From owner-freebsd-isp Sun Nov 4 23:52:41 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id 807FD37B418 for ; Sun, 4 Nov 2001 23:52:37 -0800 (PST) Received: (qmail 91624 invoked from network); 5 Nov 2001 07:53:08 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 5 Nov 2001 07:53:08 -0000 Message-ID: <000701c165ce$d52e1540$0f00a8c0@alexus> From: "alexus" To: Subject: apache-1.3.22+mysql-4.0+php-4.0.6 Date: Mon, 5 Nov 2001 02:52:34 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org alexus# /usr/local/apache/bin/apachectl startssl Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: Cannot load /usr/local/apache/libexec/libphp4.so into server: /usr/local/apache/libexec/libphp4.so: Undefined symbol "mysql_module_entry" /usr/local/apache/bin/apachectl startssl: httpd could not be started alexus# ldconfig -r|grep mysql search directories: /usr/lib/compat:/usr/X11R6/lib:/usr/local/lib:/usr/local/lib/mysql 39:-lmysqlclient.11 => /usr/local/lib/mysql/libmysqlclient.so.11 alexus# any ideas why apache wouldn't start? thanks in advance To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 5 9:38:24 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.tcworks.net (mail.tcworks.net [216.61.218.4]) by hub.freebsd.org (Postfix) with ESMTP id EA88637B416 for ; Mon, 5 Nov 2001 09:38:19 -0800 (PST) Received: from tcworks.net (staind.tcworks.net [216.61.218.6]) by mail.tcworks.net (8.10.2/8.10.2) with ESMTP id fA5Hbqs53065; Mon, 5 Nov 2001 11:37:52 -0600 (CST) Message-ID: <3BE6CDE4.E7E15743@tcworks.net> Date: Mon, 05 Nov 2001 11:35:32 -0600 From: Chris Cook X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: alexus Cc: freebsd-isp@freebsd.org Subject: Re: apache-1.3.22+mysql-4.0+php-4.0.6 References: <000701c165ce$d52e1540$0f00a8c0@alexus> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Have you restarted the box? alexus wrote: > > alexus# /usr/local/apache/bin/apachectl startssl > Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: > Cannot load /usr/local/apache/libexec/libphp4.so into server: > /usr/local/apache/libexec/libphp4.so: Undefined symbol "mysql_module_entry" > /usr/local/apache/bin/apachectl startssl: httpd could not be started > alexus# ldconfig -r|grep mysql > search directories: > /usr/lib/compat:/usr/X11R6/lib:/usr/local/lib:/usr/local/lib/mysql > 39:-lmysqlclient.11 => /usr/local/lib/mysql/libmysqlclient.so.11 > alexus# > > any ideas why apache wouldn't start? > > thanks in advance To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 5 12: 9:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from stella.pyramus.com (stella.pyramus.com [206.129.206.3]) by hub.freebsd.org (Postfix) with ESMTP id 11E9B37B405 for ; Mon, 5 Nov 2001 12:09:15 -0800 (PST) Received: from pyramus.com (dark-star.pyramus.com [206.129.206.6]) by stella.pyramus.com (8.9.3/8.9.3) with ESMTP id MAA74809 for ; Mon, 5 Nov 2001 12:09:20 -0800 (PST) (envelope-from blake@pyramus.com) Message-ID: <3BE6F3E3.F1EDC8DB@pyramus.com> Date: Mon, 05 Nov 2001 12:17:39 -0800 From: Blake Swensen X-Mailer: Mozilla 4.74 [en]C-DIAL (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: MRTG returning zeros Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anyone have an idea as to why MRTG might be returning zeros under the following: FreeBSD 4.3-RELEASE mrtg-2.9.11 Ascend Pipeline 130 (software version 5.0A+) router The MRTG faq says that this might be because mrtg is getting no response from the router, however it can obtain other information from it (location, etc). Any ideas might be helpful. Peace, Blake To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Mon Nov 5 12:38:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from pintail.mail.pas.earthlink.net (pintail.mail.pas.earthlink.net [207.217.120.122]) by hub.freebsd.org (Postfix) with ESMTP id AD19137B416 for ; Mon, 5 Nov 2001 12:38:40 -0800 (PST) Received: from ihws.com ([63.218.21.114] helo=[192.168.0.102]) by pintail.mail.pas.earthlink.net with esmtp (Exim 3.33 #1) id 160qVz-0000xU-00; Mon, 05 Nov 2001 12:38:39 -0800 User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022 Date: Mon, 05 Nov 2001 15:38:06 -0500 Subject: Re: httpodbc.dll From: Frank Laszlo To: Jan Knepper , FreeBSD ISP Message-ID: In-Reply-To: <3BE1DB94.5060908@digitaldaemon.com> Mime-version: 1.0 Content-type: text/plain; charset="ISO-8859-1" Content-transfer-encoding: quoted-printable Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org on 11/1/01 6:32 PM, Jan Knepper used the force from jan@digitaldaemon.com: > Just found that httpodbc.dll is now being utilized, I guess by an other > IIS worm. > Any news on this I missed again? >=20 > I finally got my net-block-owner detection build into firebird. > http://www.digitaldaemon.com/FreeBSD/firebird/ >=20 > Jan >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message This is a new Strain of the Nimda worm, I believe its Nimda.E worm.. You ca= n find info on it here http://news.cnet.com/news/0-1003-200-7720534.html?tag=3Dnbs no real effect on Apache servers (as usual) Frank Laszlo, System's Engineer nez@freebsdmatrix.net /-------------------------------------------------------\ | =80 Microsoft: "Where would you like to go to today?" | | =80 Linux: "Where would you like to go tomorrow?" | | =80 FreeBSD: "Hey, when are you guys going to catch up?" | \_______________________________________________________/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 6 3:21:53 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mailout01.sul.t-online.de (mailout01.sul.t-online.com [194.25.134.80]) by hub.freebsd.org (Postfix) with ESMTP id 5D92F37B405 for ; Tue, 6 Nov 2001 03:21:48 -0800 (PST) Received: from fwd05.sul.t-online.de by mailout01.sul.t-online.de with smtp id 1614Id-0003JA-0C; Tue, 06 Nov 2001 12:21:47 +0100 Received: from venus (520001623117-0001@[217.229.74.1]) by fmrl05.sul.t-online.com with smtp id 1614IV-29vdr6C; Tue, 6 Nov 2001 12:21:39 +0100 Message-ID: <00f701c166b5$c6546d20$fe00fa0a@venus> From: "Sven Huster" To: Subject: restrict shell access Date: Tue, 6 Nov 2001 12:25:44 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 X-Sender: 520001623117-0001@t-dialin.net Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I want users to be able to login my www server using telnet or ssh (preferred), but need to restrict them to their home or some other dir + subdir, sounds like chroot ;-) what you think will be the best solution for that? has someone a setup like this running? I thought about jail but I can't/won't do this for 100+ logins. thanks best regards Sven Huster To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 6 7:13:58 2001 Delivered-To: freebsd-isp@freebsd.org Received: from sanyu1.sanyutel.com (sanyu1.sanyutel.com [216.250.215.14]) by hub.freebsd.org (Postfix) with ESMTP id 9114937B416 for ; Tue, 6 Nov 2001 07:12:52 -0800 (PST) Received: from localhost (ksemat@localhost) by sanyu1.sanyutel.com (8.11.3/) with ESMTP id fA6FF6M02955; Tue, 6 Nov 2001 18:15:09 +0300 X-Authentication-Warning: sanyu1.sanyutel.com: ksemat owned process doing -bs Date: Tue, 6 Nov 2001 18:15:06 +0300 (EAT) From: X-X-Sender: To: Sven Huster Cc: Subject: Re: restrict shell access In-Reply-To: <00f701c166b5$c6546d20$fe00fa0a@venus> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Simple chroot I use: mkdir /usr/rbin chmod 0755 /usr/rbin Put commands you would like users to be able to execute in /usr/rbin edit /etc/skel/.profile put an explicit path in there: PATH = /usr/rbin That way all new users will get this by default. Create a symbolic link /usr/bin/rbash to /usr/local/bin/bash use this as the login shell for these users. And also remember to chflags noschg /home/$user/.profile so that the user will not be bale to edit his .profile and change the oath settings or even be able to delete it. not perfect but it works for me. The restricted bash shell prevents users form being able to explicitly specify commands with a leading slash and lots of other things. And because they are restricted to a certain directory, they cannot specify another shell on the command line. Noah. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Tue Nov 6 7:21:48 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail.cableaz.com (mail.cableaz.com [63.241.154.20]) by hub.freebsd.org (Postfix) with ESMTP id D2D7737B416 for ; Tue, 6 Nov 2001 07:21:42 -0800 (PST) Received: from caz ([63.241.150.31]) by mail.cableaz.com (Build 101 8.9.3/NT-8.9.3) with SMTP id IAA14203; Tue, 06 Nov 2001 08:15:03 -0700 Message-ID: <002201c166d6$854f8460$0c0aa8c0@caz> From: "Jeremy Buckner" To: "Sven Huster" Cc: References: <00f701c166b5$c6546d20$fe00fa0a@venus> Subject: Re: restrict shell access Date: Tue, 6 Nov 2001 08:20:08 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org I have a similar setup here where I'm at but I only allow users to access my www server via ftp. Unless your users need to issue commands to the box, I think this is the safest. Anyway, I created a file called ftpchroot in /etc. I have assigned all these users to the "users" group. So in my file I add the following: @users Also because I don't let them invoke anything on the server itself, I set their shell to pine so if they do try to ssh, they only get to check mail that doesn't exist. That's it, and they can only go to their own dirs. Hope this helps some. Jeremy Buckner ----- Original Message ----- From: "Sven Huster" To: Sent: Tuesday, November 06, 2001 4:25 AM Subject: restrict shell access > Hi, > > I want users to be able to login my www server > using telnet or ssh (preferred), but need to restrict > them to their home or some other dir + subdir, > sounds like chroot ;-) > > what you think will be the best solution for that? > has someone a setup like this running? > > I thought about jail but I can't/won't do this for 100+ logins. > > thanks > best regards > > Sven Huster > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 7 4:20:45 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtpf.casema.net (smtpf.casema.net [195.96.96.173]) by hub.freebsd.org (Postfix) with SMTP id 183EF37B416 for ; Wed, 7 Nov 2001 04:20:37 -0800 (PST) Received: (qmail 24667 invoked by uid 0); 7 Nov 2001 12:20:33 -0000 Received: from unknown (HELO slash.diderius.nl) (212.64.78.201) by smtpf.casema.net with SMTP; 7 Nov 2001 12:20:33 -0000 Received: from silver.diderius.nl (silver.ftx.diderius.nl [172.19.3.10]) by slash.diderius.nl (Postfix) with ESMTP id 1692ED4 for ; Wed, 7 Nov 2001 13:20:32 +0100 (CET) Received: from 127.0.0.1 ([127.0.0.1]) by silver.diderius.nl with Microsoft SMTPSVC(5.0.2195.3779); Wed, 7 Nov 2001 13:19:17 +0100 Date: Wed, 7 Nov 2001 13:19:17 +0100 From: Walter Hop X-Mailer: The Bat! (v1.53d) Educational X-Priority: 3 (Normal) Message-ID: <11341310391.20011107131917@binity.com> To: "Sven Huster" Cc: freebsd-isp@freebsd.org Subject: Re: restrict shell access In-Reply-To: <00f701c166b5$c6546d20$fe00fa0a@venus> References: <00f701c166b5$c6546d20$fe00fa0a@venus> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 07 Nov 2001 12:19:17.0921 (UTC) FILETIME=[6C0DD910:01C16786] Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org [in reply to sven.huster@mailsurf.com, 06-11-2001] > need to restrict them to their home or some other dir + subdir, sounds > like chroot ;-) I am using chrsh for this and am very happy with it: http://www.aarongifford.com/computers/chrsh.html I have set up a chroot for shell users so they cannot fiddle around too easily. (It must be noted that users can do pretty much whatever they want using the mail- or webservers permissions; if you run these servers and let people use them, a chroot should only be seen as a small "threshold" that will keep people from inadvertently viewing other people's files) Some problems arise when users cannot get to common files; these can be solved with using TCP/IP alternatives. For instance, users have to manage their mail through imap/smtp instead of just opening their mail spools and calling sendmail. If you place people in a chroot, you need to copy certain libraries into the chroot environment to make life easy for them. If you want to know, I can dig up a list with bins, devs and libs that I found useful to give to chrooted users so they can make proper use of the most needed utilities, without actually giving them too much power. Some tools like screen(1) have a habit of emitting strange error messages when devices or libraries are not present. -- Walter Hop Updated contact information: http://www.binity.com/~walter/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 7 5:24:47 2001 Delivered-To: freebsd-isp@freebsd.org Received: from psknet.com (voyager.psknet.com [63.171.251.15]) by hub.freebsd.org (Postfix) with SMTP id B641437B418 for ; Wed, 7 Nov 2001 05:24:41 -0800 (PST) Received: (qmail 64727 invoked by uid 85); 7 Nov 2001 13:24:03 -0000 Received: from troy@psknet.com by voyager.psknet.com with qmail-scanner-0.95 (uvscan: v4.1.20/v4143. . Clean. Processed in 0.216894 secs); 07 Nov 2001 13:24:03 -0000 Received: from abyss.dashit.net (HELO abyss) (63.171.251.250) by voyager.psknet.com with SMTP; 7 Nov 2001 13:24:03 -0000 From: "Troy Settle" To: "Blake Swensen" , Subject: RE: MRTG returning zeros Date: Wed, 7 Nov 2001 08:24:40 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal In-Reply-To: <3BE6F3E3.F1EDC8DB@pyramus.com> Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org If you set MRTG up to monitor a WAN interface on the pipeline, give it up now. If the WAN connection goes down, the pipeline will use a new WAN IF when it comes back up. The best you can do, is monitor interface 1 or 2 (I forget which is the ethernet), which won't ever change. G'luck, -- Troy Settle Pulaski Networks 540.994.4254 - 866.477.5638 http://www.psknet.com ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Blake Swensen ** Sent: Monday, November 05, 2001 3:18 PM ** To: freebsd-isp@freebsd.org ** Subject: MRTG returning zeros ** ** ** Anyone have an idea as to why MRTG might be returning zeros under the ** following: ** ** FreeBSD 4.3-RELEASE ** mrtg-2.9.11 ** Ascend Pipeline 130 (software version 5.0A+) router ** ** The MRTG faq says that this might be because mrtg is getting no response ** from the router, however it can obtain other information from it ** (location, etc). ** ** Any ideas might be helpful. ** ** Peace, ** Blake ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 7 5:59: 6 2001 Delivered-To: freebsd-isp@freebsd.org Received: from taka.swcp.com (taka.swcp.com [198.59.115.12]) by hub.freebsd.org (Postfix) with ESMTP id 2ABFB37B419 for ; Wed, 7 Nov 2001 05:59:01 -0800 (PST) Received: from inago.swcp.com (inago.swcp.com [198.59.115.17]) by taka.swcp.com (8.10.0.Beta12/8.10.0.Beta12) with ESMTP id fA7E18h98670; Wed, 7 Nov 2001 07:01:08 -0700 (MST) Received: from localhost (deichert@localhost) by inago.swcp.com (8.8.7/8.8.7) with ESMTP id GAA09528; Wed, 7 Nov 2001 06:59:00 -0700 (MST) X-Authentication-Warning: inago.swcp.com: deichert owned process doing -bs Date: Wed, 7 Nov 2001 06:58:59 -0700 (MST) From: Diana Eichert X-Sender: deichert@inago.swcp.com To: Troy Settle Cc: Blake Swensen , freebsd-isp@FreeBSD.ORG Subject: RE: MRTG returning zeros In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Or write the filenames out with interface names instead of IfIindex values, then run a crontab script periodically that updates your MRTG configs to match the current data. We had to do that in order to deal with the vagaries of IfIndexes on Cisco Catalyst switches. diana On Wed, 7 Nov 2001, Troy Settle wrote: > > If you set MRTG up to monitor a WAN interface on the pipeline, give it up > now. If the WAN connection goes down, the pipeline will use a new WAN IF > when it comes back up. > > The best you can do, is monitor interface 1 or 2 (I forget which is the > ethernet), which won't ever change. > > G'luck, To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Wed Nov 7 6:27: 1 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtp.kka.com (smtp.kka.com [63.141.65.2]) by hub.freebsd.org (Postfix) with ESMTP id 87E8F37B417 for ; Wed, 7 Nov 2001 06:26:55 -0800 (PST) Subject: RE: MRTG returning zeros To: "Troy Settle" Cc: blake@pyramus.com, freebsd-isp@freebsd.org X-Mailer: Lotus Notes Release 5.0.2a (Intl) 23 November 1999 Message-ID: From: Eric_Stanfield@kenokozie.com Date: Wed, 7 Nov 2001 08:24:15 -0600 X-MIMETrack: Serialize by Router on Notes1st/Keno(Release 5.0.4 |June 8, 2000) at 11/07/2001 08:24:17 AM MIME-Version: 1.0 Content-type: text/plain; charset=us-ascii Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org None of the below is correct. They fixed the problem of Ascend Pipeline (and other vendors) using wandering wan interfaces in a release of mrtg quite some time ago (close to two years). If you go to mrtg's site you can find all the answers to your problem (as opposed to a freebsd list), but I've also included an example from a config file below. This is representative of config files I have monitoring over a hundred p130's, p50's, etc, etc. The %23 is what tells mrtg to walk the ascend's interface list until it finds the wan interface. Reboot your router all you want, it finds it every time. #--------------------------------------------------------------- Target[imaginary-gw]: %23:public@10.10.10.10 MaxBytes[imaginary-gw]: 7000 Title[imaginary-gw]: Imaginary Corp. PageTop[imaginary-gw]:

Imaginary's 56k Line

System:gw.imaginary.com
Description:DS0 to Oz
Max Speed:7168.0 Bytes/s
#--------------------------------------------------------------- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Eric Stanfield, K2Access Keno Kozie Associates 222 N LaSalle #1500 Chicago, IL 60606 (312) 332-3000 "Troy Settle" To: "Blake Swensen" , Sent by: cc: owner-freebsd-isp@F Subject: RE: MRTG returning zeros reeBSD.ORG 11/07/2001 07:24 AM If you set MRTG up to monitor a WAN interface on the pipeline, give it up now. If the WAN connection goes down, the pipeline will use a new WAN IF when it comes back up. The best you can do, is monitor interface 1 or 2 (I forget which is the ethernet), which won't ever change. G'luck, -- Troy Settle Pulaski Networks 540.994.4254 - 866.477.5638 http://www.psknet.com ** -----Original Message----- ** From: owner-freebsd-isp@FreeBSD.ORG ** [mailto:owner-freebsd-isp@FreeBSD.ORG]On Behalf Of Blake Swensen ** Sent: Monday, November 05, 2001 3:18 PM ** To: freebsd-isp@freebsd.org ** Subject: MRTG returning zeros ** ** ** Anyone have an idea as to why MRTG might be returning zeros under the ** following: ** ** FreeBSD 4.3-RELEASE ** mrtg-2.9.11 ** Ascend Pipeline 130 (software version 5.0A+) router ** ** The MRTG faq says that this might be because mrtg is getting no response ** from the router, however it can obtain other information from it ** (location, etc). ** ** Any ideas might be helpful. ** ** Peace, ** Blake ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org ** with "unsubscribe freebsd-isp" in the body of the message ** ** To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Thu Nov 8 11:56:13 2001 Delivered-To: freebsd-isp@freebsd.org Received: from db.nexgen.com (db.nexgen.com [66.92.98.149]) by hub.freebsd.org (Postfix) with SMTP id EC69A37B416 for ; Thu, 8 Nov 2001 11:56:07 -0800 (PST) Received: (qmail 40842 invoked from network); 8 Nov 2001 19:56:54 -0000 Received: from localhost.nexgen.com (HELO alexus) (root@127.0.0.1) by localhost.nexgen.com with SMTP; 8 Nov 2001 19:56:54 -0000 Message-ID: <001801c1688f$6411e170$0d00a8c0@alexus> From: "alexus" To: "Chris Cook" Cc: References: <000701c165ce$d52e1540$0f00a8c0@alexus> <3BE6CDE4.E7E15743@tcworks.net> Subject: Re: apache-1.3.22+mysql-4.0+php-4.0.6 Date: Thu, 8 Nov 2001 14:56:00 -0500 Organization: NexGen MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org um.. no what do i need to restart my box for? ----- Original Message ----- From: "Chris Cook" To: "alexus" Cc: Sent: Monday, November 05, 2001 12:35 PM Subject: Re: apache-1.3.22+mysql-4.0+php-4.0.6 > Have you restarted the box? > > > alexus wrote: > > > > alexus# /usr/local/apache/bin/apachectl startssl > > Syntax error on line 207 of /usr/local/apache/conf/httpd.conf: > > Cannot load /usr/local/apache/libexec/libphp4.so into server: > > /usr/local/apache/libexec/libphp4.so: Undefined symbol "mysql_module_entry" > > /usr/local/apache/bin/apachectl startssl: httpd could not be started > > alexus# ldconfig -r|grep mysql > > search directories: > > /usr/lib/compat:/usr/X11R6/lib:/usr/local/lib:/usr/local/lib/mysql > > 39:-lmysqlclient.11 => /usr/local/lib/mysql/libmysqlclient.so.11 > > alexus# > > > > any ideas why apache wouldn't start? > > > > thanks in advance > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 9 8:19:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from smtp1.amigo.net (smtp1.amigo.net [209.94.64.30]) by hub.freebsd.org (Postfix) with ESMTP id 5D3C937B429 for ; Fri, 9 Nov 2001 08:19:13 -0800 (PST) Received: from there (billing.amigo.net [209.94.67.250]) by smtp1.amigo.net (8.11.4/8.11.4) with SMTP id fA9GMr114063 for ; Fri, 9 Nov 2001 09:22:53 -0700 (MST) (envelope-from randys@amigo.net) Message-Id: <200111091622.fA9GMr114063@smtp1.amigo.net> Content-Type: text/plain; charset="iso-8859-1" From: Randy Smith Organization: Amigo.Net To: freebsd-isp@freebsd.org Subject: Router questions Date: Fri, 9 Nov 2001 09:20:12 -0700 X-Mailer: KMail [version 1.3.1] MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi all, I have a couple of FreeBSD router questions. 1) Is there a utility that configures routed and ipfw using Cisco's command set? I couldn't find one in the ports collection so I thought I'd ask here. 2) I have a FreeBSD 4.4-R machine that want to configure as a router to do traffic shaping and transparent proxy. I think I have the router setup as per the documentation but I cannot ping across the box. Here's my setup: {net} <---> [gw1] <---> [fbsd] <---> [gw2] <---> {Lan} * gw1 has address 192.168.69.49/255.255.255.252 * fbsd has addresses fxp0=192.168.69.50/255.255.255.252 and fxp1=192.168.69.53/255.255.255.252 * gw2 has address 192.168.69.54/255.255.255.252 (The gw* devices have other addresses on other interfaces that are on other networks that do not enter into this discussion.) fbsd can ping gw1 and out to the net and gw2 and into the lan. The problem is that gw2 can't ping gw1 and vis versa but the can each ping the fbsd interface on their network. i.e. gw2 can ping fbsd:fxp1 and gw1 can ping fbsd:fxp0. In /etc/rc.conf I have: gateway_enable="YES" router_enable="YES" firewall_enable="YES" firewall_type="OPEN" # For testing defaultrouter="192.168.69.49" ifconfig_fxp0="inet 192.168.1.50 netmask 255.255.255.252" ifconfig_fxp1="inet 192.168.1.53 netmask 255.255.255.252" gateway_enable sets the sysctl variable net.inet.ip.forwarding which should turn on ip forwarding between interfaces. For simplicity, I have no static routes defined. (As an aside is there any better documentation on static routes than what's in route(8)?) What did I miss that is preventing me from getting across the fbsd router? Thanks in advance. -- Randy Smith Amigo.Net Systems Administrator 1-719-589-6100 x 4185 http://www.amigo.net/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 9 12:53:59 2001 Delivered-To: freebsd-isp@freebsd.org Received: from gumby.citytel.net (gumby.rupert.net [204.244.98.46]) by hub.freebsd.org (Postfix) with ESMTP id 6B12A37B418 for ; Fri, 9 Nov 2001 12:53:56 -0800 (PST) Received: from gumby.rupert.net (kwoody@gumby.rupert.net [204.244.98.46]) by gumby.citytel.net (8.11.0/8.11.0) with ESMTP id fA9Kroa14935; Fri, 9 Nov 2001 12:53:50 -0800 (PST) Date: Fri, 9 Nov 2001 12:53:49 -0800 (PST) From: Keith Woodworth To: freebsd-isp@FreeBSD.ORG Cc: kwoody@citytel.net Subject: 2.1.7 FreeBSD Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Folks...weve had a 2.1.7 machine colo'd here for a few years (3 days shy of 500 days of uptime) and most of that time it has not had a monitor/keyboard plugged into it. (just ssh in all the time) Few weeks ago I rearranged the equipment room and plugged in a keyboard/monitor but the console wont respond to keyboard. Last time I used a keyboard on this machine was probably about a year ago to change the IP of the NIC and a few other things. Unplugged the keyboard and its sat in the corner and hummed away ever since. Even then it had at least 200 days of uptime w/no keyboard plugged in before I made the IP change. Is there a process I can maybe HUP to get to the keyboar to work? Or do I need a complete reboot? THanks, Keith To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 9 12:57:17 2001 Delivered-To: freebsd-isp@freebsd.org Received: from mail2.mediadesign.nl (md2.mediadesign.nl [212.19.205.67]) by hub.freebsd.org (Postfix) with SMTP id 5E49637B416 for ; Fri, 9 Nov 2001 12:57:13 -0800 (PST) Received: (qmail 23904 invoked by uid 1002); 9 Nov 2001 20:30:26 -0000 From: "Alson van der Meulen" Date: Fri, 9 Nov 2001 21:30:26 +0100 To: freebsd-isp@freebsd.org Subject: Re: Router questions Message-ID: <20011109213026.E22946@md2.mediadesign.nl> Mail-Followup-To: freebsd-isp@freebsd.org References: <200111091622.fA9GMr114063@smtp1.amigo.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200111091622.fA9GMr114063@smtp1.amigo.net> User-Agent: Mutt/1.3.22i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, Nov 09, 2001 at 09:20:12AM -0700, Randy Smith wrote: > Hi all, > > I have a couple of FreeBSD router questions. > 1) Is there a utility that configures routed and ipfw using Cisco's command > set? I couldn't find one in the ports collection so I thought I'd ask here. For a cisco-style routed, look at zebra, /usr/ports/net/zebra > > 2) I have a FreeBSD 4.4-R machine that want to configure as a router to do > traffic shaping and transparent proxy. I think I have the router setup as per > the documentation but I cannot ping across the box. > > Here's my setup: > {net} <---> [gw1] <---> [fbsd] <---> [gw2] <---> {Lan} > * gw1 has address 192.168.69.49/255.255.255.252 > * fbsd has addresses fxp0=192.168.69.50/255.255.255.252 and > fxp1=192.168.69.53/255.255.255.252 > * gw2 has address 192.168.69.54/255.255.255.252 > (The gw* devices have other addresses on other interfaces that are on other > networks that do not enter into this discussion.) > > fbsd can ping gw1 and out to the net and gw2 and into the lan. > The problem is that gw2 can't ping gw1 and vis versa but the can each ping > the fbsd interface on their network. i.e. gw2 can ping fbsd:fxp1 and gw1 can > ping fbsd:fxp0. > > In /etc/rc.conf I have: > gateway_enable="YES" > router_enable="YES" > firewall_enable="YES" > firewall_type="OPEN" # For testing > defaultrouter="192.168.69.49" > ifconfig_fxp0="inet 192.168.1.50 netmask 255.255.255.252" > ifconfig_fxp1="inet 192.168.1.53 netmask 255.255.255.252" err, wasn't it 192.168.69.50 instead of 192.168.1.50? > > gateway_enable sets the sysctl variable net.inet.ip.forwarding which should > turn on ip forwarding between interfaces. For simplicity, I have no static > routes defined. (As an aside is there any better documentation on static > routes than what's in route(8)?) > > What did I miss that is preventing me from getting across the fbsd router? Are the routes on gw[12] correct? something like route add 192.168.1.48/30 192.168.1.50 for gw1 (or 192.168.59.*) HTH, Alson -- ,-------------------------------------------. > Name: Alson van der Meulen < > Personal: alson@flutnet.org < > School: alson@gymnasiumleiden.nl < `-------------------------------------------' Oops! (said in a quiet, almost surprised voice) --------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 9 13:48:43 2001 Delivered-To: freebsd-isp@freebsd.org Received: from garbo.lodgenet.com (garbo.lodgenet.com [204.124.122.252]) by hub.freebsd.org (Postfix) with ESMTP id D26AC37B416 for ; Fri, 9 Nov 2001 13:48:40 -0800 (PST) Received: from tull.ct.lodgenet.com (tull.ct.lodgenet.com [10.0.122.71]) by garbo.lodgenet.com (8.11.4/8.11.4) with ESMTP id fA9Lmdo14691 for ; Fri, 9 Nov 2001 15:48:39 -0600 (CST) Received: from lodgenet.com (localhost [127.0.0.1]) by tull.ct.lodgenet.com (8.11.6/8.11.6) with ESMTP id fA9LmqM32469 for ; Fri, 9 Nov 2001 15:48:53 -0600 (CST) (envelope-from lee@lodgenet.com) Message-ID: <3BEC4F44.8080205@lodgenet.com> Date: Fri, 09 Nov 2001 15:48:52 -0600 From: Lee McKenna User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:0.9.4) Gecko/20011019 Netscape6/6.2 X-Accept-Language: en-us MIME-Version: 1.0 To: freebsd-isp@freebsd.org Subject: Cyclades PC400 or Digi Datafire RAS Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Anyone know of existing or planned driver support for either of these? Cyclades PC400 Digi DataFire RAS Or, any similar hardware supported to create a RAS with digital modem cards? Thanks, lee@lodgenet.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message From owner-freebsd-isp Fri Nov 9 15:39: 3 2001 Delivered-To: freebsd-isp@freebsd.org Received: from digitaldaemon.com (digitaldaemon.com [63.105.9.34]) by hub.freebsd.org (Postfix) with SMTP id DAD5437B405 for ; Fri, 9 Nov 2001 15:39:00 -0800 (PST) Received: (qmail 90159 invoked from network); 9 Nov 2001 23:38:34 -0000 Received: from 213-84-202-101.adsl.xs4all.nl (HELO jak.nl) (213.84.202.101) by jak.nl with SMTP; 9 Nov 2001 23:38:34 -0000 Message-ID: <3BEC6985.1020004@jak.nl> Date: Sat, 10 Nov 2001 00:40:53 +0100 From: Arjan Knepper Organization: JAK++ Software Development B.V. User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:0.9.2) Gecko/20010726 Netscape6/6.1 X-Accept-Language: en-us MIME-Version: 1.0 To: Lee McKenna Cc: freebsd-isp@freebsd.org Subject: Re: Cyclades PC400 or Digi Datafire RAS References: <3BEC4F44.8080205@lodgenet.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Would be great having FreeBSD drivers for these cards. Lee McKenna wrote: > Anyone know of existing or planned driver support for either of these? > > Cyclades PC400 > Digi DataFire RAS > > Or, any similar hardware supported to create a RAS with digital modem > cards? > > Thanks, > lee@lodgenet.com > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message