TCPmux

2013-05-31 Thread Stefan Desancic 
Good Morning,

Is there a flag or a setting in the PF firewall in FreeBSD that you can set to 
allow TCPmux traffic to flow through it? The pass all rule doesn't seem to 
work, however if I disable PF completely then the TCPmux traffic flow through.

Kind Regards


Important Notice:

This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal 
notice available at:
http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: TCPmux

2013-05-31 Thread Volodymyr Kostyrko 

31.05.2013 10:29, Stefan Desancic:

Good Morning,

Is there a flag or a setting in the PF firewall in FreeBSD that you can set to 
allow TCPmux traffic to flow through it? The pass all rule doesn't seem to 
work, however if I disable PF completely then the TCPmux traffic flow through.


I have no problems with tcpmux and pf. Can you show your config? On my 
machines tcpmux is served from inetd on default port (1).


--
Sphinx of black quartz, judge my vow.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VIMAGE

2013-05-31 Thread Pietro Paolini 

On May 30, 2013, at 6:25 PM, "Teske, Devin"  wrote:

> 
> On May 30, 2013, at 3:35 AM, Pietro Paolini wrote:
> 
>> Hello all,
>> 
>> I am a new bye on the FreeBSD and I am looking at the VIMAGE features 
>> experiencing some problems.
>> I added the options :
>> VIMAGE
>> if_bridge
>> 
>> and I removed
>> STCP
>> 
>> then I recompiled my kernel and install it.
>> 
>> After that, following this tutorial 
>> http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the 
>> "Exercise 2" which consist on 
>> the following commands:
>> 
>> vimage -c n1
>> vimage -c n2
>> ngctl mkpeer efface ether ether
>> ngctl mkpeer efface ether ether
> 
> Don't you just love autocorrect? (does the same thing to me… turns "eiface" 
> into "efface")
> 
> 
>> ngctl mkpeer em0: bridge lower link0
> 
> Looks good.
> 
> 
>> ngctl name em0:lower bridge0
> 
> I usually do my "connect" before the "name"… but shouldn't matter. Should 
> work all the same.
> 
> 
>> ngctl connect em0: bridge0: upper link1
> 
> This looks wrong to me.
> 
> I'd expect:
> 
> ngctl connect em0: bridge0:lower upper link1
> 


Many thanks for the answer Devin,
when I try to use that last command I receive:

ngctl connect em0: bridge0:lower upper link1
ngctl: send msg: Invalid argument

 What's wrong ?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VIMAGE

2013-05-31 Thread Pietro Paolini 

On May 30, 2013, at 6:38 PM, "Teske, Devin"  wrote:

> 
> On May 30, 2013, at 9:18 AM, Joe wrote:
> 
>> Pietro Paolini wrote:
>>> On May 30, 2013, at 2:29 PM, Joe  wrote:
 Pietro Paolini wrote:
> Hello all,
> I am a new bye on the FreeBSD and I am looking at the VIMAGE features 
> experiencing some problems.
> I added the options :
> VIMAGE
> if_bridge
> and I removed
> STCP
> then I recompiled my kernel and install it.
> After that, following this tutorial 
> http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the 
> "Exercise 2" which consist on the following commands:
> vimage -c n1
> vimage -c n2
> ngctl mkpeer efface ether ether
> ngctl mkpeer efface ether ether
> ngctl mkpeer em0: bridge lower link0
> ngctl name em0:lower bridge0
> ngctl connect em0: bridge0: upper link1
> ngctl connect ngeth0: bridge0: ether link2
> ngctl connect ngeth1: bridge0: ether link3
> vimage -i n1 ngeth0 e0
> But my virtual interface on the n1 vimage does not receive any packet 
> from the external network while I can see the packet go out from it.
> For instance using DHCP, e0 on n1 sends DHCP packets but it does not 
> receive the answers (which are send, I verified it from wireshark), in 
> adding
> the ARP request for his IP address (if I try to add it statically) are 
> not received then it can not answer.
> At the end of the line the question is: how can I make this "virtual 
> network" and the external real network be able to communicate ?
> Thanks in advance.
> Pietro.
 1. That link is from 2007. So very much has changed since then.
 There are more current links on the internet about this subject. Most are 
 for 8.X releases.
 
 2. If your running 8.2-RELEASE or 9.1-RELEASE all you need to add is 
 "options vimage" statement to your kernel source and recompile.
 
 3. There are 2 networking methods available for creating vnet/vimage jail 
 networks, if_bridge/epair and netgraph. The if_bridge/epair method is far 
 simpler to config and use then the netgraph method.
 
 4. There are 2 methods of jail setup, the rc.d method where your jail 
 definition parameters go into the hosts rc.conf and the jail(8) method 
 where you can place each jails definition parameter in separate files.
 
 5. There are two very important show stopper PRs on vimage,
 164763 memory leak and 149050 the rc.d keyword "nojail" problem.
 Vimage is a very long way from prime time usage, thats why it's labeled as 
 highly experimental. Host system freezes and page faults are common.
 
 6. When it comes to running a firewall in a vnet/vimage jail your limited 
 to IPFW and it has limitations. Dummynet and in kernel NAT cause system 
 freezes. IPFILTER causes page fault at boot time. PF will run on the host 
 but not run in the vnet/vimage jail. Here are a bunch of PRs on vimage 
 firewall problems, 143621, 176092, 161094, 176992, 143808, 148155, 165252, 
 178480, 178482
 
 
 Check out these links
 
 http://druidbsd.sourceforge.net/vimage.shtml
 http://devinteske.com/vimage-jails-on-freebsd-8
 http://lists.freebsd.org/pipermail/freebsd-virtualization/2011-September/000747.html
 
 http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto
 http://zewaren.net/site/?q=node/78
 
 
 ___
 freebsd-questions@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/freebsd-questions
 To unsubscribe, send any mail to 
 "freebsd-questions-unsubscr...@freebsd.org"
>>> Thanks so much, really interesting and good links but I can't again 
>>> accomplish my task - I followed 
>>> http://bsdbased.com/2009/12/06/freebsd-8-vimage-epair-howto as a base 
>>> tutorial - I would like simulate more client for my PC using this 
>>> technology, and that's my topology:
>>> 1 - Two epairs created 2 - Two jail created
>>> 3 - Assign one intf for jail
>>> 4 - Add the real interface to a bridge where I put all the interfaces
>>> ---
>>> JAIL1
>>> 0b
>>> ---
>>> ---
>>> JAIL2  1b
>>> ---
>>> ---
>>> HOST
>>> 0a
>>> 1a
>>> em0 --> REAL
>>> ---
>>> Where {0,1}a is the first pair and {0,1}b is the second and em0 is my real 
>>> interface (it has an IP address), then I got to the problem, I tried to :
>>> jexec 2 dhclient epair1b  And I can see the DHCP packet with the correct 
>>> MAC address going out, the server reply (I have a sniffer pc) but the 
>>> transaction does not end successfully, what is really strange is that if I 
>>> attach tcpdump on em0 I can NOT see the answer server sends while when I try
>>> dhclient em0 I can see the packet going in and out and the DHCP transaction 
>>> finish successfully. Do you have any idea about how can I accomplish my 
>>> target ? Maybe

New kernel 9.1 informs me to report wbwd0 to FreeBSD

2013-05-31 Thread BBLister 

Hi,

I upgraded to 9.1 ( 9.1-STABLE FreeBSD 9.1-STABLE #0 r251140: )  today and my 
dmesg kernel prints:

wbwd0: DevID 0x60 DevRev 0x12, please report this.
wbwd0: DevID 0x60 DevRev 0x12, please report this.
wbwd0:  at port 0x2e-0x2f on isa0
wbwd0: Before watchdog attach: Watchdog enabled. Watchdog fired. Scaling by 1s, 
timer at 255 (<=255s left). CRF5 0x00 CRF7 0xff


I am willing to provide any help necessary.

Regards,

BB
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

RE: TCPmux

2013-05-31 Thread Stefan Desancic 
Hi,

Thank you for your very speedy response.
Also Attached is the config file.

Kind Regards

Stefan


# Section: Interfaces
public_if19="em0"
private_if18="em1"
mgmt_if="em1"
# End: Interfaces

# Section: Ports
Management = "{22,}"
ikeports = "{500,4500}"
# End: Ports

# Section: Address Table
table  {192.168.50.250}
table  {192.168.50.1}
table  {10.0.0.1}
table  {10.0.0.2}
table  {192.168.50.250}
table  {192.168.100.0/24}
table  {192.168.50.0/24}
table  {192.168.50.250}
# End: Address Table

# Section: Options
set ruleset-optimization none
set block-policy return
set skip on lo
# End: Options

# Section: Scrubbing
scrub in all
# End: Scrubbing

# Section: Anti Spoofing
antispoof quick for {$public_if19, $private_if18} inet
# End: Anti Spoofing

# Section: Firewall Rules
# Section: System Rules
block in from any to any label RuleId[111]
pass out from any to any label RuleId[112]
# End: System Rules

# Section: VPN LPN access Rules
pass from {} to {} tagged vpn label 
RuleId[140]
pass from {} to {} label RuleId[141]
# End: VPN LPN access Rules

# Section: User Rules
# block from any to any no state label RuleId[149]
# pass in from {} to {} label 
RuleId[151]
# pass in from {} to {} label 
RuleId[152]
pass from any to any label RuleId[157]
# End: User Rules

# Section: IPsec Rules
pass in on $mgmt_if proto {udp} from {} to {} 
port $ikeports label RuleId[117]
pass in on $mgmt_if proto {esp} from {} to {} 
label RuleId[118]
pass in on $mgmt_if proto {ipencap} from {} to 
{} tag management label RuleId[119]
pass proto {udp} from {} to {} port $ikeports 
label RuleId[131]
pass proto {udp} from {} to {} port $ikeports 
label RuleId[132]
pass proto {esp} from {} to {} label RuleId[133]
pass proto {esp} from {} to {} label RuleId[134]
pass in on $public_if19 proto {udp} from {} to {} 
port $ikeports label RuleId[135]
pass out on $public_if19 proto {udp} from {} to {} 
port $ikeports label RuleId[136]
pass in on $public_if19 proto {esp} from {} to {} 
label RuleId[137]
pass out on $public_if19 proto {esp} from {} to {} 
label RuleId[138]
pass in on $public_if19 proto {ipencap} from {} to {} 
tag vpn label RuleId[139]
# End: IPsec Rules

# Section: Management Rules
pass in on $mgmt_if proto {tcp} from {} to {} 
port $Management tagged management label RuleId[120]
# End: Management Rules
# End: Firewall Rules










-Original Message-
From: Volodymyr Kostyrko [mailto:c.kw...@gmail.com]
Sent: 31 May 2013 10:32 AM
To: Stefan Desancic; questi...@freebsd.org
Subject: Re: TCPmux

31.05.2013 10:29, Stefan Desancic:
> Good Morning,
>
> Is there a flag or a setting in the PF firewall in FreeBSD that you can set 
> to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to 
> work, however if I disable PF completely then the TCPmux traffic flow through.

I have no problems with tcpmux and pf. Can you show your config? On my machines 
tcpmux is served from inetd on default port (1).

--
Sphinx of black quartz, judge my vow.



Important Notice:

This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal 
notice available at:
http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx


pf.conf
Description: pf.conf
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Clang cannot finds standard system lib libssl.a

2013-05-31 Thread Eduardo Morras 

Hi,

I'm trying to compile a single big file project written in C. It compiled fine, 
without problems in my develop machine (FreeBSD 9.1 STABLE, Clang3.2) but not 
on the server (FreeBSD 9.1 Release#0, Clang 3.1). The app uses openssl dtls and 
links to system ssl libs. Am I missing something?

For compile I do:

%clang gog_server.c -o gog_server -v -I /usr/include/openssl

but I get a lot of undefined references to whole openssl lib functions, structs 
etc in Link phase:

...
gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks'
gog_server.c:(.text+0x50): undefined reference to `CRYPTO_num_locks'
...

I have manually checked that:

a) /usr/lib/libssl.a /usr/lib/libssl.so exist
b) The linker has /usr/lib path

%clang -print-search-dirs 
programs: =/usr/bin
libraries: =/usr/bin/../lib/clang/3.1:/usr/lib

c) Add -Xlinker "-L /usr/lib"
d) Add -Xlinker "-l /usr/lib/libssl.a", get this from linker:

"/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 -o gog_server 
/usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib 
/tmp/gog_server-8bAHxn.o "-l /usr/lib/libssl.a" -lgcc --as-needed -lgcc_s 
--no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o 
/usr/lib/crtn.o
/usr/bin/ld: cannot find "-l /usr/lib/libssl.a"

e) Tried c) and d) without "", but get the same answers /usr/bin/ld: cannont 
find ...


Finally, this is the relevant output of last try:

% clang gog_server.c -o gog_server -v -I /usr/include/openssl -Xlinker 
/usr/lib/libssl.a 2>err

FreeBSD clang version 3.1 (branches/release_31 156863) 20120523
Target: x86_64-unknown-freebsd9.0
Thread model: posix
 "/usr/bin/clang" -cc1 -triple x86_64-unknown-freebsd9.0 -emit-obj -mrelax-all 
-disable-free -main-file-name gog_server.c -mrelocation-model static 
-mdisable-fp-elim -masm-verbose -mconstructor-aliases -munwind-tables 
-target-cpu x86-64 -momit-leaf-frame-pointer -v -resource-dir 
/usr/bin/../lib/clang/3.1 -I /usr/include/openssl -fmodule-cache-path 
/var/tmp/clang-module-cache -fdebug-compilation-dir /home/gowen/clang/Gog 
-ferror-limit 19 -fmessage-length 0 -mstackrealign -fgnu-runtime 
-fobjc-runtime-has-arc -fobjc-runtime-has-weak 
-fobjc-dispatch-method=non-legacy -fdiagnostics-show-option -o 
/tmp/gog_server-mK51RB.o -x c gog_server.c
clang -cc1 version 3.1 based upon LLVM 3.1 default target 
x86_64-unknown-freebsd9.0
ignoring nonexistent directory "/usr/bin/../lib/clang/3.1/include"
#include "..." search starts here:
#include <...> search starts here:
 /usr/include/openssl
 /usr/include/clang/3.1
 /usr/include
End of search list.
 "/usr/bin/ld" --eh-frame-hdr -dynamic-linker /libexec/ld-elf.so.1 -o 
gog_server /usr/lib/crt1.o /usr/lib/crti.o /usr/lib/crtbegin.o -L/usr/lib 
/tmp/gog_server-mK51RB.o /usr/lib/libssl.a -lgcc --as-needed -lgcc_s 
--no-as-needed -lc -lgcc --as-needed -lgcc_s --no-as-needed /usr/lib/crtend.o 
/usr/lib/crtn.o
/tmp/gog_server-mK51RB.o: In function `THREAD_setup':
gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks'
.

and a lot of similar lines.

So, Am I missing something? 

Thanks in advance.


---   ---
Eduardo Morras 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Clang cannot finds standard system lib libssl.a

2013-05-31 Thread Tijl Coosemans 
On 2013-05-31 15:26, Eduardo Morras wrote:
> I'm trying to compile a single big file project written in C. It
> compiled fine, without problems in my develop machine (FreeBSD 9.1
> STABLE, Clang3.2) but not on the server (FreeBSD 9.1 Release#0, Clang
> 3.1). The app uses openssl dtls and links to system ssl libs. Am I
> missing something?
> 
> For compile I do:
> 
> %clang gog_server.c -o gog_server -v -I /usr/include/openssl
> 
> but I get a lot of undefined references to whole openssl lib
> functions, structs etc in Link phase:
> 
> ...
> gog_server.c:(.text+0x9): undefined reference to `CRYPTO_num_locks'
> gog_server.c:(.text+0x50): undefined reference to `CRYPTO_num_locks'
> ...

CRYPTO_num_locks is in libcrypto so try linking with that in addition
to libssl.



signature.asc
Description: OpenPGP digital signature

Re: Clang cannot finds standard system lib libssl.a

2013-05-31 Thread Eduardo Morras 
On Fri, 31 May 2013 16:12:24 +0200
Tijl Coosemans  wrote:
> 
> CRYPTO_num_locks is in libcrypto so try linking with that in addition
> to libssl.
> 

Now i works, thanks a lot!! Forgot to add -Xlinker /usr/lib/libcrypto.a and 
-Xlinker /usr/lib/libpthread.a

Now everything works as expected.

Bytes bite bitter when abuse caffeine...

---   ---
Eduardo Morras 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: TCPmux

2013-05-31 Thread Volodymyr Kostyrko 

31.05.2013 14:10, Stefan Desancic:

Hi,

Thank you for your very speedy response.
Also Attached is the config file.

Kind Regards

Stefan


# Section: Interfaces
public_if19="em0"
private_if18="em1"
mgmt_if="em1"
# End: Interfaces

# Section: Ports
Management = "{22,}"
ikeports = "{500,4500}"
# End: Ports

# Section: Address Table
table  {192.168.50.250}
table  {192.168.50.1}
table  {10.0.0.1}
table  {10.0.0.2}
table  {192.168.50.250}
table  {192.168.100.0/24}
table  {192.168.50.0/24}
table  {192.168.50.250}
# End: Address Table

# Section: Options
set ruleset-optimization none
set block-policy return
set skip on lo
# End: Options

# Section: Scrubbing
scrub in all
# End: Scrubbing

# Section: Anti Spoofing
antispoof quick for {$public_if19, $private_if18} inet
# End: Anti Spoofing

# Section: Firewall Rules
# Section: System Rules
block in from any to any label RuleId[111]
pass out from any to any label RuleId[112]
# End: System Rules

# Section: VPN LPN access Rules
pass from {} to {} tagged vpn label 
RuleId[140]
pass from {} to {} label RuleId[141]
# End: VPN LPN access Rules

# Section: User Rules
# block from any to any no state label RuleId[149]
# pass in from {} to {} label 
RuleId[151]
# pass in from {} to {} label 
RuleId[152]
pass from any to any label RuleId[157]
# End: User Rules

# Section: IPsec Rules
pass in on $mgmt_if proto {udp} from {} to {} 
port $ikeports label RuleId[117]
pass in on $mgmt_if proto {esp} from {} to {} 
label RuleId[118]
pass in on $mgmt_if proto {ipencap} from {} to 
{} tag management label RuleId[119]
pass proto {udp} from {} to {} port $ikeports 
label RuleId[131]
pass proto {udp} from {} to {} port $ikeports 
label RuleId[132]
pass proto {esp} from {} to {} label RuleId[133]
pass proto {esp} from {} to {} label RuleId[134]
pass in on $public_if19 proto {udp} from {} to {} 
port $ikeports label RuleId[135]
pass out on $public_if19 proto {udp} from {} to {} 
port $ikeports label RuleId[136]
pass in on $public_if19 proto {esp} from {} to {} 
label RuleId[137]
pass out on $public_if19 proto {esp} from {} to {} 
label RuleId[138]
pass in on $public_if19 proto {ipencap} from {} to {} 
tag vpn label RuleId[139]
# End: IPsec Rules

# Section: Management Rules
pass in on $mgmt_if proto {tcp} from {} to {} 
port $Management tagged management label RuleId[120]
# End: Management Rules
# End: Firewall Rules


I'm missing a rule which would pass tcp connections to port 1 on any 
interface. However I can see a pass all rule. Remote connections should 
be enabled.


How your tcpmux server is configured? Can you show the output of 
`sockstat | grep ':1 '`?




Good Morning,

Is there a flag or a setting in the PF firewall in FreeBSD that you can set to 
allow TCPmux traffic to flow through it? The pass all rule doesn't seem to 
work, however if I disable PF completely then the TCPmux traffic flow through.


I have no problems with tcpmux and pf. Can you show your config? On my machines 
tcpmux is served from inetd on default port (1).



--
Sphinx of black quartz, judge my vow.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

pkgng dependencies change / update

2013-05-31 Thread b...@todoo.biz 
Hi, 

I am trying to figure out how to change / update the dependencies on a package. 

I have a postfix package which comes from a server where mysql-client is in 
version 5.1 
And I would like to install the same package on a server where mysql-client is 
in version 5.6 

I am not sure if this is feasible. 

Of course when I try to install this package on the server, it tells me : 


> jail: ns3 15:03:57 /home/gregober # pkg add postfix-2.10.0,1.txz 
> Installing postfix-2.10.0,1...missing dependency mysql-client-5.1.68
> Failed to install the following 1 package(s): postfix-2.10.0,1.txz


I have tried to set the dependency to an updated version of the port : 

> jail: ns3 15:04:16 /home/gregober # pkg set -o 
> databases/mysql51-client:databases/mysql56-client
> Change origin from databases/mysql51-client to databases/mysql56-client for 
> all dependencies? [y/N]: y


But no luck !! 


Any idea how to do that ? 



«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§

Your provider of OpenSource Appliances

www.osnet.eu

«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§«?»¥«?»§

PGP ID --> 0x1BA3C2FD

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

mount_smbfs in base?

2013-05-31 Thread Quark 
is mount_smbfs, smbutil and friends part of base system? this is FreeBSD amd64 
9.1-RELEASE
then what is extra in samba port?

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: mount_smbfs in base?

2013-05-31 Thread Matthias Apitz 
El día Saturday, June 01, 2013 a las 02:09:58AM +0800, Quark escribió:

> is mount_smbfs, smbutil and friends part of base system? this is FreeBSD 
> amd64 9.1-RELEASE

$ which mount_smbfs
/usr/sbin/mount_smbfs
$ which smbutil
/usr/bin/smbutil

> then what is extra in samba port?

a SMB client and server

matthias
-- 
Sent from my FreeBSD netbook

Matthias Apitz   |  - No system with backdoors like Apple/Android
E-mail: g...@unixarea.de |  - Never being an iSlave
WWW: http://www.unixarea.de/ |  - No proprietary attachments, no HTML/RTF in 
E-mail
phone: +49-170-4527211   |  - Respect for open standards
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: mount_smbfs in base?

2013-05-31 Thread Quark 




- Original Message -
> From: Matthias Apitz 
> To: freebsd-questions@freebsd.org
> Cc: 
> Sent: Saturday, 1 June 2013 12:01 AM
> Subject: Re: mount_smbfs in base?
> 
> El día Saturday, June 01, 2013 a las 02:09:58AM +0800, Quark escribió:
> 
>>  is mount_smbfs, smbutil and friends part of base system? this is FreeBSD 
> amd64 9.1-RELEASE
> 
> $ which mount_smbfs
> /usr/sbin/mount_smbfs
> $ which smbutil
> /usr/bin/smbutil

I saw that, but suspected I must have done something stupid that those binaries 
got placed there.

> 
>>  then what is extra in samba port?
> 
> a SMB client and server

so this SMB client is recentish than what is in base?
I 'guess' samba was GPL, is it OK to let live GPL s/w in base when such strides 
are being attempted to oust GCC?

> 
>     matthias
> -- 
> Sent from my FreeBSD netbook
> 
> Matthias Apitz               |  - No system with backdoors like Apple/Android
> E-mail: g...@unixarea.de     |  - Never being an iSlave
> WWW: http://www.unixarea.de/ |  - No proprietary attachments, no HTML/RTF in 
> E-mail
> phone: +49-170-4527211       |  - Respect for open standards
> ___
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to 
> "freebsd-questions-unsubscr...@freebsd.org"
> 
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: mount_smbfs in base?

2013-05-31 Thread Adam Vande More 
On Fri, May 31, 2013 at 1:41 PM, Quark  wrote:
>
> I saw that, but suspected I must have done something stupid that those 
> binaries got placed there.
>
>>
>>>  then what is extra in samba port?
>>
>> a SMB client and server
>
> so this SMB client is recentish than what is in base?

Yes.

> I 'guess' samba was GPL, is it OK to let live GPL s/w in base when such 
> strides are being attempted to oust GCC?

mount_smbfs isn't GPL.

--
Adam Vande More
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VIMAGE

2013-05-31 Thread Teske, Devin 

On May 31, 2013, at 1:48 AM, Pietro Paolini wrote:


On May 30, 2013, at 6:25 PM, "Teske, Devin" 
mailto:devin.te...@fisglobal.com>> wrote:


On May 30, 2013, at 3:35 AM, Pietro Paolini wrote:

Hello all,

I am a new bye on the FreeBSD and I am looking at the VIMAGE features 
experiencing some problems.
I added the options :
VIMAGE
if_bridge

and I removed
STCP

then I recompiled my kernel and install it.

After that, following this tutorial 
http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the 
"Exercise 2" which consist on
the following commands:

vimage -c n1
vimage -c n2
ngctl mkpeer efface ether ether
ngctl mkpeer efface ether ether

Don't you just love autocorrect? (does the same thing to me… turns "eiface" 
into "efface")


ngctl mkpeer em0: bridge lower link0

Looks good.


ngctl name em0:lower bridge0

I usually do my "connect" before the "name"… but shouldn't matter. Should work 
all the same.


ngctl connect em0: bridge0: upper link1

This looks wrong to me.

I'd expect:

ngctl connect em0: bridge0:lower upper link1



Many thanks for the answer Devin,
when I try to use that last command I receive:

ngctl connect em0: bridge0:lower upper link1
ngctl: send msg: Invalid argument

What's wrong ?


Let's start from scratch on a freshly booted box…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
ls -l
[sudo] Password:
There are 4 total nodes:
  Name: em0 Type: ether   ID: 0002   Num hooks: 0
  Name: em1 Type: ether   ID: 0003   Num hooks: 0
  Name: ngctl1719   Type: socket  ID: 0004   Num hooks: 0
  Name: msk0Type: ether   ID: 0001   Num hooks: 0

Ok… we have an "ether" type node for each of our physical adapters (these are 
provided by ng_ether(4); you didn't have to do anything to get these nodes).

We also have a single "socket" type node. This is the "ngctl" connection to the 
netgraph subsystem (you can learn more by reading ng_socket(4)).

Here's the corresponding hardware behind em0, em1, and msk0:

===

dte...@scu0a.jbsd.vicor.com ~ $ grep 
'\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot
mskc0:  port 0xdc00-0xdcff mem 
0xfcffc000-0xfcff irq 16 at device 0.0 on pci5
msk0:  on mskc0
msk0: Ethernet address: xx:xx:xx:xx:xx:xx
miibus0:  on msk0
e1000phy0:  PHY 0 on miibus0
e1000phy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 
1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto
mskc0: [ITHREAD]
em0:  port 0xec80-0xecbf mem 
0xfebe-0xfebf irq 16 at device 4.0 on pci7
em0: [FILTER]
em0: Ethernet address: xx:xx:xx:xx:xx:xx
em1:  port 0xec00-0xec3f mem 
0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7
em1: [FILTER]
em1: Ethernet address: xx:xx:xx:xx:xx:xx
em0: link state changed to UP

===

Next, let's make a bridge (think of it as a big software switch that we're 
going to hook a bunch of interfaces; created, physical, or otherwise).

Since I'm doing this over an SSH connection (a mistake I made earlier today), 
I'm not going to touch em0 (the adapter my SSH connection is using). Creating 
the bridge on an actively configured PHY will knock it off the net. This is not 
to say you can't have an active configuration on a bridged interface… just that 
the creation of the bridge (something you should only do once each time you 
boot) will disrupt an active connection.

So…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
mkpeer em1: bridge lower link0

NOTE: No output == Success.

===

Now let's look at our handiwork…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
info em1:lower
  Name:Type: bridge  ID: 0007   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  link0   em1 ether0003lower


Ok, we see that the lower peer hook of the em1 ether-node goes off to something 
named "link0".

To see where link0 is off-to… we need a full listing (back to "ngctl ls -l").


dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
ls -l
There are 5 total nodes:
  Name:Type: bridge  ID: 0007   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  link0   em1 ether0003lower
  Name: em0 Type: ether   ID: 0002   Num hooks: 0
  Name: em1 Type: ether   ID: 0003   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  lower  bridge   0007link0
  Name: ngctl1762   Type: so

Where to get source for 10?

2013-05-31 Thread Walter Hurry 
For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/

But where can I get the source for FreeBSD10?

Thanks.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Where to get source for 10?

2013-05-31 Thread Ayan George 
On 05/31/2013 07:23 PM, Walter Hurry wrote:
> For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/
> 
> But where can I get the source for FreeBSD10?
> 

I assume it'd be the head branch:

  http://svn.freebsd.org/base/head/



___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Where to get source for 10?

2013-05-31 Thread Joshua Isom 

On 5/31/2013 6:27 PM, Ayan George wrote:

On 05/31/2013 07:23 PM, Walter Hurry wrote:

For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/

But where can I get the source for FreeBSD10?



I assume it'd be the head branch:

   http://svn.freebsd.org/base/head/



Yes, it's the head branch, but beware, it's experimental and breaks 
sometimes.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: pkgng dependencies change / update

2013-05-31 Thread Matthew Seaman 
On 31/05/2013 16:26, b...@todoo.biz wrote:
> Hi, 
> 
> I am trying to figure out how to change / update the dependencies on a 
> package. 
> 
> I have a postfix package which comes from a server where mysql-client is in 
> version 5.1 
> And I would like to install the same package on a server where mysql-client 
> is in version 5.6 
> 
> I am not sure if this is feasible. 
> 
> Of course when I try to install this package on the server, it tells me : 
> 
> 
>> jail: ns3 15:03:57 /home/gregober # pkg add postfix-2.10.0,1.txz 
>> Installing postfix-2.10.0,1...missing dependency mysql-client-5.1.68
>> Failed to install the following 1 package(s): postfix-2.10.0,1.txz
> 
> 
> I have tried to set the dependency to an updated version of the port : 
> 
>> jail: ns3 15:04:16 /home/gregober # pkg set -o 
>> databases/mysql51-client:databases/mysql56-client
>> Change origin from databases/mysql51-client to databases/mysql56-client for 
>> all dependencies? [y/N]: y
> 
> 
> But no luck !! 
> 
> 
> Any idea how to do that ? 

Well, the best way is generally to use a package compiled against the
correct set of dependencies in the first place.

postfix will be linking against the MySQL client shared libraries.
Those have different ABI versions between mysql51 and mysql56.  Meaning
you can't simply swap one for the other and expect things to still work.

'pkg set -o' looks like it does what you want, but really, it doesn't.
What it does is allow smoothly replacing one complete dependency tree
with another.   So, running:

# pkg set -o databases/mysql51-client:databases/mysql56-client

is fine and dandy, and a necessary prerequisite to then running an
upgrade against a package repo where everything that links against mysql
client has been linked against mysql56-client specifically.

In fact, you're doing things the wrong way round.  'pkg set -o' works on
what has already been installed.  You could in principle use 'pkg set
-o' to switch your mysql56-client machine to using mysql51-client --
which means running 'pkg set -o ...' and then *reinstalling all the
packages that depend on mysql56-client with equivalent packages linked
against mysql51-client*.  After that, your postfix package should
install OK.

Ultimate plans are that the need to use 'pkg set -o' should disappear
entirely, as the package dependency solver should be clever enough to
work out all this stuff for itself.  There's also ideas about making
more finely grained binary packages -- several packages from one port
essentially.   So out of each mysqlXX-client port there'd be several
packages created, one of which contains just the shared libraries.  The
good thing about that is it will be possible to install shared libraries
for several different mysqlXX versions simultaneously, which would make
your postfix problem fairly trivial to solve.

Cheers,

Matthew

-- 
Dr Matthew J Seaman MA, D.Phil.
PGP: http://www.infracaninophile.co.uk/pgpkey




signature.asc
Description: OpenPGP digital signature

Re: Where to get source for 10?

2013-05-31 Thread Walter Hurry 
On Fri, 31 May 2013 19:27:36 -0400, Ayan George wrote:

> On 05/31/2013 07:23 PM, Walter Hurry wrote:
>> For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/
>> 
>> But where can I get the source for FreeBSD10?
>> 
>> 
> I assume it'd be the head branch:
> 
>   http://svn.freebsd.org/base/head/

Thanks.


___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: Where to get source for 10?

2013-05-31 Thread Walter Hurry 
On Fri, 31 May 2013 18:41:49 -0500, Joshua Isom wrote:

> On 5/31/2013 6:27 PM, Ayan George wrote:
>> On 05/31/2013 07:23 PM, Walter Hurry wrote:
>>> For 9.1 I can checkout http://svn.freebsd.org/base/releng/9.1/
>>>
>>> But where can I get the source for FreeBSD10?
>>>
>>>
>> I assume it'd be the head branch:
>>
>>http://svn.freebsd.org/base/head/
>>
>>
> Yes, it's the head branch, but beware, it's experimental and breaks
> sometimes.
> 
Thanks for the cautionary advice, but it's OK, it's only experimental on 
my side too.

___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Re: VIMAGE

2013-05-31 Thread Teske, Devin 

On May 31, 2013, at 3:05 PM, Teske, Devin wrote:


On May 31, 2013, at 1:48 AM, Pietro Paolini wrote:


On May 30, 2013, at 6:25 PM, "Teske, Devin" 
mailto:devin.te...@fisglobal.com>> wrote:


On May 30, 2013, at 3:35 AM, Pietro Paolini wrote:

Hello all,

I am a new bye on the FreeBSD and I am looking at the VIMAGE features 
experiencing some problems.
I added the options :
VIMAGE
if_bridge

and I removed
STCP

then I recompiled my kernel and install it.

After that, following this tutorial 
http://imunes.tel.fer.hr/virtnet/eurobsdcon07_tutorial.pdf I tried the 
"Exercise 2" which consist on
the following commands:

vimage -c n1
vimage -c n2
ngctl mkpeer efface ether ether
ngctl mkpeer efface ether ether

Don't you just love autocorrect? (does the same thing to me… turns "eiface" 
into "efface")


ngctl mkpeer em0: bridge lower link0

Looks good.


ngctl name em0:lower bridge0

I usually do my "connect" before the "name"… but shouldn't matter. Should work 
all the same.


ngctl connect em0: bridge0: upper link1

This looks wrong to me.

I'd expect:

ngctl connect em0: bridge0:lower upper link1



Many thanks for the answer Devin,
when I try to use that last command I receive:

ngctl connect em0: bridge0:lower upper link1
ngctl: send msg: Invalid argument

What's wrong ?


Let's start from scratch on a freshly booted box…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
ls -l
[sudo] Password:
There are 4 total nodes:
  Name: em0 Type: ether   ID: 0002   Num hooks: 0
  Name: em1 Type: ether   ID: 0003   Num hooks: 0
  Name: ngctl1719   Type: socket  ID: 0004   Num hooks: 0
  Name: msk0Type: ether   ID: 0001   Num hooks: 0

Ok… we have an "ether" type node for each of our physical adapters (these are 
provided by ng_ether(4); you didn't have to do anything to get these nodes).

We also have a single "socket" type node. This is the "ngctl" connection to the 
netgraph subsystem (you can learn more by reading ng_socket(4)).

Here's the corresponding hardware behind em0, em1, and msk0:

===

dte...@scu0a.jbsd.vicor.com ~ $ grep 
'\(em\|e1000phy\|mskc\?\)[[:digit:]]' /var/run/dmesg.boot
mskc0:  port 0xdc00-0xdcff mem 
0xfcffc000-0xfcff irq 16 at device 0.0 on pci5
msk0:  on mskc0
msk0: Ethernet address: xx:xx:xx:xx:xx:xx
miibus0:  on msk0
e1000phy0:  PHY 0 on miibus0
e1000phy0:  none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 
1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto
mskc0: [ITHREAD]
em0:  port 0xec80-0xecbf mem 
0xfebe-0xfebf irq 16 at device 4.0 on pci7
em0: [FILTER]
em0: Ethernet address: xx:xx:xx:xx:xx:xx
em1:  port 0xec00-0xec3f mem 
0xfeba-0xfebb,0xfeb8-0xfeb9 irq 18 at device 6.0 on pci7
em1: [FILTER]
em1: Ethernet address: xx:xx:xx:xx:xx:xx
em0: link state changed to UP

===

Next, let's make a bridge (think of it as a big software switch that we're 
going to hook a bunch of interfaces; created, physical, or otherwise).

Since I'm doing this over an SSH connection (a mistake I made earlier today), 
I'm not going to touch em0 (the adapter my SSH connection is using). Creating 
the bridge on an actively configured PHY will knock it off the net. This is not 
to say you can't have an active configuration on a bridged interface… just that 
the creation of the bridge (something you should only do once each time you 
boot) will disrupt an active connection.

So…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
mkpeer em1: bridge lower link0

NOTE: No output == Success.

===

Now let's look at our handiwork…

dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
info em1:lower
  Name:Type: bridge  ID: 0007   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  link0   em1 ether0003lower


Ok, we see that the lower peer hook of the em1 ether-node goes off to something 
named "link0".

To see where link0 is off-to… we need a full listing (back to "ngctl ls -l").


dte...@scu0a.jbsd.vicor.com ~ $ sudo ngctl 
ls -l
There are 5 total nodes:
  Name:Type: bridge  ID: 0007   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  link0   em1 ether0003lower
  Name: em0 Type: ether   ID: 0002   Num hooks: 0
  Name: em1 Type: ether   ID: 0003   Num hooks: 1
  Local hook  Peer name   Peer typePeer ID Peer hook
  --  -   ---- -
  lower  bridge   000

Re: make release fails

2013-05-31 Thread CyberLeo Kitsana 
On 05/23/2013 06:52 AM, Jack Mc Lauren wrote:
> Hi

> find //usr/obj/usr/src/release/dist/doc -empty -delete
> find: -delete: //usr/obj/usr/src/release/dist/doc: relative path potentially 
> not
>  safe
> *** [distributeworld] Error code 1

> What's wrong with this?
> Thanks in advance

Huh. Apparently I ran across this myself in the past, since I found a
patch lurking in my source tree.

8<
diff --git a/Makefile.inc1 b/Makefile.inc1
index 4567e5d..1830483 100644
--- a/Makefile.inc1
+++ b/Makefile.inc1
@@ -685,7 +685,7 @@ distributeworld installworld: installcheck
${IMAKEENV} rm -rf ${INSTALLTMP}
 .if make(distributeworld)
 .for dist in ${EXTRA_DISTRIBUTIONS}
-   find ${DESTDIR}/${DISTDIR}/${dist} -empty -delete
+   find ${DESTDIR}/${DISTDIR}/${dist} -empty -exec rmdir {} +
 .endfor
 .endif

8<

The reason this occurs is because you and I are building with NODOC,
which leaves dist/doc empty, and the above find construct will refuse to
-delete if the directory specified on the command line is one of the
ones that would have been deleted.

Either patch the makefile as above, tell make to ignore the return code
of this find invocation, or put some non-empty files into
/usr/obj/usr/src/release/dist/doc during the release building process
(like a README pointing to the docs tarball on the mirrors) to make it
not trigger the empty condition.

Hope this helps!

-- 
Fuzzy love,
-CyberLeo
Technical Administrator
CyberLeo.Net Webhosting
http://www.CyberLeo.Net


Furry Peace! - http://www.fur.com/peace/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

define more partitions in freebsd

2013-05-31 Thread s m 
hello all

i want to install freebsd8.2 on my system. for some reasons, i need
partitions more than 6. my freebsd just allow me to define partitions
from a to h, not any more.

i checked FreeBSD handbook, but it doesn't say anything about defining
more partitions.

my question is: how can i define more partitions on my freebsd? (for
example, ad3s1a, ..., ad3s1h, ad3s1i, ad3s1j, ...).

any comments or hints are appreciated.
SAM
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"