Server Reboot
Hi all, This is the first time in 10 years I have seen this. I have a Dell PE750 (vintage 2004), running FreeBSD 6.2 that had been up and running for about 30 days without any issues. The server somehow rebooted last night, apparently, all by itself. The last log file line I can find waqs about 12:30 AM. The dmesg shows it restarted about 1:12 AM. dmesg shows some file errors that were fixed upon reboot, other that that, everything is back up and running normally. I was wondering if anyone has seen anything similar and if a cause was found. Here is what I know: -all servers (there are 5 more) are plugged into the same power bar and none of the others were affected -none of the standard logs show any intrusion or root log in attempt, -dmesg and console log show nothing of note, -the DRAC logs and ESM logs show nothing, -the sensors (temp,voltage,etc) logs currently show no issues, all well withing normal parms. -my MRTG logs show no abnormal CPU usage or network activity. Any help would be appreciated, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Server Reboot
- Original Message - From: Gary Kline To: Garrett Cooper Cc: Grant Peel ; FreeBSD Mailing List Sent: Saturday, October 06, 2007 10:15 PM Subject: Re: Server Reboot On Sat, Oct 06, 2007 at 08:19:12AM -0700, Garrett Cooper wrote: > Grant Peel wrote: > >Hi all, > > > >This is the first time in 10 years I have seen this. > > > >I have a Dell PE750 (vintage 2004), running FreeBSD 6.2 that had been > >up and running for about 30 days without any issues. > > > >The server somehow rebooted last night, apparently, all by itself. > > > >The last log file line I can find waqs about 12:30 AM. The dmesg shows > >it restarted about 1:12 AM. dmesg shows some file errors that were > >fixed upon reboot, other that that, everything is back up and running > >normally. > > > >I was wondering if anyone has seen anything similar and if a cause was > >found. > > > >Here is what I know: > > > >-all servers (there are 5 more) are plugged into the same power bar > >and none of the others were affected > >-none of the standard logs show any intrusion or root log in attempt, > >-dmesg and console log show nothing of note, > >-the DRAC logs and ESM logs show nothing, > >-the sensors (temp,voltage,etc) logs currently show no issues, all > >well withing normal parms. > >-my MRTG logs show no abnormal CPU usage or network activity. > > > > > >Any help would be appreciated, > > > >-Grant > > Check the capacitors on the motherboard (in particular near the > memory and processor); they may be going bad (esp with that vintage. > 2004 Dell was a bad year =P..). > You'll be looking for swelled capacitors and possibly some orange > dialectric being emitted. > -Garrett Strange. In just the past few, 2 or 3 or even 4 weeks my Dell-8200 has spontaneouslyrebooted too. I do have a number of things in /var/log/messages, but nothing that I can seee that would cause this problem. Before the video-card started flaking out, this puppy ran for weeks/months happily. AFAIW, X (or a heavily-loaded system) shouldn't have aynything to do with this problem, [yes/no??]. Any clues, Garrett? Ah, wait: dmesg.yesterday says rl0: link state changed to UP pid 729 (Xorg), uid 0: exited on signal 6 (core dumped) pid 4475 (Xorg), uid 0: exited on signal 6 (core dumped) pid 60174 (firefox-bin), uid 1000: exited on signal 11 (core dumped) pid 47564 (as), uid 0: exited on signal 11 (core dumped) pid 47570 (as), uid 0: exited on signal 11 (core dumped) pid 79051 (as), uid 0: exited on signal 11 (core dumped) pid 79057 (as), uid 0: exited on signal 11 (core dumped) pid 3625 (as), uid 0: exited on signal 11 (core dumped) pid 3631 (as), uid 0: exited on signal 11 (core dumped) pid 74013 (conftest), uid 0: exited on signal 12 (core dumped) This file is timestamped 03 Oct 07 at 03:17 Anybody know why firefox would core dump? I have no clue waht "conftest" is... . Grant, how oten has your system failed? gary Gary, I have owned this server since new (in 2004), and this is the first time it has done this. I also have another PE750 that was bought and deployed the same time as this one and it has never done this. I am not running anything graphical on this, so I am guessing its not the built in video card. It is running as a server only. Apache 2, Mysql, 4PHP4, Perl5, Exim4, vm-pop3d, ipa, Openwebmail, and a number of add in modules for all the above. One thing I may have neglected in my original post, is that it appears the system may have been locked for a while since the last log entry I can find befor the reboot was at about 12:20 am, the system then shows the reboot at about 1:20 AM. -Grant -- Gary Kline [EMAIL PROTECTED] www.thought.org Public Service Unix http://jottings.thought.org http://transfinite.thought.org -- Total Control Panel Login To: [EMAIL PROTECTED] Message Score: 50 High (60): Pass From: [EMAIL PROTECTED] My Spam Blocking Level: High Medium (75): Pass Low (90): Pass Block messages from this sender (blacklist) This message was delivered because the content filter score did not exceed your filter level. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
php4 to php5 upgrade
Hi all, Does anyone know where there might be some clear documentation the discribes the complete removal of php4 and its extentions, then how to build php5 extentions. I want to use ports if possible. -Grant P.S. one thing I have always tripped over is weather to build php first, then, run the meta port for extensions or vice versa ... ? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: php4 to php5 upgrade
Hi Kevin, Yes, I have done many web searches. The only thing that came up that was near what I needed was: http://lists.freebsd.org/pipermail/freebsd-questions/2006-July/127059.html However, since I can completely remove php4, then install php5, the method they talk about there seems a bit tedious. Thanks for the reply, I thought deinstall and install should do the trick will let you know how I make out. -Grant - Original Message - From: Kevin Kinsey To: Grant Peel Cc: freebsd-questions@freebsd.org Sent: Saturday, October 13, 2007 9:48 PM Subject: Re: php4 to php5 upgrade Grant Peel wrote: > Hi all, > > Does anyone know where there might be some clear documentation the > discribes the complete removal of php4 and its extentions, then how to > build php5 extentions. I can't say for sure that there's any such. Has a web search turned up nothing, then? Surely it's not much harder than: $ cd /usr/ports/lang/php4-extensions && make deinstall clean && make distclean $ cd /usr/ports/lang/php4 && make deinstall clean && make distclean and a little cleaning up in /usr/local/lib and /usr/local/etc. > I want to use ports if possible. Definitely possible. > > P.S. one thing I have always tripped over is weather to build php first, > then, run the meta port for extensions or vice versa ... ? The extensions meta-port will pull PHP in as a dependency if you haven't already installed it*, so the answer is not vice-versa, per se. Do lang/php5 first. Kevin Kinsey *Or it will crap out. Can't remember OTTOMH. -- Start every day off with a smile and get it over with. -- W.C. Fields -- Total Control Panel Login To: [EMAIL PROTECTED] Message Score: 50 High (60): Pass From: [EMAIL PROTECTED] My Spam Blocking Level: High Medium (75): Pass Low (90): Pass Block messages from this sender (blacklist) This message was delivered because the content filter score did not exceed your filter level. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
gtn bot ?
Hi all, Checking my mrtg and trafshow this morning I seem to have an ircd bot running on one of my servers. Does anyone know where I might find some info on 'gtn'?? ps -ax: 62067 1 www Wed Oct 17 20:49:47 2007 gtn (perl5.8.8)35990 1 www Wed Oct 17 18:15:59 2007 [eggdrop] I see several of each of these. ANy help will be appreciated, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: gtn bot ?
Hi all, I missed one to. I have never seen this process befor, any ideas? 6313 1 Mon Oct 15 19:34:39 2007 0:02.71 [prox] - Original Message - From: Grant Peel To: freebsd-questions@freebsd.org Sent: Thursday, October 18, 2007 7:53 AM Subject: gtn bot ? Hi all, Checking my mrtg and trafshow this morning I seem to have an ircd bot running on one of my servers. Does anyone know where I might find some info on 'gtn'?? ps -ax: 62067 1 www Wed Oct 17 20:49:47 2007 gtn (perl5.8.8)35990 1 www Wed Oct 17 18:15:59 2007 [eggdrop] I see several of each of these. ANy help will be appreciated, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Total Control Panel Login To: [EMAIL PROTECTED] Block messages from this sender (blacklist) From: [EMAIL PROTECTED] Remove this sender from my whitelist You received this message because the sender is on your whitelist. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why 7.0 is so late ?
DItto DItto Ditto! -also- I wait another two years if it means I can 'upgrade' from 6.2 to 7.0 (CVS?) without having to restage the whole system!!! -Grant - Original Message - From: Jerry McAllister To: freebsd-questions@freebsd.org Cc: Jerry McAllister Sent: Thursday, October 18, 2007 3:05 PM Subject: Re: Why 7.0 is so late ? On Thu, Oct 18, 2007 at 12:09:02PM -0600, Chad Perrin wrote: > On Wed, Oct 17, 2007 at 10:26:28PM +0300, Giorgos Keramidas wrote: > > > > Traditionally, "BSD" has released stuff "when it was ready" and not when > > some marketting team decided that they wanted to release. The FreeBSD > > team has made genuine efforts towards changing this to a more timely > > release schedule (18 months for a new "major" release), but there have > > been some important bits of kernel and userland which were a bit > > unstable and/or were in development until now. > > I'd much rather that a RELEASE version is as stable as it can reasonably > be made than that it arrives "on time". Seriously. As far as I'm > concerned, take as long as you must to make it as stable as you can. > Sooner is better, all else being equal, but if stability is sacrificed in > any way then all else isn't equal. > > New versions should fix things and provide updated functionality, not > just meet a schedule. It's not like some kind of sales quota needs to be > met. Yup. I think that is the way all of us feel. Just a little more of a clue for the rest of us on how things are coming would be helpful. jerry > -- > CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ] > Kent Beck: "I always knew that one day Smalltalk would replace Java. I > just didn't know it would be called Ruby." > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Total Control Panel Login To: [EMAIL PROTECTED] Block messages from this sender (blacklist) From: [EMAIL PROTECTED] Remove this sender from my whitelist You received this message because the sender is on your whitelist. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
trafshow and IPFW
Hi all, If I write a rule to block irc ports (6669), and I see them being blocked in ipfw, will I still see the connection attemps in trafshow? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
OpenSSL Upgrades from ports.
Hi all, I need to upgrade (FreeBSD 6.2) OpenSSL due to some security concerns. I would like to do so from ports. If anyone cares to give me a simple how to I would be greatful. make deinstall make install clean ??? Are the any 'gotchas' upgrading OpenSSL I should watch for? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
OpenSSL upgrade.
Hiall, Due to a security issue, I need to upgrade my OpenSSL version. What is the correct method? ports? package? a CVSUP of the whole server source? Here is the version I have now (on freebsd 6.2) const# openssl version OpenSSL 0.9.7e-p1 25 Oct 2004 const# TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Recommended servers for FreeBSD
All, We have been using Dell since early 2001. in fact, I have one comming up on two years uptime. (FreeBSD 4.4, Yeah, I know, but I just can't bring myself to shut it down to upgrade). Raid works well, new SAS systems work well, no burn CPUs or Memory. Lots of great online and on phone support. I tried sourcing some 1u and 2u systems elsewhere (no names please), and in the end the Dells with 3 Year silver support and Waranttee were the same price, in a couple ways cheaper. As for speed, they seem to middle of the pack. BUT remember ... bus speed, memory speed, disk access, are all sky high anyways, so speed may not bee an issue anyways, even with slower systems. About the only negative thing I have to say is that I was not at all impressed with the DRAC III/XT cards. The new generation 4 and 5 cards seem to be better though. I had some problems with freeBSD 6.0 freezing, but the same hardware is running 6.2 with no issues now. I am sure that was a FReeBSD quotas problem anyway. Even a simple 24 port managed switch I have works good. My two cents, -Grant - Original Message - From: Terry Sposato To: 'Eric Crist' ; 'User Questions' Sent: Monday, October 29, 2007 11:04 PM Subject: RE: Recommended servers for FreeBSD On Oct 29, 2007, at 2:15 PM, Byung-Hee HWANG wrote: > Hello, > > On Mon, 2007-10-29 at 12:05 -0500, Eric Crist wrote: >> On Oct 29, 2007, at 11:04 AM, Byung-Hee HWANG wrote: >> >> How do HP servers compare to Dell? We're Dell fans here, but always >> willing to look at something better. > > I do not know about Dell well. However i *really* want to use Dell > if i > have a chance. I think Dell is also good friend of FreeBSD. > If you're looking for a Dell recommendation, I'll give you one. I've had nothing but great luck with them. So far, all their hardware I've tried to use has been supported. There are rumors that their newest systems have gigabit network cards that FreeBSD doesn't have a stable driver for, so you're forced to install an Intel or other one in one of the available PCI slots. RAID works great, hot swap and the whole works. Even the RAID battery status comes up in dmesg appropriately. We tend to use used systems, as we're not in need of the fastest systems out there, but we're looking at buying a couple brand-new within the next month or so. If you're interested, trying buying a box on eBay (great prices), and you'll be pleasantly surprised. HTH! - Eric F Crist Secure Computing Networks ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Sorry for the awkward posting but I am at work so hence using a Windows machine with Outlook. I have attached a dmesg output of a Dell 2950 machine we recently purchased and have running flawlessly on FreeBSD amd64 6.2-RELEASE. Everything works great, didn't have to fiddle around with anything, GENERIC kernel picked up everything also. Cheers, Terry ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Total Control Panel Login To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] Remove this sender from my allow list You received this message because the sender is on your allow list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
5.2.1 to 6.2 Migration.
Hi all, I thought I would ask the question before I do it the hard way 1. Can FreeBSD be upgraded from 5.2.1 to 6.2 ? if so ... 2. Can it be done through an ssh connection, or MUST I make the trip to the farm and do it from the console? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IPFW or ProFTPD
Hi all, I am getting lots of brute force attacks on my proftpd server and was wondering if anyone knows of a way for IPFW to check incomming connections and automagicaly block an IP for a period of time when too many connections are made on a port, or if any Proftpd gurus out there know if there is a mod that does the same thing. I have mod_Delay installed, but it does not seem to help much. TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Open Source softwares in FreeBSD for web hosting platform
We, and many hundreds of other hosts use Webmin/Usermin/Virtualmin. It is free, It is robust, There are tons of third party mods to use, Learning how to create your own mods is easy, It is secure. www.webmin.com -Grant - Original Message - From: Tek Bahadur Limbu To: Ovi Cc: freebsd-questions@freebsd.org Sent: Monday, November 26, 2007 10:09 AM Subject: Re: Open Source softwares in FreeBSD for web hosting platform Hi Ovi, Ovi wrote: > Tek Bahadur Limbu wrote: > >> Hi All, >> >> I know that this question has been asked on this list in the past. So >> I am sorry for repeating it. >> >> However, I would like to know the current answers and views on this >> question. >> >> Basically, I want to know which software you might be using as a Site >> configuration and management application for web hosting services. >> >> It will be used primarily to control about 500-1000 virtual domains. >> >> I know that there are Cpanel and Plesk which are very good commercial >> softwares catering the needs for a good web based management tool. >> >> So far, I have only tried out RAQdevil http://www.raqdevil.com/ >> >> It seems good but is quite limited in it's features. >> >> So I would like to know more open source softwares used for this type >> of services. >> >> >> Thanking you... >> >> > We are using syscp and it works well. (you will need to modify it to > suit your needs, the source code is clean and easy to modify). > Any open source software you try, it is not 100% complete (as far as I > know, from my experience with open source web panels), so you will have > to modify the code. The bad thing with syscp is that dns server is not > configurable from web interface (there is a patch, but it allows you to > modify DNS only from admin account, which is not good, I think you will > need regular users to be able to configure their own dns servers), so > this is one thing you must add. I asume you need 3 types of accounts, > admin account, reseller account and user account. > http://www.syscp.org/ I have heard about syscp and will definitely try it once. But I am not very familiar with coding. Apart of the DNS configurations, do we need to hack the code? By the way, how many virtual domains are you currently managing with syscp? Thanking you... > > best regards, > ovi > > > > -- With best regards and good wishes, Yours sincerely, Tek Bahadur Limbu System Administrator (TAG/TDG Group) Jwl Systems Department Worldlink Communications Pvt. Ltd. Jawalakhel, Nepal http://www.wlink.com.np http://teklimbu.wordpress.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" -- Total Control Panel Login To: [EMAIL PROTECTED] From: [EMAIL PROTECTED] Remove this sender from my allow list You received this message because the sender is on your allow list. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
PHP Auth
Hi all, Two questions I have been reading as much as I can find on paswwd, master.passwd, shadow, crypt etc etc etc. and am Still stuck on one point. If the encrypted password is normally aslways different, due to 'salt', then how does one get a match?? Does anyone have posession of a simple PHP script that can auth against the master passwd file? -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Block IP
Can I block a certain IP address at the machine or interface level using freebsd? (No at the Apache or Sendmail level). CyberLaert monioting one of my hosts at the rate of 1.2 GB oer day! (no firewall installed currently). -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Disklabel
Hi, I had a crash tonight. Server rebooted and everything seemed to restart OK. Interesting disklabel output though. Should I be worried about all the "*"s? : If this helps, the disk below is a 10,000 spin RAID 5 Dell Perc DC/L (3 Fujitu disks). enterprise# disklabel /dev/amrd0 # /dev/amrd0: type: SCSI disk: amnesiac label: fictitious flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 4405 sectors/unit: 70770688 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # milliseconds track-to-track seek: 0 # milliseconds drivedata: 0 8 partitions: #size offsetfstype [fsize bsize bps/cpg] c: 707706880unused0 0 # (Cyl.0 - 4405*) enterprise# enterprise# disklabel /dev/amrd0s1 # /dev/amrd0s1: type: ESDI disk: amrd0s1 label: flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 4404 sectors/unit: 70766262 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # milliseconds track-to-track seek: 0 # milliseconds drivedata: 0 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 102400004.2BSD0 0 0 # (Cyl.0 - 63*) b: 2048000 1024000 swap# (Cyl. 63*- 191*) c: 707662620unused0 0 # (Cyl.0 - 4404*) d: 8142848 461291524.2BSD 1024 819216 # (Cyl. 2871*- 3378*) e: 1024 30720004.2BSD0 0 0 # (Cyl. 191*- 828*) f: 3072 133120004.2BSD0 0 0 # (Cyl. 828*- 2740*) g: 2097152 440320004.2BSD0 0 0 # (Cyl. 2740*- 2871*) h: 16494262 542720004.2BSD0 0 0 # (Cyl. 3378*- 4404*) enterprise# ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Disklabel again
Hi, I am reposting this in hopes poeple who have disklabel and RAID perc 3DCL / SCSI experience see it tonight. Hi, I had a crash tonight. Server rebooted and everything seemed to restart OK. Interesting disklabel output though. Should I be worried about all the "*"s? : If this helps, the disk below is a 10,000 spin RAID 5 Dell Perc DC/L (3 Fujitu disks). enterprise# disklabel /dev/amrd0 # /dev/amrd0: type: SCSI disk: amnesiac label: fictitious flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 4405 sectors/unit: 70770688 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # milliseconds track-to-track seek: 0 # milliseconds drivedata: 0 8 partitions: #size offsetfstype [fsize bsize bps/cpg] c: 707706880unused0 0 # (Cyl.0 - 4405*) enterprise# enterprise# disklabel /dev/amrd0s1 # /dev/amrd0s1: type: ESDI disk: amrd0s1 label: flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 4404 sectors/unit: 70766262 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # milliseconds track-to-track seek: 0 # milliseconds drivedata: 0 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 102400004.2BSD0 0 0 # (Cyl.0 - 63*) b: 2048000 1024000 swap# (Cyl. 63*- 191*) c: 707662620unused0 0 # (Cyl.0 - 4404*) d: 8142848 461291524.2BSD 1024 819216 # (Cyl. 2871*- 3378*) e: 1024 30720004.2BSD0 0 0 # (Cyl. 191*- 828*) f: 3072 133120004.2BSD0 0 0 # (Cyl. 828*- 2740*) g: 2097152 440320004.2BSD0 0 0 # (Cyl. 2740*- 2871*) h: 16494262 542720004.2BSD0 0 0 # (Cyl. 3378*- 4404*) enterprise# ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Wireshark
Hi all, I recently became aware of a utility called Wireshark (apparently formerly 'EtherReal"), and was showing a running copy on Windoze. It apprears that it would be awsome for diagnosing network issues (such as DoS attacks, Email bombs etc. My question is: Does the version in /usr/ports/net/wireshark require X11 to run, or can it be run from the command line with straight text output? (I dont have/want X on the servers). -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Wireshark
Hi CHris, Just attempting to install the port. Something I noticed when the install crapped out was that it wanted me to use the "Force Package Register" for the OpenSSL_Overwrite_Base port. That port was already installed, what would be the correct method to deal with this? -Grant - Original Message - From: "Christopher Cowart" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Thursday, September 11, 2008 6:18 PM Subject: Re: Wireshark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Wireshark
OK, So I am using https, and, while doing all this, will be connected via PuTTy through ssh. Will I be disconnected ? Deingstalling the port won't kill my connection or cause general weirdness to people using https? -Grant - Original Message - From: "Chris St Denis" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: ; "Christopher Cowart" <[EMAIL PROTECTED]> Sent: Friday, September 12, 2008 2:46 PM Subject: Re: Wireshark Grant Peel wrote: Hi CHris, Just attempting to install the port. Something I noticed when the install crapped out was that it wanted me to use the "Force Package Register" for the OpenSSL_Overwrite_Base port. That port was already installed, what would be the correct method to deal with this? -Grant - Original Message ----- From: "Christopher Cowart" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Thursday, September 11, 2008 6:18 PM Subject: Re: Wireshark ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" I've found this sometimes happens if the port is checking for a specific version of a dependancy and the version you have is older. Therefore the dependency check fails and it tries to install, but the package manager won't let it because of the existing version. You can deinstall OpenSSL_Overwrite_Base first and it will probebly work fine. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Mystical Server Shutdown.
Hi all, I started getting watchmouse errors about on pf my servers not responding. There is a DRAC on the machine, and the sensor data was all good. When I got the machine back up and running, I seen this in lastlog: client1 ftp hostname1here Wed Sep 17 17:02 - shutdown (00:46) client2 ftp hostname2here Wed Sep 17 17:02 - shutdown (00:46) client2 ftp hostname2here Wed Sep 17 17:02 - shutdown (00:46) client3 ftp hostname3here Wed Sep 17 17:01 - 17:06 (00:04) Should I be worried about seeing 'shutdown' in an ftp line of last? If not, how would you suggest I find the process or program that issued the shutdown command? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mystical Server Shutdown.
Hi H, and Matt, and all, I had instigated all.log, and here is what happened at 04:08 EDT this morning...any clues you see here? ... Sep 18 04:04:08 defiant named[601]: unexpected RCODE (SERVFAIL) resolving 'examplewhole.com/NS/IN': 192.168.0.3#53 Sep 18 04:08:14 defiant syslogd: restart Sep 18 04:08:14 defiant syslogd: kernel boot file is /boot/kernel/kernel Sep 18 04:08:14 defiant kernel: Copyright (c) 1992-2007 The FreeBSD Project. ... Lastlog shows nothing of note... mssclien ftp bas7-london14-1 Thu Sep 18 08:58 - 09:04 (00:05) reboot ~ Thu Sep 18 04:08 ringette ftp CPE001310e9a482 Thu Sep 18 00:10 - 00:11 (00:00) -Grant - Original Message - From: "H.fazaeli" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Thursday, September 18, 2008 5:31 AM Subject: Re: Mystical Server Shutdown. If you applied all the Matthew's suggestions and it is still a mystery, and if server's shutdown is clean, look for a a (buggy) user land process that sends SIGUSR2 signal to init(1). Matthew Seaman wrote: Grant Peel wrote: Hi all, I started getting watchmouse errors about on pf my servers not responding. There is a DRAC on the machine, and the sensor data was all good. When I got the machine back up and running, I seen this in lastlog: client1 ftp hostname1here Wed Sep 17 17:02 - shutdown (00:46) client2 ftp hostname2here Wed Sep 17 17:02 - shutdown (00:46) client2 ftp hostname2here Wed Sep 17 17:02 - shutdown (00:46) client3 ftp hostname3here Wed Sep 17 17:01 - 17:06 (00:04) Should I be worried about seeing 'shutdown' in an ftp line of last? That just means the ftp user was still logged in at the time the system shut down. If not, how would you suggest I find the process or program that issued the shutdown command? Read the system logs, basically. /var/log/messages or /var/log/all.log (if you've enabled it). The shutdown(8) command will always write syslog messages when invoked. halt(8) or reboot(8) will write a 'shutdown' record into wtmp (ie. look at 'last shutdown') but don't log anything to syslog. However, you're quite likely to find that there is nothing in the log or wtmp files to explain what happened. All this means is that the system went down suddenly -- perhaps power dropped out momentarily, or a thermal cutout tripped or the system panic'd for one of any number of reasons. You'ld be able to detect log file traces showing fsck(8) being run on the root f/s following any of those sort of unclean shutdowns, and if the system panic'd then you may well have a core dump sitting in /var/db/crash -- depends whether you've enabled that functionality or not. Cheers, Matthew -- Best regards. Hooman Fazaeli <[EMAIL PROTECTED]> Sepehr S. T. Co. Ltd. Web: http://www.sepehrs.com Tel: (9821)88975701-2 Fax: (9821)88983352 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mystical Server Shutdown
Hi all, I had instigated all.log, and here is what happened at 04:08 EDT this morning...any clues you see here? ... Sep 18 04:04:08 defiant named[601]: unexpected RCODE (SERVFAIL) resolving 'examplewhole.com/NS/IN': 192.168.0.3#53 Sep 18 04:08:14 defiant syslogd: restart Sep 18 04:08:14 defiant syslogd: kernel boot file is /boot/kernel/kernel Sep 18 04:08:14 defiant kernel: Copyright (c) 1992-2007 The FreeBSD Project. ... Lastlog shows nothing of note... mssclien ftp bas7-london14-1 Thu Sep 18 08:58 - 09:04 (00:05) reboot ~ Thu Sep 18 04:08 ringette ftp CPE001310e9a482 Thu Sep 18 00:10 - 00:11 (00:00) -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Upgrading
Hi all, I am preparing to upgrade all servers from FBSD 6.2 to 6.3 in preperation for 6.4, and some day 7.x One thing I have always found a little confusing is what tag to specify in the supfile. If a machine is running 6.2, and I want to upgrade to the latest production release, would I use: RELENG_6_3 ? Also, What do you all think about jumping from 6.4 straight to 7.1 when its released (cvsup method)? All flames, sarcastic comments, snipes and quips welcome. Anything usefull comments also appreciated! -Grant P.S. I have read the Handbook over and over, but maybe I am still missing something. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dealing with portscans
- Original Message - From: "David Allen" <[EMAIL PROTECTED]> To: Sent: Monday, September 22, 2008 4:06 PM Subject: Re: Dealing with portscans On 9/22/08, Greg Larkin <[EMAIL PROTECTED]> wrote: David Allen wrote: Over the last few weeks I've been getting numerous ports scans, each from unique hosts. The situation is more of an annoyance than anything else, but I would prefer not seeing or having to deal with an extra 20-30K entries in my logs as was the case recently. I use pf for firewalling, and while it does offer different methods (max-src-conn, max-src-conn-rate, etc.) for dealing with abusive hosts, it doesn't seem to offer much in the way of dealing with repeated blocked (non-stateful) connection attempts from a given host. Short of running something like snort, is there a suitable tool for dealing with this? If not, I'll probably resort to running a cronjob to parse the logfile and add the offending hosts manually. Hi David, You might want to try security/portsentry from the ports tree. It's a bit dated, and it has no maintainer at the moment, but a cursory glance at it tells me it might work for you. It supports pf for blocking connections once your trigger conditions are met. I'll give it a try. FWIW, I did discover that parsing the log files to get a list of offending hosts (denied a number of times above a given certain threshold) wasn't really as slow or troublesome as I thought. That slightly hackish approach might be useful for port scans in addition to the various rubbish I get sent. Thanks to both you and Jeff Laine for the replies. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Hiyas, Would it work with IPFW or just PF? Can PF and IPFW run at the same time? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Server - Linux Compat
Hi all, When I was young, many many moons ago, and I installed FreeBSD 4.4 for the first time, I enabled linux compatability ... Each build since, I have enabled it ... So not I am at the point of asking myself why? All I run is webservers and namesrvers, you know, Bind, Apache, Mysql, vmpop3d, PHP, Exim and shh...not to mention a few utils, ipa, ipfw etc. Does anyone have any compelling reason I should continue to enable linux compatability? Are there any pitfalls (Security, Performance) in doing so? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Updating and Ports
Hi all, I have heard people chattering occasionally about /etc/make.conf. In a few days, I will be updating from 6.2, and 6.3, to RELENGE_6_3 and am curious how I can use / modufy /etc/make.conf so that I dont need to install all my ports again. Which leads to the question: I just installed /usr/ports/archivers/unzip onto all the servers, when I update to RELENG_6_3, will I need to reinstall them all over again? Which leads back to the original question, can I modify /etc/make.conf so that all ports currenly install are re installed? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Logrotate
Hi all,
I have recently started using logrotate to rotate all the logs in the users
home directories. These are all apache logs files.
/home/domain.com/logsaccess_log
/home/domain.com/logsaccess_log.0.gz
/home/domain.com/logsaccess_log.1.gz
/home/domain.com/logsaccess_log.2.gz
I have a problem though. Some of my domains have softlinks pointing to them,
this causes the logs to be rotated 2 or more times (i.e. 1 time for the
'real' directory, and 1 time each for each softlink pointing to them).
Example
/home/domain.com/logs/
domain2.com -> domain.com
domain3.com -> domain.com
will result in the 'access_log' being rotated 3 times in one run, causing my
log dirs to look like this:
-rw-r--r-- 1 root holt 160 Oct 1 05:44 access_log
-rw-r--r-- 1 root holt 446 Oct 1 05:44 error_log
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.1.gz
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.2.gz
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.3.gz
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.4.gz
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.5.gz
-rw-r--r-- 1 root holt20 Oct 1 03:46 access_log.6.gz
-rw-r--r-- 1 root holt 224 Oct 1 03:46 access_log.7.gz
-rw-r--r-- 1 root holt20 Sep 30 03:46 access_log.8.gz
-rw-r--r-- 1 root holt20 Sep 30 03:46 access_log.9.gz
Here is this appropriate part of my logrotate.conf
# logrotate.conf
compress
...
/home/*/logs/access_log {
missingok
rotate 14
daily
create 644 root
sharedscripts
postrotate
/usr/local/sbin/apachectl restart
endscript
}
# End of logrotate.conf
Question, is there a way to stop this from happening?
-Grant
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Bruteblocker
Hi all, I have been tinkering with bruteblock all night, and was wondering if anyone else on this list has used it. I can't seem to get proftpd.conf, syslog.conf setup correclty to log the ips to table one (in ipfw). Any assistance would be appreciated. -grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Mailman + Apache + Cookies + FreeBSD
Hi all, I am not a fan of cross posting, but, I have to make a exception in this case as I can't seem to nail down whether its the software or OS causing me the problem. Software: Apache 2.2, Python 2.5, Mailmain 2.1.11 OS: FreeBSD 6.2 Release #0 Apache and Python were built from ports, Mailman was built from source. Problem: I can't stay logged into the Mailman web interface. Each time I submit a form, I am logged out. When I do log in, If I look on my local machine, I cant find a session cookie anywhere. It like is never set. And the Mailman documentation clearly states that none of the changes will be saved in that scenario. Question: are there any people out there who can point me in the right direction? I assume that Python should be setting a cookie, but thats just a guess ... could it be OS related? TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mailman + Apache + Cookies + FreeBSD
Thanks Chuck, Tried all that several times. My browser accepts cookies from many different (tested today and yesterday) sites. -Grant - Original Message - From: "Chuck Swiger" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Thursday, October 09, 2008 6:09 PM Subject: Re: Mailman + Apache + Cookies + FreeBSD On Oct 9, 2008, at 2:59 PM, Grant Peel wrote: Problem: I can't stay logged into the Mailman web interface. Each time I submit a form, I am logged out. When I do log in, If I look on my local machine, I cant find a session cookie anywhere. It like is never set. And the Mailman documentation clearly states that none of the changes will be saved in that scenario. Question: are there any people out there who can point me in the right direction? I assume that Python should be setting a cookie, but thats just a guess ... could it be OS related? Try restarting your browser, and double-checking that your preferences allow the webserver to set cookies. Regards, -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mailman + Apache + Cookies + FreeBSD
Jerry, I tried a few times to build it from source but since I am using Apache+Suexec, I was stuck on how to 'make' it and pass the parms needed to set the user and home directory, i.e. I needed the install directory to be set to /home/mailmain when the ports version insisted on setting it to /usr/local/mailman. -Grant - Original Message - From: "Jerry" <[EMAIL PROTECTED]> To: Sent: Thursday, October 09, 2008 6:22 PM Subject: Re: Mailman + Apache + Cookies + FreeBSD ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re Apache + Mailman
Cool Paul, How about the rest of these: '--prefix=/home/mailman' '--with-username=mailman' '--with-mail-gid=mailman' '--with-cgi-gid=mailman' And do you think it would make a difference to the cookies issue I am having? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mailman + Apache + Cookies + FreeBSD
Jeff, are you running apache with Suexec? If so I would realy like to expand in this with you. -Grant - Original Message - From: "Jeffrey Goldberg" <[EMAIL PROTECTED]> To: "Odhiambo Washington" <[EMAIL PROTECTED]> Cc: "Grant Peel" <[EMAIL PROTECTED]>; Sent: Saturday, October 11, 2008 11:10 PM Subject: Re: Mailman + Apache + Cookies + FreeBSD On Oct 10, 2008, at 1:45 AM, Odhiambo Washington wrote: Could you downgrade Mailman and see if the problem still persists? I run the combination you have (except Mailman is 2.1.9 and FreeBSD is 6.3) and I haven't had an issue. Might be a bug introduced in Mailman 2.1.11 I'm running mailman 2.1.11 (installed from ports) without the described problem. So in at least one case, Apache, FreeBSD and Mailman 2.1.11 work without exhibiting the described problem. -j ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 6.3-RELEASE installing php-imap
Hi all, I have a script that required php-imap extension installed but I keep running into a 2 snags when 'making' the port (mail/php-imap)... First, I have to use the -DFORCE_PKG_REGISTER so openssl_overwtite_base won't kill the make, which seems to work, and, most importantly, when the mail/imap-php port tried to actually do the build of the imap part, it says it can't find (OpenSSLs) 'evp.h' file. I assume it is just failing on the first file it can't find. So, I guess the question is, when making the mail/imap-php port, is there a way to pass the path for the OpenSSL libraries? My libs appear to be in two places: server# locate evp.h /usr/include/openssl/evp.h /usr/src/crypto/openssl/crypto/evp/evp.h If I can pass the path, I assume I should use the /usr/include dir, but how? make -D"--with-openssl=/usr/include/openssl" ??? TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
gzip and dump
Hi all, I lost my Hard Drive and all my many tens of thousands of emails. Thus, my excellent repository of answers from this list were sent to oblivion. I make dumps using gzip and forget the command line to restore files from the zipped dump. I use the command line like: dump 0 -h0 -uaLf - /home | gzip > dumpfile.gz If someone cand remind me the proper way to restore a file I would be greatful. TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Netwroked Storage
Hi all, For the past few months I have been researching methods to create a storage enclosure, perferably with out spending many 10s of k's of $'s. The intent here is to connect about 10 Web servers, each of them hosting about 200 domains, to a central storage system to house users home directories. I am still looking for feedback regarding what level of hardware ( how much RAM , cpu bus speed etc) people might be using for a similar setup. The end idea is to lead FreeBSD on the storage system, create one huge /home directory, export it via NFS and share that on all the Web machines. It might be worth noting that the Web machines host a full array of software, i.e. Mail, Web, MySQL, PHP etc. Does anyone use a similar setup? What kind of I/O bottlenecks are created? Any feedback would be welcome. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Netwroked Storage
- Original Message - From: "Mauro Rezzonico" To: Sent: Tuesday, September 29, 2009 9:46 PM Subject: Re: Netwroked Storage Grant Peel wrote: The intent here is to connect about 10 Web servers, each of them hosting about 200 domains, to a central storage system to house users home directories. It might be worth noting that the Web machines host a full array of software, i.e. Mail, Web, MySQL, PHP etc. I don't have an answer, bu I have a question, probably a naive one and even slightly OT.. If the 200 domains are hosting MySQL driven web applications (let's say 200 Wordpress), then perhaps they are connecting to the very same MySQL instance, so ALL their databases are in the same mysql_dbdir, and perhaps the dbdir is /var/db/mysql... So: how do you deal things like that with MySQL driven web applications? How are you going to deal the mysql_dbdir issue? NFS perhaps is not the best filesystem for MySQL tables (performance-wise)... Are you going to 'mysqldump' the databases back in each home dir? Periodically? And keep the databases on the local disks? -- Mauro Rezzonico , Como, Italia "Maybe this world is another planet's hell" - H.Huxley All machines are completely autonomous. i.e they each run thier own applications and store all data to thier own disks. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Netwroked Storage
- Original Message - From: "Adam Vande More" To: "Grant Peel" Cc: Sent: Wednesday, September 30, 2009 9:07 AM Subject: Re: Netwroked Storage On Tue, Sep 29, 2009 at 10:39 AM, Grant Peel wrote: Hi all, For the past few months I have been researching methods to create a storage enclosure, perferably with out spending many 10s of k's of $'s. The intent here is to connect about 10 Web servers, each of them hosting about 200 domains, to a central storage system to house users home directories. I am still looking for feedback regarding what level of hardware ( how much RAM , cpu bus speed etc) people might be using for a similar setup. The end idea is to lead FreeBSD on the storage system, create one huge /home directory, export it via NFS and share that on all the Web machines. It might be worth noting that the Web machines host a full array of software, i.e. Mail, Web, MySQL, PHP etc. Does anyone use a similar setup? What kind of I/O bottlenecks are created? Your questions cannot be answer specifically because they do not contain enough info. Here is what I chose to do in a similar but smaller enviro. 1. This a good place for virtualization. FreeBSD jails are the most efficient form that I'm aware of including XEN. Jails have limitations XEN doesn't however. 2. High load DB's shouldn't be virtualized. 3. EZjails port helps alot! 4. Machine specs would depend on system load, you've given no indication other than apps. 5. You should preplan backup and failover setup. Heartbeat, CARP, rdiff, and other utilities should help here. Any feedback would be welcome. -Grant -- Adam Vande More ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Hi Adam, Thanks for the reply. Whatever software flavour I settle on (I am trending towards FreeNAS at this point), I will be be running a RAID 5 array with a specific share dedicated to backups. Indeed, I already have a robust backup schemem in place. So no worries about loosing data per #5 on your list. Per #4 on your list, I am not sure if you are asking about the NAS machine, or the clients. The CLients are all Dell machines (R200's, PE860's and PE#750's). They are all Pent 4 and Xenon machines, currently using 100MB ethernet. (LAN AND WAN). All of them are connected to my central switch via a LAN vlan, and a wan vlan. The ethernet switch is also a dell 48 port Managed 100MB switch, with two GB ports. The current Internet traffic is about 2 Megabits sustained. The hard drive lights on each server are blinking about once per second, a little more solid when FTP activity is high. As far as the NAS machine specs go, I have not decided on anything yet, and am looking for input on this, any takers? I have also just came up with another question: All of the 200 domains on each server have thier own Real Unix user (obviously). Once the NAS is setup, (using NFS), how do the permissions on the NAS machine play out? i.e. when user 'hisname' logs into a server via ftp, and uploads a file to his home directory (which is on the NAS), will the file permissions be the same, and will 'hisname' own the file exactly the same as if he were writing to the local (server) disk? In the NAS exports do I have to map every user to the NFS or can I just maproot? TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Netwroked Storage
Hi all, I now have a quote from Dell, for a 4 TB, RAID5 NX3000 NAS. It comes pre configured with Windows Storage Server 2008 Standard Edition. Dell support assures me it will be compatable with NFS on FreeBSD, but if we are not happy with it we can wipe it and install whatever software we want ... FreeNAS for example. Questions: Has anyone used/using Windows Storage Server 2008 with FreeBSD clients? Is there any compatability loss? (NSF). Is anyone using this specific hardware? If so, comments please! -Grant Has anyone used - Original Message - From: "Olivier Nicole" To: Cc: ; Sent: Wednesday, September 30, 2009 9:16 PM Subject: Re: Netwroked Storage Hi, All of the 200 domains on each server have thier own Real Unix user (obviously). Once the NAS is setup, (using NFS), how do the permissions on the NAS machine play out? i.e. when user 'hisname' logs into a server via ftp, and uploads a file to his home directory (which is on the NAS), will the file permissions be the same, and will 'hisname' own the file exactly the same as if he were writing to the local (server) disk? That is expected, else something bad would exists in the configuration of the NAS. In the NAS exports do I have to map every user to the NFS or can I just maproot? Maproot is the easiest as it gives complete access to the NFS exported directory. Now you may consider that for security reason, users of client-machine 1 should only be allowed to NFS mount their own home directory. In that case, you may need the users of client-machine 1 to exist on client-machine 1 and on the server, etc for machine 2... Actually I never had this case when a user account only exists on an NFS client but not on the NFS server, so I am not too sure. I guess that user ID of the users should be different on every client system. You may consider an LDAP directory for your users, where the server would see all the users, but each client-machine would see only the users belonging to it (I thing that there is an "host" attributes, so client-1 only sees the users with host=client-1). Good luck, Olivier ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
"Out of mbuf address space!"
Hi all, I have an older RAID 5 machine running FreeBSD 5.2.1 and am using it as a backup storage unit. Yesterday morning, we noticed the the NFS mounts on the clients to this machine we not available, which sent a bunch of cronjobs spinning out of control etc. We also became unable to connect via ssh. Once at the console we noted sevral dozen entries in the messages.log: Oct 1 08:32:13 enterprise kernel: Out of mbuf address space! Oct 1 08:32:13 enterprise kernel: Consider increasing NMBCLUSTERS Oct 1 08:32:13 enterprise kernel: All mbufs or mbuf clusters exhausted, please see tuning(7). After rebooting the machine, and getting the clients under control I started investigating tunning(7) in the man pages. I am confused however. I have increased the kern.ipc.nmbclusters to 2048 in the /boot/loader.conf, but when I checked netstat -m, it appears that there are less buffers available then there were when the problem happened. netstat -m enterprise# netstat -m mbuf usage: GEN cache: 0/64 (in use/in pool) CPU #0 cache: 145/640 (in use/in pool) Total: 145/704 (in use/in pool) Mbuf cache high watermark: 512 Maximum possible: 4096 Allocated mbuf types: 144 mbufs allocated to data 1 mbufs allocated to packet headers 17% of mbuf map consumed mbuf cluster usage: GEN cache: 0/232 (in use/in pool) CPU #0 cache: 135/232 (in use/in pool) Total: 135/464 (in use/in pool) Cluster cache high watermark: 128 Maximum possible: 2048 <-- this number was much higher 22% of cluster map consumed <- this number was much lower. 1104 KBytes of wired memory reserved (27% in use) 0 requests for memory denied 0 requests for memory delayed 0 calls to protocol drain routines This particular machine has 512 MB of ram. Any suggestions what an NFS intensive machine with 512 meg ram should have kern.ipc.nmbclusters set to? Are there any otyher tunables I should be looking at. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Ion-cube FreeBSD 8
Hi all, I am in the middle of setting up a new FreeBSD 8.0 server, and need to load the ioncube loader. I have been to the ioncube site and they do not have a release for FBSD8 yet. I was wondering if anyone on this list has setup FreeBSD 8.0 (Php 5.2, Apache 2.2) using a previous version of the loader. If so, which one did you use? -Grnat ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: interactive stop on boot
Yeah, what CHris said. Also, there is an option you can put in fstab to allow the automount, and background the NFS mounts ... so that if the mount fails the boot will continue. Again, as mentioned, this will only work if the OS and your connection method (ssh daemon?) are not dependant on the NFS mounts. Here is what my fstab looks like. Note line 6 that specifies the "-t=10,-b" options (to timeout the mount after 10 seconds and to background the nfs mount). # DeviceMountpoint FStype Options Dump Pass# /dev/da0s1b noneswapsw 0 0 /dev/da0s1a / ufs rw 1 1 /dev/da0s1f /home ufs userquota,rw0 2 /dev/da0s1d /usrufs rw 2 2 /dev/da0s1e /varufs rw 2 2 nfsserver:/mnt /mntnfs -t=10,-b,rw 0 0 -Grant - Original Message - From: "Christopher Sean Hilton" <[EMAIL PROTECTED]> To: "Jason Barnes" <[EMAIL PROTECTED]> Sent: Friday, March 14, 2008 12:03 PM Subject: Re: interactive stop on boot On Mar 14, 2008, at 11:24 AM, Jason Barnes wrote: Hi -- I'm running a "Tombstone" machine that's functioning as a server. The machine is located somewhere with a fast connection, and not somewhere that I have easy access to. As such, I want this machine to do its best to boot up and get onto the network, no matter what happens on boot, so that I have a chance to actually fix the problem. Lately when it boots it runs into an NFS mounting error, claiming that some of my NFS-mounted drives have unexpected inconsistencies. It says "unexpected error - help!" and then quits to a /bin/sh single-user-mode prompt. As I am 10 miles away, this is decidedly unhelpful. I don't care if it can't mount some irrelevant drive or not; I want it to boot up and ask me questions later. Is there a way that I can set the machine to do its best to boot no matter what it finds at boot time? Thanks in advance for any help you can provide, Depends on the whether or not the system needs something from the NFS mount at boot time. If it doesn't then you would do well to use amd (man 8 amd) to handle the mount. The short of is that amd automates the process of mounting a filesystem by presenting a directory. When a process requests a file within that directory amd performs the mount. Amd helps by deferring the mount until something actually needs something from the remote filesystem. Simpler still would be to change the mounts entry to noauto in /etc/ fstab. However then you or someone else will have to perform the mount when you need the filesystem. -- Chris ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Load Averages
Hi all, I have a machine that has be up now for a little over two years: voyager ROOT /var/log > w 10:15AM up 741 days, 2:42, 1 user, load averages: 1.06, 1.02, 1.00 USER TTY FROM LOGIN@ IDLE WHAT p0 10:08AM - w and as you can see from the 'w' output above, the load average is running about 1.00 for all three timeframes. This machine is a nameserver only and has only a few processes running on it. I have tried shutting down all but the very necessary of processes and the 1-5-15 minute averages stay the same. This has only started over the past week. At the start of last week, my mrtg graphs showed it spiked at 1.00 for about an hour, then subsided. It did the same a few days later, and today, has been at 1.00 since about midnight. This machine is a Dell PE 500SC (Vintage about 2002), and is running FreeBSD 4.4. Questions: Is there another way (other than top or ps) that will show what is causing the spike? ps and top are showing nothing. Should I be worried? COuld this be an indication of a hardware problem? Here is the top output: last pid: 5181; load averages: 1.00, 1.00, 1.00 up 741+02:47:14 10:19:56 23 processes: 1 running, 22 sleeping CPU states: 0.4% user, 0.0% nice, 0.4% system, 0.0% interrupt, 99.2% idle Mem: 34M Active, 102M Inact, 44M Wired, 9924K Cache, 35M Buf, 58M Free Swap: 516M Total, 1416K Used, 514M Free PID USERNAME PRI NICE SIZERES STATETIME WCPUCPU COMMAND 5181 root 28 0 1888K 1004K RUN 0:00 1.35% 0.24% top 4988 root 2 0 12084K 11540K select 0:36 0.10% 0.10% named 182 root 10 0 208K 0K nfsidl 6:05 0.00% 0.00% nfsiod 92063 root 10 0 968K 628K nanslp 4:12 0.00% 0.00% cron 172 root 2 0 940K 428K select 2:52 0.00% 0.00% syslogd 183 root 10 0 208K 0K nfsidl 2:36 0.00% 0.00% nfsiod 184 root 10 0 208K 0K nfsidl 1:57 0.00% 0.00% nfsiod 211 root 2 0 904K 352K select 1:49 0.00% 0.00% usbd 185 root 10 0 208K 0K nfsidl 0:28 0.00% 0.00% nfsiod 38935 root 2 0 2100K 784K select 0:11 0.00% 0.00% sshd 5102 root 2 0 2144K 1332K select 0:00 0.00% 0.00% sshd 4984 root 2 0 6760K 6052K select 0:00 0.00% 0.00% perl 5107 root 18 0 1296K 816K pause0:00 0.00% 0.00% csh 5103 gpeel 18 0 1292K 820K pause0:00 0.00% 0.00% tcsh 291 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 292 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 295 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 293 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 315 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 290 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 294 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 289 root 3 0 944K 288K ttyin0:00 0.00% 0.00% getty 28 root 18 0 208K 0K pause0:00 0.00% 0.00% adjkerntz and here is ps: voyager ROOT /var/log > ps -ax PID TT STAT TIME COMMAND 0 ?? DLs0:40.00 (swapper) 1 ?? ILs0:00.85 /sbin/init -- 2 ?? DL 1:55.25 (pagedaemon) 3 ?? DL 0:00.00 (vmdaemon) 4 ?? DL 9:38.95 (bufdaemon) 5 ?? DL 1151:29.78 (syncer) 28 ?? Is 0:00.00 adjkerntz -i 172 ?? Ss 2:52.26 /usr/sbin/syslogd -s 182 ?? I 6:05.35 nfsiod -n 4 183 ?? I 2:35.51 nfsiod -n 4 184 ?? I 1:56.52 nfsiod -n 4 185 ?? I 0:27.87 nfsiod -n 4 211 ?? Is 1:49.09 /usr/sbin/usbd 4984 ?? Ss 0:00.09 /usr/bin/perl /usr/local/webmin-1.320/miniserv.pl /etc/webmin/miniserv.co 4988 ?? Ss 0:35.94 named 5102 ?? S 0:00.31 sshd: *** (sshd) 38935 ?? Is 0:11.12 /usr/sbin/sshd 92063 ?? Is 4:11.62 cron 5103 p0 Is 0:00.02 -tcsh (tcsh) 5107 p0 S 0:00.05 _su (csh) 5195 p0 R+ 0:00.00 ps -ax 315 v0 Is+0:00.00 /usr/libexec/getty Pc ttyv0 289 v1 Is+0:00.00 /usr/libexec/getty Pc ttyv1 290 v2 Is+0:00.00 /usr/libexec/getty Pc ttyv2 291 v3 Is+0:00.00 /usr/libexec/getty Pc ttyv3 292 v4 Is+0:00.00 /usr/libexec/getty Pc ttyv4 293 v5 Is+0:00.00 /usr/libexec/getty Pc ttyv5 294 v6 Is+0:00.00 /usr/libexec/getty Pc ttyv6 295 v7 Is+0:00.00 /usr/libexec/getty Pc ttyv7 TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Load Averages
Ivan, Checked top, it does not have the 'S' option. Guess its time to upgrade ... (???) -Grant - Original Message - From: "Ivan Voras" <[EMAIL PROTECTED]> To: Sent: Saturday, March 15, 2008 5:31 PM Subject: Re: Load Averages ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Load Averages
The only thing I see in dmesg is: Too many dynamic rules (from ipfw). Maybe I should try removing the keep-state statements? I only want to reboot as a last resort :-) -Grant - Original Message - From: "Patrick C" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: ; "Ivan Voras" <[EMAIL PROTECTED]> Sent: Saturday, March 15, 2008 8:46 PM Subject: Re: Load Averages I don't think it's an accounting bug, my guess is there is an issue in the kernel. Have you checked the output of dmesg? Anything unusual? Any issues accessing locally mounted file systems? Instead of upgrading, have you considered rebooting? :) -Patrick On 15/03/2008, Grant Peel <[EMAIL PROTECTED]> wrote: Ivan, Checked top, it does not have the 'S' option. Guess its time to upgrade ... (???) -Grant - Original Message - From: "Ivan Voras" <[EMAIL PROTECTED]> To: Sent: Saturday, March 15, 2008 5:31 PM Subject: Re: Load Averages ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Load Averages
Patric, No the system seemed as responsive as ever: the name daemon was processing requests, and logging in was quick and painless. -Grant - Original Message - From: "Patrick C" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: ; "Ivan Voras" <[EMAIL PROTECTED]> Sent: Saturday, March 15, 2008 9:21 PM Subject: Re: Load Averages Sure, flush the rules and the current state and start over. I haven't seen any issues with ipfw but I am recently more familiar with pf. I think ipfw usage should be accounted for properly as "system" though... does the system actually feel like there's that kind of load? -Patrick On 15/03/2008, Grant Peel <[EMAIL PROTECTED]> wrote: The only thing I see in dmesg is: Too many dynamic rules (from ipfw). Maybe I should try removing the keep-state statements? I only want to reboot as a last resort :-) -Grant - Original Message - From: "Patrick C" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: ; "Ivan Voras" <[EMAIL PROTECTED]> Sent: Saturday, March 15, 2008 8:46 PM Subject: Re: Load Averages >I don't think it's an accounting bug, my guess is there is an issue in > the kernel. > > Have you checked the output of dmesg? Anything unusual? Any issues > accessing locally mounted file systems? > > Instead of upgrading, have you considered rebooting? :) > > -Patrick > > On 15/03/2008, Grant Peel <[EMAIL PROTECTED]> wrote: >> Ivan, >> >> Checked top, it does not have the 'S' option. >> >> Guess its time to upgrade ... (???) >> >> >> -Grant >> >> >> - Original Message - >> From: "Ivan Voras" <[EMAIL PROTECTED]> >> To: >> Sent: Saturday, March 15, 2008 5:31 PM >> Subject: Re: Load Averages >> >> >> ___ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to >> "[EMAIL PROTECTED]" >> > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to > "[EMAIL PROTECTED]" > > ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Ports Question
Hi all, What is the proper method to pass configure arguments when installing a port? example, I am trying to build exim with mysql and spf support make -D "WITH_SPF=YES" -D "WITH_MYSQL=YES" Please help, been struggling with this for what seems like forever. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: simple network traffic query tool
Take a look at ipa.
-Grant
- Original Message -
From: "beni" <[EMAIL PROTECTED]>
To:
Cc: "Tobias Kirschstein" <[EMAIL PROTECTED]>
Sent: Monday, April 28, 2008 2:00 PM
Subject: Re: simple network traffic query tool
On Thursday 24 April 2008 18:10:40 Tobias Kirschstein wrote:
hi,
i'm looking for a small tool to query the current network traffic (kb
IN and OUT) per interface. is there any sysctl or tool which gives me a
similar output to "systat -ifstat":
/0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /10
Load Average
Interface Traffic PeakTotal
lo0 in 0.000 KB/s 0.000 KB/s 226.079
KB
out 0.000 KB/s 0.000 KB/s 226.079
KB
wpi0 in 0.000 KB/s 0.000 KB/s 164.577
MB
out 0.000 KB/s 0.000 KB/s6.205
MB
the background:
unfortunately the network monitor build into superkaramba does not work
for freebsd, os i want to write a widget which uses sysctl or any other
tool if available got get this information. systat is not appropriate
to be used because it does not terminate on its own as i see.
I'm using a modified version of Superkarambas CompactMonitor. It is
written
for Linux I think, but easily adaptable for freebsd.
All I did was moddify the
~/.kde/share/apps/superkaramba/themes/CompactMonitor/CompactMonitor.theme
file :
text x=435 y=50 sensor=network device="vr0" format="%in KB/s"
decimals=1
text x=370 y=50 value="Download"
text x=570 y=50 sensor=program program="netstat -ibh | grep Link#1 |
awk '{print $7}'" align=right interval=1000
text x=435 y=65 sensor=network device="vr0" format="%out KB/s" decimals=1
text x=370 y=65 value="Upload"
text x=570 y=65 sensor=program program="netstat -ibh | grep Link#1 |
awk '{print $10}'" align=right interval=1000
Add
graph x=370 y=30 sensor=network device="vr0" format="%out" w=200 h=15
color=255,127,127 interval=1000 max=100
graph x=370 y=30 sensor=network device="vr0" format="%in" w=200 h=15
color=127,230,180 interval=1000 max=100
if you want to add a graphic representation and change the "vr0" according
to
your (ethernet) device.
It works for me with kde 3.5.8 on 7.0-stable.
--
Beni.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"[EMAIL PROTECTED]"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Apache 2.2 + PHP5 + SuExec + (fast-cgi or mod_fcgid)
Hello Everyone, I am researching how to run PHP as CGI with Apache's Suexec module. Up to this point we have been using PHP as an Apache mod, but are looking to move to the more secure solution. I am not sure this is exactly the right list top post to so if anyone knows a better one please let me know :-) I am using FreeBSD (8) as the OS, Apache 2.2, PHP5 with several extensions installed. What I am looking for is to have PHP run as a CGI wrapped with suexec, and to have the fastcgi module, or, mod_fcgid. I have never set this up before so if anyone knows of a usefull 'how-to' that would be great. I have been reading through http://www.cyberciti.biz/faq/freebsd-apache22-fastcgi-php-configuration/ and it seems to have some good hints. Of course, once we get this all figured out, I will post a complete step by set here. TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Apache 2.2 + PHP5 + SuExec + (fast-cgi or mod_fcgid)
Should I be using suPHP then instead of the formentioned suexec/mod_fcgid ?
-Grant
-Original Message-
From: Damien Fleuriot
Sent: Wednesday, June 29, 2011 4:25 AM
To: freebsd-questions@freebsd.org
Subject: Re: Apache 2.2 + PHP5 + SuExec + (fast-cgi or mod_fcgid)
*fast* cgi , which as the name implies, is erm, fast ;)
See, only apache has PHP as a module.
Other web servers such as nginx or lighttpd use a fastcgi process.
This has several advantages:
- you'll no longer see apache exit with (quote) a "signal 11, core
dumped" because of lousy php code / errors.
- you can use different php config files for different vhosts
- php fcgi is faster
- you can use process accounting to check the processing time consumed
individually by your web server , and your PHP processes
- you will slightly reduce the size of your apache processes, since
they'll no longer load mod_php
On 6/29/11 8:31 AM, Van Der Meulen, Mark wrote:
I am under the impression that suPHP is the better/more secure way of
running PHP with Apache. In addition you don't need suEXEC to do so. Am
I incorrect in these assumptions? What are the benefits of running PHP
as a CGI(if you don't mind me asking) ?
Mark
-Original Message-
From: owner-freebsd-questi...@freebsd.org
[mailto:owner-freebsd-questi...@freebsd.org] On Behalf Of Grant Peel
Sent: Wednesday, 29 June 2011 2:13 PM
To: freebsd-questions@freebsd.org
Subject: Apache 2.2 + PHP5 + SuExec + (fast-cgi or mod_fcgid)
Hello Everyone,
I am researching how to run PHP as CGI with Apache's Suexec module. Up
to
this point we have been using PHP as an Apache mod, but are looking to
move
to the more secure solution.
I am not sure this is exactly the right list top post to so if anyone
knows
a better one please let me know :-)
I am using FreeBSD (8) as the OS, Apache 2.2, PHP5 with several
extensions
installed.
What I am looking for is to have PHP run as a CGI wrapped with suexec,
and
to have the fastcgi module, or, mod_fcgid. I have never set this up
before
so if anyone knows of a usefull 'how-to' that would be great. I have
been
reading through
http://www.cyberciti.biz/faq/freebsd-apache22-fastcgi-php-configuration/
and
it seems to have some good hints.
Of course, once we get this all figured out, I will post a complete step
by
set here.
TIA,
-Grant
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscr...@freebsd.org"
***
Travelex - www.travelex.com
Travelex Outsourcing Pty Limited [Currency Select businesss] is a limited
company registered in Australia with company number: 127 747 586.
Information in this email including any attachment ('email') is
confidential,
may be privileged and is intended solely for the addressee. Unauthorised
recipients are requested to preserve the confidentiality of this email,
advise
the sender immediately of any error in transmission, and then delete the
email
from the recipient's mailbox without making copies. Any disclosure,
copying,
distribution or action taken, or omitted to be taken, in reliance upon the
contents of this email by unauthorised recipients is prohibited and may be
unlawful.
Please note that no contracts or commitments may be concluded on behalf of
Travelex Outsourcing Pty Limited [Currency Select businesss] or its groups
of companies ('Travelex') by means of email, and no statement or
representation made in this email is binding on
behalf of Travelex.
DISCLAIMER: Whilst this message has been scanned for viruses, Travelex
disclaims any responsibility or liability for viruses contained therein.
It is
therefore recommended that all emails should be scanned for viruses.
***
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FreeBSD 8.0 -> PHP 5.3.x
Hi all, Short of upgrading the OS, what is the safest way to upgrade a FreeBSD server to PHP 5.3.x from 5.2.11 ? I am assuming downloading the ports tarball and rebuilding and reinstalling will do it? Any advice, samples would be appreciated, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
gpart
Hi all, I am in the midst of setting up the framework for new servers using FreeBSD 9.1. I used the bsdinstall and Manual`` option when setting up the disk geometry using GPT - graphical setup. The idea will be to eventually dump the 4 file systems, (/, /usr /var and /home) and restore them on other servers when the time comes. I am reading everything there is about GPT at this point as I have never used it before. It seems gpart is the tool to use. I have done several test runs setting the drive geometry using this as a guide: http://www.wonkity.com/~wblock/docs/html/disksetup.html Which worked well. But as yet I do not have dumps to test with. I was wondering in anyone sees any issues creating the drive geometry using this method, with the intent of restoring dumped filesystems to to, including the root filesystem. I am yet to use 9.1 to do so, so any tips would be appreciated. -G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: gpart
-Original Message- From: Erich Dollansky [mailto:erichsfreebsdl...@alogt.com] Sent: March-31-13 9:55 PM To: Grant Peel Cc: freebsd-questions@freebsd.org Subject: Re: gpart Hi, On Sun, 31 Mar 2013 21:28:40 -0400 "Grant Peel" wrote: > I am in the midst of setting up the framework for new servers using > FreeBSD 9.1. I used the bsdinstall and Manual`` option when setting up > the disk geometry using GPT - graphical setup. > > The idea will be to eventually dump the 4 file systems, (/, /usr /var > and /home) and restore them on other servers when the time comes. > using a separated home is a very good idea. > > http://www.wonkity.com/~wblock/docs/html/disksetup.html I have had only one problem with this description. I could not boot from a GPT setup on my machine done as described there. But I have a disk done with PCBSD based on 9.0 which booted well. I cannot tell you if this is a problem caused by a later chance on the side of FreeBSD. > Which worked well. But as yet I do not have dumps to test with. If all worked well for you, I do not see any problems coming for you then. > > I was wondering in anyone sees any issues creating the drive geometry > using this method, with the intent of restoring dumped filesystems to > to, including the root filesystem. I have some drives which partitioning I did according to this. The only problem I have is booting. The rest is all working perfectly. > > I am yet to use 9.1 to do so, so any tips would be appreciated. > If you want this for serious servers, you might even consider 8.3, if your hardware is supported. Nothing beats the robustness of the older FreeBSD versions. Erich Interesting. Up to this point I have always upgraded to the latest release version of FreeBSD. I am currently running 8.0 and am in need of many of the ports to be upgraded, and have never had much luck doing the upgrade thing with the base system and ports, preferring instead to completely rebuild in restore user data. Can I assume that the versions of the ports shown on the freebsd.orgéports site will be available in 8.3 and 9.1é -G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Restaging from scratch
Hi all, I have now completed creating a new server from scratch using FreeBSD 9.1 and ports. The new setup uses: /, /usr, /var and /home. These filesystems have been dumped to a memory stick (root.dump, var.dump etc). The plan now is to completely zero out the drives on the other servers and use these file systems to build anew. The way I would have done it with pre 9.1 (i.e. 8.x) would have been to boot using a live cd based filesystem, zero out the drive, create the 4 needed filesystems using the graphical fdisk and disklable, mount the memstick and rebuild the filesystems using the dumps. I am at a bit of a loss as to how to do this using gpart. If anyone is willing to explain step by step, how to boot, create the filesystems, and make the disk bootable using 9.1 & gpart etc I would appreciate it! Fyi the disk would be da0 (SCSI 74G ULTRA 320). -G ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Lost Root Pasword.
Hi all, Here is a particularly embarrasing statement and question. S: While working on a FreeBSD 4.4 dev box, changed the root password, but now, cant su. the password I used is > 12 chars long, and was made intentionally cryptic. I know all the chars used in the password (yes I have it written down). Q: Where are all the ssh password 'guessing' utilities I see the hackers using on my system? Located, I could really use one. Failing this, I will need to drive to TO and reboot the system by hand and change the passwd. a waste of $50 in gas. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Dell DRAC QUestion
Hi all, I have three servers with Dell remote access cards. One of them work fine. It is running FBSD5.4, and when I log onto the DRAC card I can acces the console fine. The other two, I can only access the console up untill the point that the login: prompt appears. After that, I can't. I have the bios setting the same for all three cards, per the Dell (DRAC) instructions. Does anyone have experience with these and pehaps let me know what (if any) FBSD setting to review? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
DRAC 4 - ugen
Hi all, A little more on the ongoing saga to get my dracs working. It seems the the PE1850 with the DRAC 4 wants to use an (internal) USB connection to the keyboard-console. Through some investigation, when I start the remote session I see this in my messages log: Jan 22 15:24:27 s1 kernel: ugen0: at uhub0 port 1 (addr 2) disconnected Jan 22 15:24:27 s1 kernel: All threads purged from ugen0.2 Jan 22 15:24:27 s1 kernel: All threads purged from ugen0.1 Jan 22 15:24:27 s1 kernel: All threads purged from ugen0 Jan 22 15:24:27 s1 kernel: ugen0: detached Any idea why it would attach then immdiately detach? As it stand know, I still have no remote console on this machine. Also, I did add the 0x1 flag to the device hints to stop the atkb from loading. FreeBSD 6.0 DRAC 4/I -GRant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Dell DRAC QUestion
Hi all, I have no problems (knock on my wooden head for saying that!), and no issues at the current time, but am sending this email so it will go into the archives and perhaps help someone (maybe me LOL) in the future. I will use lots of keywords below to assist in the search archive process. Disclammer - I am not a writer. :-) Getting Remote Console to work on DRAC cards on Dell PowerEdge servers. Equipment: 1. Dell PowerEdge 750, FreeBSD 4.10 DRAC III/XT -plugged into slot 2 PCI bus. 2. Dell PowerEdge 750, FreeBSD 5.4 DRAC III/XT -plugged into slot 2 PCI bus. 3. Dell PoweEdge 1850, FreeBSD 6.0 DRAC 4/I -plugged into internal dedicated onboard DRAC slot. No (local) keyboards plugged into the machines as they are all in cages at NOC. Machines have DRACs connected to a dedicated port on WAN switch. static IPs assigned, although they do have DHCP client abilities. System BIOS correctly configured to allow DRAC to 'hook' into botting and operating states. This setup slightly different between systems, but well documented in the drac lit. Synopsis: Server administrators should be able to connect to a dead (OS) system and perform maintenance over IP when the system is powered up, or at least plugged in. Problem: No matter what we do it seems we can't connect to our Dell PowerEdge Server's DRAC (Dell Remote Access Cards). Answers: So much simpler than I originally anticipated. On server 1 (Listed above): I removed the flag in the kernel that instructed freebsd to disable the the keyboard if there was not local one plugged in. ( it seems the DRAC (JAva) console is not found until it is called by the browser). Alos, ensure the kernel has AT Keyboard driver and device installed as the XT (DRAC III) uses AT and not USB. The kernel conf now looks like # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 device psm0at atkbdc? irq 12 note the absence of the flag: flags="0x1" The fix for FreeBSD 5.x is roughly the same, but the flag may have to be removed from /boot/device.hints and the system rebooted. In short, for the DRAC III need to ensure at keyboard is installed, and not disabled when the boots without a keyboard connected. On server 3: dmesg showed in the broken state, the drac was trying to connect to a ugen driver, it would then immediately disconnect. Someone mentioned that I change what device and driver it connect to and as. see below. Ensured that the USB (v1) drivers were installed. It seems that the system bus supports USBII, but the card itself uses USB. So I added the options usb to the mix in the kernel and recompiled. Worked like a charm. Disableing the other USB drivers was not necessary. Also, to ensure the console keyboard was connected to the USB keyboard on the DRAC when connected to, I added the "unload atkbd" flag to device hints (FBSD 6.0) hint.atkbd.0.flags="0x1", similoar to the flag that would be added to pre6.0 in kernel conf. I can;t definitively say that an extenal local USB or atkbd keyboard will work since I have not had the oppertunity to test yet. Server 2. Worked as is. not quite sure why yet. Although its config at install time was almost identical to server 1. Dell DRAC Dell Remote Access Card Serial Console Remote Controll Setup Installation Install -Grant P.S. Thanks Alex! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Make Distribution
Hi all, Since about yr 2000, we have been writing many hundreds of scripts and things specific to our (server) needs. We are at the point now, where we would like to make a rapid deployment disk, prefereably of FreeBSD 6.0. This deployment set would be based on on a system that is currenly up and running, but has no users, groups, (other than root and the system users), Apache configs Exim configs etc setup. Can anyone point me to the start line for creating a custom install distribution for FreeBSD? Thanks, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FBSD 6.0 locking up.
Hi all, I have a production server that has been online for a few months now running FreeBSD 6.0. Until now it has been performing flawlessly. It is on a brand new Dell PE1850. A few days back, at a clients request I opened port 3306 to allow remote access to mysql. 3 times today I had to reboot the server because it was not 'alive'. Fortuneately, I have a remote access card on this server which will perform a cold start independantly of the OS. It also has a remote terminal emulator, which I tried to access each time the system frooze, and I could not even type to the terminal let alone login. A ping from another local machine simply shows 'host is down' I have since blocked port 3306, and the machine (and all deamons) have been running for 4 hours now without issue. Do you think opening port 3306 and the crashes are coincidental, or related? Has anyone has similar expierinces? If so, what was the resolve? Thanks all, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Desperate
Hi all, I am getting server 'freeze ups". 4 in the past 3 days, on a very new server with no apparent hardware issues. There is nothing showing in any log anywhere. The sytem just stops responding. Can anyone help me with understanding how to setup crash dumps and how to get to them and root cause the issue after the fact? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Desperate
6 ports with 6 removable, self powered uhub4: vendor 0x413c product 0xa001, class 9/0, rev 2.00/0.00, addr 2 uhub4: multiple transaction translators uhub4: 2 ports with 2 removable, self powered pcib9: at device 30.0 on pci0 pci9: on pcib9 pci9: at device 5.0 (no driver attached) pci9: at device 5.1 (no driver attached) pci9: at device 5.2 (no driver attached) atapci0: port 0xbcf0-0xbcf7,0xbce4-0xbce7,0xbcd8-0xbcdf,0xbcd0-0xbcd3,0xbc70-0xbc7f mem 0xdf5fec 00-0xdf5fecff irq 23 at device 6.0 on pci9 ata2: on atapci0 ata3: on atapci0 pci9: at device 13.0 (no driver attached) isab0: at device 31.0 on pci0 isa0: on isab0 atapci1: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xfc00-0xfc0f at device 31.1 on pci0 ata0: on atapci1 ata1: on atapci1 fdc0: port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0 fdc0: [FAST] sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A pmtimer0 on isa0 orm0: at iomem 0xc-0xcafff,0xcb000-0xcbfff,0xcc000-0xc,0xd-0xd0fff,0xec000-0xe on isa0 atkbdc0: at port 0x60,0x64 on isa0 ppc0: parallel port not found. sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> sio1: configured irq 3 not in bitmap of probed irqs 0 sio1: port may not be enabled vga0: at port 0x3c0-0x3df iomem 0xa-0xb on isa0 ukbd0: Dell DRAC4, rev 1.10/0.00, addr 2, iclass 3/1 kbd0 at ukbd0 Timecounter "TSC" frequency 2992708905 Hz quality 800 Timecounters tick every 1.000 msec acd0: CDROM at ata0-master UDMA33 device_attach: afd0 attach returned 6 acd1: CDROM at ata2-slave PIO3 Waiting 5 seconds for SCSI devices to settle ses0 at mpt0 bus 0 target 6 lun 0 ses0: Fixed Processor SCSI-2 device ses0: 3.300MB/s transfers ses0: SAF-TE Compliant Device da0 at mpt0 bus 0 target 0 lun 0 da0: Fixed Direct Access SCSI-3 device da0: 320.000MB/s transfers (160.000MHz, offset 63, 16bit), Tagged Queueing Enabled da0: 70007MB (143374650 512 byte sectors: 255H 63S/T 8924C) Trying to mount root from ufs:/dev/da0s1a WARNING: / was not properly dismounted WARNING: /home was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, default to deny, logging disabled ukbd0: at uhub0 port 1 (addr 2) disconnected ukbd0: detached ukbd0: Dell DRAC4, rev 1.10/0.00, addr 2, iclass 3/1 ----- Original Message - From: Derek Ragona To: Grant Peel ; freebsd-questions@freebsd.org Sent: Friday, February 24, 2006 4:41 PM Subject: Re: Desperate It is likely a hardware issue, so please detail the hardware you are using. You may also want to remove any unneeded hardware in the server. -Derek At 03:00 PM 2/24/2006, Grant Peel wrote: Hi all, I am getting server 'freeze ups". 4 in the past 3 days, on a very new server with no apparent hardware issues. There is nothing showing in any log anywhere. The sytem just stops responding. Can anyone help me with understanding how to setup crash dumps and how to get to them and root cause the issue after the fact? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Desperate - FreeBSD 6.0 Freezing
1 uhub3: 6 ports with 6 removable, self powered uhub4: vendor 0x413c product 0xa001, class 9/0, rev 2.00/0.00, addr 2 uhub4: multiple transaction translators uhub4: 2 ports with 2 removable, self powered pcib9: at device 30.0 on pci0 pci9: on pcib9 pci9: at device 5.0 (no driver attached) pci9: at device 5.1 (no driver attached) pci9: at device 5.2 (no driver attached) atapci0: port 0xbcf0-0xbcf7,0xbce4-0xbce7,0xbcd8-0xbcdf,0xbcd0-0xbcd3,0xbc70-0xbc7f mem 0xdf5fec 00-0xdf5fecff irq 23 at device 6.0 on pci9 ata2: on atapci0 ata3: on atapci0 pci9: at device 13.0 (no driver attached) isab0: at device 31.0 on pci0 isa0: on isab0 atapci1: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xfc00-0xfc0f at device 31.1 on pci0 ata0: on atapci1 ata1: on atapci1 fdc0: port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on acpi0 fdc0: [FAST] sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 sio0: type 16550A pmtimer0 on isa0 orm0: at iomem 0xc-0xcafff,0xcb000-0xcbfff,0xcc000-0xc,0xd-0xd0fff,0xec000-0xe on isa0 atkbdc0: at port 0x60,0x64 on isa0 ppc0: parallel port not found. sc0: at flags 0x100 on isa0 sc0: VGA <16 virtual consoles, flags=0x300> sio1: configured irq 3 not in bitmap of probed irqs 0 sio1: port may not be enabled vga0: at port 0x3c0-0x3df iomem 0xa-0xb on isa0 ukbd0: Dell DRAC4, rev 1.10/0.00, addr 2, iclass 3/1 kbd0 at ukbd0 Timecounter "TSC" frequency 2992708905 Hz quality 800 Timecounters tick every 1.000 msec acd0: CDROM at ata0-master UDMA33 device_attach: afd0 attach returned 6 acd1: CDROM at ata2-slave PIO3 Waiting 5 seconds for SCSI devices to settle ses0 at mpt0 bus 0 target 6 lun 0 ses0: Fixed Processor SCSI-2 device ses0: 3.300MB/s transfers ses0: SAF-TE Compliant Device da0 at mpt0 bus 0 target 0 lun 0 da0: Fixed Direct Access SCSI-3 device da0: 320.000MB/s transfers (160.000MHz, offset 63, 16bit), Tagged Queueing Enabled da0: 70007MB (143374650 512 byte sectors: 255H 63S/T 8924C) Trying to mount root from ufs:/dev/da0s1a WARNING: / was not properly dismounted WARNING: /home was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, default to deny, logging disabled ukbd0: at uhub0 port 1 (addr 2) disconnected ukbd0: detached ukbd0: Dell DRAC4, rev 1.10/0.00, addr 2, iclass 3/1 - Original Message - From: Derek Ragona To: Grant Peel ; freebsd-questions@freebsd.org Sent: Friday, February 24, 2006 4:41 PM Subject: Re: Desperate It is likely a hardware issue, so please detail the hardware you are using. You may also want to remove any unneeded hardware in the server. -Derek At 03:00 PM 2/24/2006, Grant Peel wrote: Hi all, I am getting server 'freeze ups". 4 in the past 3 days, on a very new server with no apparent hardware issues. There is nothing showing in any log anywhere. The sytem just stops responding. Can anyone help me with understanding how to setup crash dumps and how to get to them and root cause the issue after the fact? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
MySQL - FBSD 6.0 Freezing server.
Hi all, I been getting server freezups the past two weeks, but have determined it is happening when connecting to mysql port 3306 remotely. I have a firewall, so I am only one whe can connect to port 3306. I connected this morning, and sure enough the server frooze. It frooze during the connection stage, even the LAN and WAN nicks frooze. THe only fix is to cold boot the server, keyboard is even frooze. It almost seems that mysql goes into a loop of some kind. I am using FreeBSD 6.0 RELEASE and mysql 4.0.13 from ports. My IP is at the top pf the list (Along with lo0) so, firewall is not an issue. HAs anyone else had this issue? Or is there a bug report / fix that I can't find! Any help would be appreciated. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
disklabel output
This drive is a SCSI 74 GIG drive. The machine has been freezing on me lately, out of the blue, with no log errors enetered. No crash dumps created. The only fix is to cold boot. Here is the disklabel output Should I be worried? root on s1# disklabel /dev/da0s1 # /dev/da0s1: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 2097152 20971524.2BSD 2048 16384 28552 b: 20971520 swap c: 1433639970unused0 0 # "raw" part, don't edit d: 4194304 41943044.2BSD 2048 16384 28552 e: 12582912 83886084.2BSD 2048 16384 28552 f: 122392477 209715204.2BSD 2048 16384 28552 root on s1# root on s1# disklabel /dev/da0s1a disklabel: /dev/da0s1a: no valid label found root on s1# disklabel /dev/da0s1b # /dev/da0s1b: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 2097152 20972154.2BSD 2048 16384 28552 b: 2097152 63 swap c: 143363997 63unused0 0 # "raw" part, don't edit d: 4194304 41943674.2BSD 2048 16384 28552 e: 12582912 83886714.2BSD 2048 16384 28552 f: 122392477 209715834.2BSD 2048 16384 28552 partition a: offset past end of unit partition a: partition extends past end of unit partition b: partition extends past end of unit partition c: partition extends past end of unit disklabel: partition c doesn't start at 0! disklabel: partition c doesn't cover the whole unit! disklabel: An incorrect partition c may cause problems for standard system utilities partition d: offset past end of unit partition d: partition extends past end of unit partition e: offset past end of unit partition e: partition extends past end of unit partition f: offset past end of unit partition f: partition extends past end of unit root on s1# disklabel /dev/da0s1c # /dev/da0s1c: 8 partitions: #size offsetfstype [fsize bsize bps/cpg] a: 2097152 20972154.2BSD 2048 16384 28552 b: 2097152 63 swap c: 143363997 63unused0 0 # "raw" part, don't edit d: 4194304 41943674.2BSD 2048 16384 28552 e: 12582912 83886714.2BSD 2048 16384 28552 f: 122392477 209715834.2BSD 2048 16384 28552 partition c: partition extends past end of unit disklabel: partition c doesn't start at 0! disklabel: An incorrect partition c may cause problems for standard system utilities partition f: partition extends past end of unit root on s1# disklabel /dev/da0s1d disklabel: /dev/da0s1d: no valid label found ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
php4 extensions
Hi all, IU ran the php4-extensions a while back, but now a client is asking for curl to be installed. When I run php4-extensions, it says that it (php4-extensions) is already installed. How to I reconfigure it to load the GUI so I can install curl? Als0, I presume after that php4 will have to be re maked and installed to include the curl libraries? I am using php as a dynamic mod in Apache (2.1) if that makes and difference. -Thanks, Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
System Freezing -Again
Hi all, I have been pestering everyone who will listen on this, and have yet to find a solution ... so here goes again! I have a FreeBSD system on a Dell PE 1850 that has been randomly freezing up from time to time in the past two weeks. Firewall is enabled, but is very solid as I am using the same rules on several other machines. I spent last Saturday and Sunday at the NOC, running Dell 32 bit diagnostics on it, along with memtest32, no errors found over many hours of testing. NO heat of note from the Power supply CPU or system fan. Nothing ever in log files, no core dumps. I have the DUMDEV="AUTO" set in rc.conf, but ran dumpon -v /dev/da0s1b today, the output showed it should be dumping to my swap partition. APIC is disabled now, but has been enabled in the past, with the same results. POwer management is shut off in the bios. No System Events are being recorded in BIOS, and, the logs were harvested last week with no abnormalitied showing. The only item of note, that I found after todays freeze, was in /var/log/maillog, and /var/log/exim/mainlog, about 15 lines of ^@ recorded at about the exact tine of the freeze. Does anyone think this is significant, or is it simply a symptom of the crash? ANY help will be greatly appreciated. -GRant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: System Freezing -Again
3 device da0: 320.000MB/s transfers (160.000MHz, offset 63, 16bit), Tagged Queueing Enabled da0: 70007MB (143374650 512 byte sectors: 255H 63S/T 8924C) Trying to mount root from ufs:/dev/da0s1a WARNING: / was not properly dismounted WARNING: /home was not properly dismounted WARNING: /usr was not properly dismounted WARNING: /var was not properly dismounted ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, default to deny, logging disabled root on s1# - Original Message - From: Derek Ragona To: Grant Peel ; freebsd-questions@freebsd.org Sent: Thursday, March 09, 2006 6:19 PM Subject: Re: System Freezing -Again A freeze like you describe, no logging sounds like a hardware problem. You didn't include a current dmesg or other system inventory. You may have shared irq's causing the problem, or a power supply, or a management board. Those are the three things I would look at. -Derek At 05:00 PM 3/9/2006, Grant Peel wrote: Hi all, I have been pestering everyone who will listen on this, and have yet to find a solution ... so here goes again! I have a FreeBSD system on a Dell PE 1850 that has been randomly freezing up from time to time in the past two weeks. Firewall is enabled, but is very solid as I am using the same rules on several other machines. I spent last Saturday and Sunday at the NOC, running Dell 32 bit diagnostics on it, along with memtest32, no errors found over many hours of testing. NO heat of note from the Power supply CPU or system fan. Nothing ever in log files, no core dumps. I have the DUMDEV="AUTO" set in rc.conf, but ran dumpon -v /dev/da0s1b today, the output showed it should be dumping to my swap partition. APIC is disabled now, but has been enabled in the past, with the same results. POwer management is shut off in the bios. No System Events are being recorded in BIOS, and, the logs were harvested last week with no abnormalitied showing. The only item of note, that I found after todays freeze, was in /var/log/maillog, and /var/log/exim/mainlog, about 15 lines of ^@ recorded at about the exact tine of the freeze. Does anyone think this is significant, or is it simply a symptom of the crash? ANY help will be greatly appreciated. -GRant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: System Freezing -Again
Hi all, As mentioned in the recent past, I am getting lockups on my Dell PE 1850 w/ FreeBSD 6.0. Dmesg says ipv6 is initialized in the ipfw daemon... not sure if that is OK since the kernel is compiled without ipv6/ Also, just befor this last crasgh (today) I see the following in /var/log/messagesis this normal? (ipfw entries): Mar 10 09:29:39 s1 kernel: 6:110 216.221.88.85:49447 out via em0 Mar 10 09:33:16 s1 kernel: em0 Mar 10 10:03:13 s1 kernel: 5:110 70.48.38.90:1305 out via em0 Mar 10 10:10:56 s1 kernel: .34.137.45:25 in via em0 Mar 10 10:10:56 s1 kernel: 81.25:58023 out via em0 Mar 10 10:10:56 s1 kernel: 34.137.45:25 in via em0 Mar 10 10:10:56 s1 kernel: 34.137.45:25 in via em0 Mar 10 10:10:56 s1 kernel: .34.137.45:25 in via em0 Mar 10 10:16:36 s1 kernel: <<110>ipfw: 50020 Accept TCP 209.226.175.185:63728 64.34.137.45:25 in via em0 Mar 10 10:16:36 s1 kernel: 110>ipfw: 50020 Accept TCP 64.34.137.45:25 209.226.175.185:63728 out via em0 Mar 10 10:20:04 s1 kernel: Mar 10 10:36:42 s1 kernel: .25:63415 out via em0 Mar 10 10:36:42 s1 kernel: 5 Mar 10 10:36:42 s1 kernel: 63415 out via em0 Mar 10 10:36:42 s1 kernel: Mar 10 10:36:42 s1 kernel: 7.45:25 in via em0 Mar 10 10:36:42 s1 kernel: 37.45:25 in via em0 Mar 10 10:36:42 s1 kernel: Mar 10 11:20:47 s1 kernel: Mar 10 11:24:51 s1 kernel: 50020 Accept TCP 64.34.137.45:110 70.48.38.90:1729 out via em0 Mar 10 11:36:14 s1 kernel: ipfw: 50020 Accept TCP 64.34.137.47:110 216.9.250.224:57245 out via em0 Mar 10 11:48:15 s1 kernel: 137.45:110 70.48.38.90:1585 out via em0 Also, I have the atkbd disabled so I can take advantage of the DRAC console, it needs ukbd, to connect. If the console (ukbd) dissconnects, is it possible the system console is disconnecting such that the machine can't even talk to itself? As mentioned before, there is nothing anywhere in any log file that indicates any faults. Also, there is nothing in the sustems SEL fhat indicate any issues. Immediately after today's crash, I had the NOC tech check the machine. The physical state, all LEDs, CPU fan, motherboard fan, power supply etc.. appeared to be that of a running machine. Even the NICs werer connected and blinking. Perhaps I should reinstall the GENERIC kernel? -Grant - Original Message - From: Grant Peel To: freebsd-questions@freebsd.org ; Derek Ragona Sent: Thursday, March 09, 2006 6:28 PM Subject: Re: System Freezing -Again Sorry Derek, I did forget the dmesg ... here it is ... Also, Do you think the "^@" s not a hint to something? root on s1# more dmesg.boot Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.0-RELEASE #1: Wed Jan 25 09:15:04 EST 2006 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/DS9 MPTable: Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 3.00GHz (2992.71-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf43 Stepping = 3 Features=0xbfebfbff Features2=0x641d> AMD Features=0x2010 Hyperthreading: 2 logical CPUs real memory = 536608768 (511 MB) avail memory = 515801088 (491 MB) ioapic0: Changing APIC ID to 2 ioapic0: Assuming intbase of 0 ioapic1: Changing APIC ID to 3 ioapic1: Assuming intbase of 24 ioapic2: Changing APIC ID to 4 ioapic2: Assuming intbase of 48 ioapic0 irqs 0-23 on motherboard ioapic1 irqs 24-47 on motherboard ioapic2 irqs 48-71 on motherboard npx0: [FAST] npx0: on motherboard npx0: INT 16 interface cpu0 on motherboard pcib0: pcibus 0 on motherboard pci0: on pcib0 pcib1: at device 2.0 on pci0 pci1: on pcib1 pcib2: at device 0.0 on pci1 pci2: on pcib2 mpt0: port 0xec00-0xecff mem 0xdfdf-0xdfdf,0xdfde-0xdfde irq 26 at device 5.0 o n pci2 mpt0: [GIANT-LOCKED] mpt0: MPI Version=1.2.12.0 mpt0: Unhandled Event Notify Frame. Event 0xa. pcib3: at device 0.2 on pci1 pci3: on pcib3 pcib4: at device 4.0 on pci0 pci4: on pcib4 pcib5: at device 5.0 on pci0 pci5: on pcib5 pcib6: at device 0.0 on pci5 pci6: on pcib6 em0: port 0xdcc0-0xdcff mem 0xdfae-0xdfaf irq 48 at device 7.0 on pci6 em0: Ethernet address: 00:14:22:1c:d5:7e em0: Speed:N/A Duplex:N/A pcib7: at device 0.2 on pci5 pci7: on pcib7 em1: port 0xccc0-0xccff mem 0xdf8e-0xdf8f irq 49 at device 8.0 on pci7 em1: Ethernet address: 00:14:22:1c:d5:7f em1: Speed:N/A Duplex:N/A pcib8: at device 6.0 on pci0 pci8: on pcib8 uhci0: port 0xace0-0xacff irq 16 at device 29.0 on pci0 uhci0: [GIANT-LOCKED] usb0: on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: port 0xacc0-0xacdf irq 19 at device 29.1 on pci0 uhci1: [GIANT-LOCKED] usb1: on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self power
dd - cloning a disk.
Hi all, Here is a simple (I think!) question for the I/O savy among you: If I had two identical disks, say, 73 GB Seagate 10K SCSIs, one completely operational fully setup FreeBSD with all the trimmings, and the other blank, or perhaps loaded but no longer usable, is 'dd' and appropriate tool to completely clone the Good disk to the not so good disktherefor making the second disk identical to the first? Bootable and all? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Fw: dd - cloning a disk. Second Part!
Sorry, I forgpt to add this, I the answer is yes to the first question (original question), then, what happens if one 'dd's a small, say 36 GM disk to a larger one, say 73 GB. Can the newly made disk be resized so as not to loose 1/2 of it? -GRant - Original Message - From: "Grant Peel" <[EMAIL PROTECTED]> To: Sent: Saturday, March 11, 2006 9:25 AM Subject: dd - cloning a disk. Hi all, Here is a simple (I think!) question for the I/O savy among you: If I had two identical disks, say, 73 GB Seagate 10K SCSIs, one completely operational fully setup FreeBSD with all the trimmings, and the other blank, or perhaps loaded but no longer usable, is 'dd' and appropriate tool to completely clone the Good disk to the not so good disktherefor making the second disk identical to the first? Bootable and all? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Fw: dd - cloning a disk. Second Part!
Thanks Chuck, I was kinda thinkning Dump and Restore might be the way to go. I have never tried to use it to make a bootable disk though...does it do it automaticly or should I read something? (What)? Thanks again, -Grant - Original Message - From: "Chuck Swiger" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]>; "freebsd-questions" Sent: Saturday, March 11, 2006 9:39 AM Subject: Re: Fw: dd - cloning a disk. Second Part! Grant Peel wrote: I the answer is yes to the first question (original question), then, what happens if one 'dd's a small, say 36 GM disk to a larger one, say 73 GB. Can the newly made disk be resized so as not to loose 1/2 of it? If you partition the bigger disk into two fdisk partitions, one of which is exactly the size of your original disk, you could use dd to copy the contents of the BSD slice from one disk to the other, and then use newfs to create a separate filesystem on the second fdisk partition. However, if you want to use the entire 73GB space at once, use dump and restore to copy the data instead. There's detailed documentation on this on the FreeBSD website... -- -Chuck ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
FreeBSD 6.0 lockups again.
Hi all, As stated many times befor, I am getting completely un-logged (not logged anywhere, whith everything pretty well on verbose or debug) lockups on a server of mine. One thing I have been noticeing is lots of log entries like this, from ipfw and kernel. Has anyone seen these befor? Are they normal? are they a sign of pending doom? FreeBSD 6.0 RELEASE Dell PE 1850. Using two onboard NICs (em). P.S. The lockups I am getting looks suspiciouly like complete firewall lock outs as the sustem just stops can't even get to it via the local terminal. Again, nothing logged anywhere! -Grant Mar 13 12:59:22 s1 kernel: .34.137.16:25 in via em0 Mar 13 12:59:22 s1 kernel: 34.137.16:25 in via em0 Mar 13 13:00:01 s1 kernel: Mar 13 13:04:53 s1 kernel: 0.14:47788 out via em0 Mar 13 13:07:18 s1 kernel: .45:25 206.190.37.222:43393 out via em0 Mar 13 13:31:10 s1 kernel: Mar 13 13:36:04 s1 kernel: ept TCP 64.34.137.45:110 70.48.38.90:1108 out via em0 Mar 13 13:37:34 s1 kernel: .81.25:62582 out via em0 Mar 13 13:37:34 s1 kernel: 1.25:62582 out via em0 ... Mar 13 16:35:27 s1 kernel: 0 Mar 13 16:35:27 s1 kernel: i Mar 13 16:35:27 s1 kernel: 34.137.16:25 in via em0 ... Mar 13 18:29:27 s1 kernel: Mar 13 18:31:10 s1 kernel: 50020 Accept TCP 64.34.137.46:80 69.29.154.169:50864 out via em0 Mar 13 19:02:09 s1 kernel: 50020 Accept TCP 64.34.137.47:110 70.48.38.90:2249 out via em0 Mar 13 19:51:34 s1 kernel: 4.137.16:25 in via em0 Mar 13 20:20:35 s1 kernel: 0020 Accept TCP 64.34.137.16:110 24.36.74.164:49384 out via em0 Mar 13 20:31:58 s1 kernel: n via em0 Mar 13 20:31:58 s1 kernel: ut via em0 Mar 13 21:22:47 s1 kernel: p ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
System Still Freezing
Hi all, Another chapter in the life (and death), of my Dell PE 1850. As you may be aware, I have a PE 1850 that has started to intermitantly freeze (this all started Feb 23rd). SOmetimes, it will run for 2 days, then freeze, sometimes it can run as long as 5 days. All logs and everything turned up to near debug, show nothing. The system just stops dead, and again, a physical suyvey of the server reveals nothing. All lights still working and blinking, no excessive heat not beeps etc etc. A week ago, I ran every 32 bit Dell diagnostic I could on it ... for 4 hours straight and not 1 error found. I also ran memetst86 for 3 hours and no errors found. Here are some particulars: FreeBSD 6.0 RELEASE Dell PowerEdge 1850 -Intel 3.0 GHz Duel Core. -512 MB DDR RAn -74 GB SCSI Seagate Cheetah 10k. - 2 Onboard Intel Pro1000 (1 GB) NICS (Both connected to my switch, 1 LAN and 1 WAN.). - 1 Built in (Dedicated Riser) DRAC 4/I card. - NO RAID, No Extra VIdeo or sound. No keyboard plugged in, no monitor. SHould I consider diableing APIC and Hyperthreading? Does anything know if these two would be causing all the issues I have in the kernel? I have been reading alot about interupt storms lately. How can I tell if this is whats happeneing here? Thanks again all, -GRant Kernel boot file (dmesg.boot): root on s1# more dmesg.boot dmesg.boot: No such file or directory root on s1# pwd /usr/src/sys/i386/conf root on s1# cd /var/run root on s1# more dmesg.boot Copyright (c) 1992-2005 The FreeBSD Project. Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.0-RELEASE #2: Fri Mar 10 15:39:52 EST 2006 [EMAIL PROTECTED]:/usr/src/sys/i386/compile/DS9 MPTable: Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Intel(R) Xeon(TM) CPU 3.00GHz (2992.71-MHz 686-class CPU) Origin = "GenuineIntel" Id = 0xf43 Stepping = 3 Features=0xbfebfbff Features2=0x641d> AMD Features=0x2010 Hyperthreading: 2 logical CPUs real memory = 536608768 (511 MB) avail memory = 515788800 (491 MB) ioapic0: Changing APIC ID to 2 ioapic0: Assuming intbase of 0 ioapic1: Changing APIC ID to 3 ioapic1: Assuming intbase of 24 ioapic2: Changing APIC ID to 4 ioapic2: Assuming intbase of 48 ioapic0 irqs 0-23 on motherboard ioapic1 irqs 24-47 on motherboard ioapic2 irqs 48-71 on motherboard npx0: [FAST] npx0: on motherboard npx0: INT 16 interface cpu0 on motherboard pcib0: pcibus 0 on motherboard pci0: on pcib0 pcib1: at device 2.0 on pci0 pci1: on pcib1 pcib2: at device 0.0 on pci1 pci2: on pcib2 mpt0: port 0xec00-0xecff mem 0xdfdf-0xdfdf,0xdfde-0xdfde irq 26 at device 5.0 o n pci2 mpt0: [GIANT-LOCKED] mpt0: MPI Version=1.2.12.0 mpt0: Unhandled Event Notify Frame. Event 0xa. pcib3: at device 0.2 on pci1 pci3: on pcib3 pcib4: at device 4.0 on pci0 pci4: on pcib4 pcib5: at device 5.0 on pci0 pci5: on pcib5 pcib6: at device 0.0 on pci5 pci6: on pcib6 em0: port 0xdcc0-0xdcff mem 0xdfae-0xdfaf irq 48 at device 7.0 on pci6 em0: Ethernet address: 00:14:22:1c:d5:7e em0: Speed:N/A Duplex:N/A pcib7: at device 0.2 on pci5 pci7: on pcib7 em1: port 0xccc0-0xccff mem 0xdf8e-0xdf8f irq 49 at device 8.0 on pci7 em1: Ethernet address: 00:14:22:1c:d5:7f em1: Speed:N/A Duplex:N/A pcib8: at device 6.0 on pci0 pci8: on pcib8 uhci0: port 0xace0-0xacff irq 16 at device 29.0 on pci0 uhci0: [GIANT-LOCKED] usb0: on uhci0 usb0: USB revision 1.0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered uhci1: port 0xacc0-0xacdf irq 19 at device 29.1 on pci0 uhci1: [GIANT-LOCKED] usb1: on uhci1 usb1: USB revision 1.0 uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub1: 2 ports with 2 removable, self powered uhci2: port 0xaca0-0xacbf irq 18 at device 29.2 on pci0 uhci2: [GIANT-LOCKED] usb2: on uhci2 usb2: USB revision 1.0 uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub2: 2 ports with 2 removable, self powered ehci0: mem 0xdff0-0xdff003ff irq 23 at device 29.7 on pci0 ehci0: [GIANT-LOCKED] usb3: EHCI version 1.0 usb3: companion controllers, 2 ports each: usb0 usb1 usb2 usb3: on ehci0 usb3: USB revision 2.0 uhub3: Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1 uhub3: 6 ports with 6 removable, self powered uhub4: vendor 0x413c product 0xa001, class 9/0, rev 2.00/0.00, addr 2 uhub4: multiple transaction translators uhub4: 2 ports with 2 removable, self powered pcib9: at device 30.0 on pci0 pci9: on pcib9 pci9: at device 5.0 (no driver attached) pci9: at device 5.1 (no driver attached) pci9: at device 5.2 (no driver attached) atapci0: port 0xbcf0-0xbcf7,0xbce4-0xbce7,0xbcd8-0xbcdf,0xbcd0-0xbcd3,0xbc70-0xbc7f mem 0xdf5fec 00-0xdf5fecff irq 23 at device 6.0 on pci9 ata2: on atapci0 ata3: on atapci0 pci9: at device 13.0 (no driver attached) isab0: at device 31.0 on pci0 isa0: o
More Server Crash Saga
Hi all, Still getting crashing today ... FreeBSD 6.0 PE 1850 Does the output of vmstat -i for fove seconds show a problem? Interupt storm? I have been searching, trying to find out what the 'rate' means and what should it be? interrupt total rate irq0: clk3277223999 irq5: em1 8877 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56401 17 irq8: rtc 419429127 irq11: em0 uhci0 85684 26 irq13: npx01 0 irq14: ata0 48 0 Total3847748 1173 root on s1# vmstat -i interrupt total rate irq0: clk3278793999 irq5: em1 8883 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56408 17 irq8: rtc 419630127 irq11: em0 uhci0 85752 26 irq13: npx01 0 irq14: ata0 48 0 Total3849600 1174 root on s1# vmstat -i interrupt total rate irq0: clk3280691999 irq5: em1 8889 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56408 17 irq8: rtc 419873127 irq11: em0 uhci0 85843 26 irq13: npx01 0 irq14: ata0 48 0 Total3851838 1173 root on s1# vmstat -i interrupt total rate irq0: clk3282850999 irq5: em1 8891 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56408 17 irq8: rtc 420149127 irq11: em0 uhci0 86153 26 irq13: npx01 0 irq14: ata0 48 0 Total3854585 1174 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: More Server Crash Saga
Hi Derek, I got this data using ipmitool from the servers BMC just after (about 3 minutes after robbot) a crash this afternoon. I will be heading to th NOC this afternoone to copy the harddrive to another machine I have been using for about a year and a half. Anyways, here is the sensor data Temp | 38 degrees C | ok Temp | 50 degrees C | ok Ambient Temp | 30 degrees C | ok Planar Temp | 35 degrees C | ok Riser Temp | 34 degrees C | ok Temp | 40 degrees C | ok Temp | 40 degrees C | ok CMOS Battery | 3.15 Volts| ok ROMB Battery | Not Readable | ns VCORE| 0x01 | ok VCORE| Not Readable | ns PROC VTT | 0x01 | ok 1.5V PG | 0x01 | ok 1.8V PG | 0x01 | ok 3.3V PG | 0x01 | ok 5V PG| 0x01 | ok 5V Riser PG | 0x01 | ok Riser PG | 0x01 | ok PFault Fail Safe | Not Readable | ns Presence | 0x01 | ok Presence | 0x02 | ok Presence | 0x01 | ok Presence | 0x02 | ok ROMB Presence| 0x02 | ok FAN 1A RPM | 9600 RPM | ok FAN 1B RPM | 6900 RPM | ok FAN 2A RPM | 9900 RPM | ok FAN 2B RPM | 6825 RPM | ok FAN 3A RPM | 9825 RPM | ok FAN 3B RPM | 6825 RPM | ok FAN 4A RPM | 10200 RPM | ok FAN 4B RPM | 6675 RPM | ok Status | 0x80 | ok Status | Not Readable | ns Status | 0x01 | ok Status | Not Readable | ns VRM | 0x01 | ok VRM | 0x01 | ok OS Watchdog | 0x00 | ok SEL | Not Readable | ns Intrusion| 0x00 | ok PS Redundancy| Not Readable | ns Fan Redundancy | 0x01 | ok SCSI Connector A | Not Readable | ns Drive| 0xc0 | ok ECC Corr Err | 0xc0 | ok ECC Uncorr Err | Not Readable | ns I/O Channel Chk | 0xc0 | ok PCI Parity Err | 0xc0 | ok PCI System Err | 0xc0 | ok SBE Log Disabled | Not Readable | ns Logging Disabled | Not Readable | ns Unknown | Not Readable | ns PROC Protocol| Not Readable | ns PROC Bus PERR| Not Readable | ns PROC Init Err| Not Readable | ns PROC Machine Chk | Not Readable | ns Memory Spared| Not Readable | ns Memory Mirrored | 0x01 | ok Memory RAID | Not Readable | ns Memory Added | 0x01 | ok Memory Removed | 0x01 | ok PCIE Fatal Err | 0x01 | ok Chipset Err | 0x01 | ok Err Reg Pointer | 0x01 | ok root on s1# - Original Message - From: Derek Ragona To: Grant Peel ; freebsd-questions@freebsd.org Sent: Thursday, March 16, 2006 5:45 PM Subject: Re: More Server Crash Saga Grant, That is a one unit rack mount server, which makes it prone to have heat problems, particularly under any load. You might want to check the ambient heat and the internal heat sensors as well. That server uses an intel chipset (and probably an intel motherboard) which should allow "out-of-band" monitoring. You should see what you can use to monitor the system and see what the system is reporting prior to a lockup. It may be time to just call dell and have them send a replacement MB or entire unit. -Derek At 03:47 PM 3/16/2006, Grant Peel wrote: Hi all, Still getting crashing today ... FreeBSD 6.0 PE 1850 Does the output of vmstat -i for fove seconds show a problem? Interupt storm? I have been searching, trying to find out what the 'rate' means and what should it be? interrupt total rate irq0: clk3277223999 irq5: em1 8877 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56401 17 irq8: rtc 419429127 irq11: em0 uhci0 85684 26 irq13: npx01 0 irq14: ata0 48 0 Total3847748 1173 root on s1# vmstat -i interrupt total rate irq0: clk3278793999 irq5: em1 8883 2 irq6: ehci0 atapci0 85 0 irq7: mpt0 uhci2 56408 17 irq8: rtc
Building a virgin.
Hi all, As some of you know I have been expierncing random freezing of a PE 1850. Since there is no real answer (lots of opinions), I have decided to build a new server for my client. I have a PE 750 that has been running a year now as a devel server. All that was needed was to upgrade the HD to 74GB per the original quote. That was done this weekend. FreeBSD 5.4 has been installed and the ports collection CVSUpded this morning. The kernel has been rebuilt to allow QUOTAs, and a basic ipfw firewall setup. I have loaded a number of servers in the past, with success, all of them based around PHP APache, MySQL Exim and vm-pop3d. All that having been said, I wanted to pick some brains of y'all regarding how you would handle loading all the new software on the server. The goal here is to have a functional webserver, with Apache, MySQL, PHP(with bells and whistles) , PERL, vm-pop3d, Exim(MTA), Spamassassin, Webmin, Usermin, ipa (for bandwidth accounting), Webalizer It will be used my my client to lots of virtual hosting. However, I am the only one with shell access. Here is what I intend to do ... suggestions, criticisms welcome. (i.e. doing something backwards, missing some critical steps etc). The first few lines are the ones I ussually trip over ... geting PHP and apache to work right together, and getting the correct PHP extensions istalled. Also, I like using Apache 2.x so I can have one deamon with http and https in one deamon. If anyone has a slicker flow of installation, I would really like to hear about it! installing database/MySQL server (4.1.18_1) installing database/MySQL client (4.1.18) install lang/PHP4 (4.4.1_1) install (use config) lang/php-extensions install apache install Exim install vm-pop3d install p5-spamassassin install webalizer install and customize Webmin install and costomize usermin install and configure various scripts for backups, log rotation, mrtg (system load) etc etc. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Building a virgin.
Thanks for the info! So the 'best' think would be: MySQL first, Apache 2nd, PHP third, then php-extensions? Also, Since its likely that this server will be replacing a live one, I selected php and mysql for to ensure the apps deployed are compatable. No suprises wanted when the changeover time comes -Grant - Original Message - From: "Riemer Palstra" <[EMAIL PROTECTED]> To: "fbsd_user" <[EMAIL PROTECTED]> Cc: "Grant Peel" <[EMAIL PROTECTED]>; Sent: Saturday, March 18, 2006 6:53 PM Subject: Re: Building a virgin. On Sat, Mar 18, 2006 at 11:31:54AM -0500, fbsd_user wrote: Install apache first before mysql and php. Err, no, I think it's better to do MySQL first: installing database/MySQL server (4.1.18_1) installing database/MySQL client (4.1.18) Installing the server will normally also get you the client. Any reason for not going with MySQL 5? install lang/PHP4 (4.4.1_1) install (use config) lang/php-extensions If MySQL is already installed, php-mysql (or if using PHP5 also php-mysqli) will pick up the libraries of the already installed mysql-client. Any reason to not go with PHP 5? install apache Install Apache before PHP, especially when you're installing Apache 2.0 or 2.2. By doing that, PHP will pick up on the right apxs binary and build with that compatibility in mind. -- Riemer PalstraAmsterdam, The Netherlands [EMAIL PROTECTED] http://www.palstra.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Ongoing Saga Dell PE1850 - FreeBSD 6.0 Release Freezups.
Hi all, I have been having freezups of my PE 1850 and FreeBSD 6.0 RELEASE. since about Feb 23. 1 about every three days. Sometimes twice a day. As far as everything (diagnostics) shows, no hardware issues (See text below ... BMC sensor data, first froup while server is down, second group right after harreset). Extensive memory and mainboard diagnostics have been run. So I am just wondering (before I start the task of movinf this client to a new machine) if anyone has seen complete software freezes, again, with no errors whatsoever in any log, no panics, no coredumps, of FreeBSD 6.0 freezing with the only recovery method being a machine reset, if so what was done to correct it. DoS attack maybe? but on what? ipfw internal issue? Any help would be appreciated. -Grant FYI. SEL shows nothing of note. Just the chassis intrusion that I did reassembling the server on Friday - ensureing everything was seated etc. DUring Freeze: Temp | 50 degrees C | ok(alittle high, but well within tolerance). Temp | 50 degrees C | ok Ambient Temp | 29 degrees C | ok Planar Temp | 37 degrees C | ok Riser Temp | 33 degrees C | ok Temp | 40 degrees C | ok Temp | 40 degrees C | ok CMOS Battery | 3.15 Volts| ok ROMB Battery | Not Readable | ns VCORE| 0x01 | ok VCORE| Not Readable | ns PROC VTT | 0x01 | ok 1.5V PG | 0x01 | ok 1.8V PG | 0x01 | ok 3.3V PG | 0x01 | ok 5V PG| 0x01 | ok 5V Riser PG | 0x01 | ok Riser PG | 0x01 | ok PFault Fail Safe | Not Readable | ns Presence | 0x01 | ok Presence | 0x02 | ok Presence | 0x01 | ok Presence | 0x02 | ok ROMB Presence| 0x02 | ok FAN 1A RPM | 9375 RPM | ok FAN 1B RPM | 6600 RPM | ok FAN 2A RPM | 9525 RPM | ok FAN 2B RPM | 6675 RPM | ok FAN 3A RPM | 9450 RPM | ok FAN 3B RPM | 6675 RPM | ok FAN 4A RPM | 9975 RPM | ok FAN 4B RPM | 6450 RPM | ok Status | 0x80 | ok Status | Not Readable | ns Status | 0x01 | ok Status | Not Readable | ns VRM | 0x01 | ok VRM | 0x01 | ok OS Watchdog | 0x00 | ok SEL | Not Readable | ns Intrusion| 0x00 | ok PS Redundancy| Not Readable | ns Fan Redundancy | 0x01 | ok SCSI Connector A | Not Readable | ns Drive| 0xc0 | ok ECC Corr Err | 0xc0 | ok ECC Uncorr Err | Not Readable | ns I/O Channel Chk | 0xc0 | ok PCI Parity Err | 0xc0 | ok PCI System Err | 0xc0 | ok SBE Log Disabled | Not Readable | ns Logging Disabled | Not Readable | ns Unknown | Not Readable | ns PROC Protocol| Not Readable | ns PROC Bus PERR| Not Readable | ns PROC Init Err| Not Readable | ns PROC Machine Chk | Not Readable | ns Memory Spared| Not Readable | ns Memory Mirrored | 0x01 | ok Memory RAID | Not Readable | ns Memory Added | 0x01 | ok Memory Removed | 0x01 | ok PCIE Fatal Err | 0x01 | ok Chipset Err | 0x01 | ok Err Reg Pointer | 0x01 | ok After Reset: Temp | 38 degrees C | ok Temp | 50 degrees C | ok Ambient Temp | 29 degrees C | ok Planar Temp | 36 degrees C | ok Riser Temp | 33 degrees C | ok Temp | 40 degrees C | ok Temp | 40 degrees C | ok CMOS Battery | 3.16 Volts| ok ROMB Battery | Not Readable | ns VCORE| 0x01 | ok VCORE| Not Readable | ns PROC VTT | 0x01 | ok 1.5V PG | 0x01 | ok 1.8V PG | 0x01 | ok 3.3V PG | 0x01 | ok 5V PG| 0x01 | ok 5V Riser PG | 0x01 | ok Riser PG | 0x01 | ok PFault Fail Safe | Not Readable | ns Presence | 0x01 | ok Presence | 0x02 | ok Presence | 0x01 | ok Presence | 0x02 | ok ROMB Presence| 0x02 | ok FAN 1A RPM | 9375 RPM | ok FAN 1B RPM | 6675 RPM | ok FAN 2A RPM | 9525 RPM | ok FAN 2B RPM | 6600 RPM | ok FAN 3A RPM | 9450 RPM | ok FAN 3B RPM | 6525 RPM
Re: Ongoing Saga Dell PE1850 - FreeBSD 6.0 Release Freezups.
It is a single processor, duel core Xenon. Hyperthreading has been turned off in the BIOS after about the thrird crash. APCI has been disabled in FBSD as well. - Original Message - From: "Riemer Palstra" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Wednesday, March 22, 2006 6:25 AM Subject: Re: Ongoing Saga Dell PE1850 - FreeBSD 6.0 Release Freezups. On Mon, Mar 20, 2006 at 05:12:33PM -0500, Grant Peel wrote: I have been having freezups of my PE 1850 and FreeBSD 6.0 RELEASE. since about Feb 23. 1 about every three days. Sometimes twice a day. I was having these on a 1850 whilst running 5.4 with SMP, but not 6.0. So I am just wondering (before I start the task of movinf this client to a new machine) if anyone has seen complete software freezes, again, with no errors whatsoever in any log, no panics, no coredumps, of FreeBSD 6.0 freezing with the only recovery method being a machine reset, if so what was done to correct it. Is this a dual proc machine running SMP? If so, is HyperThreading enabled in the BIOS? -- Riemer PalstraAmsterdam, The Netherlands [EMAIL PROTECTED] http://www.palstra.com/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Continuing Server Crash Saga!
Hi all, Re: my Dell PE 1850 crashes (freezes). After scouring the Buglists, I have found a few others who have servers that were exhibiting exactly the same issues as mine. Random crashes on reliable hardware, with not OS (FreeBSD 6.0) logs showing any issues. In FreeBSD 6.0 RELEASE, there seemed to be a QUOTA application bug. The three people I talked to have eliminated the freezing problem by disabling user and group disk QUOTA support. I have now disabled QUOTA on my system, and will report back in 10 days. (5 is the magic number, 10 would be reasonale to conclude success). I have been advised to upgrade to 6.1. I have never been very successful with upgrading a live system, so generally I backup data and completely reinstall. I am hoping someone here will tell me upgrading from 6.0 to 6.1 would be a trivial task, posing minimal danger, and perhaps point me to a decent tutorial or how to ... thanks all, -Grant QUOTA Freeze lockup lock up version 6 6.0 non responsive not responding unreachable. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ipfw - ipa
Hi all, I use IPFW and IPA to do IP accounting on all my systems. I was wondering if anyone has any opinions on how often the rules, or just the bytecounters should be zero'd/flushed when using ipfw? My rulesets consists of anywhere between 100-300 rules, most consisting of counters (used by ipa). -Grant. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
kernel optimization
Hello, I have several different Dell PowerEdge servers running various branches of FReeBSD ranging from 4.4 (nameserver only), to 6.0. I have had excellent success compiling kernels and am quite comfortable with the process. I was wondering what strategy people use to 'KNOW' which drivers and options can me commented out/deleted when configuring the kernel file. i.e. how does one "know" he does not need the 'amr' driver (I knowI don't need this one, but the idea relates to a number of other settings in the config). Info in dmesg.boot? /stand/sysinstall help? I want to build the lean mean kernels, but am a little nervous not knowing what can be commented out. TIA, -GRant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: em device on 4.x: ifconfig alias issue
Hi Marc, I don't pretend to know anything about Address Resolution and Routing, but one thing I know (through many hours of frustration), is that an aliased address (in your case, somehting like em0:23), IF the ip address being aliases, belongs in the same subnet as anotherone on the same machine, the second one must use a 255 subnet ( /0 ?). example: em0192.168.0.1 255.255.255.0 em0_0 192.168.0.2 255.255.255.255 ... em0_23 10.10.10.10 255.255.255.192 em0_43 10.10.10.11 255.255.255.255 em0_59 10.10.10.15 255.255.255.255 Hope this helps, if not soory about the waste of time! -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Deleting Kernel conpile directory
Hi all, I am running a little low on disk space in /usr Can I delete the /usr/src/sys/i386/compile/mykernel directory? If so, which method is best: a: cd /usr/src/sys/i386/compile rm -rf mykernel or b: cd /usr/src/sys/i386/compile/mykernel make clean Thanks all, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
NFS and Backups
Hi all, Happy belated Canada day to all my Cunuk bros :-) and an early happy 4th of July all as well! I have recently decided to use some extra disk space on one of my servers as backup space. I have NF client and Servers running OK, but was wondering how secure it really is. In the nfsd setup, we specify what clients are allowed to connect, by simply useing the host name. So if in my nfsd configuration, I specify a host called 'ahab' for example, how does the nfsd authenticate this host, and how secure is it? -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NFS and Backups
So, If I set the exports so that it used 192.168.x.x, and, my managed switch is only set to alow members of my vlan to use those IPs, I should be OK in that case? -Grant - Original Message - From: "Chuck Swiger" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Saturday, July 03, 2004 2:33 PM Subject: Re: NFS and Backups > Grant Peel wrote: > > I have recently decided to use some extra disk space on one of my servers as > > backup space. I have NFS client and Servers running OK, but was wondering how > > secure it really is. > > NFS is not secure at all. If you don't trust the local subnet, don't use NFS > there. Certainly don't use NFS across the Internet, unless using a secure > tunnelling/VPN protocol > > > So if in my nfsd configuration, I specify a host called 'ahab' for example, > > how does the nfsd authenticate this host, and how secure is it? > > NFS doesn't authenticate the host. NFS trusts the resolver when reversing the > IP addr into a hostname. > > -- > -Chuck > > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NFS and Backups
Hmm, Perhaps a complete layout and network explanations is in order here - I have a total of 5 servers, all running freebsd. - All servers have two NICS, 1 LAN and 1 WAN, all are hardwired to my switch. (No wireless involved. - The switch IS configured to allow WAN access to WAN ports only, and LAN access to LAN ports only. - WAN is using serveral hundered IPS on serveral subnets. LAN is using a single ssubnet of 254 (using the 192.168 scema). -The servers are locked in a very secure cage, accesssable by me, my partner (who never goes there), and a bonded network technician. - Peerl 1 is the Colo provider (In the Toronto NOC). - Two of my servers are our primary and secondary nameservers. The other three use those nameservers excelusively. - The hosts files include two names for each server, the fully qualified domain i.e. "machine1.mydomain.com" and the LAN name which is just the local machine name i.e. "machine1" - The exports files use the local machine name only i.e. "/backups -alldirs -maproot=0machine1 machine2 ..." -Just to be clear, each machine is plugged directly into the main switch shown below, no hubs or anything in between. Here is the layout: POP | | | Perr1 Router--- | __My Switch (Dell 3324)__ |||||||||| Lan WanLan WanLan WanLan WanLan Wan Machine1Machine2Machine3Machine4Machine5 - Original Message - From: "cpghost" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Saturday, July 03, 2004 9:12 PM Subject: Re: NFS and Backups > > > > I have recently decided to use some extra disk space on one of my > > servers as > > > > backup space. I have NFS client and Servers running OK, but was > > wondering how > > > > secure it really is. > > > > > > NFS is not secure at all. If you don't trust the local subnet, don't use > > NFS > > > there. Certainly don't use NFS across the Internet, unless using a secure > > > tunnelling/VPN protocol > > > > So, If I set the exports so that it used 192.168.x.x, and, my managed switch > > is only set to alow members of my vlan to use those IPs, I should be OK in > > that case? > > Careful here! If you have a WLAN access point hooked to your switch, > you're still vulnerable to war driving. Even if you don't use wireless > LAN, you still have to be sure that the client can't be replaced > with a rogue machine without you immediately knowing it (it happens > in real life more frequently than you think, esp. in big offices > with lots of computers). If you could avoid NFS for backups, then > by all means, you should try. As said, building reliable backup/restore > as well as ad hoc file swapping schemes on top of scp and ssh is a tried > and quite secure method. > > -- > Cordula's Web. http://www.cordula.ws/ > > ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
IPFW
Hi all, One of our mid-aged servers is running FBSD-4.7 RELEASE. It is a productive server, with lots of clients on it. I have recently activated ipfw, using Webmin as the front end to admin it. Ipfw is up and running, seems OK, BUT I am getting many many of these logs: /kernel: OUCH! cannot remove rule, count 2 Dec 18 05:41:01 excelsior /kernel: drop session, too many entries Dec 18 05:41:01 excelsior /kernel: OUCH! cannot remove rule, count 1 Dec 18 05:41:01 excelsior /kernel: OUCH! cannot remove rule, count 2 Dec 18 05:41:01 excelsior /kernel: drop session, too many entries Dec 18 05:41:01 excelsior /kernel: drop session, too many entries Dec 18 05:41:02 excelsior /kernel: OUCH! cannot remove rule, count 1 Dec 18 05:41:02 excelsior /kernel: OUCH! cannot remove rule, count 2 Dec 18 05:41:02 excelsior /kernel: drop session, too many entries Dec 18 05:41:02 excelsior last message repeated 2 times Can someone explain, what these are, do they mean anything to me, are they critical, and short of reloading a new OS, what can I do to get rid of them. FYI As this is a production servers, I would prefer not to rebuild the whole box, I have lots of proprietary tweaks built in. TIA! -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
ipfw and Webmin.
Hi all, If anyone out there uses Webmin Firewall module to admin a FreeBSD module, I could use a hint on something. In the FreeBSD handbook, it says one must put the "IPFIREWALL_DEFAULT_TO_ACCEPT" option in the kernel, OR make sure allow rules are present to avoid being locked out. IF anyone is using the webmin module, does the firewall.pl script webmin uses in the rc.local file avoid all this when the machine boots, or is it necessary to add a script to add a rule, or is it still a must to add the "IPFIREWALL_DEFAULT_TO_ACCEPT" to the kernel? -Grant ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
NFS fstab and ipfw
Hi all, I can't boot my machine with out using the noauto switch on my nfs mount, presumeably, because ipfw has'nt set up a tule to allow lo0 access. I have read some things about nfs_mount and wonder if the -i -s switch can be used in fstab on the nfs mount, or if there exists a switch that can be used to allow it to try to mount the nfs in the background and allow the sytem to continue booting. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NFS fstab and ipfw
I may have left out a key piece of info: I am not using a ipfw.rules sh script. I am using Webmin, which loads the ipfw.rules in the rc.local file. I don't know alot about the order of operations as far as the rc files go, but assume the rc.local is of the last ones to run, likely after mounts normally take place. Are there any background or timeout switches that can be used on nfs mounts in the fstab? -Grant - Original Message - From: "Giorgos Keramidas" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Friday, December 24, 2004 1:53 PM Subject: Re: NFS fstab and ipfw On 2004-12-24 13:25, Grant Peel <[EMAIL PROTECTED]> wrote: Hi all, I can't boot my machine with out using the noauto switch on my nfs mount, presumeably, because ipfw has'nt set up a tule to allow lo0 access. I have read some things about nfs_mount and wonder if the -i -s switch can be used in fstab on the nfs mount, or if there exists a switch that can be used to allow it to try to mount the nfs in the background and allow the sytem to continue booting. That doesn't sound right. The order of the rc.d scripts is set up to allow NFS mounts: : gothmog:/root# rcorder /etc/rc.d/* | egrep -e 'ipfw|mount' : /etc/rc.d/mountcritlocal : /etc/rc.d/ipfw : /etc/rc.d/mountcritremote : /etc/rc.d/mountd : gothmog:/root# Are you sure you are not blocking NFS mounts in your firewall ruleset? - Giorgos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
fstab -b
I have been reading in man fstab that the bg switch is depriciated, but I am not sure i understand the correct usage of the -b switch .. anyone? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
New IPFW Setup.
Good morning all, Appologies for sending to both lists, I am hoping to root out the IPFW gurus ! Hope everyone had a Merry Christmas I have recentory activated ipfw on 5 of my productive server. All servers are Apache, Exim or Sendmail, MySQL, vm-pop3d, ProFTPD enabled. All serves have multiple domains and UNIX users, though, by default, we do not supply shell accounts. Here is the ruleset I currently use on all the servers. I would like nothing more than to tighten them up a bit, if possible, considering the environment they are used in (Internet). Please feel free to browse and send me any comments, critiques you may have on the ruleset below. 00010 allow ip from any to any via lo0 00020 allow ip from any to any via fxp1 # LAN access ... Is behind a managed switch, VLAN setup. 00030 check-state 00040 allow tcp from N.N.N.N to me 22 keep-state setup# Allow me in via ssh ... I hope! 00050 allow ip from any to 192.168.0.6 # An nfs mount 00060 allow ip from 192.168.0.6 to any 00070 allow icmp from any to any icmptype 0,3,4,8,11,12 00100 allow ip from any to any keep-state out 00110 allow tcp from any to any 20,21 keep-state setup 00120 allow tcp from any to any 25,110 keep-state setup 00130 allow tcp from any to any 53 keep-state setup 00140 allow udp from any to any 53 keep-state 00150 allow tcp from any to any 80,110,443 keep-state setup 00160 allow tcp from any to any 1,2 keep-state setup# Webmin and Usermin. 00170 allow tcp from any to any 1024-65534 in setup # ftp ports. Seems to negate alot of the firewall ??? 65534 deny log ip from any to any 65535 deny ip from any to any Of special concern to me is line 170 ... added to allow ftp. Any ideas here? -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
DNS - FreeBSD
Hi all, I am sending this question to this list only thinking FreeBSD users may be the best source of info regarding networking on FreeBSD. I understand if many think I would be better serverd sending to some Bind or DNS list... That having been said I have: - one managed switch, the Gigabyte port is connected to our upstream provider; - 2 VLANS configured (LAN and WAN): - The VLANs are configured to allow access to LAN from LAN or to WAN from WAN only. - 5 FreeBSD boxes connected to this switch with s NICS each: - 1 NIC on each is the LAN NIC; - This LAN scheme is using 192.168.0.1/24 - The hosts are configured as 192.168.0.1,2,3,4,5,6; (the switch being #6). - 1 NIC on each is the WAN NIC. - Many different IP addresses (hosting etc); - 2 of the hosts are fully setup authoritive nameservers for mydomain.com and several hundred other domains. My questions revolve around DNS in general, as related to the above setup. 1.) The default 'make-localhost' script (originally ran before I had a managed switch and only 2 hosts on the network). Created the zone that looks as such: file /etc/namedb/192.168.1 $TTL3600 @ IN SOA thishost.mydomain.com. root.thishost.mydomain.com. ( 20020527; Serial 3600; Refresh 900 ; Retry 360 ; Expire 3600 ) ; Minimum IN NS thishost.mydomain.com. 1 IN PTR localhost.mydomain.com. For whatever reason, I can't seem to get my head around what this file is for, and if (considering the 192.168.0.1/24 scheme I am using), if it is configured right. QAny thoughts? QShould I have a similar file on each of the other hosts? In my resolv.conf files on each host, I am using lines like: nameserver 192.168.0.2 nameserver 192.168.0.1 QAre there any downsides to using this scheme? (the thought here was to keep the lookups from ns1 and ns2 from going through my providers router, therefor causing me to pay for bandwidth I could otherwise keep local). I have ipfw firewalls setup on all the hosts. I have rules allowing all outgoing traffic from all hosts, and rules to allow incomming traffic to port 53 UDP and TCP. QDoes there need to be other ports / protocols passed for the DNS to work correctly? QWould there be any benifit to setting up a caching server on each of the three (Non nameserver) hosts? TIA, -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
JAVA Server
Hello all, I have a number of simple FreeBSD Hosting boxes running FBSD 4.x and have had a request to add a Java Server to one of them. I am not experienced with JAVA at all. My Boxes run simple Apache 1.3.36, EXim, ProFTP vmpop3d, and are tuned and running well. I am looking for advise on what JAVA server to consider installing. SImple to install would be good, Low overhead would be better, and seamless operation with Apache would be perfect. Any Comments welcome, help appreciated! -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
sFTP nologin
Hi all, Going blind again. Is there a quick - secure way to allow the sshd sFTP subsystem to allows sftp connections without allowing shell accounts? If so, I will keep searching but I have not found it yet. -Grant ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: sFTP nologin
Yes, been trying that all morning. sbin/nologin kills the connection after it prints the message. i have been tring scponly it has been less that workable so far too. -GRant - Original Message - From: "Eric McCoy" <[EMAIL PROTECTED]> To: "Grant Peel" <[EMAIL PROTECTED]> Cc: Sent: Friday, March 25, 2005 10:59 AM Subject: Re: sFTP nologin Grant Peel wrote: Is there a quick - secure way to allow the sshd sFTP subsystem to allows sftp connections without allowing shell accounts? Create the account and set its shell to /sbin/nologin. You can safely add that to /etc/shells: it does its name and just prints a terse message before booting the user if he tries to connect via vanilla SSH. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
