Re: PF & NAT, how to forward GRE?
Mel <[EMAIL PROTECTED]> writes: > I take it you mean gre(4), which defines two IP protocols. So your rules will > need to include proto gre or proto mobile to identify the traffic. Something > like: > nat on $wan_if proto gre from $int_if:network to any -> ($wan_if) and don't forget to include a matching pass rule. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Odd PF Denied Message
"Michael K. Smith - Adhost" <[EMAIL PROTECTED]> writes: > We've basically allowed all traffic to and from 127.0.0.1 in our > ruleset, but nothing seems to work. Does anyone have a magic bullet to > make this go away? set skip on lo0 is not the default, but essentially the only sane way to go. See if that doesn't help -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: top posting (off-topic)
"Brent Jones" <[EMAIL PROTECTED]> writes: > I for one prefer top posting, as usually I have read a particular thread http://www.asciiartfarts.com/20011201.html HTH, HAND -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Auto blacklist ssh connections ...
"Marc G. Fournier" <[EMAIL PROTECTED]> writes:
> Does anyone know of a utility that I can use with sshd to auto-block by IP if
> there are more then N failed attempts in a row?
With PF, you could use state tracking options and overload rules to
set limits on the rate of new connections from any one host and/or the
rate of new connections,
pass quick proto { tcp, udp } from any to any port ssh \
flags S/SA keep state \
(max-src-conn 15, max-src-conn-rate 5/3, \
overload flush global)
supplemented by a rule that handles traffic from the bruteforce table
(block quick, assign to tiny queue, whatever). One of the more popular
pages in the PF tutorial (<http://home.nuug.no/~peter/pf/en/bruteforce.html>)
is about just that, see <http://home.nuug.no/~peter/pf/> for a wider range
of formats.
There are other packages that will read your auth log and count, but being
sort of a PF guy I found the PF-based solution quite attractive and flexible.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to get my Dad's Win2k system to access internet through my FreeBSD 6.2 system
Manish Jain <[EMAIL PROTECTED]> writes: > I am poor at networking and need a little bit of help. My dad has a > Windows 2000 machine with a network card but does not have a connection > to the internet. When I started writing this, I thought that system had been abandoned already, but it appears Microsoft will offer a measure of support through next year sometime. Do see that the system gets properly updated before you put it on the net. > My freebsd 6.2 box is connected to the internet and has > 2 network cards, rl0 and rl1. rl0 connects to the ISP and rl1 is > directly connected via a long Ethernet cable to the NIC on my dad's > machine. While I can access the internet easily, I want my dad to be > able to connect to the internet with my freebsd box serving as the > gateway. Can anyone please explain to me in easy steps how to accomplish > this ? The keyword is that you need to set up your machine as a gateway. There are numerous guides available on how to do that (including the FreeBSD Handbook (free, online and likely already on your system) my PF tutorial (http://home.nuug.no/~peter/pf/) contains more than a few hints, as do several books available at better bookstores), but I would recommend that you pick literature that enables you to learn the basics of TCP/IP as well as the actual commands needed. Looking into packet filtering for basic protection won't hurt either. With those keywords in hand, you should be able to dig up something useful. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Quick spamd question
Brian Martinez <[EMAIL PROTECTED]> writes: > check right now to verify), but once an entry gets listed WHITE, should > the GREY entry remain? I seem to remember that the GREY entry expires > immediately after the second attempt (thereby making the tuple > whitelisted). The GREY entry may live on for a while, but the existence of a WHITE entry will ensure that the delivery will succeed on the next attempt. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SV: Breakin attempt
"Admin ValhallaProjectet" writes: > Probably a bunch of bots. Not very intelligent used. It's a recurring phenomenon, sometimes called the "hail mary cloud" (the odds are overwhelmingly against such things ever succeeding, but they keep trying anyway). > Really messed up my logfiles. I was a bit curious if the purpose > was just that, to mask some more clever real attacks, but haven't > seen any signs of such. > I changed my ssh port, just to reduce the noise, and it all ceased. This round was over a lot quicker than the ealier ones, see eg http://www.bsdly.net/~peter/hailmary/ and the inital blog post about the phenomenon, http://bsdly.blogspot.com/2008/12/low-intensity-distributed-bruteforce.html - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: dlink wireless adapter
Imran Imtiaz <[EMAIL PROTECTED]> writes: > how can i make my dlink DWL-G122 wireless usb adapter work with freebsd? IIRC it's supported by the ural driver. With that knowledge and the wireless networking chapter in the Handbook, you should be fine. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to tell if IPF is running?
"jdow" <[EMAIL PROTECTED]> writes: > Which tool would be able to do this sort of thing best and how might it > have been done. PF has most of the bits you need built in, see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html (part of a PF tutorial). For weeding out old table entries, you might want to look at the expiretable utility (http://expiretable.fnord.se/). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: fine grained firewall?
andrew clarke <[EMAIL PROTECTED]> writes: > Is it possible to configure the FreeBSD firewall to block ports on a > per-user or per-executable basis? If your firewall is PF, you can use authpf(8) to configure per user rule sets. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Download
"Luis Thillet" <[EMAIL PROTECTED]> writes: > I have been trying (FOR A LONGTIME) to download a FreeBSD Unix OS (i.e. 5.4, > 6.0-RELEASE iso.i386). But it has never worked. I was wondering if your > company/team/crew have disabled it. Neither the operating system itself nor its download sites have been disabled for any noticeable length of time, if ever. The files needed to install FreeBSD have to the best of my knowledge been available continuously from the moment the respective versions were released. The description is a little short on details, so any suggestions from here are pure guesswork. Off the top of my head, - did the download complete? The size of a typical release ISO CD image file is likely to be in the 550 to 650 megabytes range, and could take considerable time if you are on a skinny line or downloading from somewhere distant network-wise. The Handbook lists a number of mirror sites which could be closer to your location than the primary site at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mirrors-ftp.html - if the download did complete, what did you download and what did you do with it? Assuming you downloaded an ISO image, you would need to burn the file as an image, not a file, to a suitable CD medium. If you opted for the floppy images, you would need to follow the procedure outlined in the install docs to create a usable set. Installing by letting the installer fetch packages as needed could be time consuming as well, depending on your line speed and network conditions between your location and the chosen installation source. I suppose the most sensible thing to do is first to try to locate a user group or other friendly FreeBSD people in your area. People on this list should be able to provide pointers. I suppose even people not in your area should be able to burn you an install CD and mail it to you if that is what you need to get started. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: repeated ssh login attempts/failure/break-in attempts from kiddy script
Nathan Vidican <[EMAIL PROTECTED]> writes: > ie: after 4 failed attempts from IP _BLANK_ in less than _BLANK_ minutes, > deny > all attempts and drop connection from said IP... possible? using pf, this is astoundingly easy, see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html If you go down this route, you might want to use expiretable (/usr/ports/security/expiretable) to trim the contents of the table after a while (I tend to use 24 hours expiry). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: disk space question
Andrew Musselman <[EMAIL PROTECTED]> writes: > I would like more space in /usr. I've installed another drive and set > it to mount to /mnt. I would like to make FreeBSD(5.2.1) think that > /usr also includes this new drive. > > Is there a way to do what I want to do? Yes. You could copy say, the contents of /usr/local to /mnt, then replace /usr/local with a symlink to /mnt. Not pretty, should be done from single user mode only and you'd need somewhere else to mount things temporarily, but it *will*, sort of, do what you want. A more permanent solution would be something along the lines of (assuming there's a usable file system at /mnt) # cd /usr/local # tar cf - . | (cd /mnt; tar xvf - 2>/var/tmp/mycopyerrors) check /var/tmp/mycopyerrors for any errors ( if you're not in single user already, go there NOW ) # mv /usr/local /usr/local.old # mkdir /usr/local #vi /etc/fstab edit so your new disk gets mounted as /usr/local, save # reboot check that your system works ok, when you're certain everything's ok, # rm -rf /usr/local.old /var/tmp/mycopyerrors untested, from memory, adjust as needed, and if it kills your puppy, I will *not* revive it. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
4.2 -> 5.2 passwd format change?
I'm in the process of moving users from a 4.2 machine to an updated setup using 5.2.1. There appears to have been some changes in the password format (as in the users are not able to log in to the test system), and the main reference I find is this entry in /usr/src/UPDATING: 2928: There was a change in the passwd format. Need more information. Any pointers appreciated. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 4.2 -> 5.2 passwd format change?
Lowell Gilbert <[EMAIL PROTECTED]> writes: > I've moved password entries from 4.x to 5.x with no problem. > > Did you remember to rebuild the database? er, it seems that was the problem, exactly. Thanks! -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: none
"Anita Hicklin" <[EMAIL PROTECTED]> writes: > I was wondering if I could get instructions on how to uninstall free bsd. > It's on my computer and I dont' know how to use it so I was going to just > unistall it but I can't seem to figure it out. First, make sure sure that you've backed up any important data, then use whichever tools come with the operating system you want to set up install that system and configure it. The exact steps depend on which operating system you want to run instead of FreeBSD. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: SGML, experienced advice wanted ;)
William Fletcher <[EMAIL PROTECTED]> writes: > I was just wondering what precise piece of software I should use to convert > sgml to PDF? > Just sort of asking for a general opinion of what is the _best_ > software for this job, etc. Do your sgml files come with DTDs and stylesheets? If so, it should be possible to use something like jade/pdfjadetex for your transformations. The FreeBSD doc project is an example of how this can be done. You might want to at least browse http://www.freebsd.org/docproj/sgml.html and http://www.freebsd.org/doc/en_US.ISO8859-1/books/fdp-primer/index.html (both contain quite a number of useful references). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: installing bsd on a laptop
[EMAIL PROTECTED] writes: > hello, do you know of any laptop brands that can run freebsd or openbsd that > is available to purchase??? I'm typing this on a Fujitsu-Siemens Amilo D 1840W running FreeBSD 5.3. Everything 'Just Worked', the only part of the X config I needed to do manually was the one-line ZAxisMapping magic to make the touchpad's scroll strip (similar to mouse wheel) work. Then again that was cut&pasteable from somewhere else. Everything else pretty much just automagically worked. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD's Visual Identity: Outdated?
jsha <[EMAIL PROTECTED]> writes: > 1. Not only is the logo misleading (associating evil) but it also looks >like something 10-year-olds could produce in Paint Shop Pro ten years >ago. OpenBSD has an artistic touch to theirs, however I was very >disappointed when I heard that the new NetBSD logo was in effect. If you are unhappy with the logo or any other part of the material provided by the FreeBSD project, you are free to start making something you consider to be better. If you make something which is indeed superior in the views of the commiters and you make it available under an acceptable license, you might see it accepted into the project proper. However, before you start down that track, you should read up a bit on the project's and the mascot's history. > 2. If it wasn't for the interesting content and structure of the FreeBSD >website, it would be among the less beautiful. Yes, it serves its >purpose well by being simple and straight to the point. But a redesign >could offer just the same -- simplicity and accuracy -- without being >ugly. If you are unhappy with the web site or any other part of the material provided by the FreeBSD project, you are free to start making something you consider to be better. If you make something which is indeed superior in the views of the commiters and you make it available under an acceptable license, you might see it accepted into the project proper. > 3. The installation, even though it's text-only, could also be improved >by simple restructuring to act more cognitive and human-centered than >previously. Everything pertaining to the eye is important to improve. If you are unhappy with the installer or any other part of the material provided by the FreeBSD project, you are free to start making something you consider to be better. If you make something which is indeed superior in the views of the commiters and you make it available under an acceptable license, you might see it accepted into the project proper. > 4. There should be some kind of FreeBSD business card and letterhead >available to all that support this project. > > How do I know though, that if I manage to pull together a team to work > on this refined vision, that we won't be totally ignored even though we > produce the most magnificent result? Stickers and other material is available from various sources which may or may not to some degree or other be related to the project. I think similar suggestions in the past have met with responses indicating that business cards and letterhead would be somewhat low priority items to most developers. Then again, if you make something which is indeed superior in the views of the commiters and you make it available under an acceptable license, you might see it accepted into the project proper. One thing you almost will certainly not get is any kind of blanket pre-approval, regardless of assurances that whatever you end up producing will be great. That's the way open source works - if you make something good and make it available to others, fine, it will be put to the test. Then you have a starting point, something tangible to argue for. Until you get to that point, where you can say "I made this, and I'd like to contribute it to the project", not a lot is going to happen. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Using Exim with FBSD 5.3
"comm/JT" <[EMAIL PROTECTED]> writes: > Just a quick question, I was wondering if anyone had some documentation to > fully move from sendmail to exim on a 5.3 machine. I have tried this and > seemed to have failed, just wondering if I am using an old and outdated > document. In my experience, it should be pretty straightforward. There are a couple of things which are not done automagically by the port, IIRC - * adding the lines exim_enable="YES" sendmail_enable="NONE" to /etc/rc.conf * editing /etc/mail/mailer.conf to read something like sendmail /usr/local/sbin/exim send-mail /usr/local/sbin/exim mailq /usr/local/sbin/exim -bp newaliases/usr/bin/true hoststat/usr/local/sbin/sendmail purgestat /usr/local/sbin/sendmail * killing the sendmail daemon and starting exim (use /usr/local/etc/rc.d/exim.sh start to start exim) There may be a few other things you need to do, but the port tends to remind you of such things along the way. Running the install from a script(1) session is useful too, just in case useful messages scroll off the top of the screen too quickly. The port also supplies nice and straightforward instructions to add spam and virus filtering to the delivery process. Nice for those of us serving Microsoft desktops. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: What version
Dan Thomas <[EMAIL PROTECTED]> writes: > A friend gave me a laptop with a Pentium 100 and 24 megs of ram. It only > has a floppy drive. What version of FreeBSD do you recommend and would you > send me the link to download it. First, you should realize that this is seriously outdated hardware. Installing any kind of modern software on it will be a challenge. You did not tell us if the machine has a network adapter, but it is probably safe to assume it does not, unless you can get a PCMCIA card which FreeBSD recognizes. If you can get the machine to boot with a network adapter (ethernet), you should be able to do a basic network install. If that does not work, your only option is via floppies, and you really do not want to do that. The process is described in the README.TXT file on your friendly neighborhood FreeBSD mirror somewhere near the boot floppy images. Summing up, unless this is the kind of challenge you were longing for in the first place, I don't think it's worth the effort. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: NDIS and Dell (Broadcom) WLAN 1450 Dual Band card
Scott Bennett <[EMAIL PROTECTED]> writes: > I got no responses to my question about existence of a driver for the > wireless networking card mentioned in the Subject: line, so I guess I'll > try the NDIS route. If your kernel recognizes the device, it should show up in your dmesg. For NDIS help, try man ndis. It really is quite helpful > In the Windows XP file system, I find BCMWL5.SYS in > \WINDOWS\system32/DRIVERS, but I find bcmwl5.inf (note lower case name; not > found as upper case) in quite a few directories in the directory trees under > \DELL\drivers\R63259\TMSetup and \DELL\drivers\R81836. Which, if any, of > these is the correct file to use in creating an NDIS driver for > FreeBSD? Have you tried comparing the files (with diff or similar) to see if they are simply copies of each other? In the cases I've seen, the driver installer at least keeps copies of the .sys and the .inf file in a directory together. After installation in a Microsoft file system that may of course no longer be the case. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Need help *fast*
Chris <[EMAIL PROTECTED]> writes: > Good Lord! PCTools!!! Now yer talking! Even back when 95 came on like 30 > diskettes... or was that OS/2? I think at least some OS/2 releases came to more than 30 floppies. If you're genuinely interested, I can check a closet a few feet from my desk to verify. Also, Ted's points about the declining quality of manufacturing as the main problem with modern day floppies certainly ring true here. Though I never quite saw the point of 1.4M floppies over the 1.2M ones other than "they fit a shirt pocket, what an excellent reason to adopt new, incompatible hardware", we never saw problematic media failure rates back then. The awful media quality started after CDs became the default software distribution medium. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Recommended Mail Transfer Agent
Michael Madden <[EMAIL PROTECTED]> writes: > I'm looking to setup a mail server with FreeBSD 5.3 for a group of around > 100 users, and I was wondering which MTA I should use. I have noticed > sendmail is the default MTA, but I have no sendmail experience. Also I know > historically sendmail has had some serious security issues. Since nobody else so far has mentioned exim - that's what I use on my mail servers (FreeBSD and OpenBSD). On FreeBSD and elsewhere it's an easy install from ports, and it comes with a fairly human-readable configuration file which comes out of the default install fairly well commented. If you read and follow the port's onscreen directions, you'll end up with a fairly good spam+worm filtering setup for your mail as well. IME a low-maintainence, high-reliability option. > Furthermore, can someone recommend a decent POP3 and IMAP server? There are several good ones in ports. imap-uw is very easy to set up. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Help on Compaq Laptop Presario 3000 AMD Athlon 64 -Nvida-gforce3 chipset
Kangaroo <[EMAIL PROTECTED]> writes: > I need help on instaling freebsd 5.3 AMD64 on my lap top. > > When I boot from cd rom, The system boot up to menu screen > show 1...7 where 2 eg. boot with disable ACPI... > My system automatically shutdown when I press any key from > 1 or 7 or just press enter. I mean it SHUTDOWN my machine. There is a possibility that the machine contains various components which are not fully supported in FreeBSD/amd64. What happens if you try booting FreeBSD/i386 instead? I know this may not be the most satisfying suggestion, but if it's that or not getting the machine to boot at all, well, there it is. I'd venture a guess that whichever software came with the machine originally is not quite 64 bit clean either. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Native 5.3 port of OpenOffice?
Kris Kennaway <[EMAIL PROTECTED]> writes: > Yes, it's in the ports tree. I don't think we've ever included a > linux openoffice port - are you perhaps thinking of staroffice, for > which a freebsd binary is not produced by sun? There's been quite a few reports of people having trouble getting past the java tools install which is needed to build the port. Unless that challence is interesting in itself, it's probably more convenient to download and install a binary package from somewhere in the general direction of http://download.openoffice.org/1.1.4/index.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Native 5.3 port of OpenOffice?
Dave Horsfall <[EMAIL PROTECTED]> writes: > Maybe it's just me, but I can't actually see a package for 1.1.4 there. > unless those Japanese versions will work in Australia (and I don't read > JP)... OOPS. Looks like I did not look too closely. It certainly looks like they haven't gotten around to making FreeBSD 1.1.4 packages yet. Then again, I'm not sure what got fixed between 1.1.3 and 1.1.4. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Uptime?
Mark <[EMAIL PROTECTED]> writes: > now and again, recompile kernels etc. Does this mean these > sites are running thousand-day-old unpatched kernels, or is > there some black magic going on that I don't know about? OF COURSE there's black magic involved. It involves daemons, chickens and a few other items I could tell you about if %#^ NO CARRIER -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pf issues with anchor
FreeBSD MailingLists <[EMAIL PROTECTED]> writes: > when I start pf I get: > > Enabling pf. > /etc/pf.conf:4: anchor '(null)' invalid Just to eliminate the obvious - the file you want to pull in exists, is readable and contains what appears at first glance to be valid pf rules? Does including the anchor in the main pf.conf file produce different results? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: [repost] ip.forwarding with pf
"J.D. Bronson" <[EMAIL PROTECTED]> writes: > Can someone tell me which is appropriate when FreeBSD 5.4-PRE is used as a > router running pf with built in NAT ? fastforwarding may or may not be useful, but as far as I can tell, it's no replacement for the net.inet.ip.forwarding sysctl. By convention, you would normally use rc.conf settings, ie gateway_enable="YES" #for ipv4 ipv6_gateway_enable="YES" #for ipv6 to enable gatewaying. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IPFW or pf?
Andreas Davour <[EMAIL PROTECTED]> writes: > Can someone tell me if it's ok to just use IPFW on my STABLE system, or > is there some other knobs in the kernelconfig I should toggle to turn > off pf support? By default pf is compiled as a loadable module, which you load if you want to run pf, leave alone otherwise. Removing all traces of pf would likely take a bit of effort. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: IPFW or pf?
Andreas Davour <[EMAIL PROTECTED]> writes: > So, the base systems ships with two firewalls? Three, actually - ipfw, ipf and pf. There's a brief explanation why in the handbook at http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-apps.html I prefer pf myself, but which one to use is really down to personal preference. I'd recommend following the Handbook's advice and do a bit of reading and experimenting. I hope to get around to updating my pf tutorial soonish (see http://www.bgnett.no/~peter/pf/en/ if you're interested - or http://www.bgnett.no/~peter/pf/no/ if you prefer the Norwegian version) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
sym driver broken in 5.3?
hould be space for the data), but "excessive write errors" messages have been turning up in the syslog messages - as in Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): WRITE FILEMARKS. CDB: 10 0 0 0 2 0 Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): CAM Status: SCSI Status Error Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): SCSI Status: Check Condition Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): MEDIUM ERROR asc:3,2 Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): Excessive write errors Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): Retries Exhausted Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): failed to write terminating filemark(s) Mar 18 02:41:49 filehut kernel: (sa0:sym0:0:6:0): tape is now frozen- use an OFFLINE, REWIND or MTEOM command to clear this state. I was beginning to think I'd need to replace the tape drive, but the camq_init message made me think this could be a driver problem (the driver is afaik not supported in FreeBSD/amd64 at all, for example). The question is, what's the next reasonable debugging step here? (and I know you're dying to ask - we do rsync to an off-site location twice a day) - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes: > Does any body know, how can I use OpenBSD's pf (packet filter) for > determine total traffic volume on network interface? If it's > impossible, what facility you recommend me to do this? Various pfctl -s options (eg pfctl -s info) give you counters of bytes and packets passed or blocked. If you use labels in your pass rules, you'll get per label counters as well. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes: > block in log on $ext_ip inet from any to $ext_ip label $ext_ip > pass in on $ext_ip inet from any to $ext_ip port 22 keep sate > > As you can see, ssh packets match to all rule and pass in because > last rule win. Does it mean, that I can't see ssh's packet using > command > # pfctl -sl here you label the blocked packets but not the ones you pass, which means your ssh packets would count toward the packets passed counter only. > And if I use > > block in log on $ext_ip inet from any to $ext_ip label $ext_ip > pass in on $ext_ip inet from any to $ext_ip port 22 keep sate label > $ext_ip > > ... I see label twice ? No. But both rules would increment the $ext_ip counter, which means that your $ext_ip counter would be essentially packet totals. Last matching rule wins (with state instead of sate it would work), so each packet increments the relevant counters only once. > Perhaps you know where I can find workable example of this? Randal Schwartz has a nice article called "Monitoring Net Traffic with OpenBSD's Packet Filter" at http://www.samag.com/documents/s=9053/sam0403j/0403j.htm -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Installing FreeBSD on Windows/Linux Shared Enviroment
Intel69 <[EMAIL PROTECTED]> writes: > I was wondering, I am about to setup a computer I have to run Windows > XP, Ubuntu and FreeBSD. FreeBSD and all Linuxes I've ever encountered come with installers which acknowledge the fact that other operating systems exist and makes some effort at making things work. Most of the docs out there if I remember correctly assume a double-boot setup, but with a little bit of planning, you should be able to triple-boot fine. You will need to partition at least three slices, and install Windows before the others in order to avoid having the Windows installer wipe out stuff it does not understand. There are several howtos out there within search engine reach which will be helpful. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes:
> pass out on $ext_if proto tcp all modulate state flags S/SA
> pass out on $ext_if proto { udp, icmp } all keep state
>
> So, where could I put label to mark inbound traffic? This traffic
> goes into my machine because I use state table.
I'd say something along the lines of
allowed_out = "{ ssh, domain, http, https, etc... }"
pass out on $ext_if proto tcp $allowed_out label allowed-out keep state
you could differentiate among source addresses, for example by
specifying
client1 = "{ 192.68.n.1, 192.168.n.2 }"
client1 = "{ 192.68.n.3, 192.168.n.4 }"
client2_inports = { whatever they need }
pass out on $ext_if from $client1 to any proto tcp $allowed_out \
label client1 keep state
pass out on $ext_if from $client2 to any proto tcp $allowed_out \
label client2-out keep state
pass from any to $client2 $client2_inports label client2-in keep state
and so on. Hope this helps.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes: > Just a moment, does it mean that your last rule allow any > incoming connections from world to clients if thay matched by > client2_inports, ANY, not only connections opened by clients? That rule would let new connections from anywhere pass on the allowed ports to the clients. This might be useful mainly if your firewall is between the world and one or more servers, though. > Moreover, I read in documentation, that state table reads BEFORE > rules, and connections that opened by clients in first rule: > > pass out on $ext_if from $client1 to any proto tcp $allowed_out \ > label client2 keep state > > whill not marked by label client2-in because thay don't pass to > this rule. Am I right? In a word, yes. The 'keep state' in these examples, would AFAIK mean that the counters would keep track of all traffic for a connection, so traffic initiated from the inside would match the pass out rule's counters, while connections opened from the outside would count on the pass in rules. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes: > Unfortunely, this mean, that OpenBSD's pf can not measure > traffic, because we can not separate incoming and outgoing > traffic in bidirectional rule. Or we must not use keep state > feature. I think I understand what you mean - you do not want per connection statistics, you want packets passed by direction, regardless of which side initiated the traffic, subdivided by pass rule. At the moment I'm not sure how to put that into pf.conf rules, but you may want to go where the real pf experts hang out - pf@benzedrine.cx - and see if there's an angle we haven't thought of. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OpenBSD's pf and traffic
"Eugene M. Minkovskii" <[EMAIL PROTECTED]> writes: > pf@benzedrine.cx is it mail-list or private e-mail. Does I need > to register anywhere before mail to it? pf@benzedrine.cx is a mailing list, which I think allows posting by non-subscribers, but obviously you may want to sign up to make sure you get any replies sent to the list only. Anyway the mailing list's home page is at http://www.benzedrine.cx/mailinglist.html (Sorry for the delay - bgnett's mail servers apparently were a bit overwhelmed some worm or other, leaving useful traffic queued rather longer than I appreciate.) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mot de passe root
Anthony Atkielski <[EMAIL PROTECTED]> writes: > This discussion seems very strange, since I don't really understand how > anyone could effectively use FreeBSD (or any flavor of UNIX) without > understanding English in the first place. I've never heard of any > localized versions of UNIX (?). There's an amazing amount of material that has been localized into quite a number of languages. I believe Gnome and KDE are pretty much fully localized to most languages you can think of these days. I tend to run a Norwegian (Nynorsk or Bokmål, whatever I fancy that day) KDE desktop myself. An ordinary user would get along fine on a typical desktop system in their local language, IME. On the other hand your friendly sysadmin would likely be at a great disadvantage with little or no English. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mot de passe root
Anthony Atkielski <[EMAIL PROTECTED]> writes: > Localizing software destabilizes it; localized versions always contain > more bugs (often very hard-to-find bugs) than original versions. I fail to see how switching from one set of message strings files in a correctly written application would destabilize it. > Localized versions are a constant source of trouble. Even Windows, > which makes special provisions for localization, is still far more > bug-prone in non-English versions, and I always try to install > U.S.-English versions if I can get them. Oh, you're talking about Windows. Yes, there's been a lot of localization related trouble there. But then we're relatively safe from the secret brainfarts of Microsoft developers here. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: mot de passe root
Anthony Atkielski <[EMAIL PROTECTED]> writes: > I was thinking of UNIX itself, not X servers or related products. Take a peek in /usr/share/locale and /usr/local/share/locale next time you're at a FreeBSD or Linux system. > I doubt that even Apple has bothered to localize any of the UNIX > software for OS X. You haven't checked, then. Unless the company's been taken over by the beancounters again, I'd imagine localized messages are at least available for roughly the same languates available for the GUI parts. The thing is, as long as you stay away from command line options and scripting/programming language keywords (yes, I have more than 15 years' experience in the localization industry, I've seen quite a bit of such foolishness) and the software is sanely written, messages are fairly straightforward and risk-free to translate. . -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem with PF
Pat Maddox <[EMAIL PROTECTED]> writes: > I'm trying to set up PF on a server, and when I run pfctl -nf > /etc/pf.conf, I get the following error: > pfctl: ifa_load: pfi_get_ifaces: Bad file descriptor More info is required. Which FreeBSD and PF versions (not all permutations of pf and FreeBSD will work, see the handbook), pf relevant rc.conf lines, your pf.conf, ifconfig output > Google doesn't come up with anything, I've got no clue what that is. Any > help? Check your ruleset for obvious errors, such as trying to address a non-existent interface. Then again, this is guesswork based on very little information. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Problem with PF
Pat Maddox <[EMAIL PROTECTED]> writes: > FreeBSD 5.3-RELEASE-p5. I'm not sure how to check the pf version. One possible source of trouble is running pf from ports on 5.3-release or newer. That could happen if you were running, say, 5.2.something with the port, upgraded your system to 5.3 but left the port in place. > I just started getting this error a couple days ago, and I've got > absolutely no clue why. I don't recall making any significant changes > to the box. That probably takes care of the incompatible port theory, then. Strange. The error message looks like the network interface has not been properly configured. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: .iso
bertybadboy <[EMAIL PROTECTED]> writes: > Which .iso files do i download and burn onto a cd? I think this is a FAQ more or less, but anyway - for a 'normal' install, with base system and a reasonable helping of the most popular packages, what you need is a -disc1.iso (which comes in two flavors in 4.11 - kde and gnome respectively - and I think tihs will also be the case for 5.n releases from 5.4 onwards). disc2 is traditionally the live filesystem, while miniinst is for a minimal install. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Partition Size
Danny <[EMAIL PROTECTED]> writes: > On Mon, 24 Jan 2005 21:03:17 -0500, Peterhin <[EMAIL PROTECTED]> wrote: > > I am going by what G. Lehey is suggesting in his book "The Complete > > FreeBSD" on pg. 70 he does not recommend a /usr, or a /var file system. > [...] > > What does he recommend then? Now that I have the chance to make you go and buy the book, maybe I should Actually Greg Lehey offers a well reasoned discussion of the pros and cons of various partitionings, arguing among other things that given the typical sizes of modern hard disks, partitions of even a few percent of a normal disk size is quite roomy compared to the requirements of a complete FreeBSD binaries+source+ports+your choice of packages installation. Consider also that in a home or personal system such as a laptop, your logs or other /var material isn't likely to grow unmanageably, and when it comes to swap, you need some, but swap much larger than system memory is not useful for crash dumps and if you swap that much, there are other problems. For a home or personal system, you really only need /, swap and /home. So with this advice in mind, consider my reasonably modern laptop, which came with a gigabyte of RAM and a hard disk advertised as 80GB but actually per dmesg ad0: 76319MB [155061/16/63] at ata0-master UDMA33 After gazing into thin air until my wife positively started blushing, I ended up partitioning like this: /dev/ads1a / 12GB /dev/ads1b swap 2GB /dev/ads1d /home "the rest" - 59GB according to df -h. 12GB for / is vastly more than you're likely to need. With base system, full 5.3 source and ports tree and my 452 most needed packages installed, my / has 6.6GB used (that is 62%). Again, this is for a home or personal system. If you are setting up a large server of some kind or other which will be running a lot of processes, the equations will turn out differently, and things like separate /tmp and /var partitions (or even disks) may start to make sense. The only real guide is experience from your typical use, or for that matter, from people who run rougly the same things you do. If you need a different configuration for what you want to do, symptoms will show up soon enough. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Banning ips for some time?
Christian Tischler <[EMAIL PROTECTED]> writes: > as I have an DSL line witch is 24/7 online (coming from an big and > popular provider) my servers sshd reports 30 to 50 failed > root/operator/etc. logins a day. I would like to block the incoming ip > for a few days automaticly after e.g failed login requests. As others have said, this is probably more of a nuisance issue than a security issue. Anyway, this was discussed recently on undeadly.org (aka OpenBSD Journal). The discussion, which offers some interesting input (some of it OpenBSD specific or at least requiring pf), is available at http://undeadly.org/cgi?action=article&sid=20041231195454 Then again, at least in some cases, the people listed in the whois info for the offending IP appreciate a politely worded notification. Quite likely they do not want this kind of activity either. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: DNS
"Zaid Dashti" <[EMAIL PROTECTED]> writes: > i bought a domain, and i'm trying to host it using my machine in my home > (just for learning how to host and DNS) First thing to check for: has the domain been properly delegated to you? What kind of response do you get from say, $ dig domaininquestion.tld ns or dig domaininquestion.tld any Is the machine you are setting up among the ns records listed by dig? > but i got a problem, when i use nslookup then i change the server to my DNS > machine IP local network (by using another computer in the local network), > it works fine, but when i use the IP of my internet account, i got time-out > why? how to solve it ? If your machine is supposed to be the master, you should check that it is set up to answer authoratively for your domain to at least the authorative slaves and preferably to the world. Check that any firewalling of port 53 udp *and* tcp is turned off while you're at it. These are at least some of the more common errors. Good luck with the debugging! -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: OT: Funny disclaimers (Was: Re: ssh root@localhost)
Erik Norgaard <[EMAIL PROTECTED]> writes: > What makes me wonder is that these messages are always at the end, when > you have read the secret message. If anything it will only make me alert > that this could be secret, and if I am evil, ofcourse I would not delete > the mail. It just struck me - the message layout was invented by a top poster. Deep down, they know that they need to start at the bottom in order to make sense of the babble on top. Next up, we'll see them hyping this as a patentable business method. After all, I've seen credible evidence that MSexchange (IIRC) litters messages with X-ThreadIndex and X-ThreadSubject headers, apparently attempting to reinvent References: and other usenet features. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Book Recomendations
Nick Pavlica <[EMAIL PROTECTED]> writes: > I'm looking at deploying FreeBSD on my servers and would like your > book recommendations. We will probably be using 4.11 or 5.3 or > on > our servers. The Handbook is very valuable and available either from your local file system or from your friendly neighborhood FreeBSD mirror. Greg Lehey's "The Complete FreeBSD" was updated to its fourth edition in time to cover most of what is new and exciting in the 5.n series, and contains a lot of useful, non-version specific FreeBSD and Unix info. CFBS is an O'Reilly title now, available direct or via good book stores (online or otherwise). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: I can't boot from the CD...
Glen Stewart <[EMAIL PROTECTED]> writes: > I downloaded FreeBSD from your site (I downloaded it to my MAC) > The PC that I will put it on is a new Compaq Presairo - with a AMD > Semptron 3000+ Chip. > The ISO that I downloaded onto the MAC was dragged and drppped - then > Burned on a CD. > I did not "prep the file or convert it" in any way. One rather common mistake is to put the ISO file on a CD as a file rather than burning the image (which is in fact a binary copy of a CD file system) to the disk. Most, if not all, CD writer programs have a "burn image" option or similar. If you burned the ISO correctly, your Mac should see a number of files and folders on the CD. If all you see is one rather large file, the CD will not be usable. > I switched the boot order to CD - and I still cannot get the Free BSD > Disk to boot... > What do I need to do? What messages, if any, do you get? The help you get here generally improves with the precision in reporting such things as error messages. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ipfilter2ipchains script?
Luciano Musacchio <[EMAIL PROTECTED]> writes: > if not, whats the better solution for a newbie bsd admin to do > firewalls on linux? (long term plan is bsd-migration of course :) The best option is to migrate your firewall to a BSD and use PF. See the PF faq at http://www.openbsd.org/faq/pf/ for some info on getting started. In the meantime, if short term migration is not an option, you might want to look at something like Firewall Builder(http://www.fwbuilder.org) which I believe is able to generate configurations for PF, IPFW, IPFilter and iptables from a common XML source. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why in the world you should have a vote: was RE: Please don't change Beastie to another crap logo suchas NetBSD!!!
Anthony Atkielski <[EMAIL PROTECTED]> writes: > Why are people asserting their own copyrights in the code? Because they wrote the software in question, perhaps? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Why in the world you should have a vote: was RE: Please don't change Beastie to another crap logo suchas NetBSD!!!
Anthony Atkielski <[EMAIL PROTECTED]> writes: > > Because they wrote the software in question, perhaps? > > So? If it's truly open source, the copyrights should be assigned. copyright assignment isn't entirely doable in all jurisdictions, and beside the point. > All it takes is one copyright holder who withdraws a license and an > entire package can become unusable. i assume you have been told about the 'published under a license' phenomenon. To me it sounds like you need to read up on a few things. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ISO Error
"JJB" <[EMAIL PROTECTED]> writes: > ISO files to cdrom. I used Nero from www.nero.com. The downloaded > demo's from these sites work just fine to do what you have to do to > create your FBSD mini install cdrom. Uninstall them, but keep the > downloaded install zip files for them and next time you need to > retrieve an FBSD .iso file, just reinstall to get a new 30 day demo. I may be terribly dense, but the next time you need to get a freebsd iso, you would use freebsd tools, no? - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ral(4) not working on 6.0
robert wilson <[EMAIL PROTECTED]> writes: > i installed 6.0 on my laptop and everything seems to work great except > for the wireless adapter... > when i do "ifconfig ral0" it says "status: no carrier"... assuming you have a wireless access point within range, configuring wireless interfaces usually takes a few more parameters such as channel, network name and so forth. in a network I visit frequently, it takes two ifconfig commands (my ath0 would be ral0 in your case): # ifconfig ath0 media autoselect nwid kakemonster nwkey 0x1deadbeef5 after up to a couple of seconds of blinkenlights 'ifconfig ath0' showa "status: associated", and finally # dhclient ath0 should get you an IP address, again assuming a DHCP server is within reach. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: The book of pf...
Modulok writes: > This book comes in two editions. The first was published in December > 2007, the second, November, 2010. Does anyone have this? And if so > would I be correct to get the first edition instead? I know FreeBSD's > pf lags being openBSD's, so I'm not sure which version of the book to > get, if either are applicable to the version of pf that FreeBSD runs? > (FreeBSD 8.1) I started updating the text for the 2nd edition due to the changes introduced in OpenBSD 4.7, (aka "Henning's monster diff") plus a few other goodies such as pflow(4) that had turned up since the first edition's late 2007 release, but I took some care to keep samples in the older syntax where it's relevant. That means that for the FreeBSD parts, the second edition is up to date per roughly early October 2010 (FreeBSD 8.1-stable), with a not that for FreeBSD, we assume the 8 series. If you're running an older release (ie a close descendant of whatever was -stable in late 2007), the first edition is likely better suited. For other differences between the two, you could probably get an idea by comparing the TOCs from the two editions' web pages (at http://nostarch.com/pf.htm and http://nostarch.com/pf2.htm respectively). The second edition turned into a more thorough rewrite than I'd originally planned with some bits moving around. But if in doubt, why not get both? ;) But yes, for FreeBSD 8.1, you'll be happier with the second edition. FreeBSD's PF syntax is old-style, but some other relevant network config details changed between 2007 and 2010, and the second edition reflects this. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: ipfw and temporary port access
Noah <[EMAIL PROTECTED]> writes: > Any clues if a system like this is a already coded and out there somewhere? Apart from the ipfw reqirement, you have just described authpf, see eg http://www.freebsd.org/cgi/man.cgi?query=authpf&apropos=0&sektion=0&manpath=FreeBSD+6.1-RELEASE&format=html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: sshd brute force attempts?
"Dan Mahoney, System Admin" <[EMAIL PROTECTED]> writes: > I've found a few things based on openBSD's pf, but that doesn't seem to be > the default in BSD either. Recent BSDs (all of them, FreeBSD 5.n/6.n included) have PF in the base system. 'overload' rules are fairly easy to set up, eg table persist #Then somewhere fairly early in your rule set you set up to block from the bruteforcers block quick from #And finally, your pass rule. pass inet proto tcp from any to $localnet port $tcp_services \ flags S/SA keep state \ (max-src-conn 100, max-src-conn-rate 15/5, \ overload flush global) for more detailed discussion see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: ipfw and temporary port access
Noah <[EMAIL PROTECTED]> writes: > authpf needs ssh access which is not something we have universally > open - is there a way to integrate authpf without granting ssh > access? Out of the box, no. Then again, you only need ssh in to the authenticating gateway. It's up to you to decide which OpenSSH supported authentication methods you require before loading the rules which actually let traffic through. Cheers, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Limit p2p with pf n altq
> also how to limit some ip not port with pf .
you set up your queues, then assign traffic to them via your pass
rules. Your pass rules can use whichever criteria you like, ie
altq on $ext_if cbq bandwidth 10Mb queue { def, mostofmybandwidth, notalot }
queue def bandwidth 20% cbq(default borrow red)
queue mostofmybandwidth 77% cbq(default borrow red) { most_lowdelay,
most_bulk }
queue most_lowdelay priority 7
queue most_bulk priority 7
queue notalot 3% cbq
[...]
block all
pass from $localnet to any port $allowedports keep state queue
mostofmybandwidth
pass from $iptostarve to any port $allowedports keep state queue notalot
- you get the idea.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pfspamd greylisting stuttering at everything
> I'm set up just like the man page, but every incoming connection is
> being stuttered at. This plays havoc with incoming legit mail, of
> course, and I've been forced to fall back on older antispam tools.
Are you sure you are actually seeing stuttering, not just the
greylisting database getting (slowly) initialized?
You should expect a 'silent period' while the machines which are
trying to send you mail prove their good intentions to your
greylister. The point of greylisting, after all, is to force
correspondents to retry 'within a reasonable time'. The lower
threshold for 'reasonable' is set with the first of the -G arguments
to spamd. The other factor is how long the correspondent takes to
actually retry, which depends on a number of other factors you really
can't influence much, such as the size of that server's outgoing
queue.
I would give the initial database buildup a few hours at least. If
you're impatient and you have a few addresses which you consider
'known good', you could whitelist them using
# spamdb -a nnn.nnn.nnn.nnn
see spamdb(8) for details. I suppose that man page could do with a
bit more text.
PS My favorite quote about spamd and greylisting at the moment is this
recent message to openbsd-misc:
http://marc.theaimsgroup.com/?l=openbsd-misc&m=116136841831550&w=2
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pfspamd greylisting stuttering at everything
"Michael W. Lucas" <[EMAIL PROTECTED]> writes: > Before starting pfspamd today, I checked my spamdb. spamdb listed 12 > entries. After 3 hours, spamdb listed the same 12 entries. spamdb not getting updated like that sounds *wrong*. It almost sounds like spamdb isn't actually getting called (or perhaps core dumps at startup) or possibly a file permissions problem is preventing it from updating, ie does the _spamd user have write permission to /var/db/spamdb? What you are seeing is really, really strange at any rate. > My spamd logs to /var/log/spam, which has many interesting entries in it: > > Oct 26 11:18:31 bewilderbeast spamd[731]: (GREY) 216.136.204.119: <[EMAIL > PROTECTED]> -> <[EMAIL PROTECTED]> > Oct 26 11:18:40 bewilderbeast spamd[731]: 204.127.192.84: connected (12/1) > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: From: Leila Wood > <[EMAIL PROTECTED]> > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: To: [EMAIL PROTECTED] > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Subject: caustic > assent > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: This is a > multi-part message in MIME format. > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: > --060605040706020008040508 > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: Content-Type: > text/html; charset=ISO-8859-1 > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: > Content-Transfer-Encoding: 7bit > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: > Oct 26 11:18:47 bewilderbeast spamd[731]: 89.110.7.178: Body: content="text/html;charset=ISO-8859-1" http-equiv="Content-Type"> > Oct 26 11:19:13 bewilderbeast spamd[731]: 204.152.190.11: disconnected after > 390 seconds. > Oct 26 11:19:15 bewilderbeast spamd[731]: 12.130.136.42: disconnected after > 390 seconds. > Oct 26 11:19:34 bewilderbeast spamd[731]: 89.110.7.178: disconnected after > 390 seconds. > Oct 26 11:19:48 bewilderbeast spamd[731]: 200.52.66.237: connected (10/1) This sequence looks pretty normal to me. Here, you should have found a 'GREY' entry for 216.136.204.199 in your spamd database immediately afterwards. If you find out why that isn't happening, you've solved the problem, I think. > I'm running spamd as below: > > pfspamd_flags="-v -G7:4:864 -r451" Not related to the main problem, but I think you could probably get away with a 2 or even 1 minute passtime without ill effects. > All of spamd could use some documentation, but that'll happen. ;-) Well, fwiw it's one of the things I will be writing about in the near future. Good luck, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Wlan Firewall / Reefedge Dolphin equivalent
"Ian Lord" <[EMAIL PROTECTED]> writes: > It's an all in one solution that authorize wlan lan users before allowing > them access. It also filter traffic based on their username. you could roll your own without too much trouble using pf and authpf. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Making a PF Rule that i can process with a graphing application
David Schulz <[EMAIL PROTECTED]> writes: > process with zabbix agent. The problem is, i dont use ipfw, but pf, > and i dont know how a rule like that could look like using pf. Maybe pfstat (/usr/ports/sysutils/pfstat) is worth looking into? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Blocking SSH Brute-Force Attacks: What Am I Doing Wrong?
Erik Norgaard <[EMAIL PROTECTED]> writes: > Honestly, I wouldn't worry about it: review your config and make some > simple choices to reduce the noise, see this article: One other noise reduction method which is really easy to implement is to use pf and write arule set which to uses the overload feature, see eg http://home.nuug.no/~peter/pf/en/bruteforce.html (part of my EuroBSDCon and other places tutorial). See http://home.nuug.no/~peter/pf/ for a choice of formats and languages. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: spammers harvesting emaill address from this list
"fbsd2" <[EMAIL PROTECTED]> writes: > It only takes 2-3 weeks after changing my email address I use on the list > before I start receiving spam on the new email address. Spammers have their robots harvest addresses from a number of sources, including but not limited to web pages of all kinds and any and all files accessible from malware infected hosts. > Other non-fbsd lists I belong to remove the posters email address > before the post gets sent to the list members. Why can't this list > do the same thing Seriously, I can see some logic in removing or obfuscating email addresses in web accessible list archives, but making it hard to impossible for other list subscribers to followup to poster would make the freebsd mailing lists a lot less useful. Making spammers fun to watch: Publish your list of known bad spamtrap addresses, watch them use their harvested garbage to trigger their own descent into the spamd tarpit. Details via selected posts in my blog (the blogspot.com ref in the signature). Cheers, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: spammers harvesting emaill address from this list
Gary Kline <[EMAIL PROTECTED]> writes: > If your user login is "smith", you could have all mailing > list mail sent to "smitty" and keep an open mutt or other reader > a click away. Spam could be easily flagged ... . Yes, there are several things you could filter on. However the traplist activities are really about identifying spam sending hosts. If a machine we have not exchanged mail with in recent times tries to deliver mail to something bizarre like <[EMAIL PROTECTED]> (which looks like it was actually based on a GNUS message-ID), the message is either spam or in some very rare cases a bounce message triggered by an attempt to deliver spam. > I'm bcc'ing this to my account with evolution to check out your > blog info. I've run into problems with spamd and other suites. I would be interested in hearing what the problems were. It's worth noting that spamd from OpenBSD 4.1 onwards differs in several important ways from earlier versions. And also, it's important not to confuse this spamd with the program with the same name out of spamassassin. Cheers, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: spammers harvesting emaill address from this list
Gary Kline <[EMAIL PROTECTED]> writes: > Is there any spamd documentation that follows a cookbook model? > Do A, B, C, and you're done! I've found that a couple examples > are worth ten thousand words. Well, there's the spamd parts of my PF tutorial[1], and I believe Dan Langille wrote up something for the FreeBSD diary earlier this year - yes, its at [2]. One thing about the blacklisted IP addresses file I generate every hour - spam sending machines don't necessarily stay that way for very long (they get reinstalled, dumped in the river etc) so it's really only useful if your own blacklist gets updated and pruned regularly too. - P [1] http://home.nuug.no/~peter/pf/ (several formats), spamd parts start at http://home.nuug.no/~peter/pf/en/spamd.html [2] http://www.freebsddiary.org/pf.php -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.datadok.no/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Onpening and Closing ports
Dave Carrera <[EMAIL PROTECTED]> writes: > Had a little nasty person trying to break my sshd on port 22. You can head them off rather easily with a short PF rule set, see eg http://home.nuug.no/~peter/pf/en/bruteforce.html. They can actually be fun to watch :) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: advice on anti-spam tools
Angelin Lalev <[EMAIL PROTECTED]> writes:
> My e-mail server is running the latest spamassassin with all of the
> black= list enabled and etc. but I still receive over 20 spam
> messages a day ("image" spam mostly).
how about greylisting? putting something like a greylisting pf/spamd
in front of your mail server kills an awful lot of spam. keep
spamassassin in there by all means, but after you start greylisting
you most likely will see the load on the machine drop considerably.
it's fairly easy to implement too.
--
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/
"First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Spam prevention
"Ian Lord" <[EMAIL PROTECTED]> writes: > To fight spam, is spamassassin the best choice or should I look into > something else ? Spamassassin works. If you have Microsoft machines in your setup, you probably want clamav (antivirus) or similar as well. And finally, do look into running some sort of greylisting (possibly supplemented with a tarpit for known bad senders). The greylisting/tarpitting part is really easy to do with PF, see eg http://home.nuug.no/~peter/pf/en/spamd.html (part of my packet filtering for fun and profit tutorial) -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: sshd break-in attempt
Nathan Vidican <[EMAIL PROTECTED]> writes: > of attempts). Anyhow, long story short; is there not an easy way to > make sshd block or deny hosts temporarily if X number of invalid > login attempts are made within a minute's time? if you use pf, it's fairly straightforward with an overload rule, see eg http://home.nuug.no/~peter/pf/en/bruteforce.html Cheers, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" Dec 22 02:13:59 delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Please Help! How to STOP them...
Jay Chandler <[EMAIL PROTECTED]> writes: > Please, please, PLEASE RTFM. If that's too much to ask, try taking a > class, hiring a consultant, or using a more user-friendly OS. FreeBSD *is* user friendly. The simple (and fun to watch!) solution involves using PF (not sure if this can be easily done with the other firewalls FreeBSD has on tap) with 'overload' rules, ie http://home.nuug.no/~peter/pf/en/bruteforce.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: let somebody watch my actions over the network
kbtrace <[EMAIL PROTECTED]> writes: > Maybe watch(8) will help you, and lastcomm(1) is also helpful. alternatively, start script(1) and make sure the other user can read the file, using tail -f or somesuch. That's also a quite convenient way to create a record of just what happened so you can see where things went wrong if they do. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Mystery Spam Piling Up in Mqueue
"Jason C. Wells" <[EMAIL PROTECTED]> writes: > I have a bunch of mail piling up in /var/spool/mqueue. It appears to be > all spam and it appears to be generated on the localhost. I am not > sending it. Like Jeff said, this looks very much like bounces generated by spam which was sent with a forged, undeliverable sender address (big surprise, huh?). Pileups like these will happen every once in a while, and there's really not too much you can do apart from putting some effort into making sure your systems stay clean. With a bit of care it is possible to remove messages from your delivery queue, but unless disk space is really tight or the messages are just too d**n annoying, you can just leave them there to automagically go away after a few days. As for "giving spammers a hard time", you could for entertainment (and possibly some information value) try putting that exact string into your favorite search engine. Cheers, -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: thwarting repeated login attempts
Peter Matulis <[EMAIL PROTECTED]> writes: > You can run OpenBSD's pf in combination with authpf. This mechanism > will alter firewall rules based on successful SSH logins. authpf is great, but even overload rules can go a long way towards eliminating the original poster's problem, see eg the suggestions in my tutorial at http://home.nuug.no/~peter/pf/en/bruteforce.html (http://home.nuug.no/~peter/pf/ for the full manuscript in a variety of formats). -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Packet rate limiter
Jan Sebosik <[EMAIL PROTECTED]> writes: > is there any way how to limit packet per second [PPS] rate to specified > IP (group of IP) ? The closest I can think of off the top of my head is defining a PF rule set with queues (ALTQ), however you will be specifying bandwidth, that is in bits per second (or k,M,G multiples of) of percentage of available bandwidth, not number of packets. Your groups of source addresses could be maintained as tables for easy manipulation. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Illegal access attempt - FreeBSD 5.4 Release - please advise
"Chris St Denis" <[EMAIL PROTECTED]> writes: > How can I easily auto deny after x failed attempts? Is this an sshd setting? > I could find it. > > Is there something in ports that will firewall off somebody who is brute > forcing? With PF, it's fairly easy to set up with max-src-conn, max-src-conn-rate overload in your pass rule. See pf.conf(5) for details. There's probably some magic around to make this doable with other firewalls as well. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PF default to deny
Matt Juszczak <[EMAIL PROTECTED]> writes: > 2) Is there a way to set pf to default to deny? "block all" as your first filtering rule, followed by explicit pass rules for the stuff you want to pass. I thought most of the howtoish docs out there recommended that approach, but here at least is one that does - http://www.bgnett.no/~peter/pf/ -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: For administrators setting-up pf
Carstea Catalin <[EMAIL PROTECTED]> writes: > i want to setting up my firewall pf with some rules to do 2 conditions: > Deny all except: > 2. permit only for 3 users access to pop3 ( ex.: nat only for 3 users > and only for pop3) For this, you might want to look into authpf. it lets you set up per user rules which might be what you are looking for. > 3. redirect all port to 8080 for all users. I use proxy for cache and > log traffic. You can redirect to eg squid or another proxy. All ports sounds a bit ambitious - Daniel Hartmeier has a nice writeup on how to set up a transparent squid at http://www.benzedrine.cx/transquid.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How do I prevent unauthorized ssh login attempts?
" Andreas Wider?e Andersen " <[EMAIL PROTECTED]> writes: > How can I stop these attempts or block them - or even recognize them? I do > not have IPF installed. There are several packages which could help, the one I prefer is a simple pf rule set which tracks the number of connection attempts per time unit and puts the too-chatty ones in a doghouse list of addresses. One way to do it is described at http://home.nuug.no/~peter/pf/en/bruteforce.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: How to do Spam Control in FreeBSD
"dhaneshk k" <[EMAIL PROTECTED]> writes: > I have a freebsd-6.0 server with postfix and mailman running on > this machine , but I havn't configured spamassasin ,amavisd etc in > this box. so I am suffering from spams daily .. Spamassassin is available as a port, as are a number of other useful bits such as amavisd, clamav and numerous others. The Postfix web at <http://www.postfix.org> has an extensive documentation collection (see eg the "UCE/Virus" part of <http://www.postfix.org/docs.html>) to get you started. Once you have the content filtering up, you may want to look into easing the load a bit by introducing greylisting via PF (packet filter) plugin spamd, which can just as easily run on a separate machine such as your gateway. There are a few in-MTA options too, of course. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: FreeBSD vs Linux
koen de wijs <[EMAIL PROTECTED]> writes: > I want to try out Linux. I heard it is more user friendly and the basic > stuff will be set up during installation. The definition of "user friendly" is hardly set in stone. I for one do not equate Microsoft style demoability with user frienliness, at least for this user. I strongly suspect that in most cases, "user friendly" is really just another way of saying "just like what I'm used to". Quite a few, if not all, the major packaged Linuxes out there come with installers which will in all but a few weird cases figure out what your graphics hardware and mouse are and give you some sort of workable mode for both. That apparently makes the experience a lot less scary for a large chunk of those-who-install-Linux-for-the-first-time. Some of the packages even try to grab a network setup for you via DHCP. FreeBSD sysinstall on the other hand, will let you configure X if you choose during the install, and will configure your network the way you choose. > I really don't like the sysinstall menu. It is really unlogically. Why > isn't there a desktop and a server installation? This reminds me of somebody who turned up quite frustrated on the BLUG mailing list a while back complaining essentially that choosing the "server" option during NamedAfterComicstripMagician install gave him a Samba and web server, not the firewall with some extras he had in mind. Essentially there are too many definitions of "desktop" and "server" out there to make any real sense. The FreeBSD installer and related tools let you pick exactly the stuff you need, not some stranger's idea of what would be nice for you to prune back and swear at later. > Could anyone give me a good site that describes the differences between > FreeBSD and Linux? Google is your friend (or perhaps not in this particular case). I enjoy reading Daemon News (http://daemonnews.org) for a variety of reasons, and I vaguely remember some sensible articles on this very topic there. That URL also takes you within clicking distance of a good number of useful BSD sites. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PF: Blocks my workstation on boot
"Fafa Diliha Romanova" <[EMAIL PROTECTED]> writes: > I have to write this command on my server after every reboot to allow > my workstation to access the Internet through it: Ok, so the server here is the gateway. > # pfctl -F a ; pfctl -Nf /etc/pf.conf ; pfctl -sr and you essentially turn off everything except the NAT rules. I think the problem is that your rule set does not have any rules that let packets from your local net (I assume $int_if:network) pass IN via the firewall's lan-facing network interface. I think a rule like pass in on $int_if from $int_if:network to any port $allowedports keep state or even pass from $int_if:network to any port $allowedports keep state (if you can do without the extra per interface housekeeping) would make things a bit easier. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PF problem!!!
"Fafa Diliha Romanova" <[EMAIL PROTECTED]> writes: > My question is: Why do I have to type this after everytime I've rebooted > to make my NAT gateway server allow Internet access to my workstation? Your rule set does not contain any rules which let packets pass *in* on your internal interface. Remember, pf.conf is seen from the firewall's perspective. traffic passes IN from elsewhere on either interface to the firewall, OUT to elsewhere on either interface. You have rules which let traffic pass in to the firewall on the external interface and out from the firewall on the external interface, but none which let traffic in on the internal interface. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HELP ME WITH PF! (5th plea)
> 2) i also need to type some three stupid commands after every > reboot for my nat to work. i have to type: > > pfctl -F a ; pfctl -Nf /etc/pf.conf ; pfctl -sr Fafa, it would help a lot if you read the suggestions offered in the followups to your earlier messages and reported back if trying what people suggested made any difference. If you're not subscribed to the list, you could try searching the list archives (or google on the message subjects). AFAICT the solution lies in a simple modification of your rule set which is actually pretty obvious. > 3) how does this ftp-proxy work if i want to disable inetd, and > switch ftpd with pure-ftpd? You could try running ftpsesame or pftpx instead. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: HELP ME WITH PF! (5th plea)
Chris <[EMAIL PROTECTED]> writes: >> You could try running ftpsesame or pftpx instead. > > Why not simply use sftp? That would be a bit smarter in quite a few cases, certainly. I'm no fan of ftp myself, but there are circumstances where you need to accomodate users' perceived needs. That's where little bits of ftp through NAT and/or firewalls magic comes in very handy. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: where is 5.4 miniinst.iso file
"fbsd_user" <[EMAIL PROTECTED]> writes: > hay I see that 5.4 stable release has finally made it to the FreeBSD FTP > mirror sites. > But the miniinst.iso file is missing. What gives here? FreeBSD 5.4 hasn't actually been released yet (the announcement has not been sent out as far as I can see), so you should not be surprised that one or more iso files have not appeared where you expect them yet. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Big delay between login as: and Password:
"Fafa Hafiz Krantz" <[EMAIL PROTECTED]> writes: > I'm experiencing a rather unusual delay in between login as: > and Password: when I SSH in via PuTTY -- it lasts for about 1 > minute, maybe a bit more. How can this be? Sounds like your name resolution isn't quite what it should be. Delays like these are common when either your reverse lookup isn't correct or the name servers your domain/IP range are unavailable or slow in answering. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: 5.3: cant install openoffice 1.1 from ports
Simon Burke <[EMAIL PROTECTED]> writes: > Does anyone know if it is broken? or how i can get an openoffice > release installed, as 1.0 is apparentlyu broken according to ports and > 1.1 wont compile sucessfully. it should compile cleanly if you've set up the required java magic first. At least that seems to be what trips up most people who try to build openoffice from ports. Fortunately precompiled recent packages are available from http://oootranslation.services.openoffice.org/pub/OpenOffice.org/ooomisc/FreeBSD/ - in several language versions, too (i grabbed the _nb version which looks to be quite functional so far). There's a bit more info available at http://porting.openoffice.org/freebsd/ too. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Windows-based RFC868 Time
"Madhvi Gokool" <[EMAIL PROTECTED]> writes: > I am trying to replace a Windows server with a FreeBSD one . > Does anyone know the equivalent UNIX package for a Windows-based RFC868 Time > Protocol server. googling on FreeBSD rfc868 yields http://unix.derkeiler.com/Mailing-Lists/FreeBSD/questions/2003-11/1534.html which seems to do what you ask. Also, ntpd(8) might be of interest. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
correct permissions for firefox extensions files?
a few days ago i got myself a new laptop ( snoopy dance! ). After installing FreeBSD 5.3, I restored my home directory from a tar archive. Now, after a couple of days I notice that for some odd reason, none of the bookmarks I've saved in Firefox (firefox-1.0_3,1) have actually been saved in such a way that they become available in the next session. I've usually started the browser from the KDE menu, which apparently hides some bits of useful information. Starting Firefox from a shell yields this message: [EMAIL PROTECTED]:~$ firefox & [2] 1144 [1] Donefirefox [EMAIL PROTECTED]:~$ Plugger: Unable to find pluggerrc file! Extension System Warning: Failed to set up default extensions files probably because you do not have write privileges to this location. While you can run Firefox like this, it is recommended that you run it at least once with privileges that allow it to generate these initial files to improve start performance. Running from a disk image on MacOS X is not recommended. - Then trying to investigate what permissions these might be, I get: [EMAIL PROTECTED]:~$ ls -l .firefox/ total 6 -rw-r--r-- 1 peter peter 1043 Sep 22 19:57 appreg drwx--S--- 3 peter peter 512 Sep 6 21:08 default -rw--- 1 peter peter 544 Sep 6 21:54 pluginreg.dat [EMAIL PROTECTED]:~$ ls -l .firefox/appreg -rw-r--r-- 1 peter peter 1043 Sep 22 19:57 .firefox/appreg [EMAIL PROTECTED]:~$ ls -l .firefox/default/ total 2 drwx--S--- 6 peter peter 1024 Dec 7 22:00 hiet5pa3.slt [EMAIL PROTECTED]:~$ ls -l .firefox/default/hiet5pa3.slt/ total 1762 drwxr-xr-x 2 peter peter 512 Dec 7 21:50 Cache drwxr-sr-x 2 peter peter 512 Dec 7 21:35 Cache.Trash -rw-r--r-- 1 peter peter 1069528 Dec 7 21:25 XUL.mfasl -rw--- 1 peter peter12435 Dec 1 12:15 bookmarks.bak -rw--- 1 peter peter12435 Dec 3 13:01 bookmarks.html -rw--- 1 peter peter65536 Dec 7 21:58 cert8.db drwxr-sr-x 2 peter peter 512 Sep 22 20:23 chrome -rw-r--r-- 1 peter peter 65 Dec 3 13:00 compatibility.ini -rw-r--r-- 1 peter peter 24 Dec 3 13:00 components.ini -rw-r--r-- 1 peter peter 127212 Dec 3 13:00 compreg.dat -rw-r--r-- 1 peter peter22160 Dec 3 13:00 cookies.txt -rw-r--r-- 1 peter peter 24 Dec 1 22:57 defaults.ini -rw-r--r-- 1 peter peter19166 Dec 5 23:36 downloads.rdf drwxr-sr-x 2 peter peter 512 Sep 22 20:23 extensions -rw-r--r-- 1 peter peter 4931 Dec 7 21:58 formhistory.dat -rw-r--r-- 1 peter peter 250892 Dec 7 22:00 history.dat -rw--- 1 peter peter 94 Dec 1 09:17 hostperm.1 -rw-r--r-- 1 peter peter 729 Sep 6 21:57 install.log -rw--- 1 peter peter16384 Dec 7 21:58 key3.db -rw-r--r-- 1 peter peter14070 Dec 7 21:58 localstore.rdf lrwxr-xr-x 1 peter peter 18 Dec 7 22:00 lock -> 194.54.103.98:1159 -rw-r--r-- 1 peter peter 1951 Oct 10 10:26 mimeTypes.rdf -rw-r--r-- 1 peter peter 1607 Sep 6 21:08 panels.rdf -rw-r--r-- 1 peter peter 1074 Sep 22 19:57 prefs.bak -rw-r--r-- 1 peter peter 1251 Dec 3 13:01 prefs.js -rw-r--r-- 1 peter peter 720 Sep 6 21:08 search.rdf -rw--- 1 peter peter16384 Dec 4 16:33 secmod.db -rw--- 1 peter peter 1815 Dec 5 02:16 signons.txt -rw-r--r-- 1 peter peter77649 Dec 6 07:40 xpti.dat [EMAIL PROTECTED]:~$ ls -l .firefox/default/hiet5pa3.slt/extensions/ total 2 -rw-r--r-- 1 peter peter 226 Sep 22 20:23 Extensions.rdf Now this looks like it's all writable by me. The program runs (the ls output is from when the program runs). Anybody else seen something like this? -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: earlier FBSD distributions...
aavum meza writes: > How can I get ahold of the earlier versions of FBSOD, up to the > initial release? I have tried looking for an archive on the web, and > haven't been able to find any that aren't for exclusive users > only. Thankyou. ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/ or thereabouts has what looks like a fairly complete collection of FreeBSD releases. For older stuff including 386bsd and 4.4BSD-lite there's the archive at ftp://minnie.tuhs.org/BSD/ -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: pf problem with table
Reinhold Platzoeder <[EMAIL PROTECTED]> writes: > My problem looks like the file is to big to be loaded into pf > My firewall stops responding when the file has about 7000 IPs in it > The old file has 104450 IPs in it and I would like to block them You could try manipulating the table entries limits, ie set limit table-entries 15 in your pf.conf would set the upper limit for number of entries in a table to 150000. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: Domain Name
JP <[EMAIL PROTECTED]> writes: > When running the command: > host -t mx > > It returns: > domaint.tld.domain.tld You forgot the trailing dot. Your zone file probably has something like domain.tld.IN MX mail.domain.tld which should be domain.tld.IN MX mail.domain.tld. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: pf: changing tables with rules
"[EMAIL PROTECTED]@mgedv.net" <[EMAIL PROTECTED]> writes: > is it possible to write pf.conf rules, that will add matching > packets to tables? if yes, can someone post an example for me? Yes. One rather straightforward way is via the overload mechanism, see eg http://www.bgnett.no/~peter/pf/en/bruteforce.html. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: PF spamd : trouble with homemade blacklist
Alexis Dorais-Joncas <[EMAIL PROTECTED]> writes: > blackl:\ > :black:\ > :msg="SPAM. Your address %A appears in my homemade list of known > spammers":\ > :file=/var/mail/blacklist.txt: This one appears to be missing a ":method=file:\" entry. That could be the source of your problem. See if it makes a difference. -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ http://www.nuug.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" 20:11:56 delilah spamd[26905]: 146.151.48.74: disconnected after 36099 seconds. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
Re: "Root" posting
Henrik W Lund <[EMAIL PROTECTED]> writes: > The ongoing debate about top posting vs. bottom/random posting has > sparked a somewhat related question in me: what about root posting > (e.g. posting to the root of the list, instead of in the relevant thread)? Some mail clients support a digest mode which lets you follow up to individual messages in-thread (at least gnus does). If your mail client does not support that, it probably makes the most sense to followup with a reasonable subject (perhaps even one cut'n'pasted from the bit you are interested in), stripping off the parts not relevant to your message. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://www.blug.linux.no/rfc1149/ http://www.datadok.no/ "First, we kill all the spammers" The Usenet Bard, "Twice-forwarded tales" ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
