Re: Newbie Port Filter Question on 4.10stable
:: Can anyone point me to a clear resource on what I should do to start, stop :: and flush the port filter rules and whether or not I was working in the :: correct place to begin with. Always start with the Handbook: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html Then, the list archives (specifically this thread that started on the 20th on -security): http://docs.freebsd.org/cgi/getmsg.cgi?fetch=56843+0+archive/2004/freebsd-security/20041121.freebsd-security Best practice would be to take what you want out of /etc/rc.firewall and build your own ruleset in another file. That way you can't accidentally overwrite it the next time you run mergemaster. Cheers - Erick ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: portupgrade and PHP
:: > How can I continually compile PHP with the same :: > options as the last time? :: :: Edit /usr/ports/lang/php4/Makefile and change the line :: PHP4_OPTIONS?= according to your needs. Except that the next time you upgrade your ports tree, your changes will be overwritten. Check out the /usr/local/etc/pkgtools.conf file. This is how you can use your own make(1) options using portupgrade consistently. The options you can use for each port can be found in its respective Makefile. Cheers - Erick ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Updated to today's -stable and can no longer connect to the XFree86 server
:: > For example, if you have xdm starting out of /etc/ttys and you blindly :: > update everything mergemaster tells you to, you might overwrite some of :: > your custom configs. :: :: Well, I don't use xdm. I always have (for many years now) started the :: X server using startx, and I do see that startx (which hasn't been :: changed on my system since last December) does explicitly specify :: "-nolisten tcp" if not told otherwise. Perhaps you had an entry in your .xinitrc to override the command-line settings which isn't there anymore? Eh, just grasping at straws here... Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Updated to today's -stable and can no longer connect to the XFree86 server
:: > XFree86 does not listen on TCP ports by default. You have to enable :: > it if you want this behaviour (see man startx or man xdm). :: :: Well then I am confused. I didn't change XFree86. I only updated the :: system. Why would I suddenly see this new behavior? For example, if you have xdm starting out of /etc/ttys and you blindly update everything mergemaster tells you to, you might overwrite some of your custom configs. Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Sendmail question
:: Since sendmail 8.12 (4.6), I couldn't send anymore a mail locally on my :: private network. The mail is redirected to my external router (which have a :: fully qualified domain name). It sounds like you're defining SMART_HOST in your .mc file which sends all outgoing mail to go to a central relay site. However, without actually looking at your .mc file, it's hard to say for sure. Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Install problem with -C option
When I tried to do a portupgrade of png, I got this at the end: ===> Installing for png-1.2.5 install -C -o root -g wheel -m 444 libpng.a /usr/local/lib install: invalid option -- C Try `install --help' for more information. *** Error code 1 Stop in /usr.rw/ports.work/png/libpng-1.2.5. *** Error code 1 Stop in /usr.rw/ports/graphics/png. *** Error code 1 Stop in /usr.rw/ports/graphics/png. It seems that although UPDATING says that the -C option has been reinstated, install itself doesn't support that option. Additionally, I was able to install a bunch of other ports using the same world/ports tree and I never had any other problems with install. What makes png different? System info: 4.7-STABLE FreeBSD 4.7-STABLE #0: Tue Nov 5 00:06:33 PST 2002 Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: about PPPoE in 4.6.2
:: Is there any specific details in using PPP over Ethernet in 4.6.2-STABLE? The handbook is your friend. Be one with the handbook. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/pppoe.html Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: where is bzip2recover?
:: I need bzip2recover to try to fix a bzip2 corrupted file but it isn't :: installed with the base system. :: :: My system is: :: FreeBSD 4.7-PRERELEASE #0: Tue Sep 17 14:07:24 WEST 2002 I'm not sure why it's not installed in the installworld upgrade process (I find the same thing on multiple machines here), but the Makefile in /usr/src/contrib/bzip2/ does seem to support the building and installation of that binary. At any rate, just cd into /usr/src/contrib/bzip2/, and run 'make bzip2recover'. Then just copy the resulting binary into /usr/bin/ and you're all set. Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: don't know how to make fatal.c?
:: Tried to make buildworld on a 4.6-RELEASE-p1 box, but it bombed out with: :: :: ../../crypto/openssl/crypto/../ssl/t1_enc.c :: /data/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/t1_lib.c :: /data/src/secure/lib/libssl/../../../crypto/openssl/crypto/../ssl/t1_meth.c :: cd /data/src/secure/lib/libssl; make _EXTRADEPEND :: ===> libssh :: make: don't know how to make fatal.c. Stop Make sure you are getting the src-secure collection (at the bottom of the example supfiles in /usr/share/examples/cvsup). Cheers - Erick To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: ipfw log facility broken recently ?
What's the output of "sysctl -e net.inet.ip.fw.verbose" give you? Cheers - Erick At Thu, Mar 21, 2002 at 07:33:58PM -0600, Mark Hittinger said this: :: :: Hey guys - I built a new 4.5-stable kernel last week and the logging of :: packets by ipfw no longer happens (options IPFIREWALL_VERBOSE is on). Just :: CVS'ed and made a new one a few minutes ago and no dice. A Feb 24 kernel :: logs happily. :: :: FYI :: :: Later :: :: Mark Hittinger :: [EMAIL PROTECTED] :: :: To Unsubscribe: send mail to [EMAIL PROTECTED] :: with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Sshd having problems...?
It sounds like you didn't install the necessary pam modules as outlined in UPDATING. Check that file and follow the instructions therein: 20010112: Important new FreeBSD-version stuff: PAM support has been worked in, partially from the "Unix" OpenSSH version. This requires adding the following in pam.conf: sshdauthsufficient pam_skey.so sshdauthrequiredpam_unix.so try_first_pass sshdsession requiredpam_permit.so --Erick At Wed, Feb 28, 2001 at 04:41:49PM -0500, Jared Chenkin said this: :: Hi. :: I try to log into this machine via ssh and I get these messages: :: :: Feb 28 14:09:07 enterprise sshd[591]: fatal: PAM session setup failed[6]: :Permission denied :: Feb 28 14:09:07 enterprise sshd[591]: no modules loaded for `sshd' service :: :: Whats going on? This is right out of the install, totally untouched. I have enabled :sshd in rc.conf(5). :: :: :: Live Large, :: :: Jared Chenkin :: <[EMAIL PROTECTED]> :: (AIM: DevNull24) :: Networked Systems Administrator :: Bronx Science Computing :: :: To Unsubscribe: send mail to [EMAIL PROTECTED] :: with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: subscribe freebsd-stable
Please see http://www.freebsd.org/handbook/eresources.html. At Wed, Nov 29, 2000 at 04:52:20PM -0500, Emmanuel Paré said this: :: :: Emmanuel Paré :: HTRC Paper Technologies Inc. :: http://www.htrc.com :: Tel: 819 346 4522 ext 222 To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: make depend fails
If your source is newer than July, you need to use the new buildkernel/installkernel targets (from /usr/src/UPDATING)... 2706: Binutils were updated. In order to build a kernel after this date, you must follow the updating procedure for building kernels exactly as presented here. You may be able to get away with doing it the old way, but if it breaks, make sure that you've tried the "To build a kernel" section with a fresh /usr/obj first. Be sure to let the list know how old your source is next time, too =) Regards, Erick At Mon, Nov 20, 2000 at 09:16:38PM +0200, Igor Khavin said this: :: Trying to make depend I got :: :: @ -> /usr/src/sys :: machine -> /usr/src/sys/i386/include :: make: don't know how to make agp_if.c. Stop :: *** Error code 2 :: Stop in /usr/src/sys/modules. :: *** Error code 1 :: Stop in /usr/src/sys/compile/NOVEMBER. :: :: After a number of unsuccessful attempts to build world, as was suggested :: in UPDATING (I have a list of errors, errors where different)I did: :: :: # rm -rf /usr/obj/* :: Then removed all directories from /usr/src/, then :: # cd /usr/src/ && make update :: after CVSup finished successfully :: # make buildworld :: after it finished successfully :: # cd /sys/i386/conf && config NOVEMBER :: after it finished successfully :: # cd ../../compile/NOVEMBER && make depend :: :: ...and got the same error. :: :: I read through UPDATING but I still cannot catch what did I do wrong. :: :: :: To Unsubscribe: send mail to [EMAIL PROTECTED] :: with "unsubscribe freebsd-stable" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
