help
- From: "John Dakos [ Enovation Technologies ]" <gdakos@xxxxxxxxxxxx>
- Date: Tue, 29 Jul 2008 09:09:15 +0300
----- Original Message ----- From: <freebsd-questions-request@xxxxxxxxxxx>
To: <freebsd-questions@xxxxxxxxxxx>
Sent: Monday, July 28, 2008 11:09 PM
Subject: freebsd-questions Digest, Vol 226, Issue 3
Send freebsd-questions mailing list submissions to
freebsd-questions@xxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
or, via email, send a message with subject or body 'help' to
freebsd-questions-request@xxxxxxxxxxx
You can reach the person managing the list at
freebsd-questions-owner@xxxxxxxxxxx
When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-questions digest..."
Today's Topics:
1. 'help' (John Dakos [ Enovation Technologies ])
2. No controller detected when boot FreeBSD 7.0 (vardyh)
3. Racoon not identifying host specified in config file (Torbj?rn)
4. Re: Binary upgrade from legacy version + ports (Jeffrey Goldberg)
5. Re: new vanilla system fails to install many packages/ports
(Steve Franks)
6. 'stray irq7's cause hang? (Steve Franks)
7. Cleaning data off a remote machine (Chris Hastie)
8. amavisd-new needs lib32 on amd64 ? (bsd)
9. Re: Cleaning data off a remote machine (Andrew L. Gould)
10. Re: No controller detected when boot FreeBSD 7.0 (Matthew Seaman)
11. Re: Deinstalling X and all dependencies[SOLVED] (bsd)
12. Re: Cleaning data off a remote machine (Wojciech Puchar)
13. Re: Cleaning data off a remote machine (Roland Smith)
14. OT: Custmoize VNC (Jean-Paul Natola)
15. LispWorks Personal on FreeBSD 7 (N. Raghavendra)
16. pci compliance (kalin m)
17. Re: amavisd-new needs lib32 on amd64 ? (bsd)
18. Re: pci compliance (Ross Cameron)
19. Re: pci compliance (kalin m)
20. RE: pci compliance (Bob McConnell)
21. Component-based Operating System. (Juan Carlos Villalobos)
22. Re: Component-based Operating System. (Ivan Voras)
23. Re: pci compliance (Ross Cameron)
24. Re: 'stray irq7's cause hang? (Kris Kennaway)
25. Re: OT: Custmoize VNC (Greg Larkin)
----------------------------------------------------------------------
Message: 1
Date: Mon, 28 Jul 2008 16:08:42 +0300
From: "John Dakos [ Enovation Technologies ]" <gdakos@xxxxxxxxxxxx>
Subject: 'help'
To: <freebsd-questions@xxxxxxxxxxx>
Message-ID: <B92C4C09AB0B4E439D33B8E87423A2DC@John>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=original
----- Original Message ----- From: <freebsd-questions-request@xxxxxxxxxxx>
To: <freebsd-questions@xxxxxxxxxxx>
Sent: Monday, July 28, 2008 3:00 PM
Subject: freebsd-questions Digest, Vol 226, Issue 2
Send freebsd-questions mailing list submissions to
freebsd-questions@xxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
or, via email, send a message with subject or body 'help' to
freebsd-questions-request@xxxxxxxxxxx
You can reach the person managing the list at
freebsd-questions-owner@xxxxxxxxxxx
When replying, please edit your Subject line so it is more specific
than "Re: Contents of freebsd-questions digest..."
Today's Topics:
1. Re: malloc options (Karl Vogel)
2. Re: malloc options (Giorgos Keramidas)
3. Network, routers, DHCP and PXE (Svein Halvor Halvorsen)
4. Re: Network, routers, DHCP and PXE (Manolis Kiagias)
5. Re: Binary upgrade from legacy version + ports
(Jan Henrik Sylvester)
6. Re: Network, routers, DHCP and PXE (Subhro)
7. Re: Network, routers, DHCP and PXE (Svein Halvor Halvorsen)
8. Re: Network, routers, DHCP and PXE (Manolis Kiagias)
9. Re: Network, routers, DHCP and PXE (Svein Halvor Halvorsen)
10. Re: Network, routers, DHCP and PXE (Manolis Kiagias)
11. wget vs fetch (Marcel Grandemange)
12. wget vs fetch (Marcel Grandemange)
13. RE: wget vs fetch (Marcel Grandemange)
----------------------------------------------------------------------
Message: 1
Date: Sun, 27 Jul 2008 21:55:39 -0400 (EDT)
From: vogelke+software@xxxxxxxxx (Karl Vogel)
Subject: Re: malloc options
To: Giorgos Keramidas <keramida@xxxxxxxxxxxxxxx>
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID: <20080728015539.70030B7B9@xxxxxxxxxxxxxxxxxxxx>
On Sat, 26 Jul 2008 17:36:35 -0700,
Doug Hardie <bc979@xxxxxxxx> wrote:
D> The program has worked under considerable load for many years with
versions
D> 3.7 to 6.2. Problems only occur with 7.0. The program is quite
complex
D> and big. It uses probably hundreds of mallocs in a typical use. The
D> problems only occur reasonably randomly and only under quite heavy
load.
D> The developer is looking into it, but the problem only occurs on
FreeBSD
D> 7.0, not any other Unix systems. In the meantime I am losing money
because
D> of it.
On Sun, 27 Jul 2008 05:03:58 +0300,
Giorgos Keramidas <keramida@xxxxxxxxxxxxxxx> said:
G> While that's understandable, the current malloc() has undergone quite
G> extensive testing by Jason Evans and a lot of people who use it in
FreeBSD
G> 7.X or later. Its ability to expose bugs in this way was deemed
important
G> enough that it is now used by other projects too.
I ran into a similar problem with the BSD allocator running under heavy
load that didn't happen under any Solaris or Linux system I used. I
finally fixed it by using Doug Lea's malloc just for this one
application:
http://shell.siscom.net/~vogelke/Software/Languages/C/Libraries/malloc/
This was under FreeBSD 6.*, but it might provide another data point if
you
want to give it a try.
--
Karl Vogel I don't speak for the USAF or my company
vogelke at pobox dot com http://www.pobox.com/~vogelke
And God said, "Let there be vodka!" And saw that it was good. Then God
said, "Let there be light!" And then said, "Whoa - too much light."
------------------------------
Message: 2
Date: Mon, 28 Jul 2008 07:13:50 +0300
From: Giorgos Keramidas <keramida@xxxxxxxxxxxxxxx>
Subject: Re: malloc options
To: vogelke+software@xxxxxxxxx
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID: <87k5f6odc1.fsf@xxxxxxxxxxx>
Content-Type: text/plain; charset=us-ascii
On Sun, 27 Jul 2008 21:55:39 -0400 (EDT), vogelke+software@xxxxxxxxx (Karl
Vogel) wrote:On Sat, 26 Jul 2008 17:36:35 -0700,
Doug Hardie <bc979@xxxxxxxx> wrote:
D> The program has worked under considerable load for many years with
D> versions 3.7 to 6.2. Problems only occur with 7.0. The program is
D> quite complex and big. It uses probably hundreds of mallocs in a
D> typical use. The problems only occur reasonably randomly and only
D> under quite heavy load. The developer is looking into it, but the
D> problem only occurs on FreeBSD 7.0, not any other Unix systems. In
D> the meantime I am losing money because of it.
On Sun, 27 Jul 2008 05:03:58 +0300,
Giorgos Keramidas <keramida@xxxxxxxxxxxxxxx> said:
G> While that's understandable, the current malloc() has undergone
G> quite extensive testing by Jason Evans and a lot of people who use
G> it in FreeBSD 7.X or later. Its ability to expose bugs in this way
G> was deemed important enough that it is now used by other projects
G> too.
I ran into a similar problem with the BSD allocator running under
heavy load that didn't happen under any Solaris or Linux system I
used. I finally fixed it by using Doug Lea's malloc just for this one
application:
http://shell.siscom.net/~vogelke/Software/Languages/C/Libraries/malloc/
This was under FreeBSD 6.*, but it might provide another data point if
you want to give it a try.
I'm not sure how similar the two problems are. I quite frankly know
_very_ little of what the original problem was, other than "I am
encountering issues where values just seem to arbitrarily change".
Memory exhaustion is a potential problem with almost any sort of
allocator that fragments memory in any way, but random corruption of
user data is probably a different issue :/
If you have some sort of description of the workload that triggered the
memory exhaustion with jemalloc (the current malloc implementation in
FreeBSD), it's probably a good idea to talk to Jason Evans about it (his
email is "jasone" at FreeBSD.org). He may be able to help you tune
malloc or even make changes to the system version of malloc that make it
less vulnerable to this sort of problem.
------------------------------
Message: 3
Date: Mon, 28 Jul 2008 09:18:23 +0200
From: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Subject: Network, routers, DHCP and PXE
To: questions@xxxxxxxxxxx
Message-ID: <488D72BF.80205@xxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Hi, list!
I have a private home network, on an ADSL2+ connection to the
internet. The home network is behind NAT, all automatically set up
by the router/dhcp server/wlan access point/adsl modem that I got
from my ISP. It's a Thomson SpeedTouch 585 router.
Now, on this network, most of the computers get their IP by means of
DHCP. Except our home audio server, which have a hard coded ip
address in rc.conf, set to something within the range of the dhcp
server (10.0.0.2-10.0.0.253). The server seems to pick this up, and
don't give that address away to someone else.
I've tried using other addresses outside this range, like 10.0.1.1,
but that doesn't work. All network access is lost when I do that.
Now, on my local network I'd like to put a diskless machine. As I
understand it, my DHCP server needs to tell the client about the
"filename" and a "next-server" to use. I don't think I can setup the
Thomson router to do this. All the instruction I can find online
advises me to install a DHCP server on the same machine that serves
the pxe boot image. But if I do that, I'll get two DHCP servers on
my local network. Is that ok? Will there be a race condition, when a
client asks for an IP address?
sv.
------------------------------
Message: 4
Date: Mon, 28 Jul 2008 10:48:19 +0300
From: Manolis Kiagias <sonic2000gr@xxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <488D79C3.6070000@xxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Svein Halvor Halvorsen wrote:Hi, list!
I have a private home network, on an ADSL2+ connection to the
internet. The home network is behind NAT, all automatically set up
by the router/dhcp server/wlan access point/adsl modem that I got
from my ISP. It's a Thomson SpeedTouch 585 router.
Now, on this network, most of the computers get their IP by means of
DHCP. Except our home audio server, which have a hard coded ip
address in rc.conf, set to something within the range of the dhcp
server (10.0.0.2-10.0.0.253). The server seems to pick this up, and
don't give that address away to someone else.
You may also want to ensure that the router will never allocate your
static IP address to someone else.
Look at the DHCP router settings either for DHCP scope (set it to
narrower values, and use a static IP outside the range) or for something
like exceptions / exclusion where you can mark a specific IP that DHCP
will never assign.
I've tried using other addresses outside this range, like 10.0.1.1,
but that doesn't work. All network access is lost when I do that.
10.0.1.1 is a different network (I assume your netmask is
255.255.255.0, but check your router or your clients)
Now, on my local network I'd like to put a diskless machine. As I
understand it, my DHCP server needs to tell the client about the
"filename" and a "next-server" to use. I don't think I can setup the
Thomson router to do this. All the instruction I can find online
advises me to install a DHCP server on the same machine that serves
the pxe boot image. But if I do that, I'll get two DHCP servers on
my local network. Is that ok? Will there be a race condition, when a
client asks for an IP address?
You will have to shutdown the router's DHCP. Probably disable it
permanently and assign this function to a machine.
The DHCP of the router also sends you the following information (besides
IP address):
- DNS Server(s): Either the ones used by your ISP (consult its website)
or its own address (i.e. 10.0.0.1). Most routers send their own address
as a DNS server and perform the resolution by sending your request to
ISP servers.
- Gateway address: This is always the router's local IP address (i.e.
10.0.0.1)
If you setup your own DHCP server, make sure it is set to send this info
as well. (These are commonly known as DHCP options)
------------------------------
Message: 5
Date: Mon, 28 Jul 2008 09:52:48 +0200
From: Jan Henrik Sylvester <me@xxxxxxx>
Subject: Re: Binary upgrade from legacy version + ports
To: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Cc: questions-list freebsd <freebsd-questions@xxxxxxxxxxx>
Message-ID: <488D7AD0.5090804@xxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Svein wrote:
> Is there a problem using the prebuilt packages from STABLE on a
> RELEASE box? If I want to run RELEASE, and still use the latest
> packages? The ABI is consistent between STABLE and RELEASE, right?
Yes, there is a problem. See my posting here:
http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177553.html
Unfortunatelly, I have not got an answer, but it is obvious packages
using this new symbol must fail:
http://lists.freebsd.org/pipermail/cvs-src/2008-May/091586.html
The question is, if other package may fail as well.
I have had one more error that went away after recompiling a STABLE
package:
http://lists.freebsd.org/pipermail/freebsd-gnome/2008-July/020520.html
I do not know if this is related, though.
If you find out more, please, let me know.
Cheers,
Jan Henrik
------------------------------
Message: 6
Date: Mon, 28 Jul 2008 13:35:55 +0530
From: Subhro <subhro.kar@xxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: "Manolis Kiagias" <sonic2000gr@xxxxxxxxx>
Cc: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>,
questions@xxxxxxxxxxx
Message-ID:
<b2807d040807280105o531be87awa5dba3b408af65a6@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Just to add to that suggestion, if you have a separate DHCP server,
make sure your router works as a DHCP client for the internal network
as well. You should be able to do that by telnetting into the
management port. You may use a serial cable as well.
This is required in order to get the NAT working properly.
Thanks
Subhro
On Mon, Jul 28, 2008 at 1:18 PM, Manolis Kiagias <sonic2000gr@xxxxxxxxx>
wrote:
Svein Halvor Halvorsen wrote:
Hi, list!
I have a private home network, on an ADSL2+ connection to the
internet. The home network is behind NAT, all automatically set up
by the router/dhcp server/wlan access point/adsl modem that I got
from my ISP. It's a Thomson SpeedTouch 585 router.
Now, on this network, most of the computers get their IP by means of
DHCP. Except our home audio server, which have a hard coded ip
address in rc.conf, set to something within the range of the dhcp
server (10.0.0.2-10.0.0.253). The server seems to pick this up, and
don't give that address away to someone else.
You may also want to ensure that the router will never allocate your
static
IP address to someone else.
Look at the DHCP router settings either for DHCP scope (set it to
narrower
values, and use a static IP outside the range) or for something like
exceptions / exclusion where you can mark a specific IP that DHCP will
never
assign.
I've tried using other addresses outside this range, like 10.0.1.1,
but that doesn't work. All network access is lost when I do that.
10.0.1.1 is a different network (I assume your netmask is 255.255.255.0,
but
check your router or your clients)
Now, on my local network I'd like to put a diskless machine. As I
understand it, my DHCP server needs to tell the client about the
"filename" and a "next-server" to use. I don't think I can setup the
Thomson router to do this. All the instruction I can find online
advises me to install a DHCP server on the same machine that serves
the pxe boot image. But if I do that, I'll get two DHCP servers on
my local network. Is that ok? Will there be a race condition, when a
client asks for an IP address?
You will have to shutdown the router's DHCP. Probably disable it
permanently
and assign this function to a machine.
The DHCP of the router also sends you the following information (besides
IP
address):
- DNS Server(s): Either the ones used by your ISP (consult its website)
or
its own address (i.e. 10.0.0.1). Most routers send their own address as a
DNS server and perform the resolution by sending your request to ISP
servers.
- Gateway address: This is always the router's local IP address (i.e.
10.0.0.1)
If you setup your own DHCP server, make sure it is set to send this info
as
well. (These are commonly known as DHCP options)
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@xxxxxxxxxxx"
--
Subhro Kar
Software Engineer
Dynamic Digital Technologies Pvt. Ltd.
EPY-3, Sector: V
Salt Lake City
700091
India
------------------------------
Message: 7
Date: Mon, 28 Jul 2008 10:56:47 +0200
From: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: Manolis Kiagias <sonic2000gr@xxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <488D89CF.1040100@xxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Manolis Kiagias wrote:Now, on this network, most of the computers get their IP by means of
DHCP. Except our home audio server, which have a hard coded ip
address in rc.conf, set to something within the range of the dhcp
server (10.0.0.2-10.0.0.253). The server seems to pick this up, and
don't give that address away to someone else.
You may also want to ensure that the router will never allocate your
static IP address to someone else.
Look at the DHCP router settings either for DHCP scope (set it to
narrower values, and use a static IP outside the range) or for something
like exceptions / exclusion where you can mark a specific IP that DHCP
will never assign.
Yeah, but even though the router has customizable values for this
range, and issues a warning when i try to change them, it still
doesn't change them when I click "yes" on the warning. It is
pre-configured to 10.0.0.2-10.0.0.253
I could of course use 10.0.0.254 for my static ip, but my room mate
also wants a static address.
I've tried using other addresses outside this range, like 10.0.1.1,
but that doesn't work. All network access is lost when I do that.
10.0.1.1 is a different network (I assume your netmask is
255.255.255.0, but check your router or your clients)
You're right! But how do I make the entire 10/24 adress space
available? It would be "clean" (I guess) to have a different adresse
scheme for the static adresses.
Anyway, it this point this isn't really critical, as the router
figures out that the addresses I use, are in fact in use, and keeps
them out of its dhcp address pool.
You will have to shutdown the router's DHCP. Probably disable it
permanently and assign this function to a machine.
The DHCP of the router also sends you the following information (besides
IP address):
- DNS Server(s): Either the ones used by your ISP (consult its website)
or its own address (i.e. 10.0.0.1). Most routers send their own address
as a DNS server and perform the resolution by sending your request to
ISP servers.
- Gateway address: This is always the router's local IP address (i.e.
10.0.0.1)
If you setup your own DHCP server, make sure it is set to send this info
as well. (These are commonly known as DHCP options)
So as long as I make my own DHCP server act the same way as the
router one, I should be fine? NAT and all will work?
Is there a way to debug the DHCP response from the current router
dhcp server? So I can see what options it actually sends? dhclient
doesn't seem to have a "more verbose" option, only less.
sv.
------------------------------
Message: 8
Date: Mon, 28 Jul 2008 12:42:52 +0300
From: Manolis Kiagias <sonic2000gr@xxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <488D949C.5020002@xxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Svein Halvor Halvorsen wrote:Manolis Kiagias wrote:
Now, on this network, most of the computers get their IP by means ofYou may also want to ensure that the router will never allocate your
DHCP. Except our home audio server, which have a hard coded ip
address in rc.conf, set to something within the range of the dhcp
server (10.0.0.2-10.0.0.253). The server seems to pick this up, and
don't give that address away to someone else.
static IP address to someone else.
Look at the DHCP router settings either for DHCP scope (set it to
narrower values, and use a static IP outside the range) or for something
like exceptions / exclusion where you can mark a specific IP that DHCP
will never assign.
Yeah, but even though the router has customizable values for this
range, and issues a warning when i try to change them, it still
doesn't change them when I click "yes" on the warning. It is
pre-configured to 10.0.0.2-10.0.0.253
I could of course use 10.0.0.254 for my static ip, but my room mate
also wants a static address.
What are you trying to set it at? I would just lower the 253 value, so I
could use the upper end for my static addresses. If you try to set it to
a subnet outside it's own address, it will definitely not accept it.
I would also try a factory reset or firmware upgrade of the router. I
have been using a Speedtouch 500 series for years, and never had any
problems with settings not getting registered. AFAIR the 585 has one of
the new web interfaces and it is kind of confusing. I found the 500
easier to use.
I've tried using other addresses outside this range, like 10.0.1.1,10.0.1.1 is a different network (I assume your netmask is
but that doesn't work. All network access is lost when I do that.
255.255.255.0, but check your router or your clients)
You're right! But how do I make the entire 10/24 adress space
available? It would be "clean" (I guess) to have a different adresse
scheme for the static adresses.
Well problem is, a netmask of 255.255.255.0 means only the last octet
can be used for hosts. Your DHCP server is already assigning addresses
from this space.
Anyway, it this point this isn't really critical, as the router
figures out that the addresses I use, are in fact in use, and keeps
them out of its dhcp address pool.
You will have to shutdown the router's DHCP. Probably disable it
permanently and assign this function to a machine.
The DHCP of the router also sends you the following information (besides
IP address):
- DNS Server(s): Either the ones used by your ISP (consult its website)
or its own address (i.e. 10.0.0.1). Most routers send their own address
as a DNS server and perform the resolution by sending your request to
ISP servers.
- Gateway address: This is always the router's local IP address (i.e.
10.0.0.1)
If you setup your own DHCP server, make sure it is set to send this info
as well. (These are commonly known as DHCP options)
So as long as I make my own DHCP server act the same way as the
router one, I should be fine? NAT and all will work?
Yes. As long as the clients have a valid DNS to ask, and a valid gateway
to send their packets, everything will work properly. If you come to
think about it, you are already doing this on the system with the static
configuration.
Is there a way to debug the DHCP response from the current router
dhcp server? So I can see what options it actually sends? dhclient
doesn't seem to have a "more verbose" option, only less.
sv.
Not sure about this, sorry. However, don't expect much more than
IP/Netmask, DNS Server, Gateway from a simple router. These should not
be difficult to configure in isc-dhcp3 (net/isc-dhcp3-server).
Have a look at this article:
http://www.howtoforge.com/dhcp_server_linux_debian_sarge
It is linux oriented, but very easy to adjust for FreeBSD.
You will also need to add:
option domain-name-servers 10.0.0.1;
to set the DNS server address to your clients.
------------------------------
Message: 9
Date: Mon, 28 Jul 2008 11:59:41 +0200
From: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: Manolis Kiagias <sonic2000gr@xxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <488D988D.10901@xxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
Manolis Kiagias wrote:Yeah, but even though the router has customizable values for this
range, and issues a warning when i try to change them, it still
doesn't change them when I click "yes" on the warning. It is
pre-configured to 10.0.0.2-10.0.0.253
I could of course use 10.0.0.254 for my static ip, but my room mate
also wants a static address.
What are you trying to set it at? I would just lower the 253 value, so I
could use the upper end for my static addresses. If you try to set it to
a subnet outside it's own address, it will definitely not accept it.
I managed to change the router ip address to 10.0.0.1/23 and just
keep the default dhcp address space as 10.0.0.2-10.0.0.253. Now I
seem to be able to use 10.0.1.1/24 for my own private use.
(I don't think I really know what I'm doing here, but it works!)
Well problem is, a netmask of 255.255.255.0 means only the last octet
can be used for hosts. Your DHCP server is already assigning addresses
from this space.
Well, I changed it to 255.255.254.0 (0xfffffe00) but kept the dhcp
range as it was.
So as long as I make my own DHCP server act the same way as the
router one, I should be fine? NAT and all will work?
Yes. As long as the clients have a valid DNS to ask, and a valid gateway
to send their packets, everything will work properly. If you come to
think about it, you are already doing this on the system with the static
configuration.
Ok, I will look into this.
Also, looking through the telnet interface options (which are far
more than the web interface gives), I see that I can add "dhch
server option templates", "dhcp server option instances" and that I
can assign such an instance to the "dhcp server pool options".
This uses a different config scheme than the isc dhcp server config
files, though. And it seems I need to create a template before I can
create an instance. The template takes a name and an option id as
paramters. The instance, then takes a name, a template, and a value
as mandatory paramters. Also enterprice number, suboption number,
and more.
How does the "filename", "next-server", etc map to option ids? Are
these isomorphic, or do I get this completely wrong?
Does this make any sense to you, or anyone else here? Should I try
to make the router DHCP server serve the right options, or would you
go the isc dhcp route?
Thank you very much for your help so far!
sv.
------------------------------
Message: 10
Date: Mon, 28 Jul 2008 13:25:39 +0300
From: Manolis Kiagias <sonic2000gr@xxxxxxxxx>
Subject: Re: Network, routers, DHCP and PXE
To: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <488D9EA3.4010503@xxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Svein Halvor Halvorsen wrote:Manolis Kiagias wrote:
Yeah, but even though the router has customizable values for thisWhat are you trying to set it at? I would just lower the 253 value, so I
range, and issues a warning when i try to change them, it still
doesn't change them when I click "yes" on the warning. It is
pre-configured to 10.0.0.2-10.0.0.253
I could of course use 10.0.0.254 for my static ip, but my room mate
also wants a static address.
could use the upper end for my static addresses. If you try to set it to
a subnet outside it's own address, it will definitely not accept it.
I managed to change the router ip address to 10.0.0.1/23 and just
keep the default dhcp address space as 10.0.0.2-10.0.0.253. Now I
seem to be able to use 10.0.1.1/24 for my own private use.
(I don't think I really know what I'm doing here, but it works!)
Well, a netmask of 255.255.254.0 should give you 10.0.0.1 to 10.0.1.254
host addresses.
10.0.1.1 is within range, it should work.
Well problem is, a netmask of 255.255.255.0 means only the last octet
can be used for hosts. Your DHCP server is already assigning addresses
from this space.
Well, I changed it to 255.255.254.0 (0xfffffe00) but kept the dhcp
range as it was.
The DHCP range you are assigning is a subset of what you allowed with
the netmask, thus it is valid.
So as long as I make my own DHCP server act the same way as theYes. As long as the clients have a valid DNS to ask, and a valid gateway
router one, I should be fine? NAT and all will work?
to send their packets, everything will work properly. If you come to
think about it, you are already doing this on the system with the static
configuration.
Ok, I will look into this.
Also, looking through the telnet interface options (which are far
more than the web interface gives), I see that I can add "dhch
server option templates", "dhcp server option instances" and that I
can assign such an instance to the "dhcp server pool options".
Ah, yes completely forgot the speedtouch has a telnet interface as well.
I messed with it a few times myself, mostly for fun ;)
This uses a different config scheme than the isc dhcp server config
files, though. And it seems I need to create a template before I can
create an instance. The template takes a name and an option id as
paramters. The instance, then takes a name, a template, and a value
as mandatory paramters. Also enterprice number, suboption number,
and more.
How does the "filename", "next-server", etc map to option ids? Are
these isomorphic, or do I get this completely wrong?
Does this make any sense to you, or anyone else here? Should I try
to make the router DHCP server serve the right options, or would you
go the isc dhcp route?
Thank you very much for your help so far!
sv.
I have only done PXE with Windows servers, and it has been quite some
time - cannot remember the details.
I certainly would not advise you to use the router for this - even if it
is possible it has several drawbacks.
- You will, sooner or later, change the router and your new one may not
have the capability
- You will spend a probably unreasonable amount of time trying to make
it work - and it may not even succeed
- Learning how to perform this on FreeBSD will help you apply it in many
other situations.
I would definitely go the isc-dhcp route.
------------------------------
Message: 11
Date: Mon, 28 Jul 2008 12:09:16 +0200
From: "Marcel Grandemange" <thavinci@xxxxxxxxxxxxxxx>
Subject: wget vs fetch
To: <questions@xxxxxxxxxxx>
Cc: steyn@xxxxxxxxxxxx
Message-ID: <000f01c8f09a$002bf610$0083e230$@za.net>
Content-Type: text/plain; charset="us-ascii"
I have a problem with a box I upgraded from FreeBSD 6.2 To FreeBSD7
It seems the following is happening when I try use portupgrade -a or even
building ports.
ALL transfers that are FTP fail.
Now to make this simple, I have following environmental variables set..
http_proxy=http://192.168.12.4:3128/
ftp_proxy=http://192.168.12.1:3128/
FTP_PASSIVE_MODE=YES
And here is the strange thing..
Fetch fails, but if I use wget there is no problem.
The firewall does allow ftp to go directly aswell, so I have also tried
leaving out any and all proxy settings, this fails aswell. (Except for
wget
once again)
And here is the crux.
I have 5 mahcines on SAME network that has no issues like this, so this
makes me think fetch is broke somehow.
How can I force FreeBSD to use wget instead of fetch to bypass this?
Ive tried setting env FETCH_CMD=wget but that results in wget failing with
msg:
Try `wget --help' for more options.
=> Attempting to fetch from
http://mirror.sg.depaul.edu/pub/security/nmap/.
wget: invalid option --
Usage: wget [OPTION]... [URL]...
Thankx ahead!
------------------------------
Message: 12
Date: Mon, 28 Jul 2008 12:28:27 +0200
From: "Marcel Grandemange" <thavinci@xxxxxxxxxxxxxxx>
Subject: wget vs fetch
To: <questions@xxxxxxxxxxx>
Cc: steyn@xxxxxxxxxxxx
Message-ID:
<!&!AAAAAAAAAAAYAAAAAAAAAGJPLKnJoyJDpeEQzt+keprCgAAAEAAAAJuuPBPd+UJFpVZe5G9ZXmsBAAAAAA==@xxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
I have a problem with a box I upgraded from FreeBSD 6.2 To FreeBSD7
It seems the following is happening when I try use portupgrade -a or even
building ports.
ALL transfers that are FTP fail.
Now to make this simple, I have following environmental variables set..
http_proxy=http://192.168.12.4:3128/
ftp_proxy=http://192.168.12.1:3128/
FTP_PASSIVE_MODE=YES
And here is the strange thing..
Fetch fails, but if I use wget there is no problem.
The firewall does allow ftp to go directly aswell, so I have also tried
leaving out any and all proxy settings, this fails aswell. (Except for
wget
once again)
And here is the crux.
I have 5 mahcines on SAME network that has no issues like this, so this
makes me think fetch is broke somehow.
How can I force FreeBSD to use wget instead of fetch to bypass this?
Ive tried setting env FETCH_CMD=wget but that results in wget failing with
msg:
Try `wget --help' for more options.
=> Attempting to fetch from
http://mirror.sg.depaul.edu/pub/security/nmap/.
wget: invalid option --
Usage: wget [OPTION]... [URL]...
Thankx ahead!
------------------------------
Message: 13
Date: Mon, 28 Jul 2008 13:43:47 +0200
From: "Marcel Grandemange" <thavinci@xxxxxxxxxxxxxxx>
Subject: RE: wget vs fetch
To: "'Sergey Zaharchenko'" <doublef-ctm@xxxxxxxxx>
Cc: questions@xxxxxxxxxxx
Message-ID: <004a01c8f0a7$326df210$9749d630$@za.net>
Content-Type: text/plain; charset="us-ascii"
Thank You, Worked Perfectly!
Saved My Life ;>
-----Original Message-----
From: Sergey Zaharchenko [mailto:doublef-ctm@xxxxxxxxx]
Sent: Monday, July 28, 2008 12:35 PM
To: Marcel Grandemange
Subject: Re: wget vs fetch
Hello Marcel!
Mon, Jul 28, 2008 at 12:09:16PM +0200 you wrote:
Ive tried setting env FETCH_CMD=wget but that results in wget failinghttp://mirror.sg.depaul.edu/pub/security/nmap/.
with
msg:
Try `wget --help' for more options.
=> Attempting to fetch from
wget: invalid option --
Usage: wget [OPTION]... [URL]...
You might want to add `DISABLE_SIZE=YES' to your /etc/make.conf, as the
fetch's -S option confuses wget. FWIW I use that in connection with
`FETCH_CMD=wget -c --passive-ftp' in make.conf and it has been working for
a
long time for me.
--
DoubleF
No virus detected in this message. Ehrm, wait a minute...
/kernel: pid 56921 (antivirus), uid 32000: exited on signal 9 Oh yes, no
virus:)
------------------------------
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@xxxxxxxxxxx"
End of freebsd-questions Digest, Vol 226, Issue 2
*************************************************
__________ Information from ESET NOD32 Antivirus, version of virus
signature database 3302 (20080728) __________
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
------------------------------
Message: 2
Date: Mon, 28 Jul 2008 21:15:53 +0800
From: vardyh <vardyh@xxxxxxxxx>
Subject: No controller detected when boot FreeBSD 7.0
To: FreeBSD-questions@xxxxxxxxxxx
Message-ID: <488DC689.2090102@xxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi all.
I'm a newbie to FreeBSD. I added
'console="comconsole"'
to /boot/loader.conf and I got
'hptrr: no controller detected.'
on the next boot. I didn't change anything else except for the
'console=xxx'.
And I had had no problem before that. Could anyone tell me why?
I will very appreciate for your help :>
------------------------------
Message: 3
Date: Mon, 28 Jul 2008 16:10:51 +0200
From: Torbj?rn <torbjorn@xxxxxxxxxxx>
Subject: Racoon not identifying host specified in config file
To: FreeBSD-questions@xxxxxxxxxxx
Message-ID: <488DD36B.8000300@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hello, everyone ..
Some quick information about the software in use:
Jul 28 15:51:42 fw0 racoon: INFO: @(#)ipsec-tools 0.7
(http://ipsec-tools.sourceforge.net)
Jul 28 15:51:42 fw0 racoon: INFO: @(#)This product linked OpenSSL
0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/)
I'm having a problem with my IPSec configuration.
On one side, everything works out pretty nice.
On the other side, racoon is making bad noises about not finding a
correct configuration.
"ERROR: couldn't find configuration."
However, if I kill racoon, and run it in the foreground with debug
output on, I get some more information.
2008-07-16 16:06:27: DEBUG: ===
2008-07-16 16:06:27: DEBUG: 100 bytes message received from
81.167.211.58[57413] to 85.200.211.69[500]
2008-07-16 16:06:27: DEBUG:
ba9d946f 3cf4cf90 00000000 00000000 01100200 00000000 00000064 0d000034
00000001 00000001 00000028 01010001 00000020 01010000 800b0001 800c04b0
80010005 80030001 80020002 80040002 00000014 afcad713 68a1f1c9 6b8696fc
77570100
2008-07-16 16:06:27: DEBUG: no remote configuration found.
2008-07-16 16:06:27: ERROR: couldn't find configuration.
The configuration is pretty straight forward.
# cat racoon.conf
path pre_shared_key "/var/etc/psk.txt";
path certificate "/var/etc";
remote 81.167.211.58 {
exchange_mode main;
my_identifier address "85.200.211.69";
peers_identifier address 81.167.211.58;
initial_contact on;
support_proxy on;
proposal_check obey;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2;
lifetime time 2400 secs;
}
lifetime time 2400 secs;
}
sainfo address 85.200.211.64/29 any address 192.168.100.0/24 any {
encryption_algorithm 3des,blowfish,cast128,rijndael,rijndael 256;
authentication_algorithm hmac_sha1,hmac_md5;
compression_algorithm deflate;
lifetime time 1200 secs;
}
Here is the weird thing; if I change that remote stanza to read
remote anonymous {
blah;
}
then everything works out nice, racoon even tells me it uses the
anonymous stanza for that correct IP.
2008-07-16 16:11:06: DEBUG: anonymous configuration selected for
81.167.211.58.
So, to me this seems really odd, how come racoon isn't picking up that
stanza when configured for that specified IP ?
Using the remote stanza is not what I really want ..
So, does anyone have any ideas on what is going on here ?
Using tcpdump I can see that it is in fact 81.167.211.58 that is coming
through to racoon, on port 500/UDP.
Thanks for a great product, by the way.
-- Torbjørn / Nextline
------------------------------
Message: 4
Date: Mon, 28 Jul 2008 10:12:09 -0500
From: Jeffrey Goldberg <jeffrey@xxxxxxxxxxxx>
Subject: Re: Binary upgrade from legacy version + ports
To: Jan Henrik Sylvester <me@xxxxxxx>
Cc: Svein Halvor Halvorsen <svein.h@xxxxxxxxxxxxxxxxx>, questions-list
freebsd <freebsd-questions@xxxxxxxxxxx>
Message-ID: <D0583B6A-3781-43E3-9D24-4A250E268100@xxxxxxxxxxxx>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On Jul 28, 2008, at 2:52 AM, Jan Henrik Sylvester wrote:
Svein wrote:
> Is there a problem using the prebuilt packages from STABLE on a
> RELEASE box? If I want to run RELEASE, and still use the latest
> packages? The ABI is consistent between STABLE and RELEASE, right?
Yes, there is a problem. See my posting here:
http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177553.html
Unfortunatelly, I have not got an answer, but it is obvious packages
using this new symbol must fail:
I recently discovered this through a blunder of my own. I accidently
"updated" a 7-STABLE machine to 7-RELEASE, and discovered, among some
other problems, that sudo failed with the same error you report.
(I've now put a link to USE-THIS-SUPFiLE to stable-supfile in /usr/
local/etc/cvsup to avoid the blunder in the future.)
-j
--
Jeffrey Goldberg http://www.goldmark.org/jeff/
------------------------------
Message: 5
Date: Mon, 28 Jul 2008 09:30:11 -0700
From: "Steve Franks" <stevefranks@xxxxxxxx>
Subject: Re: new vanilla system fails to install many packages/ports
To: "Kevin Kinsey" <kdk@xxxxxxxxxx>
Cc: FreeBSD Mailing List <freebsd-questions@xxxxxxxxxxx>
Message-ID:
<539c60b90807280930tc9f5bdbqadc9c79362e1a39a@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
On Fri, Jul 25, 2008 at 1:24 PM, Kevin Kinsey <kdk@xxxxxxxxxx> wrote:Steve Franks wrote:
On Thu, Jul 24, 2008 at 4:56 PM, Kevin Kinsey <kdk@xxxxxxxxxx> wrote:
Steve Franks wrote:
I must be missing something obvious. About 25% of my dependencies
fail to install with errors like:
"install-info: /usr/local/info/dir: empty file"
"pkg-add: command 'install-info --quiet /blah.info' failed"
system is 7.0/i386
Steve
"info" is GNU-related. Any reason that GNU-stuff, esp.
"info", wouldn't have been installed/built thus far?
(I dunno, but, maybe a csup with the GNU stuff rejected
or commented out ...)
All I did was a "developer" (not x developer) sysinstall off 7.0 disk
1. No tweaking, hacking, or extra packages until I got a clean boot
onto the new disk. I'm somewhere between user and power user. I have
5 running freebsd systems under my belt, and was going to do my laptop
(I've given up on it several times already - bloody compaq).
And anything these ports have in common (assuming they're
all GNU for starters). They aren't Linuxolator stuff?
Seems to me, they all use gnuinfo instead of manpages? I don't even
know what gnuinfo is, nor linuxulator.
Right, GNU programs may have manpages, but they also have
"info" pages which were developed by GNU as a replacement
for the UNIX manual (I'm assuming based on past reading ...
memory ain't all it used to be).
"Linuxulator" or however it's spelled is just a colloquialism
for the FreeBSD linux emulation.
I've got few guesses for ya. "Developer" package has documentation,
correct? Or not?
What's "ls -ld /usr/local/info" give?
(!) Bison won't even install (makes fine, but install fails), and
that's pretty darn basic, no?
Steve
Yup, 'tis. Tho' I figure someday BSD'ers would like to have
their own implementation. Again, just a guess.
KDK
--
When all else fails, EAT!!!
Well,
No idea what the problem was, but portupgrade -aO ... <long babysit>
seems to have made it go away.
Steve
------------------------------
Message: 6
Date: Mon, 28 Jul 2008 09:35:17 -0700
From: "Steve Franks" <stevefranks@xxxxxxxx>
Subject: 'stray irq7's cause hang?
To: "FreeBSD Mailing List" <freebsd-questions@xxxxxxxxxxx>
Message-ID:
<539c60b90807280935i50041623pe54b6ad65d5b89b8@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
I've got a new system that hangs after about 2 hours - no
ctrl-alt-esc, not ctrl-alt-Fn, no ctrl-alt-delete.
I tried hints.0.apic.disabled="YES" (that's apic, not acpi) (or
whatever the correct syntax from the handbook is), but I still get the
hang, and the stray irq 7's. As far as I can see, there's no other
dmesg output related.
Ideas?
Steve
------------------------------
Message: 7
Date: Mon, 28 Jul 2008 17:23:04 +0100
From: Chris Hastie <lists@xxxxxxxxxxxxxx>
Subject: Cleaning data off a remote machine
To: freebsd-questions@xxxxxxxxxxx
Message-ID: <20080728172304.dk4itqk4aooc80wg@xxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1
I'm about to give up a FreeBSD dedicated server and would like to make sure I
don't inadvertantly leave any bits of sensitive data on it. What is the best
way to remove all data from the hard drive? I have no problem if this removes
the OS along the way, but ideally I would like to be able to do what ever I do
from an SSH session. If there's no alternative I can arange KVMoIP console
access.
Thanks
--
Chris Hastie
------------------------------
Message: 8
Date: Mon, 28 Jul 2008 19:10:53 +0200
From: bsd <bsd@xxxxxxxxx>
Subject: amavisd-new needs lib32 on amd64 ?
To: Liste FreeBSD <freebsd-questions@xxxxxxxxxxx>
Message-ID: <BDDC02A2-587A-4A62-96E1-0715CBB8C11D@xxxxxxxxx>
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed;
delsp=yes
Hello folks,
I am trying to install amavisd-new for filtering purposes on an amd64
install.
It complains at compile startup not to be able to install it
===> amavisd-new-2.6.1,1 requires 32-bit libraries installed under /
usr/lib32.
*** Error code 1
Stop in /usr/ports/security/amavisd-new.
*** Error code 1
Stop in /usr/ports/security/amavisd-new.
I don't know how to install such library.
What should I do ?
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
------------------------------
Message: 9
Date: Mon, 28 Jul 2008 12:12:25 -0500
From: "Andrew L. Gould" <andrewlylegould@xxxxxxxxx>
Subject: Re: Cleaning data off a remote machine
To: Chris Hastie <lists@xxxxxxxxxxxxxx>
Cc: "freebsd-questions@xxxxxxxxxxx" <freebsd-questions@xxxxxxxxxxx>
Message-ID: <FF8ECCD5-64B7-4FB2-866D-318D251C1C67@xxxxxxxxx>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
On Jul 28, 2008, at 11:23, Chris Hastie <lists@xxxxxxxxxxxxxx> wrote:
I'm about to give up a FreeBSD dedicated server and would like to
make sure I
don't inadvertantly leave any bits of sensitive data on it. What is
the best
way to remove all data from the hard drive? I have no problem if
this removes
the OS along the way, but ideally I would like to be able to do what
ever I do
from an SSH session. If there's no alternative I can arange KVMoIP
console
access.
Thanks
--
Chris Hastie
Is there anyone onsite that you could trust to run DBAN (Derik's Boot
And Nuke)?
Andrew
------------------------------
Message: 10
Date: Mon, 28 Jul 2008 18:14:45 +0100
From: Matthew Seaman <m.seaman@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: No controller detected when boot FreeBSD 7.0
To: vardyh <vardyh@xxxxxxxxx>
Cc: FreeBSD-questions@xxxxxxxxxxx
Message-ID: <488DFE85.4030504@xxxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
vardyh wrote:Hi all.
I'm a newbie to FreeBSD. I added
'console="comconsole"'
to /boot/loader.conf and I got
'hptrr: no controller detected.'
on the next boot. I didn't change anything else except for the
'console=xxx'.
And I had had no problem before that. Could anyone tell me why?
I will very appreciate for your help :>
This is just the driver for the HighPoint Rocket Raid controller being
a bit too verbose. It's detected that you don't have anything compatible
with hptrr(4) and (unlike the usual behaviour of most Raid Controller
drivers (or drivers for any sort of hardware really)) it considers this
fact to be of such vital importance that it really had to print out
something on the console. Needless to say such behaviour has already been
quashed in 7-STABLE and will not appear in 7.1-RELEASE.
In other words, it's harmless and you can just ignore it.
I suspect that this output wasn't actually triggered by your changing
the console setting -- there's no conceivable way changing one should
affect the other -- but that changing the way the boot messages are
displayed has managed to draw your attention to it. You probably had it
before but never noticed.
Cheers,
Matthew
--
Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard
Flat 3
PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate
Kent, CT11 9PW
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 258 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/6bd93bb6/signature-0001.pgp
------------------------------
Message: 11
Date: Mon, 28 Jul 2008 19:15:58 +0200
From: bsd <bsd@xxxxxxxxx>
Subject: Re: Deinstalling X and all dependencies[SOLVED]
To: Liste FreeBSD <freebsd-questions@xxxxxxxxxxx>
Message-ID: <91610C8C-EAC6-49C0-9CAB-D5836592A08E@xxxxxxxxx>
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed;
delsp=yes
I have opted for the:
pkg_delete -a
Which has done a great job cleaning everything.
Only had to "make clean" in one of the port directory to properly
recompile all needed apps.
As I had configured root to use /usr/local/bin/bash had to take care
to change that with vipw before doing the uninstall / reinstall.
Took me half a day for three servers. But at least I have a very clean
install with 30 ports instead of 250 !!
Thanks everybody for your wise answers.
Le 27 juil. 08 à 15:17, andrew clarke a écrit :
On Sun 2008-07-27 12:52:56 UTC+0200, bsd (bsd@xxxxxxxxx) wrote:
I have just received a new system that's planned to be a large
scale DNS
server.
I have asked the guy who has setup the hardware not to install X?
This has been useless!!
I am now ending up with 250 apps in the port tree!!
He probably just went with the defaults.
Is there a good way to get rid of all these useless apps without
breaking the system?
What would you suggest?
Like removing X and It's dependencies?
I can also remove all apps in the port tree and recompile only the
one
needed?
What's best what do you suggest.
FreeBSD provides a "base system" with software such as a SSH daemon,
Sendmail, BIND, etc. You can uninstall all the packages on your
system, but the FreeBSD base system will still remain. This allows
FreeBSD to boot normally without any packages installed.
I recommend you uninstall all packages (with 'pkg_delete -a', or
'pkg_delete -av' if you want to watch all the files being deleted),
then install only what you need from the Ports tree.
Your DNS server should probably not require any packages to be
installed, as DNS server software (BIND) is provided with the FreeBSD
base system. But that really depends what your requirements are.
Regards
Andrew
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
------------------------------
Message: 12
Date: Mon, 28 Jul 2008 19:29:09 +0200 (CEST)
From: Wojciech Puchar <wojtek@xxxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Cleaning data off a remote machine
To: Chris Hastie <lists@xxxxxxxxxxxxxx>
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID: <20080728192801.X44373@xxxxxxxxxxxxxxxxxxxxxxx>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
don't inadvertantly leave any bits of sensitive data on it. What is the bestremove all your files, then
way to remove all data from the hard drive? I have no problem if this removes
the OS along the way, but ideally I would like to be able to do what ever I do
from an SSH session. If there's no alternative I can arange KVMoIP console
access.
cat /dev/zero >file
on every partition
------------------------------
Message: 13
Date: Mon, 28 Jul 2008 19:37:24 +0200
From: Roland Smith <rsmith@xxxxxxxxx>
Subject: Re: Cleaning data off a remote machine
To: Chris Hastie <lists@xxxxxxxxxxxxxx>
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID: <20080728173724.GA19106@xxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
On Mon, Jul 28, 2008 at 05:23:04PM +0100, Chris Hastie wrote:I'm about to give up a FreeBSD dedicated server and would like to make sure I
don't inadvertantly leave any bits of sensitive data on it. What is the best
way to remove all data from the hard drive?
Remove the harddive and move a seriously strong magnet over it. This
will render the drive unreadable and useless, since it will also destroy
the servo control data used for locating the tracks.
I have no problem if this removes the OS along the way, but ideally I
would like to be able to do what ever I do from an SSH session.
The security/wipe port comes to mind.
Roland
--
R.F.Smith http://www.xs4all.nl/~rsmith/
[plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated]
pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/5a050cd3/attachment-0001.pgp
------------------------------
Message: 14
Date: Mon, 28 Jul 2008 13:45:02 -0400
From: "Jean-Paul Natola" <jnatola@xxxxxxxxxxxxxxxxxx>
Subject: OT: Custmoize VNC
To: "FreeBSD Questions" <freebsd-questions@xxxxxxxxxxx>
Message-ID: <3A85D7EF44E1C744BF6434691F5659E9703639@xxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
I know there are two apps (open source) that will allow you to customize vnc
but I just cant remember, in essence I want the remote users (outside the
lan) to be able to download the file click run and it will automatically,
upon launch connect to the viewer here at HQ (ip add encryption port # etc..)
I was looking at this a few weeks ago and like a fool I didn't bookmark the
page, any help would be appreciated
TIA
JP
------------------------------
Message: 15
Date: Mon, 28 Jul 2008 22:35:27 +0530
From: "N. Raghavendra" <raghu@xxxxxxxxxxxx>
Subject: LispWorks Personal on FreeBSD 7
To: FreeBSD Users Questions <questions@xxxxxxxxxxx>
Message-ID: <86fxpuym5k.fsf@xxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset=us-ascii
Recently I had some difficulty in installing the Common Lisp
implementation LispWorks Personal 5.1 on FreeBSD 7, and am posting my
experience here. It may be useful to others, if any, interested in
running this CL implementation on FreeBSD 7. The problem was due to
the fact that LW depends on several libraries from FreeBSD 5 and 6.
Following suggestions on the LW mailing list, the right installation
sequence seems to be:
1. Ensure that the kernel options `COMPAT_FREEBSD5' and
`COMPAT_FREEBSD6' are on.
2. Install the ports `misc/compat5x' and `misc/compat6x'.
3. Install the package `compatXm-6.3_1.tgz'.
4. Install the package `lispworks-personal-5.1.tgz'.
The packages in 3 and 4 are available from the LispWorks FTP server.
There's more information in the LW Knowledge Base article at
http://www.lispworks.com/kb/67634814074628b180257490005cb9d3.html and
in the LW mailing list thread
http://thread.gmane.org/gmane.lisp.lispworks.general/8422 which also
describes some minor tweaking of LD_LIBRARY_PATH that was needed.
Raghavendra.
--
N. Raghavendra <raghu@xxxxxxxxxxxx> | http://www.retrotexts.net/
Harish-Chandra Research Institute | http://www.mri.ernet.in/
See message headers for contact and OpenPGP information.
------------------------------
Message: 16
Date: Mon, 28 Jul 2008 13:51:04 -0400
From: kalin m <mail@xxxxxxxxxx>
Subject: pci compliance
To: freebsd-questions@xxxxxxxxxxx
Message-ID: <488E0708.2060207@xxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
hi all...
i'm about to submit a freebsd system to be scanned for pci compliance...
is there any particular gotchas with bsd systems that can be detected at
the time of pci compliance scanning?
i know they use something like nmap if not nmap itself and i did myself
on that machine and didn't find anything interesting.
but one of the consultants that was 'advising' the company i work for
said "we use similar (as in nmap) approach but it's (much) more
intrusive". anybody knows what does that mean?
thanks...
------------------------------
Message: 17
Date: Mon, 28 Jul 2008 20:01:14 +0200
From: bsd <bsd@xxxxxxxxx>
Subject: Re: amavisd-new needs lib32 on amd64 ?
To: Liste FreeBSD <freebsd-questions@xxxxxxxxxxx>
Message-ID: <A1655D7F-2F38-4F34-B23C-80A19334CB5F@xxxxxxxxx>
Content-Type: text/plain; charset=WINDOWS-1252; format=flowed;
delsp=yes
Ok,
After digging a little bit more into the code, It seems that It was
due to rar decompile which is a 32bit ports;
I uncommented the rar options for this port and It went ok.
I would still be interested in a more detailed answer to my own
question regarding 32/64 bit compatibility.
Sincerly yours.
G.B.
Le 28 juil. 08 à 19:10, bsd a écrit :
Hello folks,
I am trying to install amavisd-new for filtering purposes on an
amd64 install.
It complains at compile startup not to be able to install it
===> amavisd-new-2.6.1,1 requires 32-bit libraries installed
under /usr/lib32.
*** Error code 1
Stop in /usr/ports/security/amavisd-new.
*** Error code 1
Stop in /usr/ports/security/amavisd-new.
I don't know how to install such library.
What should I do ?
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx
"
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
Gregober ---> PGP ID --> 0x1BA3C2FD
bsd @at@ todoo.biz
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
P "Please consider your environmental responsibility before printing
this e-mail"
------------------------------
Message: 18
Date: Mon, 28 Jul 2008 20:02:40 +0200
From: "Ross Cameron" <ross.cameron@xxxxxxxxxxxxxx>
Subject: Re: pci compliance
To: "kalin m" <mail@xxxxxxxxxx>
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID:
<35f70db10807281102q5a0b73c3h554338292e3b751a@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=UTF-8
On Mon, Jul 28, 2008 at 7:51 PM, kalin m <mail@xxxxxxxxxx> wrote:
hi all...
i'm about to submit a freebsd system to be scanned for pci compliance...
is there any particular gotchas with bsd systems that can be detected at
the time of pci compliance scanning?
i know they use something like nmap if not nmap itself and i did myself on
that machine and didn't find anything interesting.
but one of the consultants that was 'advising' the company i work for said
"we use similar (as in nmap) approach but it's (much) more intrusive".
anybody knows what does that mean?
thanks...
The PCI auditing process is a full penetration test.
It's very thorough and not at all easy to pass.
Get hold of a copy of "The penetration tester's handbook" and make sure u
pass all the tests in the book and u should be ok
------------------------------
Message: 19
Date: Mon, 28 Jul 2008 14:24:56 -0400
From: kalin m <mail@xxxxxxxxxx>
Subject: Re: pci compliance
To: ross.cameron@xxxxxxxxxxxxxx
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID: <488E0EF8.4030305@xxxxxxxxxx>
Content-Type: text/plain; charset=UTF-8; format=flowed
cool. thanks. i couldn't find anything on google under that name but
i've been looking and reading on a lot of documentation on line and print.
so i was just asking if there are any things that pertain in particular
to the freebsd os that need to be addressed before the scanning.
how full of a penetration can you have if (almost) all incoming ports
are blocked?
thanks....
Ross Cameron wrote:On Mon, Jul 28, 2008 at 7:51 PM, kalin m <mail@xxxxxxxxxx> wrote:
hi all...
i'm about to submit a freebsd system to be scanned for pci compliance...
is there any particular gotchas with bsd systems that can be detected at
the time of pci compliance scanning?
i know they use something like nmap if not nmap itself and i did myself on
that machine and didn't find anything interesting.
but one of the consultants that was 'advising' the company i work for said
"we use similar (as in nmap) approach but it's (much) more intrusive".
anybody knows what does that mean?
thanks...
The PCI auditing process is a full penetration test.
It's very thorough and not at all easy to pass.
Get hold of a copy of "The penetration tester's handbook" and make sure u
pass all the tests in the book and u should be ok
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
------------------------------
Message: 20
Date: Mon, 28 Jul 2008 14:22:46 -0400
From: "Bob McConnell" <rvm@xxxxxxxxx>
Subject: RE: pci compliance
To: <freebsd-questions@xxxxxxxxxxx>
Message-ID: <FF8482A96323694490C194BABEAC24A0030A25CF@xxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="us-ascii"
On Behalf Of Ross CameronOn Mon, Jul 28, 2008 at 7:51 PM, kalin m <mail@xxxxxxxxxx> wrote:compliance...
i'm about to submit a freebsd system to be scanned for pciat
is there any particular gotchas with bsd systems that can be detectedmyself onthe time of pci compliance scanning?
i know they use something like nmap if not nmap itself and i did
saidthat machine and didn't find anything interesting.
but one of the consultants that was 'advising' the company i work for
intrusive"."we use similar (as in nmap) approach but it's (much) moresure uanybody knows what does that mean?
The PCI auditing process is a full penetration test.
It's very thorough and not at all easy to pass.
Get hold of a copy of "The penetration tester's handbook" and makepass all the tests in the book and u should be ok
How intense depends on which PCI level you are aiming for and which
services you will have running on that server. We have completed level 3
for our hosted web servers and firewalls, and are shooting for level 1
by the end of the calendar year. However, I am not yet involved in any
of those projects.
Bob McConnell
------------------------------
Message: 21
Date: Mon, 28 Jul 2008 18:15:49 +0000 (UTC)
From: Juan Carlos Villalobos <irobot@xxxxxxxxxxxxxxxx>
Subject: Component-based Operating System.
To: freebsd-questions@xxxxxxxxxxx
Message-ID: <Pine.NEB.4.64.0807281813020.5391@xxxxxxxxxxxxxxxx>
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Hello,
I am writing a paper on Component-based Operating Systems. I just wanted
to know if FreeBSD is an Operating System engineered based on Components.
I appreciate your input on this.
Thanks
irobot@xxxxxxxxxxxxxxxx
SDF Public Access UNIX System - http://sdf.lonestar.org
------------------------------
Message: 22
Date: Mon, 28 Jul 2008 20:57:37 +0200
From: Ivan Voras <ivoras@xxxxxxxxxxx>
Subject: Re: Component-based Operating System.
To: freebsd-questions@xxxxxxxxxxx
Message-ID: <g6l4r9$hh1$1@xxxxxxxxxxxxx>
Content-Type: text/plain; charset="utf-8"
Juan Carlos Villalobos wrote:
Hello,
I am writing a paper on Component-based Operating Systems. I just wanted
to know if FreeBSD is an Operating System engineered based on Components.
I appreciate your input on this.
"Components" is a wide, wide term. Since FreeBSD as an operating system
consists of separate libraries, headers, executables, and both the
kernel and the userland have subsystems that are more-or-less autonomic
and independent, you could say it's componentized. You need to be more
specific to get a more specific answer.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/a1b4331f/signature-0001.pgp
------------------------------
Message: 23
Date: Mon, 28 Jul 2008 20:58:07 +0200
From: "Ross Cameron" <ross.cameron@xxxxxxxxxxxxxx>
Subject: Re: pci compliance
To: "kalin m" <mail@xxxxxxxxxx>
Cc: freebsd-questions@xxxxxxxxxxx
Message-ID:
<35f70db10807281158m1fa96b39o3d56f19b772ee6fa@xxxxxxxxxxxxxx>
Content-Type: text/plain; charset=UTF-8
On Mon, Jul 28, 2008 at 8:24 PM, kalin m <mail@xxxxxxxxxx> wrote:
cool. thanks. i couldn't find anything on google under that name but i've
been looking and reading on a lot of documentation on line and print.
so i was just asking if there are any things that pertain in particular to
the freebsd os that need to be addressed before the scanning.
how full of a penetration can you have if (almost) all incoming ports are
blocked?
thanks....
Depends on the PCI level you are being audited for.
But there are any number of attacks you can throw at a box thats fully
closed up, and the aim is not to get it but rather to chew up all the ram
and cpu and kill the box off.
I suggest you read the PCI compliance document for the relevant level and
make sure you test the system to comply with the documented requirements.
------------------------------
Message: 24
Date: Mon, 28 Jul 2008 21:50:19 +0200
From: Kris Kennaway <kris@xxxxxxxxxxx>
Subject: Re: 'stray irq7's cause hang?
To: stevefranks@xxxxxxxx
Cc: FreeBSD Mailing List <freebsd-questions@xxxxxxxxxxx>
Message-ID: <488E22FB.60203@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Steve Franks wrote:I've got a new system that hangs after about 2 hours - no
ctrl-alt-esc, not ctrl-alt-Fn, no ctrl-alt-delete.
I tried hints.0.apic.disabled="YES" (that's apic, not acpi) (or
whatever the correct syntax from the handbook is), but I still get the
hang, and the stray irq 7's. As far as I can see, there's no other
dmesg output related.
The stray interrupts may be a red herring. "Stray" means that no driver
is handling them, and so there is no driver to screw up :)
I see straq irq 7's on a HP proliant blade system, and also the hard
hangs (it doesn't even reply to a NMI; this means it is almost certainly
a hardware error). However I am now fairly certain the hangs are
associated to disk failure. Several of the blades that were hanging
went on to develop DMA errors from ATA, and after I validated the
remaining systems with smartctl and took offline yet more blades that
failed the self-tests, I have not had the problem recur.
Kris
------------------------------
Message: 25
Date: Mon, 28 Jul 2008 16:08:51 -0400
From: Greg Larkin <glarkin@xxxxxxxxxxx>
Subject: Re: OT: Custmoize VNC
To: Jean-Paul Natola <jnatola@xxxxxxxxxxxxxxxxxx>
Cc: FreeBSD Questions <freebsd-questions@xxxxxxxxxxx>
Message-ID: <488E2753.5020002@xxxxxxxxxxx>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jean-Paul Natola wrote:
| I know there are two apps (open source) that will allow you to
customize vnc
| but I just cant remember, in essence I want the remote users (outside the
| lan) to be able to download the file click run and it will automatically,
| upon launch connect to the viewer here at HQ (ip add encryption port #
etc..)
|
| I was looking at this a few weeks ago and like a fool I didn't
bookmark the
| page, any help would be appreciated
|
|
| TIA
| JP
Hi Jean-Paul,
I Googled for "VNC connection manager" and this site was on the first page:
http://www.s-code.com/products/vncmanager/compare.aspx
Is that something like what you're looking for?
Best regards,
Greg
- --
Greg Larkin
http://www.sourcehosting.net/
http://www.FreeBSD.org/ - The Power To Serve
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIjidT0sRouByUApARAiN/AKCBtdJajfcP+KiMfen69UK+pnMJkQCgxwSL
osLEeFxovY0w89v/KVWYB9o=
=EQ7G
-----END PGP SIGNATURE-----
------------------------------
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
End of freebsd-questions Digest, Vol 226, Issue 3
*************************************************
_______________________________________________
freebsd-questions@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: help
- From: David Kelly
- Re: help
- Prev by Date: Re: email disclaimer <insert; remove and instert>
- Next by Date: Re: Monitoring CPU temperature: mbmon shows 201 degrees C
- Previous by thread: email disclaimer <insert; remove and instert>
- Next by thread: Re: help
- Index(es):
Relevant Pages
|
