From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 06:04:22 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E660B16A4CE for ; Sun, 8 Feb 2004 06:04:22 -0800 (PST) Received: from smtp-out6.xs4all.nl (smtp-out6.xs4all.nl [194.109.24.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id E7E5F43D2F for ; Sun, 8 Feb 2004 06:04:21 -0800 (PST) (envelope-from j.vanwijk@jwvwcomputing.com) Received: from list1.xs4all.nl (list1.xs4all.nl [194.109.6.52]) by smtp-out6.xs4all.nl (8.12.10/8.12.10) with ESMTP id i18E4JiU070014 for ; Sun, 8 Feb 2004 15:04:20 +0100 (CET) Received: from list1.xs4all.nl (localhost.xs4all.nl [127.0.0.1]) by list1.xs4all.nl (8.12.9/8.12.9) with ESMTP id i18E2r6L025496 for ; Sun, 8 Feb 2004 15:04:07 +0100 (CET) Received: (from root@localhost) by list1.xs4all.nl (8.12.9/8.12.9/Submit) id i18E2qhK025493; Sun, 8 Feb 2004 15:02:52 +0100 (CET) From: "J. van Wijk" To: freebsd-isp@freebsd.org X-Via: news2mail at list1.xs4all.nl Date: Sun, 8 Feb 2004 15:01:57 +0100 Message-ID: <4026415c$0$1372$e4fe514c@news.xs4all.nl> Subject: A lage number of users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Feb 2004 14:04:23 -0000 Hello, I am starting to setup two webservers (miror) white a lot of users. Can someone tel me how i can manage de users the best. en real time miror them white my other server regards, Jan-Willem van Wijk From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 08:09:54 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7673916A4CE for ; Sun, 8 Feb 2004 08:09:54 -0800 (PST) Received: from lily.ezo.net (nsc.ezo.net [68.23.200.13]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CA9B43D1D for ; Sun, 8 Feb 2004 08:09:54 -0800 (PST) (envelope-from jflowers@ezo.net) Received: from www.ezo.net (peony.ezo.net [68.23.200.11]) by lily.ezo.net (8.12.6/8.12.6) with ESMTP id i18G9vgp028669; Sun, 8 Feb 2004 11:09:57 -0500 (EST) (envelope-from jflowers@ezo.net) From: "Jim Flowers" To: Doug Hardie , freebsd-isp@freebsd.org Date: Sun, 8 Feb 2004 11:10:58 -0500 Message-Id: <20040208160539.M32772@ezo.net> In-Reply-To: <99DA0402-59C9-11D8-B162-000393681B06@lafn.org> References: <200402072146.i17LkKH7049671@elk.hughes.com.au> <99DA0402-59C9-11D8-B162-000393681B06@lafn.org> X-Mailer: Open WebMail 2.10 20031002 X-OriginatingIP: 24.93.231.122 (jflowers) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Subject: Re: Clamav with sendmail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Feb 2004 16:09:54 -0000 I have had excellent results with clamav both with the milter that comes with it and as the sole virus scanner used with MailScanner. When used with MailScanner, MailWatch provides and excellent web interface for management and analysis of infected messages and Vispan (mailstats) provides additional daily/cumulative statistics. The MailScanner approach has been more robust but is probably more than you want unless you are providing spam control as well. -- Jim Flowers ---------- Original Message ----------- From: Doug Hardie To: freebsd-isp@freebsd.org Sent: Sat, 7 Feb 2004 15:59:01 -0800 Subject: Clamav with sendmail > I am evaluating clamav for use with sendmail and an wondering if the > clamav-milter that comes with it is the best approach. There are > several other milter interfaces for clamav listed in the > documentation. Is there any reason to use one in preference to the > others? > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" ------- End of Original Message ------- From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 12:42:34 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2381516A4CE for ; Sun, 8 Feb 2004 12:42:34 -0800 (PST) Received: from ren.sasknow.com (ren.sasknow.com [207.195.92.131]) by mx1.FreeBSD.org (Postfix) with ESMTP id E973543D1D for ; Sun, 8 Feb 2004 12:42:33 -0800 (PST) (envelope-from ryan@sasknow.com) Received: from earl.sasknow.net (earl.sasknow.net [207.195.92.130]) by ren.sasknow.com (8.12.8p1/8.12.8) with ESMTP id i18KgXeP030585; Sun, 8 Feb 2004 14:42:33 -0600 (CST) (envelope-from ryan@sasknow.com) Received: from ren (ren.sasknow.com [207.195.92.131]) by earl.sasknow.net (8.12.9p2/8.12.9) with ESMTP id i18KgWfj051555; Sun, 8 Feb 2004 14:42:32 -0600 (CST) (envelope-from ryan@sasknow.com) Date: Sun, 8 Feb 2004 14:42:32 -0600 (CST) From: Ryan Thompson To: Doug Hardie In-Reply-To: <99DA0402-59C9-11D8-B162-000393681B06@lafn.org> Message-ID: <20040208143628.Y7258-100000@ren.sasknow.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Status: No, hits=-4.9 required=5.0 tests=BAYES_00 autolearn=ham version=2.61 X-Spam-Checker-Version: SpamAssassin 2.61 (1.212.2.1-2003-12-09-exp) on earl.sasknow.net X-Virus-Scanned: ClamAV version 'clamd / ClamAV version devel-20040205', clamav-milter version '0.66k' cc: freebsd-isp@freebsd.org Subject: Re: Clamav with sendmail X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Feb 2004 20:42:34 -0000 Doug Hardie wrote to freebsd-isp@freebsd.org: > I am evaluating clamav for use with sendmail and an wondering if the > clamav-milter that comes with it is the best approach. There are > several other milter interfaces for clamav listed in the documentation. > Is there any reason to use one in preference to the others? We use clamav-milter in conjunction with spamass-milter to filter virii and spam. clamav-milter is extremely easy to install and configure, and works very well "out of the box". Though, there are a few stability issues in the latest release version (in ports). My advice is to use the latest CVS snapshot from clamav.net, and subscribe to the clamav users mailing list for updates. Still, we're running clamav in production, handling thousands of messages per hour, and it hasn't missed a beat with the snapshot from a few days ago. Much better than taking support calls from the hundreds who would have been infected with the SCO worm by now. :-) - Ryan -- Ryan Thompson SaskNow Technologies - http://www.sasknow.com 901-1st Avenue North - Saskatoon, SK - S7K 1Y4 Tel: 306-664-3600 Fax: 306-244-7037 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 13:49:29 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5D9B216A4CE for ; Sun, 8 Feb 2004 13:49:29 -0800 (PST) Received: from anna.mysmt.net (ns1.mysmt.net [217.8.108.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFA1B43D1D for ; Sun, 8 Feb 2004 13:49:28 -0800 (PST) (envelope-from erik@microcontroller.nl) Received: (qmail 89922 invoked by uid 89); 8 Feb 2004 21:49:27 -0000 Received: from unknown (HELO ?10.0.0.6?) (microcon@microcontroller.nl@212.238.210.243) by ns1.mysmt.net with SMTP; 8 Feb 2004 21:49:27 -0000 From: "Erik @ MicroController.nl" To: freebsd-isp@freebsd.org Content-Type: text/plain Message-Id: <1076276972.5859.70.camel@ina.mysmt.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-7) Date: Sun, 08 Feb 2004 22:49:33 +0100 Content-Transfer-Encoding: 7bit Subject: ftp X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 08 Feb 2004 21:49:29 -0000 Hi list, What are you using for ftp daemon? I'm searching for one which does not use real system accounts, and handles quota's well.. I always used proftpd, now I'm testing it with mysql authentication which works fine, but I dislike the way the quota's are counted and checked. thanks, -Erik. From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 16:46:27 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A68EA16A4CE for ; Sun, 8 Feb 2004 16:46:27 -0800 (PST) Received: from mail9.txucom.net (mail9.txucom.net [207.70.175.251]) by mx1.FreeBSD.org (Postfix) with SMTP id 7A5E643D1F for ; Sun, 8 Feb 2004 16:46:27 -0800 (PST) (envelope-from bob@buckhorn.net) Received: (qmail 2128 invoked from network); 9 Feb 2004 00:46:26 -0000 Received: from lfkn-adsl-dhcp-net1-197.txucom.net (HELO tardis.buckhorn.net) ([207.70.145.197]) (envelope-sender ) by mail9.txucom.net (qmail-ldap-1.03) with SMTP for ; 9 Feb 2004 00:46:26 -0000 Received: from buckhorn.net (localhost.buckhorn.net [127.0.0.1]) by tardis.buckhorn.net (Postfix) with ESMTP id 3B3EF1B93AC; Sun, 8 Feb 2004 18:46:20 -0600 (CST) Message-ID: <4026D85B.4070605@buckhorn.net> Date: Sun, 08 Feb 2004 18:46:19 -0600 From: Bob Martin User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Erik @ MicroController.nl" References: <1076276972.5859.70.camel@ina.mysmt.net> In-Reply-To: <1076276972.5859.70.camel@ina.mysmt.net> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: ftp X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 00:46:27 -0000 Have a look at pure-ftpd. Tons of features, and it was written with hosting in mind. Bob Martin Erik @ MicroController.nl wrote: > Hi list, > > What are you using for ftp daemon? > I'm searching for one which does not use real system accounts, > and handles quota's well.. > > I always used proftpd, now I'm testing it with mysql authentication > which works fine, but I dislike the way the quota's are counted and > checked. > > thanks, > > -Erik. > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Sun Feb 8 20:42:55 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 34DE716A4CE for ; Sun, 8 Feb 2004 20:42:55 -0800 (PST) Received: from SRV-07.radiobras.local (unknown [200.252.42.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8655643D1F for ; Sun, 8 Feb 2004 20:42:54 -0800 (PST) (envelope-from wendel@radiobras.gov.br) Received: by SRV-07.radiobras.local with Internet Mail Service (5.5.2653.19) id <1FBZ1S7P>; Mon, 9 Feb 2004 02:43:02 -0300 Message-ID: From: Wendelmaques pereira To: "'J. van Wijk '" , "'freebsd-isp@freebsd.org '" Date: Mon, 9 Feb 2004 02:42:55 -0300 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2653.19) Content-Type: text/plain X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: RE: A lage number of users X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 04:42:55 -0000 > Can someone tel me how i can manage de users the best. What tyep of management you need for webserver? User access directory? SSH Access? FTP Access? wendel From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 03:57:03 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 988DE16A4CF for ; Mon, 9 Feb 2004 03:57:03 -0800 (PST) Received: from kurush.osdn.org.ua (external.osdn.org.ua [212.40.34.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7245043D1D for ; Mon, 9 Feb 2004 03:56:58 -0800 (PST) (envelope-from never@kurush.osdn.org.ua) Received: from kurush.osdn.org.ua (never@localhost [127.0.0.1]) by kurush.osdn.org.ua (8.12.6p3/8.12.6) with ESMTP id i19BuDq3063229; Mon, 9 Feb 2004 13:56:13 +0200 (EET) (envelope-from never@kurush.osdn.org.ua) Received: (from never@localhost) by kurush.osdn.org.ua (8.12.6p3/8.12.6/Submit) id i19BuBB4063226; Mon, 9 Feb 2004 13:56:11 +0200 (EET) (envelope-from never) Date: Mon, 9 Feb 2004 13:56:11 +0200 From: Alexandr Kovalenko To: "Mustafa N. Deeb" Message-ID: <20040209115611.GA63139@nevermind.kiev.ua> References: <009901c3e676$04acaaa0$0201a8c0@stranger> <058e01c3e7e9$678595f0$8d00000a@felfel> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <058e01c3e7e9$678595f0$8d00000a@felfel> User-Agent: Mutt/1.5.4i cc: 'Edward Shabotinsky' cc: isp@freebsd.org Subject: Re: Recommendation for "antivirus" software (MTA is qmail) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 11:57:03 -0000 Hello, Mustafa N. Deeb! On Sat, Jan 31, 2004 at 12:59:59PM +0200, you wrote: > How does their license work? You can use evaluation license for free and it is enough to check and reject infected mail. So it is free in common way. But I've heard that ClamAV making big success and I consider trying it. > ~~~~~~~~~~~~~~~~~~~~~~ > Mustafa N. Deeb > Technical Director > Palnet Communications Ltd. > Tel: +970-2-2403434 > Fax: +970-2-2403430 > www.palsms.com > www.paltime.net > www.palnet.com > > > > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Edward Shabotinsky > Sent: Thursday, January 29, 2004 4:42 PM > To: isp@freebsd.org > Subject: Re: Recommendation for "antivirus" software (MTA is qmail) > > Running Dr.Web with qmail-ldap for allmost 3 years on fbsd - no problem > over > 10000 mail accounts. > > ----- Original Message ----- > From: "ap296" > To: > Sent: Thursday, January 29, 2004 02:55 > Subject: RE: Recommendation for "antivirus" software (MTA is qmail) > > > > > > Consider outsourcing to a professional organization that can keep up > with > > updates and trends which constantly change -- that specialize in this > sort > > of thing. > > > > I recommend www.postini.com > > > > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] > > On Behalf Of David Wolfskill > > Sent: Tuesday, January 27, 2004 10:18 AM > > To: isp@freebsd.org > > Subject: Recommendation for "antivirus" software (MTA is qmail) > > > > > > My boss, who persists in using a M$-based desktop, wants me to install > > an "antivirus solution" on our mail server. In fairness, he also > wants > > to reduce the expose to (and from) our customers (many of whom also > run > > such systems). > > > > The MTA we currently use is qmail on a system running FreeBSD 4.8. > > As far as I can tell, that is for its ease of integration with > > vpopmail. As far as this message is concerned, I am being agnostic > > with respect to the choice of qmail for the MTA; it was made prior > > to the start of my tenure here, and I am unwilling to make a change > > if I believe that the result will not be worth the effort and > > disruption. > > > > A small bit of background: my employer is a nascent ISP, with a fair > > amount of emphasis on use of wireless (well, radio) technology. > > > > It would be useful to be able to also get some spam-avoidance > capability > > along with this. That said, several of our salient resources are > limited. > > > > A quick look around the Web shows some plausible-looking contenders; > > what I seek are real-life experiences with these (or similar) > products, > > or other aspects that may not be immediately obvious from reading the > > promotional material on the Web sites: > > > > * qmail-scanner, clamav, and spamassassin > > > http://clamav.elektrapro.com/doc/FreeBSD-HowTo/qmail-scanner-how-to.html > > > > * Dr.Web for UNIX systems > > http://www.dials.ru/english/dsav_toolkit/drwebunix.htm > > [Also at http://www.advancedforce.com/antivirus/av_unixms.html ?] > > > > * RAV AntiVirus > > http://www.ravantivirus.com/pages/isp.php > > > > * Vexira Antivirus for Mail servers FreeBSD edition > > > http://www.ti.com.pl/antivirus.php?s=vexira&d=products&w=details&pid=8 > > > > * AntiVir > > http://www.hbedv.com/ > > > > * Sophos PureMessage > > http://www.sophos.com/products/pm/ > > > > Each of the above (save the first) appears to be a commercial product. > > We are open -- in principle -- to any solution, whether free or fee. > > > > Thanks! (in advance) -- NEVE-RIPE, will build world for food Ukrainian FreeBSD User Group http://uafug.org.ua/ From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 08:31:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 303D316A4CE for ; Mon, 9 Feb 2004 08:31:10 -0800 (PST) Received: from smtp4.wlink.com.np (smtp4.wlink.com.np [202.79.32.87]) by mx1.FreeBSD.org (Postfix) with SMTP id AE64443D31 for ; Mon, 9 Feb 2004 08:30:47 -0800 (PST) (envelope-from bikrant_ml@wlink.com.np) Received: (qmail 92140 invoked from network); 9 Feb 2004 16:30:37 -0000 Received: from unknown (HELO qmail-scanner.wlink.com.np) (202.79.32.74) by 0 with SMTP; 9 Feb 2004 16:30:37 -0000 Received: (qmail 77384 invoked by uid 1008); 9 Feb 2004 16:30:37 -0000 Received: from bikrant_ml@wlink.com.np by qmail-scanner.wlink.com.np by uid 1002 with qmail-scanner-1.20 (clamscan: 0.60. Clear:RC:1(202.79.32.78):. Processed in 0.019711 secs); 09 Feb 2004 16:30:37 -0000 X-Qmail-Scanner-Mail-From: bikrant_ml@wlink.com.np via qmail-scanner.wlink.com.np X-Qmail-Scanner: 1.20 (Clear:RC:1(202.79.32.78):. Processed in 0.019711 secs) Received: from smtp3.wlink.com.np (202.79.32.78) by qmail-scanner.wlink.com.np with SMTP; 9 Feb 2004 16:30:37 -0000 Received: (qmail 16846 invoked by uid 514); 9 Feb 2004 16:30:37 -0000 Received: from [202.79.55.254] (HELO ekanta4ey6dw38) by smtp3.wlink.com.np (qmail-smtpd) with SMTP; 09 Feb 2004 16:30:37 -0000 (Mon, 09 Feb 2004 22:15:37 +0545) Message-ID: <006001c3ef2a$0e029120$0100a8c0@ekanta4ey6dw38> From: "Bikrant Neupane" To: , Date: Mon, 9 Feb 2004 22:15:35 +0545 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Check-By: smtp3.wlink.com.np Spam: No ; 0.0 / 5.0 X-Spam-Status: No, hits=0.0 required=5.0 Subject: High Cpu utilization X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 16:31:10 -0000 Hi, For some reason my squid cache is running at 99% load. I don't see any abnormal pattern in traffic and number of connections. Agv. traffic is around 2M/sec and goes upto 3.5M/sec during peak hours. Max File descriptor open is around 2K. I'm running squid-2.5.stable4 on FreeBSD-4.9. The hardware is Dell Power edge with 2.6 Gig P4 HT processor and 2 GB RAM. I've got custom kernel running with HT enabled. I've got 2 cache dirs (10 Gb each) on 20 GB SCSI drive dedicated for cache only. This system has been running since last 30 days. Under same traffic load (and connections) the avg. cpu usage was around 30% during peak hours. but since last 2 days it is running at 99% most of the time :( I compiled squid with following options: ./configure \ --enable-delay-pools \ --enable-ipf-transparent \ --enable-storeio=diskd,ufs,aufs \ --disable-ident-lookups \ --enable-snmp \ --enable-wccp \ --enable-removal-policies \ -sysconfdir=/etc/squid/ \ --with-pthreads \ --enable-async-io=60 \ --enable-async-io \ --enable-time-hack And these are few lines from my squid.conf: cache_mem 128 MB cache_swap_low 90 cache_swap_high 95 maximum_object_size 32768 KB maximum_object_size_in_memory 16 KB tcp_recv_bufsize 65535 bytes ipcache_size 4096 fqdncache_size 4096 cache_dir aufs /usr/local/squid/cache1 8000 32 512 cache_dir aufs /usr/local/squid/cache2 8000 32 512 I think I need to tweak some parameter..Please help. with regards, Bikrant From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 09:01:37 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 02FEF16A4CE for ; Mon, 9 Feb 2004 09:01:37 -0800 (PST) Received: from mail.gmx.net (pop.gmx.net [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 5922F43D1D for ; Mon, 9 Feb 2004 09:01:36 -0800 (PST) (envelope-from pilkis@gmx.net) Received: (qmail 4356 invoked by uid 65534); 9 Feb 2004 17:01:34 -0000 Received: from unknown (EHLO pilkishome) (62.68.63.42) by mail.gmx.net (mp021) with SMTP; 09 Feb 2004 18:01:34 +0100 X-Authenticated: #6832473 Message-ID: <012101c3ef2e$5f743050$1e64a8c0@spotripoli.local> From: "Putinas" To: References: <006001c3ef2a$0e029120$0100a8c0@ekanta4ey6dw38> Date: Mon, 9 Feb 2004 19:01:33 +0200 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="windows-1251"; reply-type=original Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2055 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2055 cc: Bikrant Neupane Subject: Re: High Cpu utilization X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 17:01:37 -0000 There is problem with 100% cpu utilisation if /dev/null not exist or squid don't have right to access it... I had same problem before, and found soliution on official page faq... ----- Original Message ----- From: "Bikrant Neupane" To: ; Sent: Monday, February 09, 2004 6:30 PM Subject: High Cpu utilization > Hi, > For some reason my squid cache is running at 99% load. > I don't see any abnormal pattern in traffic and number of connections. > Agv. traffic is around 2M/sec and goes upto 3.5M/sec during peak hours. > Max File descriptor open is around 2K. > > I'm running squid-2.5.stable4 on FreeBSD-4.9. > The hardware is Dell Power edge with 2.6 Gig P4 HT processor and 2 GB RAM. > I've got custom kernel running with HT enabled. I've got 2 cache dirs (10 > Gb > each) on 20 GB SCSI drive dedicated for cache only. This system has been > running since last 30 days. Under same traffic load (and connections) the > avg. cpu usage was around 30% during peak hours. but since last 2 days it > is > running at 99% most of the time :( > > I compiled squid with following options: > > ./configure \ > --enable-delay-pools \ > --enable-ipf-transparent \ > --enable-storeio=diskd,ufs,aufs \ > --disable-ident-lookups \ > --enable-snmp \ > --enable-wccp \ > --enable-removal-policies \ > -sysconfdir=/etc/squid/ \ > --with-pthreads \ > --enable-async-io=60 \ > --enable-async-io \ > --enable-time-hack > > And these are few lines from my squid.conf: > > cache_mem 128 MB > cache_swap_low 90 > cache_swap_high 95 > maximum_object_size 32768 KB > maximum_object_size_in_memory 16 KB > tcp_recv_bufsize 65535 bytes > ipcache_size 4096 > fqdncache_size 4096 > cache_dir aufs /usr/local/squid/cache1 8000 32 512 > cache_dir aufs /usr/local/squid/cache2 8000 32 512 > > I think I need to tweak some parameter..Please help. > > with regards, > Bikrant > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 09:17:02 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 91F5416A4CE for ; Mon, 9 Feb 2004 09:17:02 -0800 (PST) Received: from smtp4.wlink.com.np (smtp4.wlink.com.np [202.79.32.87]) by mx1.FreeBSD.org (Postfix) with SMTP id 5571C43D1F for ; Mon, 9 Feb 2004 09:16:58 -0800 (PST) (envelope-from bikrant_ml@wlink.com.np) Received: (qmail 94476 invoked from network); 9 Feb 2004 17:16:54 -0000 Received: from unknown (HELO qmail-scanner.wlink.com.np) (202.79.32.74) by 0 with SMTP; 9 Feb 2004 17:16:54 -0000 Received: (qmail 9313 invoked by uid 1008); 9 Feb 2004 17:16:54 -0000 Received: from bikrant_ml@wlink.com.np by qmail-scanner.wlink.com.np by uid 1002 with qmail-scanner-1.20 (clamscan: 0.60. Clear:RC:1(202.79.32.78):. Processed in 0.017045 secs); 09 Feb 2004 17:16:54 -0000 X-Qmail-Scanner-Mail-From: bikrant_ml@wlink.com.np via qmail-scanner.wlink.com.np X-Qmail-Scanner: 1.20 (Clear:RC:1(202.79.32.78):. Processed in 0.017045 secs) Received: from smtp3.wlink.com.np (202.79.32.78) by qmail-scanner.wlink.com.np with SMTP; 9 Feb 2004 17:16:54 -0000 Received: (qmail 633 invoked by uid 514); 9 Feb 2004 17:16:54 -0000 Received: from [202.79.55.254] (HELO ekanta4ey6dw38) by smtp3.wlink.com.np (qmail-smtpd) with SMTP; 09 Feb 2004 17:16:54 -0000 (Mon, 09 Feb 2004 23:01:54 +0545) Message-ID: <00b001c3ef30$85527c30$0100a8c0@ekanta4ey6dw38> From: "Bikrant Neupane" To: "Putinas" , References: <006001c3ef2a$0e029120$0100a8c0@ekanta4ey6dw38> <012101c3ef2e$5f743050$1e64a8c0@spotripoli.local> Date: Mon, 9 Feb 2004 23:01:52 +0545 MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1251" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Check-By: smtp3.wlink.com.np Spam: No ; 0.0 / 5.0 X-Spam-Status: No, hits=0.0 required=5.0 Subject: Re: High Cpu utilization X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 17:17:02 -0000 thanks for the reply. yeah I read that somewhere in faq. I found /dev/null is set a+rw by default. I even checked dns settings. still no improvment. regards, Bikrant ----- Original Message ----- From: "Putinas" To: Cc: "Bikrant Neupane" Sent: Monday, February 09, 2004 10:46 PM Subject: Re: High Cpu utilization > There is problem with 100% cpu utilisation if /dev/null not exist or squid > don't have right to access it... I had same problem before, and found > soliution on official page faq... > > > ----- Original Message ----- > From: "Bikrant Neupane" > To: ; > Sent: Monday, February 09, 2004 6:30 PM > Subject: High Cpu utilization > > > > Hi, > > For some reason my squid cache is running at 99% load. > > I don't see any abnormal pattern in traffic and number of connections. > > Agv. traffic is around 2M/sec and goes upto 3.5M/sec during peak hours. > > Max File descriptor open is around 2K. > > > > I'm running squid-2.5.stable4 on FreeBSD-4.9. > > The hardware is Dell Power edge with 2.6 Gig P4 HT processor and 2 GB RAM. > > I've got custom kernel running with HT enabled. I've got 2 cache dirs (10 > > Gb > > each) on 20 GB SCSI drive dedicated for cache only. This system has been > > running since last 30 days. Under same traffic load (and connections) the > > avg. cpu usage was around 30% during peak hours. but since last 2 days it > > is > > running at 99% most of the time :( > > > > I compiled squid with following options: > > > > ./configure \ > > --enable-delay-pools \ > > --enable-ipf-transparent \ > > --enable-storeio=diskd,ufs,aufs \ > > --disable-ident-lookups \ > > --enable-snmp \ > > --enable-wccp \ > > --enable-removal-policies \ > > -sysconfdir=/etc/squid/ \ > > --with-pthreads \ > > --enable-async-io=60 \ > > --enable-async-io \ > > --enable-time-hack > > > > And these are few lines from my squid.conf: > > > > cache_mem 128 MB > > cache_swap_low 90 > > cache_swap_high 95 > > maximum_object_size 32768 KB > > maximum_object_size_in_memory 16 KB > > tcp_recv_bufsize 65535 bytes > > ipcache_size 4096 > > fqdncache_size 4096 > > cache_dir aufs /usr/local/squid/cache1 8000 32 512 > > cache_dir aufs /usr/local/squid/cache2 8000 32 512 > > > > I think I need to tweak some parameter..Please help. > > > > with regards, > > Bikrant > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > > From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 09:22:29 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 20A8016A4CE for ; Mon, 9 Feb 2004 09:22:29 -0800 (PST) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D09B443D1F for ; Mon, 9 Feb 2004 09:22:28 -0800 (PST) (envelope-from anderson@centtech.com) Received: from centtech.com (neutrino.centtech.com [10.177.171.220]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i19HMSE8098197; Mon, 9 Feb 2004 11:22:28 -0600 (CST) (envelope-from anderson@centtech.com) Message-ID: <4027C1B6.4090408@centtech.com> Date: Mon, 09 Feb 2004 11:21:58 -0600 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.6) Gecko/20040205 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Bikrant Neupane References: <006001c3ef2a$0e029120$0100a8c0@ekanta4ey6dw38> <012101c3ef2e$5f743050$1e64a8c0@spotripoli.local> <00b001c3ef30$85527c30$0100a8c0@ekanta4ey6dw38> In-Reply-To: <00b001c3ef30$85527c30$0100a8c0@ekanta4ey6dw38> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org cc: Putinas Subject: Re: High Cpu utilization X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 17:22:29 -0000 Bikrant Neupane wrote: > thanks for the reply. > yeah I read that somewhere in faq. I found /dev/null is set a+rw by default. > I even checked dns settings. still no improvment. Are you swapping? -- ------------------------------------------------------------------ Eric Anderson Sr. Systems Administrator Centaur Technology Today is the tomorrow you worried about yesterday. ------------------------------------------------------------------ From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 09:37:06 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72A2416A4CE for ; Mon, 9 Feb 2004 09:37:06 -0800 (PST) Received: from smtp4.wlink.com.np (smtp4.wlink.com.np [202.79.32.87]) by mx1.FreeBSD.org (Postfix) with SMTP id 1BA7A43D2F for ; Mon, 9 Feb 2004 09:37:03 -0800 (PST) (envelope-from bikrant_ml@wlink.com.np) Received: (qmail 95205 invoked from network); 9 Feb 2004 17:37:00 -0000 Received: from unknown (HELO qmail-scanner.wlink.com.np) (202.79.32.74) by 0 with SMTP; 9 Feb 2004 17:37:00 -0000 Received: (qmail 19723 invoked by uid 1008); 9 Feb 2004 17:37:00 -0000 Received: from bikrant_ml@wlink.com.np by qmail-scanner.wlink.com.np by uid 1002 with qmail-scanner-1.20 (clamscan: 0.60. Clear:RC:1(202.79.32.78):. Processed in 0.068659 secs); 09 Feb 2004 17:37:00 -0000 X-Qmail-Scanner-Mail-From: bikrant_ml@wlink.com.np via qmail-scanner.wlink.com.np X-Qmail-Scanner: 1.20 (Clear:RC:1(202.79.32.78):. Processed in 0.068659 secs) Received: from smtp3.wlink.com.np (202.79.32.78) by qmail-scanner.wlink.com.np with SMTP; 9 Feb 2004 17:37:00 -0000 Received: (qmail 6728 invoked by uid 514); 9 Feb 2004 17:37:00 -0000 Received: from [202.79.55.254] (HELO ekanta4ey6dw38) by smtp3.wlink.com.np (qmail-smtpd) with SMTP; 09 Feb 2004 17:36:59 -0000 (Mon, 09 Feb 2004 23:21:59 +0545) Message-ID: <00f101c3ef33$53f8ca10$0100a8c0@ekanta4ey6dw38> From: "Bikrant Neupane" To: "Eric Anderson" References: <006001c3ef2a$0e029120$0100a8c0@ekanta4ey6dw38> <012101c3ef2e$5f743050$1e64a8c0@spotripoli.local> <00b001c3ef30$85527c30$0100a8c0@ekanta4ey6dw38> <4027C1B6.4090408@centtech.com> Date: Mon, 9 Feb 2004 23:22:00 +0545 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 X-Spam-Check-By: smtp3.wlink.com.np Spam: No ; 0.0 / 5.0 X-Spam-Status: No, hits=0.0 required=5.0 cc: freebsd-isp@freebsd.org cc: Putinas Subject: Re: High Cpu utilization X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Feb 2004 17:37:06 -0000 Well I have 4GB swap disk and only 24K is in use by other process. From mrtg I see Squid alone has used 23% (max) out of 2GB RAM. regards, Bikrant ----- Original Message ----- From: "Eric Anderson" To: "Bikrant Neupane" Cc: "Putinas" ; Sent: Monday, February 09, 2004 11:06 PM Subject: Re: High Cpu utilization > Bikrant Neupane wrote: > > thanks for the reply. > > yeah I read that somewhere in faq. I found /dev/null is set a+rw by default. > > I even checked dns settings. still no improvment. > > Are you swapping? > > > > > -- > ------------------------------------------------------------------ > Eric Anderson Sr. Systems Administrator Centaur Technology > Today is the tomorrow you worried about yesterday. > ------------------------------------------------------------------ > From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 23:38:13 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E373616A4CE for ; Mon, 9 Feb 2004 23:38:13 -0800 (PST) Received: from mail.palnet.com (mail.palnet.com [217.66.226.37]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F23E43D1D for ; Mon, 9 Feb 2004 23:38:13 -0800 (PST) (envelope-from mustafa@palnet.com) Received: from felfel (dogbert.palnet.com [192.116.17.51]) by mail.palnet.com (8.12.5/8.12.5) with ESMTP id i1A7ZtFl004815; Tue, 10 Feb 2004 09:35:56 +0200 (IST) From: "Mustafa N. Deeb" To: "'Alexandr Kovalenko'" Date: Tue, 10 Feb 2004 10:40:17 +0200 Organization: Palnet Communications Ltd. Message-ID: <054c01c3efb1$874a01d0$8d00000a@felfel> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 In-Reply-To: <20040209115611.GA63139@nevermind.kiev.ua> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: 'Edward Shabotinsky' cc: isp@freebsd.org Subject: RE: Recommendation for "antivirus" software (MTA is qmail) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Mustafa@palnet.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 07:38:14 -0000 I'm using ClamAV right now, and it is good Some small issue with .zip files, sometimes If you had thousands of clients using Outlook, and they got hit with Mydoom for example, it will fill the mailq with huge amounts of infected Emails. Would milter based Antivirus be the solution to Blocking Clients Connections? Cheers ~~~~~~~~~~~~~~~~~~~~~~ Mustafa N. Deeb Technical Director Palnet Communications Ltd. Tel: +970-2-2403434 Fax: +970-2-2403430 www.palsms.com www.paltime.net www.palnet.com -----Original Message----- From: Alexandr Kovalenko [mailto:never@nevermind.kiev.ua] Sent: Monday, February 09, 2004 1:56 PM To: Mustafa N. Deeb Cc: 'Edward Shabotinsky'; isp@freebsd.org Subject: Re: Recommendation for "antivirus" software (MTA is qmail) Hello, Mustafa N. Deeb! On Sat, Jan 31, 2004 at 12:59:59PM +0200, you wrote: > How does their license work? You can use evaluation license for free and it is enough to check and reject infected mail. So it is free in common way. But I've heard that ClamAV making big success and I consider trying it. > ~~~~~~~~~~~~~~~~~~~~~~ > Mustafa N. Deeb > Technical Director > Palnet Communications Ltd. > Tel: +970-2-2403434 > Fax: +970-2-2403430 > www.palsms.com > www.paltime.net > www.palnet.com > > > > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Edward Shabotinsky > Sent: Thursday, January 29, 2004 4:42 PM > To: isp@freebsd.org > Subject: Re: Recommendation for "antivirus" software (MTA is qmail) > > Running Dr.Web with qmail-ldap for allmost 3 years on fbsd - no problem > over > 10000 mail accounts. > > ----- Original Message ----- > From: "ap296" > To: > Sent: Thursday, January 29, 2004 02:55 > Subject: RE: Recommendation for "antivirus" software (MTA is qmail) > > > > > > Consider outsourcing to a professional organization that can keep up > with > > updates and trends which constantly change -- that specialize in this > sort > > of thing. > > > > I recommend www.postini.com > > > > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] > > On Behalf Of David Wolfskill > > Sent: Tuesday, January 27, 2004 10:18 AM > > To: isp@freebsd.org > > Subject: Recommendation for "antivirus" software (MTA is qmail) > > > > > > My boss, who persists in using a M$-based desktop, wants me to install > > an "antivirus solution" on our mail server. In fairness, he also > wants > > to reduce the expose to (and from) our customers (many of whom also > run > > such systems). > > > > The MTA we currently use is qmail on a system running FreeBSD 4.8. > > As far as I can tell, that is for its ease of integration with > > vpopmail. As far as this message is concerned, I am being agnostic > > with respect to the choice of qmail for the MTA; it was made prior > > to the start of my tenure here, and I am unwilling to make a change > > if I believe that the result will not be worth the effort and > > disruption. > > > > A small bit of background: my employer is a nascent ISP, with a fair > > amount of emphasis on use of wireless (well, radio) technology. > > > > It would be useful to be able to also get some spam-avoidance > capability > > along with this. That said, several of our salient resources are > limited. > > > > A quick look around the Web shows some plausible-looking contenders; > > what I seek are real-life experiences with these (or similar) > products, > > or other aspects that may not be immediately obvious from reading the > > promotional material on the Web sites: > > > > * qmail-scanner, clamav, and spamassassin > > > http://clamav.elektrapro.com/doc/FreeBSD-HowTo/qmail-scanner-how-to.html > > > > * Dr.Web for UNIX systems > > http://www.dials.ru/english/dsav_toolkit/drwebunix.htm > > [Also at http://www.advancedforce.com/antivirus/av_unixms.html ?] > > > > * RAV AntiVirus > > http://www.ravantivirus.com/pages/isp.php > > > > * Vexira Antivirus for Mail servers FreeBSD edition > > > http://www.ti.com.pl/antivirus.php?s=vexira&d=products&w=details&pid=8 > > > > * AntiVir > > http://www.hbedv.com/ > > > > * Sophos PureMessage > > http://www.sophos.com/products/pm/ > > > > Each of the above (save the first) appears to be a commercial product. > > We are open -- in principle -- to any solution, whether free or fee. > > > > Thanks! (in advance) -- NEVE-RIPE, will build world for food Ukrainian FreeBSD User Group http://uafug.org.ua/ From owner-freebsd-isp@FreeBSD.ORG Mon Feb 9 23:48:24 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 745D816A4CE for ; Mon, 9 Feb 2004 23:48:24 -0800 (PST) Received: from webmail.akwireless.net (webmail.akwireless.net [192.189.218.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 3400343D1D for ; Mon, 9 Feb 2004 23:48:24 -0800 (PST) (envelope-from dee@akwireless.net) Received: (qmail 9056 invoked by uid 1020); 10 Feb 2004 07:48:23 -0000 Received: from dee@akwireless.net by webmail by uid 1006 with qmail-scanner-1.20 (clamscan: 0.65. Clear:RC:1(127.0.0.1):. Processed in 0.387623 secs); 10 Feb 2004 07:48:23 -0000 X-Scanner-AKW-Mail-From: dee@akwireless.net via webmail X-Scanner-AKW: 1.20 (Clear:RC:1(127.0.0.1):. Processed in 0.387623 secs) Received: from unknown (HELO papa.wdm-lan) (127.0.0.1) by 0 with SMTP; 10 Feb 2004 07:48:22 -0000 From: "W.D.McKinney" To: isp@freebsd.org In-Reply-To: <054c01c3efb1$874a01d0$8d00000a@felfel> References: <054c01c3efb1$874a01d0$8d00000a@felfel> Content-Type: text/plain Message-Id: <1076398901.7637.89.camel@papa.wdm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Rubber Turnip www.usr-local-bin.org Date: Mon, 09 Feb 2004 22:41:41 -0900 Content-Transfer-Encoding: 7bit Subject: RE: Recommendation for "antivirus" software (MTA is qmail) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 07:48:24 -0000 On Mon, 2004-02-09 at 23:40, Mustafa N. Deeb wrote: > I'm using ClamAV right now, and it is good > Some small issue with .zip files, sometimes > We run clamav on our MTA server and yes, we resorted to blocking .zip's when mydoom hit. But thankfully we had a Barracuda which stopped it. Dee > If you had thousands of clients using Outlook, and they got hit with > Mydoom for example, it will fill the mailq with huge amounts of infected > Emails. > > Would milter based Antivirus be the solution to Blocking Clients > Connections? > > Cheers > ~~~~~~~~~~~~~~~~~~~~~~ > Mustafa N. Deeb > Technical Director > Palnet Communications Ltd. > Tel: +970-2-2403434 > Fax: +970-2-2403430 > www.palsms.com > www.paltime.net > www.palnet.com > > > > -----Original Message----- > From: Alexandr Kovalenko [mailto:never@nevermind.kiev.ua] > Sent: Monday, February 09, 2004 1:56 PM > To: Mustafa N. Deeb > Cc: 'Edward Shabotinsky'; isp@freebsd.org > Subject: Re: Recommendation for "antivirus" software (MTA is qmail) > > Hello, Mustafa N. Deeb! > > On Sat, Jan 31, 2004 at 12:59:59PM +0200, you wrote: > > > How does their license work? > > You can use evaluation license for free and it is enough to check and > reject infected mail. So it is free in common way. > > But I've heard that ClamAV making big success and I consider trying it. > > > ~~~~~~~~~~~~~~~~~~~~~~ > > Mustafa N. Deeb > > Technical Director > > Palnet Communications Ltd. > > Tel: +970-2-2403434 > > Fax: +970-2-2403430 > > www.palsms.com > > www.paltime.net > > www.palnet.com > > > > > > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Edward Shabotinsky > > Sent: Thursday, January 29, 2004 4:42 PM > > To: isp@freebsd.org > > Subject: Re: Recommendation for "antivirus" software (MTA is qmail) > > > > Running Dr.Web with qmail-ldap for allmost 3 years on fbsd - no > problem > > over > > 10000 mail accounts. > > > > ----- Original Message ----- > > From: "ap296" > > To: > > Sent: Thursday, January 29, 2004 02:55 > > Subject: RE: Recommendation for "antivirus" software (MTA is qmail) > > > > > > > > > > Consider outsourcing to a professional organization that can keep up > > with > > > updates and trends which constantly change -- that specialize in > this > > sort > > > of thing. > > > > > > I recommend www.postini.com > > > > > > > > > -----Original Message----- > > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org] > > > On Behalf Of David Wolfskill > > > Sent: Tuesday, January 27, 2004 10:18 AM > > > To: isp@freebsd.org > > > Subject: Recommendation for "antivirus" software (MTA is qmail) > > > > > > > > > My boss, who persists in using a M$-based desktop, wants me to > install > > > an "antivirus solution" on our mail server. In fairness, he also > > wants > > > to reduce the expose to (and from) our customers (many of whom also > > run > > > such systems). > > > > > > The MTA we currently use is qmail on a system running FreeBSD 4.8. > > > As far as I can tell, that is for its ease of integration with > > > vpopmail. As far as this message is concerned, I am being agnostic > > > with respect to the choice of qmail for the MTA; it was made prior > > > to the start of my tenure here, and I am unwilling to make a change > > > if I believe that the result will not be worth the effort and > > > disruption. > > > > > > A small bit of background: my employer is a nascent ISP, with a > fair > > > amount of emphasis on use of wireless (well, radio) technology. > > > > > > It would be useful to be able to also get some spam-avoidance > > capability > > > along with this. That said, several of our salient resources are > > limited. > > > > > > A quick look around the Web shows some plausible-looking contenders; > > > what I seek are real-life experiences with these (or similar) > > products, > > > or other aspects that may not be immediately obvious from reading > the > > > promotional material on the Web sites: > > > > > > * qmail-scanner, clamav, and spamassassin > > > > > > http://clamav.elektrapro.com/doc/FreeBSD-HowTo/qmail-scanner-how-to.html > > > > > > * Dr.Web for UNIX systems > > > http://www.dials.ru/english/dsav_toolkit/drwebunix.htm > > > [Also at http://www.advancedforce.com/antivirus/av_unixms.html ?] > > > > > > * RAV AntiVirus > > > http://www.ravantivirus.com/pages/isp.php > > > > > > * Vexira Antivirus for Mail servers FreeBSD edition > > > > > http://www.ti.com.pl/antivirus.php?s=vexira&d=products&w=details&pid=8 > > > > > > * AntiVir > > > http://www.hbedv.com/ > > > > > > * Sophos PureMessage > > > http://www.sophos.com/products/pm/ > > > > > > Each of the above (save the first) appears to be a commercial > product. > > > We are open -- in principle -- to any solution, whether free or fee. > > > > > > Thanks! (in advance) From owner-freebsd-isp@FreeBSD.ORG Tue Feb 10 01:36:27 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B0CF16A4D3 for ; Tue, 10 Feb 2004 01:36:27 -0800 (PST) Received: from anna.mysmt.net (ns1.mysmt.net [217.8.108.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9738143D2F for ; Tue, 10 Feb 2004 01:36:26 -0800 (PST) (envelope-from erik@microcontroller.nl) Received: (qmail 83908 invoked by uid 89); 10 Feb 2004 09:36:25 -0000 Received: from unknown (HELO ?192.168.0.14?) (213.84.50.76) by ns1.mysmt.net with SMTP; 10 Feb 2004 09:36:25 -0000 From: "Erik @ Microcontroller.nl" To: freebsd-isp@freebsd.org Message-Id: <1076405784.32692.15.camel@tessa.mysmt.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 (1.4.5-7) Date: Tue, 10 Feb 2004 10:36:25 +0100 Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: pure ftp it is X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Feb 2004 09:36:27 -0000 Hi list, Thanks for the response, pure-ftp it is,. Last night I checked it out and I love it. easy to setup, etc. However, I still have a question; -are there any known problems with the .ftpquota files? is it possible to put them in a diffrent directory away from the users homes? or is it possible to put this data in mysql? now I have to disable the dotfiles from being viewed, and thereby restrict the upload of other dot files like .htaccess. Since I'm switching now from system quota's to virtual quota's it is easy to write a script which writes the initial quota file for existing users, or is there such script available? can I have it? ;-) Thanks, -Erik. From owner-freebsd-isp@FreeBSD.ORG Wed Feb 11 10:27:18 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BE4A016A4CE for ; Wed, 11 Feb 2004 10:27:18 -0800 (PST) Received: from psknet.com (kennedy.psknet.com [63.171.251.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id A059843D1D for ; Wed, 11 Feb 2004 10:27:18 -0800 (PST) (envelope-from troy@psknet.com) Received: from dilbert.psknet.com ([63.171.251.35] helo=dilbert) by psknet.com with esmtp (Exim 4.20) id 1Aqz4q-000P9X-JG; Wed, 11 Feb 2004 13:27:12 -0500 From: "Troy Settle" To: "'Erik @ Microcontroller.nl'" , Date: Wed, 11 Feb 2004 13:27:12 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: <1076405784.32692.15.camel@tessa.mysmt.net> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcPvu8BCVf0isodqSS2zjwTFpEgBdQBENKKQ Message-Id: Subject: RE: pure ftp it is X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2004 18:27:18 -0000 Thanks to whomever posted about pure-ftpd. I looked at it's web page for about 2 minutes, updated ports, and installed it. 15 minutes later, I had the final piece to my toaster (user mail/web/ftp for about 4500 users). I don't have an answer about the .ftpquota file, but you can do this in pure-ftpd.conf though: DisplayDotFiles no ProhibitDotFilesWrite yes ProhibitDotFilesRead yes This works perfectly for me, as these are virtual users and have no dot files other than the ftpquota to worry about. -- Troy Settle Pulaski Networks http://www.psknet.com 540.994.4254 ~ 866.477.5638 > -----Original Message----- > From: owner-freebsd-isp@freebsd.org > [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Erik @ > Microcontroller.nl > Sent: Tuesday, February 10, 2004 4:36 AM > To: freebsd-isp@freebsd.org > Subject: pure ftp it is > > Hi list, > > Thanks for the response, pure-ftp it is,. > Last night I checked it out and I love it. easy to setup, etc. > > However, I still have a question; > -are there any known problems with the .ftpquota files? is it possible > to put them in a diffrent directory > away from the users homes? or is it possible to put this data > in mysql? > now I have to disable the dotfiles from being viewed, and thereby > restrict the upload of other dot files like .htaccess. > > Since I'm switching now from system quota's to virtual quota's it is > easy to write a script which writes the initial > quota file for existing users, or is there such script > available? can I > have it? ;-) > > Thanks, > > -Erik. > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Wed Feb 11 11:21:51 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D25416A4CE for ; Wed, 11 Feb 2004 11:21:51 -0800 (PST) Received: from ip.cfi.co.ug (unknown [212.88.96.90]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1698B43D1D for ; Wed, 11 Feb 2004 11:21:37 -0800 (PST) (envelope-from kabagak@ksemat.co.ug) Received: from [127.0.0.1] (helo=mail4.cfi.co.ug) by ip.cfi.co.ug with smtp (Exim 4.20) id 1Aqzrn-00011j-FD for freebsd-isp@freebsd.org; Wed, 11 Feb 2004 22:17:47 +0300 Received: from 192.168.1.241 (SquirrelMail authenticated user kabagak@ksemat.co.ug) by mail4.cfi.co.ug with HTTP; Wed, 11 Feb 2004 22:17:47 +0300 (EAT) Message-ID: <1600.192.168.1.241.1076527067.squirrel@mail4.cfi.co.ug> Date: Wed, 11 Feb 2004 22:17:47 +0300 (EAT) From: kabagak@ksemat.co.ug To: freebsd-isp@freebsd.org User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Spam-Score: 1.0 (+) X-Scanner: exiscan for exim4 (http://duncanthrax.net/exiscan/) *1Aqzrn-00011j-FD*4lvd.DDYi4I* Subject: [Fwd: make buildworld errors] X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Feb 2004 19:21:51 -0000 ---------------------------- Original Message ---------------------------- Subject: make buildworld errors From: kabagak@ksemat.co.ug Date: Wed, February 11, 2004 9:48 pm To: kenneth@cfi.co.ug -------------------------------------------------------------------------- hi.i am making the world from 4.8 to 4.9-STABLE and get these errors even after cvsuping to the most current sources In file included from /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libF77/s_paus.c:5: /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libF77/signal1.h:3: unterminated character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libF77/setsig.c:49: unterminated string or character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libF77/setsig.c:49: possible real start of unterminated constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libI77/backspace.c:17: unterminated character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libI77/backspace.c:23: unterminated character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libI77/backspace.c:27: unterminated character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libI77/close.c:10: unterminated string or character constant /export/usr/src/gnu/lib/libg2c/../../../contrib/libf2c/libI77/close.c:1: possible real start of unterminated constant VersionI.c:64: unterminated character constant VersionI.c:67: unterminated character constant VersionI.c:101: unterminated character constant VersionI.c:112: unterminated character constant VersionI.c:113: unterminated character constant VersionI.c:115: unterminated character constant VersionI.c:122: unterminated character constant VersionI.c:272: unterminated character constant mkdep: compile failed *** Error code 1 Stop in /export/usr/src/gnu/lib/libg2c. *** Error code 1 Stop in /export/usr/src/gnu/lib. *** Error code 1 Stop in /export/usr/src. *** Error code 1 Stop in /export/usr/src. *** Error code 1 Stop in /export/usr/src. *** Error code 1 Stop in /export/usr/src. What could be the problem. My sources are from cvsup6.freebsd.org From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 06:45:33 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E78216A4CE for ; Thu, 12 Feb 2004 06:45:33 -0800 (PST) Received: from p3.saignon.net (66-146-166-52.skyriver.net [66.146.166.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id B3D3C43D2F for ; Thu, 12 Feb 2004 06:45:32 -0800 (PST) (envelope-from tony@saign.com) Received: (qmail 39256 invoked by uid 1003); 12 Feb 2004 14:44:41 -0000 Received: from tony@saign.com by p3.saignon.net by uid 89 with qmail-scanner-1.20 Clear:RC:0(66.146.166.53):SA:0(0.0/5.0):. Processed in 2.683625 secs); 12 Feb 2004 14:44:41 -0000 X-Spam-Status: No, hits=0.0 required=5.0 Received: from unknown (HELO frankenmobl) (tony@saign.com@66.146.166.53) by 66-146-166-52.skyriver.net with SMTP; 12 Feb 2004 14:44:38 -0000 From: "Tony Saign" To: "'Aaron D. Gifford'" Date: Thu, 12 Feb 2004 06:45:26 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.5510 Thread-Index: AcPxbMdc2W4B+eS/R/u3tiuXfrF9TwACMBXQ X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20040212105656.30C99620E@eq.net> X-Qmail-Scanner-Message-ID: <107659707865239244@p3.saignon.net> Message-Id: <20040212144532.B3D3C43D2F@mx1.FreeBSD.org> cc: isp@freebsd.org Subject: RE: 5.2 Bridging issue X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 14:45:33 -0000 I have a similar setup, and it works just fine. My config; fxp0 = internet fxp1 = LAN ath0 = WLAN bridged to fxp1 fxp0 = 66.146.x.x fxp1 = 172.17.1.1 ath0 = zip, no ip address assigned %ifconfig ath0 ath0: flags=8943 mtu 1500 ether 00:0b:cd:59:00:33 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g status: associated ssid BSDg 1:BSDg channel 1 authmode OPEN powersavemode OFF powersavesleep 100 wepmode MIXED weptxkey 1 wepkey 1:104-bit My /etc/rc.conf defaultrouter="66.146.x.x" gateway_enable="YES" ifconfig_fxp0="inet 66.146.x.x netmask 255.255.255.0" ifconfig_fxp1="inet 172.17.1.1 netmask 255.255.255.0" ifconfig_ath0="inet up ssid BSDg mediaopt hostap" sysctl net.link.ether.bridge.enable=1 sysctl net.link.ether.bridge.config="ath0 fxp1" sysctl net.link.ether.bridge.ipfw=1 Kernel config includes DUMMYNET, and IPFW IPFW handles NAT on my box. I have a script in rc.d that runs to set band .a/b/g and WEP key My system is 5.2-CURRENT, and also acts as a DNS/DHCP server. -Tony -----Original Message----- From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] On Behalf Of Aaron D. Gifford Sent: Thursday, February 12, 2004 2:57 AM To: "FreeBSD List"@FreeBSD.ORG Subject: 5.2 Bridging issue PROBLEM SUMMARY: ---------------- I've got a bridge(4) issue on a BSD 5.2.1 box. The bridging box has three ethernet interfaces, two bridged together in a single cluster, and one connected to the internet. The box acts as a bridge for the two network segments, and as a router to the Internet (it's the default gateway). The problem is, only one of the bridged segments can communicate with the BSD box directly (and thus the Internet), even though the two segments can talk to each other just fine. NETWORK SET-UP: --------------- First, let me clue you in on my network set-up: FreeBSD 5.2 Box with 3 ethernet interfaces, em0, rl0, and rl1: [FreeBSD Box] | | | rl0 rl1 em0 | | | | | +---To-Internal-Network-Segment-#1... | | | +---To-Internal-Network-Segment-#2.. | +---Internet... Interfaces rl1 and em0 are bridged: net.link.ether.bridge.config=em0:1,rl1:1 Since they ARE bridged and so are "on the same subnet", only em0 has an IP address: ifconfig em0 inet 10.10.10.1/16 I don't see how or why one would need or could assign an IP on the same subnet to the other interface, rl1, unless it was handled like many alias addresses, as a /32 host address. Interface rl0 is the link to the Internet. Bridging for the most part seems to be working. Hosts on segment #1 (via em0) are visible to hosts on segment #2 (connected via rl1). They can ping each other, get ARP address resolution, and pass IP traffic. All hosts use 10.10.10.1 as their default gateway to the Internet. Hosts on segment #1 can reach the Internet just fine. PROBLEM DETAILS: ---------------- Hosts on segment #2 cannot seem to be able to communicate with the bridinging/routing FreeBSD box's own IP addresses, and since it is the default gateway, in turn they cannot reach the Internet. No layer 2 traffic (ARP) reaches the FreeBSD box directly (the ARP table shows "incomplete" for all segment #2 addresses, even though ARP packets DO reach segment #1 just fine, passing transparently through the FreeBSD box. The BSD box just can't see stuff addressed directly to it. This is NOT a firewalling or NAT issue. This is exclusively a bridging issue. Firewalling/NAT occurse elsewhere. So since I'm a FreeBSD bridge(4) newbie, after scouring the man page, reading the Handbook's information, searching various mailing list archives, I can't find anything useful that tells me if bridge's bdg_forward() knows how to handle traffic like this. Apparently it doesn't. So bridging is just fine if you want your BSD box hidden, transparent, invisible. But if you want it visible so it can act as a default gateway to all segments of a subnet that are bridged together, HOW DOES ONE DO IT? I can't ifconfig the rl1 interface with an IP on the same subnet unless it's a /32, and that accomplishes nothing (the IP packets are addressed to the IP address assigned to em0). Bridging SHOULD just bridge, so traffic to the BSD box's em0 IP should come in on rl1 and be processed by the host. Somehow the bridging code knows the MAC addresses on the segment #2 side of things (rl1), since it passes traffic between the two segments just fine. But the kernel's ARP table is totally ignorant. It can't find those hosts. REQUEST FOR HELP: ----------------- Thanks in advance for all help, pointers, etc. If there's not a way to do this, then this sounds like an issue that should be added to the BUGS section of the bridge(4) man page. Aaron out. _______________________________________________ freebsd-ipfw@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 08:59:49 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BAD516A4CE for ; Thu, 12 Feb 2004 08:59:49 -0800 (PST) Received: from ganymede.hub.org (u46n208.hfx.eastlink.ca [24.222.46.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0AC8243D1F for ; Thu, 12 Feb 2004 08:59:49 -0800 (PST) (envelope-from scrappy@hub.org) Received: by ganymede.hub.org (Postfix, from userid 1000) id 4195C39DD9; Thu, 12 Feb 2004 12:55:26 -0400 (AST) Received: from localhost (localhost [127.0.0.1]) by ganymede.hub.org (Postfix) with ESMTP id 3496739DD2 for ; Thu, 12 Feb 2004 12:55:26 -0400 (AST) Date: Thu, 12 Feb 2004 12:55:26 -0400 (AST) From: "Marc G. Fournier" To: freebsd-isp@freebsd.org Message-ID: <20040212125320.U40659@ganymede.hub.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 16:59:49 -0000 a) is this possible at all? last I checked, I swear that you couldn't have multi-SSL certs loaded up per IP, but not sure if that is a limit in the certs themselves, or Apache? b) does anyone out there offer a wildcard cert that would allow this? from what I'm finding, they allow *., but not just * ... or maybe some way of sign'ng the cert for the specific IP? Help? Thanks ... ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664 From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 09:12:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 31BCC16A4CE for ; Thu, 12 Feb 2004 09:12:10 -0800 (PST) Received: from mx2.dobleJ.net (243.Red-213-97-10.pooles.rima-tde.net [213.97.10.243]) by mx1.FreeBSD.org (Postfix) with ESMTP id C258C43D1F for ; Thu, 12 Feb 2004 09:12:08 -0800 (PST) (envelope-from juanjo.listas@dobleJ.net) X-Server: Reenviado vía mx2.dobleJ.net From: Juan Jose Sanchez Mesa To: "Marc G. Fournier" , X-Mailer: PocoMail 3.03 (1740) - Licensed Version Date: Thu, 12 Feb 2004 18:11:57 +0100 Message-ID: <2004212181157.302775@juanjo> In-Reply-To: <20040212125320.U40659@ganymede.hub.org> Mime-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 17:12:10 -0000 (sorry for my bad english) > a) is this possible at all? last I checked, I swear that you couldn't > have multi-SSL certs loaded up per IP, but not sure if that is a limit in > the certs themselves, or Apache? Is not possible, because the SSL negotiation is done before any header is= sent from browser to Apache. Apache can't know what virtual server is the= browser accesing to use the correct cert. Then, the selection is done using= the IP in which the browser is connecting. You must have one SSL cert per IP. > > b) does anyone out there offer a wildcard cert that would allow this? > from what I'm finding, they allow *., but not just * ... or maybe > some way of sign'ng the cert for the specific IP? Wildcard certs are valid to subdomains only, not for domains. Best regards. From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 09:15:02 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 504B216A4CE for ; Thu, 12 Feb 2004 09:15:02 -0800 (PST) Received: from pegmatite.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 364D143D1F for ; Thu, 12 Feb 2004 09:15:02 -0800 (PST) (envelope-from damian@sentex.net) Received: by pegmatite.sentex.ca (Postfix, from userid 1001) id EA4D5171D5; Thu, 12 Feb 2004 12:14:57 -0500 (EST) Date: Thu, 12 Feb 2004 12:14:57 -0500 From: Damian Gerow To: freebsd-isp@freebsd.org Message-ID: <20040212171457.GF56315@sentex.net> Mail-Followup-To: freebsd-isp@freebsd.org References: <20040212125320.U40659@ganymede.hub.org> <2004212181157.302775@juanjo> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <2004212181157.302775@juanjo> X-GPG-Key-Id: 0xB841F142 X-GPG-Fingerprint: C7C1 E1D1 EC06 7C86 AF7C 57E6 173D 9CF6 B841 F142 X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . User-Agent: Mutt/1.5.4i Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 17:15:02 -0000 Thus spake Juan Jose Sanchez Mesa (juanjo.listas@dobleJ.net) [12/02/04 12:12]: > > a) is this possible at all? last I checked, I swear that you couldn't > > have multi-SSL certs loaded up per IP, but not sure if that is a limit in > > the certs themselves, or Apache? > > Is not possible, because the SSL negotiation is done before any header is > sent from browser to Apache. Apache can't know what virtual server is the > browser accesing to use the correct cert. Then, the selection is done using > the IP in which the browser is connecting. IIRC, someone pointed out a working group that was establishing a standard to allow for multiple SSL sites on one IP address. However, I cannot find the link or any reference to the post, nor remember where I saw it. From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 09:19:38 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F57516A4CE for ; Thu, 12 Feb 2004 09:19:38 -0800 (PST) Received: from kukulcan.presidencia.gob.mx (unknown [200.57.40.53]) by mx1.FreeBSD.org (Postfix) with ESMTP id D8C6843D2F for ; Thu, 12 Feb 2004 09:19:37 -0800 (PST) (envelope-from nbari@unixmexico.com) Received: (qmail 99815 invoked by uid 85); 12 Feb 2004 17:17:29 -0000 Received: from nbari@unixmexico.com by kukulcan.presidencia.gob.mx by uid 82 with qmail-scanner-1.16 (hbedv: 6.23.0.3/6.23.0.62. Clear:. Processed in 0.571338 secs); 12 Feb 2004 17:17:29 -0000 Received: from localhost.presidencia.gob.mx (HELO [200.23.123.104]) (nbari@sip.gob.mx@[127.0.0.1]) (envelope-sender ) by kukulcan.presidencia.gob.mx (qmail-ldap-1.03) with SMTP for ; 12 Feb 2004 17:17:28 -0000 From: "Nicolas de Bari Embriz G. R." To: Juan Jose Sanchez Mesa In-Reply-To: <2004212181157.302775@juanjo> References: <2004212181157.302775@juanjo> Content-Type: text/plain Organization: UNIXMEXICO Message-Id: <1076606373.1625.2.camel@p4.unixmexico.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Date: Thu, 12 Feb 2004 11:19:33 -0600 Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 17:19:38 -0000 A solution could be to use a different PORT per virtualhost domain1:4430 domaim2:4431 domain3:4432 .... On Thu, 2004-02-12 at 11:11, Juan Jose Sanchez Mesa wrote: > (sorry for my bad english) > > > a) is this possible at all? last I checked, I swear that you couldn't > > have multi-SSL certs loaded up per IP, but not sure if that is a limit in > > the certs themselves, or Apache? > > Is not possible, because the SSL negotiation is done before any header is sent from browser to Apache. Apache can't know what virtual server is the browser accesing to use the correct cert. Then, the selection is done using the IP in which the browser is connecting. > > You must have one SSL cert per IP. > > > > > b) does anyone out there offer a wildcard cert that would allow this? > > from what I'm finding, they allow *., but not just * ... or maybe > > some way of sign'ng the cert for the specific IP? > > Wildcard certs are valid to subdomains only, not for domains. > > Best regards. > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 09:43:16 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A8DD016A4CE for ; Thu, 12 Feb 2004 09:43:16 -0800 (PST) Received: from ganymede.hub.org (u46n208.hfx.eastlink.ca [24.222.46.208]) by mx1.FreeBSD.org (Postfix) with ESMTP id 878B743D1F for ; Thu, 12 Feb 2004 09:43:16 -0800 (PST) (envelope-from scrappy@hub.org) Received: by ganymede.hub.org (Postfix, from userid 1000) id 289123A1A4; Thu, 12 Feb 2004 13:38:54 -0400 (AST) Received: from localhost (localhost [127.0.0.1]) by ganymede.hub.org (Postfix) with ESMTP id 25BC3399C6; Thu, 12 Feb 2004 13:38:54 -0400 (AST) Date: Thu, 12 Feb 2004 13:38:54 -0400 (AST) From: "Marc G. Fournier" To: "Nicolas de Bari Embriz G. R." In-Reply-To: <1076606373.1625.2.camel@p4.unixmexico.net> Message-ID: <20040212133729.O96890@ganymede.hub.org> References: <2004212181157.302775@juanjo> <1076606373.1625.2.camel@p4.unixmexico.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org cc: Juan Jose Sanchez Mesa Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 17:43:16 -0000 On Thu, 12 Feb 2004, Nicolas de Bari Embriz G. R. wrote: > A solution could be to use a different PORT per virtualhost > > domain1:4430 > domaim2:4431 > domain3:4432 I thought about that ... but there would be no way of doing that transparently, would there? I thought about through the use of the Proxy stuff, so you'd have https://domain Proxy for https://domain:4430 ... but I don't think that that would flow through, would it? ---- Marc G. Fournier Hub.Org Networking Services (http://www.hub.org) Email: scrappy@hub.org Yahoo!: yscrappy ICQ: 7615664 From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 10:03:05 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AEAF316A4CE for ; Thu, 12 Feb 2004 10:03:05 -0800 (PST) Received: from omoikane.mb.skyweb.ca (64-42-246-34.mb.skyweb.ca [64.42.246.34]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A5C643D1F for ; Thu, 12 Feb 2004 10:03:05 -0800 (PST) (envelope-from mark@skyweb.ca) Received: by omoikane.mb.skyweb.ca (Postfix, from userid 1001) id 83B0162B09; Thu, 12 Feb 2004 12:03:25 -0600 (CST) Date: Thu, 12 Feb 2004 12:03:25 -0600 From: Mark Johnston To: "Marc G. Fournier" Message-ID: <20040212180325.GD1278@omoikane.mb.skyweb.ca> Mail-Followup-To: "Marc G. Fournier" , freebsd-isp@freebsd.org References: <2004212181157.302775@juanjo> <1076606373.1625.2.camel@p4.unixmexico.net> <20040212133729.O96890@ganymede.hub.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20040212133729.O96890@ganymede.hub.org> User-Agent: Mutt/1.4.1i cc: freebsd-isp@freebsd.org Subject: Re: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 18:03:05 -0000 "Marc G. Fournier" wrote: > On Thu, 12 Feb 2004, Nicolas de Bari Embriz G. R. wrote: > > > A solution could be to use a different PORT per virtualhost > > > > domain1:4430 > > domaim2:4431 > > domain3:4432 > > I thought about that ... but there would be no way of doing that > transparently, would there? I thought about through the use of the Proxy > stuff, so you'd have https://domain Proxy for https://domain:4430 ... but > I don't think that that would flow through, would it? What about a redirect? You could run name-based virtual hosting for all of your domains as http://domain, and have it redirect (rewrite, whatever you prefer) to https://domain:4430/requestedpath/etc. As long as the site uses all relative links, that should work OK - absolute links would knock the user in and out of SSL mode and screw up form submission. Mark From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 10:10:31 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 923E316A4CE for ; Thu, 12 Feb 2004 10:10:31 -0800 (PST) Received: from spintime.org (mail.spintime.org [207.206.44.110]) by mx1.FreeBSD.org (Postfix) with SMTP id 3468B43D1F for ; Thu, 12 Feb 2004 10:10:31 -0800 (PST) (envelope-from cody@wilkshire.net) Received: (qmail 83252 invoked by uid 0); 12 Feb 2004 18:10:07 -0000 Received: from cody@wilkshire.net by spintime.org by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. Clear:. Processed in 1.927103 secs); 12 Feb 2004 18:10:07 -0000 X-Qmail-Scanner-Mail-From: cody@wilkshire.net via spintime.org X-Qmail-Scanner: 1.16 (Clear:. Processed in 1.927103 secs) Received: from unknown (HELO MISCHIEVOUS) (spinnah@spintime.org@198.30.217.3) by mail.spintime.org with SMTP; 12 Feb 2004 18:10:05 -0000 Message-ID: <000a01c3f193$7f36a500$011aa8c0@MISCHIEVOUS> From: "Cody Baker" To: References: <20040212144532.B3D3C43D2F@mx1.FreeBSD.org> Date: Thu, 12 Feb 2004 13:09:46 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Re: 5.2 Bridging issue X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 18:10:31 -0000 I am having this same issue, 5.2 RELESE. ----- Original Message ----- From: "Tony Saign" To: "'Aaron D. Gifford'" Cc: Sent: Thursday, February 12, 2004 9:45 AM Subject: RE: 5.2 Bridging issue > I have a similar setup, and it works just fine. > > My config; > > fxp0 = internet > fxp1 = LAN > ath0 = WLAN bridged to fxp1 > > fxp0 = 66.146.x.x > fxp1 = 172.17.1.1 > ath0 = zip, no ip address assigned > %ifconfig ath0 > ath0: flags=8943 mtu 1500 > ether 00:0b:cd:59:00:33 > media: IEEE 802.11 Wireless Ethernet autoselect mode 11g > status: associated > ssid BSDg 1:BSDg > channel 1 authmode OPEN powersavemode OFF powersavesleep 100 > wepmode MIXED weptxkey 1 > wepkey 1:104-bit > > My /etc/rc.conf > defaultrouter="66.146.x.x" > gateway_enable="YES" > ifconfig_fxp0="inet 66.146.x.x netmask 255.255.255.0" > ifconfig_fxp1="inet 172.17.1.1 netmask 255.255.255.0" > ifconfig_ath0="inet up ssid BSDg mediaopt hostap" > sysctl net.link.ether.bridge.enable=1 > sysctl net.link.ether.bridge.config="ath0 fxp1" > sysctl net.link.ether.bridge.ipfw=1 > > Kernel config includes DUMMYNET, and IPFW > IPFW handles NAT on my box. > I have a script in rc.d that runs to set band .a/b/g and WEP key > My system is 5.2-CURRENT, and also acts as a DNS/DHCP server. > > -Tony > > > -----Original Message----- > From: owner-freebsd-ipfw@freebsd.org [mailto:owner-freebsd-ipfw@freebsd.org] > On Behalf Of Aaron D. Gifford > Sent: Thursday, February 12, 2004 2:57 AM > To: "FreeBSD List"@FreeBSD.ORG > Subject: 5.2 Bridging issue > > PROBLEM SUMMARY: > ---------------- > > I've got a bridge(4) issue on a BSD 5.2.1 box. The bridging box has three > ethernet interfaces, two bridged together in a single cluster, and one > connected to the internet. The box acts as a bridge for the two network > segments, and as a router to the Internet (it's the default gateway). The > problem is, only one of the bridged segments can communicate with the BSD > box directly (and thus the Internet), even though the two segments can talk > to each other just fine. > > > NETWORK SET-UP: > --------------- > > First, let me clue you in on my network set-up: > > FreeBSD 5.2 Box with 3 ethernet interfaces, em0, rl0, and rl1: > > [FreeBSD Box] > | | | > rl0 rl1 em0 > | | | > | | +---To-Internal-Network-Segment-#1... > | | > | +---To-Internal-Network-Segment-#2.. > | > +---Internet... > > Interfaces rl1 and em0 are bridged: > > net.link.ether.bridge.config=em0:1,rl1:1 > > Since they ARE bridged and so are "on the same subnet", only em0 has > an IP address: > > ifconfig em0 inet 10.10.10.1/16 > > I don't see how or why one would need or could assign an IP on the > same subnet to the other interface, rl1, unless it was handled like > many alias addresses, as a /32 host address. > > Interface rl0 is the link to the Internet. > > Bridging for the most part seems to be working. Hosts on segment #1 > (via em0) are visible to hosts on segment #2 (connected via rl1). They > can ping each other, get ARP address resolution, and pass IP traffic. > > All hosts use 10.10.10.1 as their default gateway to the Internet. > > Hosts on segment #1 can reach the Internet just fine. > > > PROBLEM DETAILS: > ---------------- > > Hosts on segment #2 cannot seem to be able to communicate with the > bridinging/routing FreeBSD box's own IP addresses, and since it is the > default gateway, in turn they cannot reach the Internet. No layer 2 > traffic (ARP) reaches the FreeBSD box directly (the ARP table shows > "incomplete" for all segment #2 addresses, even though ARP packets > DO reach segment #1 just fine, passing transparently through the > FreeBSD box. The BSD box just can't see stuff addressed directly to it. > > This is NOT a firewalling or NAT issue. This is exclusively a bridging > issue. Firewalling/NAT occurse elsewhere. > > So since I'm a FreeBSD bridge(4) newbie, after scouring the man page, > reading the Handbook's information, searching various mailing list archives, > I can't find anything useful that tells me if bridge's bdg_forward() knows > how to handle traffic like this. Apparently it doesn't. > > So bridging is just fine if you want your BSD box hidden, transparent, > invisible. But if you want it visible so it can act as a default gateway > to all segments of a subnet that are bridged together, HOW DOES ONE DO IT? > > I can't ifconfig the rl1 interface with an IP on the same subnet unless it's > a /32, and that accomplishes nothing (the IP packets are addressed to the > IP address assigned to em0). Bridging SHOULD just bridge, so traffic to > the BSD box's em0 IP should come in on rl1 and be processed by the host. > > Somehow the bridging code knows the MAC addresses on the segment #2 side of > things (rl1), since it passes traffic between the two segments just fine. > But the kernel's ARP table is totally ignorant. It can't find those hosts. > > > REQUEST FOR HELP: > ----------------- > > Thanks in advance for all help, pointers, etc. If there's not a way to do > this, then this sounds like an issue that should be added to the BUGS > section > of the bridge(4) man page. > > Aaron out. > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 14:28:45 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 05EB116A4CF for ; Thu, 12 Feb 2004 14:28:45 -0800 (PST) Received: from mail.transactionware.com (mail.transactionware.com [203.14.245.7]) by mx1.FreeBSD.org (Postfix) with SMTP id 2BA2843D31 for ; Thu, 12 Feb 2004 14:28:44 -0800 (PST) (envelope-from janm@transactionware.com) Received: (qmail 37648 invoked from network); 12 Feb 2004 22:29:03 -0000 Received: from new.transactionware.com (192.168.1.55) by dm.transactionware.com with SMTP; 12 Feb 2004 22:29:03 -0000 Received: (qmail 62853 invoked by uid 1006); 12 Feb 2004 22:29:03 -0000 Received: from janm@transactionware.com by new.transactionware.com Clear:0. Processed in 0.488067 secs); 12 Feb 2004 22:29:03 -0000 Received: from unknown (HELO mosm1) (192.168.2.2) by new.transactionware.com with SMTP; 12 Feb 2004 22:29:02 -0000 From: "Jan Mikkelsen" To: "'Damian Gerow'" , Date: Fri, 13 Feb 2004 09:26:31 +1100 Organization: Transactionware Message-ID: <000701c3f1b7$441dd1e0$0202a8c0@mosm1> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 In-Reply-To: <20040212171457.GF56315@sentex.net> Importance: Normal Subject: RE: Multiple SSL Domains on one IP ... X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 22:28:45 -0000 Hi, > IIRC, someone pointed out a working group that was > establishing a standard > to allow for multiple SSL sites on one IP address. However, > I cannot find > the link or any reference to the post, nor remember where I saw it. It's now RFC 3546 (TLS Extensions), where virtual hosting is one of the extensions. I know Microsoft, Akamai and Intel have asked implementation related questions. For now, you need a separate address/port combination for each certificate you want to use with https. As RFC 3546 is deployed, that will change. Regards, Jan Mikkelsen janm@transactionware.com From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 14:47:19 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6EBD416A4CE for ; Thu, 12 Feb 2004 14:47:19 -0800 (PST) Received: from aries.ai.net (aries.ai.net [205.134.163.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id F3F6043D1F for ; Thu, 12 Feb 2004 14:47:18 -0800 (PST) (envelope-from deepak@ai.net) Received: from ai.net (joejob@dpvc-141-156-111-75.res.east.verizon.net [141.156.111.75]) by aries.ai.net (8.9.3/8.9.3) with ESMTP id RAA26018; Thu, 12 Feb 2004 17:46:36 -0500 (EST) (envelope-from deepak@ai.net) Message-ID: <402C024D.8070102@ai.net> Date: Thu, 12 Feb 2004 17:46:37 -0500 From: Deepak Jain User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6) Gecko/20040113 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Artyom Viklenko References: <200312181951.hBIJpTjS031140@smtp.doruk.net.tr> <3FE29B9E.2080807@mipk.kharkiv.edu> In-Reply-To: <3FE29B9E.2080807@mipk.kharkiv.edu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org cc: Vahric MUHTARYAN Subject: Re: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 22:47:19 -0000 Seconded. We have a few hundred Dual SMP PIII and Dual Xeon (2.4Ghz w/ HT) machines running 4.9 without any hiccups whatsoever. Deepak Jain AiNET Artyom Viklenko wrote: > Vahric MUHTARYAN wrote: > >> Hi Everybody , >> I wonder Does anybody use SMP Support without Problem . Because SMP >> is very important things ... > > > 4.9-RELEASE-p1 on dual PIII-933 Intel STL2-based system. > Very-very stable. No problems at all. > > From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 15:20:18 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F40F116A4CE for ; Thu, 12 Feb 2004 15:20:17 -0800 (PST) Received: from enterprise.sd73.bc.ca (romulus-net.sd73.bc.ca [142.24.13.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id B753343D1D for ; Thu, 12 Feb 2004 15:20:17 -0800 (PST) (envelope-from fcash-ml@sd73.bc.ca) Received: from 192.168.0.200 (romulus-net.sd73.bc.ca [142.24.13.134]) i1CNCS7O008884 for ; Thu, 12 Feb 2004 15:12:28 -0800 From: Freddie Cash Organization: School District 73 To: freebsd-isp@freebsd.org Date: Thu, 12 Feb 2004 15:19:57 -0800 User-Agent: KMail/1.6 References: <200312181951.hBIJpTjS031140@smtp.doruk.net.tr> <3FE29B9E.2080807@mipk.kharkiv.edu> <402C024D.8070102@ai.net> In-Reply-To: <402C024D.8070102@ai.net> MIME-Version: 1.0 Content-Disposition: inline Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <200402121519.57170.fcash-ml@sd73.bc.ca> X-RAVMilter-Version: 8.4.1(snapshot 20020919) (enterprise.sd73.bc.ca) Subject: Re: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: fcash-ml@sd73.bc.ca List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 23:20:18 -0000 > > Vahric MUHTARYAN wrote: > >> I wonder Does anybody use SMP Support without Problem . > >> Because SMP is very important things ... Running a couple dual-AthlonMP systems with FreeBSD 5.2, a couple dual-P-!!! systems with FreeBSD 5.1 and 4.9. No problems so far. -- Freddie Cash fcash-ml@sd73.bc.ca From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 15:30:55 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 541B616A4CE for ; Thu, 12 Feb 2004 15:30:55 -0800 (PST) Received: from sweet.drea.ms (sweet.drea.ms [80.69.67.145]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2482143D1F for ; Thu, 12 Feb 2004 15:30:55 -0800 (PST) (envelope-from freebsd@walter.transip.nl) Received: from commit.confirmed.nl (commit.confirmed.nl [80.69.67.137]) by sweet.drea.ms (Postfix) with ESMTP id D2846A93D for ; Fri, 13 Feb 2004 00:30:50 +0100 (CET) Date: Fri, 13 Feb 2004 00:31:25 +0100 From: Walter Hop X-Mailer: The Bat! (v2.02.3 CE) Business X-Priority: 3 (Normal) Message-ID: <1763088183.20040213003125@commit.confirmed.nl> To: freebsd-isp@freebsd.org In-Reply-To: <402C024D.8070102@ai.net> References: <200312181951.hBIJpTjS031140@smtp.doruk.net.tr> <3FE29B9E.2080807@mipk.kharkiv.edu> <402C024D.8070102@ai.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re[2]: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 23:30:55 -0000 [in reply to deepak@ai.net, 12-2-2004] > Seconded. We have a few hundred Dual SMP PIII and Dual Xeon (2.4Ghz w/ > HT) machines running 4.9 without any hiccups whatsoever. We have some dual Xeons and a dual P3/866, running FreeBSD 4.8 and also 5.2-RELEASE with no stability problems. These are mainly webservers running Apache 1 and either MySQL or PostgreSQL. We have seen some panics and lockups on earlier versions on 4.x where ping would respond but no userspace process would run, but that does not seem to happen much anymore today. (knock on wood :)) From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 15:52:57 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F4C516A4CE for ; Thu, 12 Feb 2004 15:52:57 -0800 (PST) Received: from SRV-07.radiobras.local (unknown [200.252.42.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9747443D1D for ; Thu, 12 Feb 2004 15:52:56 -0800 (PST) (envelope-from wendel@radiobras.gov.br) Received: from WENDEL (200-101-099-012.bsace7034.t.brasiltelecom.net.br [200.101.99.12]) by SRV-07.radiobras.local with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id 15KN4PQX; Thu, 12 Feb 2004 21:53:09 -0300 X-Mailer: Ultrafunk Popcorn release 1.58 (09-Dec-2003) X-URL: http://www.ultrafunk.com/products/popcorn/ X-Priority: 3 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=iso-8859-1 Date: Thu, 12 Feb 2004 21:52:29 -0300 From: Wendelmaques To: freebsd-isp@freebsd.org Organization: Radiobras S/A Message-Id: <20040212235256.9747443D1D@mx1.FreeBSD.org> Subject: Re: Re[2]: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2004 23:52:57 -0000 We have a MTA[1] running on FreeBSD 4.9 SMP Dual 800Mhz, delivering more over 10.000 messages per day. [1] Postfix + AMAVISd + SPAMd + ClamD The server are: ~ #uptime 9:44PM up 53 days, 12:19, 2 users, load averages: 0.48, 1.34, 0.97 ~ #uname -a FreeBSD srv-mta1.radiobras.gov.br 4.9-RELEASE FreeBSD 4.9-RELEASE #0: Thu Nov 27 01:49:27 BRST 2003 root@srv-mta1.radiobras.gov.br:/usr/src/sys/compile/hyperkernel i386 ~ #sysctl -a | grep cpu kern.ccpu: 1948 hw.ncpu: 2 machdep.cpu_idle_hlt: 1 machdep.smp_cpus: 2 machdep.hlt_cpus: 0 -- - wendel, Radiobrás S/A - http://www.radiobras.gov.br - Server administration, security & programming From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 22:26:12 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 76B3B16A4CE for ; Thu, 12 Feb 2004 22:26:12 -0800 (PST) Received: from p3.saignon.net (66-146-166-52.skyriver.net [66.146.166.52]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2FE8E43D1D for ; Thu, 12 Feb 2004 22:26:12 -0800 (PST) (envelope-from tony@saign.com) Received: (qmail 15370 invoked by uid 1003); 13 Feb 2004 06:25:19 -0000 Received: from tony@saign.com by p3.saignon.net by uid 89 with qmail-scanner-1.20 Clear:RC:0(66.146.166.53):SA:0(0.0/5.0):. Processed in 2.223165 secs); 13 Feb 2004 06:25:19 -0000 X-Spam-Status: No, hits=0.0 required=5.0 Received: from unknown (HELO frankenmobl) (tony@saign.com@66.146.166.53) by 66-146-166-52.skyriver.net with SMTP; 13 Feb 2004 06:25:16 -0000 From: "Tony Saign" To: "'Wendelmaques'" , Date: Thu, 12 Feb 2004 22:26:07 -0800 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Mailer: Microsoft Office Outlook, Build 11.0.5510 In-Reply-To: <20040212235256.9747443D1D@mx1.FreeBSD.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Thread-Index: AcPxw0jfREh2SxT0RhOHkI+1wFG2bAANjggQ X-Qmail-Scanner-Message-ID: <107665351765215359@p3.saignon.net> Message-Id: <20040213062612.2FE8E43D1D@mx1.FreeBSD.org> Subject: RE: Re[2]: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2004 06:26:12 -0000 Ditto... Have been running SMP w/o any issues on multiple servers for a few years now. Both 4.x-stable and recently 5.x-current, work well for me. Still using PIII hardware. Anyone else receiving double emails from this list? Since 9AM this morning been getting double emails from the list... -Tony -----Original Message----- From: owner-freebsd-isp@freebsd.org = [mailto:owner-freebsd-isp@freebsd.org] On Behalf Of Wendelmaques Sent: Thursday, February 12, 2004 4:52 PM To: freebsd-isp@freebsd.org Subject: Re: Re[2]: Anybody Use 2 or More CPU at Production Env. ( SMP ) We have a MTA[1] running on FreeBSD 4.9 SMP=20 Dual 800Mhz, delivering more over 10.000 messages per day. [1] Postfix + AMAVISd + SPAMd + ClamD The server are: ~ #uptime 9:44PM up 53 days, 12:19, 2 users, load averages: 0.48, 1.34, 0.97 ~ #uname -a FreeBSD srv-mta1.radiobras.gov.br 4.9-RELEASE FreeBSD 4.9-RELEASE #0: = Thu Nov 27 01:49:27 BRST 2003 root@srv-mta1.radiobras.gov.br:/usr/src/sys/compile/hyperkernel i386 ~ #sysctl -a | grep cpu kern.ccpu: 1948 hw.ncpu: 2 machdep.cpu_idle_hlt: 1 machdep.smp_cpus: 2 machdep.hlt_cpus: 0 -- - wendel, Radiobr=E1s S/A - http://www.radiobras.gov.br - Server administration, security & programming _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Thu Feb 12 23:30:53 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 72E7516A4CE for ; Thu, 12 Feb 2004 23:30:53 -0800 (PST) Received: from webmail.akwireless.net (webmail.akwireless.net [192.189.218.15]) by mx1.FreeBSD.org (Postfix) with SMTP id 1F30043D2F for ; Thu, 12 Feb 2004 23:30:53 -0800 (PST) (envelope-from dee@akwireless.net) Received: (qmail 23224 invoked by uid 1020); 13 Feb 2004 07:30:52 -0000 Received: from dee@akwireless.net by webmail by uid 1006 with qmail-scanner-1.20 (clamscan: 0.65. Clear:RC:1(127.0.0.1):. Processed in 0.023108 secs); 13 Feb 2004 07:30:52 -0000 X-Scanner-AKW-Mail-From: dee@akwireless.net via webmail X-Scanner-AKW: 1.20 (Clear:RC:1(127.0.0.1):. Processed in 0.023108 secs) Received: from unknown (HELO papa.wdm-lan) (127.0.0.1) by 0 with SMTP; 13 Feb 2004 07:30:52 -0000 From: "W.D.McKinney" To: freebsd-isp@freebsd.org In-Reply-To: <20040213062612.2FE8E43D1D@mx1.FreeBSD.org> References: <20040213062612.2FE8E43D1D@mx1.FreeBSD.org> Content-Type: text/plain Message-Id: <1076656973.9730.23.camel@papa.wdm.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.5 Rubber Turnip www.usr-local-bin.org Date: Thu, 12 Feb 2004 22:22:54 -0900 Content-Transfer-Encoding: 7bit Subject: RE: Re[2]: Anybody Use 2 or More CPU at Production Env. ( SMP ) X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2004 07:30:53 -0000 On Thu, 2004-02-12 at 21:26, Tony Saign wrote: > Ditto... > > Have been running SMP w/o any issues on multiple servers for a few years > now. > Both 4.x-stable and recently 5.x-current, work well for me. > Still using PIII hardware. > > Anyone else receiving double emails from this list? > Since 9AM this morning been getting double emails from the list... > > -Tony > Tony - Check your MUA filters. Dee From owner-freebsd-isp@FreeBSD.ORG Sat Feb 14 10:15:10 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0479C16A4CE for ; Sat, 14 Feb 2004 10:15:10 -0800 (PST) Received: from kosh.oneofum.net (mail.oneofum.net [66.11.163.245]) by mx1.FreeBSD.org (Postfix) with ESMTP id DCC5343D1D for ; Sat, 14 Feb 2004 10:15:09 -0800 (PST) (envelope-from gunkel@oneofum.net) Received: by kosh.oneofum.net (Postfix, from userid 2001) id 3DCA4DC8ED; Sat, 14 Feb 2004 13:12:53 -0500 (EST) Received: from kosh.oneofum.net (kosh.oneofum.net [66.11.163.245]) by kosh.oneofum.net (Postfix) with SMTP id C3727DC8AF for ; Sat, 14 Feb 2004 13:12:46 -0500 (EST) Received: from 68.100.34.209 (SquirrelMail authenticated user gunkel) by mail.oneofum.net with HTTP; Sat, 14 Feb 2004 13:12:46 -0500 (EST) Message-ID: <65007.68.100.34.209.1076782366.squirrel@mail.oneofum.net> In-Reply-To: <20040212171457.GF56315@sentex.net> References: <20040212125320.U40659@ganymede.hub.org><2004212181157.302775@juanjo> <20040212171457.GF56315@sentex.net> Date: Sat, 14 Feb 2004 13:12:46 -0500 (EST) From: "Alvin Gunkel" To: freebsd-isp@freebsd.org User-Agent: SquirrelMail/1.4.2 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 Importance: Normal X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on kosh.oneofum.net X-Spam-Status: No, hits=-79.8 required=5.0 tests=AWL,BAYES_00, PRIORITY_NO_NAME,RCVD_IN_SORBS,USER_IN_WHITELIST autolearn=no version=2.60 X-Spam-Level: Subject: Questions about 3Ware 7506 controller X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Feb 2004 18:15:10 -0000 I'm running 4.7 Release on a colocated system without access to bios/console. This system currently has a Highpoint RocketRaid 100 controller driving four WD 60gb (WD600JB, 8mb cache) drives in a raid 0+1 config. I had a drive fail and the controller kept the system up and functioning, but something has prevented rebuild from occurring, even in the bios util after replacing the failed drive. As this is a most inconvienent situation I'm considering replacing the raid controller with a 3Ware 7506-4LP controller so I have more control from the OS level. My two questions are: -What driver/firmware should I use? I have a 3Ware 6410 running in another 4.7 system and am able to use the 3DM utils out of ports to monitor it. I don't know if those utils support the 7506. 3Ware has a beta driver and command line utils for the 7506 and FreeBSD 4.8. Which way to go? -Raid 10 or 5? Compared to the 0+1 I have now, 10 would be a nice improvement as loss of the one drive effectively took out two of my drives. Raid 5 would give me an extra 60gb to use, but I don't have any idea what the performance differential would be. Any thoughts or comments would be appreciated. Thanks, Alvin From owner-freebsd-isp@FreeBSD.ORG Sat Feb 14 13:17:58 2004 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 63EF816A4CE for ; Sat, 14 Feb 2004 13:17:58 -0800 (PST) Received: from cobra.acceleratedweb.net (cobra-gw.acceleratedweb.net [207.99.79.37]) by mx1.FreeBSD.org (Postfix) with SMTP id 0A03F43D1F for ; Sat, 14 Feb 2004 13:17:58 -0800 (PST) (envelope-from simon@optinet.com) Received: (qmail 40183 invoked by uid 110); 14 Feb 2004 21:17:56 -0000 Received: from ool-18baaf5c.dyn.optonline.net (HELO win2kpc1) (24.186.175.92) by cobra.acceleratedweb.net with SMTP; 14 Feb 2004 21:17:56 -0000 From: "Simon" To: "Alvin Gunkel" , "freebsd-isp@freebsd.org" Date: Sat, 14 Feb 2004 16:17:43 -0500 Priority: Normal X-Mailer: PMMail 2000 Professional (2.20.2661) For Windows 2000 (5.0.2195;4) In-Reply-To: <65007.68.100.34.209.1076782366.squirrel@mail.oneofum.net> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Message-Id: <20040214211758.0A03F43D1F@mx1.FreeBSD.org> Subject: Re: Questions about 3Ware 7506 controller X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Feb 2004 21:17:58 -0000 On Sat, 14 Feb 2004 13:12:46 -0500 (EST), Alvin Gunkel wrote: >I'm running 4.7 Release on a colocated system without access to >bios/console. This system currently has a Highpoint RocketRaid 100 >controller driving four WD 60gb (WD600JB, 8mb cache) drives in a raid 0+1 >config. I had a drive fail and the controller kept the system up and >functioning, but something has prevented rebuild from occurring, even in >the bios util after replacing the failed drive. As this is a most >inconvienent situation I'm considering replacing the raid controller with >a 3Ware 7506-4LP controller so I have more control from the OS level. Did you issue rebuild? did you do it right? it won't know what to do on its own. This is where SAF-TE SCA backplane comes in handy, but is only available for SCSI, afaik. >My two questions are: > >-What driver/firmware should I use? I have a 3Ware 6410 running in >another 4.7 system and am able to use the 3DM utils out of ports to >monitor it. I don't know if those utils support the 7506. 3Ware has a >beta driver and command line utils for the 7506 and FreeBSD 4.8. Which >way to go? I have 7506 under 5.1-R and it seems to work fine. I'm using default drivers/firmware. However, I had to apply a patch to the 3dm utility as it wouldn't bind to the right port. >-Raid 10 or 5? Compared to the 0+1 I have now, 10 would be a nice >improvement as loss of the one drive effectively took out two of my >drives. Raid 5 would give me an extra 60gb to use, but I don't have any >idea what the performance differential would be. RAID 10 is better than RAID 5 when it comes to writes, a lot better. If you want to know more, read: http://www.pcguide.com/ref/hdd/perf/raid/concepts/perf_ReadWrite.htm By the way, if you don't do a lot of writes, go with RAID 5, if you have a need to perform constant writes, go with RAID 10. -Simon