-rules - once
 for the layer2-filtering part and 2nd time for the ip-filtering part.

 1st enable filtering on ethernet demux/eth. output frame:
 # sysctl net.link.ether.ipfw=1

 then start your fw-script:

 # -- sniplet from fw-script -- #
  iif=em0
  ip_client=192.168.123.45
  ether_client=88:99:aa:bb:cc:dd
  ether_broadcast=ff:ff:ff:ff:ff:ff

  ${fwcmd} add 10 pass MAC ${ether_broadcast} ${ether_client} via ${iif}
  ${fwcmd} add 20 pass MAC any ${ether_client} via ${iif}
  ${fwcmd} add 21 pass MAC ${ether_client} any via ${iif}
  ${fwcmd} add 30 pass ip from ${ip_client} to any via ${iif}
  ${fwcmd} add 31 pass ip from any to ${ip_client} via ${iif}
 # -- sniplet from fw-script -- #

 this results in:

 # ipfw show
 00010   128 allow ip from any to any MAC ff:ff:ff:ff:ff:ff \
  88:99:aa:bb:cc:dd via em0
 00020  74  9564 allow ip from any to any MAC any 88:99:aa:bb:cc:dd via em0
 00021  87 85336 allow ip from any to any MAC 88:99:aa:bb:cc:dd any via em0
 00030  74  9564 allow ip from 192.168.123.45 to any via em0
 00031  86 85290 allow ip from any to 192.168.123.45 via em0
 65535 487 35078 deny ip from any to any

 Most of this logic is described in the section PACKET FLOW section in man
 ipfw.

 Note that as packets flow through the stack, headers can be stripped or
 added to it, and so they may or may not be available for inspection.
 E.g., incoming packets will include the MAC header when ipfw is invoked
 from ether_demux(), but the same packets will have the MAC header
 stripped off when ipfw is invoked from ip_input() or ip6_input().

 Cheers
 ch


 On Saturday 09 June 2012, Bill Yuan wrote:
  rule like below
 
  #allow the traffic which source mac is belong to the machine
  ipfw add 1 allow all from any to any MAC MAC ADDR1 any
  #allow the ..  destination mac is that machine
  ipfw add 1 allow all from any to any MAC any MAC ADDR1
  ipfw add 1 deny all from any to any
 
 
  it is not working , all the traffic will be block by the deny !!!  how
 come
  ?
 
 
 
  On Sat, Jun 9, 2012 at 4:30 AM, Lowell Gilbert 
 
  freebsd-questions-lo...@be-well.ilk.org wrote:
   Bill Yuan byc...@gmail.com writes:
i am using freebsd 9.0 as a firewall and i want to filter the traffic
by the mac and the ip at the same time,
   
for example, i only allow my laptop MAC Address 1 can go throught
 the
firewalll when it's using IP IP Address 1
   
for how to config the firewall rules?
   
   
I tried to configure the firewall by  the rule below , but it doesnt
work
   
 ipfw add  1 allow all from IP Address 1 to any MAC MAC Address 1
 any ipfw add  1 allow all from any to IP Address 1  MAC any MAC
 Address
  
   1
  
   Well, for one thing if I understand your intent, you have the MAC
   addresses in the wrong order. Unless your firewall is acting as a
   bridge, you also need to keep in mind that the MAC addresses are
 changed
   when passing through, so those rules will only work on one side (i.e.,
   you'll need in via type rules).
  
but it doesnt work. also found the explanation on google, someone
already asked this question before.
  
   I don't understand. Was there a suggested approach or not?
  
but I did not find the solution for this requirement.  can someone
 tell
  
   me
  
how ? thanks in advance.
  
   I can't guarantee this will work, and I don't have any way to test it,
  
   but my above comments would suggest something more like:
 ipfw add  1 allow all from IP Address 1 to any MAC any MAC
 Address
  
   in via $iif
  
 ipfw add  1 allow all from any to IP Address 1  MAC MAC Address
 1
  
   any out via $oif
  
   Good luck.
 
  ___
  freebsd-questions@freebsd.org mailing list
  http://lists.freebsd.org/mailman/listinfo/freebsd-questions
  To unsubscribe, send any mail to
  freebsd-questions-unsubscr...@freebsd.org

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to filter network by MAC and IP at the same time

[Lowell Gilbert]

Bill Yuan byc...@gmail.com writes:

 i am using freebsd 9.0 as a firewall and i want to filter the traffic by
 the mac and the ip at the same time,

 for example, i only allow my laptop MAC Address 1 can go throught the
 firewalll when it's using IP IP Address 1

 for how to config the firewall rules?


 I tried to configure the firewall by  the rule below , but it doesnt work

  ipfw add  1 allow all from IP Address 1 to any MAC MAC Address 1 any
  ipfw add  1 allow all from any to IP Address 1  MAC any MAC Address 1

Well, for one thing if I understand your intent, you have the MAC
addresses in the wrong order. Unless your firewall is acting as a
bridge, you also need to keep in mind that the MAC addresses are changed
when passing through, so those rules will only work on one side (i.e.,
you'll need in via type rules).

 but it doesnt work. also found the explanation on google, someone already
 asked this question before.

I don't understand. Was there a suggested approach or not?

 but I did not find the solution for this requirement.  can someone tell me
 how ? thanks in advance.

I can't guarantee this will work, and I don't have any way to test it,
but my above comments would suggest something more like:

  ipfw add  1 allow all from IP Address 1 to any MAC any MAC Address in via 
 $iif

  ipfw add  1 allow all from any to IP Address 1  MAC MAC Address 1 any 
 out via $oif

Good luck.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: how to filter network by MAC and IP at the same time

[Bill Yuan]

rule like below

#allow the traffic which source mac is belong to the machine
ipfw add 1 allow all from any to any MAC MAC ADDR1 any
#allow the ..  destination mac is that machine
ipfw add 1 allow all from any to any MAC any MAC ADDR1
ipfw add 1 deny all from any to any


it is not working , all the traffic will be block by the deny !!!  how come
?



On Sat, Jun 9, 2012 at 4:30 AM, Lowell Gilbert 
freebsd-questions-lo...@be-well.ilk.org wrote:

 Bill Yuan byc...@gmail.com writes:

  i am using freebsd 9.0 as a firewall and i want to filter the traffic by
  the mac and the ip at the same time,
 
  for example, i only allow my laptop MAC Address 1 can go throught the
  firewalll when it's using IP IP Address 1
 
  for how to config the firewall rules?
 
 
  I tried to configure the firewall by  the rule below , but it doesnt work
 
   ipfw add  1 allow all from IP Address 1 to any MAC MAC Address 1 any
   ipfw add  1 allow all from any to IP Address 1  MAC any MAC Address
 1

 Well, for one thing if I understand your intent, you have the MAC
 addresses in the wrong order. Unless your firewall is acting as a
 bridge, you also need to keep in mind that the MAC addresses are changed
 when passing through, so those rules will only work on one side (i.e.,
 you'll need in via type rules).

  but it doesnt work. also found the explanation on google, someone already
  asked this question before.

 I don't understand. Was there a suggested approach or not?

  but I did not find the solution for this requirement.  can someone tell
 me
  how ? thanks in advance.

 I can't guarantee this will work, and I don't have any way to test it,
 but my above comments would suggest something more like:

   ipfw add  1 allow all from IP Address 1 to any MAC any MAC Address
 in via $iif

   ipfw add  1 allow all from any to IP Address 1  MAC MAC Address 1
 any out via $oif

 Good luck.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

how to filter network by MAC and IP at the same time

[Bill Yuan]

hi all,

i am using freebsd 9.0 as a firewall and i want to filter the traffic by
the mac and the ip at the same time,

for example, i only allow my laptop MAC Address 1 can go throught the
firewalll when it's using IP IP Address 1

for how to config the firewall rules?


I tried to configure the firewall by  the rule below , but it doesnt work

 ipfw add  1 allow all from IP Address 1 to any MAC MAC Address 1 any
 ipfw add  1 allow all from any to IP Address 1  MAC any MAC Address 1

but it doesnt work. also found the explanation on google, someone already
asked this question before.

but I did not find the solution for this requirement.  can someone tell me
how ? thanks in advance.


Best Regards,
BYCN82
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

newbie- install to i-mac from usb

[chromaticwt zac]

hi,

I hope this is the correct mailing list for this question. I am a newbie.
I want to install FreeBSD 9.0 to an i-mac g3/g4 which doesn't have a
working cd drive.
I want to use a usb stick to do this. My question is what relevant doc
explains how to do this?
I searched google and could not find an answer that worked, even for NetBSD.
I tried issuing a dd command to cp the powerpc memstick image to usb, but I
can't figure out how to get
openfirmware to boot the usb. It is openfirmware version 3. I welcome any
help and/or suggestions.

Thanks,
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Single boot EFI Mac install

[Carsten Mattner]

Has anyone successfully installed FreeBSD as a single boot system
on an EFI Mac?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Single boot EFI Mac install

[George Hartzell]

Carsten Mattner writes:
  Has anyone successfully installed FreeBSD as a single boot system
  on an EFI Mac?

I'm not sure exactly what you mean by a single boot system.

I have Mac Pro that runs Mac OS on on disk (actually a pair in a
software RAID) and FreeBSD from another pair (gmirror RAID).  I
suspect that I could pull the MacOS disks from the system and it would
happily run as a FreeBSD only machine.

I believe that I set up the disks using the mac tools and then did an
install from a DVD, but it's been a while.

The only particularly trick-ish part is that I had to partition the
FreeBSD disks using MBR style partitions, that's (part of?) what the
Mac firmware uses to decide to turn on it's PC-style BIOS emulation,
which FreeBSD needs before it can get itself going.  GPT partitions
will not work.  Every once in a while the machine hangs at boot time
but I haven't seen it in a while.

What happens if you just throw a FreeBSD DVD in the drive?

g.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Single boot EFI Mac install

[Carsten Mattner]

On Wed, Mar 7, 2012 at 6:13 PM, George Hartzell hartz...@alerce.com wrote:
 Carsten Mattner writes:
   Has anyone successfully installed FreeBSD as a single boot system
   on an EFI Mac?

 I'm not sure exactly what you mean by a single boot system.

 I have Mac Pro that runs Mac OS on on disk (actually a pair in a
 software RAID) and FreeBSD from another pair (gmirror RAID).  I
 suspect that I could pull the MacOS disks from the system and it would
 happily run as a FreeBSD only machine.

 I believe that I set up the disks using the mac tools and then did an
 install from a DVD, but it's been a while.

 The only particularly trick-ish part is that I had to partition the
 FreeBSD disks using MBR style partitions, that's (part of?) what the
 Mac firmware uses to decide to turn on it's PC-style BIOS emulation,
 which FreeBSD needs before it can get itself going.  GPT partitions
 will not work.  Every once in a while the machine hangs at boot time
 but I haven't seen it in a while.

 What happens if you just throw a FreeBSD DVD in the drive?

I'm pretty sure I can install FreeBSD.

The real question is: Are there EFI bootable FreeBSD images?
rEFIt works but cannot be convinced to stop delaying the boot
process by ~20 seconds (even after deleting PRAM and bless'ing
the partition). That's why I've been looking for native (EFI) boot options.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Problems with EFI / partitioning with FreeBSD ONLY mac mini ... from USB drive ...

[Mm Bsd]

I booted the 8.2-RELEASE CD on my Intel mac mini, which has a thumb drive 
plugged into USB.

I promptly entered FIXIT and used dd to zero out the ENTIRE internal hard 
drive.  I may use it, I may not, but for now I want to reduce variables and I 
don't want remnants of OSX on that disk tripping me up.

I exited FIXIT and proceeded with a plain old install of FreeBSD 8.2 onto the 
thumb drive, which was seen as da0.  Upon rebooting, I see a folder icon with a 
question mark inside of it, blinking on the screen.  The mac mini cannot see an 
OS to boot.

I have tried to solve this by:

- same as above, but plain old loader instead of FreeBSD boot manager.  Both 
failed

- During install, in FDISK, using the T option to change the type to 238

Still failing.  Any idea what the missing part of this recipe is
 ?

NOTE:  I see something of an answer here:

http://lists.freebsd.org/pipermail/freebsd-current/2011-September/027585.html

But I do not know how to put a dummy MBR there even if using GPT layout ... 
so if that is the answer, some additional details, please :)

Just trying to boot FreeBSD, and only FreeBSD, off of the thumb drive plugged 
into a mac mini with no other disks.  Any help appreciated.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[Sascha Vieweg]

On 11-04-09 17:17, Warren Block wrote:


On Fri, 8 Apr 2011, Sascha Vieweg wrote:


 As a curious beginner I am running FreeBSD on VMWare Fusion
 3.1.2 on a MacBook Pro 13'' i5, and I want to do two things on
 the normal (startup) console:

 (1) use my apple keyboard, especially, scroll through console
 output


man syscons | less -p'Back Scrolling'


... Says: press the `slock' key (with some PC keyboard 
description). However, I have got a MB Pro where no such key is 
available. Thus, I may repeat my question: How can I get console 
scolling working on my MacBook Pro 13''?



 (2) have a screen resolution of at least 800x600.


vidcontrol(1) can set different modes, potentially including 
VESA_800x600. What's available depends on the video card BIOS 
and you'll probably have to build a kernel with SC_PIXEL_MODE.



 Both things seem to be no particular problem in X11, however,
 I cannot find advices for the normal console.


Unless you're trying to emulate a machine without X11 for a 
particular purpose, xterms are more versatile than consoles. 
It's probably possible to get a console-like stack of fullscreen 
xterms with one of the mouseless window managers.


Thanks, the vidcontrol tip helped a lot.

*S*

--
Sascha Vieweg, saschav...@gmail.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[Chuck Swiger]

On Apr 18, 2011, at 11:35 AM, Sascha Vieweg wrote:
 man syscons | less -p'Back Scrolling'
 
 ... Says: press the `slock' key (with some PC keyboard description). However, 
 I have got a MB Pro where no such key is available. Thus, I may repeat my 
 question: How can I get console scolling working on my MacBook Pro 13''?

slock is the key above the home key; on an Apple A1048 USB keyboard, that is 
labelled F15.  I don't think the 13 Macbook Pro has that key available, so you 
might have to attach an external USB keyboard.

Try dmesg | less instead, or using SSH from a handy terminal emulator with 
scrolling windows (like Terminal.app from the base MacOS X) is likely to be 
easier...

Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[David Scheidt]

On Apr 18, 2011, at 2:45 PM, Chuck Swiger wrote:

 On Apr 18, 2011, at 11:35 AM, Sascha Vieweg wrote:
 man syscons | less -p'Back Scrolling'
 
 ... Says: press the `slock' key (with some PC keyboard description). 
 However, I have got a MB Pro where no such key is available. Thus, I may 
 repeat my question: How can I get console scolling working on my MacBook Pro 
 13''?
 
 slock is the key above the home key; on an Apple A1048 USB keyboard, that is 
 labelled F15.  I don't think the 13 Macbook Pro has that key available, so 
 you might have to attach an external USB keyboard.

fn-shift-f12 should be scroll lock.  At least, it is when the hardware runs 
windows___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[Warren Block]

On Fri, 8 Apr 2011, Sascha Vieweg wrote:

As a curious beginner I am running FreeBSD on VMWare Fusion 3.1.2 on a 
MacBook Pro 13'' i5, and I want to do two things on the normal (startup) 
console:


(1) use my apple keyboard, especially, scroll through console output


man syscons | less -p'Back Scrolling'


(2) have a screen resolution of at least 800x600.


vidcontrol(1) can set different modes, potentially including 
VESA_800x600.  What's available depends on the video card BIOS and 
you'll probably have to build a kernel with SC_PIXEL_MODE.


Both things seem to be no particular problem in X11, however, I cannot find 
advices for the normal console.


Unless you're trying to emulate a machine without X11 for a particular 
purpose, xterms are more versatile than consoles.  It's probably 
possible to get a console-like stack of fullscreen xterms with one of 
the mouseless window managers.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

FreeBSD VMWare Mac screen resulution and keyboard map

[Sascha Vieweg]

As a curious beginner I am running FreeBSD on VMWare Fusion 3.1.2 
on a MacBook Pro 13'' i5, and I want to do two things on the 
normal (startup) console:


(1) use my apple keyboard, especially, scroll through console 
output


(2) have a screen resolution of at least 800x600.

Both things seem to be no particular problem in X11, however, I 
cannot find advices for the normal console.


And: does anybody know what vertical and horizontal refresh rates 
my VMWare display have? According to the user handbook I need to 
specify this information in the X11 config file -- the current X11 
display does not look very sharp.


Thanks for help
*S*

--
Sascha Vieweg, saschav...@gmail.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[Christopher Hilton]

On Apr 8, 2011, at 12:22 PM, Sascha Vieweg wrote:

 As a curious beginner I am running FreeBSD on VMWare Fusion 3.1.2 on a 
 MacBook Pro 13'' i5, and I want to do two things on the normal (startup) 
 console:
 
 (1) use my apple keyboard, especially, scroll through console output
 
 (2) have a screen resolution of at least 800x600.
 
 Both things seem to be no particular problem in X11, however, I cannot find 
 advices for the normal console.
 
 And: does anybody know what vertical and horizontal refresh rates my VMWare 
 display have? According to the user handbook I need to specify this 
 information in the X11 config file -- the current X11 display does not look 
 very sharp.
 
 Thanks for help
 *S*


You should be able find the screen dimensions for that MacBook Pro somewhere on 
the net. If my memory is correct and it's like my 13 acrylic MacBook then it 
will be something either 1280x800 or, less likely, 1280x720. I'm really old so 
I use an config file in the standard location: /etc/X11/xorg.conf configuration 
file to control X. If I understand correctly this is not longer strictly 
necessary. You can generate a base config by running:

 # X -configure

That will write a file: xorg.conf.new into the current directory. For monitor 
setting I've never found anything on VMware Fusion, or the MacBook line that 
gives those numbers. I've been using:

Section Monitor
Identifier  Apple MacBook Pro A1286 Display
VendorName  Apple
HorizSync   27.0-86.0
VertRefresh 50.0-72.0
Modeline 1440x900 106.47 1440 1520 1672 1904 900 901 904 932 -HSync +Vsync
Modeline 1280x800 83.46 1280 1344 1480 1680 800 801 804 828
EndSection

I'm using the Vesa Driver rather than the native vmware one so I'm pretty sure 
that the MacBook is actually handling the display settings. Again, there are 
instructions on the net for hacking xorg.conf specifically for VMWare Fusion 
and or Parallels to get a crisp display on a FreeBSD VM on a Mac.

-

I haven't found a way to map a key to Scroll Lock. I would imagine that the 
syscons driver is the place to look.

-- Chris


  There will be an answer, Let it be.
   e: chris -at- vindaloo -dot- com

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: FreeBSD VMWare Mac screen resulution and keyboard map

[Christopher Hilton]

On Apr 8, 2011, at 12:22 PM, Sascha Vieweg wrote:

 As a curious beginner I am running FreeBSD on VMWare Fusion 3.1.2 on a 
 MacBook Pro 13'' i5, and I want to do two things on the normal (startup) 
 console:
 
 (1) use my apple keyboard, especially, scroll through console output
 

The Apple Keyboard should just work. The FreeBSD console has a special mode 
where you can scroll back and forth in console output after hitting Scroll 
Lock. I'm just not sure what key on the Apple Keyboard VMware maps to Scroll 
Lock.

 (2) have a screen resolution of at least 800x600.

To start, the X log file: /var/log/Xorg.0.log file is a good source of 
information about what X is doing if you are trying to tune things.

Getting a good screen resolution should just be a matter of setting the refresh 
rates to match your monitor. You may be able to put any values you like in 
there since your screen and video adapter are virtual. All of this gets 
configured in /etc/X11/xorg.conf. I believe it's considered gauche to hand 
configure this anymore but since many modern displays, the Apple laptops 
included, don't conform to the VESA standard modes it's helpful to be able to 
tune things by hand. The problem is compounded by the fact that again, in 
VMware you probably aren't talking to the real hardware. Any modern hardware 
should just tell the X server what it's Sync and Refresh rates are.

One final tip: Check the amount of VideoRam that VMware assigned to the virtual 
machine. I noticed that it was a little skint at 2Mb or something and I bumped 
it up to something larger than 8Mbso I could have a  1920x1080x24bpp display. 

Here's my xorg.conf file which I started on an Acrylic MacBook running 
Parallels and them moved to and retuned for a unibody 15 MacBook Pro. I'm 
following up my first post since I revisited this file this afternoon to fix a 
couple of issues that I had worked around. My box is FreeBSD 8.2-STABLE built 
from sources on 4/6/2011. I'm running xorg-7.5.1 from ports



Section ServerLayout
Identifier X.org Configured
Screen  0  Screen0 0 0
InputDeviceMouse0 CorePointer
InputDeviceKeyboard0 CoreKeyboard
EndSection

Section Files
ModulePath   /usr/local/lib/xorg/modules
FontPath /usr/local/lib/X11/fonts/misc/
FontPath /usr/local/lib/X11/fonts/TTF/
FontPath /usr/local/lib/X11/fonts/OTF
FontPath /usr/local/lib/X11/fonts/Type1/
FontPath /usr/local/lib/X11/fonts/100dpi/
FontPath /usr/local/lib/X11/fonts/75dpi/
EndSection

Section Module
Load  extmod
Load  record
Load  dbe
Load  glx
Load  dri
Load  dri2
Load  vmmouse
EndSection

Section InputDevice
Identifier  Keyboard0
Driver  kbd
EndSection

Section InputDevice
Identifier  Mouse0
Driver  vmmouse
Option  Protocol auto
Option  Device /dev/sysmouse
Option  ZAxisMapping 4 5 6 7
EndSection

Section Monitor
Identifier  Apple MacBook Pro A1286 Display
VendorName  Apple
HorizSync   27.0-86.0  ## These shouldn't matter
VertRefresh 50.0-72.0  ## 

## 15 MacBook Pro
Modeline 1440x900 106.47 1440 1520 1672 1904 900 901 904 932 -HSync +Vsync

## 13 MacBook and possibly 13 MacBook Pro
Modeline 1280x800 83.46 1280 1344 1480 1680 800 801 804 828
EndSection

Section Device
Identifier  VMware Legacy Emulated SVGA II Adapter
Driver  vmwlegacy
VendorName  VMware
BoardName   Legacy Emulated SVGA II Adapter
BusID   PCI:0:15:0
EndSection

Section Screen
Identifier Screen0
Device VMware Legacy Emulated SVGA II Adapter
MonitorApple MacBook Pro A1286 Display


## Purge the display modes that I don't need from here.

SubSection Display
Viewport0 0
Depth   24
Modes   1440x900 ## 15 MacBook Pro
Modes   1280x800 ## 13 MacBook/MacBook Pro
EndSubSection
EndSection


-- Chris


-- 

 __o Chris Hilton
   _`\,_e: chris /at/ vindaloo /dot/ com 
__(*)/_(*) 
  All I was doing was trying to get home from work.
  -Rosa Parks

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Paul B Mahol]

On Sun, Jan 23, 2011 at 3:47 PM, John R. Levine jo...@iecc.com wrote:
 Is this a known problem?  As far as I know, it's supposed to work.

 How you change MAC address? With ether command?

 # ifconfig em0 ether 01:17:a4:8f:04:5d

Well, if it does not work it can be driver bug.

In iwn case try to set MAC address of iwn before creating wlan or
you will need to set same MAC on wlanX and iwn.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Da Rock]

On 01/25/11 01:14, Paul B Mahol wrote:

On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com  wrote:
   

Is this a known problem?  As far as I know, it's supposed to work.
 

How you change MAC address? With ether command?
   

# ifconfig em0 ether 01:17:a4:8f:04:5d
 

Well, if it does not work it can be driver bug.

In iwn case try to set MAC address of iwn before creating wlan or
you will need to set same MAC on wlanX and iwn.
   
Actually I can confirm that. I use lagg for failover, and I remember now 
you have to set the 'real' interface to the MAC of the other lagg 
member, not a 'psuedo-device' or it won't work. Same principle applies here.


HTH
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[John R. Levine]

Is this a known problem?  As far as I know, it's supposed to work.



Well, if it does not work it can be driver bug.


Well, yes, that's what I'm asking.  Is it a known driver bug?


In iwn case try to set MAC address of iwn before creating wlan or
you will need to set same MAC on wlanX and iwn.


Done that, doesn't help.

Regards,
John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies,
Please consider the environment before reading this e-mail. http://jl.ly___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Fred]

Da Rock wrote:

On 01/25/11 01:14, Paul B Mahol wrote:

On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com  wrote:
  

Is this a known problem?  As far as I know, it's supposed to work.
 

How you change MAC address? With ether command?
   

# ifconfig em0 ether 01:17:a4:8f:04:5d
 

Well, if it does not work it can be driver bug.

In iwn case try to set MAC address of iwn before creating wlan or
you will need to set same MAC on wlanX and iwn.
   
Actually I can confirm that. I use lagg for failover, and I remember 
now you have to set the 'real' interface to the MAC of the other lagg 
member, not a 'psuedo-device' or it won't work. Same principle applies 
here.


HTH
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
freebsd-questions-unsubscr...@freebsd.org




Ethernet MAC addresses are assigned by the manufacturer of the 
equipment.  Each unit gets a unique address which generally can't be 
changed and shouldn't be changed.  The manufacturer buys a block of 
addresses from the IEEE.


Best regards,
Fred

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Chuck Swiger]

On Jan 24, 2011, at 10:44 AM, Fred wrote:
 Ethernet MAC addresses are assigned by the manufacturer of the equipment.  
 Each unit gets a unique address which generally can't be changed and 
 shouldn't be changed.  The manufacturer buys a block of addresses from the 
 IEEE.

Yes, although folks can set the locally administered bit in the 6-byte MAC 
address instead of using globally administered addresses  vendor-assigned 
blocks from IEEE OUI...

Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Da Rock]

On 01/25/11 04:44, Fred wrote:

Da Rock wrote:

On 01/25/11 01:14, Paul B Mahol wrote:

On Sun, Jan 23, 2011 at 3:47 PM, John R. Levinejo...@iecc.com  wrote:

Is this a known problem?  As far as I know, it's supposed to work.

How you change MAC address? With ether command?

# ifconfig em0 ether 01:17:a4:8f:04:5d

Well, if it does not work it can be driver bug.

In iwn case try to set MAC address of iwn before creating wlan or
you will need to set same MAC on wlanX and iwn.
Actually I can confirm that. I use lagg for failover, and I remember 
now you have to set the 'real' interface to the MAC of the other lagg 
member, not a 'psuedo-device' or it won't work. Same principle 
applies here.


HTH
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to 
freebsd-questions-unsubscr...@freebsd.org




Ethernet MAC addresses are assigned by the manufacturer of the 
equipment.  Each unit gets a unique address which generally can't be 
changed and shouldn't be changed.  The manufacturer buys a block of 
addresses from the IEEE.


Best regards,
Fred
Yes, but for lagg to work both adapters need the same MAC- otherwise 
routing wouldn't work properly (long story short).


BTW, my wifi is iwn and I have had no trouble.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[Paul B Mahol]

On Sun, Jan 23, 2011 at 3:38 AM, John Levine jo...@iecc.com wrote:
 My Lenovo laptop running 8.1 has two ordinary Intel network adapters,
 a wired PRO/1000 with the em driver and a WiFi PRO/Wireless 5300 with
 the iwn driver.  They work fine, but for either one if I use ifconfig
 to change the MAC address, the adapter won't actually work until I
 change the address back to the native one.  Typical symptoms are
 endless DHCP queries with no response.

 Is this a known problem?  As far as I know, it's supposed to work.

How you change MAC address? With ether command?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Changing the MAC address on a LAN adapter

[John R. Levine]

Is this a known problem?  As far as I know, it's supposed to work.


How you change MAC address? With ether command?


# ifconfig em0 ether 01:17:a4:8f:04:5d

Regards,
John Levine, jo...@iecc.com, Primary Perpetrator of The Internet for Dummies,
Please consider the environment before reading this e-mail. http://jl.ly___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Changing the MAC address on a LAN adapter

[John Levine]

My Lenovo laptop running 8.1 has two ordinary Intel network adapters,
a wired PRO/1000 with the em driver and a WiFi PRO/Wireless 5300 with
the iwn driver.  They work fine, but for either one if I use ifconfig
to change the MAC address, the adapter won't actually work until I
change the address back to the native one.  Typical symptoms are
endless DHCP queries with no response.

Is this a known problem?  As far as I know, it's supposed to work.

R's,
John

PS: If you were wondering, obnoxious airport wifi that cuts you off
after an hour and won't let you back on until the next day, keyed by
MAC address.

em0: Intel(R) PRO/1000 Network Connection 7.0.5 port 0x1840-0x185f mem 
0xf260-0xf261,0xf2625000-0xf2625fff irq 20 at device 25.0 on pci0
em0: Using MSI interrupt

iwn0: Intel(R) PRO/Wireless 5300 mem 0xf250-0xf2501fff irq 17 at device 
0.0 on pci3
iwn0: MIMO 3T3R, MoW, address 00:21:6a:b5:18:48
iwn0: [ITHREAD]
iwn0: 11a rates: 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 36Mbps 48Mbps 54Mbps
iwn0: 11b rates: 1Mbps 2Mbps 5.5Mbps 11Mbps
iwn0: 11g rates: 1Mbps 2Mbps 5.5Mbps 11Mbps 6Mbps 9Mbps 12Mbps 18Mbps 24Mbps 
36Mbps 48Mbps 54Mbps
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Corrupted MAC on input. Disconnecting: Packet corrupt

[Julien Cigar]

Hello,

I'm facing a very strange problem on a machine: When I unzip a file (I'm 
100% sure the file is not corrupted) and I get the following:


jci...@frodon ~ % ssh 10.0.0.225
Password:
jci...@dev ~ % unzip elgg-1.7.6.zip
Archive:  elgg-1.7.6.zip
   creating: elgg-1.7.6/
   creating: elgg-1.7.6/engine/
  inflating: elgg-1.7.6/engine/settings.example.php
   creating: elgg-1.7.6/engine/handlers/
   creating: 
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/
  inflating: 
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/en_dlg.js 

  inflating: 
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/editor_plugin.js 

  inflating: 
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/emotions.htm 


Corrupted MAC on input.
Disconnecting: Packet corrupt
jci...@frodon ~ %

The system is running 8.2-RC1 (amd64). I had the same problem under 
8.1-RELEASE (I thought it was a bug in the Ethernet driver, so I 
upgraded to 8.2-RC1)


The card is:
a...@pci0:2:0:0:class=0x02 card=0x82261043 chip=0x10481969 
rev=0xb0 hdr=0x00

vendor = 'Attansic (Now owned by Atheros)'
device = 'Gigabit Ethernet 10/100/1000 Base-T Controller 
(Atheros L1)'

class  = network
subclass   = ethernet

Any idea what could be the problem ?

Thanks,
Julien

--
No trees were killed in the creation of this message.
However, many electrons were terribly inconvenienced.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Corrupted MAC on input. Disconnecting: Packet corrupt

[Julien Cigar]

On 01/11/2011 10:43, Julien Cigar wrote:

Hello,

I'm facing a very strange problem on a machine: When I unzip a file (I'm
100% sure the file is not corrupted) and I get the following:

jci...@frodon ~ % ssh 10.0.0.225
Password:
jci...@dev ~ % unzip elgg-1.7.6.zip
Archive: elgg-1.7.6.zip
creating: elgg-1.7.6/
creating: elgg-1.7.6/engine/
inflating: elgg-1.7.6/engine/settings.example.php
creating: elgg-1.7.6/engine/handlers/
creating:
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/
inflating:
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/en_dlg.js

inflating:
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/editor_plugin.js

inflating:
elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/emotions.htm

Corrupted MAC on input.
Disconnecting: Packet corrupt
jci...@frodon ~ %

The system is running 8.2-RC1 (amd64). I had the same problem under
8.1-RELEASE (I thought it was a bug in the Ethernet driver, so I
upgraded to 8.2-RC1)

The card is:
a...@pci0:2:0:0: class=0x02 card=0x82261043 chip=0x10481969 rev=0xb0
hdr=0x00
vendor = 'Attansic (Now owned by Atheros)'
device = 'Gigabit Ethernet 10/100/1000 Base-T Controller (Atheros L1)'
class = network
subclass = ethernet

Any idea what could be the problem ?

Thanks,
Julien


OK, I dug a bit and found the problem ...

I have 4 memory slots on the motherboard : D C  B A
When I put a memory stick in A _or_ C it works
When I put memory sticks in A _and_ C it works too
However, when I put memory sticks in A _and_ B or A _and_ B _and_ C it 
fails ... (dual channel)


Could it be a bug... or a broken Bios ?





___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org


--
No trees were killed in the creation of this message.
However, many electrons were terribly inconvenienced.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Corrupted MAC on input. Disconnecting: Packet corrupt

[Mehmet Erol Sanliturk]

On Tue, Jan 11, 2011 at 9:11 AM, Julien Cigar jci...@ulb.ac.be wrote:

 On 01/11/2011 10:43, Julien Cigar wrote:

 Hello,

 I'm facing a very strange problem on a machine: When I unzip a file (I'm
 100% sure the file is not corrupted) and I get the following:

 jci...@frodon ~ % ssh 10.0.0.225
 Password:
 jci...@dev ~ % unzip elgg-1.7.6.zip
 Archive: elgg-1.7.6.zip
 creating: elgg-1.7.6/
 creating: elgg-1.7.6/engine/
 inflating: elgg-1.7.6/engine/settings.example.php
 creating: elgg-1.7.6/engine/handlers/
 creating:
 elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/
 inflating:

 elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/langs/en_dlg.js

 inflating:

 elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/editor_plugin.js

 inflating:

 elgg-1.7.6/mod/tinymce/tinymce/jscripts/tiny_mce/plugins/emotions/emotions.htm

 Corrupted MAC on input.
 Disconnecting: Packet corrupt
 jci...@frodon ~ %

 The system is running 8.2-RC1 (amd64). I had the same problem under
 8.1-RELEASE (I thought it was a bug in the Ethernet driver, so I
 upgraded to 8.2-RC1)

 The card is:
 a...@pci0:2:0:0: class=0x02 card=0x82261043 chip=0x10481969 rev=0xb0
 hdr=0x00
 vendor = 'Attansic (Now owned by Atheros)'
 device = 'Gigabit Ethernet 10/100/1000 Base-T Controller (Atheros L1)'
 class = network
 subclass = ethernet

 Any idea what could be the problem ?

 Thanks,
 Julien


 OK, I dug a bit and found the problem ...

 I have 4 memory slots on the motherboard : D C  B A
 When I put a memory stick in A _or_ C it works
 When I put memory sticks in A _and_ C it works too
 However, when I put memory sticks in A _and_ B or A _and_ B _and_ C it
 fails ... (dual channel)

 Could it be a bug... or a broken Bios ?





In main boards , memory channels mainly are colored pair-wise , for example
Red-Blue , Red-Blue . One of the colors is Zero channel , the other 1
channel .
For Intel 1366 pin sockets , there are 3 pairs : for example , Red-Blue ,
Red-Blue , Red-Blue .

When memory chips are installed , first zero channels should be filled ,
then one channels , as in increasing order . Placing memory chips
arbitrarily will get a non-working main board , which is NOT a bug , but
production principle .
Another principle is when more than one chip is installed , they should be
the SAME in pair-wise , for example Red channels having the same size , Blue
channels having the same size as Mega or Giga bytes , and they should have
same Mega-Hertz speed .

The more complete and correct information may be obtained from your main
board manual . Another point is ´Supported memory´ chips list . When you
want to use memory chips , it is necessary to study main board supported
chips list and select among them .

It seems that your memory chips are correctly selected , but please insert
them as instructed by the main board manual . In other combinations ,
working is accidental and I do not know there may be other problems
associated incorrect placement .

Personally I never insert chips in a way other than defined in manual .

Some main boards may check correctness of insertions and it my give failure
indicator beeps , but some main boards may not check , but will not work as
you expected : Everything is working as single ones , but they are not
working in combination .

Thank you very much .


Mehmet Erol Sanliturk
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

[fbsd_questions] mac and windoze formats

[spellberg_robert]

howdy, folks ---

this may be a stupid question,
  but, i figure that it is better to ask than to assume.



premise:

i was looking at a retail site that is offering
  a dvd_archive of every issue of a particular magazine back to its beginning, 
many decades ago
  [ these have become popular, lately ].
usually, i put these things on my windoze_box, until it was no longer new 
enough.
then, i looked for linux [ aka, elf ] compatability, which also works.

well, it has finally happened.
something i want is only available for windoze and os_x.



research:

now, freebsd handles all sorts of elf; but,
  mac is not elf, it is derived from mach [ a long_unused word from my youth ].

so, this question is about emulation.
i found the section in the faq and in the handbook on elf, but,
  there is no mention of mac, osx, mach or anything else that is not elf, not 
even wine.
i found a recent _questions post that suggested that there is no current 
ability to run a mach-o binary.
because no one challenged this assertion, i take it as true.



  q:where do things stand regarding
  the future ability to run either a windoze or mac binary
  [ as these are the general_public's notion of a computer ] ?

  q:would the present situation be described as closer
  to  real_soon_now ! ,
  to  are you kidding ?  or
  to somewhere between these two endpoints ?



happy everything, to everybody, all of the time,
  even to those who don't celebrate anything, at any time.

rob

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: [fbsd_questions] mac and windoze formats

[Chuck Swiger]

On Dec 8, 2010, at 12:12 PM, spellberg_robert wrote:
 premise:
 
 i was looking at a retail site that is offering
  a dvd_archive of every issue of a particular magazine back to its beginning, 
 many decades ago
  [ these have become popular, lately ].

If the archive contains this magazine in a common format like PDF, you can view 
such under nearly any platform (including FreeBSD).

 usually, i put these things on my windoze_box, until it was no longer new 
 enough.
 then, i looked for linux [ aka, elf ] compatability, which also works.

ELF is a binary file format.  It's used by Linux, FreeBSD, Solaris, and other 
platforms.

 research:
 
 now, freebsd handles all sorts of elf; but,
  mac is not elf, it is derived from mach [ a long_unused word from my youth ].

Yes, MacOS X uses the Mach kernel from CMU, also used by NEXTSTEP.  The binary 
file format for the Mac is called MachO.

 so, this question is about emulation.
 i found the section in the faq and in the handbook on elf, but,
  there is no mention of mac, osx, mach or anything else that is not elf, not 
 even wine.
 i found a recent _questions post that suggested that there is no current 
 ability to run a mach-o binary.  because no one challenged this assertion, i 
 take it as true.

It is.

  q:where do things stand regarding
  the future ability to run either a windoze or mac binary
  [ as these are the general_public's notion of a computer ] ?

You can use emulation software like VMWare 3 to run a Windows environment under 
FreeBSD; however, that won't let you run MacOS X or Mac programs.

Regards,
-- 
-Chuck

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: [fbsd_questions] mac and windoze formats - a

[spellberg_robert]

chuck ---

thank you.
your clarity is warmly appreciated.



fyi, would that these --were-- pdfs.
regrettably, these are not computer people;
  they are print_the_magazine_on_paper_and_sell_the_paper people.

the usual approach is to install a binary on the box that, at the least,
  requires the presence of the optical_disc in the drive to operate.

well, that's what happens when one charges money for something that is easily 
duplicated.
their loss; i didn't include this item in today's order for some single_issues.



ciao.

rob



Chuck Swiger wrote:

On Dec 8, 2010, at 12:12 PM, spellberg_robert wrote:


premise:

i was looking at a retail site that is offering
a dvd_archive of every issue of a particular magazine back to its beginning, 
many decades ago
[ these have become popular, lately ].



If the archive contains this magazine in a common format like PDF, you can view 
such under nearly any platform (including FreeBSD).



usually, i put these things on my windoze_box, until it was no longer new 
enough.
then, i looked for linux [ aka, elf ] compatability, which also works.



ELF is a binary file format.  It's used by Linux, FreeBSD, Solaris, and other 
platforms.



research:

now, freebsd handles all sorts of elf; but,
mac is not elf, it is derived from mach [ a long_unused word from my youth ].



Yes, MacOS X uses the Mach kernel from CMU, also used by NEXTSTEP.  The binary 
file format for the Mac is called MachO.



so, this question is about emulation.
i found the section in the faq and in the handbook on elf, but,
there is no mention of mac, osx, mach or anything else that is not elf, not 
even wine.
i found a recent _questions post that suggested that there is no current 
ability to run a mach-o binary.  because no one challenged this assertion, i 
take it as true.



It is.



q:where do things stand regarding
the future ability to run either a windoze or mac binary
[ as these are the general_public's notion of a computer ] ?



You can use emulation software like VMWare 3 to run a Windows environment under 
FreeBSD; however, that won't let you run MacOS X or Mac programs.

Regards,



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Does MAC version of iTunes work on FreeBSD?

[Bruce Cran]

On Tue, 16 Nov 2010 14:26:21 -0500
Nathan Vidican nat...@vidican.com wrote:

 No. The Mac version of iTunes depends on the Cocoa application
 framework, which is a set of Objective C objects that, as far as I am
 aware of, has no compatible framework under FreeBSD.

The only vaguely compatible framework is GNUstep, which has at least
partial support for the Cocoa APIs. Apparently it would be best to start
with GNUstep and move an application to OS X though since there are so
many features from MacOS that aren't implemented. Note that this is
completely separate from binary compatibility: as far as I know
nobody's working on Mach-O compatbility on FreeBSD so applications
would need to be recompiled.

http://wiki.gnustep.org/index.php/Cocoa

-- 
Bruce Cran
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Does MAC version of iTunes work on FreeBSD?

[Chad Perrin]

On Wed, Nov 17, 2010 at 03:10:24PM +, Bruce Cran wrote:
 On Tue, 16 Nov 2010 14:26:21 -0500
 Nathan Vidican nat...@vidican.com wrote:
 
  No. The Mac version of iTunes depends on the Cocoa application
  framework, which is a set of Objective C objects that, as far as I am
  aware of, has no compatible framework under FreeBSD.
 
 The only vaguely compatible framework is GNUstep, which has at least
 partial support for the Cocoa APIs. Apparently it would be best to start
 with GNUstep and move an application to OS X though since there are so
 many features from MacOS that aren't implemented. Note that this is
 completely separate from binary compatibility: as far as I know
 nobody's working on Mach-O compatbility on FreeBSD so applications
 would need to be recompiled.
 
 http://wiki.gnustep.org/index.php/Cocoa

There's also Cocotron:

http://www.cocotron.org/

I've never used it, though, so I have no idea what level of compatibility
it offers, and it appears to be mostly focused on MS Windows platforms
right now.

-- 
Chad Perrin [ original content licensed OWL: http://owl.apotheon.org ]


pgpVDxcjzv1YT.pgp
Description: PGP signature

Does MAC version of iTunes work on FreeBSD?

[Steven Friedrich]

-- 
System Name:   laptop2.StevenFriedrich.org
Hardware:  2.80GHz Intel Pentium 4 (HTT) with 2 GB memory
OS version:FreeBSD 8.1-RELEASE-p1 i386 (6.4 MB kernel)
manager(s):kde4-4.5.3 
X windows: xorg-7.5X.Org X Server 1.7.5
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Does MAC version of iTunes work on FreeBSD?

[Nathan Vidican]

On Tue, Nov 16, 2010 at 2:09 PM, Steven Friedrich free...@insightbb.com wrote:

 --
 System Name:   laptop2.StevenFriedrich.org
 Hardware:      2.80GHz Intel Pentium 4 (HTT) with 2 GB memory
 OS version:    FreeBSD 8.1-RELEASE-p1 i386 (6.4 MB kernel)
 manager(s):    kde4-4.5.3
 X windows:     xorg-7.5    X.Org X Server 1.7.5
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

No. The Mac version of iTunes depends on the Cocoa application
framework, which is a set of Objective C objects that, as far as I am
aware of, has no compatible framework under FreeBSD.

--
Nathan Vidican
nat...@vidican.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Does MAC version of iTunes work on FreeBSD?

[Chris Rees]

On 16 November 2010 19:26, Nathan Vidican nat...@vidican.com wrote:
 On Tue, Nov 16, 2010 at 2:09 PM, Steven Friedrich free...@insightbb.com 
 wrote:

 --
 System Name:   laptop2.StevenFriedrich.org
 Hardware:      2.80GHz Intel Pentium 4 (HTT) with 2 GB memory
 OS version:    FreeBSD 8.1-RELEASE-p1 i386 (6.4 MB kernel)
 manager(s):    kde4-4.5.3
 X windows:     xorg-7.5    X.Org X Server 1.7.5

 No. The Mac version of iTunes depends on the Cocoa application
 framework, which is a set of Objective C objects that, as far as I am
 aware of, has no compatible framework under FreeBSD.

 --
 Nathan Vidican
 nat...@vidican.com


Neither does the Windows version.

http://appdb.winehq.org/objectManager.php?sClass=applicationiId=1347

You could however try gtkpod, rhythmbox or Amarok if your goal is to
sync your iPod.

Also, please don't write X windows, its name is the X Window System [1].

Chris

[1] http://en.wikipedia.org/wiki/X_Window_System#Nomenclature
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

change MAC address for PPPoE connection

[Sergeant M.G.Bob]

Hello
I'm using PPPoE link to connect to the INTERNET. my problem is that I have
to change my MAC address for my night time link. I do that using ifconfig
command before connecting the night link:

*killall ppp
ifconfig cdce0 ether 2a:00:00:00:00:00
ppp -ddial adslnight*

cdce0 is the interface connected to the ADSL modem. command will change the
MAC address on the interface but PPP still uses the old MAC (I can see it
over tcpdump).
I think it's some cache or something that keeps the old MAC.
please help me, I couldn't find anything related on-line.

my ppp.conf:
*adsl:
  set log Phase tun command
  set redial 99 3
  set device PPPoE:cdce0
  set authname UserName
  set authkey Password
  set dial
  set login
  add default HISADDR

adslnight:
  set log Phase tun command
  set redial 99 3
  set device PPPoE:cdce0
  set authname NightUserName
  set authkey NightPassword
  set dial
  set login
  add default HISADDR*
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Problems mounting nfs from freebsd to Mac.

[Mike Meyer]

On Sat, 25 Sep 2010 14:58:21 -0500 (CDT)
Robert Bonomi bon...@mail.r-bonomi.com wrote:

  From owner-freebsd-questi...@freebsd.org  Sat Sep 25 03:29:33 2010
  Date: Sat, 25 Sep 2010 04:01:18 -0400
  From: Mike Meyer mike.w.me...@gmail.com
  To: questi...@freebsd.org
  Cc: 
  Subject: Problems mounting nfs from freebsd to Mac.
 
  I've got an nfs server that's refusing to mount one client - via one
  route - and it's driving me crazy.
 
 First question, are you _SURE_ that it's a server-side problem?  I under-
 stand that things are failing in one situation and not others, but there
 are about -five- possible causations, only one of which is a server-side
 NFS configuration.

No, I'm not sure. The question is more what server tools can I use
figure out what's wrong than how do I fix the server. That the
FreeBSD community is the most helpful one involved might have some
bearing on which question I chose to ask here.

  As far as I know, there are only three reasons for an NFS server to
  refuse a mount request: 1) The exports file is borked somehow, 2) The
  server insists that the client use a privileged port, or 3) The IP
  address the request is coming from is disallowed.
 There _are_ others, depending on how access controls are specified in
 the exports file.

Those are pretty much what I meant by the exports file is borked
somehow. The file systems are all zfs, all exported by zfs, and
mostly all inherited from the parent file system. For the record,
that's:

/export -maproot 0 -network 192.xx.yy.0/25 


  #1 isn't it - the file systems mount fine on other boxes. And they
  mount fine on the problem box via Wifi.
 
  #2 shouldn't be it - I'm running the server with -n turned on, and the
  mount works via wifi.
 
  #3 seems logical, but I only have one network enabled, and it's a
  *.0/25. The working addresses include .96, and .106, while the failing
  address is .105. So I'm not sure what's going on here.
 
  Running mountd with a -d flag generates no output at all when the
  request is denied. This makes me think I'm not looking in the right
  place.
 
 First thing, what does 'showmount -a', run on the misbehaving client show? 
 And are there differences, depending on being on the wired vs wireless link?

Just All mounts on localhost: and then an empty list, whether they
are mounted or not.

 Check how the client resolves the server hostname on both the wireless and
 wired links.

It's the same. That's expected - the WRT610N is providing both dns 
dhcp services, and they both resolve through it.

 make sure the _server_ name (in the form used in the nfs mount) is
 resolving in the same way -- to the same address -- when the client is
 on thee wireless and wired links.  (an 'unqualified' hostname, and a
 lack of a default domain in the wired setup  _could_ cause what you
 are seeing.

Yup, both connections resolve to the same address. Yes, I use an
unqualified hostname, but the dhcp server provides a default domain.

 Check to make sure you've got network connectivity both ways on both the
 wired and wireless links.  Does traceroute work in both directions on
 both links?  does it show the _same_names_?

Yes, and yes. 

 You've say you've got a WRT610N in the middle of things.  Is it actually
 playing _router_ on all ports, or switch/hub on the lan side with routing
 on the external interface.  

The latter, and it's bridging the wireless network into the LAN side
as well.

 If it's actually -routing- on all ports, check _both_ the client and server
 routing tables to make sure they're pointing in the right plac, when the
 client is connected on both paths.  Also double-check the router itself
 for any access-control and/or filtering rules.

Those all look right to me. In particular, the client routing tables
are identical (module different interface names  ip addresses) when
it's on the wireless and wired connection.

 If nothing has shown up so far, an obvious next step is to look at the data
 'on the wire' between the machines.  e.g., tcpdump/etherfind/netshark etc.

I was hoping for something a little bit higher level than that, but I
guess that's what's next.

  Thanks,
  mike
-- 
Mike Meyer m...@mired.org http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.

O ascii ribbon campaign - stop html mail - www.asciiribbon.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Problems mounting nfs from freebsd to Mac.

[Mike Meyer]

I've got an nfs server that's refusing to mount one client - via one
route - and it's driving me crazy.

The server is running 8.1-RELEASE, exporting a collection of zfs file
systems. All the file systems are exported with the exact same
flags. The clients are either FreeBSD or OSX boxes. Most of them work
fine.

One OSX box - updated to the latest snow leopard while trying to fix
this - gets permission denied when it tries to mount the interesting
fie systems. But only when using it's wired connection. If it connects
via wifi to the same router (a cisco WRT610N running dd-wrt)
everything works fine.

As far as I know, there are only three reasons for an NFS server to
refuse a mount request: 1) The exports file is borked somehow, 2) The
server insists that the client use a privileged port, or 3) The IP
address the request is coming from is disallowed.

#1 isn't it - the file systems mount fine on other boxes. And they
mount fine on the problem box via Wifi.

#2 shouldn't be it - I'm running the server with -n turned on, and the
mount works via wifi.

#3 seems logical, but I only have one network enabled, and it's a
*.0/25. The working addresses include .96, and .106, while the failing
address is .105. So I'm not sure what's going on here.

Running mountd with a -d flag generates no output at all when the
request is denied. This makes me think I'm not looking in the right
place.

Relevant entries from rc.conf (nothing really fancy):

nfs_server_enable=yes
nfs_server_flags=-u -t -n 4 -h $MY_IP
mountd_enable=yes
mountd_flags=-r -n -h $MY_IP
rpcbind_enable=YES
rpcbind_flags=-h $MY_IP
rpc_lockd_enable=YES
rpc_lockd_flags=-h $MY_IP
rpc_statd_enable=YES
rpc_statd_flags=-h $MY_IP

So, questions: if mountd isn't the issue (though it's issuing the
denied messages), what is? Is there some reason I've overlooked for
the permissions to be denied? Anything I can do to get more
information out of mountd (or whatever is causing the problem)? Any
other things I might try?

  Thanks,
  mike


-- 
Mike Meyer m...@mired.org http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.

O ascii ribbon campaign - stop html mail - www.asciiribbon.org

-- 
Mike Meyer m...@mired.org http://www.mired.org/consulting.html
Independent Network/Unix/Perforce consultant, email for more information.

O ascii ribbon campaign - stop html mail - www.asciiribbon.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Problems mounting nfs from freebsd to Mac.

[Robert Bonomi]

 From owner-freebsd-questi...@freebsd.org  Sat Sep 25 03:29:33 2010
 Date: Sat, 25 Sep 2010 04:01:18 -0400
 From: Mike Meyer mike.w.me...@gmail.com
 To: questi...@freebsd.org
 Cc: 
 Subject: Problems mounting nfs from freebsd to Mac.

 I've got an nfs server that's refusing to mount one client - via one
 route - and it's driving me crazy.

First question, are you _SURE_ that it's a server-side problem?  I under-
stand that things are failing in one situation and not others, but there
are about -five- possible causations, only one of which is a server-side
NFS configuration.

 The server is running 8.1-RELEASE, exporting a collection of zfs file
 systems. All the file systems are exported with the exact same
 flags. The clients are either FreeBSD or OSX boxes. Most of them work
 fine.

 One OSX box - updated to the latest snow leopard while trying to fix
 this - gets permission denied when it tries to mount the interesting
 fie systems. But only when using it's wired connection. If it connects
 via wifi to the same router (a cisco WRT610N running dd-wrt)
 everything works fine.

That elimintes NFS on the client, and -most- of the NFS config on the
server.

 As far as I know, there are only three reasons for an NFS server to
 refuse a mount request: 1) The exports file is borked somehow, 2) The
 server insists that the client use a privileged port, or 3) The IP
 address the request is coming from is disallowed.

There _are_ others, depending on how access controls are specified in
the exports file.

 #1 isn't it - the file systems mount fine on other boxes. And they
 mount fine on the problem box via Wifi.

 #2 shouldn't be it - I'm running the server with -n turned on, and the
 mount works via wifi.

 #3 seems logical, but I only have one network enabled, and it's a
 *.0/25. The working addresses include .96, and .106, while the failing
 address is .105. So I'm not sure what's going on here.

 Running mountd with a -d flag generates no output at all when the
 request is denied. This makes me think I'm not looking in the right
 place.

First thing, what does 'showmount -a', run on the misbehaving client show? 
And are there differences, depending on being on the wired vs wireless link?

Check how the client resolves the server hostname on both the wireless and
wired links.

make sure the _server_ name (in the form used in the nfs mount) is
resolving in the same way -- to the same address -- when the client is
on thee wireless and wired links.  (an 'unqualified' hostname, and a
lack of a default domain in the wired setup  _could_ cause what you
are seeing.

Check to make sure you've got network connectivity both ways on both the
wired and wireless links.  Does traceroute work in both directions on
both links?  does it show the _same_names_?

You've say you've got a WRT610N in the middle of things.  Is it actually
playing _router_ on all ports, or switch/hub on the lan side with routing
on the external interface.  

If it's actually -routing- on all ports, check _both_ the client and server
routing tables to make sure they're pointing in the right plac, when the
client is connected on both paths.  Also double-check the router itself
for any access-control and/or filtering rules.

If nothing has shown up so far, an obvious next step is to look at the data
'on the wire' between the machines.  e.g., tcpdump/etherfind/netshark etc.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: IPFW with MAC address configuration

[Ian Smith]

In freebsd-questions Digest, Vol 321, Issue 12, Message: 31
On Fri, 30 Jul 2010 07:18:40 -0400 Carmel carmel...@hotmail.com wrote:

  I am trying to set up a rule using IPFW that utilizes a MAC address
  rather than an IP one.
  
  ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup 
  keep-state
  
  Would that work, assuming the machine I want to allow access has that
  MAC address?

It's not quite that simple.  If you need to examine MAC addresses or 
anything else at layer 2 you first have to set net.link.ether.ipfw=1 
Controls whether layer-2 packets are passed to ipfw.  Default is no.

Then you'll see all packets from ether_demux and ether_output_frame as 
well as the usual layer 3 packets (ie after layer2 headers are removed) 
from ip_input and ip_output.  Read the PACKET FLOW section in ipfw(8) 
for what you need to do to first separate layer2 and layer3 packets, as 
testing for layer2 options like MAC obviously fails on layer3 packets.

Even after separating out the layer2 flows I'm not sure whether you can 
use keep-state with such rules.  And anyway, port 137 (netbios-ns) is a 
UDP service, not TCP.  Is this to do with Samba, or what?

Please cc me on any reply; I'm subscribed to questions as a -digest 
which can take half a day, and the threading gets mangled.

cheers, Ian
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

IPFW with MAC address configuration

[Carmel]

I am trying to set up a rule using IPFW that utilizes a MAC address
rather than an IP one.

ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup 
keep-state

Would that work, assuming the machine I want to allow access has that
MAC address?

-- 
Carmel ✌
carmel...@hotmail.com
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: IPFW with MAC address configuration

[Bas Smeelen]

On 07/30/2010 01:18 PM, Carmel wrote:
 I am trying to set up a rule using IPFW that utilizes a MAC address
 rather than an IP one.

 ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup 
 keep-state

 Would that work, assuming the machine I want to allow access has that
 MAC address?

   
According to the manual (man ipfw) I guess the rule would something like:
ipfw add 1000 allow log tcp MAC any 00:14:A4:43:8E:BA/33 to me 137 in
via nfe0 setup keep-state 

From the manual:

{ MAC | mac } dst-mac src-mac
 Match packets with a given dst-mac and src-mac addresses,
speci-
 fied as the any keyword (matching any MAC address), or six
groups
 of hex digits separated by colons, and optionally followed by a
 mask indicating the significant bits.  The mask may be
specified
 using either of the following methods:

 1.  A slash (/) followed by the number of significant bits.
 For example, an address with 33 significant bits
could be
 specified as:

   MAC 10:20:30:40:50:60/33 any

 2.  An ampersand () followed by a bitmask specified as six
 groups of hex digits separated by colons.  For example,
 an address in which the last 16 bits are significant
 could be specified as:

   MAC 10:20:30:40:50:6000:00:00:00:ff:ff any

 Note that the ampersand character has a special meaning
 in many shells and should generally be escaped.

 Note that the order of MAC addresses (destination first, source
 second) is the same as on the wire, but the opposite of the one
 used for IP addresses.



DISCLAIMER: This e-mail is for the intended recipient(s) only. Access, 
disclosure, copying,
distribution or reliance on any of it by anyone else is prohibited. If you have 
received it
by mistake please let us know by reply and then delete it from your system.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: IPFW with MAC address configuration

[Bas Smeelen]

 On 07/30/2010 01:18 PM, Carmel wrote:
   
 I am trying to set up a rule using IPFW that utilizes a MAC address
 rather than an IP one.

 ipfw -q allow log tcp from MAC 00-14-A4-43-8E-BA to me 137 in via nfe0 setup 
 keep-state

 Would that work, assuming the machine I want to allow access has that
 MAC address?

   
 
 According to the manual (man ipfw) I guess the rule would something like:
 ipfw add 1000 allow log tcp MAC any 00:14:A4:43:8E:BA/33 to me 137 in
 via nfe0 setup keep-state 
To match this mac address exactly it should have MAC any
00:14:A4:43:8E:BA/48
I'm not sure about this


DISCLAIMER: This e-mail is for the intended recipient(s) only. Access, 
disclosure, copying,
distribution or reliance on any of it by anyone else is prohibited. If you have 
received it
by mistake please let us know by reply and then delete it from your system.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

2009 Intel Mac mini

[Bryan Vyhmeister]

I am very interested in getting FreeBSD 8.1 with ZFS running on a 2009
Intel Mac mini. I have no trouble getting it to run on all the
previous Intel models but the 2009 versions hang on boot. I believe it
is related to the issue mentioned on this page

http://wiki.freebsd.org/AppleMacbook

regarding r189055. Has anyone had success with this? Thank you.

Bryan
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

PXE + sysinstall(8) install.cfg: DHCP Attribute to map install config/policy to system MAC?

[Brian A. Seklecki (CFI NOC)]

All:

  The install.cfg mechanism is pretty wicked.

  Unfortunately, there doesn't seem to be a really efficient way
  to provide new clients (or class of clients) an install.cfg
  without rebuilding an MFSROOT image.

  At least with pxeboot(8), in TFTP-only-mode, using
  dhcpd.conf(5) client{} entries, there isn't a way
  to differentiate policies.

  It's just going to go looking for /boot/loader.rc
  and /boot/loader.conf from wherever DHCP told PXE
  to fetch pxeboot(8) from.

  From there, you need to custom compile a 5 meg
  mfsroot image for each [class of] client.

  With an NFS stage-2 boot, I suppose you could set:
option root-path /export/${client}Root etc.,
  but then your 5 meg mfsroot is just extracted
  1-per-client.

  Still seems a bit ugly.  It seems like we could teach
  sysinstall(8) to fetch install.cfg by some standard
  mechanism.

  Possibly a TFTP or NFS URL passed from the DHCP server
  - boot loader - kernel sysctl - sysinstall(8).

  For example, the Sun SPARC4s would TFTP fetch their
  stage 1 boot loader via TFTP with a filename req
  of their MAC address in HEX format, so one could
  just put symlinks in place.

Thoughts or other ideas?

~BAS

PS: our in-tree tftpd(8) is an unending source of sorrow and misery and 
clinical despair.   ports/net/freebsd-tftp is a lifesaver (it actually 
has debugging)



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: PXE + sysinstall(8) install.cfg: DHCP Attribute to map install config/policy to system MAC?

[Erik Norgaard]

On 21/04/10 21:59, Brian A. Seklecki (CFI NOC) wrote:

All:

The install.cfg mechanism is pretty wicked.

Unfortunately, there doesn't seem to be a really efficient way
to provide new clients (or class of clients) an install.cfg
without rebuilding an MFSROOT image.
Possibly a TFTP or NFS URL passed from the DHCP server
-  boot loader -  kernel sysctl -  sysinstall(8).

Thoughts or other ideas?


You can configure sysinstall in your install.cfg to execute shell 
commands, including any fetch-like command. Some scripting should be 
possible to do what you require. I wrote about it here:


http://www.locolomo.org/howto/pxeboot/automatic-installation.html

However, I never really went on and tested this, let me know if this works.

BR, Erik
--
Erik Nørgaard
Ph: +34.666334818/+34.915211157  http://www.locolomo.org
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: Can freebsd be installed on a new mac pro 8 core machine ?

[Matthew Seaman]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 07/04/2010 05:24:41, Wayne Burkart wrote:

 I have a new Mac Pro 8 core desktop machine. I want to install an os that
 will let me install Cpanel and whm so I can use it as a server. Will FreeBsd
 install on the new intell based pro macs ? Pleasea advise.

That's a clear maybe -- FreeBSD works on some Macs, but not all: for
instance it has trouble with the latest Mac pro laptops.  Whether this
applies to the desktops as well I don't know.

I suggest downloading either the USB installer image, the livefs CD or
the DVD image; cutting the appropriate media and seeing if you can get
your machine to boot and run from that media.  If so, then you should be
pretty safe installing FreeBSD onto the hard drive.  I'd try 8.0-RELEASE
first, and failing that, one of the 9.x snapshots (although I doubt
you'll get cPanel to support running under 9.x)

Note that you can partition the hard drive using Bootcamp without wiping
out an existing MacOS X installation.  You can then install FreeBSD
instead of Windows -- this apparently works quite well, although you'll
have to put up with MacOS always referring to the other partition as
containing Windows.  Or you can install FreeBSD as a guest under
VirtualBox, although that's going to needa bit of finessing to make the
VirtualBox guest visible from the external network.

Cheers,

Matthew

- -- 
Dr Matthew J Seaman MA, D.Phil.   7 Priory Courtyard
  Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
  Kent, CT11 9PW
-BEGIN PGP SIGNATURE-
Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAku8MH4ACgkQ8Mjk52CukIwN4QCeLiggPRMAasFnURvwEss8KJZy
02AAnRHu7omXDxeg3iJU6V3bMvlPDdDa
=YbyP
-END PGP SIGNATURE-
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Can freebsd be installed on a new mac pro 8 core machine ?

[Wayne Burkart]

Hello,

 

I have a new Mac Pro 8 core desktop machine. I want to install an os that
will let me install Cpanel and whm so I can use it as a server. Will FreeBsd
install on the new intell based pro macs ? Pleasea advise.

 

Thank you for your time, Wayne

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

popd to send Mail to a Mac; I Really Appreciate this list.

[Martin McCormick]

It looks like imap is more suitable for what I am trying
to do than pop. There may be a slight issue in the fact that I
use .forward to trigger procmail which has the effect of
instantly snatching up every piece of incoming mail and putting
it in to a nmh folder that resides in /home/%user/Mail/%folder
which means /var/mail is always empty. I just created another
user which won't have any .forward or procmail attention.
Forwarding messages to this user will make them hang in
/var/mail/%user and those should be available to imap.

On the Mac, I will be reading that user's mail via imap
to retrieve the messages.

Martin McCormick
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: popd to send Mail to a Mac; I Really Appreciate this list.

[mikel king]

On Mar 26, 2010, at 11:11 AM, Martin McCormick wrote:


It looks like imap is more suitable for what I am trying
to do than pop. There may be a slight issue in the fact that I
use .forward to trigger procmail which has the effect of
instantly snatching up every piece of incoming mail and putting
it in to a nmh folder that resides in /home/%user/Mail/%folder
which means /var/mail is always empty. I just created another
user which won't have any .forward or procmail attention.
Forwarding messages to this user will make them hang in
/var/mail/%user and those should be available to imap.

On the Mac, I will be reading that user's mail via imap
to retrieve the messages.

Martin McCormick


You should be able to subscribe to the folder in question directly  
under IMAP for the specific account. I used to do this all the time.  
It really depend on how you roll out your IMAP service, and which one  
you go with. Either way procmail can filter can sort the message into  
IMAP folders so that you can just pick them up via an IMAP client.


Cheers,
Mikel King
CEO, Olivent Technologies
Senior Editor, BSD News Network
Columnist, BSD Magazine
6 Alpine Court,
Medford, NY 11763
o: 631.627.3055 c: 631.796.1499
skype:mikel.king
http://olivent.com
http://www.linkedin.com/in/mikelking
http://twitter.com/mikelking

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

popd to send Mail to a Mac

[Martin McCormick]

I like to receive mail on a FreeBSD system and want to
continue to do so but occasionally, I have a message that needs
to be forwarded to a Macintosh in my office. It turns out that
Mac's do not do normal smtp mail like sendmail but one of the
options is pop.

I installed popd on the FreeBSD server and want to be
able to feed messages meant for the Mac to popd at which point,
I should be able to retrieve them on that mac.

The normal scenario is:

Mail comes in and I read it. One message has a 20-mile-long url
to a javascrypt-infested web site that lynx can't handle. I
should forward this message to the Mac and there, I can use
safari  to handle that message.

Those are the only messages that will need to go through
popd so I need a simple way to feed them in so the Mac can get
them out.

Thanks.

Martin McCormick WB5AGZ  Stillwater, OK 
Systems Engineer
OSU Information Technology Department Telecommunications Services Group
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: popd to send Mail to a Mac

[mikel king]

On Mar 25, 2010, at 4:52 PM, Martin McCormick wrote:


I like to receive mail on a FreeBSD system and want to
continue to do so but occasionally, I have a message that needs
to be forwarded to a Macintosh in my office. It turns out that
Mac's do not do normal smtp mail like sendmail but one of the
options is pop.

I installed popd on the FreeBSD server and want to be
able to feed messages meant for the Mac to popd at which point,
I should be able to retrieve them on that mac.

The normal scenario is:

Mail comes in and I read it. One message has a 20-mile-long url
to a javascrypt-infested web site that lynx can't handle. I
should forward this message to the Mac and there, I can use
safari  to handle that message.

Those are the only messages that will need to go through
popd so I need a simple way to feed them in so the Mac can get
them out.

Thanks.

Martin McCormick WB5AGZ  Stillwater, OK
Systems Engineer
OSU Information Technology Department Telecommunications Services  
Group


Why not just roll out IMAP and then it won't matter? Actually if you  
wanted to use fancy postfix server side filtering I'd recommend you go  
IMAP anyway. Filter the 'bad' messages into their own folder. Honestly  
that seems more trouble than it's worth.



Regards,
Mikel King
CEO, Olivent Technologies
Senior Editor, BSD News Network
Columnist, BSD Magazine
6 Alpine Court,
Medford, NY 11763
o: 631.627.3055 c: 631.796.1499
skype:mikel.king
http://olivent.com
http://www.linkedin.com/in/mikelking
http://twitter.com/mikelking

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: popd to send Mail to a Mac

[Olivier Nicole]

Hi,

 Mail comes in and I read it. One message has a 20-mile-long url
 to a javascrypt-infested web site that lynx can't handle. I
 should forward this message to the Mac and there, I can use
 safari  to handle that message.
 
You do not forward anything via pop.

Instead you filter and save the message to a mailbox.

You have popd on your FreeBSD machine set-up to serve this mailbox.

On your Mac you use a mail client, that read the mailbox with pop.

Pop is a pull service: the client is requesting to read the new
messages. You should be able to configure your mail client to search
for new messages every now and then, but that will still be initiates
by the client.

Bests,

Olivier

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

The MAC portacl Module

[Jurif]

Hi!

I'd like to set security.mac.portacl.rules but my kernel doesn't include it

--$ sysctl security.mac.portacl.rules
sysctl: unknown oid 'security.mac.portacl.rules'


What options i need to add to kernel config file before i recompile kernel
to add support for this mac portacle ?

Regards,

Jurif
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

The MAC portacl Module

[Jurif]

Hi!

I'd like to set security.mac.portacl.rules but my kernel doesn't include it

--$ sysctl security.mac.portacl.rules
sysctl: unknown oid 'security.mac.portacl.rules'


What options i need to add to kernel config file before i recompile kernel
to add support for this mac portacle ?

Regards,

Jurif
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org

Re: yikes! MAC address changed ??

[James Smallacombe]

Sorry for replying to myself (AND top-posting!) twice in a row, but this 
is become a huge concern.  My first thought is that my provider changed 
routers or router Ethernet ports, hence the MAC address change.  They deny 
this, plus I find the two MAC addresses:


00:17:e0:4f:b9:c0 to 00:13:e0:4f:b9:c0

too close to each other for comfort.  My obvious concern here is that the 
recent php compromises somehow allowed an attacker to alter the ARP table 
entry of the default gateway.  Specific questions are as follows:


1) If this were done via a perl or php script, presumably executing
   an 'arp -s' command, would it show up in the log like that?  I've
   never changed an ARP entry (except to delete it using 'arp -d'), so
   I've only seen log entries like that due to external changes, like
   somebody changing IPs on the LAN from one Ether to another.

2) Could an Ethernet card defect or re0 driver problem cause anything
   like this?  Other bug?

3) If this was an attacker using a local script, how the hell does he
   get a php or perl script owned by UID 80 (or worst case, a user),
   to do this?

Thanks again for any insight...appreciate a reply to both list and 
directly.


On Wed, 10 Feb 2010, James Smallacombe wrote:



Please disregard this...sleep deprication...the IP in questions (which I 
should have disfuised anyway) was not my server's IP, but that of the default 
gateway...the problem was external.


On Wed, 10 Feb 2010, James Smallacombe wrote:



This freaked me out a bit, so I'm just running it past the list to make 
sure this is just a hardware issue...I've never seen it before.


My dedicated server provider replaced my defective server that had been up 
for 6 months after it had apparent failures of a NIC and hard drives.  It 
had also recently been the victim of the Zen Cart exploits (I posted about 
this not long ago).


Tonight I lost connectivity to it, got in via KVM/IP and saw this in the 
syslog:


Feb 10 20:42:51 mail kernel: arp: 209.17.170.1 moved from 00:17:e0:4f:b9:c0 
to 00:13:e0:4f:b9:c0 on re0


My first reaction was that somebody else on the LAN had used my IP address, 
which would have explained the connectivity issues.  However, the IP 
couldn't be pinged and I also noticed that only one number in the address 
had changed...the odds of somebody else having it were long. ifconfig 
showed the I/F down, no carrier.


I rebooted and then it came up with yet a third MAC address, 
00:14:d1:3c:1e:31  Not really even close.  Still no carrier.  Provider 
swaps out the Realtek NIC for a new one and it's working (for now).


Questions that come to mind: could their be a DoS perhaps from a bot or 
c99shell I didn't find?  Even if their was, would it be possible for the 
www user, with no priveleges to even cause this kind of problem?  I had 
disabled suhosin after customers patched their Zen Carts, because it 
interfered with it.


Or...could this be a bug in the re0 driver?  It's just weird.

James Smallacombe PlantageNet, Inc. CEO and Janitor
u...@3.am 
http://3.am

=



James Smallacombe PlantageNet, Inc. CEO and Janitor
u...@3.am   http://3.am
=



James Smallacombe PlantageNet, Inc. CEO and Janitor
u...@3.am   http://3.am
=
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org