Re: Comcast and mail header errors?
Guys - unfortunately, I think you're barking up the wrong proverbial tree. I think I understand this problem, but if my answer here is incorrect, I'm sure that somebody will say so. 8) The problem is that the application has no control which interface it uses when opening a socket to a remote system. This is a function of the network stack within the kernel - not a system call. Hence, this is not something that can be controlled at the application level. Just my $.02. -- The memory management on the power pc chip is something that should be shown to small children when they've been especially bad. -Linus Torvalds Cole Tuininga Lead Developer Code Energy, Inc [EMAIL PROTECTED] PGP Key ID: 0x43E5755D ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On Thu, Mar 23, 2006 at 06:41:52AM -0500, Cole Tuininga wrote: The problem is that the application has no control which interface it uses when opening a socket to a remote system. This is a function of the network stack within the kernel - not a system call. Hence, this is not something that can be controlled at the application level. I don't know much about networking, nor much about the topic being discussed here, but I'm almost positive this is wrong. Postfix has a configuration option -- smtp_bind_address -- that is designed to solve exactly this problem, as I understand it. That doesn't help the sendmail users, of course, but smtp_bind_address is An optional numerical network address that the SMTP client should bind to when making an IPv4 connection. So, it's possible in Postfix. It seems like. Unless I'm confused. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On 3/23/06, Cole Tuininga [EMAIL PROTECTED] wrote: The problem is that the application has no control which interface it uses when opening a socket to a remote system. man bind(2) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
On 3/22/06, Bill Freeman [EMAIL PROTECTED] wrote: I've got a box with the iso files on it, mounted via the loop back device, and vsftpd running behind my router. Is your router between the FTP server and the FTP client? Is the router performing NAT and/or firewall duty? If so, that could be the cause of your problem, *if* Knoppix is using PASV (passive mode FTP) while Anaconda is using PORT (active mode FTP), *and* the router isn't fully aware of FTP's dual TCP connections. My current theory is that the installer can't take an IP address as the server name. It has been years since I've done a Red Hat install via FTP, but back in the RHL 6.x days, a numeric IP address worked. The Google search http://www.google.com/search?q=fedora+install+ftp+%22ip+address%22 finds plenty of pages that suggest you can use a numeric IP address with current Fedora Core. Or (most likely) am I missing something obvious? If it truly was obvious, we wouldn't be missing it. Don't confuse simple with obvious. :) -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
I just want to mention that eventhough the OP was looking for a source code tool to help him understand the code, the Intel C++ compiler tends to do a much better job of optimizing C++ code than the current version of G++ does (although there is now a GCC optimization project going on). Last year I ran a set of benchmarks using the Intel compiler, and achieved a nearly 40% improvement over GCC/G++. You can download and use the Intel compiler free of charge for non-commercial use, or use the evaluation version. I am currently working on a project that has well over 1,000,000 lines of C++ code + a couple of small YACC parsers. -- Jerry Feldman [EMAIL PROTECTED] Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
Bill Ricker writes: The Great Circle GC library works nicely to debug memory leaks, but their platform/distribution left us. I forget the name of the tool we're using on AIX now; Purify from IBM/Rational is a top drawer tool that I've used in the past on other projects for this and some other things. See http://www.linuxjournal.com/article/6556 for mini-reviews in leak-plugging. I *HIGHLY* recommend Valgrind for memory leak detection. It supports C++ name mangling, and works on multithreaded code. I've used a large variety of memory checking tools over the years; Valgrind is one of the very best. The designers of this tool are geniuses. Regards, --kevin -- GnuPG ID: B280F24E And the madness of the crowd alumni.unh.edu!kdc Is an epileptic fit -- Tom Waits ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
On Wednesday, Mar 22nd 2006 at 14:30 -0500, quoth Michael ODonnell: = = = What was the name of the tool from Red Hat that did code = inspections? It was supposed to be the best of them all. It was = commercial for a while and then RH released it as open src. Anyone? = = =I just installed Source Navigator and it's got RHAT logos in =all the strategic locations, so I'm guessing that's the tool =you're thinking of. That was it. Thanks. My intel was that source navigator was supposed to be THE best src code inspection tool ever invented on the face of the earth. -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On Thu, 2006-03-23 at 08:12 -0500, Ben Scott wrote: On 3/23/06, Cole Tuininga [EMAIL PROTECTED] wrote: The problem is that the application has no control which interface it uses when opening a socket to a remote system. man bind(2) Right - this is for *listening* sockets. Sending an email out requires the server to make a connection to a remote server - it doesn't use that same socket. From man 2 bind (emphasis mine): bind gives the socket sockfd the LOCAL ADDRESS my_addr. Again though, this is for setting up *listening* sockets. Not to connect to *remote* socket. -- Cole Tuininga [EMAIL PROTECTED] ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
Ben Scott writes: On 3/22/06, Bill Freeman [EMAIL PROTECTED] wrote: I've got a box with the iso files on it, mounted via the loop back device, and vsftpd running behind my router. Is your router between the FTP server and the FTP client? Is the router performing NAT and/or firewall duty? If so, that could be the cause of your problem, *if* Knoppix is using PASV (passive mode FTP) while Anaconda is using PORT (active mode FTP), *and* the router isn't fully aware of FTP's dual TCP connections. Both machines are on the inside side of the router, from which point of view I presume that it acts like a switch or hub. I guess that I have a long enough cable to reach the sub-switch near the server. I'll give it a try, but I don't think that there's any firewalling over the path. There certainly isn't any NAT. Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
On Thursday 23 March 2006 8:36 am, Kevin D. Clark wrote: I *HIGHLY* recommend Valgrind for memory leak detection. It supports C++ name mangling, and works on multithreaded code. I've used a large variety of memory checking tools over the years; Valgrind is one of the very best. The designers of this tool are geniuses. I agree that Valgrind is an excellent tool. However Rational's (IBM's) Purify Plus puts it to shame for a mere $10,000. A year or so ago, on the BLU discussion list we had a discussion of memory leak detectors where a guy was trying to find a memory leak in his company's code. He used Valgrind as well as electric fence and a few other tools. He downloaded an evaluation version of Purify Plus, and found the problem in 5 minutes, and at the same time was able to prove that the problem was not in his company's code, but in the using company's code. His company then actually purchased a license for Purify Plus. I happend to work for over 2 years porting Purify Plus to Tru64 Unix. -- Jerry Feldman [EMAIL PROTECTED] Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
Cole Tuininga writes: On Thu, 2006-03-23 at 08:12 -0500, Ben Scott wrote: On 3/23/06, Cole Tuininga [EMAIL PROTECTED] wrote: The problem is that the application has no control which interface it uses when opening a socket to a remote system. man bind(2) Right - this is for *listening* sockets. Sending an email out requires the server to make a connection to a remote server - it doesn't use that same socket. The use of bind() is not limited to passive sockets, i.e. sockets that have been modified with listen(). bind() can also be used on active sockets, sockets that you might want to use to initiate communications with some other server. I'm not even certain that I am disagreeing with Cole here. If sendmail has a setting to allow the admin to cause it to bind to a certain protocol address when it initiates connections to remote servers, then bind() is the workhorse here. But Cole might be claiming that the setting that is being discussed here doesn't do this. Regards, --kevin -- GnuPG ID: B280F24E And the madness of the crowd alumni.unh.edu!kdc Is an epileptic fit -- Tom Waits ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
Jerry Feldman writes: I agree that Valgrind is an excellent tool. However Rational's (IBM's) Purify Plus puts it to shame for a mere $10,000. I've found bugs with Valgrind that Purify never found. I've found bugs with Purify that Valgrind never found. For serious development, I'd make sure I had both. I'd also evaluate Purify on my desired development platform too -- when I last evaluated Purify on Linux it was barely usable. Valgrind just worked on Linux. Purify on Solaris just worked too, so I used it there. Regards, --kevin -- GnuPG ID: B280F24E And the madness of the crowd alumni.unh.edu!kdc Is an epileptic fit -- Tom Waits ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Recommendations for C++ sourcecode analysis tools
On Thursday 23 March 2006 9:52 am, Kevin D. Clark wrote: Jerry Feldman writes: I agree that Valgrind is an excellent tool. However Rational's (IBM's) Purify Plus puts it to shame for a mere $10,000. I've found bugs with Valgrind that Purify never found. I've found bugs with Purify that Valgrind never found. For serious development, I'd make sure I had both. I'd also evaluate Purify on my desired development platform too -- when I last evaluated Purify on Linux it was barely usable. Valgrind just worked on Linux. Purify on Solaris just worked too, so I used it there. I have not used Purify on Linux. It adds a full 20% to the memory usage of your program plus the additional instrumentation, such that Purified code tends to be huge. -- Jerry Feldman [EMAIL PROTECTED] Boston Linux and Unix user group http://www.blu.org PGP key id:C5061EA9 PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On Thu, Mar 23, 2006 at 08:56:00AM -0500, Cole Tuininga wrote: That said, my suspicion would be that this setting only dictates what interface(s) that postfix *listens* on. Not what interface(s) it sends mail *out* on. Nope. When one IP that my machine exists on was blocked by AOL (some moron had a broken webpage leaking spam), I modified this option, and mail was no longer blocked. The key in the previously-referenced documentation is SMTP client. The SMTP client is the client that sends mail, not the server that receives it. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On 3/23/06, Cole Tuininga [EMAIL PROTECTED] wrote: man bind(2) Right - this is for *listening* sockets. As Kevin says, it isn't limited to listening sockets. Read the man page carefully. Sending an email out requires the server to make a connection to a remote server - it doesn't use that same socket. Correct, the mailer will use a different socket. That socket can optionally be bound to a specific address. If I remember correctly, it goes something like this: int fd; struct sockaddr_in src; struct sockaddr_in dst; /* source address (local network interface) */ src.sin_family = AF_INET; src.sin_addr.s_addr = inet_addr(192.0.2.42); /* destination */ dst.sin_port= htons(0); dst.sin_family = AF_INET; dst.sin_addr.s_addr = inet_addr(192.0.2.69); dst.sin_port= htons(25); /* create socket */ fd = socket (PF_INET, SOCK_STREAM, 0); /* bind to source address */ bind(fd, src, sizeof(addr)); /* connect to remote */ connect(fd, dst, sizeof(addr)); (That's totally untested example code, based on some quick man page checks, so check it before you trust it. It also lacks error checking.) rom man 2 bind (emphasis mine): bind gives the socket sockfd the LOCAL ADDRESS my_addr. Again though, this is for setting up *listening* sockets. Not to connect to *remote* socket. Note that the man page you quote doesn't mention listening there. This isn't about the remote socket; it's about binding the local socket to a particular address (i.e., interface). Additional points: Binding a socket for connect(2) doesn't influence routing directly; it merely specifies that you want a particular source address. The kernel router still decides how the packet gets where it is going, and it does that based solely on the destination address[1]. The question of how Sendmail (or some other MTA, for that matter) would decide *which* source address to use is still rather murky. Sendmail would need to know this to pass it to bind(2) in the first place. For mail received from another system for relay, Sendmail could record the inteface address the mail was received on. For mail originated on the local system, though, I don't think there is any easy way for Sendmail to derive the source address (network interface) the connection will use. Footnotes - [1] Well, things like policy routing, firewalling, source routing, etc., might care about the source address, but they're exceptions to the stateless, forward-only design of IP. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
Cole Tuininga wrote: Guys - unfortunately, I think you're barking up the wrong proverbial tree. I think I understand this problem, but if my answer here is incorrect, I'm sure that somebody will say so. 8) The problem is that the application has no control which interface it uses when opening a socket to a remote system. This is a function of the network stack within the kernel - not a system call. Hence, this is not something that can be controlled at the application level. Its not the application that doesn't have control over which interface it uses - they do - see bind(2). Its the sysadmin that doesn't have control over the application... There doesn't appear to be a way to tell sendmail which interface to use on outgoing connections. At least I haven't found it in the documentation, and I haven't had time to figure out how to get the sources from yum and fedoralegacy. --Bruce ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
Ben Scott writes: On 3/23/06, Bill Freeman [EMAIL PROTECTED] wrote: Both machines are on the inside side of the router, from which point of view I presume that it acts like a switch or hub. Oh. I believe you are correct, there. So much for that theory. :-/ An interesting additional data point is that if I tell the ftp client on Knoppix to use passive mode, then I can no longer do transfers. I can log in, change directory, but I can't, for example, list the directory. I get no route to host. Perhaps Fedora's installer is using passive mode, and there is a firewall problem or a vsftpd configuration problem on the server. Time for Bill to learn how passive mode works and maybe to drag out ethereal. Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
On 3/23/06, Bill Freeman [EMAIL PROTECTED] wrote: An interesting additional data point is that if I tell the ftp client on Knoppix to use passive mode, then I can no longer do transfers. Ah-ha! I, too, suspect the cause of that problem is also causing a problem for the installer. I would expect the installer to use passive mode, as it's generally considered the better of the two. I can log in, change directory, but I can't, for example, list the directory. Right. Simple commands all go over the control channel, but data transfers go over the data channel. That includes directory listings. I get no route to host. Perhaps ... there is a firewall problem or a vsftpd configuration problem on the server. I would guess a firewall problem. If there really was no route to the host, it wouldn't work at all. If vsftpd wasn't listening at all, you would get Connection refused; if it listened but then broke the connection, that would be Connection closed by remote host or similar. No route to host implies a firewall sent that ICMP message as a reject mechanism. Of course, it could be an inaccurate diagnostic. Those are common enough. But still, I strongly suspect you're on the right path. Time for Bill to learn how passive mode works ... Basically, FTP uses two TCP connections: A control channel and a data channel. The client establishes the control channel to TCP port 21 on the server, and uses that for commands. The PORT (active) and/or PASV (passive) commands are used to establish the data channel. In active mode, the data channel is initiated by the FTP *server* to the client. The client listens on an ephemeral port, and informs the server of same (via PORT). The server initiates connections *from* TCP port 20 to that ephemeral port on the client. Back when FTP was first designed, using a port 1024 was considered a security measure. Since that obviously sucks for any number of reasons, passive mode was created. PASV has the *server* listen on an ephemeral port, which it tells the client about. The client then connects to that port for the data channel. Because FTP uses two TCP connections, it commonly gives firewalls and NAT need fits. Both have to do stateful packet inspection, where they monitor the FTP control channel, extract the port numbers, and allow them for the related connections. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
Ben Scott writes: On 3/23/06, Bill Freeman [EMAIL PROTECTED] wrote: An interesting additional data point is that if I tell the ftp client on Knoppix to use passive mode, then I can no longer do transfers. Ah-ha! I, too, suspect the cause of that problem is also causing a problem for the installer. I would expect the installer to use passive mode, as it's generally considered the better of the two. It was a good try. With the subnetword temporarily isolated from the rest of the world, and the server firewall disabled, I could ftp from knoppix in passive mode, including data connections, but FC5 installer still can't connect. For now I'm starting to lean toward an installer problem. I guess I'll move on to running apache (or maybe tux) on the server and see if the http install works. Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
On 3/23/06, Bill Freeman [EMAIL PROTECTED] wrote: It was a good try. With the subnetword temporarily isolated from the rest of the world, and the server firewall disabled, I could ftp from knoppix in passive mode, including data connections ... Woo who! ... but FC5 installer still can't connect. D'oh! For now I'm starting to lean toward an installer problem. Certainly could be. I wonder if FTP install is just broken in FC5... nothing currently open in RHS Bugzilla. I guess I'll move on to running apache (or maybe tux) on the server and see if the http install works. HTTP would mean a single TCP connection on the world's favorite port, so that might be a good idea. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fedora ftp install without a name server?
Ben Scott wrote: Since that obviously sucks for any number of reasons, passive mode was created. PASV has the *server* listen on an ephemeral port, which it tells the client about. The client then connects to that port for the data channel. Just a minor nit; PASV mode wasn't invented to deal with firewalls; if I recall correctly, it was part of the ftp spec early on, and its intended purpose was for server-to-server transfers. The standard ftp session had client1 teling server1, send this file to client1. PASV was supposed to enable the client to tell server1, send this file to server2. I seem to recall a lot of early ftp client software didn't support the server-to-server capability, particularly on MacOS and PC platforms. -- John Abreau / Executive Director, Boston Linux Unix ICQ 28611923 / AIM abreauj / JABBER [EMAIL PROTECTED] / YAHOO abreauj Email [EMAIL PROTECTED] / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9 PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
FTP PASV IE
I always say things that are wrong and discover within 5 minutes of saying them that they are wrong. IE has an option to use passive mode in Internet Options. I saw it just now when trying to find another option. (I'm doing something for work that pretty much requires IE at the moment.) I just wanted to admit my mistake before getting publicly trounced. ;) OK, I'll go back to playing with the packet shaper at the office Cheers, Jason ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
FTP, proxies, firewalls (was: Fedora ftp install without a name server?)
On 3/23/06, John Abreau [EMAIL PROTECTED] wrote: Just a minor nit; PASV mode wasn't invented to deal with firewalls; if I recall correctly, it was part of the ftp spec early on, and its intended purpose was for server-to-server transfers. Ah. Interesting. I stand corrected. On 3/23/06, Jason Stephenson [EMAIL PROTECTED] wrote: IE also seems to do all FTP in the normal way, thus it not working through my firewall/NAT. Some versions of MSIE have a knob for this. Tools - Options - Advanced - Browsing - Use Passive Mode. I supposedly configured the FTP proxy on my firewall, but I'm not sure why it isn't working. When you mix FTP with proxies, things get really complicated. It can mean the FTP client uses a SOCKS proxy to open TCP connections to the outside world. It can mean the FTP client uses an HTTP proxy and the CONNECT method to open TCP connections to the outside world (you need PASV for this, since there is no way to have an HTTP proxy listen on behalf of a client). It can mean an HTTP client (web browser) uses HTTP to talk to an HTTP proxy, submit GET and PUT of FTP URLs, so the proxy server itself does FTP, but then the proxy server returns the result to the HTTP client using HTTP and HTML. Or it can mean one of several mutually incompatible FTP proxy protocols which have nothing to do with SOCKS or HTTP. And none of that even touches on IP-layer NAT/masquerading/etc. Are we sufficiently confused yet? Perhaps, an upgrade or a switch to a different firewall software is in order. What are you using now? -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: FTP PASV IE
On 3/23/06, Jason Stephenson [EMAIL PROTECTED] wrote: I always say things that are wrong and discover within 5 minutes of saying them that they are wrong. It always happens after posting in a public forum. I think it's a law of nature or something. I just wanted to admit my mistake before getting publicly trounced. ;) Too late! ;-) OK, I'll go back to playing with the packet shaper at the office Aren't all packets shaped like squares? The diagrams always show them that way. ;-) -- Ben I'm in shape. Round's a shape, isn't it? Scott ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: FTP, proxies, firewalls (was: Fedora ftp install without a name server?)
Ben Scott wrote: Perhaps, an upgrade or a switch to a different firewall software is in order. What are you using now? Currently, it is a relatively old release of IP Filter (ipf) from http://coombs.anu.edu.au/~avalon/ that was hacked up by the OpenBSD folks before the licensing clarification. (Really weird stuff seems to be going on with that machine tonight. It's running OpenBSD 2.7, and I'm using a KVM to access the console. However, tonight, when I try to login at the console, everything I type is in all caps, regardless of the state of the caps lock key. I can ssh in just fine, so I want to blame the presence of the KVM and the fact that I recently started using the keyboard key combination to switch between systems. In the past, I always used the button on the KVM itself. It must have something to do with that machine having an AT keyboard port and I'm using an AT/PS-2 adapter to connect it to the KVM.) I used to use ipfw when my gateway was a PowerMac with MkLinux on it. I had pretty good luck with ipfw, and its built in ftp proxy module seemed to work. I intend to upgrade my gateway to OpenBSD 3.9 when it comes out this summer. I may end up having to upgrade the hardware, too. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: FTP, proxies, firewalls (was: Fedora ftp install without a name server?)
Jason Stephenson writes: ... It must have something to do with that machine having an AT keyboard port and I'm using an AT/PS-2 adapter to connect it to the KVM.) At keyboard and PS/2 keyboard use the same electrical and signalling protocol. An adapter is just connectors and wire, so it gets it right. Of course, there are more keys on most modern PS/2 keyboards then there ever were on an official AT keyboard, but the keys that are the same send the same codes. I really don't think that the adapter is related to the problem. Funny state in the KVM is a good bet. The proof of the pudding would be to plug the keyboard in directly, but the AT - PS/2 interface isn't designed to always recover without rebooting, and just rebooting might fix things anyway. Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss