From owner-freebsd-questions@FreeBSD.ORG Tue Jul 29 06:09:11 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED63C1065674 for ; Tue, 29 Jul 2008 06:09:11 +0000 (UTC) (envelope-from gdakos@enovation.gr) Received: from t1088.8com.gr (t1088.8com.gr [89.163.145.23]) by mx1.freebsd.org (Postfix) with ESMTP id D56448FC16 for ; Tue, 29 Jul 2008 06:09:10 +0000 (UTC) (envelope-from gdakos@enovation.gr) Received: from John ([83.235.249.6]) by t1088.8com.gr (IceWarp 9.1.0) with SMTP id JNM07705 for ; Tue, 29 Jul 2008 08:09:05 +0200 Message-ID: From: "John Dakos [ Enovation Technologies ]" To: References: <20080728200902.EE19B1065684@hub.freebsd.org> Date: Tue, 29 Jul 2008 09:09:15 +0300 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.5512 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512 Subject: help X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2008 06:09:12 -0000 ----- Original Message ----- From: To: Sent: Monday, July 28, 2008 11:09 PM Subject: freebsd-questions Digest, Vol 226, Issue 3 > Send freebsd-questions mailing list submissions to > freebsd-questions@freebsd.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > or, via email, send a message with subject or body 'help' to > freebsd-questions-request@freebsd.org > > You can reach the person managing the list at > freebsd-questions-owner@freebsd.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of freebsd-questions digest..." > > > Today's Topics: > > 1. 'help' (John Dakos [ Enovation Technologies ]) > 2. No controller detected when boot FreeBSD 7.0 (vardyh) > 3. Racoon not identifying host specified in config file (Torbj?rn) > 4. Re: Binary upgrade from legacy version + ports (Jeffrey Goldberg) > 5. Re: new vanilla system fails to install many packages/ports > (Steve Franks) > 6. 'stray irq7's cause hang? (Steve Franks) > 7. Cleaning data off a remote machine (Chris Hastie) > 8. amavisd-new needs lib32 on amd64 ? (bsd) > 9. Re: Cleaning data off a remote machine (Andrew L. Gould) > 10. Re: No controller detected when boot FreeBSD 7.0 (Matthew Seaman) > 11. Re: Deinstalling X and all dependencies[SOLVED] (bsd) > 12. Re: Cleaning data off a remote machine (Wojciech Puchar) > 13. Re: Cleaning data off a remote machine (Roland Smith) > 14. OT: Custmoize VNC (Jean-Paul Natola) > 15. LispWorks Personal on FreeBSD 7 (N. Raghavendra) > 16. pci compliance (kalin m) > 17. Re: amavisd-new needs lib32 on amd64 ? (bsd) > 18. Re: pci compliance (Ross Cameron) > 19. Re: pci compliance (kalin m) > 20. RE: pci compliance (Bob McConnell) > 21. Component-based Operating System. (Juan Carlos Villalobos) > 22. Re: Component-based Operating System. (Ivan Voras) > 23. Re: pci compliance (Ross Cameron) > 24. Re: 'stray irq7's cause hang? (Kris Kennaway) > 25. Re: OT: Custmoize VNC (Greg Larkin) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 28 Jul 2008 16:08:42 +0300 > From: "John Dakos [ Enovation Technologies ]" > Subject: 'help' > To: > Message-ID: > Content-Type: text/plain; format=flowed; charset="iso-8859-1"; > reply-type=original > > > ----- Original Message ----- > From: > To: > Sent: Monday, July 28, 2008 3:00 PM > Subject: freebsd-questions Digest, Vol 226, Issue 2 > > >> Send freebsd-questions mailing list submissions to >> freebsd-questions@freebsd.org >> >> To subscribe or unsubscribe via the World Wide Web, visit >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> or, via email, send a message with subject or body 'help' to >> freebsd-questions-request@freebsd.org >> >> You can reach the person managing the list at >> freebsd-questions-owner@freebsd.org >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of freebsd-questions digest..." >> >> >> Today's Topics: >> >> 1. Re: malloc options (Karl Vogel) >> 2. Re: malloc options (Giorgos Keramidas) >> 3. Network, routers, DHCP and PXE (Svein Halvor Halvorsen) >> 4. Re: Network, routers, DHCP and PXE (Manolis Kiagias) >> 5. Re: Binary upgrade from legacy version + ports >> (Jan Henrik Sylvester) >> 6. Re: Network, routers, DHCP and PXE (Subhro) >> 7. Re: Network, routers, DHCP and PXE (Svein Halvor Halvorsen) >> 8. Re: Network, routers, DHCP and PXE (Manolis Kiagias) >> 9. Re: Network, routers, DHCP and PXE (Svein Halvor Halvorsen) >> 10. Re: Network, routers, DHCP and PXE (Manolis Kiagias) >> 11. wget vs fetch (Marcel Grandemange) >> 12. wget vs fetch (Marcel Grandemange) >> 13. RE: wget vs fetch (Marcel Grandemange) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Sun, 27 Jul 2008 21:55:39 -0400 (EDT) >> From: vogelke+software@pobox.com (Karl Vogel) >> Subject: Re: malloc options >> To: Giorgos Keramidas >> Cc: freebsd-questions@freebsd.org >> Message-ID: <20080728015539.70030B7B9@kev.msw.wpafb.af.mil> >> >>>> On Sat, 26 Jul 2008 17:36:35 -0700, >>>> Doug Hardie wrote: >> >> D> The program has worked under considerable load for many years with >> versions >> D> 3.7 to 6.2. Problems only occur with 7.0. The program is quite >> complex >> D> and big. It uses probably hundreds of mallocs in a typical use. The >> D> problems only occur reasonably randomly and only under quite heavy >> load. >> D> The developer is looking into it, but the problem only occurs on >> FreeBSD >> D> 7.0, not any other Unix systems. In the meantime I am losing money >> because >> D> of it. >> >>>> On Sun, 27 Jul 2008 05:03:58 +0300, >>>> Giorgos Keramidas said: >> >> G> While that's understandable, the current malloc() has undergone quite >> G> extensive testing by Jason Evans and a lot of people who use it in >> FreeBSD >> G> 7.X or later. Its ability to expose bugs in this way was deemed >> important >> G> enough that it is now used by other projects too. >> >> I ran into a similar problem with the BSD allocator running under heavy >> load that didn't happen under any Solaris or Linux system I used. I >> finally fixed it by using Doug Lea's malloc just for this one >> application: >> >> http://shell.siscom.net/~vogelke/Software/Languages/C/Libraries/malloc/ >> >> This was under FreeBSD 6.*, but it might provide another data point if >> you >> want to give it a try. >> >> -- >> Karl Vogel I don't speak for the USAF or my company >> vogelke at pobox dot com http://www.pobox.com/~vogelke >> >> And God said, "Let there be vodka!" And saw that it was good. Then God >> said, "Let there be light!" And then said, "Whoa - too much light." >> >> >> ------------------------------ >> >> Message: 2 >> Date: Mon, 28 Jul 2008 07:13:50 +0300 >> From: Giorgos Keramidas >> Subject: Re: malloc options >> To: vogelke+software@pobox.com >> Cc: freebsd-questions@freebsd.org >> Message-ID: <87k5f6odc1.fsf@kobe.laptop> >> Content-Type: text/plain; charset=us-ascii >> >> On Sun, 27 Jul 2008 21:55:39 -0400 (EDT), vogelke+software@pobox.com >> (Karl >> Vogel) wrote: >>>>> On Sat, 26 Jul 2008 17:36:35 -0700, >>>>> Doug Hardie wrote: >>> >>> D> The program has worked under considerable load for many years with >>> D> versions 3.7 to 6.2. Problems only occur with 7.0. The program is >>> D> quite complex and big. It uses probably hundreds of mallocs in a >>> D> typical use. The problems only occur reasonably randomly and only >>> D> under quite heavy load. The developer is looking into it, but the >>> D> problem only occurs on FreeBSD 7.0, not any other Unix systems. In >>> D> the meantime I am losing money because of it. >>> >>>>> On Sun, 27 Jul 2008 05:03:58 +0300, >>>>> Giorgos Keramidas said: >>> >>> G> While that's understandable, the current malloc() has undergone >>> G> quite extensive testing by Jason Evans and a lot of people who use >>> G> it in FreeBSD 7.X or later. Its ability to expose bugs in this way >>> G> was deemed important enough that it is now used by other projects >>> G> too. >>> >>> I ran into a similar problem with the BSD allocator running under >>> heavy load that didn't happen under any Solaris or Linux system I >>> used. I finally fixed it by using Doug Lea's malloc just for this one >>> application: >>> >>> >>> http://shell.siscom.net/~vogelke/Software/Languages/C/Libraries/malloc/ >>> >>> This was under FreeBSD 6.*, but it might provide another data point if >>> you want to give it a try. >> >> I'm not sure how similar the two problems are. I quite frankly know >> _very_ little of what the original problem was, other than "I am >> encountering issues where values just seem to arbitrarily change". >> >> Memory exhaustion is a potential problem with almost any sort of >> allocator that fragments memory in any way, but random corruption of >> user data is probably a different issue :/ >> >> If you have some sort of description of the workload that triggered the >> memory exhaustion with jemalloc (the current malloc implementation in >> FreeBSD), it's probably a good idea to talk to Jason Evans about it (his >> email is "jasone" at FreeBSD.org). He may be able to help you tune >> malloc or even make changes to the system version of malloc that make it >> less vulnerable to this sort of problem. >> >> >> >> ------------------------------ >> >> Message: 3 >> Date: Mon, 28 Jul 2008 09:18:23 +0200 >> From: Svein Halvor Halvorsen >> Subject: Network, routers, DHCP and PXE >> To: questions@freebsd.org >> Message-ID: <488D72BF.80205@lvor.halvorsen.cc> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Hi, list! >> >> >> I have a private home network, on an ADSL2+ connection to the >> internet. The home network is behind NAT, all automatically set up >> by the router/dhcp server/wlan access point/adsl modem that I got >> from my ISP. It's a Thomson SpeedTouch 585 router. >> >> Now, on this network, most of the computers get their IP by means of >> DHCP. Except our home audio server, which have a hard coded ip >> address in rc.conf, set to something within the range of the dhcp >> server (10.0.0.2-10.0.0.253). The server seems to pick this up, and >> don't give that address away to someone else. >> >> I've tried using other addresses outside this range, like 10.0.1.1, >> but that doesn't work. All network access is lost when I do that. >> >> Now, on my local network I'd like to put a diskless machine. As I >> understand it, my DHCP server needs to tell the client about the >> "filename" and a "next-server" to use. I don't think I can setup the >> Thomson router to do this. All the instruction I can find online >> advises me to install a DHCP server on the same machine that serves >> the pxe boot image. But if I do that, I'll get two DHCP servers on >> my local network. Is that ok? Will there be a race condition, when a >> client asks for an IP address? >> >> >> sv. >> >> >> ------------------------------ >> >> Message: 4 >> Date: Mon, 28 Jul 2008 10:48:19 +0300 >> From: Manolis Kiagias >> Subject: Re: Network, routers, DHCP and PXE >> To: Svein Halvor Halvorsen >> Cc: questions@freebsd.org >> Message-ID: <488D79C3.6070000@gmail.com> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Svein Halvor Halvorsen wrote: >>> Hi, list! >>> >>> >>> I have a private home network, on an ADSL2+ connection to the >>> internet. The home network is behind NAT, all automatically set up >>> by the router/dhcp server/wlan access point/adsl modem that I got >>> from my ISP. It's a Thomson SpeedTouch 585 router. >>> >>> Now, on this network, most of the computers get their IP by means of >>> DHCP. Except our home audio server, which have a hard coded ip >>> address in rc.conf, set to something within the range of the dhcp >>> server (10.0.0.2-10.0.0.253). The server seems to pick this up, and >>> don't give that address away to someone else. >>> >> >> You may also want to ensure that the router will never allocate your >> static IP address to someone else. >> Look at the DHCP router settings either for DHCP scope (set it to >> narrower values, and use a static IP outside the range) or for something >> like exceptions / exclusion where you can mark a specific IP that DHCP >> will never assign. >>> I've tried using other addresses outside this range, like 10.0.1.1, >>> but that doesn't work. All network access is lost when I do that. >>> >> >> 10.0.1.1 is a different network (I assume your netmask is >> 255.255.255.0, but check your router or your clients) >> >>> Now, on my local network I'd like to put a diskless machine. As I >>> understand it, my DHCP server needs to tell the client about the >>> "filename" and a "next-server" to use. I don't think I can setup the >>> Thomson router to do this. All the instruction I can find online >>> advises me to install a DHCP server on the same machine that serves >>> the pxe boot image. But if I do that, I'll get two DHCP servers on >>> my local network. Is that ok? Will there be a race condition, when a >>> client asks for an IP address? >>> >> >> You will have to shutdown the router's DHCP. Probably disable it >> permanently and assign this function to a machine. >> The DHCP of the router also sends you the following information (besides >> IP address): >> >> - DNS Server(s): Either the ones used by your ISP (consult its website) >> or its own address (i.e. 10.0.0.1). Most routers send their own address >> as a DNS server and perform the resolution by sending your request to >> ISP servers. >> - Gateway address: This is always the router's local IP address (i.e. >> 10.0.0.1) >> >> If you setup your own DHCP server, make sure it is set to send this info >> as well. (These are commonly known as DHCP options) >> >> >> ------------------------------ >> >> Message: 5 >> Date: Mon, 28 Jul 2008 09:52:48 +0200 >> From: Jan Henrik Sylvester >> Subject: Re: Binary upgrade from legacy version + ports >> To: Svein Halvor Halvorsen >> Cc: questions-list freebsd >> Message-ID: <488D7AD0.5090804@janh.de> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Svein wrote: >> > Is there a problem using the prebuilt packages from STABLE on a >> > RELEASE box? If I want to run RELEASE, and still use the latest >> > packages? The ABI is consistent between STABLE and RELEASE, right? >> >> Yes, there is a problem. See my posting here: >> >> http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177553.html >> >> Unfortunatelly, I have not got an answer, but it is obvious packages >> using this new symbol must fail: >> >> http://lists.freebsd.org/pipermail/cvs-src/2008-May/091586.html >> >> The question is, if other package may fail as well. >> >> I have had one more error that went away after recompiling a STABLE >> package: >> >> http://lists.freebsd.org/pipermail/freebsd-gnome/2008-July/020520.html >> >> I do not know if this is related, though. >> >> If you find out more, please, let me know. >> >> Cheers, >> Jan Henrik >> >> >> ------------------------------ >> >> Message: 6 >> Date: Mon, 28 Jul 2008 13:35:55 +0530 >> From: Subhro >> Subject: Re: Network, routers, DHCP and PXE >> To: "Manolis Kiagias" >> Cc: Svein Halvor Halvorsen , >> questions@freebsd.org >> Message-ID: >> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Just to add to that suggestion, if you have a separate DHCP server, >> make sure your router works as a DHCP client for the internal network >> as well. You should be able to do that by telnetting into the >> management port. You may use a serial cable as well. >> >> This is required in order to get the NAT working properly. >> >> Thanks >> Subhro >> >> On Mon, Jul 28, 2008 at 1:18 PM, Manolis Kiagias >> wrote: >>> Svein Halvor Halvorsen wrote: >>>> >>>> Hi, list! >>>> >>>> >>>> I have a private home network, on an ADSL2+ connection to the >>>> internet. The home network is behind NAT, all automatically set up >>>> by the router/dhcp server/wlan access point/adsl modem that I got >>>> from my ISP. It's a Thomson SpeedTouch 585 router. >>>> >>>> Now, on this network, most of the computers get their IP by means of >>>> DHCP. Except our home audio server, which have a hard coded ip >>>> address in rc.conf, set to something within the range of the dhcp >>>> server (10.0.0.2-10.0.0.253). The server seems to pick this up, and >>>> don't give that address away to someone else. >>>> >>> >>> You may also want to ensure that the router will never allocate your >>> static >>> IP address to someone else. >>> Look at the DHCP router settings either for DHCP scope (set it to >>> narrower >>> values, and use a static IP outside the range) or for something like >>> exceptions / exclusion where you can mark a specific IP that DHCP will >>> never >>> assign. >>>> >>>> I've tried using other addresses outside this range, like 10.0.1.1, >>>> but that doesn't work. All network access is lost when I do that. >>>> >>> >>> 10.0.1.1 is a different network (I assume your netmask is 255.255.255.0, >>> but >>> check your router or your clients) >>> >>>> Now, on my local network I'd like to put a diskless machine. As I >>>> understand it, my DHCP server needs to tell the client about the >>>> "filename" and a "next-server" to use. I don't think I can setup the >>>> Thomson router to do this. All the instruction I can find online >>>> advises me to install a DHCP server on the same machine that serves >>>> the pxe boot image. But if I do that, I'll get two DHCP servers on >>>> my local network. Is that ok? Will there be a race condition, when a >>>> client asks for an IP address? >>>> >>> >>> You will have to shutdown the router's DHCP. Probably disable it >>> permanently >>> and assign this function to a machine. >>> The DHCP of the router also sends you the following information (besides >>> IP >>> address): >>> >>> - DNS Server(s): Either the ones used by your ISP (consult its website) >>> or >>> its own address (i.e. 10.0.0.1). Most routers send their own address as >>> a >>> DNS server and perform the resolution by sending your request to ISP >>> servers. >>> - Gateway address: This is always the router's local IP address (i.e. >>> 10.0.0.1) >>> >>> If you setup your own DHCP server, make sure it is set to send this info >>> as >>> well. (These are commonly known as DHCP options) >>> _______________________________________________ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to >>> "freebsd-questions-unsubscribe@freebsd.org" >>> >> >> >> >> -- >> Subhro Kar >> Software Engineer >> Dynamic Digital Technologies Pvt. Ltd. >> EPY-3, Sector: V >> Salt Lake City >> 700091 >> India >> >> >> ------------------------------ >> >> Message: 7 >> Date: Mon, 28 Jul 2008 10:56:47 +0200 >> From: Svein Halvor Halvorsen >> Subject: Re: Network, routers, DHCP and PXE >> To: Manolis Kiagias >> Cc: questions@freebsd.org >> Message-ID: <488D89CF.1040100@lvor.halvorsen.cc> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Manolis Kiagias wrote: >>>> Now, on this network, most of the computers get their IP by means of >>>> DHCP. Except our home audio server, which have a hard coded ip >>>> address in rc.conf, set to something within the range of the dhcp >>>> server (10.0.0.2-10.0.0.253). The server seems to pick this up, and >>>> don't give that address away to someone else. >>> >>> You may also want to ensure that the router will never allocate your >>> static IP address to someone else. >>> Look at the DHCP router settings either for DHCP scope (set it to >>> narrower values, and use a static IP outside the range) or for something >>> like exceptions / exclusion where you can mark a specific IP that DHCP >>> will never assign. >> >> Yeah, but even though the router has customizable values for this >>range, and issues a warning when i try to change them, it still >> doesn't change them when I click "yes" on the warning. It is >> pre-configured to 10.0.0.2-10.0.0.253 >> >> I could of course use 10.0.0.254 for my static ip, but my room mate >> also wants a static address. >> >>>> I've tried using other addresses outside this range, like 10.0.1.1, >>>> but that doesn't work. All network access is lost when I do that. >>> >>> 10.0.1.1 is a different network (I assume your netmask is >>> 255.255.255.0, but check your router or your clients) >> >> You're right! But how do I make the entire 10/24 adress space >> available? It would be "clean" (I guess) to have a different adresse >> scheme for the static adresses. >> >> Anyway, it this point this isn't really critical, as the router >> figures out that the addresses I use, are in fact in use, and keeps >> them out of its dhcp address pool. >> >> >>> You will have to shutdown the router's DHCP. Probably disable it >>> permanently and assign this function to a machine. >>> The DHCP of the router also sends you the following information (besides >>> IP address): >>> >>> - DNS Server(s): Either the ones used by your ISP (consult its website) >>> or its own address (i.e. 10.0.0.1). Most routers send their own address >>> as a DNS server and perform the resolution by sending your request to >>> ISP servers. >>> - Gateway address: This is always the router's local IP address (i.e. >>> 10.0.0.1) >>> >>> If you setup your own DHCP server, make sure it is set to send this info >>> as well. (These are commonly known as DHCP options) >> >> So as long as I make my own DHCP server act the same way as the >> router one, I should be fine? NAT and all will work? >> >> Is there a way to debug the DHCP response from the current router >> dhcp server? So I can see what options it actually sends? dhclient >> doesn't seem to have a "more verbose" option, only less. >> >> >> sv. >> >> >> ------------------------------ >> >> Message: 8 >> Date: Mon, 28 Jul 2008 12:42:52 +0300 >> From: Manolis Kiagias >> Subject: Re: Network, routers, DHCP and PXE >> To: Svein Halvor Halvorsen >> Cc: questions@freebsd.org >> Message-ID: <488D949C.5020002@gmail.com> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Svein Halvor Halvorsen wrote: >>> Manolis Kiagias wrote: >>> >>>>> Now, on this network, most of the computers get their IP by means of >>>>> DHCP. Except our home audio server, which have a hard coded ip >>>>> address in rc.conf, set to something within the range of the dhcp >>>>> server (10.0.0.2-10.0.0.253). The server seems to pick this up, and >>>>> don't give that address away to someone else. >>>>> >>>> You may also want to ensure that the router will never allocate your >>>> static IP address to someone else. >>>> Look at the DHCP router settings either for DHCP scope (set it to >>>> narrower values, and use a static IP outside the range) or for >>>> something >>>> like exceptions / exclusion where you can mark a specific IP that DHCP >>>> will never assign. >>>> >>> >>> Yeah, but even though the router has customizable values for this >>> range, and issues a warning when i try to change them, it still >>> doesn't change them when I click "yes" on the warning. It is >>> pre-configured to 10.0.0.2-10.0.0.253 >>> >>> I could of course use 10.0.0.254 for my static ip, but my room mate >>> also wants a static address. >>> >>> >> >> What are you trying to set it at? I would just lower the 253 value, so I >> could use the upper end for my static addresses. If you try to set it to >> a subnet outside it's own address, it will definitely not accept it. >> I would also try a factory reset or firmware upgrade of the router. I >> have been using a Speedtouch 500 series for years, and never had any >> problems with settings not getting registered. AFAIR the 585 has one of >> the new web interfaces and it is kind of confusing. I found the 500 >> easier to use. >> >>>>> I've tried using other addresses outside this range, like 10.0.1.1, >>>>> but that doesn't work. All network access is lost when I do that. >>>>> >>>> 10.0.1.1 is a different network (I assume your netmask is >>>> 255.255.255.0, but check your router or your clients) >>>> >>> >>> You're right! But how do I make the entire 10/24 adress space >>> available? It would be "clean" (I guess) to have a different adresse >>> scheme for the static adresses. >>> >> >> Well problem is, a netmask of 255.255.255.0 means only the last octet >> can be used for hosts. Your DHCP server is already assigning addresses >> from this space. >> >>> Anyway, it this point this isn't really critical, as the router >>> figures out that the addresses I use, are in fact in use, and keeps >>> them out of its dhcp address pool. >>> >>> >>> >>>> You will have to shutdown the router's DHCP. Probably disable it >>>> permanently and assign this function to a machine. >>>> The DHCP of the router also sends you the following information >>>> (besides >>>> IP address): >>>> >>>> - DNS Server(s): Either the ones used by your ISP (consult its website) >>>> or its own address (i.e. 10.0.0.1). Most routers send their own address >>>> as a DNS server and perform the resolution by sending your request to >>>> ISP servers. >>>> - Gateway address: This is always the router's local IP address (i.e. >>>> 10.0.0.1) >>>> >>>> If you setup your own DHCP server, make sure it is set to send this >>>> info >>>> as well. (These are commonly known as DHCP options) >>>> >>> >>> So as long as I make my own DHCP server act the same way as the >>> router one, I should be fine? NAT and all will work? >>> >> >> Yes. As long as the clients have a valid DNS to ask, and a valid gateway >> to send their packets, everything will work properly. If you come to >> think about it, you are already doing this on the system with the static >> configuration. >> >>> Is there a way to debug the DHCP response from the current router >>> dhcp server? So I can see what options it actually sends? dhclient >>> doesn't seem to have a "more verbose" option, only less. >>> >>> >>> sv. >>> >> >> >> Not sure about this, sorry. However, don't expect much more than >> IP/Netmask, DNS Server, Gateway from a simple router. These should not >> be difficult to configure in isc-dhcp3 (net/isc-dhcp3-server). >> >> Have a look at this article: >> >> http://www.howtoforge.com/dhcp_server_linux_debian_sarge >> >> It is linux oriented, but very easy to adjust for FreeBSD. >> You will also need to add: >> >> option domain-name-servers 10.0.0.1; >> >> to set the DNS server address to your clients. >> >> >> ------------------------------ >> >> Message: 9 >> Date: Mon, 28 Jul 2008 11:59:41 +0200 >> From: Svein Halvor Halvorsen >> Subject: Re: Network, routers, DHCP and PXE >> To: Manolis Kiagias >> Cc: questions@freebsd.org >> Message-ID: <488D988D.10901@lvor.halvorsen.cc> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Manolis Kiagias wrote: >>>> Yeah, but even though the router has customizable values for this >>>> range, and issues a warning when i try to change them, it still >>>> doesn't change them when I click "yes" on the warning. It is >>>> pre-configured to 10.0.0.2-10.0.0.253 >>>> >>>> I could of course use 10.0.0.254 for my static ip, but my room mate >>>> also wants a static address. >>> >>> What are you trying to set it at? I would just lower the 253 value, so I >>> could use the upper end for my static addresses. If you try to set it to >>> a subnet outside it's own address, it will definitely not accept it. >> >> I managed to change the router ip address to 10.0.0.1/23 and just >> keep the default dhcp address space as 10.0.0.2-10.0.0.253. Now I >> seem to be able to use 10.0.1.1/24 for my own private use. >> >> (I don't think I really know what I'm doing here, but it works!) >> >> >>> Well problem is, a netmask of 255.255.255.0 means only the last octet >>> can be used for hosts. Your DHCP server is already assigning addresses >>> from this space. >> >> Well, I changed it to 255.255.254.0 (0xfffffe00) but kept the dhcp >> range as it was. >> >> >>>> So as long as I make my own DHCP server act the same way as the >>>> router one, I should be fine? NAT and all will work? >>> >>> Yes. As long as the clients have a valid DNS to ask, and a valid gateway >>> to send their packets, everything will work properly. If you come to >>> think about it, you are already doing this on the system with the static >>> configuration. >> >> Ok, I will look into this. >> >> Also, looking through the telnet interface options (which are far >> more than the web interface gives), I see that I can add "dhch >> server option templates", "dhcp server option instances" and that I >> can assign such an instance to the "dhcp server pool options". >> >> This uses a different config scheme than the isc dhcp server config >> files, though. And it seems I need to create a template before I can >> create an instance. The template takes a name and an option id as >> paramters. The instance, then takes a name, a template, and a value >> as mandatory paramters. Also enterprice number, suboption number, >> and more. >> >> How does the "filename", "next-server", etc map to option ids? Are >> these isomorphic, or do I get this completely wrong? >> >> Does this make any sense to you, or anyone else here? Should I try >> to make the router DHCP server serve the right options, or would you >> go the isc dhcp route? >> >> >> Thank you very much for your help so far! >> >> >> sv. >> >> >> >> ------------------------------ >> >> Message: 10 >> Date: Mon, 28 Jul 2008 13:25:39 +0300 >> From: Manolis Kiagias >> Subject: Re: Network, routers, DHCP and PXE >> To: Svein Halvor Halvorsen >> Cc: questions@freebsd.org >> Message-ID: <488D9EA3.4010503@gmail.com> >> Content-Type: text/plain; charset=ISO-8859-1; format=flowed >> >> Svein Halvor Halvorsen wrote: >>> Manolis Kiagias wrote: >>> >>>>> Yeah, but even though the router has customizable values for this >>>>> range, and issues a warning when i try to change them, it still >>>>> doesn't change them when I click "yes" on the warning. It is >>>>> pre-configured to 10.0.0.2-10.0.0.253 >>>>> >>>>> I could of course use 10.0.0.254 for my static ip, but my room mate >>>>> also wants a static address. >>>>> >>>> What are you trying to set it at? I would just lower the 253 value, so >>>> I >>>> could use the upper end for my static addresses. If you try to set it >>>> to >>>> a subnet outside it's own address, it will definitely not accept it. >>>> >>> >>> I managed to change the router ip address to 10.0.0.1/23 and just >>> keep the default dhcp address space as 10.0.0.2-10.0.0.253. Now I >>> seem to be able to use 10.0.1.1/24 for my own private use. >>> >>> (I don't think I really know what I'm doing here, but it works!) >>> >> >> Well, a netmask of 255.255.254.0 should give you 10.0.0.1 to 10.0.1.254 >> host addresses. >> 10.0.1.1 is within range, it should work. >>> >>> >>>> Well problem is, a netmask of 255.255.255.0 means only the last octet >>>> can be used for hosts. Your DHCP server is already assigning addresses >>>> from this space. >>>> >>> >>> Well, I changed it to 255.255.254.0 (0xfffffe00) but kept the dhcp >>> range as it was. >>> >>> >>> >> >> The DHCP range you are assigning is a subset of what you allowed with >> the netmask, thus it is valid. >> >>>>> So as long as I make my own DHCP server act the same way as the >>>>> router one, I should be fine? NAT and all will work? >>>>> >>>> Yes. As long as the clients have a valid DNS to ask, and a valid >>>> gateway >>>> to send their packets, everything will work properly. If you come to >>>> think about it, you are already doing this on the system with the >>>> static >>>> configuration. >>>> >>> >>> Ok, I will look into this. >>> >>> Also, looking through the telnet interface options (which are far >>> more than the web interface gives), I see that I can add "dhch >>> server option templates", "dhcp server option instances" and that I >>> can assign such an instance to the "dhcp server pool options". >>> >> >> Ah, yes completely forgot the speedtouch has a telnet interface as well. >> I messed with it a few times myself, mostly for fun ;) >> >>> This uses a different config scheme than the isc dhcp server config >>> files, though. And it seems I need to create a template before I can >>> create an instance. The template takes a name and an option id as >>> paramters. The instance, then takes a name, a template, and a value >>> as mandatory paramters. Also enterprice number, suboption number, >>> and more. >>> >>> How does the "filename", "next-server", etc map to option ids? Are >>> these isomorphic, or do I get this completely wrong? >>> >>> Does this make any sense to you, or anyone else here? Should I try >>> to make the router DHCP server serve the right options, or would you >>> go the isc dhcp route? >>> >>> >>> Thank you very much for your help so far! >>> >>> >>> sv. >>> >>> >> >> >> I have only done PXE with Windows servers, and it has been quite some >> time - cannot remember the details. >> I certainly would not advise you to use the router for this - even if it >> is possible it has several drawbacks. >> >> - You will, sooner or later, change the router and your new one may not >> have the capability >> - You will spend a probably unreasonable amount of time trying to make >> it work - and it may not even succeed >> - Learning how to perform this on FreeBSD will help you apply it in many >> other situations. >> >> I would definitely go the isc-dhcp route. >> >> >> ------------------------------ >> >> Message: 11 >> Date: Mon, 28 Jul 2008 12:09:16 +0200 >> From: "Marcel Grandemange" >> Subject: wget vs fetch >> To: >> Cc: steyn@e-soul.co.za >> Message-ID: <000f01c8f09a$002bf610$0083e230$@za.net> >> Content-Type: text/plain; charset="us-ascii" >> >> I have a problem with a box I upgraded from FreeBSD 6.2 To FreeBSD7 >> >> >> >> It seems the following is happening when I try use portupgrade -a or even >> building ports. >> >> ALL transfers that are FTP fail. >> >> >> >> Now to make this simple, I have following environmental variables set.. >> >> >> >> http_proxy=http://192.168.12.4:3128/ >> >> ftp_proxy=http://192.168.12.1:3128/ >> >> FTP_PASSIVE_MODE=YES >> >> >> >> And here is the strange thing.. >> >> Fetch fails, but if I use wget there is no problem. >> >> The firewall does allow ftp to go directly aswell, so I have also tried >> leaving out any and all proxy settings, this fails aswell. (Except for >> wget >> once again) >> >> >> >> And here is the crux. >> >> >> >> I have 5 mahcines on SAME network that has no issues like this, so this >> makes me think fetch is broke somehow. >> >> How can I force FreeBSD to use wget instead of fetch to bypass this? >> >> >> >> >> >> Ive tried setting env FETCH_CMD=wget but that results in wget failing >> with >> msg: >> >> >> >> Try `wget --help' for more options. >> >> => Attempting to fetch from >> http://mirror.sg.depaul.edu/pub/security/nmap/. >> >> wget: invalid option -- >> >> Usage: wget [OPTION]... [URL]... >> >> >> >> >> >> >> >> Thankx ahead! >> >> >> >> >> >> ------------------------------ >> >> Message: 12 >> Date: Mon, 28 Jul 2008 12:28:27 +0200 >> From: "Marcel Grandemange" >> Subject: wget vs fetch >> To: >> Cc: steyn@e-soul.co.za >> Message-ID: >> >> >> Content-Type: text/plain; charset="us-ascii" >> >> I have a problem with a box I upgraded from FreeBSD 6.2 To FreeBSD7 >> >> >> >> It seems the following is happening when I try use portupgrade -a or even >> building ports. >> >> ALL transfers that are FTP fail. >> >> >> >> Now to make this simple, I have following environmental variables set.. >> >> >> >> http_proxy=http://192.168.12.4:3128/ >> >> ftp_proxy=http://192.168.12.1:3128/ >> >> FTP_PASSIVE_MODE=YES >> >> >> >> And here is the strange thing.. >> >> Fetch fails, but if I use wget there is no problem. >> >> The firewall does allow ftp to go directly aswell, so I have also tried >> leaving out any and all proxy settings, this fails aswell. (Except for >> wget >> once again) >> >> >> >> And here is the crux. >> >> >> >> I have 5 mahcines on SAME network that has no issues like this, so this >> makes me think fetch is broke somehow. >> >> How can I force FreeBSD to use wget instead of fetch to bypass this? >> >> >> >> >> >> Ive tried setting env FETCH_CMD=wget but that results in wget failing >> with >> msg: >> >> >> >> Try `wget --help' for more options. >> >> => Attempting to fetch from >> http://mirror.sg.depaul.edu/pub/security/nmap/. >> >> wget: invalid option -- >> >> Usage: wget [OPTION]... [URL]... >> >> >> >> >> >> >> >> Thankx ahead! >> >> >> >> >> >> ------------------------------ >> >> Message: 13 >> Date: Mon, 28 Jul 2008 13:43:47 +0200 >> From: "Marcel Grandemange" >> Subject: RE: wget vs fetch >> To: "'Sergey Zaharchenko'" >> Cc: questions@freebsd.org >> Message-ID: <004a01c8f0a7$326df210$9749d630$@za.net> >> Content-Type: text/plain; charset="us-ascii" >> >> Thank You, Worked Perfectly! >> Saved My Life ;> >> >> -----Original Message----- >> From: Sergey Zaharchenko [mailto:doublef-ctm@yandex.ru] >> Sent: Monday, July 28, 2008 12:35 PM >> To: Marcel Grandemange >> Subject: Re: wget vs fetch >> >> Hello Marcel! >> >> Mon, Jul 28, 2008 at 12:09:16PM +0200 you wrote: >> >>> Ive tried setting env FETCH_CMD=wget but that results in wget failing >>> with >>> msg: >>> >>> >>> >>> Try `wget --help' for more options. >>> >>> => Attempting to fetch from >> http://mirror.sg.depaul.edu/pub/security/nmap/. >>> >>> wget: invalid option -- >>> >>> Usage: wget [OPTION]... [URL]... >> >> You might want to add `DISABLE_SIZE=YES' to your /etc/make.conf, as the >> fetch's -S option confuses wget. FWIW I use that in connection with >> `FETCH_CMD=wget -c --passive-ftp' in make.conf and it has been working >> for >> a >> long time for me. >> >> -- >> DoubleF >> No virus detected in this message. Ehrm, wait a minute... >> /kernel: pid 56921 (antivirus), uid 32000: exited on signal 9 Oh yes, no >> virus:) >> >> >> >> ------------------------------ >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> >> End of freebsd-questions Digest, Vol 226, Issue 2 >> ************************************************* >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 3302 (20080728) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> > > > > ------------------------------ > > Message: 2 > Date: Mon, 28 Jul 2008 21:15:53 +0800 > From: vardyh > Subject: No controller detected when boot FreeBSD 7.0 > To: FreeBSD-questions@FreeBSD.org > Message-ID: <488DC689.2090102@gmail.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi all. > I'm a newbie to FreeBSD. I added > 'console="comconsole"' > to /boot/loader.conf and I got > 'hptrr: no controller detected.' > on the next boot. I didn't change anything else except for the > 'console=xxx'. > And I had had no problem before that. Could anyone tell me why? > I will very appreciate for your help :> > > > > ------------------------------ > > Message: 3 > Date: Mon, 28 Jul 2008 16:10:51 +0200 > From: Torbj?rn > Subject: Racoon not identifying host specified in config file > To: FreeBSD-questions@FreeBSD.org > Message-ID: <488DD36B.8000300@nextline.no> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hello, everyone .. > > Some quick information about the software in use: > Jul 28 15:51:42 fw0 racoon: INFO: @(#)ipsec-tools 0.7 > (http://ipsec-tools.sourceforge.net) > Jul 28 15:51:42 fw0 racoon: INFO: @(#)This product linked OpenSSL > 0.9.7e-p1 25 Oct 2004 (http://www.openssl.org/) > > I'm having a problem with my IPSec configuration. > On one side, everything works out pretty nice. > On the other side, racoon is making bad noises about not finding a > correct configuration. > > "ERROR: couldn't find configuration." > > However, if I kill racoon, and run it in the foreground with debug > output on, I get some more information. > > 2008-07-16 16:06:27: DEBUG: === > 2008-07-16 16:06:27: DEBUG: 100 bytes message received from > 81.167.211.58[57413] to 85.200.211.69[500] > 2008-07-16 16:06:27: DEBUG: > ba9d946f 3cf4cf90 00000000 00000000 01100200 00000000 00000064 0d000034 > 00000001 00000001 00000028 01010001 00000020 01010000 800b0001 800c04b0 > 80010005 80030001 80020002 80040002 00000014 afcad713 68a1f1c9 6b8696fc > 77570100 > 2008-07-16 16:06:27: DEBUG: no remote configuration found. > 2008-07-16 16:06:27: ERROR: couldn't find configuration. > > The configuration is pretty straight forward. > > # cat racoon.conf > path pre_shared_key "/var/etc/psk.txt"; > > path certificate "/var/etc"; > > remote 81.167.211.58 { > exchange_mode main; > my_identifier address "85.200.211.69"; > > peers_identifier address 81.167.211.58; > initial_contact on; > support_proxy on; > proposal_check obey; > > proposal { > encryption_algorithm 3des; > hash_algorithm sha1; > authentication_method pre_shared_key; > dh_group 2; > lifetime time 2400 secs; > } > lifetime time 2400 secs; > } > > sainfo address 85.200.211.64/29 any address 192.168.100.0/24 any { > encryption_algorithm 3des,blowfish,cast128,rijndael,rijndael 256; > authentication_algorithm hmac_sha1,hmac_md5; > compression_algorithm deflate; > lifetime time 1200 secs; > } > > Here is the weird thing; if I change that remote stanza to read > > remote anonymous { > blah; > } > > then everything works out nice, racoon even tells me it uses the > anonymous stanza for that correct IP. > > 2008-07-16 16:11:06: DEBUG: anonymous configuration selected for > 81.167.211.58. > > So, to me this seems really odd, how come racoon isn't picking up that > stanza when configured for that specified IP ? > Using the remote stanza is not what I really want .. > > So, does anyone have any ideas on what is going on here ? > Using tcpdump I can see that it is in fact 81.167.211.58 that is coming > through to racoon, on port 500/UDP. > > Thanks for a great product, by the way. > > -- Torbjĝrn / Nextline > > > ------------------------------ > > Message: 4 > Date: Mon, 28 Jul 2008 10:12:09 -0500 > From: Jeffrey Goldberg > Subject: Re: Binary upgrade from legacy version + ports > To: Jan Henrik Sylvester > Cc: Svein Halvor Halvorsen , questions-list > freebsd > Message-ID: > Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes > > On Jul 28, 2008, at 2:52 AM, Jan Henrik Sylvester wrote: > >> Svein wrote: >> > Is there a problem using the prebuilt packages from STABLE on a >> > RELEASE box? If I want to run RELEASE, and still use the latest >> > packages? The ABI is consistent between STABLE and RELEASE, right? >> >> Yes, there is a problem. See my posting here: >> >> http://lists.freebsd.org/pipermail/freebsd-questions/2008-June/177553.html >> >> Unfortunatelly, I have not got an answer, but it is obvious packages >> using this new symbol must fail: > > I recently discovered this through a blunder of my own. I accidently > "updated" a 7-STABLE machine to 7-RELEASE, and discovered, among some > other problems, that sudo failed with the same error you report. > > (I've now put a link to USE-THIS-SUPFiLE to stable-supfile in /usr/ > local/etc/cvsup to avoid the blunder in the future.) > > -j > > -- > Jeffrey Goldberg http://www.goldmark.org/jeff/ > > > > ------------------------------ > > Message: 5 > Date: Mon, 28 Jul 2008 09:30:11 -0700 > From: "Steve Franks" > Subject: Re: new vanilla system fails to install many packages/ports > To: "Kevin Kinsey" > Cc: FreeBSD Mailing List > Message-ID: > <539c60b90807280930tc9f5bdbqadc9c79362e1a39a@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > On Fri, Jul 25, 2008 at 1:24 PM, Kevin Kinsey wrote: >> Steve Franks wrote: >>> >>> On Thu, Jul 24, 2008 at 4:56 PM, Kevin Kinsey wrote: >>>> >>>> Steve Franks wrote: >>>>> >>>>> I must be missing something obvious. About 25% of my dependencies >>>>> fail to install with errors like: >>>>> >>>>> "install-info: /usr/local/info/dir: empty file" >>>>> "pkg-add: command 'install-info --quiet /blah.info' failed" >>>>> >>>>> system is 7.0/i386 >>>>> >>>>> Steve >>>> >>>> "info" is GNU-related. Any reason that GNU-stuff, esp. >>>> "info", wouldn't have been installed/built thus far? >>>> (I dunno, but, maybe a csup with the GNU stuff rejected >>>> or commented out ...) >>>> >>> >>> All I did was a "developer" (not x developer) sysinstall off 7.0 disk >>> 1. No tweaking, hacking, or extra packages until I got a clean boot >>> onto the new disk. I'm somewhere between user and power user. I have >>> 5 running freebsd systems under my belt, and was going to do my laptop >>> (I've given up on it several times already - bloody compaq). >>> >>>> And anything these ports have in common (assuming they're >>>> all GNU for starters). They aren't Linuxolator stuff? >>>> >>> >>> Seems to me, they all use gnuinfo instead of manpages? I don't even >>> know what gnuinfo is, nor linuxulator. >>> >> >> Right, GNU programs may have manpages, but they also have >> "info" pages which were developed by GNU as a replacement >> for the UNIX manual (I'm assuming based on past reading ... >> memory ain't all it used to be). >> >> "Linuxulator" or however it's spelled is just a colloquialism >> for the FreeBSD linux emulation. >> >> I've got few guesses for ya. "Developer" package has documentation, >> correct? Or not? >> >> What's "ls -ld /usr/local/info" give? >> >>> (!) Bison won't even install (makes fine, but install fails), and >>> that's pretty darn basic, no? >>> >>> Steve >> >> Yup, 'tis. Tho' I figure someday BSD'ers would like to have >> their own implementation. Again, just a guess. >> >> KDK >> -- >> When all else fails, EAT!!! >> > > Well, > > No idea what the problem was, but portupgrade -aO ... > seems to have made it go away. > > Steve > > > ------------------------------ > > Message: 6 > Date: Mon, 28 Jul 2008 09:35:17 -0700 > From: "Steve Franks" > Subject: 'stray irq7's cause hang? > To: "FreeBSD Mailing List" > Message-ID: > <539c60b90807280935i50041623pe54b6ad65d5b89b8@mail.gmail.com> > Content-Type: text/plain; charset=ISO-8859-1 > > I've got a new system that hangs after about 2 hours - no > ctrl-alt-esc, not ctrl-alt-Fn, no ctrl-alt-delete. > > I tried hints.0.apic.disabled="YES" (that's apic, not acpi) (or > whatever the correct syntax from the handbook is), but I still get the > hang, and the stray irq 7's. As far as I can see, there's no other > dmesg output related. > > Ideas? > > Steve > > > ------------------------------ > > Message: 7 > Date: Mon, 28 Jul 2008 17:23:04 +0100 > From: Chris Hastie > Subject: Cleaning data off a remote machine > To: freebsd-questions@freebsd.org > Message-ID: <20080728172304.dk4itqk4aooc80wg@imp.oak-wood.co.uk> > Content-Type: text/plain; charset=ISO-8859-1 > > I'm about to give up a FreeBSD dedicated server and would like to make > sure I > don't inadvertantly leave any bits of sensitive data on it. What is the > best > way to remove all data from the hard drive? I have no problem if this > removes > the OS along the way, but ideally I would like to be able to do what ever > I do > from an SSH session. If there's no alternative I can arange KVMoIP console > access. > > Thanks > > -- > Chris Hastie > > > ------------------------------ > > Message: 8 > Date: Mon, 28 Jul 2008 19:10:53 +0200 > From: bsd > Subject: amavisd-new needs lib32 on amd64 ? > To: Liste FreeBSD > Message-ID: > Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; > delsp=yes > > Hello folks, > > > I am trying to install amavisd-new for filtering purposes on an amd64 > install. > > It complains at compile startup not to be able to install it > > >> ===> amavisd-new-2.6.1,1 requires 32-bit libraries installed under / >> usr/lib32. >> *** Error code 1 >> >> Stop in /usr/ports/security/amavisd-new. >> *** Error code 1 >> >> Stop in /usr/ports/security/amavisd-new. > > > > I don't know how to install such library. > > What should I do ? > > > > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > Gregober ---> PGP ID --> 0x1BA3C2FD > bsd @at@ todoo.biz > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > > P "Please consider your environmental responsibility before printing > this e-mail" > > > > > ------------------------------ > > Message: 9 > Date: Mon, 28 Jul 2008 12:12:25 -0500 > From: "Andrew L. Gould" > Subject: Re: Cleaning data off a remote machine > To: Chris Hastie > Cc: "freebsd-questions@freebsd.org" > Message-ID: > Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes > > On Jul 28, 2008, at 11:23, Chris Hastie wrote: > >> I'm about to give up a FreeBSD dedicated server and would like to >> make sure I >> don't inadvertantly leave any bits of sensitive data on it. What is >> the best >> way to remove all data from the hard drive? I have no problem if >> this removes >> the OS along the way, but ideally I would like to be able to do what >> ever I do >> from an SSH session. If there's no alternative I can arange KVMoIP >> console >> access. >> >> Thanks >> >> -- >> Chris Hastie > > Is there anyone onsite that you could trust to run DBAN (Derik's Boot > And Nuke)? > > Andrew > > > ------------------------------ > > Message: 10 > Date: Mon, 28 Jul 2008 18:14:45 +0100 > From: Matthew Seaman > Subject: Re: No controller detected when boot FreeBSD 7.0 > To: vardyh > Cc: FreeBSD-questions@freebsd.org > Message-ID: <488DFE85.4030504@infracaninophile.co.uk> > Content-Type: text/plain; charset="iso-8859-1" > > vardyh wrote: >> Hi all. >> I'm a newbie to FreeBSD. I added >> 'console="comconsole"' >> to /boot/loader.conf and I got >> 'hptrr: no controller detected.' >> on the next boot. I didn't change anything else except for the >> 'console=xxx'. >> And I had had no problem before that. Could anyone tell me why? >> I will very appreciate for your help :> > > This is just the driver for the HighPoint Rocket Raid controller being > a bit too verbose. It's detected that you don't have anything compatible > with hptrr(4) and (unlike the usual behaviour of most Raid Controller > drivers (or drivers for any sort of hardware really)) it considers this > fact to be of such vital importance that it really had to print out > something on the console. Needless to say such behaviour has already been > quashed in 7-STABLE and will not appear in 7.1-RELEASE. > > In other words, it's harmless and you can just ignore it. > > I suspect that this output wasn't actually triggered by your changing > the console setting -- there's no conceivable way changing one should > affect the other -- but that changing the way the boot messages are > displayed has managed to draw your attention to it. You probably had it > before but never noticed. > > Cheers, > > Matthew > > -- > Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard > Flat 3 > PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate > Kent, CT11 9PW > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 258 bytes > Desc: OpenPGP digital signature > Url : > http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/6bd93bb6/signature-0001.pgp > > ------------------------------ > > Message: 11 > Date: Mon, 28 Jul 2008 19:15:58 +0200 > From: bsd > Subject: Re: Deinstalling X and all dependencies[SOLVED] > To: Liste FreeBSD > Message-ID: <91610C8C-EAC6-49C0-9CAB-D5836592A08E@todoo.biz> > Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; > delsp=yes > > I have opted for the: > > pkg_delete -a > > Which has done a great job cleaning everything. > Only had to "make clean" in one of the port directory to properly > recompile all needed apps. > > As I had configured root to use /usr/local/bin/bash had to take care > to change that with vipw before doing the uninstall / reinstall. > > > Took me half a day for three servers. But at least I have a very clean > install with 30 ports instead of 250 !! > > > Thanks everybody for your wise answers. > > > Le 27 juil. 08 à 15:17, andrew clarke a écrit : > >> On Sun 2008-07-27 12:52:56 UTC+0200, bsd (bsd@todoo.biz) wrote: >> >>> I have just received a new system that's planned to be a large >>> scale DNS >>> server. >>> I have asked the guy who has setup the hardware not to install X? >>> >>> This has been useless!! >>> >>> I am now ending up with 250 apps in the port tree!! >> >> He probably just went with the defaults. >> >>> Is there a good way to get rid of all these useless apps without >>> breaking the system? >>> What would you suggest? >>> >>> Like removing X and It's dependencies? >>> >>> >>> I can also remove all apps in the port tree and recompile only the >>> one >>> needed? >>> >>> What's best what do you suggest. >> >> FreeBSD provides a "base system" with software such as a SSH daemon, >> Sendmail, BIND, etc. You can uninstall all the packages on your >> system, but the FreeBSD base system will still remain. This allows >> FreeBSD to boot normally without any packages installed. >> >> I recommend you uninstall all packages (with 'pkg_delete -a', or >> 'pkg_delete -av' if you want to watch all the files being deleted), >> then install only what you need from the Ports tree. >> >> Your DNS server should probably not require any packages to be >> installed, as DNS server software (BIND) is provided with the FreeBSD >> base system. But that really depends what your requirements are. >> >> Regards >> Andrew > > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > Gregober ---> PGP ID --> 0x1BA3C2FD > bsd @at@ todoo.biz > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > > P "Please consider your environmental responsibility before printing > this e-mail" > > > > > ------------------------------ > > Message: 12 > Date: Mon, 28 Jul 2008 19:29:09 +0200 (CEST) > From: Wojciech Puchar > Subject: Re: Cleaning data off a remote machine > To: Chris Hastie > Cc: freebsd-questions@freebsd.org > Message-ID: <20080728192801.X44373@wojtek.tensor.gdynia.pl> > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > >> don't inadvertantly leave any bits of sensitive data on it. What is the >> best >> way to remove all data from the hard drive? I have no problem if this >> removes >> the OS along the way, but ideally I would like to be able to do what ever >> I do >> from an SSH session. If there's no alternative I can arange KVMoIP >> console >> access. > remove all your files, then > > > cat /dev/zero >file > > on every partition > > > > > ------------------------------ > > Message: 13 > Date: Mon, 28 Jul 2008 19:37:24 +0200 > From: Roland Smith > Subject: Re: Cleaning data off a remote machine > To: Chris Hastie > Cc: freebsd-questions@freebsd.org > Message-ID: <20080728173724.GA19106@slackbox.xs4all.nl> > Content-Type: text/plain; charset="us-ascii" > > On Mon, Jul 28, 2008 at 05:23:04PM +0100, Chris Hastie wrote: >> I'm about to give up a FreeBSD dedicated server and would like to make >> sure I >> don't inadvertantly leave any bits of sensitive data on it. What is the >> best >> way to remove all data from the hard drive? > > Remove the harddive and move a seriously strong magnet over it. This > will render the drive unreadable and useless, since it will also destroy > the servo control data used for locating the tracks. > >> I have no problem if this removes the OS along the way, but ideally I >> would like to be able to do what ever I do from an SSH session. > > The security/wipe port comes to mind. > > Roland > -- > R.F.Smith http://www.xs4all.nl/~rsmith/ > [plain text _non-HTML_ PGP/GnuPG encrypted/signed email much appreciated] > pgp: 1A2B 477F 9970 BA3C 2914 B7CE 1277 EFB0 C321 A725 (KeyID: C321A725) > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: not available > Type: application/pgp-signature > Size: 195 bytes > Desc: not available > Url : > http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/5a050cd3/attachment-0001.pgp > > ------------------------------ > > Message: 14 > Date: Mon, 28 Jul 2008 13:45:02 -0400 > From: "Jean-Paul Natola" > Subject: OT: Custmoize VNC > To: "FreeBSD Questions" > Message-ID: <3A85D7EF44E1C744BF6434691F5659E9703639@www.fcimail.org> > Content-Type: text/plain; charset="us-ascii" > > I know there are two apps (open source) that will allow you to customize > vnc > but I just cant remember, in essence I want the remote users (outside the > lan) to be able to download the file click run and it will automatically, > upon launch connect to the viewer here at HQ (ip add encryption port # > etc..) > > I was looking at this a few weeks ago and like a fool I didn't bookmark > the > page, any help would be appreciated > > > TIA > JP > > > ------------------------------ > > Message: 15 > Date: Mon, 28 Jul 2008 22:35:27 +0530 > From: "N. Raghavendra" > Subject: LispWorks Personal on FreeBSD 7 > To: FreeBSD Users Questions > Message-ID: <86fxpuym5k.fsf@riemann.mri.ernet.in> > Content-Type: text/plain; charset=us-ascii > > Recently I had some difficulty in installing the Common Lisp > implementation LispWorks Personal 5.1 on FreeBSD 7, and am posting my > experience here. It may be useful to others, if any, interested in > running this CL implementation on FreeBSD 7. The problem was due to > the fact that LW depends on several libraries from FreeBSD 5 and 6. > Following suggestions on the LW mailing list, the right installation > sequence seems to be: > > 1. Ensure that the kernel options `COMPAT_FREEBSD5' and > `COMPAT_FREEBSD6' are on. > > 2. Install the ports `misc/compat5x' and `misc/compat6x'. > > 3. Install the package `compatXm-6.3_1.tgz'. > > 4. Install the package `lispworks-personal-5.1.tgz'. > > The packages in 3 and 4 are available from the LispWorks FTP server. > There's more information in the LW Knowledge Base article at > http://www.lispworks.com/kb/67634814074628b180257490005cb9d3.html and > in the LW mailing list thread > http://thread.gmane.org/gmane.lisp.lispworks.general/8422 which also > describes some minor tweaking of LD_LIBRARY_PATH that was needed. > > Raghavendra. > > -- > N. Raghavendra | http://www.retrotexts.net/ > Harish-Chandra Research Institute | http://www.mri.ernet.in/ > See message headers for contact and OpenPGP information. > > > > ------------------------------ > > Message: 16 > Date: Mon, 28 Jul 2008 13:51:04 -0400 > From: kalin m > Subject: pci compliance > To: freebsd-questions@freebsd.org > Message-ID: <488E0708.2060207@godfur.com> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > hi all... > > i'm about to submit a freebsd system to be scanned for pci compliance... > > is there any particular gotchas with bsd systems that can be detected at > the time of pci compliance scanning? > i know they use something like nmap if not nmap itself and i did myself > on that machine and didn't find anything interesting. > but one of the consultants that was 'advising' the company i work for > said "we use similar (as in nmap) approach but it's (much) more > intrusive". anybody knows what does that mean? > > thanks... > > > > > ------------------------------ > > Message: 17 > Date: Mon, 28 Jul 2008 20:01:14 +0200 > From: bsd > Subject: Re: amavisd-new needs lib32 on amd64 ? > To: Liste FreeBSD > Message-ID: > Content-Type: text/plain; charset=WINDOWS-1252; format=flowed; > delsp=yes > > Ok, > > After digging a little bit more into the code, It seems that It was > due to rar decompile which is a 32bit ports; > > I uncommented the rar options for this port and It went ok. > > I would still be interested in a more detailed answer to my own > question regarding 32/64 bit compatibility. > > > Sincerly yours. > > G.B. > > > Le 28 juil. 08 à 19:10, bsd a écrit : > >> Hello folks, >> >> >> I am trying to install amavisd-new for filtering purposes on an >> amd64 install. >> >> It complains at compile startup not to be able to install it >> >> >>> ===> amavisd-new-2.6.1,1 requires 32-bit libraries installed >>> under /usr/lib32. >>> *** Error code 1 >>> >>> Stop in /usr/ports/security/amavisd-new. >>> *** Error code 1 >>> >>> Stop in /usr/ports/security/amavisd-new. >> >> >> >> I don't know how to install such library. >> >> What should I do ? >> >> >> >> ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ >> Gregober ---> PGP ID --> 0x1BA3C2FD >> bsd @at@ todoo.biz >> ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ >> >> P "Please consider your environmental responsibility before printing >> this e-mail" >> >> >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org >> " > > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > Gregober ---> PGP ID --> 0x1BA3C2FD > bsd @at@ todoo.biz > ŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻŻ > > P "Please consider your environmental responsibility before printing > this e-mail" > > > > > ------------------------------ > > Message: 18 > Date: Mon, 28 Jul 2008 20:02:40 +0200 > From: "Ross Cameron" > Subject: Re: pci compliance > To: "kalin m" > Cc: freebsd-questions@freebsd.org > Message-ID: > <35f70db10807281102q5a0b73c3h554338292e3b751a@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > On Mon, Jul 28, 2008 at 7:51 PM, kalin m wrote: > >> hi all... >> >> i'm about to submit a freebsd system to be scanned for pci compliance... >> >> is there any particular gotchas with bsd systems that can be detected at >> the time of pci compliance scanning? >> i know they use something like nmap if not nmap itself and i did myself >> on >> that machine and didn't find anything interesting. >> but one of the consultants that was 'advising' the company i work for >> said >> "we use similar (as in nmap) approach but it's (much) more intrusive". >> anybody knows what does that mean? >> >> thanks... > > > The PCI auditing process is a full penetration test. > It's very thorough and not at all easy to pass. > > Get hold of a copy of "The penetration tester's handbook" and make sure u > pass all the tests in the book and u should be ok > > > ------------------------------ > > Message: 19 > Date: Mon, 28 Jul 2008 14:24:56 -0400 > From: kalin m > Subject: Re: pci compliance > To: ross.cameron@linuxpro.co.za > Cc: freebsd-questions@freebsd.org > Message-ID: <488E0EF8.4030305@godfur.com> > Content-Type: text/plain; charset=UTF-8; format=flowed > > cool. thanks. i couldn't find anything on google under that name but > i've been looking and reading on a lot of documentation on line and print. > so i was just asking if there are any things that pertain in particular > to the freebsd os that need to be addressed before the scanning. > > how full of a penetration can you have if (almost) all incoming ports > are blocked? > > thanks.... > > > > Ross Cameron wrote: >> On Mon, Jul 28, 2008 at 7:51 PM, kalin m wrote: >> >> >>> hi all... >>> >>> i'm about to submit a freebsd system to be scanned for pci compliance... >>> >>> is there any particular gotchas with bsd systems that can be detected at >>> the time of pci compliance scanning? >>> i know they use something like nmap if not nmap itself and i did myself >>> on >>> that machine and didn't find anything interesting. >>> but one of the consultants that was 'advising' the company i work for >>> said >>> "we use similar (as in nmap) approach but it's (much) more intrusive". >>> anybody knows what does that mean? >>> >>> thanks... >>> >> >> >> The PCI auditing process is a full penetration test. >> It's very thorough and not at all easy to pass. >> >> Get hold of a copy of "The penetration tester's handbook" and make sure u >> pass all the tests in the book and u should be ok >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "freebsd-questions-unsubscribe@freebsd.org" >> > > > ------------------------------ > > Message: 20 > Date: Mon, 28 Jul 2008 14:22:46 -0400 > From: "Bob McConnell" > Subject: RE: pci compliance > To: > Message-ID: > Content-Type: text/plain; charset="us-ascii" > > On Behalf Of Ross Cameron >> On Mon, Jul 28, 2008 at 7:51 PM, kalin m wrote: >>> >>> i'm about to submit a freebsd system to be scanned for pci > compliance... >>> >>> is there any particular gotchas with bsd systems that can be detected > at >>> the time of pci compliance scanning? >>> i know they use something like nmap if not nmap itself and i did > myself on >>> that machine and didn't find anything interesting. >>> but one of the consultants that was 'advising' the company i work for > said >>> "we use similar (as in nmap) approach but it's (much) more > intrusive". >>> anybody knows what does that mean? >> >> The PCI auditing process is a full penetration test. >> It's very thorough and not at all easy to pass. >> >> Get hold of a copy of "The penetration tester's handbook" and make > sure u >> pass all the tests in the book and u should be ok > > How intense depends on which PCI level you are aiming for and which > services you will have running on that server. We have completed level 3 > for our hosted web servers and firewalls, and are shooting for level 1 > by the end of the calendar year. However, I am not yet involved in any > of those projects. > > Bob McConnell > > > ------------------------------ > > Message: 21 > Date: Mon, 28 Jul 2008 18:15:49 +0000 (UTC) > From: Juan Carlos Villalobos > Subject: Component-based Operating System. > To: freebsd-questions@FreeBSD.org > Message-ID: > Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed > > > Hello, > > I am writing a paper on Component-based Operating Systems. I just wanted > to know if FreeBSD is an Operating System engineered based on Components. > > I appreciate your input on this. > > Thanks > > > irobot@sdf.lonestar.org > SDF Public Access UNIX System - http://sdf.lonestar.org > > > ------------------------------ > > Message: 22 > Date: Mon, 28 Jul 2008 20:57:37 +0200 > From: Ivan Voras > Subject: Re: Component-based Operating System. > To: freebsd-questions@freebsd.org > Message-ID: > Content-Type: text/plain; charset="utf-8" > > Juan Carlos Villalobos wrote: >> >> Hello, >> >> I am writing a paper on Component-based Operating Systems. I just wanted >> to know if FreeBSD is an Operating System engineered based on Components. >> >> I appreciate your input on this. > > "Components" is a wide, wide term. Since FreeBSD as an operating system > consists of separate libraries, headers, executables, and both the > kernel and the userland have subsystems that are more-or-less autonomic > and independent, you could say it's componentized. You need to be more > specific to get a more specific answer. > > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 250 bytes > Desc: OpenPGP digital signature > Url : > http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20080728/a1b4331f/signature-0001.pgp > > ------------------------------ > > Message: 23 > Date: Mon, 28 Jul 2008 20:58:07 +0200 > From: "Ross Cameron" > Subject: Re: pci compliance > To: "kalin m" > Cc: freebsd-questions@freebsd.org > Message-ID: > <35f70db10807281158m1fa96b39o3d56f19b772ee6fa@mail.gmail.com> > Content-Type: text/plain; charset=UTF-8 > > On Mon, Jul 28, 2008 at 8:24 PM, kalin m wrote: > >> cool. thanks. i couldn't find anything on google under that name but >> i've >> been looking and reading on a lot of documentation on line and print. >> so i was just asking if there are any things that pertain in particular >> to >> the freebsd os that need to be addressed before the scanning. >> >> how full of a penetration can you have if (almost) all incoming ports are >> blocked? >> >> thanks.... >> > > Depends on the PCI level you are being audited for. > > But there are any number of attacks you can throw at a box thats fully > closed up, and the aim is not to get it but rather to chew up all the ram > and cpu and kill the box off. > > I suggest you read the PCI compliance document for the relevant level and > make sure you test the system to comply with the documented requirements. > > > ------------------------------ > > Message: 24 > Date: Mon, 28 Jul 2008 21:50:19 +0200 > From: Kris Kennaway > Subject: Re: 'stray irq7's cause hang? > To: stevefranks@ieee.org > Cc: FreeBSD Mailing List > Message-ID: <488E22FB.60203@FreeBSD.org> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Steve Franks wrote: >> I've got a new system that hangs after about 2 hours - no >> ctrl-alt-esc, not ctrl-alt-Fn, no ctrl-alt-delete. >> >> I tried hints.0.apic.disabled="YES" (that's apic, not acpi) (or >> whatever the correct syntax from the handbook is), but I still get the >> hang, and the stray irq 7's. As far as I can see, there's no other >> dmesg output related. > > The stray interrupts may be a red herring. "Stray" means that no driver > is handling them, and so there is no driver to screw up :) > > I see straq irq 7's on a HP proliant blade system, and also the hard > hangs (it doesn't even reply to a NMI; this means it is almost certainly > a hardware error). However I am now fairly certain the hangs are > associated to disk failure. Several of the blades that were hanging > went on to develop DMA errors from ATA, and after I validated the > remaining systems with smartctl and took offline yet more blades that > failed the self-tests, I have not had the problem recur. > > Kris > > > ------------------------------ > > Message: 25 > Date: Mon, 28 Jul 2008 16:08:51 -0400 > From: Greg Larkin > Subject: Re: OT: Custmoize VNC > To: Jean-Paul Natola > Cc: FreeBSD Questions > Message-ID: <488E2753.5020002@FreeBSD.org> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jean-Paul Natola wrote: > | I know there are two apps (open source) that will allow you to > customize vnc > | but I just cant remember, in essence I want the remote users (outside > the > | lan) to be able to download the file click run and it will > automatically, > | upon launch connect to the viewer here at HQ (ip add encryption port # > etc..) > | > | I was looking at this a few weeks ago and like a fool I didn't > bookmark the > | page, any help would be appreciated > | > | > | TIA > | JP > > Hi Jean-Paul, > > I Googled for "VNC connection manager" and this site was on the first > page: > > http://www.s-code.com/products/vncmanager/compare.aspx > > Is that something like what you're looking for? > > Best regards, > Greg > - -- > Greg Larkin > http://www.sourcehosting.net/ > http://www.FreeBSD.org/ - The Power To Serve > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.7 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFIjidT0sRouByUApARAiN/AKCBtdJajfcP+KiMfen69UK+pnMJkQCgxwSL > osLEeFxovY0w89v/KVWYB9o= > =EQ7G > -----END PGP SIGNATURE----- > > > > ------------------------------ > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "freebsd-questions-unsubscribe@freebsd.org" > > End of freebsd-questions Digest, Vol 226, Issue 3 > *************************************************