New user - small file server questions and quick GUI question
Hi guys, first up I hope I am in the right place as my questions are of a generic nature about FreeBSD as I consider myself a new user not having much mileage with the OS as of yet! Secondly I just wanted to wish everyone a happy Christmas and New Year also since we are in that period :-) I will start with my GUI question as I believe that it is something simple: I attempted an install of 7.2 stable on my laptop and subsequently installed X11also. Now I didn't have any Xorg.conf file but each time I tried to start X from the CLI using the normal startx command (read the documentation through fully beforehand) but I didn't manage to get the mouse or keyboard to even work let alone starting the Gnome2 interface. Now I don't have that particular machine with me now as it's in another country but just wanted to know a few possible causes for the issue. I am guessing it's probably tied into not having the xorg.conf file but I will install a VM of it soon and be more specific with logs etc as I am used to Linux and Sun Solaris I know this is really ad-hoc and frowned upon way of asking which will probably earn me minus brownie points but just wanted a quick idea of what maybe so when the time comes I can investigate further! The second and main question that I wish to ask is more to do with peoples opinions or experienced BSD users advice: I am looking to setup a small file server which I will use as DNS and NTP server also. The reason for selecting FreeBSD is that the system I about to install onto doesn't have much memory (not sure how much but probably in the region of 300-500MB perhaps) and although Linux would definitely suite this kind of system as Solaris needs round 2GB or so for OpenSolaris, I am quite interested to learn FreeBSD but also take advantage of the ZFS file system which is standard now in version 8. I won't be installing a GUI on this machine since it is going to be a server so I would like to know if BSD has a small footprint memory and CPU wise for me to run on the machine in question which is a PIV? Also just to make sure: NFS, Samba, NTPd, and ISC's Bind are all supported on FreeBSD aren't they?? I know this is a bit of an RTFM issue here but for example the Solaris implementation of NTP and even SNMP are slightly different from the GNU or GPL based ones in Linux so therefor I have to ask :-) Many thanks for any responses Best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Running with no xorg.conf is fine, but you need to make sure dbus and hal are started at boot. Follow the handbook for best results. http://www.freebsd.org/doc/en/books/handbook/x-config.html I'm sure I started them as this doc is exactly what I followed.. I think if I recall correctly or at least something like it?? Anyway as explained I will use Vbox to check 100% and then at least have proper logs and cli output to compare to and give everyone an idea of what's going on unlike now! If you're concerned about system resources, at least from a minimalist perspective, then ZFS is not for you. Solaris can't help you with that either, ZFS is hungry. ZFS is also not "standard", but considered production ready. UFS is still the standard, and the only filesystem supported by the installer without resorting to tricks. Yes ZFS is hungry :-) I run Solaris 10 on an ancient Sun Netra T105 server with 360MB of RAM which uses ZFS file system and apart being a reverse proxy it won't handle anything else easily. Also my E420r server with 1GB of RAM running Sun Ray software is limited to just that and can only handle 1 Ray unit on top of the SXCE (Solaris Express Community Edition) OS. I know how strong UFS v.1 is as I use it with Solaris 9, but how about UFS v.2 which is what FreeBSD runs?? When compared with ext3 from a performance/reliability perspective which one comes on top? Also if something goes wrong with the filesystem what are the tools to check the drive and repair errors as in Linux I use e2fsck followed by device ID. As mention UFS v.1 is incredibly strong especially when run on SCSI II drives that the Sun Netra T105 uses so I haven't had an FS failure yet and if UFS v.2 is similar I don't suspect having a failure either although this machine will have IDE drives and uses x86 architecture as opposed to SPARC. In fact I am only really after ZFS for its self healing properties as I don't mind going with any file system as long as it's stable. Ext3 although easily repairable is quite unstable on my systems anyway! All the other services work well on FreeBSD. -- Adam Vande More Cool, thanks Adam! :-) I appreciate the response. Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
I would say ufs2 easily wins, but remember this is the freebsd-questions list ;) There are some differences though, ufs2 uses softupdates, not journaling(journaling is available and easy to implement via gjournal). Softupdates I believe are a little faster than journaling, but it's drawback is long disk checking after a dirty shutdown. I've never had a ufs specific issue in hundreds if not thousands of deployments, but nothing is guaranteed. ufs does have a great track records and bunch of service hours logged. Cool meaning I am going UFS2 on my new install! Example after a dirty shutdown: fsck -y Aaah fsck :-) If I run this on an ext3 FS it tends to make things much worse as I did it once and got left with a whole bunch of unattached inodes :-( reason for Linux and ext3 e2fsck is much better I have found from personal experience! That's actually a bit disconcerting, do you have hardware instability? Nope! These systems are actually desktop systems which I run as servers as I couldn't afford to buy proper systems so got a whole bunch of cheap x86 boxes off Ebay. If running Scalix though I found it really eats up hard drives - although running a collaboration suite on a laptop is not the most intelligent thing to do but then what else can you do with a portable computer with bust LCD display? Left in my parents house in the UK now as I'm currently in Turkey but my lab from scavenged parts and systems: http://www.optiplex-networks.com/lab/lab.html -- Adam Vande More Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
I can't speak to the rest, but WRT the GUI, I suspect you'll find it a lot easier if you install a Window Manager to handle a lot of this. I have found xfce4 to be a good one for me - gnome and kde were a bit much. Once I installed /usr/ports/x11-wm/xfce4 with a 'make config-recursive' then chose my options, then 'make install', the GUI fired up just fine, and all of the hal/dbus stuff was handled for me. Kurt I thought Gnome already came with Nautilus as Window manager??? Or in FreeBSD is it extra? Sorry am not used to doing things from scratch but soon I will get the hang of it - just give me a couple of days to get the file server I am on about up and running then will transfer the stuff clogging my notebooks HD over there and install a VM through Vbox and really have a go at understanding the GUI. I did play around with FreeBSIE which is FreeBSD with the GUI installed as a live CD which was really cool and light and worked especially well on my 512MB RAM laptop. Now I don't have a memory issue as I have 6GB on a newer machine running 64bit OS's all the way but still need to get to grips with this :-) Thanks for the tip Kurt! Regards, --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
The most common cause is that either hald (sysutils/hal) or dbus (devel/dbus) isn't running. Xorg needs them both to detect mouse and keyboard. Add dbus_enable="YES" and hald_enable="YES" to rc.conf to get them to start automatically. We'll see what the issue actually is - as I mentioned I kinda stuffed this question in without any proper log or tty output to support anything I mentioned which is quite ad-hoc and not recommended on mailing lists of this caliber unless wanting to irritate the participants. Just need to clear up my notebooks drive first before setting up the VM environment to test! I agree with Adam Vande More's opinion that UFS2 is the way to go on such a low memory system. UFS2 also works well with large disks (1+ TB) if you tune the newfs parameters a bit (mainly to shorten the fsck time). With geom(8) you can do all kinds of mirroring/striping if you're into RAID. With regards to stability, UFS2 was before the import of ZFS the only filesystem widely used. It is very well tested, and in my opinion, very stable. In fact, I can't remember ever having a UFS2 filesystem go bad to the point I couldn't repair it anymore. If you're expecting lots of power outages, it may be worthwile to set up journaling using gjournal(8), which will reduce fsck times considerably, at the cost of reduced streaming write speed (which will halve unless a dedicated journal disk is used). I agree also and thank you guys for your opinions! As mentioned I know UFS1 from Solaris 9 on my SPARC systems and have never had any issues with it at all. "Hang on what are these things called slices and this wacky naming convention I thought disks where labeled hdax or sdax according to the partition" :-P sorry internal joke! That won't be a problem. To illustrate, FreeBSD on a 256MB (i386) machine has about 211MB memory free just after startup. To be safe you could configure a large swap, so the system won't kill the memory hogs as soon as it runs out of memory. Yeah I reckon large swap also! Usually round 2 or 3 times amount of memory but for everyday generic use I find about 1.5 - 3 gigs is enough. This is the good part of static filesystems I find over ZFS is that the swap space is easily tunable without editing ZFS pools or other. NFS, BIND, SNMP (bsnmpd) and NTP come with the OS and are installed by default. Samba can be installed from ports. Hmm I will need a bit of assistance for the ports part as I'm kinda used to Debian backports through the Apt repos but BSD ports is something quite different. I'm sure there's plenty of documentation on the web to find out how to install and implement! bsnmpd sounds to me more like snmpx from Solaris in terms of that it is different from opensnmpd. Not a problem won't be doing any SNMP monitoring right now as I don't have anything to monitor as my router isn't even my beloved Cisco at the mo. When I have more memory I will play around with SNMP monitoring software if available for BSD, and my all time favorite: Cacti. Good luck! Pieter Thanks a lot Pieter --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Kurt Buff wrote: On Mon, Dec 28, 2009 at 15:29, Kaya Saman wrote: I see I didn't completely read your original message. Indulge me a moment while I ramble here, and probably expose my ignorance... Xorg/X11 <> Gnome Gnome runs on Xorg: Xorg/Xfree runs X11 Xfree is now obsolete as Xorg is much better. Nautilis is a file manager, unless I misremember. The native file manager for xfce4 is Thunar. Gnome, like xfce4 (and ratpoison, kde, etc.) is a Window Manager, which depends on Xorg/X11 to function. WMs are usually installed installed after Xorg. Correct on both counts :-) Did you install gnome from source, or did you use 'pkg_add -r'? I don't know why, but I seem to have better luck, though it takes much longer, if I use 'make install' from the ports tree. I used pkg_add! Am such a package manager guy as although have compiled quite a bit of stuff I find on some systems such as Sun Solaris compiling can be a nightmare. Especially if it means hacking out source code and using special make parameters as I'm not a programmer but also not that far advanced when it comes down to building software from scratch! I'm not far along that learning curve myself. Heh. I started on an old Toshiba laptop with 256mbytes RAM, and Freesbie worked well on that. I then learned how to install from scratch. That was, um, interesting. I hated Linux, as it seems so arcane. Well, perhaps 'hate' is too strong a word, but it left a bad taste in my mouth. Once I worked with FreeBSD, it became much more clear. Things seem to be done more sanely in FreeBSD. Now I have a nice 4gbyte Lenovo T61, and I still like xfce4 - it does what I want, and I didn't want to expend the effort to learn anything new. Well, Linux has its advantages and for the last 2 years have completely used it as an M$ Windowz replacement as one can do almost everything on it. When I meant; not used to doing things from scratch I meant building the OS. I actually prefer doing a minimal install of CentOS with no software or GUI at all and then building the system up to what I need when it comes down to servers!!! Means I can fine tune the system that way and only use the system resources for what I need. Being a user of both Solaris and Linux though, they are both pretty cool with Solaris only hindered by lack of software and multimedia apps. Otherwise I think Solaris in Open guise would win anyday provided that the H/W support was as vast as Linux. If you're very familiar with gnome, you might wish to stay with it. If you're just learning, for both gnome and xfce4, my preference would be for xfce4. But that's just me, and you'll get at least 10 different answers from the first 8 people you meet. Have played round with everything including KDE3/4, XFCE, Blackbox, Fluxbox, Window Maker, CDE (on Solaris).. Wish there was something more, new and interesting but they're all a bit bland after a while. Gnome I find is more functional! If anyone has any idea of getting something like they use on TV shows like NCIS and CSI that would be really cool (not Hollywood OS) or something they use in the military that one sees on the discovery channel say on the US Navy ships. I mean I do develop GUI's for the OpenSolaris spin-off distro Belenix which can be seen here: http://www.optiplex-networks.com/belenix/index_belenix.html under themes. But really need a new concept of completely tricked out geeky 'suped' up WM. Lot's of bar graphs, text outputs and other really cool stuff embedded into it :-) - no need for Gkrellm or Conky or Torsmo anymore! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
[...] add dbus_enable="YES" hald_enable="YES" to your /etc/rc.conf. That will most likely clear your problem. [...] I will give this a go soon :-) That's what I do with mine under FreeBSD, for both servers and workstations. Having both servers and workstations is cool as both of them need to be looked at very differently! I like having Linux for desktop systems due to the full multimedia traits of it. I mean Debian or Ubuntu is pretty cool, Red Hat based Fedora is problematic as by default some packages don't work properly so you end up having to hack around the problem. Also multimedia is a slight pain in Fedora due to having to add extra repos to get things like MP3's working since there is some licensing issue. For servers one can pretty much install anything just for raw services. However when one starts considering performance attributes such as disk write speed, ease of adding storage, memory usage, security etc into the equation then one must side with one of the UNIX's around. Different UNIX versions have different strengths and weaknesses but it is nice to get to know as many as possible in order to actually identify and see these attributes in live real time so that in a professional capacity one has the experience to choose the correct system for the task at hand. I need to dive back into Linux - I want to figure out Xen now that it can do live migrations/failover, and FreeBSD doesn't do Dom0 - yet. So, I'll probably try out CentOS, though I suppose I could use NetBSD. Aaaah yes Citrix Xen, it's cool - read the manual but haven't played with it. Yeah I would run Linux just in case there are some things you wish to do but can't in BSD although I can't comment on the differences as I haven't seen them myself yet. I am really a big fan of testing systems on Suns Virtual Box! Is almost like running a disposable OS. Plug in and play then throw away until you need a proper H/W install :-) Eh. I just want something that works and keeps out of my way - xfce seems to do that just fine. For me, 'cool' is the apps and what I can do with them. Hahahaha :-) As long as I can listen to music and watch videos I am ok, oh as well as browse web, check mail and use the occasional office app. the rest is all CLI for me.. However I will use a few more things too rarely - even 3D games. I do like flashy screens though that no body can understand apart from a trained operator :-P - tried this with normal lighting effect too as I tried to emulate an aircraft landing strip with Christmas tree lights. Where I live currently is like a complex with a few houses enclosed in a site with private security etc. Anyway we put my lighting effect in the entrance and before we knew it rained blowing out everything even the backup generator and almost electrocuting everyone living inside... it was so embarrassing for that to happen to a person with an electrical/electronic engineering degree :-O h oh well! I blame the site manager as he bought indoor lights as they were cheap!!! --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Alex de Kruijff wrote: On Mon, Dec 28, 2009 at 05:04:52PM -0600, Adam Vande More wrote: On Mon, Dec 28, 2009 at 4:42 PM, Kaya Saman wrote: Also if something goes wrong with the filesystem what are the tools to check the drive and repair errors as in Linux I use e2fsck followed by device ID. Example after a dirty shutdown: fsck -y FreeBSD 7 and up is able to do a lot of this on the background: fsck -yB Adding the line 'fsck_y_enable="YES"' to /etc/rc.conf will run fsck -y if the initial preen fails Many thanks guys for all the advice :-) It is really appreciated! Sorry haven't snipped more stuff into this mail but things are a bit hectic here but what I will say is this; in a few hours once the BSD 8 DVD ISO comes in I will attempt an install and have a look at what's what. The server will be constructed first and then I will look at the GUI environment with Vbox. I reckon the proposed disk usage spec from the FreeBSD hand book should suffice though shouldn't it?? With a larger HD I would normally do something like 15 - 25GB / (root) partition and the rest for /home with round 1.5 - 3GB for swap. Now my HD is round 40GB so I will do a minimal install and try to maximize the /home slice! As result only services I will run are DNS, NTP, SAMBA and NFS. I suppose I could get away with something like 2GB for / which would then contain /tmp, /etc, /root, /boot etc. Only 2 machines will be connected, my uncles Win XP box and my Linux/Solaris system. --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
[...] What is not unusual is to symlink /home e.g: # ln -s /usr/home /home ditto for /tmp. i.e you remove all the stuff that uses up space from the root partition. So the only slices you need are /, /usr, /var and swap. How I'd slice up the disk: 2GB for / 2GB for swap 2GB for /var 34GB for /usr Ah so BSD is slightly different from Linux in the fact that it needs to have /var and /usr filesystems separate?? I guess it must be similar to the way Solaris handles things when UFS based (not ZFS). The /home partition then is very similar to Solaris in that /export/home is considered the user directory. Means BSD stores /home in /usr/home?? Should be OK but /tmp symlinked to /usr/tmp as some things can really fill up /tmp. For example, IIRC OpenOffice needs gigs of temp space to build. OpenOffice or IIRC is for GUI based usage and not CLI. Since this will be a simple server no GUI or work will be done on the machine itself in terms of keyboard/mouse setup. Normally I work through SSH so will be much easier once I have network connectivity up and running after initial install :-) Should work fine. Just remember to make your /home and /tmp symlinks as soon as you first boot up. Regards, Thanks!!! --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Many thanks again for all suggestions! :-) [...] For my desktop, with around 450 ports installed, I have the following lay-out; Filesystem SizeUsed Avail Capacity Mounted on /dev/ad4s1a484M 93M353M21%/ /dev/ad4s1g.eli373G168G175G49%/home /dev/ad4s1e 48G198K 45G 0%/tmp /dev/ad4s1f 19G5.8G 12G32%/usr /dev/ad4s1d1.9G226M1.6G12%/var [...] Hmm... lot's of different pieces of advice rolling in now! I guess what I will do as I have a small hard disk for what I want to do which is to get rid of my music and few movies which are stored on my laptop currently, is create separate /, /tmp, /usr and /var. I propose which is similar to what Frank has suggested: / ~500M /tmp ~2GB /var ~2GB /usr ~2GB /home the rest but then Jerry has already suggested: partition mount point Size a/ 512 MegaBytes (1/2 GByte) bswap 2048 MBytes (2 GBytes) d/tmp 512 MBytes e/usr 4096 MBytes f/var 4096 MBytes g/home 29 GB (eg all of the rest of the disk) This could be ok I reckon as the 4GB partitions should be there as everyone has suggested for me to use ports and build from source! The reason why I preferred to use package manager was that on say Solaris it's pretty a much a pain having to install all the dependencies from Sun Freeware site. I mean what I will be installing if completely base install with just OS and nothing more like I mentioned before is Samba, NFS server/client, NTP, Nano as the quote below from Jerry using vi or vim is not my preferred text editor as I find them extremely difficult and a real pain to use. In addition I do not think this machine has a DVD drive either although I haven't fired up the Win build yet to transfer files but from what the drive says on the front of 52x looks like it's CD only :-( This means that I will need to download the minimal install CD and install the packages from there! For this reason the discussed packages above will need to be downloaded and installed my best guess is from source. Meaning I will need extra space in one of the filesystems but am unsure where the source gets stored?? My best guess would be /usr? Have setup the machine now and am almost at the point of attempted an install! :-) Guys the support has been really awsome and I highly appreciate everyones efforts to assist me! [quote] So, use 'vi' or install 'vim' from ports and us it. Since 'vi' is always available, it becomes important to learn it and then it is second nature to use it. (actually, vi is not available in single user mode if you do not have /usr mounted, but I usually just put a copy in /bin and then it is always available) [/quote] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Roland: If you can afford it, and if your laptop has a USB port, buy one of those external harddisks. Plenty of room for music and movies... Also great for backups! Can't afford :-( I have many disks like that where I bought really cool enclosures and the drives separately but currently am in a really bad situation financially. In UK in my parents house I have round 3.2TB or so with 1.7TB dedicated to music and movies. Out here though I only have my 320GB drive on my laptop which has 9 OS's on it including VM's. 160GB for Linux which I have Fedora 10 and Kubuntu on the other side I run OpenSolaris and Belenix in different ZFS pools. Laptop is cool 6GB memory too :-) ~# fdisk -l Disk /dev/sda: 320.0 GB, 320072933376 bytes 255 heads, 63 sectors/track, 38913 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Disk identifier: 0x34f7742e Device Boot Start End Blocks Id System /dev/sda1 1 19453 156256191 bf Solaris /dev/sda2 19454 2370934186320 83 Linux /dev/sda3 * 23710 2553414659312+ 83 Linux /dev/sda4 25535 38913 107466817+ 5 Extended /dev/sda5 25535 38665 105474726 83 Linux /dev/sda6 38666 38913 1992028+ 82 Linux swap / Solaris ~# df -h FilesystemSize Used Avail Use% Mounted on /dev/sda2 33G 11G 21G 34% / tmpfs 2.9G 4.0K 2.9G 1% /lib/init/rw varrun2.9G 240K 2.9G 1% /var/run varlock 2.9G 4.0K 2.9G 1% /var/lock udev 2.9G 180K 2.9G 1% /dev tmpfs 2.9G 708K 2.9G 1% /dev/shm lrm 2.9G 2.5M 2.9G 1% /lib/modules/2.6.28-17-generic/volatile /dev/sda5 100G 93G 1.2G 99% /home /dev/sda3 14G 9.6G 3.6G 74% /mnt/tmp I propose which is similar to what Frank has suggested: / ~500M /tmp ~2GB /var ~2GB /usr ~2GB /home the rest I would make /usr greater. See below. but then Jerry has already suggested: partition mount point Size a/ 512 MegaBytes (1/2 GByte) bswap 2048 MBytes (2 GBytes) d/tmp 512 MBytes e/usr 4096 MBytes f/var 4096 MBytes g/home 29 GB (eg all of the rest of the disk) This could be ok I reckon as the 4GB partitions should be there as everyone has suggested for me to use ports and build from source! I'd make /usr bigger. 5-10 GiB, if you can spare it. Err I will try 4GB because I need to dump round 10-15GB here clogging up my disks. In fact I just partitioned the drive using FreeBSIE and I think it's only a 30GB on this desktop which I can always look into getting a new one in time. But slightly stuck for now! Realize that not all software is available as packages because of e.g. licensing restrictions. And some ports you can customize via so-called "options". If you install from packages, you're stuck with the (default) options used when building the packages. The FreeBSD ports system is _so_ convenient. It's one of the great features of FreeBSD, as is the user community. I just the packages I mentioned before that's it! If I can do that it will be really cool. The ee(1) editor is part of the base system. This is a _lot_ friendlier than vi! Give it a try, you might not even need nano. I will try it out thanks for that! :-) In addition I do not think this machine has a DVD drive either although I haven't fired up the Win build yet to transfer files but from what the drive says on the front of 52x looks like it's CD only :-( Good enough for installing. :-) For this reason the discussed packages above will need to be downloaded and installed my best guess is from source. Installing from source is the most flexible method. How is your internet connection? Hahahah the biggest joke of 2k9 is my internet as it's 512kbps :-( That's what happens when you move country to a developing one things slow down to a halt. In UK I had 20Mbps h I really miss it! Meaning I will need extra space in one of the filesystems but am unsure where the source gets stored?? My best guess would be /usr? In /usr/ports to be exact. The source code tarballs are also stored there, under /usr/ports/distfiles. On my system, /usr/ports/distfiles is now 799 MiB (450 ports, remember!). The rest of /usr/ports is 543 MiB. Realize that ports will be compiled under /usr/ports as well! Ah ok I will look at this once my install progresses, I just hope that 4GB is enough for this! I really need to maximize space for /home where all my stuff will be deposited to for the moment as I don't trust the drive either as it really grinds like crazy but then it might be MS Win doing that? Good luck! Roland Many than
Re: New user - small file server questions and quick GUI question
Hi Roland, many thanks for the response!!! :-) I waited until I had a test server setup and at least now I do.. In fact I think from my usage perspective FreeBSD is not that difficult to understand!!! I now have a test machine setup which I built nano and Bind 9.6.1 from the ports collection and I have ntp and nfs setup too. I am currently wondering what to do about the disk space as nothing is used: test# df -h Filesystem SizeUsed Avail Capacity Mounted on /dev/ad0s1a 34G1.2G 30G 4%/ devfs 1.0K1.0K 0B 100%/dev devfs 1.0K1.0K 0B 100%/var/named/dev If I create separate partitions for /var /usr and /tmp I am sure that I won't need that much unless I have a totally dynamic file system which will grow over time. But with minimal usage just to transfer the off file but mainly read files from as now the users are going down to 1 machine (just me) so I think with 2GB I can probably get away with it for each filesystem??? What do you say? Many thanks to everyone else that responded to this thread/post all your help and advice has been much appreciated! Regards, Kaya P.s. The good part with this is that I'm only using 23MB or memory too which is incredible considering that Linux or Solaris would take so much more. This is kinda cool.. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: New user - small file server questions and quick GUI question
Just to give a quick overview of what is being used currently: test# du -sch etc 1.7Metc 1.7Mtotal test# du -sch var 1.0Mvar 1.0Mtotal test# du -sch tmp 10Ktmp 10Ktotal test# du -sch usr 1.0Gusr 1.0Gtotal I think I could get away with 500MB for /var and /tmp and have /usr as 2 or 3GB?? What's everyone's verdict? Also I didn't realize and forgot to mention before that NFS on BSD won't export /home but instead exports the link in /usr/home. as I had issues with "bad exports line /home" in /var/log/messages! In addition I edited my rc.conf file to include these extra lines as per Google; what's everyone's opinion on them though as I'm a little unsure of what they do (indicated with *): inetd_enable="YES" keymap="us.iso" nfs_server_enable="YES" *nfs_server_flags="-u -t -n 4" rpcbind_enable="YES" *rpcbind_flags="-r" sshd_enable="YES" named_enable="YES" mountd_enable="YES" ntpd_enable="YES" Finally for Bind I don't get why everything has been stuffed into named.conf??? In terms of all root servers etc Linux is very different in that a separate dir is created with separate file for root servers. Is there any particular reason for this?? --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Compiled Xmms2 on FreeBSD 8 from ports but no output plugin?
Hi guys, I am trying to get xmms2 working on my server as I want to tie it into Icecast2 in order to stream music to my network. I'm having major problems with getting xmms2 to work though! This is output from /var/log/messages: Jan 3 20:16:55 test kernel: pid 1218 (xmms2-mdns-avahi), uid 500: exited on signal 6 (core dumped) If I try to start it I get issues with the output plugin as it doesn't seem to like wave: $ xmms2d INFO: ../src/xmms/log.c:49: Initialized logging system :) 20:24:47 INFO: ../src/xmms/ipc.c:795: IPC listening on 'tcp://192.168.1.100:9090'. 20:24:47 INFO: ../src/xmms/main.c:517: Using output plugin: wave 20:24:47 ERROR: ../src/xmms/main.c:521: Bad output plugin, try to change theoutput.plugin config variable to something usefull 20:24:47 ERROR: ../src/xmms/output.c:981: initalized output without a plugin, please fix! Starting XMMS2 phone home agent... Starting XMMS2 mDNS Agent... Failed to create Avahi client: Daemon not running Assertion failed: (client), function avahi_client_free, file client.c, line 613. I am sure that xmms2 will start without the Avahi client though as I have no plans to install that since I am using static IP addressing which means I won't need Avahi.. (would it be better to recompile or can I leave like this??) Anyway if anyone can help me with resolving these errors I would be so grateful! In addition I need to create a startup script for xmms2-launcher so that I can run the app as a daemon in the background only I am not very familiar with BSD or startup scripts in general so if anyone can help that would be cool too! Incase it helps: $ uname -a FreeBSD test.optiplex-networks.com 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 r...@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386 Many thanks and best regards to all!! :-) P.s. many of you saw my initial email which I posted pre building this server. I actually have come to really quite like BSD as it doesn't take any power from the system at all or even use much HD space either. I mean ports needs about 1GB but I seem to do get round things clogging with make install clean. BTW thanks to all who helped out on that! --Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Tuning for very little RAM
[...] I don't think we want to hijack this thread or this forum and turn it into a debate over which window managers and apps are best. As I pointed out in my followup to my original reply, there's already a voluminous discussion on those topics. I think we should simply point interested readers in that direction and let them make up their own minds. [...] I am currently using a PIV 2.4GHz with 480MB RAM with fluxbox! This works really well, I have firefox and opera browsers installed and will look at getting my favorite Seamonkey installed too sometime but isn't a priority as this machine doubles as a DNS, NTP, NFS, and Radio streaming server :-) And I only have a 35GB HD too which is peanuts considering that in my full-blown network in my other house I have round 3.2TB... So far am only using 80-90MB RAM when X is turned off! With X on it's round ~125MB that's with running Xterm, Firefox, and Rhythmbox or even Mplayer. In my opinion it's always best to test and try out a few WM's to see which one fits the bill best, after that it's easy! Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
rc.d script not working for Xmms2 :-(
Hi guys,
I'm just attempting to create a startup script for Xmms2 so that the
service can autostart on boot!
So far I have Google'd around and found very little, the most promising
site was this:
http://www.freebsd.org/doc/en/articles/rc-scripting/rcng-daemon.html
which gives a script of this:
#!/bin/sh
. /etc/rc.subr
name="mumbled"
rcvar=`set_rcvar`
command="/usr/sbin/${name}
load_rc_config $name
run_rc_command "$1"
So far I have modified the script to look like this:
#!/bin/sh
. /etc/rc.subr
name="xmms2-launcher"
rcvar=`set_rcvar`
command="/usr/local/bin/${name}" -u kaya
load_rc_config $name
run_rc_command "$1"
and given it the name xmms2-launcher, the location of the script is in
/usr/local/etc/rc.d/
I also have this line in /etc/rc.conf:
xmms2-launcher_enable="YES"
Only when I attempt to start the script I get this information back:
-u: not found
xmms2-launcher_enable=YES: not found
./xmms2-launcher: WARNING: $xmms2-launcher_enable is not set properly -
see rc.conf(5).
Cannot 'start' xmms2-launcher. Set xmms2-launcher_enable to YES in
/etc/rc.conf or use 'onestart' instead of 'start'.
I would like to start the daemon as user kaya which is why I have the -u
added in the script but am completely lost now as I'm not great at
scripting since this is quite advanced for the simple stuff I do know about!
Can anyone help me??
Many thanks and best regards,
Kaya
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: rc.d script not working for Xmms2 :-(
Many thanks for the tips I am almost there but have a problem now!
This is the output I get:
./xmms2launcher stop
./xmms2launcher: WARNING: cannot read shebang line from
/usr/local/bin/xmms2launcher
xmms2launcher not running?
From my current file:
rd1# cat xmms2launcher
#!/bin/sh
# PROVIDE:xmms2launcher
. /etc/rc.subr
name="xmms2launcher"
rcvar=`set_rcvar`
command="/usr/local/bin/${name} -u kaya"
load_rc_config $name
run_rc_command "$1"
Of which I know call xmms2launcher_enable="YES" from within /etc/rc.conf
The only issue is that the command is here:
rd1# ls /usr/local/bin | grep xmms2
nyxmms2
xmms2
xmms2-et
xmms2-find-avahi
xmms2-launcher
xmms2-mdns-avahi
xmms2d
So if I can't add the - does this mean that I have to create a link to
xmms2-launcher with name xmms2launcher??
--K
RW wrote:
On Fri, 08 Jan 2010 12:23:40 +0200
Kaya Saman wrote:
So far I have modified the script to look like this:
#!/bin/sh
You may need a PROVIDE LINE e.g.
# PROVIDE:xmms2launcher
. /etc/rc.subr
name="xmms2-launcher"
You can't use "-" in shell variable names, so you shouldn't use it here
rcvar=`set_rcvar`
command="/usr/local/bin/${name}" -u kaya
The -u kaya needs to go in a _flags variable
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: rc.d script not working for Xmms2 :-(
no just avoid using ${name} in the command.
name is just a label used for creating unique variable names you can
use in rc.conf, it doesn't have to match any binary.
___
Thanks we're getting closer but some thing's still hinky!
rd1# /usr/local/etc/rc.d/xmms2d stop
/usr/local/etc/rc.d/xmms2d: WARNING: cannot read shebang line from
/usr/local/bin/xmms2d-launcher
xmms2d not running?
This is the latest incarnation of the script:
#!/bin/sh
# PROVIDE:xmms2d
#xmms2d_enable="YES"
. /etc/rc.subr
name="xmms2d"
rcvar=`set_rcvar`
command="/usr/local/bin/xmms2d-launcher -u kaya"
load_rc_config $name
run_rc_command "$1"
I gather I goofed up one part but which I cannot say!
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Possible to run 2 instances of Bind DNS server in jails??
Hi, I'm just reading through a thread right now on a discussion or debate whether to ports Solaris Zones to FreeBSD. My main Google search criteria was basically that I wanted to know if FreeBSD had something similar. In this discussion it was mentioned that FreeBSD Jails where the sudo 'equivalent' to Zones but of course behave much more like a chroot environment. I have to ask if it's possible since I'm coming over from Solaris to dedicate NICs to Jails and run separate instances of applications in there, the one I am looking for primarily is Bind. As I would like to use a Sun Fire V480 server as a mainframe but stuck between the application advantages of FreeBSD and some of the virtualization technologies within Solaris. Has anyone got any advice or comments as to whether I can achieve my goal?? Many thanks, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Possible to run 2 instances of Bind DNS server in jails??
Vince Hoffman wrote: The only bit I'm not certain on is dedicating a nic to a jail (more because I havent tried than because I believe it cant be done, I'd expect that the network stack virtualization in 8+ should allow this.) You can most definately run seperate instances of applications in jails. I'd recomend subscribing to the freebsd-jails mailing list (http://lists.freebsd.org/mailman/listinfo/freebsd-jail) for jail specific questions as I've only dabbled with them a little. But a 10 second example [r...@seaurchin ~]# jls JID IP Address Hostname Path 1 10.20.0.3 womble/var/jails/womble 2 10.20.0.2 foobar/var/jails/foobar [r...@seaurchin ~]# jexec 1 ps ax PID TT STAT TIME COMMAND 8166 ?? SsJ0:06.69 /usr/sbin/syslogd -s 8231 ?? SsJ1:00.94 sendmail: accepting connections (sendmail) 8235 ?? IsJ0:00.92 sendmail: Queue run...@00:30:00 for /var/spool/client 8241 ?? SsJ0:08.55 /usr/sbin/cron -s 79334 ?? IsJ0:00.06 /usr/sbin/named -u bind 79559 0 R+J0:00.00 ps ax [r...@seaurchin ~]# jexec 2 ps ax PID TT STAT TIME COMMAND 8504 ?? IsJ0:01.15 sendmail: Queue run...@00:30:00 for /var/spool/client 8510 ?? SsJ0:08.35 /usr/sbin/cron -s 79447 ?? IsJ0:00.07 /usr/sbin/named -u bind 79584 0 R+J0:00.00 ps ax Hope that helps Vince Thanks Vince! That really helps a lot :-) Will check the jails mailing list out and see what I can discover regarding the NICs... Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: denying spam hosts ssh access - good idea?
David Southwell wrote: I'm thinking of denying ssh access to host from which I get brute force ssh attacks. HOwever, I see in /etc/hosts.allow: # Wrapping sshd(8) is not normally a good idea, but if you # need to do it, here's how #sshd : .evil.cracker.example.com : deny Why is it not a good idea? Also, apparently in older ssh there was DenyHosts option, but no longer in the current version. Is there a replacement for DenyHOsts? Or is there a good reason for such option not to be used? many thanks anton I use denyhosts ( /usr/ports/security/denyhosts ) works well for me. I also use blackhole and sshguard david ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Take a look at fail2ban: http://www.fail2ban.org/ This hooks in IPtables and really does a nice job of preventing DoS attacks from not just SSH but many other ports and protocols too. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Endianness
David Kelly wrote: On Tue, Jan 12, 2010 at 12:51:00PM -0800, Rob Farmer wrote: I'm trying to create a port of an application which only works on little endian systems and I'm trying to figure out how to set ONLY_FOR_ARCHS. Wikipedia says PowerPC, Sparc, and IA64 are bi-endian and the OS chooses the mode. I'm not familiar with these platforms - I'm sure it has been answered somewhere, but I can't find it - which FreeBSD archs are little/big endian? Thanks. i386 is little endian. Would expect ia64 to be the same. SPARC is big endian. Or at least it used to be. Power4,5,6 are all big endian too if I'm not mistaken. Correct me if I'm wrong but anything based around the CISC architecture is big endian. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Integrating FreeBSD with MS Active Directory in order to be able to Authenticate Dovecot IMAP server
Hi,
I'm attempting to authenticate Dovecot to Active Directory, however,
I'm failing quite badly.
So far I have gone through the FreeBSD handbook on Kerberos authentication:
http://www.freebsd.org/doc/handbook/kerberos5.html
Additionally I have been through the Dovecot config:
http://wiki2.dovecot.org/Authentication/Mechanisms/Winbind
http://wiki2.dovecot.org/HowTo/ActiveDirectoryNtlm
I am running FreeBSD 8.2 x64 RELEASE edition with the Dovecot2 port
installed, SAMBA 3.6, and the Heimdal version of Kerberos.
I pulled the krb5.conf and smb.conf files from one of our production
Linux boxes..
This is my dovecot.conf file:
# v1.1:
#auth_ntlm_use_winbind = yes
# v1.2+:
auth_use_winbind = yes
auth_winbind_helper_path = /usr/local/bin/ntlm_auth
protocols = imap
# It's nice to have separate log files for Dovecot. You could do this
# by changing syslog configuration also, but this is easier.
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
# Disable SSL for now.
ssl = no
disable_plaintext_auth = no
# We're using Maildir format
#mail_location = maildir:~/Maildir
mail_location = mbox:/mail:INBOX=/mail/%u
# If you're using POP3, you'll need this:
#pop3_uidl_format = %g
# Authentication configuration:
auth_verbose = yes
auth_username_format = %n
#auth_mechanisms = plain
auth_mechanisms = plain ntlm login
#passdb {
# driver = passwd-file
# args = /usr/local/etc/dovecot/passwd
#}
#userdb {
# driver = static
# args = uid=root gid=root home=/root/
# driver = static
# args = uid=500 gid=500 home=/ZPOOL_1/%u
#}
#userdb static {
# args= uid=501 gid=501 home=/mail/%1Ln/%Ln
# mail=maildir:/mail/%d/%1Ln/%Ln:INBOX=/mail/%d/%1Ln/%Ln
# allow_all_users=yes
#}
passdb {
driver = static
}
userdb {
driver = static
args= uid=501 gid=501 home=/mail/%1Ln/%Ln
}
This is ther krb5.conf file:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = DOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
DOMAIN.COM = {
kdc = :88
kdc = :88
admin_server = :749
kdc = DC.DOMAIN.COM
}
[domain_realm]
domain.com = DOMAIN.COM
.domain.com = DOMAIN.COM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
This is the smb.conf file:
[global]
#--authconfig--start-line--
# Generated by authconfig on 2011/04/11 15:41:02
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = DOMAIN
password server = DC.DOMAIN.COM
realm = DOMAIN.COM
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
winbind separator = +
#--authconfig--end-line--
preferred master = no
server string = FreeBSD IMAP Server
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m
max log size = 50
printcap name = cups
printing = cups
unix extensions = no
winbind enum users = Yes
winbind enum groups = Yes
winbind nested groups = Yes
winbind cache time = 5
Running the command klist does give an output however, I am totally
stuck as to why the Dovecot authentication isn't working
This is the output from the dovecot.log:
May 20 13:16:32 auth: Error: could not obtain winbind domain name!
May 20 13:16:32 auth: Error: could not obtain winbind netbios name!
May 20 13:16:32 auth: Error: could not obtain winbind domain name!
May 20 13:16:42 auth: Fatal: master: service(auth): child 15253 killed
with signal 11 (core not dumped - set service auth {
drop_priv_before_exec=yes })
May 20 13:16:42 imap-login: Warning: Auth connection closed with 1
pending requests (max 8 secs, pid=15254, EOF)
May 20 13:16:51 auth: Error: Ignoring unknown parameter "use kerberos keytab"
May 20 13:16:51 auth: Error: could not obtain winbind domain name!
May 20 13:16:51 auth: Error: could not obtain winbind netbios name!
May 20 13:16:51 auth: Error: could not obtain winbind domain name!
May 20 13:17:08 auth: Fatal: master: service(auth): child 15256 killed
with signal 11 (core not dumped - set service auth {
drop_priv_before_exec=yes })
May 20 13:17:08 imap-login: Warning: Auth connection closed with 1
pending requests (max 15 secs, pid=15257, EOF)
May 23 12:18:31 imap-login: Warning: Auth connection closed with 1
pending requests (max 0 secs, pid=25437, EOF)
May 23 12:18:31 auth: Fatal: master: service(auth): child 25439 killed
with signal 11 (core not dumped - set service auth {
drop_priv_before_exec=yes })
May 23 12:19:00 imap-login: Warning: Auth connection closed with 1
pending requests (max 0 secs, pid=25437, EOF)
May 23 12:19:00 auth: Fatal: master: service(auth): chil
Re: Hardware compatability question
Hi, it's not really about the machines but more the hardware. FreeBSD is quite diverse in what it can run on so best bet check the HCL's off the www.freebsd.org website as that would give you the best idea! Otherwise just install and see what works and doesn't. FreeBSD is pretty comprehensive of H/W support. I would say if you were moving away from MS, FreeBSD is a great choice and probably the best out there providing you don't need something specific - you will need to get used to the CLI environment but once that's worked out it's a sinch. I am now introducing *BSD to my company too and trying to move them away from Linux which has it's own caveats. Good luck with the move, I'd love to give you a full-blown sales pitch but unfortunatley don't have time right now. - though it would be kinda useless as FreeBSD really sells itself if you know what it can do for you! Regards, Kaya On Thu, May 31, 2012 at 3:23 PM, wrote: > > Hello, > I am moving away from MS products due to security and stability > concerns. Below are the machines I use and would like to know which > version of FreeBSD will work best with each. The compu ters are used > at home and away, for e-mail, preparing documents, databases , and > spredsheets, as well as, web browsing and some begining programing > (Perl, C, HTML, and Assembely I think). > Here are the notes on my machines: > HP Compaq CQ5300Y > MOBO M2N68-LA (Narra5) > AMD Sempron LE-1300 2.30GHz > Vidio Card NVIDIA GeForce 6150SE nForce 430 > RAM: PC2-6400 MB/sec 2 Gigs RAM > HD: WDC WD32 00AAJS-65M0A SCSI 320 Gig HD > Toshiba Satel lite A205-S5880 > Intel Pentium Dual CPU T2390 @ 1.86 GH > Vidio Card: Mobile Intel 965 Express Chipset > RAM: 3 Gigs > HD: Toshiba MK2046GSX ATA > Both where bought new and are stock off the shelf models. > Thank you for your fine efforts and your time in this, > Phnxcs_rep > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anyone using freebsd ZFS for large storage servers?
If this is any consellation I run a 36TB cluster using a self built server with a Promise DAS (VessJBOD 1840) using ZFS at home! to support my OpenSource projects and personal files. As for OS take your pick: NexentaStor, FreeBSD, Solaris 11 All capable, of course Solaris has latest version of ZFS but still. At work we're looking into getting a StorEdge appliance wich will handle up to 140+ TB. I am also in charge of redesigning one of our virtual SAN's to a FreeBSD ZFS storage system which will run well how many JBOD's can you fit on the system?? Probably round ~100TB or so. Regards, Kaya On Thu, May 31, 2012 at 4:32 PM, Oscar Hodgson wrote: > The subject is pretty much the question. Perhaps there's a better > place to be asking this question ... > > We have (very briefly) discussed the possibility of using FreeBSD > pizza boxes as a storage heads direct attached to external JBOD arrays > with ZFS. In perusing the list, I haven't stumbled across indications > of people actually doing this. External JBODs would be running 24 to > 48TB each, roughly. There would be a couple of units. The pizza > boxes would be used for computational tasks, and nominally would have > 8 cores and 96G+ RAM. > > Obvious questions are hardware compatibility and stability. I've set > up small FreeBSD 9 machines with ZFS roots and simple mirrors for > other tasks here, and those have been successful so far. > > Observations would be appreciated. > > Oscar. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anyone using freebsd ZFS for large storage servers?
On Thu, May 31, 2012 at 5:05 PM, Oscar Hodgson wrote: > That helps. Thank you. > > This is an academic departmental instructional / research environment. > We had a great relationship with Sun, they provided great > opportunities to put Solaris in front of students. Oracle, not so > much, and the Oracle single-tier support model simply isn't affordable > for this "business" (there's no ROI at the departmental level ). > Solaris is not a viable option. We found Oracle to be the cheapest out of all the solutions we looked at: Netapp, MSI, et el. > > FreeBSD looks like the next best available option at the moment, > particularly considering the use of the storage heads as compute > machines. OpenIndiana shows promise. Nexenta has a great product, > but the user community expects more flexibility in software options. FreeBSD is better then Linux in my opinion though lacking some software and multimedia functionality that Linux has and not for the Desktop as it's not as "bleeding edge" as say Fedora 16, however, if FreeBSD offered Gnome3 and supported my wireless NIC I'd be all over it like a "bad rash" :-) > > Is there anything like a list of "supported" (known good) SAS HBA's? LSI HBA's are really good! For my DIY solution at home I used a SuperMicro system board with non-RAID LSI HBA... It is a similar solution that we will use for our test NAS at work though we already have a Dell R700 series server. For this setup however I will need to use an LSI HBA with both internal and external Mini-SAS ports. Instead of Promise we will use NetStor JBOD solutions as they work with 6Gbps drives and overall give better performance. > > Oscar Regards, Kaya > > On Thu, May 31, 2012 at 11:38 AM, Kaya Saman wrote: >> If this is any consellation I run a 36TB cluster using a self built >> server with a Promise DAS (VessJBOD 1840) using ZFS at home! to >> support my OpenSource projects and personal files. >> >> As for OS take your pick: NexentaStor, FreeBSD, Solaris 11 >> >> >> All capable, of course Solaris has latest version of ZFS but still. >> >> >> At work we're looking into getting a StorEdge appliance wich will >> handle up to 140+ TB. >> >> >> I am also in charge of redesigning one of our virtual SAN's to a >> FreeBSD ZFS storage system which will run well how many JBOD's can >> you fit on the system?? Probably round ~100TB or so. >> >> >> Regards, >> >> >> Kaya >> >> >> On Thu, May 31, 2012 at 4:32 PM, Oscar Hodgson >> wrote: >>> The subject is pretty much the question. Perhaps there's a better >>> place to be asking this question ... >>> >>> We have (very briefly) discussed the possibility of using FreeBSD >>> pizza boxes as a storage heads direct attached to external JBOD arrays >>> with ZFS. In perusing the list, I haven't stumbled across indications >>> of people actually doing this. External JBODs would be running 24 to >>> 48TB each, roughly. There would be a couple of units. The pizza >>> boxes would be used for computational tasks, and nominally would have >>> 8 cores and 96G+ RAM. >>> >>> Obvious questions are hardware compatibility and stability. I've set >>> up small FreeBSD 9 machines with ZFS roots and simple mirrors for >>> other tasks here, and those have been successful so far. >>> >>> Observations would be appreciated. >>> >>> Oscar. >>> ___ >>> freebsd-questions@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>> To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anyone using freebsd ZFS for large storage servers?
On Thu, May 31, 2012 at 6:28 PM, Damien Fleuriot wrote: > As a side note and in case you were considering, I strongly advise against > Linux + fuse ZFS. > Yes I agree; as far as I understand ZFS in Linux is still in testing and in any case not part of the Linux kernel which means dramatic performance degredation, like trying to use Firewire (IEEE1394) on any thing other then a Mac, Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anyone using freebsd ZFS for large storage servers?
> > and definitely do not use it if you will not have regular backups of all > data, as in case of failures (yes they do happen) you will just have no > chance to repair it. > > There is NO fsck_zfs! And ZFS is promoted as it "doesn't need" it. > > Assuming that filesystem doesn't need offline filesystem check utility > because it "never crash" is funny. > zfs scrub...??? Additionally ZFS works directly at the block level of the HD meaning that it is slightly different to the 'normal' file systems in storing information and is also "self healing".. Though I'm sure that you knew all this and have found otherwise. I mean I haven't found any problem with it even after power failures and such and my machine has been up for nearly 3 years. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Anyone using freebsd ZFS for large storage servers?
> >> Additionally ZFS works directly at the block level of the HD meaning >> that it is slightly different to the 'normal' file systems in storing >> information and is also "self healing".. > > > doesn't other filesystem work on block level too? if no - then at what > level? > > It was my impression that ZFS doesn't actually format the disk as stores data as raw information on the hard disk directly rather then using an actual "file system" structure as such. That's what I was trying to get at by that statement. This is really what made ZFS standout over other types of file systems. In doing that according to everything I have read, it actually means faster I/O and ease of portability incase the disks need to be removed from their current location and added elsewhere but not loosing information. Unlike clunky hardware RAID systems ZFS adds much more versitility too which of course being at this depth of knowledge you are aware of and may even have a means to compare, however I personally prefer it over RAID as RAID is rubbish dealing with it everyday I am fed up of creating non-dynamic arrays. I cannot compre directly to the more advanced UFS2 techniques but my money would be with ZFS over RAID and LVM any day and don't even give me M$ systems they would be out the window before being booted for the first time.. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Strange case of vanishing disk
Hi, this is a very strange issue but I guess will either be related to 2 things, PSU not being powerful enough or disk controller simply being crap. Here's what's going on. I have a little Chenbro 4 disk mini-ITX NAS server with 2x 2TB disks and 2x4TB disks as storage - all spread out over 2 ZFS storage pools. Additionally I am running the root file system on a 40GB SSD. The strange thing with this is that I recently installed the 4TB disks and they're brand new. One disk connected to the system board works fine and shows up as online and on one of the channels using atacontrol list. The other disk is connected to a Startech.com Jmicron based 2x SATA RAID controller card. The disk connected to the controller card is having issues. At first the drive wouldn't be seen by the system then after a while all of a sudden it was there. No reboots, no io scans nothing it just appeared. After blasting it with IO for a few days the disk has now vanished again. I had this error in dmesg for a while: ad4: TIMEOUT - READ_DMA retrying (1 retry left) LBA=113337535 I have tried to use pciconf -lbvv to show the connected interfaces and the JMICRON comes up fine: atapci0@pci0:2:0:0:class=0x010400 card=0x2366197b chip=0x2366197b rev=0x02 hdr=0x00 vendor = 'JMicron Technology Corp.' device = 'JMicron JMB366 AHCI/IDE Controller (JMB36X)' class = mass storage subclass = RAID bar [10] = type I/O Port, range 32, base 0xd040, size 8, enabled bar [14] = type I/O Port, range 32, base 0xd030, size 4, enabled bar [18] = type I/O Port, range 32, base 0xd020, size 8, enabled bar [1c] = type I/O Port, range 32, base 0xd010, size 4, enabled bar [20] = type I/O Port, range 32, base 0xd000, size 16, enabled bar [24] = type Memory, range 32, base 0xd051, size 8192, enabled So why isn't the disk? I reckon as stated at the beginning that either the 180Watt PSU inside the system isn't enough or the controller is just really poor?? Could anyone suggest anything to look into, I'm sure I've covered all the bases but just incase there is something else I can do with this one?? Thanks. Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
this is a very strange issue but I guess will either be related to 2 things, PSU not being powerful enough or disk controller simply being crap. Here's what's going on. I have a little Chenbro 4 disk mini-ITX NAS server with 2x 2TB disks and 2x4TB disks as storage - all spread out over 2 ZFS storage pools. Additionally I am running the root file system on a 40GB SSD. [...] ___ One thing I can think of is to disconnect the questionable disk from the RAID controller card and connect it directly to the motherboard. Then you'd know whether the fault is with the hard drive or the RAID controller. PSU = power supply unit? 180 watts seems very little, I didn't know any modern system could run on so little. I thought the minimum would be around 400 watts, and this would not allow for a powerful gaming graphics card. Maybe you need to replace the power supply with something having more watts, but make sure it will physically fit. Tom Thanks for the response! Here's some more info that I managed to dig up: Jun 4 02:39:19 Zeta-Ray root: ZFS: vdev I/O failure, zpool=ZFS_POOL_2 path=/dev/ad4 offset=270336 size=8192 error=6 Jun 4 02:39:19 Zeta-Ray kernel: ata2: port is not ready (timeout 15000ms) tfd = 00ff Jun 4 02:39:19 Zeta-Ray kernel: ata2: hardware reset timeout Jun 4 02:39:19 Zeta-Ray kernel: unknown: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=269091394 Yeah, 180 Watts is what comes with the chassis as it's an external power supply. Additionally the system is a Mini-ITX so that would account for less power usage however, in this case I think it might be the PSU that's simply not providing enough power. I will definitely try sticking the "downed" disk into the motherboard controller directly as that will tell me if the disk is the issue or not. I'm also thinking to eliminate the issue of using external controller to just get a new system board that 6x SATA connectors on it instead of 4 as per my board. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/04/2012 04:42 AM, Zane C. B-H. wrote: On Mon, 04 Jun 2012 02:06:57 +0100 Kaya Saman wrote: Hi, this is a very strange issue but I guess will either be related to 2 things, PSU not being powerful enough or disk controller simply being crap. Here's what's going on. I have a little Chenbro 4 disk mini-ITX NAS server with 2x 2TB disks and 2x4TB disks as storage - all spread out over 2 ZFS storage pools. Additionally I am running the root file system on a 40GB SSD. The strange thing with this is that I recently installed the 4TB disks and they're brand new. One disk connected to the system board works fine and shows up as online and on one of the channels using atacontrol list. The other disk is connected to a Startech.com Jmicron based 2x SATA RAID controller card. The disk connected to the controller card is having issues. At first the drive wouldn't be seen by the system then after a while all of a sudden it was there. No reboots, no io scans nothing it just appeared. After blasting it with IO for a few days the disk has now vanished again. I had this error in dmesg for a while: ad4: TIMEOUT - READ_DMA retrying (1 retry left) LBA=113337535 I have tried to use pciconf -lbvv to show the connected interfaces and the JMICRON comes up fine: atapci0@pci0:2:0:0:class=0x010400 card=0x2366197b chip=0x2366197b rev=0x02 hdr=0x00 vendor = 'JMicron Technology Corp.' device = 'JMicron JMB366 AHCI/IDE Controller (JMB36X)' class = mass storage subclass = RAID bar [10] = type I/O Port, range 32, base 0xd040, size 8, enabled bar [14] = type I/O Port, range 32, base 0xd030, size 4, enabled bar [18] = type I/O Port, range 32, base 0xd020, size 8, enabled bar [1c] = type I/O Port, range 32, base 0xd010, size 4, enabled bar [20] = type I/O Port, range 32, base 0xd000, size 16, enabled bar [24] = type Memory, range 32, base 0xd051, size 8192, enabled So why isn't the disk? I reckon as stated at the beginning that either the 180Watt PSU inside the system isn't enough or the controller is just really poor?? Could anyone suggest anything to look into, I'm sure I've covered all the bases but just incase there is something else I can do with this one?? Greetings, It looks like you are using the default ATA drive with that. I would suggest trying the AHCI driver and see if that works better. kldload ahci ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" I've just tried this and lost my whole system. My boot disk is not labeled to work with ahci as it just has standard formatting on there. Need to remove the ahci_load="YES" from /boot/loader.conf file now. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/04/2012 08:34 AM, Gary Aitken wrote: On 06/03/12 20:59, Kaya Saman wrote: this is a very strange issue but I guess will either be related to 2 things, PSU not being powerful enough or disk controller simply being crap. Here's what's going on. I have a little Chenbro 4 disk mini-ITX NAS server with 2x 2TB disks and 2x4TB disks as storage - all spread out over 2 ZFS storage pools. Additionally I am running the root file system on a 40GB SSD. [...] ___ One thing I can think of is to disconnect the questionable disk from the RAID controller card and connect it directly to the motherboard. Then you'd know whether the fault is with the hard drive or the RAID controller. PSU = power supply unit? 180 watts seems very little, I didn't know any modern system could run on so little. I thought the minimum would be around 400 watts, and this would not allow for a powerful gaming graphics card. Maybe you need to replace the power supply with something having more watts, but make sure it will physically fit. Tom Thanks for the response! Here's some more info that I managed to dig up: Jun 4 02:39:19 Zeta-Ray root: ZFS: vdev I/O failure, zpool=ZFS_POOL_2 path=/dev/ad4 offset=270336 size=8192 error=6 Jun 4 02:39:19 Zeta-Ray kernel: ata2: port is not ready (timeout 15000ms) tfd = 00ff Jun 4 02:39:19 Zeta-Ray kernel: ata2: hardware reset timeout Jun 4 02:39:19 Zeta-Ray kernel: unknown: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=269091394 Yeah, 180 Watts is what comes with the chassis as it's an external power supply. Additionally the system is a Mini-ITX so that would account for less power usage however, in this case I think it might be the PSU that's simply not providing enough power. I will definitely try sticking the "downed" disk into the motherboard controller directly as that will tell me if the disk is the issue or not. If the problem is actually insufficient power, this won't tell you a thing. You'll have to isolate the power supply as not being a problem before anything else will be relevant. If you swap the two new disks, and the one now on the card fails, it's probably not a disk problem. But you still can't tell if its the card or insufficient power. If you can sideline the two original disks and run, it's probably power. But I'd guess you're oversubscribed in that department. It should be relatively easy to estimate as mfg specs for cpu + mobo + disks is readily available. Gary Yeah, this is really odd! I just "offlined" the system and took a look at the BIOS. The hard disk controller was set to "ATA NATIVE", I attempted changing to AHCI and the system failed to boot thereafter. Booting into my rescue CD of FreeSBIE, with AHCI enabled only showed "ad4" (the troubled disk) to be registering. Switching the setting back I managed to see all disk including ad4 from SBIE. I fixed the /boot/loader.conf file by commenting out "ahci_load="YES"" and vuala done! The system booted and the ZPOOL jumped back into life: # zpool status pool: ZFS_POOL_1 state: ONLINE scrub: none requested config: NAMESTATE READ WRITE CKSUM ZFS_POOL_1 ONLINE 0 0 0 ad13 ONLINE 0 0 0 ad15 ONLINE 0 0 0 errors: No known data errors pool: ZFS_POOL_2 state: ONLINE scrub: scrub stopped after 307445734561825857h27m with 0 errors on Mon Jun 4 16:24:10 2012 config: NAMESTATE READ WRITE CKSUM ZFS_POOL_2 ONLINE 0 0 0 ad14 ONLINE 0 0 0 ad4 ONLINE 0 0 0 errors: No known data errors Here's the weird part now; I had to stop the SCRUB as the READ_DMA retrying errors came up again?? I have just swapped disks infact and ad4 seems to be playing up again :-( ad4 of course being assigned any disk that's on the controller. I am not sure of what to make of this? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/04/2012 08:34 AM, Gary Aitken wrote: On 06/03/12 20:59, Kaya Saman wrote: this is a very strange issue but I guess will either be related to 2 things, PSU not being powerful enough or disk controller simply being crap. Here's what's going on. I have a little Chenbro 4 disk mini-ITX NAS server with 2x 2TB disks and 2x4TB disks as storage - all spread out over 2 ZFS storage pools. Additionally I am running the root file system on a 40GB SSD. [...] ___ One thing I can think of is to disconnect the questionable disk from the RAID controller card and connect it directly to the motherboard. Then you'd know whether the fault is with the hard drive or the RAID controller. PSU = power supply unit? 180 watts seems very little, I didn't know any modern system could run on so little. I thought the minimum would be around 400 watts, and this would not allow for a powerful gaming graphics card. Maybe you need to replace the power supply with something having more watts, but make sure it will physically fit. Tom Thanks for the response! Here's some more info that I managed to dig up: Jun 4 02:39:19 Zeta-Ray root: ZFS: vdev I/O failure, zpool=ZFS_POOL_2 path=/dev/ad4 offset=270336 size=8192 error=6 Jun 4 02:39:19 Zeta-Ray kernel: ata2: port is not ready (timeout 15000ms) tfd = 00ff Jun 4 02:39:19 Zeta-Ray kernel: ata2: hardware reset timeout Jun 4 02:39:19 Zeta-Ray kernel: unknown: TIMEOUT - WRITE_DMA48 retrying (1 retry left) LBA=269091394 Yeah, 180 Watts is what comes with the chassis as it's an external power supply. Additionally the system is a Mini-ITX so that would account for less power usage however, in this case I think it might be the PSU that's simply not providing enough power. I will definitely try sticking the "downed" disk into the motherboard controller directly as that will tell me if the disk is the issue or not. If the problem is actually insufficient power, this won't tell you a thing. You'll have to isolate the power supply as not being a problem before anything else will be relevant. If you swap the two new disks, and the one now on the card fails, it's probably not a disk problem. But you still can't tell if its the card or insufficient power. If you can sideline the two original disks and run, it's probably power. But I'd guess you're oversubscribed in that department. It should be relatively easy to estimate as mfg specs for cpu + mobo + disks is readily available. Gary More digging yields this: zpool iostat -v -- - - - - - - ZFS_POOL_2 527G 6.74T 0 0 3.18K 1.39K ad4431G 3.20T 0 0 1.55K678 ad14 95.6G 3.53T 0 0 1.63K740 -- - - - - - - There is not much bandwidth being used. the disk is fine! The bandwidth gets a little more and the disk starts timing out: -- - - - - - - ZFS_POOL_2 527G 6.74T 0 0 19.0K 12.8K ad4431G 3.20T 0 0 17.3K 5.97K ad14 95.6G 3.53T 0 0 1.72K 6.81K -- - - - - - - I'm pretty sure it's the Strartech.com controller in the system!! Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/04/2012 06:26 PM, Wojciech Puchar wrote: I just "offlined" the system and took a look at the BIOS. The hard disk controller was set to "ATA NATIVE", I attempted changing to AHCI and the system failed to boot thereafter. do you have ahci and ada drivers compiled in? Booting into my rescue CD of FreeSBIE, with AHCI enabled only showed "ad4" (the troubled disk) to be registering. showing up some, but not all disks after rebooting is quite common to the problem i described. POWERING OFF (by disconnecting electricity, not by power button), waiting a minute, and powering on "fixes" the problem for some time. Thanks Wojciech for the responses! It could be the motherboard; it's an Intel Core2Quad machine! I am looking at alternatives like Portwell: http://www.portwell.nl/products/WADE-8011.html http://www.portwell.nl/products/WADE-8012.html which are Xeon and i7 based system boards respectively and also industrial meaning that they are better designed then consumer desktop style boards. It will be interesting to test once my new rackmount chassis comes along with a 400Watt PSU where the system will then go and see what happens from there.. This system has been up for 3+ years before running 3x disks; one SSD and 2x 2TB drives in a ZFS pool. I only have 4GB RAM in here which may be an issue since I am also using round 5x Jails and 2x Apache Tomcat and 2x Postgresql databases inside to host separate instances of Xwiki - yep Java eats RAM for breakfast, lunch, and dinner :-) - will soon be migrating this stuff off the box but not for now as need some ca$h first ;-) Will wait for my new chassis then see what happens! Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/05/2012 12:50 AM, Zane C. B-H. wrote: On Mon, 04 Jun 2012 12:20:13 +0100 Kaya Saman wrote: On 06/04/2012 04:42 AM, Zane C. B-H. wrote: On Mon, 04 Jun 2012 02:06:57 +0100 Kaya Saman wrote: I've just tried this and lost my whole system. My boot disk is not labeled to work with ahci as it just has standard formatting on there. Need to remove the ahci_load="YES" from /boot/loader.conf file now. Ack, my apologies. Forgot about that. Yeah, you will need to do it from the loader prompt if you want to test it. Unless you are booting off of gmirror or have /etc/fstab configured with something else that will automatically be found, you will have a problem. But from the loader prompt it should be... load /boot/kernel/ahci.kp show rootdev If rootdev shows any thing other than shows boot device as ad, rewrite it as ada, using the set command. See loader(8). This will get it to boot, although it will error and drop to single user mode as /etc/fstab contains the old stuff. Just manually mount everything and continue. At this point it should be up and running and able to test it out. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Thanks for the information! I had a small issue at the bootloader> prompt, my USB keyboard didn't work as in it seems the kernel modules weren't loaded in order for the keys to function. Not sure how to get round that one :-) Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange case of vanishing disk
On 06/05/2012 01:09 AM, Polytropon wrote: On Tue, 05 Jun 2012 01:03:59 +0100, Kaya Saman wrote: I had a small issue at the bootloader> prompt, my USB keyboard didn't work as in it seems the kernel modules weren't loaded in order for the keys to function. Not sure how to get round that one :-) Check the BIOS settings: Sometimes you can enable "USB keyboard legacy" so it will also work at the "lower levels" of interactivity. Did that! Enabled USB legacy support - didn't work. At the time was Google'ing the issue too however nobody really had an answer all that was suggested was the load the keyboard modules, but how can one do that with access to system. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is ZFS production ready?
Hi, I think it is stable enough on FreeBSD. Someone actually posted quite a similar thread not a while ago.. Here'e a quick summary: For my various OpenSource projects, I have deployed a 36TB file system which is fine and stable running 24/7. Additionally at home I use 4TB (2x 2TB) + 8TB (2x 4TB) on a machine with 4GB RAM this has been up for 3 years with minimum reboot! - this system gets pretty hammered as lot's of front ends for my OpenSource stuff run off there plus I transfer large amounts of data 10's of GB's often between systems. For web stuff I get round 20,000-30,000 hits from various places on that particular box and it handles perfectly unlike my crappy Cisco 857 router - will redeploy a uni-socket server running OpenBSD for this one. Good luck! Regards, Kaya On Thu, Jun 21, 2012 at 8:33 AM, Hooman Fazaeli wrote: > Dear community > > In the past, I built a 8TB ZFS log server on freebsd 7.4. > However, the system experienced instablility after long up times. > My main motive to use ZFS was UFS inability to support large > file systems. > > Now, I want to the same thing on 8.3 and wanted to know > your opinion on ZFS stability. Is there any success story using > ZFS in 24x7, large volume, heavy duty servers? Is there any > other option other than ZFS to build larger than 2TB file systems? > > > > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is ZFS production ready?
[...] My one note to the above would be to advise against using it for swap - unless you have enough RAM to make sure you never swap. It doesn't do well in that role, in my experience. (Though that was under a slightly earlier version.) I remember on SXCE running on my test Sun E420r server that ZFS (can't remember if this was in the spec file or not??) would use **any** usable or unpartitioned file system as swap. I maybe totally off-base with this as I was too knew to investigate the issue and was still learning Solaris at the time but all of a sudden a remote mounted external drive would start getting zapped by I/O usage. Of course it couldn't be any user as the only user for those machines was me and I wasn't doing anything on either system. That was quite a weird thing, but happened many years ago so my memory is quite hazy on the specifics of the issue too I do recall running top to see swap usage at a few tens of gigs which was quite funny, of course unmounting the drive dropped the swap back to whatever got allocated by SXCE default. Daniel T. Staal Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Could someone help me with Dovecot AD integration PAM setup?
Hi,
I'm trying to authenticate Dovecot to Active Directory using the
SAMBA/Winbind method and so far my setup seems that everything is
working apart from the Dovecot authentication which I believe I have
traced to PAM.
I can login using an AD account using:
wbinfo -K
# wbinfo -K
Enter 's password:
plaintext kerberos password authentication for [] succeeded
(requesting cctype: FILE)
This is the current Dovecot config:
# cat dovecot.conf
# v1.1:
#auth_ntlm_use_winbind = yes
# v1.2+:
auth_use_winbind = yes
auth_winbind_helper_path = /usr/local/bin/ntlm_auth
protocols = imap
# It's nice to have separate log files for Dovecot. You could do this
# by changing syslog configuration also, but this is easier.
log_path = /var/log/dovecot.log
info_log_path = /var/log/dovecot-info.log
# Disable SSL for now.
ssl = no
disable_plaintext_auth = no
# We're using Maildir format
#mail_location = maildir:~/Maildir
mail_location = mbox:/mail:INBOX=/mail/%u
# If you're using POP3, you'll need this:
#pop3_uidl_format = %g
# Authentication configuration:
auth_verbose = yes
auth_debug = yes
auth_username_format = %n
auth_mechanisms = plain ntlm login
userdb {
driver = static
args = uid=501 gid=501 home=/mail/%u
driver = static
}
passdb {
driver = pam
}
Here is a "test" login attempt:
# telnet localhost 143
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE
IDLE AUTH=PLAIN AUTH=NTLM AUTH=LOGIN] Dovecot ready.
a login
a NO [AUTHENTICATIONFAILED] Authentication failed.
b logout
* BYE Logging out
b OK Logout completed.
- of course the proper credentials were put in.
Here is the details of pam.d/imap:
# cat imap
#
# $FreeBSD: src/etc/pam.d/imap,v 1.7.10.1.6.1 2010/12/21 17:09:25 kensmith Exp $
#
# PAM configuration for the "imap" service
#
# auth
authsufficient pam_winbind.so no_warn
try_first_pass debug
#auth sufficient pam_ssh.so no_warn try_first_pass
authrequiredpam_unix.so no_warn try_first_pass
# account
#accountrequiredpam_nologin.so
account requiredpam_unix.so
#accountrequiredpam_winbind.so
I also attempted a change in pam.d/system:
# cat system
#
# $FreeBSD: src/etc/pam.d/system,v 1.1.32.1.6.1 2010/12/21 17:09:25
kensmith Exp $
#
# System-wide defaults
#
# auth
authsufficient pam_opie.so no_warn no_fake_prompts
authrequisite pam_opieaccess.so no_warn allow_local
authsufficient pam_krb5.so no_warn try_first_pass
#auth sufficient pam_ssh.so no_warn try_first_pass
authrequiredpam_unix.so no_warn
try_first_pass nullok
# account
account requiredpam_krb5.so
account requiredpam_login_access.so
account requiredpam_unix.so
# session
#sessionoptionalpam_ssh.so
session requiredpam_lastlog.so no_fail
# password
passwordsufficient pam_krb5.so no_warn try_first_pass
passwordrequiredpam_unix.so no_warn try_first_pass
Which don't let me login to the Dovecot service :-(
The dovecot.log file shows this:
Jun 20 11:30:40 master: Warning: Killed with signal 15 (by pid=4149
uid=0 code=kill)
Jun 20 11:30:48 auth: Fatal: No passdbs specified in configuration
file. LOGIN mechanism needs one
Jun 20 11:30:48 master: Error: service(auth): command startup failed,
throttling for 2 secs
Jun 20 11:30:59 master: Warning: Killed with signal 15 (by pid=4182
uid=0 code=kill)
Jun 20 11:31:13 auth: Fatal: No passdbs specified in configuration
file. LOGIN mechanism needs one
Jun 20 11:31:13 master: Error: service(auth): command startup failed,
throttling for 2 secs
Jun 20 11:32:38 master: Warning: Killed with signal 15 (by pid=4245
uid=0 code=kill)
Jun 20 11:32:58 imap-login: Warning: Auth connection closed with 1
pending requests (max 0 secs, pid=4265, EOF)
Jun 20 11:32:58 auth: Fatal: master: service(auth): child 4266 killed
with signal 11 (core not dumped - set service auth {
drop_priv_before_exec=yes })
Jun 20 11:46:21 master: Warning: Killed with signal 15 (by pid=4318
uid=0 code=kill)
Jun 20 11:46:42 auth-worker(4340): Error: pam(,127.0.0.1):
pam_authenticate() failed: authentication error (/etc/pam.d/dovecot
missing?)
Jun 20 11:46:55 auth: Error: Got NTLMSSP neg_flags=0xa2088207
Jun 20 11:46:55 auth: Error: Got user=[] domain=[]
workstation=[WKS-42] len1=24 len2=270
Jun 20 11:46:55 auth: Error: Login for user []\[]@[WKS-42]
failed due to [Reading winbind reply failed!]
Jun 20 11:49:47 master: Warning: Killed with signal 15 (by pid=4400
uid=0 code=kill)
Jun 20 11:49:53 auth: Fatal: passdb imap: Missing host parameter
Jun 20 11:49:53 master: Error: service(auth): command startup failed,
t
Re: Omega Zip Drives on FreeBSD 8.*
On Mon, Jun 25, 2012 at 12:17 PM, Jakub Lach wrote: > In the next episode: > > Modern home video with Betamax and LaserDisc ;) > > -- > View this message in context: > http://freebsd.1045724.n5.nabble.com/Omega-Zip-Drives-on-FreeBSD-8-tp5721532p5721678.html > Sent from the freebsd-questions mailing list archive at Nabble.com. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" What's wrong with VHS and Cassette Tape? VHS has superior resolution to HD because it's analog!! :-P :-P :-P ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: How to mirror the FreeBSD OS on two disks
On Wed, Jul 11, 2012 at 10:18 AM, miles kuo wrote: > Hi all, > > I have two SAS disks for the FreeBSD install. I want to install the freeBSD > on one disk and mirror to another disk. Just like the AIX Mirror. > > Any changes will sync between the two disks. And if one disk crashed or > disconnected, the OS could continue running on another disk. > > Does the FreeBSD support the disk mirror? How to implement it? > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" I am no expert at this however a quick Google search comes up with: http://www.freebsd.org/doc/handbook/geom-mirror.html http://people.freebsd.org/~rse/mirror/ Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Is there a way to run FreeBSD ports through port 80?
Hi, I am trying to introduce FreeBSD into my office and it's been looked at with quite a bit of enthusiasm however, what makes it look bad is our companies 'security' policy to block FTP. At present they are running a whole bunch of CentOS based boxes and VM's which of course can be run through port 80 when using YUM. How does one get round this issue as my superiors are telling me that opening up FTP is a security risk and therefor don't want to proceed? I would like to use ports specifically and not the pkg_add tool to get software. Can anyone sugget anything? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske wrote: > > On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote: > >> Hi, >> >> I am trying to introduce FreeBSD into my office and it's been looked >> at with quite a bit of enthusiasm however, what makes it look bad is >> our companies 'security' policy to block FTP. >> >> At present they are running a whole bunch of CentOS based boxes and >> VM's which of course can be run through port 80 when using YUM. >> >> >> How does one get round this issue as my superiors are telling me that >> opening up FTP is a security risk and therefor don't want to proceed? >> >> >> I would like to use ports specifically and not the pkg_add tool to get >> software. >> >> >> Can anyone sugget anything? >> > > env ftp_proxy=host:port > > where is your normal command, such as "fetch". > > For a full list of environment variables you can use,… > > $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strings -n > 7 | grep _proxy > fetch_no_proxy_match > fetch_default_proxy_port > http_proxy > ftp_proxy > no_proxy > > -- > Devin > > _ > The information contained in this message is proprietary and/or confidential. > If you are not the intended recipient, please: (i) delete the message and all > copies; (ii) do not disclose, distribute or use the message in any manner; > and (iii) notify the sender immediately. In addition, please be aware that > any message addressed to our domain is subject to archiving and review by > persons other than the intended recipient. Thank you. Thanks Devin for this however, setenv ftp_proxy ftp://: indicates that FTP is being proxied out. We simply have it banned on a Juniper firewall. So http is being proxied by a web appliance but that's it... nothing else. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On Thu, Jul 12, 2012 at 5:47 PM, Mark Felder wrote: > On Thu, 12 Jul 2012 11:23:29 -0500, Kaya Saman wrote: > >> >> I would like to use ports specifically and not the pkg_add tool to get >> software. > > > Getting the ports tree with csup/cvsup wouldn't use ftp. You could run your > own local mirror (net/cvsup-mirror) as well. > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Yeah, this is a good idea I was actually thinking about this. I've never done it so I'd need to google around a bit and do some testing but it is probably what we would want to do! Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On Thu, Jul 12, 2012 at 6:15 PM, Devin Teske wrote: > > On Jul 12, 2012, at 9:42 AM, Kaya Saman wrote: > >> On Thu, Jul 12, 2012 at 5:33 PM, Devin Teske >> wrote: >>> >>> On Jul 12, 2012, at 9:23 AM, Kaya Saman wrote: >>> >>>> Hi, >>>> >>>> I am trying to introduce FreeBSD into my office and it's been looked >>>> at with quite a bit of enthusiasm however, what makes it look bad is >>>> our companies 'security' policy to block FTP. >>>> >>>> At present they are running a whole bunch of CentOS based boxes and >>>> VM's which of course can be run through port 80 when using YUM. >>>> >>>> >>>> How does one get round this issue as my superiors are telling me that >>>> opening up FTP is a security risk and therefor don't want to proceed? >>>> >>>> >>>> I would like to use ports specifically and not the pkg_add tool to get >>>> software. >>>> >>>> >>>> Can anyone sugget anything? >>>> >>> >>> env ftp_proxy=host:port >>> >>> where is your normal command, such as "fetch". >>> >>> For a full list of environment variables you can use,… >>> >>> $ ldd -f '%p\n' `which fetch` | xargs grep -alr ftp_proxy | xargs strings >>> -n 7 | grep _proxy >>> fetch_no_proxy_match >>> fetch_default_proxy_port >>> http_proxy >>> ftp_proxy >>> no_proxy >>> >>> -- >>> Devin >>> >>> _ >>> The information contained in this message is proprietary and/or >>> confidential. If you are not the intended recipient, please: (i) delete the >>> message and all copies; (ii) do not disclose, distribute or use the message >>> in any manner; and (iii) notify the sender immediately. In addition, please >>> be aware that any message addressed to our domain is subject to archiving >>> and review by persons other than the intended recipient. Thank you. >> >> Thanks Devin for this however, >> >> setenv ftp_proxy ftp://: indicates that FTP is being proxied out. >> >> We simply have it banned on a Juniper firewall. So http is being >> proxied by a web appliance but that's it... nothing else. >> >> > > Yep. It's up to your proxy server whether it's going to handle FTP or only > HTTP (and/or HTTPS). > > I use squid a lot and it handles FTP great. > -- > Devin > > _ > The information contained in this message is proprietary and/or confidential. > If you are not the intended recipient, please: (i) delete the message and all > copies; (ii) do not disclose, distribute or use the message in any manner; > and (iii) notify the sender immediately. In addition, please be aware that > any message addressed to our domain is subject to archiving and review by > persons other than the intended recipient. Thank you. We have an 'appliance' based proxy and as company policy FTP should be restricted, ie. not active on this as it's a security risk. Thats my major issue. I will try the suggested method of: MASTER_SORT_REGEX = ^http for the time being to see if that helps before setting up our own repository. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On Thu, Jul 12, 2012 at 6:41 PM, Wojciech Puchar wrote: >> I am trying to introduce FreeBSD into my office and it's been looked >> at with quite a bit of enthusiasm however, what makes it look bad is >> our companies 'security' policy to block FTP. > > > do you work FOR that company. Ask administrator to unblock if for you as you > need it for work. > > Do you do your private things at worktime? Then stop it. I do infact work for this company and additionally I am one of the administrators of the company. The information comes straight down from the IT director who will **not** change his mind on this as I have asked several times in the past. Basically without getting too distracted and off-topic: I open the ports on the firewall - tomorrow I am not employed anymore ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On Thu, Jul 12, 2012 at 6:41 PM, Peter Vereshagin wrote: > Hello. > > 2012/07/12 13:19:56 -0400 Lowell Gilbert > => To Kaya Saman : > LG> URLs as well as FTP. For ones that aren't, (and assuming the rather > LG> silly security policies won't allow for an external web-based FTP proxy) > LG> you may need to bring them in by offline media. > > I believe there should be the way of using the passive ftp (and any other > protocol) via the HTTP CONNECT method to the ftp (or any other port needed for > other protocol/app) port and then handling the both control and data > connections through the consequent copmmands and data exhange. > > As far as I remember this can be done at least via the http://delegate.org > software, certainly available in the ports collection. > > Kaya, if your http proxy handles HTTP CONNECT to the port 21/ftp this can be > the workaround for you about the freebsd ports requiring ftp download ability. > > Most surprise for me is why no one is interested about what kind of a danger > the ftp protocol can ever be? i. e. skype is much more vicious in comparison > to > ftp and s much harder to be restricted by a packet filter if even possoible. > > -- > Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 > ___ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Thanks Peter for the advise. Our system is totally locked down with hardly any ports open on our NAT, only the necessary ones. I'm not sure if the Proxy would support the HTTP CONNECT as it's an appliance which my superior has control over. I will check it out however and see if that method is best, however CVSup would be the best way for us and I'm already looking at this: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html which should be enough to get a demo up and running. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Setting up a a route in FreeBSD with NAT issues
Hi all, I'm trying to setup a gateway between an internal network using Vbox test machines of which one is a FreeBSD router/gateway. Being familiar with Cisco I know how easy this is to do but I think that I'm struggling a bit with the syntax. My setup is as so: Damn Small Linux (virtual machine) -> (em1) FreeBSD 8.2 (virtual gateway) (em0) ->internal network 10.100.100.2 10.100.100.1 172.16.7.136 172.16.0.0/20 My current configuration within the FreeBSD router looks like so: /etc/rc.conf: gateway_enable="YES" hostname="ROUTER.test.org" ifconfig_em0="inet 172.16.7.136 netmask 255.255.240.0" #em0_nat="NO" ifconfig_em1="inet 10.100.100.1 netmask 255.255.255.192" #em1_nat="YES" inetd_enable="YES" keymap="uk.iso" sshd_enable="YES" defaultrouter="172.16.0.1" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" named_enable="YES" static_routes="net1" route_net1="-net 10.100.100.0/26 0.0.0.0/0" /etc/ipnat.rules: map tun0 10.100.100.0/26 -> 0/0 portmap tcp/udp 1:65000 map tun0 10.100.100.0/26 -> 0/0 The router from DSL is set as 10.100.100.1 and it hits it without any problem... running a traceroute however gives this: ROUTER# ipnat -l List of active MAP/Redirect filters: map tun0 10.100.100.0/26 -> 0.0.0.0/0 portmap tcp/udp 1:65000 map tun0 10.100.100.0/26 -> 0.0.0.0/0 List of active sessions: Something here isn't working and I'm not sure quite what it is :-( Can anyone help??? Thanks Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Setting up a a route in FreeBSD with NAT issues
Ok I've managed to make some headway however it still isn't working properly: /etc/ipnat.rules #map em1 10.100.100.0/26 -> 0.0.0.0/32 portmap tcp/udp 1:65000 map em1 10.100.100.0/26 -> 0.0.0.0/32 map em1 10.100.100.0/26 -> 0.0.0.0/32 auto I then added this addition to the end of the /etc/rc.conf file: static_routes="em0 em1" route_em1="-net 10.100.100.0/26 172.16.0.0/20" route_em0="-net 172.16.0.0 0.0.0.0/0" when I run traceroute on my host now I can see it going through the system however I'm still not sure it's being NAT'd or routed?? ROUTER# ipnat -l List of active MAP/Redirect filters: map em1 10.100.100.0/26 -> 0.0.0.0/32 List of active sessions: MAP 10.100.100.153<- -> 10.100.100.153[10.100.100.2 32772] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Setting up a a route in FreeBSD with NAT issues
Eventually I got this thing to work by adding the following syntax into the config files: /etc/rc.conf: gateway_enable="YES" hostname="ROUTER.test.org <http://ROUTER.test.org>" ifconfig_em0="inet 172.16.7.136 netmask 255.255.240.0" em0_nat="NO" ifconfig_em1="inet 10.100.100.1 netmask 255.255.255.192" em1_nat="YES" inetd_enable="YES" keymap="uk.iso" sshd_enable="YES" defaultrouter="172.16.0.1" ipnat_enable="YES" ipnat_rules="/etc/ipnat.rules" named_enable="YES" #static_routes="em0 em1" #route_em1="-net 10.100.100.0/26 <http://10.100.100.0/26> 172.16.0.0/20 <http://172.16.0.0/20>" #route_em0="-net 172.16.0.0 0.0.0.0/0 <http://0.0.0.0/0>" /etc/ipnat.rules #map em0 0.0.0.0/0 <http://0.0.0.0/0> -> 0/32 proxy port 8080 htto/tcp #map em0 0.0.0.0/0 <http://0.0.0.0/0> -> 0/32 portmap tcp/udp 1:65000 #map em0 0.0.0.0/0 <http://0.0.0.0/0> -> 0/32 #map em0 0.0.0.0/0 <http://0.0.0.0/0> -> 0/32 auto #map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 proxy port 8080 http/tcp #map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 portmap tcp/udp 1:65000 #map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 #map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 auto map em0 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 proxy port 8080 http/tcp map em0 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 portmap tcp/udp 1:65000 map em0 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 map em0 10.100.100.0/26 <http://10.100.100.0/26> -> 0/32 auto The trick was in fact to utilize the external interface within the NAT map file then direct the internal network via the 'gateway of last resort' - default route. The config can be easily adapted and modified from here if anyone is interested in doing something similar or adding extra networks in the middle such as a firewall or proxy Many thanks, Kaya On 03/11/2011 12:34 PM, Kaya Saman wrote: Ok I've managed to make some headway however it still isn't working properly: /etc/ipnat.rules #map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0.0.0.0/32 <http://0.0.0.0/32> portmap tcp/udp 1:65000 map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0.0.0.0/32 <http://0.0.0.0/32> map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0.0.0.0/32 <http://0.0.0.0/32> auto I then added this addition to the end of the /etc/rc.conf file: static_routes="em0 em1" route_em1="-net 10.100.100.0/26 <http://10.100.100.0/26> 172.16.0.0/20 <http://172.16.0.0/20>" route_em0="-net 172.16.0.0 0.0.0.0/0 <http://0.0.0.0/0>" when I run traceroute on my host now I can see it going through the system however I'm still not sure it's being NAT'd or routed?? ROUTER# ipnat -l List of active MAP/Redirect filters: map em1 10.100.100.0/26 <http://10.100.100.0/26> -> 0.0.0.0/32 <http://0.0.0.0/32> List of active sessions: MAP 10.100.100.153 <- -> 10.100.100.153[10.100.100.2 32772] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Strange system lockups - kernel saying disk error
Hi, I have an ancient pre-HT PIV machine with <500MB RAM. The system has an extra PCI->SATA card installed so I can make use of modern high capacity drives. Everything was running fine until round about 2 days ago when the system started locking up on me? Current drive configuration for the system is: 40GB IDE drive as root (ad2) - UFS2 500GB IDE drive for storage (ad3) - EXT3 1TB SATA drive for storage (ad4) - UFS2 750GB SATA drive for storage (ad8) - EXT3 I had an issue with the 750GB drive which the file system seemed to have got corrupted so I powered down and backed the information up to a 2TB SATA drive using ddrescue and the Gentoo Linux based System Rescue CD. I put the 2TB drive in place of the 1TB ad4 drive physically. Once backed up I powered down again and re-installed the 1TB SATA drive into ad4 position on system and completely removed the 2TB backup. When booted back into FreeBSD upon boot I received this error: WARNING: Kernel Errors Present ad4: FAILURE - WRITE_DMA48 status=51 error=4 LBA=1 ...: 1 Time(s) g_vfs_done():ad4e[WRITE(offset=97691456, length=16384)]error = 5 ...: 1 Time(s) The current status of the disks seemed to be ok though: 1 Time(s): ad2: 38166MB at ata1-master UDMA33 1 Time(s): ad2: DMA limited to UDMA33, controller found non-ATA66 cable 1 Time(s): ad3: 476940MB at ata1-slave UDMA33 1 Time(s): ad3: DMA limited to UDMA33, controller found non-ATA66 cable 1 Time(s): ad4: 953869MB at ata2-master SATA150 1 Time(s): ad8: 715404MB at ata4-master SATA150 1 Time(s): agp0: on hostb0 1 Time(s): ata0: on atapci0 1 Time(s): ata0: [ITHREAD] 1 Time(s): ata1: on atapci0 1 Time(s): ata1: [ITHREAD] 1 Time(s): ata2: on atapci1 1 Time(s): ata2: [ITHREAD] 1 Time(s): ata3: on atapci1 1 Time(s): ata3: [ITHREAD] 1 Time(s): ata4: on atapci1 1 Time(s): ata4: [ITHREAD] 1 Time(s): ata5: on atapci1 In order to test if the error was due to disk failure I powered down and disconnected the ad4 and ad3 disks and powered back up. The system still seems to be locking on me and I can't understand why? Through Google'ing a discovered a post by Jeremy Chadwick about these kinds of errors: http://wiki.freebsd.org/JeremyChadwick/ATA_issues_and_troubleshooting however since the system board is pre-SATA is doesn't even have S.M.A.R.T. so I'm totally lost on how to fix this. I mean the best remedy would be to get a new computer and migrate the stored information (something like this is on the way) but currently I don't have access to any of the disks at all and to make matters worse no NTP or DNS server as I was running these services on the same machine or TFTP boot server for my IP phones. - I do run multiboot UNIX on my notebook so Bind9 is naturally installed hence me writing this but I only activate in emergencies. I mean one way I thought of for fixing this would be to grab a USB -> ATA/SATA adapter: http://www.startech.com/product/USB2SATAIDE-USB-20-to-IDE-or-SATA-Adapter-Cable and hook the drives up to both Linux and FreeBSD in my notebook and copy the information across to the new system when it arrives in a few months. Aside from that is there anyway to fix the kernel error quickly? Thanks, Kaya 1 Time(s): ata5: [ITHREAD] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange system lockups - kernel saying disk error
Many thanks for the response! On 06/04/2011 02:00 AM, per...@pluto.rain.com wrote: Kaya Saman wrote: I have an ancient pre-HT PIV machine with<500MB RAM. ... Everything was running fine until round about 2 days ago when the system started locking up on me? ... is there anyway to fix the kernel error quickly? Did you apply any updates shortly before it started to fail? No updates! I did however, install unrar through ports. If not, this is likely to be a hardware problem. I'd suggest checking the power supply and the fans, running memtest86, and taking a close look at the electrolytic filter capacitors on the system board -- the last because it sounds as if this system may be about the right age to have been built with some bad ones. (If any of the capacitors are bulging, either those caps, or the entire board, need to be replaced.) Power and heat problems can cause all sorts of strange symptoms. I guess, I mean I did mention that the system was old and also I've been running in 24/7 online for the past year and half as this box got passed down to me by a family member. It has a Gigabyte system board. Not sure about the capacitors; I'll check. I remember on other boards that went on me in the past with capacitor issues, a bunch of orange stuff starts leaking out of them when they blow up. Also the chassis doesn't have any cooling fans either since it was bought extremely cheaply by the family member but not sure that's the culprit neither power problems as the system has run in high outside ambient temps in the past with no A/C in the room and also was working fine on the PSU installed with the 4 disks. I guess it's hardware related somehow as something's blown up, either the PSU, system board or so.. As I explained in the beginning if there's no clear way to fix the problem easily then I'll wait a bit. - I have a 16 disk Promise DAS on the way and will build a server using a Chenbro industrial rack chassis and Supermicro AMD based 8-12 core system board. These systems will fit better in the 2 racks I have in my living room. This should be a bit more stable and also give me higher capacity too! Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange system lockups - kernel saying disk error
[...] Hmmm Hard drives do not like heat! Check the PSU voltages with a meter, for accuracy and ripple. Failing SMPS's can do all sorts of odd things. Capacitor problems. Been there done that. They can be changed for very low cost, other than your time. DaveB You might guess by know, I know far more about hardware than I do about software, but for the latter to run well, the former must be good. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Many thanks Dave for all the suggestions!!! To be honest I think the drives are fine but the system is just s old including the IDE drives. I mean if I get a SATA/IDE USB adapter I should be able to backup the drives to the new DAS system I will have in place shortly since I am much more in favor of running Nexenta Core 3 OS with ZFS spanning the 16x drives meaning a total of 36TB with 2 internal drives used for logging and caching. Then this system will be obsolete. However, I will keep your suggestion of using *spinwrite* in mind next time I encounter issues! BTW I respect your H/W knowledge that's quite in deep :-) thank you for your insight. with Pipex which is now bust, then I moved out of the UK and now everything is roasting hot> Best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange system lockups - kernel saying disk error
On 06/05/2011 03:48 AM, per...@pluto.rain.com wrote: Kaya Saman wrote: Did you apply any updates shortly before it started to fail? No updates! I did however, install unrar through ports. Intuitively, that seems unlikely to have triggered the problem. This doesn't sound like an issue to me either as it wouldn't touch the kernel or any modules. I remember on other boards that went on me in the past with capacitor issues, a bunch of orange stuff starts leaking out of them when they blow up. A leaking capacitor has surely gone bad, but the syndrome I'm thinking of is more subtle. The top of the can, which should be flat, bulges upward a little bit. Whether replacing bad capacitors qualifies as "quick" depends on how comfortable you are using a soldering iron. It does generally require taking the board out of the case, which may or may not be "quick" or "easy" depending on the case design. I have a degree in Electronic Engineering :-) - though no soldering iron :-( Also the chassis doesn't have any cooling fans either since it was bought extremely cheaply by the family member but not sure that's the culprit neither power problems as the system has run in high outside ambient temps in the past with no A/C in the room and also was working fine on the PSU installed with the 4 disks. Fans that were never there can't have suddenly failed :) Odd that isn't it :-P Power supplies do fail occasionally, and not always in obvious ways such as failing to turn on at all. The output voltages may be a little too high or too low, or they may be correct but with excessive ripple or electrical noise; or the supply may be just fine until a disk draws a current spike to move the arm rapidly. This needs either a voltmeter or oscilloscope to check out the voltages, fluctuations, and ripple. None of those at home :-( It might be worth checking the fan mounted on the CPU heatsink if there is one, and the fan in the power supply (which ventilates the case as well as the power supply itself). CPU fan works - at least it spins, fan in PSU not checked as I'd need to open it as it's a PS/2 design if not mistaken! But all these tips would be useful for a system that was given more value then mine. If I had actually paid for the system and it been quite advanced it would definitely be worth taking everything into account. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: [direct] Re: Strange system lockups - kernel saying disk error
copy. I think I'm indirectly responsible for at least 4 extra sales, not that I get any commission, sadly... Just like the Linux based recovery and self contained AV disks, and also Memtest86, I carry a copy of Spinrite arround with me too. I just wish I could come up with something as successful, and able to continue selling over and over... As for changing mobo caps, it's not dificult, but it sure takes a lot of time and care. Cap's in PSU's too go bad (Usually the Low Voltage ones) again, not dificult to change, but take care. There's often considerable High Voltage stored in some places, that can bite you, and it hurts! Lastly, large slow running fans last the longest, and are nice and quiet too. Just regularly blow the "dust bunnies" out of the systems (two or three time a year?) and keep things like the CPU cooler and PSU clean, and your hardware will work for many years just fine. Oh.. CPU coolers. If your system has the ability to monitor the CPU temperature, get to know how that behaves depending on the software you use. If it starts to slowly rise, but the room temperature is not correspondinlgy warmer, also cleaning the dust from the cooler doenst seem to help. It may need the cooler removing, the old heat transfer compound removing and cleaning, and fresh compound using when you refit the cooler. This issues seems worse with the earlier single core P4's, that had a very small contact area to the cooler. At least Intel chips just slow down as they get hotter (cycle skipping) so as not to burn out. Some AMD's will destroy themselves if the cooler fails!...There is a YouTube video somewhere, showing a PC with an Intel CPU with no cooler getting slower and slower till it almost stops. I hope you get things sorted out, one way or another. Life is so much nicer if you don't have to keep messing with the blessed things! I have a sick Land Rover to fix too. Gearbox rear oil seal, also rear drive shaft UJ's. At least I can use big hammers on that sometimes... (Therapy!) Oh, the grass needs cutting, and I'm now also under instruction to change the bed, when the cat's finished sleeping on it!!! Best Regards. Dave B. On 4 Jun 2011 at 21:35, Kaya Saman wrote: Subject:Re: Strange system lockups - kernel saying disk error [...] Hmmm Hard drives do not like heat! Check the PSU voltages with a meter, for accuracy and ripple. Failing SMPS's can do all sorts of odd things. Capacitor problems. Been there done that. They can be changed for very low cost, other than your time. DaveB You might guess by know, I know far more about hardware than I do about software, but for the latter to run well, the former must be good. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Many thanks Dave for all the suggestions!!! To be honest I think the drives are fine but the system is just s old including the IDE drives. I mean if I get a SATA/IDE USB adapter I should be able to backup the drives to the new DAS system I will have in place shortly since I am much more in favor of running Nexenta Core 3 OS with ZFS spanning the 16x drives meaning a total of 36TB with 2 internal drives used for logging and caching. Then this system will be obsolete. However, I will keep your suggestion of using spinwrite in mind next time I encounter issues! BTW I respect your H/W knowledge that's quite in deep :-) thank you for your insight. Best regards, Kaya __ NOD32 6175 (20110602) Information __ This message was checked by NOD32 antivirus system. http://www.eset.com ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Thanks Dave for this very graphic and insightful story :-) It was a pleasure to read and a nice display of how experience really does prevail over things!!! I liked the radio chart on the site provided :-) - what exactly is it measuring? Background noise? I think not having a UPS for over a year killed me with the power cutting out almost every weekend for 10 - 20 minutes/night. Now I have UPS, 2x 1500KVA APC systems... nice but need the network and temp monitoring cards. Need plenty of £££ for that! Plus the new server I am intending to build as the DAS box already cost $2000. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Strange system lockups - kernel saying disk error
[...] PS: I don't suppose anyone knows a real good simple blow by blow total newby dialog, as to how to realiably and correctly create and setup Jails on FreeBSD 8.0? All the man pages I've found so far, are way over my head. Good "Reference" material admittedly, but no good as an instructional if you dont already know "How To"... I don't understand ezjail either... Something to do with the faded grey cell and too many years etc... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" http://wiki.optiplex-networks.com/xwiki/bin/view/FreeBSD/Jails Still a work in progress and running from a VM in a laptop on an ADSL line but it does the job :-) Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Sorry. Numpty alert! FreeBSD Jails... Help?
Hi guys, just as I've been helping out already I did actually have this lot in my Wiki: http://wiki.optiplex-networks.com/xwiki/bin/view/FreeBSD/Installing_FreeBSD [quote] Please take note however that the *Buildworld* environment needs to have *all sources* installed into the system in order to compile and build. This however should really only affect people who wish to use *FreeBSD Jails* as standard non-Jail configured systems will run fine with the default selection above. [/quote Which is exactly the same as Andy has just mentioned below. The rest of the procedure then is pretty trivial I think Dave is getting confused about how to use the sysintall software which I did at first too a few years back when I started with FreeBSD but now that I am used to it, I don't suffer any more. The next release of FreeBSD won't have that any more from what I recall reading and will change to something else? - Correct me if wrong... Regards, --K On 06/08/2011 12:05 AM, a.sm...@ukgrid.net wrote: Hi Dave, I didn't find it total plain sailing myself when I did this for the first time a few months back. Ok, so I think you are sitting in "/usr/src" trying to run the make buildworld right? If you are getting the error you mentioned then I think it means you are missing the Makefile? Ie if you do an ls there is no file called "Makefile". In that case you need to install it, which if via sysinstall you need to go: Configure Distributions src base (this has the Makefile) then select ok, and choose FTP etc etc, If you have the other sources already then you should be good to go, cheers Andy. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Syslog server not logging remote machines to file?
Hi,
I've got a really strange problem which seems to either be a bug with
the syslog server service or perhaps because I'm running jails on my
system.
I can log my router syslog information but somehow the syslog server
doesn't put the information into the designated file; which should be
/var/log/cisco857w.log???
This is the syslog definition in my /etc/rc.conf file:
{
syslogd_enable="YES"
#syslog_flags=""
syslogd_flags="-d -b 192.168.1.120 -a 192.168.1.1/24:* -vv -C"
}
Additionally here is my /etc/syslog.conf file:
{
# $FreeBSD: src/etc/syslog.conf,v 1.30.2.1.2.1 2009/10/25 01:10:29
kensmith Exp $
#
#Spaces ARE valid field separators in this file. However,
#other *nix-like systems still insist on using tabs as field
#separators. If you are sharing this file between systems, you
#may want to use only tabs as field separators here.
#Consult the syslog.conf(5) manpage.
#+server.domain
*.err;kern.warning;auth.notice;mail.crit/dev/console
*.notice;local7.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages
security.*/var/log/security
auth.info;authpriv.info/var/log/auth.log
mail.info/var/log/maillog
lpr.info/var/log/lpd-errs
ftp.info/var/log/xferlog
cron.*/var/log/cron
*.=debug/var/log/debug.log
*.emerg*
# uncomment this to log all writes to /dev/console to /var/log/console.log
#console.info/var/log/console.log
# uncomment this to enable logging of all log messages to /var/log/all.log
# touch /var/log/all.log and chmod it to mode 600 before it will work
#*.*/var/log/all.log
# uncomment this to enable logging to a remote loghost named loghost
#*.*@loghost
# uncomment these if you're running inn
# news.crit/var/log/news/news.crit
# news.err/var/log/news/news.err
# news.notice/var/log/news/news.notice
!ppp
*.*/var/log/ppp.log
!*
+192.168.1.1
*.*/var/log/cisco857w.log
#local7.* /var/log/cisco857w.log
#!*
#+172.16.0.1
#*.*
}
uname -a shows this:
{
# uname -a
FreeBSD server.domain 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21
15:02:08 UTC 2009
r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
}
The odd thing about this is that I did the same thing on a non-jailed
32bit machine running FreeBSD 8.x and the system worked fine.
In my research for the problem I have covered this material:
{
http://www.freebsd.org/doc/handbook/network-syslogd.html
http://forums.devshed.com/bsd-help-31/remote-syslog-question-router-to-freebsd-118652.html
http://www.freebsd.org/doc/handbook/network-syslogd.html
http://www.daemonforums.org/showthread.php?t=2968
http://bsd.dischaos.com/2009/02/25/logging-cisco-ios-messages-to-external-freebsd-syslog/
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2007-02/msg00384.html
http://plone.lucidsolutions.co.nz/networking/cisco/ios/logging-to-a-syslog-or-rsyslog-host-from-cisco-ios
http://lists.nycbug.org/pipermail/talk/2007-April/010091.html
http://www.freebsdonline.com/content/view/527/506/
}
They all seem to say more or less the same thing that either putting the:
{
+192.168.1.1
*.*/var/log/cisco857w.log
or
local7.* /var/log/cisco857w.log
}
statements either at the top of the file or changing the syntax slightly
using a + between machines should do the trick; however, non of the
things I tried have worked from any of the material mentioned above!
Here is my debug information:
{
# tcpdump -tlnvv -i em0 port 514
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96
bytes
IP (tos 0x0, ttl 255, id 337, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10040: 010027: Nov 19 10:28:04.322: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 338, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10041: 010028: Nov 19 10:28:04.326: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 339, offset 0, flags [none], proto UDP (17),
length 142)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114
Facility local7 (23), Severity notice (5)
Msg: 10042: 010029: Nov 19 10:28:04.770: %SYS-5-CONFIG[|syslog]
IP (tos 0x0, ttl 255, id 340, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10043: 010030: Nov 19 10:30:30.672: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 341, offset 0, flags [none], proto
Re: Syslog server not logging remote machines to file?
On 11/19/2011 05:21 PM, Robert Bonomi wrote: Kaya Saman wrote: Hi, I've got a really strange problem which seems to either be a bug with the syslog server service or perhaps because I'm running jails on my system. I can log my router syslog information but somehow the syslog server doesn't put the information into the designated file; which should be /var/log/cisco857w.log??? The -usual- 'gotcha' for this situation is that you have to _create_ the file FIRST, and then tell syslogd to reload it's configuration. (i.e. 'kill -HUP' the PID for syslogd) That's ok, however due to me running syslogd in debug mode anyway - ctrl + c should do that anyway. I performed a: ps aux | grep syslog with no result other then my 'grepping' displayed. Meaning that the syslog daemon should have reloaded right? - I mean it's standard for everything else which works in that way! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Syslog server not logging remote machines to file?
On 11/19/2011 06:52 PM, Robert Bonomi wrote:
From kayasa...@gmail.com Sat Nov 19 09:33:08 2011
Date: Sat, 19 Nov 2011 17:31:50 +0200
From: Kaya Saman
To: Robert Bonomi
CC: freebsd-questions@freebsd.org
Subject: Re: Syslog server not logging remote machines to file?
On 11/19/2011 05:21 PM, Robert Bonomi wrote:
Kaya Saman wrote:
Hi,
I've got a really strange problem which seems to either be a bug with
the syslog server service or perhaps because I'm running jails on my
system.
I can log my router syslog information but somehow the syslog server
doesn't put the information into the designated file; which should be
/var/log/cisco857w.log???
The -usual- 'gotcha' for this situation is that you have to _create_ the
file FIRST, and then tell syslogd to reload it's configuration. (i.e.
'kill -HUP' the PID for syslogd)
That's ok, however due to me running syslogd in debug mode anyway - ctrl
+ c should do that anyway. I performed a: ps aux | grep syslog with
no result other then my 'grepping' displayed.
Meaning that the syslog daemon should have reloaded right? - I mean it's
standard for everything else which works in that way!
Well if ps -aux doesn't show any syslogd entry, then syslogd is -not-
running -- which would explain why it's not logging anything to the file :)
If you're stopping and restarting syslogd, then, yes, that causes it to
re-read the configuration.
This begs the question, however, *DOES* that file exist? syslog does _not_
_create_ a missing logfile, just because it is mentioned in the syslog.conf
file.
g
Robert,
I can assure that syslogd is running, hence the logging posted within my
first email to the list. When run with the -d and -vv flags set in
/etc/rc.conf I need to use ctrl +c to break out of it as it logs
directly to the tty.
Just to go over it again, output from syslogd with -d and -vv flags set
running in debug mode shows:
{
logmsg: pri 56, flags 4, from Server, msg syslogd: restart
syslogd: restarted
logmsg: pri 6, flags 4, from Server, msg syslogd: kernel boot file is
/boot/kernel/kernel
Logging to FILE /var/log/messages
syslogd: kernel boot file is /boot/kernel/kernel
logmsg: pri 166, flags 17, from Server, msg Nov 19 12:33:34
Server syslogd: exiting on signal 2
cvthname(192.168.1.1)
validate: dgram from IP 192.168.1.1, port 59189, name router.domain;
accepted in rule 0.
logmsg: pri 275, flags 0, from cisco857w, msg 10048: 010035: Nov 19
10:33:48.037: %SYS-5-CONFIG_I: Configured from console by admin on vty0
(192.168.1.120)
}
The file is mentioned in syslogd config and seems to be loaded within
the configuration:
{
cfline("*.*/var/log/cisco857w.log", f, "*",
"+192.168.1.1")
7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FILE:
/var/log/cisco857w.log
}
The file *has* been created also under /var/log/ dir however self
creation is possible using the -C flag within /etc/rc.conf file; and
give 'appropriate' permission 600:
{
# ls -l /var/log | grep cisco857
-rw--- 1 root wheel 0 Nov 18 16:32 cisco857w.log
}
So after all this looks {**perfect**} what can this mysterious problem be??
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Syslog server not logging remote machines to file?
cvthname(192.168.1.1)
validate: dgram from IP 192.168.1.1, port 59189, name router.domain;
accepted in rule 0.
logmsg: pri 275, flags 0, from cisco857w, msg 10048: 010035: Nov 19
10:33:48.037: %SYS-5-CONFIG_I: Configured from console by admin on vty0
(192.168.1.120)
If we take the 'priority' of that message at face value,
it is a facility value of 34
and a logging priority of 3
On the machines I have access to, facility values stop at _24_.
The message may be being discarded because of a 'nonsense' priority.
I changed the 'facility' value within the IOS itself to kernel:
(config)#logging facility kern
- and now the generated message shows this:
accepted in rule 0.
logmsg: pri 15, flags 0, from cisco857w, msg 10146: 010133: Nov 19
23:05:54.538: %SYS-5-CONFIG_I: Configured from console by admin on vty0
(192.168.0.53
still not logging to file though :-( ??
The file is mentioned in syslogd config and seems to be loaded within
the configuration:
{
cfline("*.*/var/log/cisco857w.log", f, "*",
"+192.168.1.1")
7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FILE:
/var/log/cisco857w.log
_THAT_ lookks like only _24_ known 'facility' values.
# ls -l /var/log | grep cisco857
-rw--- 1 root wheel 0 Nov 18 16:32 cisco857w.log
And, I presume that when you are invoking syslogd in 'debug' mode, you
are running as superuser.
Yep, that is correct! Am using: su -
So after all this looks {**perfect**} what can this mysterious problem be??
I'm _guessing_ that the apparent 'facility' value of 34 is a good candidate.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Alternative to syslogd that actually writes external logs to files?
Hi, I would like to know if there's a syslog alternative out there that will actually write my network equipments' logs to files. After having major issues with syslogd and attempting a thorough debug of which I posted to this mailing list and wasn't able to fix even with more experienced peoples help I am now looking for an alternative! My issue with syslogd was the fact that the logging information would be sent to my system and that could evidently be seen, however, the software didn't write to the log file specified for whatever reason :-( During debug I started syslogd using the -d and -vv options, checked the log file in question was created and had correct permission. Everything seemed fine but nothing even tried to write to file. Basically I am looking for just something that will write all my external logs to file and can keep syslogd for the system specific logs as that's no problem. Since at the time I was using FreeBSD 8.0 CURRENT x64, I upgraded to 8.2 on the basis that my system and hence ports collection was out-of-date; but unfortunately the update didn't solve my issues regarding syslog. - which is way odd considering I had FreeBSD 8.1 or 8.2 x86 edition running on an old (now packed-up) PIV which did my logging without any issues. - The current setup is the same except for the fact that am running Jails and am on a 64bit platform. Can anybody suggest anything? Thanks! ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Alternative to syslogd that actually writes external logs to files?
[...snip...]
Properly configured, syslogd will log remotely. However something
like sysutils/rsyslog may fit your requirements better.
--
Adam Vande More
Thanks for that. I have tested rsyslog which is backwards compatible
with syslog but again something failed with that in order to write to
the created logfile???
Here is my config just incase something hinky can be seen; although have
already posted it (with minimal responses) in a heading: Syslog server
not logging remote machines to file? {basically please don't lynch me
for double posting!!}
/etc/rc.conf
syslogd_enable="YES"
syslog_flags=""
syslogd_flags="-b 192.168.1.120 -a 192.168.1.1/24:* -C"
#syslogd_flags="-d -b 192.168.1.120 -a 192.168.1.1/24:* -vv -C"
#syslogd_flags="-c"
#rsyslogd_enable="YES"
#rsyslogd_pidfile="/var/run/syslog.pid"
#rsyslogd_config="/etc/syslog.conf"
#rsyslogd_klog_enable="YES"
#rsyslogd_flags="-d"
The extra addition to /etc/syslog.conf under the ppp statement
!*
+192.168.1.1
*.*/var/log/cisco857w.log
Debug from tcpdump:
# tcpdump -tlnvv -i em0 port 514
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96
bytes
IP (tos 0x0, ttl 255, id 337, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10040: 010027: Nov 19 10:28:04.322: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 338, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10041: 010028: Nov 19 10:28:04.326: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 339, offset 0, flags [none], proto UDP (17),
length 142)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114
Facility local7 (23), Severity notice (5)
Msg: 10042: 010029: Nov 19 10:28:04.770: %SYS-5-CONFIG[|syslog]
IP (tos 0x0, ttl 255, id 340, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10043: 010030: Nov 19 10:30:30.672: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 341, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10044: 010031: Nov 19 10:30:30.672: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 342, offset 0, flags [none], proto UDP (17),
length 189)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 161
Facility local7 (23), Severity info (6)
Msg: 10045: 010032: Nov 19 10:30:36.455: %DOT11-6-ASSO[|syslog]
IP (tos 0x0, ttl 255, id 343, offset 0, flags [none], proto UDP (17),
length 203)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 175
Facility local7 (23), Severity info (6)
Msg: 10046: 010033: Nov 19 10:30:47.643: %DOT11-6-DISA[|syslog]
Debug from syslogd:
# /etc/rc.d/syslogd restart
syslogd not running? (check /var/run/syslog.pid).
Starting syslogd.
allowaddr: rule 0: numeric, addr = 192.168.1.0, mask = 255.255.255.0;
port = 0
listening on inet and/or inet6 socket
sending on inet and/or inet6 socket
off & running
init
cfline("*.err;kern.warning;auth.notice;mail.crit/dev/console",
f, "*", "+Server.domain")
cfline("*.notice;local7.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages", f, "*", "+Server.domain")
cfline("security.*/var/log/security", f, "*",
"+Server.domain")
cfline("auth.info;authpriv.info/var/log/auth.log", f,
"*", "+Server.domain")
cfline("mail.info/var/log/maillog", f, "*",
"+Server.domain")
cfline("lpr.info/var/log/lpd-errs", f, "*",
"+Server.domain")
cfline("ftp.info/var/log/xferlog", f, "*",
"+Server.domain")
cfline("cron.*/var/log/cron", f, "*",
"+Server.domain")
cfline("*.=debug/var/log/debug.log", f, "*",
"+Server.domain")
cfline("*.emerg*", f, "*", "+Server.domain")
cfline("*.*/var/log/ppp.log", f, "ppp",
"+Server.domain")
cfline("*.*/var/log/cisco857w.log", f, "*",
"+192.168.1.1")
4 3 2 3 5 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X CONSOLE: /dev/console
7 5 2 5 5 5 6 3 5 5 X 5 5 5 5 5 5 5 5 5 5 5 5 X X FILE: /var/log/messages
X X X X X X X X X X X X X 7 X X X X X X X X X X X FILE: /var/log/security
X X X X 6 X X X X X 6 X X X X X X X X X X X X X X FILE: /var/log/auth.log
X X 6 X X X X X X X X X X X X X X X X X X X X X X FILE: /var/log/maillog
X X X X X X 6 X X X X X X X X X X X X X X X X X X FILE: /var/log/lpd-errs
X X X X X X X X X X X 6 X X X X X X X X X X X X X FILE: /var/log/xferlog
X X X X X X X X X 7 X X X X X X X X X X X X X X X FILE: /var/log/cron
7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 X FILE: /var/l
Re: Alternative to syslogd that actually writes external logs to files?
On 11/28/2011 08:58 PM, Damien Fleuriot wrote: On 11/28/11 7:09 PM, Kaya Saman wrote: [...snip...] Properly configured, syslogd will log remotely. However something like sysutils/rsyslog may fit your requirements better. -- Adam Vande More Thanks for that. I have tested rsyslog which is backwards compatible with syslog but again something failed with that in order to write to the created logfile??? We have absolutely no problems whatsoever with rsyslogd here. It runs on our FreeBSD firewall boxes and logs both to local files and a remote server running rsyslogd on debian. Additionally and in reply to your need to track what happens on your network, I very highly recommend Observium which we have been running for over 18 months now and which I use on an almost daily basis. http://www.observium.org/wiki/Main_Page The icing on the cake is that you'll be able to export your logs to Observium directly. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Thanks for the vote of confidence! I have set syslogd to run on the loopback and rsyslogd to run on the local IP address. Here is my config file for rsyslog: $ModLoad immark.so # provides --MARK-- message capability $ModLoad imuxsock.so # provides support for local system logging $ModLoad imklog.so # kernel logging $ModLoad imudp $UDPServerAddress 192.168.1.120 $UDPServerRun 514 $RuleSet Cisco857w #:msg, contains, "192.168.1.1"/var/log/cisco857w.log :fromhost-ip, isequal, "192.168.1.1"/var/log/cisco857w.log According to the rule anything coming in from 192.168.1.1 should be logged to /var/log/cisco857.log From rsyslog debug mode I was able to find that the rule was in place and should be performing properly: 0302.998028819:800c041c0: ruleset 0x800c2b0a0: rsyslog ruleset Cisco857w: 0302.998046140:800c041c0: rule 0x800c14d80: rsyslog rule: 0302.998058991:800c041c0: PROPERTY-BASED Filter: 0302.998070165:800c041c0: Property.: 'fromhost-ip' 0302.998080781:800c041c0: Operation: 'isequal' 0302.998099499:800c041c0: Value: '192.168.1.1' 0302.998109835:800c041c0: Action...: Actions: 0302.998127435:800c041c0: builtin-file: /var/log/cisco857w.log 0302.998143918:800c041c0: template='/var/log/cisco857w.log' 0302.998153696:800c041c0: use async writer=0 0302.998165150:800c041c0: flush on TX end=1 0302.998175766:800c041c0: flush interval=1 0302.998186661:800c041c0: file cache size=10 0302.998198115:800c041c0: create directories: yes 0302.998208451:800c041c0: file owner 0, group 0 0302.998218788:800c041c0: force chown() for all files: no 0302.998229683:800c041c0: directory owner 0, group 0 0302.998240020:800c041c0: dir create mode 0700, file create mode 0644 0302.998254267:800c041c0: fail if owner/group can not be set: no However, when using tcpdump it shows that rsyslog is infact receiving information but still unfortunately not logging to file??? # tcpdump -tlnvv -i em0 port 514 tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes IP (tos 0x0, ttl 255, id 1875, offset 0, flags [none], proto UDP (17), length 142) 192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114 Facility local7 (23), Severity notice (5) Msg: 11578: 011565: Nov 28 23:34:19.475: %SYS-5-CONFIG[|syslog] File permissions are correct as I got rsyslog to create the file from scratch... What am I missing here? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Alternative to syslogd that actually writes external logs to files?
On 11/29/2011 01:50 AM, Jon Radel wrote: On 11/28/11 6:42 PM, Kaya Saman wrote: However, when using tcpdump it shows that rsyslog is infact receiving information but still unfortunately not logging to file??? # tcpdump -tlnvv -i em0 port 514 tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size 96 bytes IP (tos 0x0, ttl 255, id 1875, offset 0, flags [none], proto UDP (17), length 142) 192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114 Facility local7 (23), Severity notice (5) Msg: 11578: 011565: Nov 28 23:34:19.475: %SYS-5-CONFIG[|syslog] File permissions are correct as I got rsyslog to create the file from scratch... What am I missing here? Have you tried with all firewalling on the machine turned off? [My apologies if this has been covered earlier in the thread and I missed it.] --Jon Radel j...@radel.com Yep! I don't actually run any rules on the firewall even though PF is enabled. it's just meant for fail2ban though. However, disabled PF but still not working :-( ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Alternative to syslogd that actually writes external logs to files?
On 11/29/2011 03:13 AM, Adam Vande More wrote: On Mon, Nov 28, 2011 at 6:08 PM, Kaya Saman <mailto:kayasa...@gmail.com>> wrote: Yep! I don't actually run any rules on the firewall even though PF is enabled. it's just meant for fail2ban though. However, disabled PF but still not working :-( Can you at least make a connection from the sending to receiving host/port via telnet? -- Adam Vande More As you know rsyslog works over udp and telnet is a tcp protocol so I enabled tcp on port 514 within rsyslog and telnet'ed from my router to the syslog server. No problems!!! It works. Also netstat -anp tcp/udp | grep 514 shows the server listening on the em0 interface with correct IP which isn't a problem additionally. ??? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Alternative to syslogd that actually writes external logs to files?
On 11/29/2011 04:18 AM, Fbsd8 wrote:
Kaya Saman wrote:
[...snip...]
Properly configured, syslogd will log remotely. However something
like sysutils/rsyslog may fit your requirements better.
--
Adam Vande More
Thanks for that. I have tested rsyslog which is backwards compatible
with syslog but again something failed with that in order to write to
the created logfile???
Here is my config just incase something hinky can be seen; although
have already posted it (with minimal responses) in a heading: Syslog
server not logging remote machines to file? {basically please don't
lynch me for double posting!!}
/etc/rc.conf
syslogd_enable="YES"
syslog_flags=""
syslogd_flags="-b 192.168.1.120 -a 192.168.1.1/24:* -C"
#syslogd_flags="-d -b 192.168.1.120 -a 192.168.1.1/24:* -vv -C"
#syslogd_flags="-c"
#rsyslogd_enable="YES"
#rsyslogd_pidfile="/var/run/syslog.pid"
#rsyslogd_config="/etc/syslog.conf"
#rsyslogd_klog_enable="YES"
#rsyslogd_flags="-d"
The extra addition to /etc/syslog.conf under the ppp statement
!*
+192.168.1.1
*.*/var/log/cisco857w.log
Debug from tcpdump:
# tcpdump -tlnvv -i em0 port 514
tcpdump: listening on em0, link-type EN10MB (Ethernet), capture size
96 bytes
IP (tos 0x0, ttl 255, id 337, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10040: 010027: Nov 19 10:28:04.322: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 338, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10041: 010028: Nov 19 10:28:04.326: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 339, offset 0, flags [none], proto UDP (17),
length 142)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 114
Facility local7 (23), Severity notice (5)
Msg: 10042: 010029: Nov 19 10:28:04.770: %SYS-5-CONFIG[|syslog]
IP (tos 0x0, ttl 255, id 340, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10043: 010030: Nov 19 10:30:30.672: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 341, offset 0, flags [none], proto UDP (17),
length 122)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 94
Facility local7 (23), Severity debug (7)
Msg: 10044: 010031: Nov 19 10:30:30.672: ISAKMP:(0): S[|syslog]
IP (tos 0x0, ttl 255, id 342, offset 0, flags [none], proto UDP (17),
length 189)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 161
Facility local7 (23), Severity info (6)
Msg: 10045: 010032: Nov 19 10:30:36.455: %DOT11-6-ASSO[|syslog]
IP (tos 0x0, ttl 255, id 343, offset 0, flags [none], proto UDP (17),
length 203)
192.168.1.1.59189 > 192.168.1.120.514: SYSLOG, length: 175
Facility local7 (23), Severity info (6)
Msg: 10046: 010033: Nov 19 10:30:47.643: %DOT11-6-DISA[|syslog]
Debug from syslogd:
# /etc/rc.d/syslogd restart
syslogd not running? (check /var/run/syslog.pid).
Starting syslogd.
allowaddr: rule 0: numeric, addr = 192.168.1.0, mask = 255.255.255.0;
port = 0
listening on inet and/or inet6 socket
sending on inet and/or inet6 socket
off & running
init
cfline("*.err;kern.warning;auth.notice;mail.crit
/dev/console", f, "*", "+Server.domain")
cfline("*.notice;local7.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err
/var/log/messages", f, "*", "+Server.domain")
cfline("security.*/var/log/security", f, "*",
"+Server.domain")
cfline("auth.info;authpriv.info/var/log/auth.log", f,
"*", "+Server.domain")
cfline("mail.info/var/log/maillog", f, "*",
"+Server.domain")
cfline("lpr.info/var/log/lpd-errs", f, "*",
"+Server.domain")
cfline("ftp.info/var/log/xferlog", f, "*",
"+Server.domain")
cfline("cron.*/var/log/cron", f, "*",
"+Server.domain")
cfline("*.=debug/var/log/debug.log", f, "*",
"+Server.domain")
cfline("*.emerg*", f, "*", "+Server.domain")
cfline("*.*/var/log/ppp.log", f, "ppp",
"+Server.domain")
cfline("*.*/var/log/cisco857w.log", f, "*",
"+192.168.1.1")
4 3 2 3 5 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 3 X CONSOLE: /dev/console
7 5 2 5 5 5 6 3 5 5 X
Re: Alternative to syslogd that actually writes external logs to files?
On 11/29/2011 12:29 PM, Matthew Seaman wrote: On 29/11/2011 01:28, Kaya Saman wrote: As you know rsyslog works over udp and telnet is a tcp protocol so I enabled tcp on port 514 within rsyslog and telnet'ed from my router to the syslog server. Use netcat to test UDP connectivity -- it's in the base system as nc(1): % nc -v -u 192.0.2.1 514 Cheers, Matthew I get this result: nc -v -u 192.168.1.120 514 Connection to 192.168.1.120 514 port [udp/syslog] succeeded! I'm not sure though if I should be getting any of the syslog messages that my router is sending to the rsyslog daemon though? I have tried but nothing displays on the server tty. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Having problems running shell script from crontab
Hi, I wrote a shell script to detect if the port of tomcat was in use or not then restart if the port wasn't online; due to tomcat segfaulting as my system hasn't got enough memory for it. This is the shell script: #!/usr/local/bin/bash ntstat=`netstat -ap tcp | grep 8180 | sed -n '1p'` port="8180" #echo $ntstat #echo $port if [[ $ntstat =~ $port ]]; then echo "Output of Netstat command $ntstat port number $port" > /root/java_restart/java_restart.log; else wait 60; /usr/local/etc/rc.d/tomcat6 restart; fi Here in /var/log/cron - it can be seen that the script has been executed: Jan 7 10:30:00 wiki /usr/sbin/cron[19509]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 11:00:00 wiki /usr/sbin/cron[20418]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 11:30:00 wiki /usr/sbin/cron[21356]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 12:00:00 wiki /usr/sbin/cron[22455]: (root) CMD (/root/java_restart/java_restart.sh) The strange thing is that if I run this script manually /root/java_restart/java_restart.sh it works fine and does what it's supposed to do. Cron however seems to execute the IF statement but not get as far as else??? - it seems as tomcat doesn't restart. Here is my little log file that tells the port is active: -rw-r--r-- 1 root wheel 116 Jan 7 11:30 java_restart.log If I stop tomcat just before the xx:00 or xx:30 time designations tomcat will not be restarted by the script and I don't understand why? This is the crontab: 0,30 * * * * /root/java_restart/java_restart.sh which is being run as root user. Can anyone suggest anything that might be a possible cause for tomcat not getting restarted automatically when the proper conditions are met? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Having problems running shell script from crontab
On 01/07/2012 03:05 PM, Yuri Pankov wrote: On Sat, Jan 07, 2012 at 02:21:51PM +0200, Kaya Saman wrote: Hi, I wrote a shell script to detect if the port of tomcat was in use or not then restart if the port wasn't online; due to tomcat segfaulting as my system hasn't got enough memory for it. This is the shell script: #!/usr/local/bin/bash ntstat=`netstat -ap tcp | grep 8180 | sed -n '1p'` sockstat would be more useful here. So if I adapted to: ntstat=`sockstat | grep java` port="java" (keeping the same variables in order to limit change - even though minimal) then compared in my IF statement below that would have the same result? I've never used sockstat although just peeked at the manual quickly now: http://www.freebsd.org/cgi/man.cgi?query=sockstat&sektion=1 port="8180" #echo $ntstat #echo $port if [[ $ntstat =~ $port ]]; then echo "Output of Netstat command $ntstat port number $port"> /root/java_restart/java_restart.log; else wait 60; /usr/local/etc/rc.d/tomcat6 restart; Are you sure you want 'wait' here (or should it be 'sleep')? It was sleep that I wanted - thanks! :-) Sorry my shell scripting skills are really iffy at best. fi Here in /var/log/cron - it can be seen that the script has been executed: Jan 7 10:30:00 wiki /usr/sbin/cron[19509]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 11:00:00 wiki /usr/sbin/cron[20418]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 11:30:00 wiki /usr/sbin/cron[21356]: (root) CMD (/root/java_restart/java_restart.sh) Jan 7 12:00:00 wiki /usr/sbin/cron[22455]: (root) CMD (/root/java_restart/java_restart.sh) The strange thing is that if I run this script manually /root/java_restart/java_restart.sh it works fine and does what it's supposed to do. Cron however seems to execute the IF statement but not get as far as else??? - it seems as tomcat doesn't restart. Here is my little log file that tells the port is active: -rw-r--r-- 1 root wheel 116 Jan 7 11:30 java_restart.log If I stop tomcat just before the xx:00 or xx:30 time designations tomcat will not be restarted by the script and I don't understand why? This is the crontab: 0,30 * * * * /root/java_restart/java_restart.sh Try changing it to /usr/local/bin/bash /root/java_restart/java_restart.sh. Ok adapted the crontab let's see what happens now. which is being run as root user. Can anyone suggest anything that might be a possible cause for tomcat not getting restarted automatically when the proper conditions are met? Yuri Thanks Yuri :-) Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Having problems running shell script from crontab
On 01/07/2012 03:22 PM, RW wrote: On Sat, 07 Jan 2012 14:21:51 +0200 Kaya Saman wrote: The strange thing is that if I run this script manually /root/java_restart/java_restart.sh it works fine and does what it's supposed to do. The commonest reason for scripts that that work from a terminal failing under cron is that the environment isn't set-up correctly. Usually it's PATH that's missing or incomplete. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Would it be possible to elaborate? I just fixed my script by altering some parts to Yuri's suggestions: #!/usr/local/bin/bash ntstat=`netstat -ap tcp | grep 8180 | sed -n '1p'` port="8180" #echo $ntstat #echo $port if [[ $ntstat =~ $port ]]; then echo "Output of Netstat command $ntstat port number $port" > /root/java_restart/java_restart.log; else sleep 60; /usr/local/etc/rc.d/tomcat6 restart; fi with crontab now looking like so: 0,30 * * * * /usr/local/bin/bash /root/java_restart/java_restart.sh Sleep works fine but tomcat still isn't getting restarted.. In terms of paths this is what I'm doing: I'm in a FreeBSD jail logged in by - #jexec tcsh which gets me in as root. Crontab is being run as root so paths should be the same no? Hmm. am puzzled! Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Having problems running shell script from crontab
On 01/07/2012 03:57 PM, RW wrote: On Sat, 07 Jan 2012 15:37:49 +0200 Kaya Saman wrote: n terms of paths this is what I'm doing: I'm in a FreeBSD jail logged in by - #jexec tcsh which gets me in as root. Crontab is being run as root so paths should be the same no? PATH is set at the top of /etc/crontab ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Ok, sorry for being slow but I still don't understand how the PATH variable is connected to restarting tomcat? This is the default PATH in /etc/crontab: PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin but where my script seems to not work well when run is at this point: /usr/local/etc/rc.d/tomcat6 restart Does this mean that putting :/usr/local/etc to the PATH statement will enable crontab to understand the .../etc/rc.d/ script variables? I think where I'm getting confused is that I'm using 'absolute' paths and my knowledge of the PATH is when one wants to run a command specifically from a shell; as in 'top'. so you wouldn't need to run /usr/bin/top. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Having problems running shell script from crontab
On 01/07/2012 04:30 PM, Matthew Seaman wrote: On 07/01/2012 13:57, RW wrote: On Sat, 07 Jan 2012 15:37:49 +0200 Kaya Saman wrote: n terms of paths this is what I'm doing: I'm in a FreeBSD jail logged in by - #jexec tcsh which gets me in as root. Crontab is being run as root so paths should be the same no? No -- you can't assume that. The correct thing to do is to set $PATH within your script, then it should stand a much improved chance of running correctly irrespective of how it gets started. Add a line like this near the top of the script: export PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin That should be good enough for most purposes, but feel free to modify if needed. Another debugging tip: add set -x or set -v -x towards the top of the script and you'll get a trace of what the script does e-mailed to you. (Well, e-mailed to root, but I assume yould've been reading root's mailbox anyhow, or redirected the root e-mails to somewhere more useful.) PATH is set at the top of /etc/crontab Well, yes. However that only helps for the scripts run out of /etc/crontab. If the OP has done the right thing and left /etc/crontab alone, but instead set up a root crontab by running # crontab -u root -e then that wouldn't help at all. Cheers, Matthew Thanks Matthew!!! :-) Exporting the PATH variable was the key, although I did add the debugging tip in for good measure. So luckily all is solved now. Thanks everyone for all the help and advice! Best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FreeBSD 9 on Lenovo X200 what works?
Hi, I discovered this thread: http://forums.freebsd.org/showthread.php?t=25539 and am wondering what will and won't work on my Lenovo X220 I'm currently in the process in deciding between FreeBSD 9 and Fedora 15/16. I love FreeBSD on servers but unfortunately I haven't had much luck with it on client side systems. Mainly I want to use the system for running a tier 2 hypervisor - VirtualBox (not OSE version). i also want to be able to use HD graphics capabilities and wireless and the WWAN modem that comes with the system. Currently I have something called Salix on here which is Slackware based but unfortunately the hardware isn't being detected properly and that's my major concern regarding FreeBSD! Can anyone provide me with any success stories or advice in what I will be missing if I whack FreeBSD on here?? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD 9 on Lenovo X200 what works?
On 01/26/2012 01:57 AM, Da Rock wrote: Despite having similar hardware, you're only real best bet is to "suck it and see". Try installing and seeing what you can get to work (dmesg, pciconf -lv, usbconfig, kldload modules, questions here, etc). I've had mixed success with laptops (they're just about all I have as a desktop), and about my only problems have been with wifi- though that has mostly disappeared with Adrian's excellent work. I will have a go as Salix (which is on there now isn't cutting it and spent all night trying to get things in order but didn't :( Tested the live FBSD9 disk in the meantime and the wireless gets detected out of the box. As long as I get wifi and HD video and sound coming out of the headphone socket I will be fine I'm running 8.2 on an X200. For the most part everything works. My main complaint is that the sound is very quiet, and I haven't found the setting to fix that. Video and wifi work fine. The kernel sees the camera and the thumb reader but I haven't looked for applications that use them. Ok this sounds promising - for wifi see above! App for camera is Googletalk if supported on Firefox 9, and PAM for the figureprint reader. Just thinkin about WWAN now but there was a post floating around about 3G modems so I might just be in luck not that I've ever used WiMax before. Thanks for the replies guys :-) Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FTP server for install link broken?
Hi, am currently trying to install FreeBSD 9 on my Lenovo X220 and noticed that the link on this page in the FreeBSD Handbook is broken: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-pre.html with link provided here: ftp://ftp.freebsd.org/pub/FreeBSD/releases/i386/ISO-IMAGES/9.0/FreeBSD-9.0-RELEASE-i386-memstick.img Now unless I've missed something I don't see FreeBSD 9.0 here at all: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/ISO-IMAGES/ Everything upto 8.2 is there but no 9.0 Any news in mean time I found it here: ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64/ISO-IMAGES/9.0/ I know am using AMD64 but swap that with i386 and comes down to same result Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FTP server for install link broken?
On 01/27/2012 04:16 PM, Warren Block wrote: On Fri, 27 Jan 2012, Kaya Saman wrote: am currently trying to install FreeBSD 9 on my Lenovo X220 and noticed that the link on this page in the FreeBSD Handbook is broken: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-pre.html See the header at the top of that page. There is a new chapter for installing 9.0 and later. The equivalent section is http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall-pre.html Oh ok. Anyway as I'm familiar with BSD 8.x I did the install without reading!! My issue was really to find the .img file for USB booting. All done now but can't seem to get Fedora 16's GRUB to boot BSD 9.0 I guess it's time to consult the documentation after all; even though Google'ing provided results that didn't yield answers as the Linux GRUB can't find the partition/slice combo??? Tried chainloading but that didn't work either probably as no boot-loader got loaded into the PBR by default. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FTP server for install link broken?
On 01/27/2012 07:22 PM, Warren Block wrote: On Fri, 27 Jan 2012, Kaya Saman wrote: On 01/27/2012 04:16 PM, Warren Block wrote: On Fri, 27 Jan 2012, Kaya Saman wrote: am currently trying to install FreeBSD 9 on my Lenovo X220 and noticed that the link on this page in the FreeBSD Handbook is broken: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/install-pre.html See the header at the top of that page. There is a new chapter for installing 9.0 and later. The equivalent section is http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/bsdinstall-pre.html Oh ok. Anyway as I'm familiar with BSD 8.x I did the install without reading!! My issue was really to find the .img file for USB booting. All done now but can't seem to get Fedora 16's GRUB to boot BSD 9.0 I guess it's time to consult the documentation after all; even though Google'ing provided results that didn't yield answers as the Linux GRUB can't find the partition/slice combo??? The default install of FreeBSD 9 uses GPT, so there are no slices or FreeBSD (bsdlabel) partitions. Instead of ad0s1a, it would just be ada0p2. Don't know what Linux calls these partitions, though. Tried chainloading but that didn't work either probably as no boot-loader got loaded into the PBR by default. If you want multiboot on a GPT drive, grub2 seems to be the solution. (But I haven't tested it Thanks Warren for the assistance! I will create a new Subject for my multiboot issue :-) Am just currently trying to get my 'old' Fedora instance from an old HD up and running by booting off USB drive meaning have to re-build initrd.img with USB modules in it. So updating that in order to get the kernel headers since the old kernel is no longer supported. Best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Dual Booting Linux with FreeBSD 9.0 - Grub in MBR
Hi,
am just wondering if anyone has successfully managed to boot FreeBSD 9.0
and Linux.
I run Fedora 16 x64 with Grub installed in my MBR.
FBSD9 installed as the new disk scheme GPT. I think (I manually
partitioned as my disk is quite crowded).
Anyway I found this:
http://lists.freebsd.org/pipermail/freebsd-questions/2011-October/234858.html
and at the moment I have this in my Grub config:
menuentry 'FreeBSD 9.0' {
set root=(ada0,1,a)
kfreebsd /boot/loader
boot
}
But unfortunately no boot :-(
I have tried using (hd0,0), (hd0,1,a), (hd0,0,a), and (hd0,a) but
unfortunately nothing is working.
The Grub version is 2.
Can anyone help me?
Thanks
Kaya
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Dual Booting Linux with FreeBSD 9.0 - Grub in MBR
On 01/28/2012 08:54 AM, Bas Smeelen wrote:
On Fri, 27 Jan 2012 21:32:10 +
Kaya Saman wrote:
Hi,
am just wondering if anyone has successfully managed to boot FreeBSD
9.0 and Linux.
I run Fedora 16 x64 with Grub installed in my MBR.
FBSD9 installed as the new disk scheme GPT. I think (I manually
partitioned as my disk is quite crowded).
Anyway I found this:
http://lists.freebsd.org/pipermail/freebsd-questions/2011-October/234858.html
and at the moment I have this in my Grub config:
menuentry 'FreeBSD 9.0' {
set root=(ada0,1,a)
kfreebsd /boot/loader
boot
}
But unfortunately no boot :-(
I have tried using (hd0,0), (hd0,1,a), (hd0,0,a), and (hd0,a) but
unfortunately nothing is working.
The Grub version is 2.
Can anyone help me?
Hi
I have the following partition layout
P1 linux swap
P2 FreeBSD
P3 linux
P4 extended which holds 2 more linux partitions
FreeBSD 9 installed on P2 and the FreeBSD bootloader on P2
In /etc/grub.d/40_custom I have put the following:
menuentry "FreeBSD" {
set root=(hd0,2)
chainloader +1
}
Then run update-grub as root.
The (hd0,2) entry means first harddisk (this laptop only has one) and
the second partition, which holds the FreeBSD bootloader that gets
loaded with the enry chainloader +1.
This works for me. Hope it helps.
I think with the way you have the setup now, a module must be loaded
first in the grub config. Insmod ufs or similair.
Disclaimer: http://www.ose.nl/email
Thanks for the response!!
Actually I got this working but eventually was up for nearly 24 hours
which meant I was too tired to post back here :-)
My Grub is just weird! Which is why I couldn't work things out. For
anyone running Fedora 16 or alike this may help; I have this partition
layout:
1. FreeBSD UFS2
4. Extended Partition
5. Linux / Ext4
2 Linux Swap
3 Linux JFS
Don't ask why 4,5 partitions but Fedora installer took over and left me
with no control otherwise Fedora should have been on 2.
Now the Grub entry is as follows:
menuentry 'FreeBSD 9.0' {
insmod part_msdos
set root='(hd0,msdos1)'
chainloader +1
}
I have no idea why my version of grub is sooo different from everyone
elses as finding many dualboot bsd/linux combos with Grub entries being
more like yours, Bas, this is certainly puzzling.
Anyhow the situation is solved :-)
Regards,
Kaya
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RIP routing protocol implementation is FreeBSD?
Hi there, does anyone know if there's an implementation of the RIP version 2 routing protocol in FreeBSD??? I would like to use it to exchange routes with my Cisco 857W router as the BSD machine will provide routing for a virtual test network in VBox. I did check out the handbook for the enable_routerd="YES" and have used that before as default gateway of 'last-resort' with NAT but never RIP as don't wana use NAT in this case. OpenBSD definitely has it but since am more familiar with FreeBSD I thought let's try here first :-) Can anyone help me out? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: RIP routing protocol implementation is FreeBSD?
On 01/30/2012 06:47 PM, Michael Sierchio wrote: On Mon, Jan 30, 2012 at 10:33 AM, Kaya Saman wrote: Hi there, does anyone know if there's an implementation of the RIP version 2 routing protocol in FreeBSD??? man routed The routed utility is a daemon invoked at boot time to manage the network routing tables. It uses Routing Information Protocol, RIPv1 (RFC 1058), RIPv2 (RFC 1723), and Internet Router Discovery Protocol (RFC 1256) to maintain the kernel routing table. router_enable="YES" in /etc/rc.conf this has nothing to do with NAT, btw. Thanks for the response. sorry I think I wasn't getting my point through clearly enough. Am Cisco Engineer so know the difference between NAT, PAT, Static routing and dynamic routing ;-) Yep I read about it in the handbook and yes I have used it before but not for dynamic routing. The NAT'ing is what I did previously and was just mentioning what I 'had' used before. which was everything but dynamic routing on FreeBSD 8.0 :-) P.s. sorry if what I'm trying to say isn't getting out clearly enough :-) Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: RIP routing protocol implementation is FreeBSD?
On 01/30/2012 06:53 PM, Eric Masson wrote: Kaya Saman writes: Hi, does anyone know if there's an implementation of the RIP version 2 routing protocol in FreeBSD??? man 8 routed I did check out the handbook for the enable_routerd="YES" I'd try routed_enable = "YES" instead. Regards Éric Masson Syntax blooper. It's sometimes hard to remember 'EVERYTHING' but once I see the /etc/rc.conf file I will know what is needed and how it's used :-) Thanks for the correction though. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: RIP routing protocol implementation is FreeBSD?
On 01/30/2012 07:11 PM, Eric Masson wrote: Eric Masson writes: Sorry, Followup to myself. I'd try routed_enable = "YES" instead. router_enable = "YES" as Michael stated in another post. Regards Éric Masson The generic syntax of rc.conf is like so (using mine as example): zfs_enable="YES" nfs_server_flags="-a -t -n 4" nfs_server_enable="YES" rpc_statd_enable="YES" rpc_lockd_enable="YES" rpcbind_enable="YES" mountd_enable="YES" mountd_flags="-r" munin_node_enable="NO" zabbix_server_enable="NO" zabbix_agentd_enable="NO" icecast_enable="NO" darkice_enable="NO" fail2ban_enable="YES" implying: routerd_enable="YES" :-) :-) :-) Best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: RIP routing protocol implementation is FreeBSD?
I'd try routed_enable = "YES" instead. Regards Éric Masson I have now setup a virtual instance of FreeBSD and another machine running Bind9 on OpenBSD. I can tell that the system is receiving RIP updates as netstat -r shows the routes advertised by my router however, it seems that RIP isn't being advertised by FreeBSD. My /etc/rc.conf file looks as such: router_enable="YES" router_flags="-P ripv2 ripv2_out" From the manual I wasn't quite sure if I needed to put the above 'router_flags' syntax or if: ripv2 ripv2_out should be put in the /etc/gateways file. I tried Google'ing around but found almost no information on how to use the service. However, on bootup the system claims: "switch to trace file ripv2_out". Running: sh ip route in the IOS only shows the C (connected routers) or S* (the gateway of last resort) but no dynamic RIP updates R. Ok got something wrong here??? Can anyone assist. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Unknown IP address shows FreeBSD server MAC in arp cache
Hi, I'm experiencing a weird problem and I have no idea where to begin with this one! Basically what's happening is that I did a host scan from my NetBSD box running Cacti in order to 'Auto Discover' machines on my network; a php script on the Cacti server added an IP address xxx.xxx.1.52. Seeing this as odd since I haven't configured any machine with this IP as it's in the DHCP range on my network and there aren't any machines running on DHCP on the particular VLAN either as everything is statically configured; I proceeded to check the arp cache of my NetBSD box which pointed to the MAC address of my FreeBSD server? Having a look round my network and servers each ping attempt to xxx.xxx.1.52 gives me a response and in the arp cache of each machine/device shows the FreeBSD server. Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall and all settings in /etc/rc.conf for interfaces and Jails are fine and consistent with my Network Spec. My network has also had a massive overhaul since then as I've changed switches and router in the meantime too I have thought about arp poisoning but then again no other machine is connected to my network that I don't know about and since it's a home network there's really only me connected to it. Also I'm running OpenBSD as a firewall/router gateway which I've also checked thoroughly including Packet Filter and haven't found any issues. I also thought about RARP and bootparamd since I'm running a bunch of Sun SPARC systems in which I NetBooted but nothing on that front either showed any result. I additionally have checked the /etc/hosts files of all my systems and even my local DNS db files but nothing shows xxx.xxx.1.52 at all. The BSD version that I'm running on my FreeBSD server is 8.2 x64. Would anyone be able to help me out with this one? Basically why is a rogue or unknown IP address pointing to my FreeBSD box's NIC? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Fwd: Unknown IP address shows FreeBSD server MAC in arp cache
Well I managed to find the answer!! Scanning through /etc/defaults/rc.conf I noticed this: dhclient_program="/sbin/dhclient" # Path to dhcp client program. dhclient_flags="" # Extra flags to pass to dhcp client. Then I went back to check my DHCP server's log files and indeed a DHCP request came through from the server even though the IP's are all statically configured on it. Now all I have to do is tell the system not to use the "dhclient" program and then all will be sorted :-) Few. Regards, Kaya Original Message Subject:Unknown IP address shows FreeBSD server MAC in arp cache Date: Thu, 25 Apr 2013 02:52:21 +0100 From: Kaya Saman To: freebsd-questions@freebsd.org Hi, I'm experiencing a weird problem and I have no idea where to begin with this one! Basically what's happening is that I did a host scan from my NetBSD box running Cacti in order to 'Auto Discover' machines on my network; a php script on the Cacti server added an IP address xxx.xxx.1.52. Seeing this as odd since I haven't configured any machine with this IP as it's in the DHCP range on my network and there aren't any machines running on DHCP on the particular VLAN either as everything is statically configured; I proceeded to check the arp cache of my NetBSD box which pointed to the MAC address of my FreeBSD server? Having a look round my network and servers each ping attempt to xxx.xxx.1.52 gives me a response and in the arp cache of each machine/device shows the FreeBSD server. Long ago I may have had this machine on xxx.xxx.1.52 but I can't recall and all settings in /etc/rc.conf for interfaces and Jails are fine and consistent with my Network Spec. My network has also had a massive overhaul since then as I've changed switches and router in the meantime too I have thought about arp poisoning but then again no other machine is connected to my network that I don't know about and since it's a home network there's really only me connected to it. Also I'm running OpenBSD as a firewall/router gateway which I've also checked thoroughly including Packet Filter and haven't found any issues. I also thought about RARP and bootparamd since I'm running a bunch of Sun SPARC systems in which I NetBooted but nothing on that front either showed any result. I additionally have checked the /etc/hosts files of all my systems and even my local DNS db files but nothing shows xxx.xxx.1.52 at all. The BSD version that I'm running on my FreeBSD server is 8.2 x64. Would anyone be able to help me out with this one? Basically why is a rogue or unknown IP address pointing to my FreeBSD box's NIC? Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Mother board compatibility and CF card usage as main storage device for small DNS server
Hi, I'm planning on using FreeBSD 8.0 x64 RELEASE edition for a small primary/secondary DNS server setup. The system will run Bind9 and have some zone files and views for the few people I host for. I am considering using a dual Atom system board with 2GB RAM and for storage was thinking of going for 16GB compact flash card instead of a normal hard disk.. This is a bit radical for me as I have never used this kind of setup before so I'm not sure how suited it will be??? These are the system boards: http://www.commell.com.tw/product/SBC/LV-67E.HTM# or http://www.globalamericaninc.com/p2808245/2808245_-_Mini-ITX_Motherboard_with_the_choice_of_Embedded_Intel_Atom_D510,_D410_or_Fanless_N450_Processor/product_info.html I mean for a DNS server (all be it a small one) is it wise to use compact flash as storage?? Thanks and regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Mother board compatibility and CF card usage as main storage device for small DNS server
Thanks very much Brian: On 30/09/2010 17:02, Brian A. Seklecki (CFI NOC) wrote: On 9/30/2010 4:11 AM, Kaya Saman wrote: I mean for a DNS server (all be it a small one) is it wise to use compact flash as storage?? For our GSLB DNS Slaves, we boot embedded/low power (or even VMs these days) systems with CF images off of flash, keep a shadow copy of /etc around, and program all file systems with R/W activity (/var/chroot/named/cache, where all zone files are fetched from Master NS) on MFS partitions, eliminating almost all write operations to the CF card. No swap, and RD / (/var, etc.) and MFS /usr extracted from a tarball via modified rc(8). /shadow is mounted noatime. Are you saying that you custom compiled the kernel here?? I'm not that advanced with FreeBSD yet as I've only been using it for a few months even though I have other UNIX based experience. [...] Where it gets risky is if you just plain install a live functional FreeBSD on CF. A million inodes for /usr/src and CF is about as fast as an ESDI hard drive in an IBM XT. I was planning to go Standard Minimal Install then build Bind9 from ports and of course use SSH as login system and perhaps hack out the Serial port to give me some SPARC/POWER/Cisco style RS232c login. From what you mention it sounds like a bad idea as the system disk will have many R/W's going through it it seems as /tmp and Swap get written to all the time. I mean this would have been a cheaper alternative to buying an SSD drive or SAS 2.5" drive but now I'm a bit worried. ~BAS Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Mother board compatibility and CF card usage as main storage device for small DNS server
On 30/09/2010 17:54, Brent Bloxam wrote: Kaya Saman wrote: From what you mention it sounds like a bad idea as the system disk will have many R/W's going through it it seems as /tmp and Swap get written to all the time. You can skip swap altogether and use MFS (memory filesystem) like Brian mentioned for other high write partitions that don't need to be persistent (/tmp, /var/log). See the following article on the freebsd.org website about using solid state storage: http://www.freebsd.org/doc/en/articles/solid-state/article.html Keep in mind though that Brian's setup was for slave nameservers that would be caching from another master. If your nameserver is acting as master, you'll be storing your records on flash since you need persistent storage, but I don't imagine those files will be write intensive. Also, if you make /var/log MFS, you'll want to have an external syslog server set up ;) Thanks a lot so it should be ok then! :-) Yeah sounds like a good setup, and also a syslog server :- this is exactly what I need in order to check my IOS logs coming from my Cisco boxes. I had previously imagined it to be a simple tftpboot server but sounds like it's standalone. That's cool! I mean I really like having logwatch mailing me all necessary information anyway so that coupled with a syslog server should be pretty good :-) Nice ideas need to do some Google'ing now as I don't know what MFS is yet but I will :-D Cheers and best regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Mother board compatibility and CF card usage as main storage device for small DNS server
Many thanks for the responses! On 01/10/2010 02:52, Paul Wootton wrote: On 09/30/10 14:54, Kaya Saman wrote: On 30/09/2010 17:54, Brent Bloxam wrote: Kaya Saman wrote: From what you mention it sounds like a bad idea as the system disk will have many R/W's going through it it seems as /tmp and Swap get written to all the time. You can skip swap altogether and use MFS (memory filesystem) like Brian mentioned for other high write partitions that don't need to be persistent (/tmp, /var/log). See the following article on the freebsd.org website about using solid state storage: http://www.freebsd.org/doc/en/articles/solid-state/article.html Keep in mind though that Brian's setup was for slave nameservers that would be caching from another master. If your nameserver is acting as master, you'll be storing your records on flash since you need persistent storage, but I don't imagine those files will be write intensive. Also, if you make /var/log MFS, you'll want to have an external syslog server set up ;) Thanks a lot so it should be ok then! :-) Yeah sounds like a good setup, and also a syslog server :- this is exactly what I need in order to check my IOS logs coming from my Cisco boxes. I had previously imagined it to be a simple tftpboot server but sounds like it's standalone. That's cool! I mean I really like having logwatch mailing me all necessary information anyway so that coupled with a syslog server should be pretty good :-) Nice ideas need to do some Google'ing now as I don't know what MFS is yet but I will :-D Cheers and best regards, Kaya I have been using a Soekris Net5501-70 box since June 2008 with a CF card running FreeBSD 7. This is being used for DNS, DHCP, NNTP, network firewall and a small asterisk server I have turned off writing messages to logs, and in June this year, I started using an MD for /var/db/dhcpd (as that was getting written to a fair amount) Im still on my original CF card, and as of yet, have not seen any problems (touch wood)... Its not the fastest box in the world, but it certainly does what I want it to do. Just takes a long time compiling a world and kernel Just another option for you... Paul I checked out the Soekris and looks more like a firewall style design with multiple LAN ports and kinda a bit more then what I need! Perhaps I'll just stick to my original SSD idea even though I'll pay a bit more but a 40GB Intel X.25 SSD should do the trick. - Am currently using this in another design for DNS where I'm using 2 BSD Jails for primary and secondary and is ultra fast :-) Just a bit more expensive but that's ok I guess Best Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
syslogd not writing to file?
Hi, I've got a weird problem that might be a bug with the 64bit RELEASE edition of FreeBSD 8.0. The issue is this: I provisioned 2 servers on two separate networks; one a 32bit system and the other a 64bit in order to log information coming from Cisco network equipment. The 32bit build works perfectly using the config below, however the 64bit version won't write the files as needed??? The /etc/syslog.conf file looks as such: # $FreeBSD: src/etc/syslog.conf,v 1.30.2.1.2.1 2009/10/25 01:10:29 kensmith Exp $ # #Spaces ARE valid field separators in this file. However, #other *nix-like systems still insist on using tabs as field #separators. If you are sharing this file between systems, you #may want to use only tabs as field separators here. #Consult the syslog.conf(5) manpage. +Zeta-Ray.optiplex-networks.com *.err;kern.warning;auth.notice;mail.crit/dev/console *.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages security.*/var/log/security auth.info;authpriv.info/var/log/auth.log mail.info/var/log/maillog lpr.info/var/log/lpd-errs ftp.info/var/log/xferlog cron.*/var/log/cron *.=debug/var/log/debug.log *.emerg* # uncomment this to log all writes to /dev/console to /var/log/console.log #console.info/var/log/console.log # uncomment this to enable logging of all log messages to /var/log/all.log # touch /var/log/all.log and chmod it to mode 600 before it will work #*.*/var/log/all.log # uncomment this to enable logging to a remote loghost named loghost #*.*@loghost # uncomment these if you're running inn # news.crit/var/log/news/news.crit # news.err/var/log/news/news.err # news.notice/var/log/news/news.notice !ppp *.*/var/log/ppp.log !* +192.168.1.1 *.*/var/log/cisco857w.log !* +172.16.0.1 *.*/var/log/cisco1801w.log With the files having these permissions: -rw-r--r-- 1 root wheel0 Dec 5 17:02 cisco1801w.log -rw-r--r-- 1 root wheel0 Dec 5 19:32 cisco857w.log I also added these lines to the /etc/rc.conf file: syslogd_enable="YES" #syslogd_flags="-d -b 192.168.1.120 -a 192.168.1.1/32:* -a 172.16.0.1/32:* -vv" syslogd_flags="" Using debugging by putting -d -vv within the comments of the last line I was able to see information get transferred to my server from the devices in question, however the FILE parameter was never specified meaning that nothing was getting written to the files created. The 32bit build works perfectly on a different network with the same config just different device IP's. The system hasn't had any packages updated though unlike the 64bit edition which might interfere with the build somehow. I also run BSD Jails on the 64bit server too so I don't know if something from that part is affecting things? It's a very odd problem and I don't know if anyone can give me any insight into this? I mean information is getting to the server as I can see it while running the debug with the -d -vv flags set in place, however nothing is being written! Can anyone help or suggest anything? Thanks, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On 07/12/2012 07:54 PM, Peter Vereshagin wrote: Hello. Why don't you use a portsnap? it's over http... 2012/07/12 19:01:15 +0100 Kaya Saman => To Peter Vereshagin : KS> I will check it out however and see if that method is best, however KS> CVSup would be the best way for us and I'm already looking at this: KS> KS> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvsup.html 1. cvsup is not about comparison to ftp. cvsup is a way to obtain fresh port for the program distribution, ie set of patches, list of package's files, sample configuration files for the particular program(s) those are not the part of the base system but supplied with taking the OS specs in mind. ftp is a way to obtain a distfile, ie what the 3rd party software developer use to distribute. For FreeBSD ports cvsup and ftp are not competent in the daiy use as they have different purposes. Some 3rd party software is released and published authoritatively on ftp only. And that is the only problem possible for you on ftp usage by freebsd ports. But I believe there is only a few of them you need if any at all. I guess you may want to download the initial ports tree tarball, the ports.tgz, via the ftp. But it's certainly a) available over there via the http and b) is outdated and is needed to be updated via the portsnap and/or cvsup. 2. Use csup from the base system, don't use cvsup from ports if you use its protocol. And, portsnap seems to be even more recommended since some days. KS> which should be enough to get a demo up and running. A Demo? Am I invited for the show? ;-) -- Peter Vereshagin (http://vereshagin.org) pgp: A0E26627 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" Hi Peter, portsnap works fine :-) My issues start coming into play when building the actual port itself. Ie. fetching the distfile, as you suggested above. As soon as I start running portmaster -a or a 'make install clean' on certain ports, the progress just bombs out totally. It would be really cool if I could find a way to centrally manage all of this. So perhaps in conjunction with CVSup. Something like a Linux repo server if you will - though I mention the term very loosely. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On 07/12/2012 08:13 PM, kpn...@pobox.com wrote: On Thu, Jul 12, 2012 at 06:44:56PM +0100, Kaya Saman wrote: I do infact work for this company and additionally I am one of the administrators of the company. The information comes straight down from the IT director who will **not** change his mind on this as I have asked several times in the past. Basically without getting too distracted and off-topic: I open the ports on the firewall - tomorrow I am not employed anymore So called "active" ftp requires having the server open a connection back to the client. This will be blocked by a firewall unless the firewall has special support for it. I can see having a firewall not allow those connections into your network. With "passive" ftp with or without a proxy all connections are opened from your end. No opening up of the firewall is required. Plus, if you don't touch your filewall then attempted use of active ftp will just result in a hung network connection. I believe active ftp was the default and perhaps only option for a number of years. Does your IT director understand the active/passive distinction? If not then perhaps you could explain it in a way that acknowledges that his concerns have some merit but those concerns are not relevant to passive ftp. Yes, this is very easy for me to suggest since I don't know any of the relevant people and my paycheck is not on the line. And my suggestion may be worth what you paid for it. ;) Hi, of course everything is known but still it is preferred to keep a total lock-down on outbound ports. We handle a lot of highly sensitive information and that's the need for the severe lock-down. Even the web-proxy is restricted to the sites accessible meaning that we need to request access if we need to go somewhere not governed by that proxy. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Is there a way to run FreeBSD ports through port 80?
On 07/12/2012 09:46 PM, Matthew Seaman wrote: On 12/07/2012 21:26, Kaya Saman wrote: My issues start coming into play when building the actual port itself. Ie. fetching the distfile, as you suggested above. As soon as I start running portmaster -a or a 'make install clean' on certain ports, the progress just bombs out totally. It would be really cool if I could find a way to centrally manage all of this. So perhaps in conjunction with CVSup. Something like a Linux repo server if you will - though I mention the term very loosely. Have you played with pkgng at all? It's a bit new to use in production just yet, although reports from testers have been pretty positive so far, and it's perfectly fine for evaluation purposes. It will solve your main problem of not being allowed FTP traffic, as you can select a package repository accessible through HTTP -- like the main test repository http://pkgbeta.freebsd.org/freebsd-9-amd64/latest See http://wiki.freebsd.org/pkgng Cheers, Matthew Thanks Matthew I will give this a go, although currently I have 2x FreeBSD machines in 'almost' full production as testing will cease quite shortly. It might actually be quite useful in conjunction with Puppet and Cobbler (not sure if is for FreeBSD too). Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
FreeBSD in finance sector
Hi, Does anyone know of any financial firms or banks that run FreeBSD? I have been instructed to research this for the firm I work at as I am trying to get the senior management to switch over from Linux as our current network is in shambles. Thanks for any responses. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: FreeBSD in finance sector
On 09/07/2012 07:17 PM, Polytropon wrote: On Fri, 07 Sep 2012 18:55:49 +0100, Kaya Saman wrote: Hi, Does anyone know of any financial firms or banks that run FreeBSD? I have been instructed to research this for the firm I work at as I am trying to get the senior management to switch over from Linux as our current network is in shambles. There is a good chance that networking equipment they use (e. g. firewalls, routers, gateways, encryption appliances) run FreeBSD internally, or a system derived from it and turned into closed source (which the BSD license explicitely allows). Probably you won't have a chance to verify this. For running actual services (not sure _what_ you are running), FreeBSD might be as good as Linux, maybe even better. It can also serve as storage solution or networking subsystem for various kinds of "client OSes". Probably banks won't tell you what they run. Some run IBM mainframe systems (which you can "recognize" when looking at screens you're not supposed to look at). Any information more precise than just my assumptions can only be provided by insiders or service contractors who know the actual infrastructures. Banks and financial firms tend to _not_ publish what they run. Thanks for the response! I agree and understand this, hence I am not allowed to give away details of where I work etc but I can state that we are using an aging Linux (CentOS) based architecture for our systems and as the new boy in town have made a big campaign to run a mixture of FreeBSD and Sun SPARC systems as AIX seems to be a big pain in the assets to admin. Regards, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Crontab not working??
Hi, I installed logwatch from ports only it didn't install a crontab for me like Linux or Solaris does so I ended up attempting to copy my Linux crontab into FreeBSD. It didn't work so I tried to cut down areas which I suspected might not work and ended up with the syntax below for root: crontab -l shows: @reboot root/usr/local/sbin/logwatch.pl 02 4 * * * root/usr/local/sbin/logwatch.pl The interesting thing here is that it shows them as being run: rd1# cat /var/log/cron | grep logwatch Jan 12 04:02:00 rd1 /usr/sbin/cron[5882]: (root) CMD (root^I/usr/local/sbin/logwatch.pl) Jan 13 04:02:00 rd1 /usr/sbin/cron[8898]: (root) CMD (root^I/usr/local/sbin/logwatch.pl) but only nothing is being emailed to me? If I run the pearl file locally as in: /usr/local/sbin/logwatch.pl it works fine and email is sent. I know I am missing something but for the life of me can't work out what! Can anyone be of assistance? Many thanks, Kaya ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: Crontab not working??
Thanks, I inputted the data as you suggested so now I will wait until the time specified to see if it ran or not! Regards, Kaya Chuck Swiger wrote: Hi-- On Jan 13, 2010, at 4:20 PM, Kaya Saman wrote: It didn't work so I tried to cut down areas which I suspected might not work and ended up with the syntax below for root: crontab -l shows: @reboot root/usr/local/sbin/logwatch.pl 02 4 * * * root/usr/local/sbin/logwatch.pl You're using the syntax for a system-wide crontab, ie, /etc/crontab. Per-user crontabs do not have the middle field listing the user to run as; re-run crontab -e and try this instead: @reboot /usr/local/sbin/logwatch.pl 02 4 * * * /usr/local/sbin/logwatch.pl Regards, ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
