Re: [FreeBSD-Announce] FreeBSD-4.11 Release Candidate 1 Available
Ken Smith [EMAIL PROTECTED] writes: Announcement The FreeBSD Release Engineering Team is pleased to announce the availability of FreeBSD 4.11-RC1, which marks the beginning of the FreeBSD 4.11 Release Cycle. This will be the last of the FreeBSD 4.X releases. It is meant These long-standing bugs are still open, in decreasing order of importance. I checked 60313 and 44260 a few moments ago with a current RELENG_4_11 CVS, and haven't seen any followups on 46866 and 71453. kern/60313 data destruction (kernel access wrong address on block device) bin/46866 nondeterministic NIS returns (this has been messing up NIS-based systems for ages with users gone one moment and appearing the next) bin/71453 tcpdump segfaults on PPP IPV6CP traffic (includes a suggested solution, perhaps MFC suffices) kern/44260 LINT does not list pseudo-device tap (trivial to fix) -- Matthias Andree ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [FreeBSD-Announce] FreeBSD-4.11 Release Candidate 1 Available
On Mon, 20 Dec 2004 11:49+0100, Matthias Andree wrote: bin/46866 nondeterministic NIS returns (this has been messing up NIS-based systems for ages with users gone one moment and appearing the next) While you're at it, could someone take a look at the logit() function in portmap (in the file portmap/pmap_check.c)? Make the function more safe to use with NIS, i.e. the call to getrpcbynumner(), and particularly when the NIS domain is set, but ypbind hasn't yet registrered itself with portmap or are about to register itself with portmap. This (serious) problem occurs only when portmap is run with logging turned on, which probably accounts for why no one has done anything about it before. Take a look at PR bin/73422 for more details about this problem with portmap, ypbind and rc.network. Please don't hesitate about contacting me if you need more information. Btw, the same problem is present in FreeBSD 5.x. -- -- Trond Endrestøl |[EMAIL PROTECTED] Patron of The Art of Computer Programming| FreeBSD 4.8-S Pine 4.55 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sshd DNS
Hi!!! sshd needs DNS for backresolving!!! When you are connecting to a remote host via SSH, sshd tries to resolv in-addr.arpa zone for your IP address. man sshd -- Best regards, Andrey Sharandakov, ASH83-RIPE - Original Message - From: Kovcs Pter [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, December 19, 2004 8:06 PM Subject: sshd DNS Hello, I sometimes get this error message: sshd[543767]: WARNING: DNS lookup failed for 171.31.1.21 Why is this error message? For what sshd needs DNS? If the DNS is unavailable I can't log into my computer. How can I resolve this problem, so I can still login if the DNS is not available? Thanks, Peter ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: [5.3-STABLE] netstat doesn't show tcp sockets
It works fine for me. My world and kernel were compiled with CPUTYPE?=p3 and CFLAGS= -O -pipe. FreeBSD 5.3-STABLE #0: Sat Dec 11 18:24:44 CET 2004 Björn ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
ppp filtering troubles
Hello freebsd-stable, I wish the server, dialing out periodically, throws a connection out only if it has no activities over the SMTP and SSH sessions more then 3 minutes (and 3 minutes minimum for connection duration time). I have in ppp.conf: isp: set timeout180 180 Adding the next rulse to isp: section: set filter alive 0 permit 0 MYADDR tcp dst eq 25 set filter alive 1 permit MYADDR 0 tcp src eq 25 set filter alive 2 permit MYADDR 0 tcp dst eq 25 set filter alive 3 permit 0 MYADDR tcp src eq 25 set filter alive 12 permit 0 MYADDR tcp dst eq 22 set filter alive 13 permit MYADDR 0 tcp src eq 22 despite of this rules connections cuts out over the 3 minutes. What is the best way to reset timers only for 22 and 25 ports? 4.10-STABLE. -- Thanks in advance, Illia Baidakov. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FreeBSD 5.3 and vinum upgrade #2
Am Montag, 20. Dezember 2004 00:04 schrieb Nikolaj Hansen: [...] The whole problem is, I cannot mount any thing without doing it this way. The reason for this is, as you pointed out , that my disk setup is different than the norm: $ sudo bsdlabel da1s1 Password: # /dev/da1s1: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 51200004.2BSD 2048 16384 32008 b: 1228535 512000 swap c: 177678270unused0 0 # raw part... h: 16027292 1740535 vinum Both sides of the mirror are made like this. This disk setup seems to me perfectly legal. Your vinum-partition has an offset of 1740535 which is != 0, that's all that I meant. Of cause I _really_ want to keep the data on the disks. Is there an easy way to fix the disks for geom_vinum compability, or do they need to be rebuilt from the ground up? I don't know any hints any more, sorry. I send a pointer to [EMAIL PROTECTED], which is the creator of geom_vinum, because he follows -current and not -stable AFAIK. -- Ciao/BSD - Matthias Matthias Schuendehuette msch [at] snafu.de, Berlin (Germany) PGP-Key at pgp.mit.edu and wwwkeys.de.pgp.net ID: 0xDDFB0A5F ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD-4.11: will SATA be supported?
man page ata(4) for FreeBSD-4.10-stable announces support for 'SerialATA disk drives' and some SATA controllers, e.g. the SiI 3112 and 3114. Hence I am looking for theese features in 4.11. A first test using FreeBSD-4.11 RC1 from the mininstall CD did not recognize SiL controllers 3112 and 3114. Will SATA be supported in FreeBSD-4.11 ? Klaus Kapeller Ingenieurbuero Kapeller - UNIX Datentechnik ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
sound blaster ISA 64 Gold and ACPI problem solved on 5-STABLE?
Hello to all, I've tryed to use an old SB AWE ISA Gold on FreeBSD 5.2.1 without success because it have problems with ACPI enabled. This sound card only works with ACPI disabled. I'd like to know if anyone knows if it works ok on 5-STABLE without problem with ACPI. I remember having this problem with OSS and FreeBSD native driver. Thanks, Nuno Teixeira -- SDF Public Access UNIX System - http://sdf.lonestar.org ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
php5.0.3_1 doesn't run after update
I am running 4.10 stable. I upgraded to php5.0.3_1 by: cvsup portsdb -Uu pkgdb -vuf portupgrade -v php5-session portupgrade -v php5-mysql ... portupgrade -v php5 PHP Warning: PHP Startup: Unable to load dynamic library /usr/local/lib/php/20041030/session.so I get the same messages for the 12 modules that I updated. In /usr/local/lib/php I have: drwxr-xr-x 2 root wheel 1536 Dec 20 13:58 20040412 drwxr-xr-x 2 root wheel 512 Dec 20 14:00 build drwxr-xr-x 3 root wheel 512 Sep 15 10:31 pear Now much of php doesn't work. How do you fix this? What did I do wrong to cause this to happen? Jim -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.5.4 - Release Date: 12/15/2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php5.0.3_1 doesn't run after update
bob wrote: I am running 4.10 stable. I upgraded to php5.0.3_1 by: cvsup portsdb -Uu pkgdb -vuf portupgrade -v php5-session portupgrade -v php5-mysql ... portupgrade -v php5 PHP Warning: PHP Startup: Unable to load dynamic library /usr/local/lib/php/20041030/session.so I get the same messages for the 12 modules that I updated. In /usr/local/lib/php I have: drwxr-xr-x 2 root wheel 1536 Dec 20 13:58 20040412 drwxr-xr-x 2 root wheel 512 Dec 20 14:00 build drwxr-xr-x 3 root wheel 512 Sep 15 10:31 pear Now much of php doesn't work. How do you fix this? What did I do wrong to cause this to happen? Rebuild all of your extensions (portupgrade -f port). The most recent update of the php5 port changed the extension directory. This probably deserves an entry in UPDATING. Also, any reason you don't use portupgrade -a? Jon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php5.0.3_1 doesn't run after update
Jon Noack wrote: bob wrote: I am running 4.10 stable. I upgraded to php5.0.3_1 by: cvsup portsdb -Uu pkgdb -vuf portupgrade -v php5-session portupgrade -v php5-mysql ... portupgrade -v php5 PHP Warning: PHP Startup: Unable to load dynamic library /usr/local/lib/php/20041030/session.so I get the same messages for the 12 modules that I updated. In /usr/local/lib/php I have: drwxr-xr-x 2 root wheel 1536 Dec 20 13:58 20040412 drwxr-xr-x 2 root wheel 512 Dec 20 14:00 build drwxr-xr-x 3 root wheel 512 Sep 15 10:31 pear Now much of php doesn't work. How do you fix this? What did I do wrong to cause this to happen? Rebuild all of your extensions (portupgrade -f port). The most recent update of the php5 port changed the extension directory. This probably deserves an entry in UPDATING. Also, any reason you don't use portupgrade -a? Jon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED] I didn't want to update some things that I no longer use (thunderbird, eg). I've started running a web server on this machine and I don't care about x-windows things now. I'm not sure if my thinking is correct on this. It seemed a little less risky. Should I run portupgrade -f php5 before or after php5-extensions and/or php5-session, etc? Here's what portversion -v says: php5-5.0.3_1= up-to-date with port php5-extensions-1.0 = up-to-date with port php5-gd-5.0.3_1 = up-to-date with port php5-mysql-5.0.3_1 = up-to-date with port php5-pcre-5.0.3_1 = up-to-date with port php5-pear-5.0.3_1 = up-to-date with port php5-session-5.0.3_1= up-to-date with port php5-xml-5.0.3_1= up-to-date with port php5-zlib-5.0.3_1 = up-to-date with port If it's just a problem with the extensions directory, can I change the pointer to point to the right directory? Do you know where that is? Bob -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.289 / Virus Database: 265.5.4 - Release Date: 12/15/2004 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php5.0.3_1 doesn't run after update
On Mon, Dec 20, 2004 at 04:16:51PM -0500 I heard the voice of bob, and lo! it spake thus: I am running 4.10 stable. I upgraded to php5.0.3_1 by: cvsup portsdb -Uu pkgdb -vuf portupgrade -v php5-session portupgrade -v php5-mysql ... portupgrade -v php5 you need to update the base (php5) /before/ you update any of the extensions (php5-*), since all you're doing is building them against the old version right before you replace it. I always find it easiest to just do it all at once with something like portupgrade php5\*, and let it handle the ordering. -- Matthew Fuller (MF4839) | [EMAIL PROTECTED] Systems/Network Administrator | http://www.over-yonder.net/~fullermd/ The only reason I'm burning my candle at both ends, is because I haven't figured out how to light the middle yet ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: php5.0.3_1 doesn't run after update
On 12/20/04 15:45, bob wrote: Jon Noack wrote: bob wrote: I am running 4.10 stable. I upgraded to php5.0.3_1 by: cvsup portsdb -Uu pkgdb -vuf portupgrade -v php5-session portupgrade -v php5-mysql ... portupgrade -v php5 PHP Warning: PHP Startup: Unable to load dynamic library /usr/local/lib/php/20041030/session.so I get the same messages for the 12 modules that I updated. In /usr/local/lib/php I have: drwxr-xr-x 2 root wheel 1536 Dec 20 13:58 20040412 drwxr-xr-x 2 root wheel 512 Dec 20 14:00 build drwxr-xr-x 3 root wheel 512 Sep 15 10:31 pear Now much of php doesn't work. How do you fix this? What did I do wrong to cause this to happen? Rebuild all of your extensions (portupgrade -f port). The most recent update of the php5 port changed the extension directory. This probably deserves an entry in UPDATING. Also, any reason you don't use portupgrade -a? I didn't want to update some things that I no longer use (thunderbird, eg). I've started running a web server on this machine and I don't care about x-windows things now. I'm not sure if my thinking is correct on this. It seemed a little less risky. Everything on the machine should be kept up-to-date. If you don't plan on using using it, you should pkg_deinstall it (less is more when it comes to security). Just leaving old versions sitting around is a security nightmare. Plus, running portupgrade -a is so much easier... Should I run portupgrade -f php5 before or after php5-extensions and/or php5-session, etc? Here's what portversion -v says: ... Answered in another response by Matthew Fuller. If it's just a problem with the extensions directory, can I change the pointer to point to the right directory? Do you know where that is? The pointer is specified in /usr/local/etc/php.ini. Setting extension_dir to /usr/local/lib/php/20040412/ should make php find the extensions again, but no guarantees on whether it will work -- there had to be a reason to bump the date. In any case, rebuilding your extensions is the long-term solution. Jon ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sound blaster ISA 64 Gold and ACPI problem solved on 5-STABLE?
Nuno Teixeira wrote: Hello to all, I've tryed to use an old SB AWE ISA Gold on FreeBSD 5.2.1 without success because it have problems with ACPI enabled. This sound card only works with ACPI disabled. I'd like to know if anyone knows if it works ok on 5-STABLE without problem with ACPI. I remember having this problem with OSS and FreeBSD native driver. I don't know. You can get a CD ISO from snapshots.jp.freebsd.org and test yourself. We did fix some irq routing problems between 5.2.1 and 5.3. -- Nate ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: sound blaster ISA 64 Gold and ACPI problem solved on 5-STABLE?
In message [EMAIL PROTECTED], Nate Lawson wrote: Nuno Teixeira wrote: Hello to all, I've tryed to use an old SB AWE ISA Gold on FreeBSD 5.2.1 without success because it have problems with ACPI enabled. This sound card only works with ACPI disabled. I'd like to know if anyone knows if it works ok on 5-STABLE without problem with ACPI. I remember having this problem with OSS and FreeBSD native driver. I don't know. You can get a CD ISO from snapshots.jp.freebsd.org and test yourself. We did fix some irq routing problems between 5.2.1 and 5.3. All I can tell is there is fix for a problem in sys/dev/sound/isa/sbc.c on ACPI between RELENG_5_2_BP(1.38) and RELENG_5_3_BP(1.42.2.1 Merged from 1.43). ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
twa driver, 3ware 9500s-4lp, speed issue
I have a 3ware 9500s-4lp controller with 4 10,000rpm raptors hooked up to it. 0+1 configuration. AMD dual 64 bit processor. This Hardware setup had Sese 9.1 running on it for a few days, One on the issues I had was that the controller seemed slow. After reading 3ware white paper for turning for 2.6, the issue seemed to be buffer read ahead, i.e. blockdev -setra 16384 /dev/sda was needed for any type of read speed. Some quick benchmark under Bonnie++ Sequential read speeds from the mid 40's to 105meg/sec and had the write remained around 98 meg/sec. Now the Problem. loaded 5.3 , cvsup'ed and built for freebsd 5.3 stable, same hardware, the controller is feeling slow again. I tried to play with the vfs prams (vfs.read_max after some googling around). I could not find much information(other than the handbook) about the vfs prams and was unable to increase the speed. Can Any one sheed some light, subjections? insight, Gratefull for any help. Her is a iozone report pretty close to the linux bonnie++(sorry the bonnie failed) to give you all an idea whats up. exect same hardware. only change was OS and filesystem. Thank You MJM PS. I posted this to current, but stable might be a better place for this. iozone -s 20480m -r 60 -i 0 -i 1 -t 1 Iozone: Performance Test of File I/O Version $Revision: 3.196 $ Compiled for 64 bit mode. Build: freebsd Contributors:William Norcott, Don Capps, Isom Crawford, Kirby Collins Al Slater, Scott Rhine, Mike Wisner, Ken Goss Steve Landherr, Brad Smith, Mark Kelly, Dr. Alain CYR, Randy Dunlap, Mark Montague, Dan Million, Jean-Marc Zucconi, Jeff Blomberg. Run began: Mon Dec 20 21:03:36 2004 File size set to 20971520 KB Record Size 60 KB Command line used: iozone -s 20480m -r 60 -i 0 -i 1 -t 1 Output is in Kbytes/sec Time Resolution = 0.01 seconds. Processor cache size set to 1024 Kbytes. Processor cache line size set to 32 bytes. File stride size set to 17 * record size. Throughput test with 1 process Each process writes a 20971520 Kbyte file in 60 Kbyte records Children see throughput for 1 initial writers = 78738.67 KB/sec Parent sees throughput for 1 initial writers = 78716.55 KB/sec Min throughput per process = 78738.67 KB/sec Max throughput per process = 78738.67 KB/sec Avg throughput per process = 78738.67 KB/sec Min xfer= 20971500.00 KB Children see throughput for 1 rewriters= 32126.46 KB/sec Parent sees throughput for 1 rewriters = 32125.77 KB/sec Min throughput per process = 32126.46 KB/sec Max throughput per process = 32126.46 KB/sec Avg throughput per process = 32126.46 KB/sec Min xfer= 20971500.00 KB Children see throughput for 1 readers = 58563.70 KB/sec Parent sees throughput for 1 readers = 58557.14 KB/sec Min throughput per process = 58563.70 KB/sec Max throughput per process = 58563.70 KB/sec Avg throughput per process = 58563.70 KB/sec Min xfer= 20971500.00 KB Children see throughput for 1 re-readers= 58583.77 KB/sec Parent sees throughput for 1 re-readers = 58581.98 KB/sec Min throughput per process = 58583.77 KB/sec Max throughput per process = 58583.77 KB/sec Avg throughput per process = 58583.77 KB/sec Min xfer= 20971500.00 KB iozone test complete. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: 5.3 Loader Too Fragile
I have done the binary search for the origin of the desupport of my 440LX dual CPU DEC Personal Workstation Station 333i+ with no IDE devices; CD and HD are SCSI on 2940U2W controller. Can someone explain how a module that is not built into my custom kernel can have the effect of blowing the loader into a I can't keep track of squat fit? Roger L. Beeman == Here is the logfile of the cvsup from tag=. date=2004.08.16.15.20.00 to tag=. date=2004.08.16.15.25.00 Updating collection src-all/cvs Edit src/sys/modules/cbb/Makefile Add delta 1.9 2004.08.16.15.23.10 imp Add delta 1.10 2004.08.16.15.24.03 imp == Here is my kernel config file # # Iyaki -- Custom kernel configuration file for FreeBSD/i386 # # For more information on this file, please read the handbook section on # Kernel Configuration Files: # #http://www.FreeBSD.org/doc/en_US.ISO8859-1/books/handbook/kernelco nfig-config.html # # The handbook is also available locally in /usr/share/doc/handbook # if you've installed the doc distribution, otherwise always see the # FreeBSD World Wide Web server (http://www.FreeBSD.org/) for the # latest information. # # An exhaustive list of options and more detailed explanations of the # device lines is also present in the ../../conf/NOTES and NOTES files. # If you are in doubt as to the purpose or necessity of a line, check f irst # in NOTES. # # $FreeBSD: src/sys/i386/conf/GENERIC,v 1.413 2004/08/11 01:34:18 rwats on Exp $ machine i386 #cpuI486_CPU #cpuI586_CPU cpu I686_CPU options CPU_DISABLE_SSE ident Iyaki # To statically compile in device wiring instead of /boot/device.hints #hints GENERIC.hints # Default places to look for de vices. #makeoptionsDEBUG=-g# Build kernel with gdb(1) debu g symbols options SCHED_ULE # ULE scheduler options INET# InterNETworking #optionsINET6 # IPv6 communications protocols options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates suppo rt options UFS_ACL # Support for access control li sts options UFS_DIRHASH # Improve performance on big di rectories options MD_ROOT # MD is a potential root device #optionsNFSCLIENT # Network Filesystem Client #optionsNFSSERVER # Network Filesystem Server #optionsNFS_ROOT# NFS usable as /, requires NFS CLIENT options MSDOSFS # MSDOS Filesystem options CD9660 # ISO 9660 Filesystem options PROCFS # Process filesystem (requires PSEUDOFS) options PSEUDOFS# Pseudo-filesystem framework options GEOM_GPT# GUID Partition Tables. options COMPAT_43 # Compatible with BSD 4.3 [KEEP THIS!] options COMPAT_FREEBSD4 # Compatible with FreeBSD4 options SCSI_DELAY=2000 # Delay (in ms) before probing SCSI options KTRACE # ktrace(1) support options SYSVSHM # SYSV-style shared memory options SYSVMSG # SYSV-style message queues options SYSVSEM # SYSV-style semaphores options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-time extensions options KBD_INSTALL_CDEV# install a CDEV entry in /dev options AHC_REG_PRETTY_PRINT# Print register bitfields in d ebug # output. Adds ~128k to driver. #optionsAHD_REG_PRETTY_PRINT# Print register bitfields in d ebug # output. Adds ~215k to driver. options PFIL_HOOKS # pfil(9) framework options ADAPTIVE_GIANT # Giant mutex is adaptive. # Debugging for use in -current #optionsKDB # Enable kernel debugger suppor t. #optionsDDB # Support DDB. #optionsGDB # Support remote GDB. #optionsINVARIANTS # Enable calls of extra sanity checking #optionsINVARIANT_SUPPORT # Extra sanity checks of intern al structures, required by INVARIANTS #optionsWITNESS # Enable checks to detect deadl ocks and cycles #optionsWITNESS_SKIPSPIN# Don't run witness on spinlock s for speed # To make an SMP kernel, the next two are needed options SMP # Symmetric MultiProcessor Kernel device apic# I/O APIC # Bus support. Do not remove isa, even if you have no isa slots device isa device eisa device pci # Floppy drives device fdc # ATA and ATAPI devices #device ata #device atadisk # ATA
Re: ppp filtering troubles
On Mon, Dec 20, 2004 at 06:10:56PM +0300, a person wrote: Hello freebsd-stable, Hi Illia, I wish the server, dialing out periodically, throws a connection out only if it has no activities over the SMTP and SSH sessions more then 3 minutes (and 3 minutes minimum for connection duration time). I'm afraid I can't parse the above sentence :( I have in ppp.conf: isp: set timeout180 180 Adding the next rulse to isp: section: set filter alive 0 permit 0 MYADDR tcp dst eq 25 set filter alive 1 permit MYADDR 0 tcp src eq 25 set filter alive 2 permit MYADDR 0 tcp dst eq 25 set filter alive 3 permit 0 MYADDR tcp src eq 25 set filter alive 12 permit 0 MYADDR tcp dst eq 22 set filter alive 13 permit MYADDR 0 tcp src eq 22 despite of this rules connections cuts out over the 3 minutes. What is the best way to reset timers only for 22 and 25 ports? 4.10-STABLE. ppp(8) (4.11-PRERELEASE): #-- A filter definition has the following syntax: set filter name rule-no action [!] [[host] src_addr[/width] [dst_addr[/width]]] [proto [src cmp port] [dst cmp port] [estab] [syn] [finrst] [timeout secs]] #-- ie. in your filter rules you've set the port but not the timeout. If no timeout is set for each filter rule then they will default to the timeout given by set timeout or 180s if it's not set. I'm not sure what you're doing but an alternative might be to a call a script from ppp.linkup which adds or deletes firewall rules after a sleep(1) -- Thanks in advance, Illia Baidakov. HTH. -- Frank //-// echo f r a n k @ e s p e r a n c e - l i n u x . c o . u k | sed -e 's/ //g' // PGP keyID: 0x10BD6F4 ---// pgpMTo30tngsw.pgp Description: PGP signature